34554 commits

Author	SHA1	Message	Date
Kibana Machine	d2e04412a8	[8.x] CDR workflow UI counters (#196346) ... # Backport This will backport the following commits from `main` to `8.x`: - [CDR workflow UI counters](https://github.com/elastic/kibana/pull/196305) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Ido Cohen","email":"90558359+CohenIdo@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T15:16:15Z","message":"CDR workflow UI counters","sha":"489dc1dca3dc7793ebbf147e698834b9e54e3d7f","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud Security","backport:prev-minor"],"title":"CDR workflow UI counters","number":196305,"url":"https://github.com/elastic/kibana/pull/196305","mergeCommit":{"message":"CDR workflow UI counters","sha":"489dc1dca3dc7793ebbf147e698834b9e54e3d7f"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196305","number":196305,"mergeCommit":{"message":"CDR workflow UI counters","sha":"489dc1dca3dc7793ebbf147e698834b9e54e3d7f"}}]}] BACKPORT--> Co-authored-by: Ido Cohen <90558359+CohenIdo@users.noreply.github.com>	2024-10-15 12:03:03 -05:00
Kibana Machine	e3996ca47a	[8.x] [Security Solution] [Attack discovery] Output chunking / refinement, LangGraph migration, and evaluation improvements (#195669) (#196334) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] [Attack discovery] Output chunking / refinement, LangGraph migration, and evaluation improvements (#195669)](https://github.com/elastic/kibana/pull/195669) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Andrew Macri","email":"andrew.macri@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T14:39:48Z","message":"[Security Solution] [Attack discovery] Output chunking / refinement, LangGraph migration, and evaluation improvements (#195669)\n\n## [Security Solution] [Attack discovery] Output chunking / refinement, LangGraph migration, and evaluation improvements\r\n\r\n### Summary\r\n\r\nThis PR improves the Attack discovery user and developer experience with output chunking / refinement, migration to LangGraph, and improvements to evaluations.\r\n\r\nThe improvements were realized by transitioning from directly using lower-level LangChain apis to LangGraph in this PR, and a deeper integration with the evaluation features of LangSmith.\r\n\r\n#### Output chunking\r\n\r\n_Output chunking_ increases the maximum and default number of alerts sent as context, working around the output token limitations of popular large language models (LLMs):\r\n\r\n| | Old | New |\r\n|----------------|-------|-------|\r\n| max alerts | `100` | `500` |\r\n| default alerts | `20` | `200` |\r\n\r\nSee _Output chunking details_ below for more information.\r\n\r\n#### Settings\r\n\r\nA new settings modal makes it possible to configure the number of alerts sent as context directly from the Attack discovery page:\r\n\r\n\r\n\r\n- Previously, users configured this value for Attack discovery via the security assistant Knowledge base settings, as documented [here](https://www.elastic.co/guide/en/security/8.15/attack-discovery.html#attack-discovery-generate-discoveries)\r\n- The new settings modal uses local storage (instead of the previously-shared assistant Knowledge base setting, which is stored in Elasticsearch)\r\n\r\n#### Output refinement\r\n\r\n_Output refinement_ automatically combines related discoveries (that were previously represented as two or more discoveries):\r\n\r\n \r\n\r\n- The `refine` step in the graph diagram above may (for example), combine three discoveries from the `generate` step into two discoveries when they are related\r\n\r\n### Hallucination detection\r\n\r\nNew _hallucination detection_ displays an error in lieu of showing hallucinated output:\r\n\r\n\r\n\r\n- A new tour step was added to the Attack discovery page to share the improvements:\r\n\r\n\r\n\r\n### Summary of improvements for developers\r\n\r\nThe following features improve the developer experience when running evaluations for Attack discovery:\r\n\r\n#### Replay alerts in evaluations\r\n\r\nThis evaluation feature eliminates the need to populate a local environment with alerts to (re)run evaluations:\r\n\r\n \r\n\r\nAlert replay skips the `retrieve_anonymized_alerts` step in the graph, because it uses the `anonymizedAlerts` and `replacements` provided as `Input` in a dataset example. See _Replay alerts in evaluations details_ below for more information.\r\n\r\n#### Override graph state\r\n\r\nOverride graph state via datatset examples to test prompt improvements and edge cases via evaluations:\r\n\r\n \r\n\r\nTo use this feature, add an `overrides` key to the `Input` of a dataset example. See _Override graph state details_ below for more information.\r\n\r\n#### New custom evaluator\r\n\r\nPrior to this PR, an evaluator had to be manually added to each dataset in LangSmith to use an LLM as the judge for correctness.\r\n\r\nThis PR introduces a custom, programmatic evaluator that handles anonymization automatically, and eliminates the need to manually create evaluators in LangSmith. To use it, simply run evaluations from the `Evaluation` tab in settings.\r\n\r\n#### New evaluation settings\r\n\r\nThis PR introduces new settings in the `Evaluation` tab:\r\n\r\n\r\n\r\nNew evaluation settings:\r\n\r\n- `Evaluator model (optional)` - Judge the quality of predictions using a single model. (Default: use the same model as the connector)\r\n\r\nThis new setting is useful when you want to use the same model, e.g. `GPT-4o` to judge the quality of all the models evaluated in an experiment.\r\n\r\n- `Default max alerts` - The default maximum number of alerts to send as context, which may be overridden by the example input\r\n\r\nThis new setting is useful when using the alerts in the local environment to run evaluations. Examples that use the Alerts replay feature will ignore this value, because the alerts in the example `Input` will be used instead.\r\n\r\n#### Directory structure refactoring\r\n\r\n- The server-side directory structure was refactored to consolidate the location of Attack discovery related files\r\n\r\n### Details\r\n\r\nThis section describes some of the improvements above in detail.\r\n\r\n#### Output chunking details\r\n\r\nThe new output chunking feature increases the maximum and default number of alerts that may be sent as context. It achieves this improvement by working around output token limitations.\r\n\r\nLLMs have different limits for the number of tokens accepted as _input_ for requests, and the number of tokens available for _output_ when generating responses.\r\n\r\nToday, the output token limits of most popular models are significantly smaller than the input token limits.\r\n\r\nFor example, at the time of this writing, the Gemini 1.5 Pro model's limits are ([source](https://ai.google.dev/gemini-api/docs/models/gemini)):\r\n\r\n- Input token limit: `2,097,152`\r\n- Output token limit: `8,192`\r\n\r\nAs a result of this relatively smaller output token limit, previous versions of Attack discovery would simply fail when an LLM ran out of output tokens when generating a response. This often happened \"mid sentence\", and resulted in errors or hallucinations being displayed to users.\r\n\r\nThe new output chunking feature detects incomplete responses from the LLM in the `generate` step of the Graph. When an incomplete response is detected, the `generate` step will run again with:\r\n\r\n- The original prompt\r\n- The Alerts provided as context\r\n- The partially generated response\r\n- Instructions to \"continue where you left off\"\r\n\r\nThe `generate` step in the graph will run until one of the following conditions is met:\r\n\r\n- The incomplete response can be successfully parsed\r\n- The maximum number of generation attempts (default: `10`) is reached\r\n- The maximum number of hallucinations detected (default: `5`) is reached\r\n\r\n#### Output refinement details\r\n\r\nThe new output refinement feature automatically combines related discoveries (that were previously represented as two or more discoveries).\r\n\r\nThe new `refine` step in the graph re-submits the discoveries from the `generate` step with a `refinePrompt` to combine related attack discoveries.\r\n\r\nThe `refine` step is subject to the model's output token limits, just like the `generate` step. That means a response to the refine prompt from the LLM may be cut off \"mid\" sentence. To that end:\r\n\r\n- The refine step will re-run until the (same, shared) `maxGenerationAttempts` and `maxHallucinationFailures` limits as the `generate` step are reached\r\n- The maximum number of attempts (default: `10`) is _shared_ with the `generate` step. For example, if it took `7` tries (`generationAttempts`) to complete the `generate` step, the refine `step` will only run up to `3` times.\r\n\r\nThe `refine` step will return _unrefined_ results from the `generate` step when:\r\n\r\n- The `generate` step uses all `10` generation attempts. When this happens, the `refine` step will be skipped, and the unrefined output of the `generate` step will be returned to the user\r\n- If the `refine` step uses all remaining attempts, but fails to produce a refined response, due to output token limitations, or hallucinations in the refined response\r\n\r\n#### Hallucination detection details\r\n\r\nBefore this PR, Attack discovery directly used lower level LangChain APIs to parse responses from the LLM. After this PR, Attack discovery uses LangGraph.\r\n\r\nIn the previous implementation, when Attack discovery received an incomplete response because the output token limits of a model were hit, the LangChain APIs automatically re-submitted the incomplete response in an attempt to \"repair\" it. However, the re-submitted results didn't include all of the original context (i.e. alerts that generated them). The repair process often resulted in hallucinated results being presented to users, especially with some models i.e. `Claude 3.5 Haiku`.\r\n\r\nIn this PR, the `generate` and `refine` steps detect (some) hallucinations. When hallucinations are detected:\r\n\r\n- The current accumulated `generations` or `refinements` are (respectively) discarded, effectively restarting the `generate` or `refine` process\r\n- The `generate` and `refine` steps will be retried until the maximum generation attempts (default: `10`) or hallucinations detected (default: `5`) limits are reached\r\n\r\nHitting the hallucination limit during the `generate` step will result in an error being displayed to the user.\r\n\r\nHitting the hallucination limit during the `refine` step will result in the unrefined discoveries being displayed to the user.\r\n\r\n#### Replay alerts in evaluations details\r\n\r\nAlerts replay makes it possible to re-run evaluations, even when your local deployment has zero alerts.\r\n\r\nThis feature eliminates the chore of populating your local instance with specific alerts for each example.\r\n\r\nEvery example in a dataset may (optionally) specify a different set of alerts.\r\n\r\nAlert replay skips the `retrieve_anonymized_alerts` step in the graph, because it uses the `anonymizedAlerts` and `replacements` provided as `Input` in a dataset example.\r\n\r\nThe following instructions document the process of creating a new LangSmith dataset example that uses the Alerts replay feature:\r\n\r\n1) In Kibana, navigate to Security > Attack discovery\r\n\r\n2) Click `Generate` to generate Attack discoveries\r\n\r\n3) In LangSmith, navigate to Projects > _Your project_\r\n\r\n4) In the `Runs` tab of the LangSmith project, click on the latest `Attack discovery` entry to open the trace\r\n\r\n5) **IMPORTANT**: In the trace, select the **LAST** `ChannelWriteChannelWrite<attackDiscoveries,attackDisc...` entry. The last entry will appear inside the **LAST** `refine` step in the trace, as illustrated by the screenshot below:\r\n\r\n\r\n\r\n6) With the last `ChannelWriteChannelWrite<attackDiscoveries,attackDisc...` entry selected, click `Add to` > `Add to Dataset`\r\n\r\n7) Copy-paste the `Input` to the `Output`, because evaluation Experiments always compare the current run with the `Output` in an example.\r\n\r\n- This step is _always_ required to create a dataset.\r\n- If you don't want to use the Alert replay feature, replace `Input` with an empty object:\r\n\r\n```json\r\n{}\r\n```\r\n\r\n8) Choose an existing dataset, or create a new one\r\n\r\n9) Click the `Submit` button to add the example to the dataset.\r\n\r\nAfter completing the steps above, the dataset is ready to be run in evaluations.\r\n\r\n#### Override graph state details\r\n\r\nWhen a dataset is run in an evaluation (to create Experiments):\r\n\r\n- The (optional) `anonymizedAlerts` and `replacements` provided as `Input` in the example will be replayed, bypassing the `retrieve_anonymized_alerts` step in the graph\r\n- The rest of the properties in `Input` will not be used as inputs to the graph\r\n- In contrast, an empty object `{}` in `Input` means the latest and riskiest alerts in the last 24 hours in the local environment will be queried\r\n\r\nIn addition to the above, you may add an optional `overrides` key in the `Input` of a dataset example to test changes or edge cases. This is useful for evaluating changes without updating the code directly.\r\n\r\nThe `overrides` set the initial state of the graph before it's run in an evaluation.\r\n\r\nThe example `Input` below overrides the prompts used in the `generate` and `refine` steps:\r\n\r\n```json\r\n{\r\n \"overrides\": {\r\n \"refinePrompt\": \"This overrides the refine prompt\",\r\n \"attackDiscoveryPrompt\": \"This overrides the attack discovery prompt\"\r\n }\r\n}\r\n```\r\n\r\nTo use the `overrides` feature in evaluations to set the initial state of the graph:\r\n\r\n1) Create a dataset example, as documented in the _Replay alerts in evaluations details_ section above\r\n\r\n2) In LangSmith, navigate to Datasets & Testing > _Your Dataset_\r\n\r\n3) In the dataset, click the Examples tab\r\n\r\n4) Click an example to open it in the flyout\r\n\r\n5) Click the `Edit` button to edit the example\r\n\r\n6) Add the `overrides` key shown below to the `Input` e.g.:\r\n\r\n```json\r\n{\r\n \"overrides\": {\r\n \"refinePrompt\": \"This overrides the refine prompt\",\r\n \"attackDiscoveryPrompt\": \"This overrides the attack discovery prompt\"\r\n }\r\n}\r\n```\r\n\r\n7) Edit the `overrides` in the example `Input` above to add (or remove) entries that will determine the initial state of the graph.\r\n\r\nAll of the `overides` shown in step 6 are optional. The `refinePrompt` and `attackDiscoveryPrompt` could be removed from the `overrides` example above, and replaced with `maxGenerationAttempts` to test a higher limit.\r\n\r\nAll valid graph state may be specified in `overrides`.","sha":"2c21adb8faafc0016ad7a6591837118f6bdf0907","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","v9.0.0","Team: SecuritySolution","ci:cloud-deploy","ci:cloud-persist-deployment","Team:Security Generative AI","v8.16.0","backport:version"],"title":"[Security Solution] [Attack discovery] Output chunking / refinement, LangGraph migration, and evaluation improvements","number":195669,"url":"https://github.com/elastic/kibana/pull/195669","mergeCommit":{"message":"[Security Solution] [Attack discovery] Output chunking / refinement, LangGraph migration, and evaluation improvements (#195669)\n\n## [Security Solution] [Attack discovery] Output chunking / refinement, LangGraph migration, and evaluation improvements\r\n\r\n### Summary\r\n\r\nThis PR improves the Attack discovery user and developer experience with output chunking / refinement, migration to LangGraph, and improvements to evaluations.\r\n\r\nThe improvements were realized by transitioning from directly using lower-level LangChain apis to LangGraph in this PR, and a deeper integration with the evaluation features of LangSmith.\r\n\r\n#### Output chunking\r\n\r\n_Output chunking_ increases the maximum and default number of alerts sent as context, working around the output token limitations of popular large language models (LLMs):\r\n\r\n| | Old | New |\r\n|----------------|-------|-------|\r\n| max alerts | `100` | `500` |\r\n| default alerts | `20` | `200` |\r\n\r\nSee _Output chunking details_ below for more information.\r\n\r\n#### Settings\r\n\r\nA new settings modal makes it possible to configure the number of alerts sent as context directly from the Attack discovery page:\r\n\r\n\r\n\r\n- Previously, users configured this value for Attack discovery via the security assistant Knowledge base settings, as documented [here](https://www.elastic.co/guide/en/security/8.15/attack-discovery.html#attack-discovery-generate-discoveries)\r\n- The new settings modal uses local storage (instead of the previously-shared assistant Knowledge base setting, which is stored in Elasticsearch)\r\n\r\n#### Output refinement\r\n\r\n_Output refinement_ automatically combines related discoveries (that were previously represented as two or more discoveries):\r\n\r\n \r\n\r\n- The `refine` step in the graph diagram above may (for example), combine three discoveries from the `generate` step into two discoveries when they are related\r\n\r\n### Hallucination detection\r\n\r\nNew _hallucination detection_ displays an error in lieu of showing hallucinated output:\r\n\r\n\r\n\r\n- A new tour step was added to the Attack discovery page to share the improvements:\r\n\r\n\r\n\r\n### Summary of improvements for developers\r\n\r\nThe following features improve the developer experience when running evaluations for Attack discovery:\r\n\r\n#### Replay alerts in evaluations\r\n\r\nThis evaluation feature eliminates the need to populate a local environment with alerts to (re)run evaluations:\r\n\r\n \r\n\r\nAlert replay skips the `retrieve_anonymized_alerts` step in the graph, because it uses the `anonymizedAlerts` and `replacements` provided as `Input` in a dataset example. See _Replay alerts in evaluations details_ below for more information.\r\n\r\n#### Override graph state\r\n\r\nOverride graph state via datatset examples to test prompt improvements and edge cases via evaluations:\r\n\r\n \r\n\r\nTo use this feature, add an `overrides` key to the `Input` of a dataset example. See _Override graph state details_ below for more information.\r\n\r\n#### New custom evaluator\r\n\r\nPrior to this PR, an evaluator had to be manually added to each dataset in LangSmith to use an LLM as the judge for correctness.\r\n\r\nThis PR introduces a custom, programmatic evaluator that handles anonymization automatically, and eliminates the need to manually create evaluators in LangSmith. To use it, simply run evaluations from the `Evaluation` tab in settings.\r\n\r\n#### New evaluation settings\r\n\r\nThis PR introduces new settings in the `Evaluation` tab:\r\n\r\n\r\n\r\nNew evaluation settings:\r\n\r\n- `Evaluator model (optional)` - Judge the quality of predictions using a single model. (Default: use the same model as the connector)\r\n\r\nThis new setting is useful when you want to use the same model, e.g. `GPT-4o` to judge the quality of all the models evaluated in an experiment.\r\n\r\n- `Default max alerts` - The default maximum number of alerts to send as context, which may be overridden by the example input\r\n\r\nThis new setting is useful when using the alerts in the local environment to run evaluations. Examples that use the Alerts replay feature will ignore this value, because the alerts in the example `Input` will be used instead.\r\n\r\n#### Directory structure refactoring\r\n\r\n- The server-side directory structure was refactored to consolidate the location of Attack discovery related files\r\n\r\n### Details\r\n\r\nThis section describes some of the improvements above in detail.\r\n\r\n#### Output chunking details\r\n\r\nThe new output chunking feature increases the maximum and default number of alerts that may be sent as context. It achieves this improvement by working around output token limitations.\r\n\r\nLLMs have different limits for the number of tokens accepted as _input_ for requests, and the number of tokens available for _output_ when generating responses.\r\n\r\nToday, the output token limits of most popular models are significantly smaller than the input token limits.\r\n\r\nFor example, at the time of this writing, the Gemini 1.5 Pro model's limits are ([source](https://ai.google.dev/gemini-api/docs/models/gemini)):\r\n\r\n- Input token limit: `2,097,152`\r\n- Output token limit: `8,192`\r\n\r\nAs a result of this relatively smaller output token limit, previous versions of Attack discovery would simply fail when an LLM ran out of output tokens when generating a response. This often happened \"mid sentence\", and resulted in errors or hallucinations being displayed to users.\r\n\r\nThe new output chunking feature detects incomplete responses from the LLM in the `generate` step of the Graph. When an incomplete response is detected, the `generate` step will run again with:\r\n\r\n- The original prompt\r\n- The Alerts provided as context\r\n- The partially generated response\r\n- Instructions to \"continue where you left off\"\r\n\r\nThe `generate` step in the graph will run until one of the following conditions is met:\r\n\r\n- The incomplete response can be successfully parsed\r\n- The maximum number of generation attempts (default: `10`) is reached\r\n- The maximum number of hallucinations detected (default: `5`) is reached\r\n\r\n#### Output refinement details\r\n\r\nThe new output refinement feature automatically combines related discoveries (that were previously represented as two or more discoveries).\r\n\r\nThe new `refine` step in the graph re-submits the discoveries from the `generate` step with a `refinePrompt` to combine related attack discoveries.\r\n\r\nThe `refine` step is subject to the model's output token limits, just like the `generate` step. That means a response to the refine prompt from the LLM may be cut off \"mid\" sentence. To that end:\r\n\r\n- The refine step will re-run until the (same, shared) `maxGenerationAttempts` and `maxHallucinationFailures` limits as the `generate` step are reached\r\n- The maximum number of attempts (default: `10`) is _shared_ with the `generate` step. For example, if it took `7` tries (`generationAttempts`) to complete the `generate` step, the refine `step` will only run up to `3` times.\r\n\r\nThe `refine` step will return _unrefined_ results from the `generate` step when:\r\n\r\n- The `generate` step uses all `10` generation attempts. When this happens, the `refine` step will be skipped, and the unrefined output of the `generate` step will be returned to the user\r\n- If the `refine` step uses all remaining attempts, but fails to produce a refined response, due to output token limitations, or hallucinations in the refined response\r\n\r\n#### Hallucination detection details\r\n\r\nBefore this PR, Attack discovery directly used lower level LangChain APIs to parse responses from the LLM. After this PR, Attack discovery uses LangGraph.\r\n\r\nIn the previous implementation, when Attack discovery received an incomplete response because the output token limits of a model were hit, the LangChain APIs automatically re-submitted the incomplete response in an attempt to \"repair\" it. However, the re-submitted results didn't include all of the original context (i.e. alerts that generated them). The repair process often resulted in hallucinated results being presented to users, especially with some models i.e. `Claude 3.5 Haiku`.\r\n\r\nIn this PR, the `generate` and `refine` steps detect (some) hallucinations. When hallucinations are detected:\r\n\r\n- The current accumulated `generations` or `refinements` are (respectively) discarded, effectively restarting the `generate` or `refine` process\r\n- The `generate` and `refine` steps will be retried until the maximum generation attempts (default: `10`) or hallucinations detected (default: `5`) limits are reached\r\n\r\nHitting the hallucination limit during the `generate` step will result in an error being displayed to the user.\r\n\r\nHitting the hallucination limit during the `refine` step will result in the unrefined discoveries being displayed to the user.\r\n\r\n#### Replay alerts in evaluations details\r\n\r\nAlerts replay makes it possible to re-run evaluations, even when your local deployment has zero alerts.\r\n\r\nThis feature eliminates the chore of populating your local instance with specific alerts for each example.\r\n\r\nEvery example in a dataset may (optionally) specify a different set of alerts.\r\n\r\nAlert replay skips the `retrieve_anonymized_alerts` step in the graph, because it uses the `anonymizedAlerts` and `replacements` provided as `Input` in a dataset example.\r\n\r\nThe following instructions document the process of creating a new LangSmith dataset example that uses the Alerts replay feature:\r\n\r\n1) In Kibana, navigate to Security > Attack discovery\r\n\r\n2) Click `Generate` to generate Attack discoveries\r\n\r\n3) In LangSmith, navigate to Projects > _Your project_\r\n\r\n4) In the `Runs` tab of the LangSmith project, click on the latest `Attack discovery` entry to open the trace\r\n\r\n5) **IMPORTANT**: In the trace, select the **LAST** `ChannelWriteChannelWrite<attackDiscoveries,attackDisc...` entry. The last entry will appear inside the **LAST** `refine` step in the trace, as illustrated by the screenshot below:\r\n\r\n\r\n\r\n6) With the last `ChannelWriteChannelWrite<attackDiscoveries,attackDisc...` entry selected, click `Add to` > `Add to Dataset`\r\n\r\n7) Copy-paste the `Input` to the `Output`, because evaluation Experiments always compare the current run with the `Output` in an example.\r\n\r\n- This step is _always_ required to create a dataset.\r\n- If you don't want to use the Alert replay feature, replace `Input` with an empty object:\r\n\r\n```json\r\n{}\r\n```\r\n\r\n8) Choose an existing dataset, or create a new one\r\n\r\n9) Click the `Submit` button to add the example to the dataset.\r\n\r\nAfter completing the steps above, the dataset is ready to be run in evaluations.\r\n\r\n#### Override graph state details\r\n\r\nWhen a dataset is run in an evaluation (to create Experiments):\r\n\r\n- The (optional) `anonymizedAlerts` and `replacements` provided as `Input` in the example will be replayed, bypassing the `retrieve_anonymized_alerts` step in the graph\r\n- The rest of the properties in `Input` will not be used as inputs to the graph\r\n- In contrast, an empty object `{}` in `Input` means the latest and riskiest alerts in the last 24 hours in the local environment will be queried\r\n\r\nIn addition to the above, you may add an optional `overrides` key in the `Input` of a dataset example to test changes or edge cases. This is useful for evaluating changes without updating the code directly.\r\n\r\nThe `overrides` set the initial state of the graph before it's run in an evaluation.\r\n\r\nThe example `Input` below overrides the prompts used in the `generate` and `refine` steps:\r\n\r\n```json\r\n{\r\n \"overrides\": {\r\n \"refinePrompt\": \"This overrides the refine prompt\",\r\n \"attackDiscoveryPrompt\": \"This overrides the attack discovery prompt\"\r\n }\r\n}\r\n```\r\n\r\nTo use the `overrides` feature in evaluations to set the initial state of the graph:\r\n\r\n1) Create a dataset example, as documented in the _Replay alerts in evaluations details_ section above\r\n\r\n2) In LangSmith, navigate to Datasets & Testing > _Your Dataset_\r\n\r\n3) In the dataset, click the Examples tab\r\n\r\n4) Click an example to open it in the flyout\r\n\r\n5) Click the `Edit` button to edit the example\r\n\r\n6) Add the `overrides` key shown below to the `Input` e.g.:\r\n\r\n```json\r\n{\r\n \"overrides\": {\r\n \"refinePrompt\": \"This overrides the refine prompt\",\r\n \"attackDiscoveryPrompt\": \"This overrides the attack discovery prompt\"\r\n }\r\n}\r\n```\r\n\r\n7) Edit the `overrides` in the example `Input` above to add (or remove) entries that will determine the initial state of the graph.\r\n\r\nAll of the `overides` shown in step 6 are optional. The `refinePrompt` and `attackDiscoveryPrompt` could be removed from the `overrides` example above, and replaced with `maxGenerationAttempts` to test a higher limit.\r\n\r\nAll valid graph state may be specified in `overrides`.","sha":"2c21adb8faafc0016ad7a6591837118f6bdf0907"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195669","number":195669,"mergeCommit":{"message":"[Security Solution] [Attack discovery] Output chunking / refinement, LangGraph migration, and evaluation improvements (#195669)\n\n## [Security Solution] [Attack discovery] Output chunking / refinement, LangGraph migration, and evaluation improvements\r\n\r\n### Summary\r\n\r\nThis PR improves the Attack discovery user and developer experience with output chunking / refinement, migration to LangGraph, and improvements to evaluations.\r\n\r\nThe improvements were realized by transitioning from directly using lower-level LangChain apis to LangGraph in this PR, and a deeper integration with the evaluation features of LangSmith.\r\n\r\n#### Output chunking\r\n\r\n_Output chunking_ increases the maximum and default number of alerts sent as context, working around the output token limitations of popular large language models (LLMs):\r\n\r\n| | Old | New |\r\n|----------------|-------|-------|\r\n| max alerts | `100` | `500` |\r\n| default alerts | `20` | `200` |\r\n\r\nSee _Output chunking details_ below for more information.\r\n\r\n#### Settings\r\n\r\nA new settings modal makes it possible to configure the number of alerts sent as context directly from the Attack discovery page:\r\n\r\n\r\n\r\n- Previously, users configured this value for Attack discovery via the security assistant Knowledge base settings, as documented [here](https://www.elastic.co/guide/en/security/8.15/attack-discovery.html#attack-discovery-generate-discoveries)\r\n- The new settings modal uses local storage (instead of the previously-shared assistant Knowledge base setting, which is stored in Elasticsearch)\r\n\r\n#### Output refinement\r\n\r\n_Output refinement_ automatically combines related discoveries (that were previously represented as two or more discoveries):\r\n\r\n \r\n\r\n- The `refine` step in the graph diagram above may (for example), combine three discoveries from the `generate` step into two discoveries when they are related\r\n\r\n### Hallucination detection\r\n\r\nNew _hallucination detection_ displays an error in lieu of showing hallucinated output:\r\n\r\n\r\n\r\n- A new tour step was added to the Attack discovery page to share the improvements:\r\n\r\n\r\n\r\n### Summary of improvements for developers\r\n\r\nThe following features improve the developer experience when running evaluations for Attack discovery:\r\n\r\n#### Replay alerts in evaluations\r\n\r\nThis evaluation feature eliminates the need to populate a local environment with alerts to (re)run evaluations:\r\n\r\n \r\n\r\nAlert replay skips the `retrieve_anonymized_alerts` step in the graph, because it uses the `anonymizedAlerts` and `replacements` provided as `Input` in a dataset example. See _Replay alerts in evaluations details_ below for more information.\r\n\r\n#### Override graph state\r\n\r\nOverride graph state via datatset examples to test prompt improvements and edge cases via evaluations:\r\n\r\n \r\n\r\nTo use this feature, add an `overrides` key to the `Input` of a dataset example. See _Override graph state details_ below for more information.\r\n\r\n#### New custom evaluator\r\n\r\nPrior to this PR, an evaluator had to be manually added to each dataset in LangSmith to use an LLM as the judge for correctness.\r\n\r\nThis PR introduces a custom, programmatic evaluator that handles anonymization automatically, and eliminates the need to manually create evaluators in LangSmith. To use it, simply run evaluations from the `Evaluation` tab in settings.\r\n\r\n#### New evaluation settings\r\n\r\nThis PR introduces new settings in the `Evaluation` tab:\r\n\r\n\r\n\r\nNew evaluation settings:\r\n\r\n- `Evaluator model (optional)` - Judge the quality of predictions using a single model. (Default: use the same model as the connector)\r\n\r\nThis new setting is useful when you want to use the same model, e.g. `GPT-4o` to judge the quality of all the models evaluated in an experiment.\r\n\r\n- `Default max alerts` - The default maximum number of alerts to send as context, which may be overridden by the example input\r\n\r\nThis new setting is useful when using the alerts in the local environment to run evaluations. Examples that use the Alerts replay feature will ignore this value, because the alerts in the example `Input` will be used instead.\r\n\r\n#### Directory structure refactoring\r\n\r\n- The server-side directory structure was refactored to consolidate the location of Attack discovery related files\r\n\r\n### Details\r\n\r\nThis section describes some of the improvements above in detail.\r\n\r\n#### Output chunking details\r\n\r\nThe new output chunking feature increases the maximum and default number of alerts that may be sent as context. It achieves this improvement by working around output token limitations.\r\n\r\nLLMs have different limits for the number of tokens accepted as _input_ for requests, and the number of tokens available for _output_ when generating responses.\r\n\r\nToday, the output token limits of most popular models are significantly smaller than the input token limits.\r\n\r\nFor example, at the time of this writing, the Gemini 1.5 Pro model's limits are ([source](https://ai.google.dev/gemini-api/docs/models/gemini)):\r\n\r\n- Input token limit: `2,097,152`\r\n- Output token limit: `8,192`\r\n\r\nAs a result of this relatively smaller output token limit, previous versions of Attack discovery would simply fail when an LLM ran out of output tokens when generating a response. This often happened \"mid sentence\", and resulted in errors or hallucinations being displayed to users.\r\n\r\nThe new output chunking feature detects incomplete responses from the LLM in the `generate` step of the Graph. When an incomplete response is detected, the `generate` step will run again with:\r\n\r\n- The original prompt\r\n- The Alerts provided as context\r\n- The partially generated response\r\n- Instructions to \"continue where you left off\"\r\n\r\nThe `generate` step in the graph will run until one of the following conditions is met:\r\n\r\n- The incomplete response can be successfully parsed\r\n- The maximum number of generation attempts (default: `10`) is reached\r\n- The maximum number of hallucinations detected (default: `5`) is reached\r\n\r\n#### Output refinement details\r\n\r\nThe new output refinement feature automatically combines related discoveries (that were previously represented as two or more discoveries).\r\n\r\nThe new `refine` step in the graph re-submits the discoveries from the `generate` step with a `refinePrompt` to combine related attack discoveries.\r\n\r\nThe `refine` step is subject to the model's output token limits, just like the `generate` step. That means a response to the refine prompt from the LLM may be cut off \"mid\" sentence. To that end:\r\n\r\n- The refine step will re-run until the (same, shared) `maxGenerationAttempts` and `maxHallucinationFailures` limits as the `generate` step are reached\r\n- The maximum number of attempts (default: `10`) is _shared_ with the `generate` step. For example, if it took `7` tries (`generationAttempts`) to complete the `generate` step, the refine `step` will only run up to `3` times.\r\n\r\nThe `refine` step will return _unrefined_ results from the `generate` step when:\r\n\r\n- The `generate` step uses all `10` generation attempts. When this happens, the `refine` step will be skipped, and the unrefined output of the `generate` step will be returned to the user\r\n- If the `refine` step uses all remaining attempts, but fails to produce a refined response, due to output token limitations, or hallucinations in the refined response\r\n\r\n#### Hallucination detection details\r\n\r\nBefore this PR, Attack discovery directly used lower level LangChain APIs to parse responses from the LLM. After this PR, Attack discovery uses LangGraph.\r\n\r\nIn the previous implementation, when Attack discovery received an incomplete response because the output token limits of a model were hit, the LangChain APIs automatically re-submitted the incomplete response in an attempt to \"repair\" it. However, the re-submitted results didn't include all of the original context (i.e. alerts that generated them). The repair process often resulted in hallucinated results being presented to users, especially with some models i.e. `Claude 3.5 Haiku`.\r\n\r\nIn this PR, the `generate` and `refine` steps detect (some) hallucinations. When hallucinations are detected:\r\n\r\n- The current accumulated `generations` or `refinements` are (respectively) discarded, effectively restarting the `generate` or `refine` process\r\n- The `generate` and `refine` steps will be retried until the maximum generation attempts (default: `10`) or hallucinations detected (default: `5`) limits are reached\r\n\r\nHitting the hallucination limit during the `generate` step will result in an error being displayed to the user.\r\n\r\nHitting the hallucination limit during the `refine` step will result in the unrefined discoveries being displayed to the user.\r\n\r\n#### Replay alerts in evaluations details\r\n\r\nAlerts replay makes it possible to re-run evaluations, even when your local deployment has zero alerts.\r\n\r\nThis feature eliminates the chore of populating your local instance with specific alerts for each example.\r\n\r\nEvery example in a dataset may (optionally) specify a different set of alerts.\r\n\r\nAlert replay skips the `retrieve_anonymized_alerts` step in the graph, because it uses the `anonymizedAlerts` and `replacements` provided as `Input` in a dataset example.\r\n\r\nThe following instructions document the process of creating a new LangSmith dataset example that uses the Alerts replay feature:\r\n\r\n1) In Kibana, navigate to Security > Attack discovery\r\n\r\n2) Click `Generate` to generate Attack discoveries\r\n\r\n3) In LangSmith, navigate to Projects > _Your project_\r\n\r\n4) In the `Runs` tab of the LangSmith project, click on the latest `Attack discovery` entry to open the trace\r\n\r\n5) **IMPORTANT**: In the trace, select the **LAST** `ChannelWriteChannelWrite<attackDiscoveries,attackDisc...` entry. The last entry will appear inside the **LAST** `refine` step in the trace, as illustrated by the screenshot below:\r\n\r\n\r\n\r\n6) With the last `ChannelWriteChannelWrite<attackDiscoveries,attackDisc...` entry selected, click `Add to` > `Add to Dataset`\r\n\r\n7) Copy-paste the `Input` to the `Output`, because evaluation Experiments always compare the current run with the `Output` in an example.\r\n\r\n- This step is _always_ required to create a dataset.\r\n- If you don't want to use the Alert replay feature, replace `Input` with an empty object:\r\n\r\n```json\r\n{}\r\n```\r\n\r\n8) Choose an existing dataset, or create a new one\r\n\r\n9) Click the `Submit` button to add the example to the dataset.\r\n\r\nAfter completing the steps above, the dataset is ready to be run in evaluations.\r\n\r\n#### Override graph state details\r\n\r\nWhen a dataset is run in an evaluation (to create Experiments):\r\n\r\n- The (optional) `anonymizedAlerts` and `replacements` provided as `Input` in the example will be replayed, bypassing the `retrieve_anonymized_alerts` step in the graph\r\n- The rest of the properties in `Input` will not be used as inputs to the graph\r\n- In contrast, an empty object `{}` in `Input` means the latest and riskiest alerts in the last 24 hours in the local environment will be queried\r\n\r\nIn addition to the above, you may add an optional `overrides` key in the `Input` of a dataset example to test changes or edge cases. This is useful for evaluating changes without updating the code directly.\r\n\r\nThe `overrides` set the initial state of the graph before it's run in an evaluation.\r\n\r\nThe example `Input` below overrides the prompts used in the `generate` and `refine` steps:\r\n\r\n```json\r\n{\r\n \"overrides\": {\r\n \"refinePrompt\": \"This overrides the refine prompt\",\r\n \"attackDiscoveryPrompt\": \"This overrides the attack discovery prompt\"\r\n }\r\n}\r\n```\r\n\r\nTo use the `overrides` feature in evaluations to set the initial state of the graph:\r\n\r\n1) Create a dataset example, as documented in the _Replay alerts in evaluations details_ section above\r\n\r\n2) In LangSmith, navigate to Datasets & Testing > _Your Dataset_\r\n\r\n3) In the dataset, click the Examples tab\r\n\r\n4) Click an example to open it in the flyout\r\n\r\n5) Click the `Edit` button to edit the example\r\n\r\n6) Add the `overrides` key shown below to the `Input` e.g.:\r\n\r\n```json\r\n{\r\n \"overrides\": {\r\n \"refinePrompt\": \"This overrides the refine prompt\",\r\n \"attackDiscoveryPrompt\": \"This overrides the attack discovery prompt\"\r\n }\r\n}\r\n```\r\n\r\n7) Edit the `overrides` in the example `Input` above to add (or remove) entries that will determine the initial state of the graph.\r\n\r\nAll of the `overides` shown in step 6 are optional. The `refinePrompt` and `attackDiscoveryPrompt` could be removed from the `overrides` example above, and replaced with `maxGenerationAttempts` to test a higher limit.\r\n\r\nAll valid graph state may be specified in `overrides`.","sha":"2c21adb8faafc0016ad7a6591837118f6bdf0907"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Andrew Macri <andrew.macri@elastic.co>	2024-10-15 11:28:55 -05:00
Kibana Machine	760021bb27	[8.x] [Stateful sidenav] Fix breadcrumbs (#196169) (#196332) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Stateful sidenav] Fix breadcrumbs (#196169)](https://github.com/elastic/kibana/pull/196169) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Sébastien Loix","email":"sebastien.loix@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T14:37:19Z","message":"[Stateful sidenav] Fix breadcrumbs (#196169)","sha":"204f9d3a2f2fef174e24f3a79eb6d7b2f2ef03f2","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:SharedUX","backport:prev-minor","Feature:Chrome"],"title":"[Stateful sidenav] Fix breadcrumbs","number":196169,"url":"https://github.com/elastic/kibana/pull/196169","mergeCommit":{"message":"[Stateful sidenav] Fix breadcrumbs (#196169)","sha":"204f9d3a2f2fef174e24f3a79eb6d7b2f2ef03f2"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196169","number":196169,"mergeCommit":{"message":"[Stateful sidenav] Fix breadcrumbs (#196169)","sha":"204f9d3a2f2fef174e24f3a79eb6d7b2f2ef03f2"}}]}] BACKPORT--> Co-authored-by: Sébastien Loix <sebastien.loix@elastic.co>	2024-10-15 11:26:00 -05:00
Kibana Machine	7583e1d596	[8.x] [Auto Import] Fix cases where LLM generates incorrect array field access (#196207) (#196329) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Auto Import] Fix cases where LLM generates incorrect array field access (#196207)](https://github.com/elastic/kibana/pull/196207) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Ilya Nikokoshev","email":"ilya.nikokoshev@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T14:24:41Z","message":"[Auto Import] Fix cases where LLM generates incorrect array field access (#196207)\n\n## Release Note\r\n\r\nFixes cases where LLM was likely to generate invalid processors\r\ncontaining array access in Automatic Import.\r\n\r\n## Context\r\n\r\nPreviously, it happened from time to time that the LLM attempts to add\r\nrelated fields or apply categorization conditions that use a field, path\r\nto which goes through an array. \r\n\r\nThe problem is that such an access is invalid and leads to an immediate\r\nerror (key part highlighted):\r\n\r\nEven including explicit instructions to avoid brackets or an array\r\naccess did not seem enough, as the LLM would try to use a different\r\nsyntax, owing to the aggressiveness of our review instructions.\r\n\r\nThe suggested solution is to remove all arrays from the information\r\nshown to the LLM in the related chain. This guarantees that no illegal\r\naccess will ever be attempted.\r\n\r\n### Summary\r\n\r\n- Introduces a utility function to remove all arrays from a JSON object.\r\n- Applies this function for all LLM calls in the related chain.\r\n- Modifies the prompts of related and categorization chain to skip the\r\narrays as well.\r\n\r\n---------\r\n\r\nCo-authored-by: Bharat Pasupula <123897612+bhapas@users.noreply.github.com>","sha":"8abe25970aa1b483676dde17b7972359c8c55475","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","v9.0.0","backport:prev-minor","Team:Security-Scalability","Feature:AutomaticImport"],"title":"[Auto Import] Fix cases where LLM generates incorrect array field access","number":196207,"url":"https://github.com/elastic/kibana/pull/196207","mergeCommit":{"message":"[Auto Import] Fix cases where LLM generates incorrect array field access (#196207)\n\n## Release Note\r\n\r\nFixes cases where LLM was likely to generate invalid processors\r\ncontaining array access in Automatic Import.\r\n\r\n## Context\r\n\r\nPreviously, it happened from time to time that the LLM attempts to add\r\nrelated fields or apply categorization conditions that use a field, path\r\nto which goes through an array. \r\n\r\nThe problem is that such an access is invalid and leads to an immediate\r\nerror (key part highlighted):\r\n\r\nEven including explicit instructions to avoid brackets or an array\r\naccess did not seem enough, as the LLM would try to use a different\r\nsyntax, owing to the aggressiveness of our review instructions.\r\n\r\nThe suggested solution is to remove all arrays from the information\r\nshown to the LLM in the related chain. This guarantees that no illegal\r\naccess will ever be attempted.\r\n\r\n### Summary\r\n\r\n- Introduces a utility function to remove all arrays from a JSON object.\r\n- Applies this function for all LLM calls in the related chain.\r\n- Modifies the prompts of related and categorization chain to skip the\r\narrays as well.\r\n\r\n---------\r\n\r\nCo-authored-by: Bharat Pasupula <123897612+bhapas@users.noreply.github.com>","sha":"8abe25970aa1b483676dde17b7972359c8c55475"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196207","number":196207,"mergeCommit":{"message":"[Auto Import] Fix cases where LLM generates incorrect array field access (#196207)\n\n## Release Note\r\n\r\nFixes cases where LLM was likely to generate invalid processors\r\ncontaining array access in Automatic Import.\r\n\r\n## Context\r\n\r\nPreviously, it happened from time to time that the LLM attempts to add\r\nrelated fields or apply categorization conditions that use a field, path\r\nto which goes through an array. \r\n\r\nThe problem is that such an access is invalid and leads to an immediate\r\nerror (key part highlighted):\r\n\r\nEven including explicit instructions to avoid brackets or an array\r\naccess did not seem enough, as the LLM would try to use a different\r\nsyntax, owing to the aggressiveness of our review instructions.\r\n\r\nThe suggested solution is to remove all arrays from the information\r\nshown to the LLM in the related chain. This guarantees that no illegal\r\naccess will ever be attempted.\r\n\r\n### Summary\r\n\r\n- Introduces a utility function to remove all arrays from a JSON object.\r\n- Applies this function for all LLM calls in the related chain.\r\n- Modifies the prompts of related and categorization chain to skip the\r\narrays as well.\r\n\r\n---------\r\n\r\nCo-authored-by: Bharat Pasupula <123897612+bhapas@users.noreply.github.com>","sha":"8abe25970aa1b483676dde17b7972359c8c55475"}}]}] BACKPORT--> Co-authored-by: Ilya Nikokoshev <ilya.nikokoshev@elastic.co>	2024-10-15 11:21:35 -05:00
Kibana Machine	5e7fe01498	[8.x] Aligning wording across solutions for the custom system prompt (#196088) (#196328) ... # Backport This will backport the following commits from `main` to `8.x`: - [Aligning wording across solutions for the custom system prompt (#196088)](https://github.com/elastic/kibana/pull/196088) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Emma Raffenne","email":"97166868+emma-raffenne@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T14:20:44Z","message":"Aligning wording across solutions for the custom system prompt (#196088)\n\n## Summary\r\n\r\nAligning wording of the custom system prompt with Security solution","sha":"907de2495df38c399d0dc979e8ab4118c8c810c2","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","Team:Obs AI Assistant","ci:project-deploy-observability"],"title":"Aligning wording across solutions for the custom system prompt","number":196088,"url":"https://github.com/elastic/kibana/pull/196088","mergeCommit":{"message":"Aligning wording across solutions for the custom system prompt (#196088)\n\n## Summary\r\n\r\nAligning wording of the custom system prompt with Security solution","sha":"907de2495df38c399d0dc979e8ab4118c8c810c2"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196088","number":196088,"mergeCommit":{"message":"Aligning wording across solutions for the custom system prompt (#196088)\n\n## Summary\r\n\r\nAligning wording of the custom system prompt with Security solution","sha":"907de2495df38c399d0dc979e8ab4118c8c810c2"}}]}] BACKPORT--> Co-authored-by: Emma Raffenne <97166868+emma-raffenne@users.noreply.github.com>	2024-10-15 11:14:48 -05:00
Kibana Machine	c156cb3816	[8.x] [Response Ops][Rules] Version Get Rule Types API (#195361) (#196175) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Response Ops][Rules] Version Get Rule Types API (#195361)](https://github.com/elastic/kibana/pull/195361) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Julian Gernun","email":"17549662+jcger@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-14T15:46:17Z","message":"[Response Ops][Rules] Version Get Rule Types API (#195361)\n\n## Summary\r\n\r\n`GET /api/alerting/rule_types` item in\r\nhttps://github.com/elastic/kibana/issues/195181","sha":"512a31d7a1e42139c2e1b26e961b2226ace3836d","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","v9.0.0","backport:prev-minor","v8.16.0"],"title":"[Response Ops][Rules] Version Get Rule Types API","number":195361,"url":"https://github.com/elastic/kibana/pull/195361","mergeCommit":{"message":"[Response Ops][Rules] Version Get Rule Types API (#195361)\n\n## Summary\r\n\r\n`GET /api/alerting/rule_types` item in\r\nhttps://github.com/elastic/kibana/issues/195181","sha":"512a31d7a1e42139c2e1b26e961b2226ace3836d"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195361","number":195361,"mergeCommit":{"message":"[Response Ops][Rules] Version Get Rule Types API (#195361)\n\n## Summary\r\n\r\n`GET /api/alerting/rule_types` item in\r\nhttps://github.com/elastic/kibana/issues/195181","sha":"512a31d7a1e42139c2e1b26e961b2226ace3836d"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Julian Gernun <17549662+jcger@users.noreply.github.com>	2024-10-15 11:02:48 -05:00
Kibana Machine	b57c9a6559	[8.x] [ES|QL] Update grammars (#196046) (#196320) ... # Backport This will backport the following commits from `main` to `8.x`: - [[ES|QL] Update grammars (#196046)](https://github.com/elastic/kibana/pull/196046) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Kibana Machine","email":"42973632+kibanamachine@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T13:47:08Z","message":"[ES|QL] Update grammars (#196046)\n\nThis PR updates the ES|QL grammars (lexer and parser) to match the\r\nlatest version in Elasticsearch.\r\n\r\n---------\r\n\r\nCo-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>","sha":"bed5c4e9fe0cf5acc2e5b3326ca306134bc18891","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","Feature:ES|QL","Team:ESQL","v8.16.0"],"title":"[ES|QL] Update grammars","number":196046,"url":"https://github.com/elastic/kibana/pull/196046","mergeCommit":{"message":"[ES|QL] Update grammars (#196046)\n\nThis PR updates the ES|QL grammars (lexer and parser) to match the\r\nlatest version in Elasticsearch.\r\n\r\n---------\r\n\r\nCo-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>","sha":"bed5c4e9fe0cf5acc2e5b3326ca306134bc18891"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196046","number":196046,"mergeCommit":{"message":"[ES|QL] Update grammars (#196046)\n\nThis PR updates the ES|QL grammars (lexer and parser) to match the\r\nlatest version in Elasticsearch.\r\n\r\n---------\r\n\r\nCo-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>","sha":"bed5c4e9fe0cf5acc2e5b3326ca306134bc18891"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->	2024-10-15 10:54:05 -05:00
Kibana Machine	a8cec560a6	[8.x] [Onboarding] UX Feedback - Slight Tweaks to search detail (#194873) (#196314) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Onboarding] UX Feedback - Slight Tweaks to search detail (#194873)](https://github.com/elastic/kibana/pull/194873) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Michael DeFazio","email":"michael.defazio@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T13:33:31Z","message":"[Onboarding] UX Feedback - Slight Tweaks to search detail (#194873)\n\nTweaks to search details\r\n\r\n\r\nhttps://github.com/user-attachments/assets/a583a9d9-b059-4ce1-beaa-f7c733feabf0\r\n\r\n---------\r\n\r\nCo-authored-by: Joseph McElroy <joseph.mcelroy@elastic.co>\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"545f5a42f7af27bad33e272aa67eb59ac27e04ce","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Search","backport:prev-minor"],"title":"[Onboarding] UX Feedback - Slight Tweaks to search detail","number":194873,"url":"https://github.com/elastic/kibana/pull/194873","mergeCommit":{"message":"[Onboarding] UX Feedback - Slight Tweaks to search detail (#194873)\n\nTweaks to search details\r\n\r\n\r\nhttps://github.com/user-attachments/assets/a583a9d9-b059-4ce1-beaa-f7c733feabf0\r\n\r\n---------\r\n\r\nCo-authored-by: Joseph McElroy <joseph.mcelroy@elastic.co>\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"545f5a42f7af27bad33e272aa67eb59ac27e04ce"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194873","number":194873,"mergeCommit":{"message":"[Onboarding] UX Feedback - Slight Tweaks to search detail (#194873)\n\nTweaks to search details\r\n\r\n\r\nhttps://github.com/user-attachments/assets/a583a9d9-b059-4ce1-beaa-f7c733feabf0\r\n\r\n---------\r\n\r\nCo-authored-by: Joseph McElroy <joseph.mcelroy@elastic.co>\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"545f5a42f7af27bad33e272aa67eb59ac27e04ce"}}]}] BACKPORT--> Co-authored-by: Michael DeFazio <michael.defazio@elastic.co>	2024-10-15 10:33:38 -05:00
Sébastien Loix	db2adf7588	[8.x] [Stateful sidenav] Welcome tour (#194926) (#196298) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Stateful sidenav] Welcome tour (#194926)](https://github.com/elastic/kibana/pull/194926) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Sébastien Loix","email":"sebastien.loix@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T12:18:30Z","message":"[Stateful sidenav] Welcome tour (#194926)","sha":"8cceaee0f42c6c0e7ee064ef98a0e652fd77e286","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Security/Spaces","release_note:skip","v9.0.0","Team:SharedUX","backport:prev-minor"],"number":194926,"url":"https://github.com/elastic/kibana/pull/194926","mergeCommit":{"message":"[Stateful sidenav] Welcome tour (#194926)","sha":"8cceaee0f42c6c0e7ee064ef98a0e652fd77e286"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194926","number":194926,"mergeCommit":{"message":"[Stateful sidenav] Welcome tour (#194926)","sha":"8cceaee0f42c6c0e7ee064ef98a0e652fd77e286"}}]}] BACKPORT-->	2024-10-15 09:35:19 -05:00
Kibana Machine	ebfc4d93ea	[8.x] fix: [Stateful: Home page] Most Ingest your content section buttons have duplicated actions on them (#196079) (#196301) ... # Backport This will backport the following commits from `main` to `8.x`: - [fix: [Stateful: Home page] Most Ingest your content section buttons have duplicated actions on them (#196079)](https://github.com/elastic/kibana/pull/196079) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alexey Antonov","email":"alexwizp@gmail.com"},"sourceCommit":{"committedDate":"2024-10-15T12:39:10Z","message":"fix: [Stateful: Home page] Most Ingest your content section buttons have duplicated actions on them (#196079)\n\nCloses: #194932\r\n\r\n## Summary\r\n\r\nUser reaches the same button two times when navigating using only\r\nkeyboard and it can get confusing. Also for the user using screen reader\r\nit is also confusing if reached element is button or link. Better for\r\nelement to get focus only one time when navigating in sequence from one\r\nelement to another and for the user only to hear one announcement of the\r\nelement, button or link (but not button link).\r\n\r\n## What was changed?:\r\n\r\n1. Removed extra `EuiLinkTo` wrapper \r\n2. `EuiButton` was replaced to `EuiButtonTo`\r\n\r\n## Screen \r\n\r\n<img width=\"1792\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/597eb7f0-dd7b-4c14-bccd-d91dc3bdcbcf\">","sha":"5ed698182887e18d2aa6c4b6782cc636a45a1472","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Project:Accessibility","release_note:skip","v9.0.0","Team:Search","backport:prev-minor"],"title":"fix: [Stateful: Home page] Most Ingest your content section buttons have duplicated actions on them","number":196079,"url":"https://github.com/elastic/kibana/pull/196079","mergeCommit":{"message":"fix: [Stateful: Home page] Most Ingest your content section buttons have duplicated actions on them (#196079)\n\nCloses: #194932\r\n\r\n## Summary\r\n\r\nUser reaches the same button two times when navigating using only\r\nkeyboard and it can get confusing. Also for the user using screen reader\r\nit is also confusing if reached element is button or link. Better for\r\nelement to get focus only one time when navigating in sequence from one\r\nelement to another and for the user only to hear one announcement of the\r\nelement, button or link (but not button link).\r\n\r\n## What was changed?:\r\n\r\n1. Removed extra `EuiLinkTo` wrapper \r\n2. `EuiButton` was replaced to `EuiButtonTo`\r\n\r\n## Screen \r\n\r\n<img width=\"1792\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/597eb7f0-dd7b-4c14-bccd-d91dc3bdcbcf\">","sha":"5ed698182887e18d2aa6c4b6782cc636a45a1472"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196079","number":196079,"mergeCommit":{"message":"fix: [Stateful: Home page] Most Ingest your content section buttons have duplicated actions on them (#196079)\n\nCloses: #194932\r\n\r\n## Summary\r\n\r\nUser reaches the same button two times when navigating using only\r\nkeyboard and it can get confusing. Also for the user using screen reader\r\nit is also confusing if reached element is button or link. Better for\r\nelement to get focus only one time when navigating in sequence from one\r\nelement to another and for the user only to hear one announcement of the\r\nelement, button or link (but not button link).\r\n\r\n## What was changed?:\r\n\r\n1. Removed extra `EuiLinkTo` wrapper \r\n2. `EuiButton` was replaced to `EuiButtonTo`\r\n\r\n## Screen \r\n\r\n<img width=\"1792\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/597eb7f0-dd7b-4c14-bccd-d91dc3bdcbcf\">","sha":"5ed698182887e18d2aa6c4b6782cc636a45a1472"}}]}] BACKPORT--> Co-authored-by: Alexey Antonov <alexwizp@gmail.com>	2024-10-15 09:31:42 -05:00
Kibana Machine	3ebe580741	[8.x] fix: [Stateful: Home page] Create an API key dialog information announcement duplication (#196133) (#196272) ... # Backport This will backport the following commits from `main` to `8.x`: - [fix: [Stateful: Home page] Create an API key dialog information announcement duplication (#196133)](https://github.com/elastic/kibana/pull/196133) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alexey Antonov","email":"alexwizp@gmail.com"},"sourceCommit":{"committedDate":"2024-10-15T10:32:32Z","message":"fix: [Stateful: Home page] Create an API key dialog information announcement duplication (#196133)\n\nCloses: #195754\r\nCloses: #195252\r\n\r\n## Description\r\nInformation about an element (in this case, a dialog) should be\r\nannounced once to the user. If the user navigates to another element and\r\nthen returns to the same dialog, they should hear the information about\r\nthe dialog again (one time).\r\n\r\n## What was changed?:\r\n\r\n1. Added `aria-labelledby` for `EuiFlyout` based on the EUI\r\nrecommendation. This will correctly pronounce the Flyout header without\r\nextra text.\r\n2. Added `aria-labelledby` and `role=\"region\"` for `EuiAccordion` for\r\nthe same reason.\r\n\r\n## Screen: \r\n\r\n<img width=\"1792\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/8a7ba05f-381a-4bb1-81fc-eb2c5fdb9fb0\">","sha":"0ccfb70c810b037c5aa02270e5a59da284d2b31c","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Project:Accessibility","release_note:skip","v9.0.0","Team:Search","backport:prev-minor"],"title":"fix: [Stateful: Home page] Create an API key dialog information announcement duplication","number":196133,"url":"https://github.com/elastic/kibana/pull/196133","mergeCommit":{"message":"fix: [Stateful: Home page] Create an API key dialog information announcement duplication (#196133)\n\nCloses: #195754\r\nCloses: #195252\r\n\r\n## Description\r\nInformation about an element (in this case, a dialog) should be\r\nannounced once to the user. If the user navigates to another element and\r\nthen returns to the same dialog, they should hear the information about\r\nthe dialog again (one time).\r\n\r\n## What was changed?:\r\n\r\n1. Added `aria-labelledby` for `EuiFlyout` based on the EUI\r\nrecommendation. This will correctly pronounce the Flyout header without\r\nextra text.\r\n2. Added `aria-labelledby` and `role=\"region\"` for `EuiAccordion` for\r\nthe same reason.\r\n\r\n## Screen: \r\n\r\n<img width=\"1792\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/8a7ba05f-381a-4bb1-81fc-eb2c5fdb9fb0\">","sha":"0ccfb70c810b037c5aa02270e5a59da284d2b31c"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196133","number":196133,"mergeCommit":{"message":"fix: [Stateful: Home page] Create an API key dialog information announcement duplication (#196133)\n\nCloses: #195754\r\nCloses: #195252\r\n\r\n## Description\r\nInformation about an element (in this case, a dialog) should be\r\nannounced once to the user. If the user navigates to another element and\r\nthen returns to the same dialog, they should hear the information about\r\nthe dialog again (one time).\r\n\r\n## What was changed?:\r\n\r\n1. Added `aria-labelledby` for `EuiFlyout` based on the EUI\r\nrecommendation. This will correctly pronounce the Flyout header without\r\nextra text.\r\n2. Added `aria-labelledby` and `role=\"region\"` for `EuiAccordion` for\r\nthe same reason.\r\n\r\n## Screen: \r\n\r\n<img width=\"1792\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/8a7ba05f-381a-4bb1-81fc-eb2c5fdb9fb0\">","sha":"0ccfb70c810b037c5aa02270e5a59da284d2b31c"}}]}] BACKPORT--> Co-authored-by: Alexey Antonov <alexwizp@gmail.com>	2024-10-15 09:09:28 -05:00
Kibana Machine	529d04f2fb	[8.x] [Search] New search connector creation flow (#187582) (#196293) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Search] New search connector creation flow (#187582)](https://github.com/elastic/kibana/pull/187582) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"José Luis González","email":"joseluisgj@gmail.com"},"sourceCommit":{"committedDate":"2024-10-15T12:09:30Z","message":"[Search] New search connector creation flow (#187582)\n\n## Summary\r\n\r\nThis PR brings a new and dedicated search connector creation flow for\r\nES3 and ESS.\r\n[Figma\r\nPrototype](https://www.figma.com/proto/eKQr4HYlz0v9pTofRPWIyH/Ingestion-methods-flow?page-id=411%3A158867&node-id=411-158870&viewport=3831%2C-1905%2C1.23&t=ZP9e3LtaSeJ5FMAz-9&scaling=min-zoom&content-scaling=fixed&starting-point-node-id=411%3A158870&show-proto-sidebar=1)\r\n\r\n\r\n\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is usable by keyboard only (learn more\r\nabout [keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [ ] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n### Risk Matrix\r\n\r\nDelete this section if it is not applicable to this PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other developers to\r\nidentify risks that should be tested prior to the change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider some of the following examples\r\nand how they may potentially impact the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.\r\n| Low | High | Integration tests will verify that all features are still\r\nsupported in non-default Kibana Space and when user switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch polling might have race conditions\r\nwhen multiple Kibana nodes are polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so executing them multiple times will not result\r\nin logical error, but will degrade performance. To test for this case we\r\nadd plenty of unit tests around this logic and document manual testing\r\nprocedure. |\r\n| Code should gracefully handle cases when feature X or plugin Y are\r\ndisabled. | Medium | High | Unit tests will verify that any feature flag\r\nor plugin combination still results in our service operational. |\r\n| [See more potential risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Efe Gürkan YALAMAN <efeguerkan.yalaman@elastic.co>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"63e116bb078c29c70e4e23cba1c88d0ac022801d","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:EnterpriseSearch","backport:prev-minor","v8.16.0"],"title":"[Search] New search connector creation flow","number":187582,"url":"https://github.com/elastic/kibana/pull/187582","mergeCommit":{"message":"[Search] New search connector creation flow (#187582)\n\n## Summary\r\n\r\nThis PR brings a new and dedicated search connector creation flow for\r\nES3 and ESS.\r\n[Figma\r\nPrototype](https://www.figma.com/proto/eKQr4HYlz0v9pTofRPWIyH/Ingestion-methods-flow?page-id=411%3A158867&node-id=411-158870&viewport=3831%2C-1905%2C1.23&t=ZP9e3LtaSeJ5FMAz-9&scaling=min-zoom&content-scaling=fixed&starting-point-node-id=411%3A158870&show-proto-sidebar=1)\r\n\r\n\r\n\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is usable by keyboard only (learn more\r\nabout [keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [ ] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n### Risk Matrix\r\n\r\nDelete this section if it is not applicable to this PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other developers to\r\nidentify risks that should be tested prior to the change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider some of the following examples\r\nand how they may potentially impact the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.\r\n| Low | High | Integration tests will verify that all features are still\r\nsupported in non-default Kibana Space and when user switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch polling might have race conditions\r\nwhen multiple Kibana nodes are polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so executing them multiple times will not result\r\nin logical error, but will degrade performance. To test for this case we\r\nadd plenty of unit tests around this logic and document manual testing\r\nprocedure. |\r\n| Code should gracefully handle cases when feature X or plugin Y are\r\ndisabled. | Medium | High | Unit tests will verify that any feature flag\r\nor plugin combination still results in our service operational. |\r\n| [See more potential risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Efe Gürkan YALAMAN <efeguerkan.yalaman@elastic.co>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"63e116bb078c29c70e4e23cba1c88d0ac022801d"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/187582","number":187582,"mergeCommit":{"message":"[Search] New search connector creation flow (#187582)\n\n## Summary\r\n\r\nThis PR brings a new and dedicated search connector creation flow for\r\nES3 and ESS.\r\n[Figma\r\nPrototype](https://www.figma.com/proto/eKQr4HYlz0v9pTofRPWIyH/Ingestion-methods-flow?page-id=411%3A158867&node-id=411-158870&viewport=3831%2C-1905%2C1.23&t=ZP9e3LtaSeJ5FMAz-9&scaling=min-zoom&content-scaling=fixed&starting-point-node-id=411%3A158870&show-proto-sidebar=1)\r\n\r\n\r\n\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is usable by keyboard only (learn more\r\nabout [keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [ ] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n### Risk Matrix\r\n\r\nDelete this section if it is not applicable to this PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other developers to\r\nidentify risks that should be tested prior to the change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider some of the following examples\r\nand how they may potentially impact the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.\r\n| Low | High | Integration tests will verify that all features are still\r\nsupported in non-default Kibana Space and when user switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch polling might have race conditions\r\nwhen multiple Kibana nodes are polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so executing them multiple times will not result\r\nin logical error, but will degrade performance. To test for this case we\r\nadd plenty of unit tests around this logic and document manual testing\r\nprocedure. |\r\n| Code should gracefully handle cases when feature X or plugin Y are\r\ndisabled. | Medium | High | Unit tests will verify that any feature flag\r\nor plugin combination still results in our service operational. |\r\n| [See more potential risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Efe Gürkan YALAMAN <efeguerkan.yalaman@elastic.co>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"63e116bb078c29c70e4e23cba1c88d0ac022801d"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: José Luis González <joseluisgj@gmail.com>	2024-10-15 09:02:54 -05:00
Rudolf Meijering	0e205fae8f	[8.x] Backport Attempt to get rid of SavedObjectClass (#192265) (#196130) ... ## Summary Manual backport of "Attempt to get rid of SavedObjectClass (#192265)" ### Checklist ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit ac29d0fc48) # Conflicts: # src/plugins/dashboard/public/services/saved_objects_tagging/saved_objects_tagging.stub.ts # src/plugins/dashboard/public/services/saved_objects_tagging/saved_objects_tagging_service.ts # src/plugins/dashboard/public/services/saved_objects_tagging/types.ts ## Summary Summarize your PR. If it involves visual changes include a screenshot or gif. ### Checklist	2024-10-15 16:02:36 +02:00
Nicolas Chaulet	89f85ab596	[8.x] [Fleet] Add cypress test against space awareness (#195372) (#195873) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Fleet] Add cypress test against space awareness (#195372)](https://github.com/elastic/kibana/pull/195372) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Nicolas Chaulet","email":"nicolas.chaulet@elastic.co"},"sourceCommit":{"committedDate":"2024-10-11T07:19:21Z","message":"[Fleet] Add cypress test against space awareness (#195372)","sha":"5b697499978170937d8c0280b0cf184ee84b57ab","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","backport:prev-minor","v8.16.0"],"number":195372,"url":"https://github.com/elastic/kibana/pull/195372","mergeCommit":{"message":"[Fleet] Add cypress test against space awareness (#195372)","sha":"5b697499978170937d8c0280b0cf184ee84b57ab"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195372","number":195372,"mergeCommit":{"message":"[Fleet] Add cypress test against space awareness (#195372)","sha":"5b697499978170937d8c0280b0cf184ee84b57ab"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>	2024-10-15 09:02:16 -05:00
Kibana Machine	c04b25b9ee	[8.x] [Inventory][ECO] Show alerts for entities (#195250) (#196288) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Inventory][ECO] Show alerts for entities (#195250)](https://github.com/elastic/kibana/pull/195250) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Katerina","email":"aikaterini.patticha@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T11:51:34Z","message":"[Inventory][ECO] Show alerts for entities (#195250)\n\n## Summary\r\n\r\nShow alerts related to entities\r\n\r\nclose https://github.com/elastic/kibana/issues/194381 \r\n\r\n### Checklist\r\n\r\n- change default sorting from last seen to alertsCount\r\n- when alertsCount is not available server side sorting fallbacks to\r\nlast seen\r\n- [Change app route from /app/observability/inventory to\r\n/app/inventory](57598d05fb)\r\n(causing issue when importing observability plugin\r\n- refactoring: move columns into seperate file \r\n\r\n\r\n\r\n\r\nhttps://github.com/user-attachments/assets/ea3abc5a-0581-41e7-a174-6655a39c1133\r\n\r\n\r\n\r\n### How to test\r\n- run any synthtrace scenario ex`node scripts/synthtrace\r\ninfra_hosts_with_apm_hosts.ts`\r\n- create a rule (SLO or apm) \r\n- click on the alert count\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Cauê Marcondes <55978943+cauemarcondes@users.noreply.github.com>","sha":"c0bd82b30ca7e0fec99321412a37a2e37bc20970","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["v9.0.0","release_note:feature","backport:prev-minor","ci:project-deploy-observability","Team:obs-ux-infra_services","v8.16.0"],"title":"[Inventory][ECO] Show alerts for entities ","number":195250,"url":"https://github.com/elastic/kibana/pull/195250","mergeCommit":{"message":"[Inventory][ECO] Show alerts for entities (#195250)\n\n## Summary\r\n\r\nShow alerts related to entities\r\n\r\nclose https://github.com/elastic/kibana/issues/194381 \r\n\r\n### Checklist\r\n\r\n- change default sorting from last seen to alertsCount\r\n- when alertsCount is not available server side sorting fallbacks to\r\nlast seen\r\n- [Change app route from /app/observability/inventory to\r\n/app/inventory](57598d05fb)\r\n(causing issue when importing observability plugin\r\n- refactoring: move columns into seperate file \r\n\r\n\r\n\r\n\r\nhttps://github.com/user-attachments/assets/ea3abc5a-0581-41e7-a174-6655a39c1133\r\n\r\n\r\n\r\n### How to test\r\n- run any synthtrace scenario ex`node scripts/synthtrace\r\ninfra_hosts_with_apm_hosts.ts`\r\n- create a rule (SLO or apm) \r\n- click on the alert count\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Cauê Marcondes <55978943+cauemarcondes@users.noreply.github.com>","sha":"c0bd82b30ca7e0fec99321412a37a2e37bc20970"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195250","number":195250,"mergeCommit":{"message":"[Inventory][ECO] Show alerts for entities (#195250)\n\n## Summary\r\n\r\nShow alerts related to entities\r\n\r\nclose https://github.com/elastic/kibana/issues/194381 \r\n\r\n### Checklist\r\n\r\n- change default sorting from last seen to alertsCount\r\n- when alertsCount is not available server side sorting fallbacks to\r\nlast seen\r\n- [Change app route from /app/observability/inventory to\r\n/app/inventory](57598d05fb)\r\n(causing issue when importing observability plugin\r\n- refactoring: move columns into seperate file \r\n\r\n\r\n\r\n\r\nhttps://github.com/user-attachments/assets/ea3abc5a-0581-41e7-a174-6655a39c1133\r\n\r\n\r\n\r\n### How to test\r\n- run any synthtrace scenario ex`node scripts/synthtrace\r\ninfra_hosts_with_apm_hosts.ts`\r\n- create a rule (SLO or apm) \r\n- click on the alert count\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Cauê Marcondes <55978943+cauemarcondes@users.noreply.github.com>","sha":"c0bd82b30ca7e0fec99321412a37a2e37bc20970"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Katerina <aikaterini.patticha@elastic.co>	2024-10-15 08:58:28 -05:00
Christos Nasikas	99bddf8fa6	[8.x] [Response Ops][Rules] Add New Rule Form to Stack Management (#194655) (#196290) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Response Ops][Rules] Add New Rule Form to Stack Management (#194655)](https://github.com/elastic/kibana/pull/194655) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jiawei Wu","email":"74562234+JiaweiWu@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T10:17:59Z","message":"[Response Ops][Rules] Add New Rule Form to Stack Management (#194655)\n\n## Summary\r\n\r\nEnables and adds the new rule form to stack management. We are only\r\ngoing to turn this on for stack management for now until we are\r\nconfident that this is fairly bug free.\r\n\r\n### To test:\r\n\r\n1. Switch `USE_NEW_RULE_FORM_FEATURE_FLAG` to true\r\n2. Navigate to stack management -> rules list\r\n3. Click \"Create rule\" \r\n4. Assert the user is navigated to the new form\r\n5. Create rule\r\n6. Assert the user is navigated to the rule details page\r\n7. Click \"Edit\"\r\n8. Edit rule\r\n9. Assert the user is navigated to the rule details page\r\n10. Try editing a rule in the rules list and assert everything works as\r\nexpected\r\n\r\nWe should also make sure this rule form is not enabled in other\r\nsolutions.\r\n\r\n### Checklist\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\r\nCo-authored-by: Christos Nasikas <christos.nasikas@elastic.co>","sha":"5c2df6347d779f577946634e972d30224299079a","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","v9.0.0","backport:prev-minor","v8.16.0"],"number":194655,"url":"https://github.com/elastic/kibana/pull/194655","mergeCommit":{"message":"[Response Ops][Rules] Add New Rule Form to Stack Management (#194655)\n\n## Summary\r\n\r\nEnables and adds the new rule form to stack management. We are only\r\ngoing to turn this on for stack management for now until we are\r\nconfident that this is fairly bug free.\r\n\r\n### To test:\r\n\r\n1. Switch `USE_NEW_RULE_FORM_FEATURE_FLAG` to true\r\n2. Navigate to stack management -> rules list\r\n3. Click \"Create rule\" \r\n4. Assert the user is navigated to the new form\r\n5. Create rule\r\n6. Assert the user is navigated to the rule details page\r\n7. Click \"Edit\"\r\n8. Edit rule\r\n9. Assert the user is navigated to the rule details page\r\n10. Try editing a rule in the rules list and assert everything works as\r\nexpected\r\n\r\nWe should also make sure this rule form is not enabled in other\r\nsolutions.\r\n\r\n### Checklist\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\r\nCo-authored-by: Christos Nasikas <christos.nasikas@elastic.co>","sha":"5c2df6347d779f577946634e972d30224299079a"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194655","number":194655,"mergeCommit":{"message":"[Response Ops][Rules] Add New Rule Form to Stack Management (#194655)\n\n## Summary\r\n\r\nEnables and adds the new rule form to stack management. We are only\r\ngoing to turn this on for stack management for now until we are\r\nconfident that this is fairly bug free.\r\n\r\n### To test:\r\n\r\n1. Switch `USE_NEW_RULE_FORM_FEATURE_FLAG` to true\r\n2. Navigate to stack management -> rules list\r\n3. Click \"Create rule\" \r\n4. Assert the user is navigated to the new form\r\n5. Create rule\r\n6. Assert the user is navigated to the rule details page\r\n7. Click \"Edit\"\r\n8. Edit rule\r\n9. Assert the user is navigated to the rule details page\r\n10. Try editing a rule in the rules list and assert everything works as\r\nexpected\r\n\r\nWe should also make sure this rule form is not enabled in other\r\nsolutions.\r\n\r\n### Checklist\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\r\nCo-authored-by: Christos Nasikas <christos.nasikas@elastic.co>","sha":"5c2df6347d779f577946634e972d30224299079a"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Jiawei Wu <74562234+JiaweiWu@users.noreply.github.com>	2024-10-15 08:57:08 -05:00
Kibana Machine	bf0432de4e	[8.x] [Auto Import] Improve log format recognition (#196228) (#196289) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Auto Import] Improve log format recognition (#196228)](https://github.com/elastic/kibana/pull/196228) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Ilya Nikokoshev","email":"ilya.nikokoshev@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T12:02:00Z","message":"[Auto Import] Improve log format recognition (#196228)\n\nPreviously the LLM would often select `unstructured` format for what (to\r\nour eye) clearly are CSV samples.\r\n\r\nWe add the missing line break between the log samples (which should help\r\nformat recognition in general) and change the prompt to clarify when the\r\ncomma-separated list should be treated as a `csv` and when as\r\n`structured` format.\r\n\r\nSee GitHub for examples.\r\n\r\n---------\r\n\r\nCo-authored-by: Bharat Pasupula <123897612+bhapas@users.noreply.github.com>","sha":"bdc9ce932bbfa606dd1f1e188c8b32df4327a0a4","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","backport missing","v9.0.0","backport:prev-minor","Team:Security-Scalability","Feature:AutomaticImport"],"title":"[Auto Import] Improve log format recognition","number":196228,"url":"https://github.com/elastic/kibana/pull/196228","mergeCommit":{"message":"[Auto Import] Improve log format recognition (#196228)\n\nPreviously the LLM would often select `unstructured` format for what (to\r\nour eye) clearly are CSV samples.\r\n\r\nWe add the missing line break between the log samples (which should help\r\nformat recognition in general) and change the prompt to clarify when the\r\ncomma-separated list should be treated as a `csv` and when as\r\n`structured` format.\r\n\r\nSee GitHub for examples.\r\n\r\n---------\r\n\r\nCo-authored-by: Bharat Pasupula <123897612+bhapas@users.noreply.github.com>","sha":"bdc9ce932bbfa606dd1f1e188c8b32df4327a0a4"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196228","number":196228,"mergeCommit":{"message":"[Auto Import] Improve log format recognition (#196228)\n\nPreviously the LLM would often select `unstructured` format for what (to\r\nour eye) clearly are CSV samples.\r\n\r\nWe add the missing line break between the log samples (which should help\r\nformat recognition in general) and change the prompt to clarify when the\r\ncomma-separated list should be treated as a `csv` and when as\r\n`structured` format.\r\n\r\nSee GitHub for examples.\r\n\r\n---------\r\n\r\nCo-authored-by: Bharat Pasupula <123897612+bhapas@users.noreply.github.com>","sha":"bdc9ce932bbfa606dd1f1e188c8b32df4327a0a4"}}]}] BACKPORT--> Co-authored-by: Ilya Nikokoshev <ilya.nikokoshev@elastic.co>	2024-10-15 08:54:19 -05:00
Mark Hopkin	8041d698d8	[8.x] Flipped Security Entity Store flag to being a "disable" flag (#195818) (#196261) ... # Backport This will backport the following commits from `main` to `8.x`: - [Flipped Security Entity Store flag to being a "disable" flag (#195818)](https://github.com/elastic/kibana/pull/195818) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jared Burgett","email":"147995946+jaredburgettelastic@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T04:56:08Z","message":"Flipped Security Entity Store flag to being a \"disable\" flag (#195818)\n\n## Summary\r\n\r\nThe Security Solution Entity Store feature will now be available by\r\ndefault. However, there will be a flag that can be switched on, if\r\ndesired, to **disable** that feature entirely.\r\n\r\nRegardless of whether this flag is enabled or not, Security's Entity\r\nStore is still only fully enabled through an enablement workflow. In\r\nother words, a Security Solution customer must turn on the feature\r\nthrough an onboarding workflow in order to enable its features.\r\n\r\nAdditionally, we are disabling this feature in Serverless at first, to\r\nperform proper Serverless load/performance testing. (We do not expect it\r\nto be significantly different than ESS/ECH, but are doing so out of an\r\nabundance of caution).\r\n\r\n---------\r\n\r\nCo-authored-by: Pablo Machado <pablo.nevesmachado@elastic.co>","sha":"ea582dc65029f5537d6093c3fadb8b90b7768f91","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor"],"number":195818,"url":"https://github.com/elastic/kibana/pull/195818","mergeCommit":{"message":"Flipped Security Entity Store flag to being a \"disable\" flag (#195818)\n\n## Summary\r\n\r\nThe Security Solution Entity Store feature will now be available by\r\ndefault. However, there will be a flag that can be switched on, if\r\ndesired, to **disable** that feature entirely.\r\n\r\nRegardless of whether this flag is enabled or not, Security's Entity\r\nStore is still only fully enabled through an enablement workflow. In\r\nother words, a Security Solution customer must turn on the feature\r\nthrough an onboarding workflow in order to enable its features.\r\n\r\nAdditionally, we are disabling this feature in Serverless at first, to\r\nperform proper Serverless load/performance testing. (We do not expect it\r\nto be significantly different than ESS/ECH, but are doing so out of an\r\nabundance of caution).\r\n\r\n---------\r\n\r\nCo-authored-by: Pablo Machado <pablo.nevesmachado@elastic.co>","sha":"ea582dc65029f5537d6093c3fadb8b90b7768f91"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195818","number":195818,"mergeCommit":{"message":"Flipped Security Entity Store flag to being a \"disable\" flag (#195818)\n\n## Summary\r\n\r\nThe Security Solution Entity Store feature will now be available by\r\ndefault. However, there will be a flag that can be switched on, if\r\ndesired, to **disable** that feature entirely.\r\n\r\nRegardless of whether this flag is enabled or not, Security's Entity\r\nStore is still only fully enabled through an enablement workflow. In\r\nother words, a Security Solution customer must turn on the feature\r\nthrough an onboarding workflow in order to enable its features.\r\n\r\nAdditionally, we are disabling this feature in Serverless at first, to\r\nperform proper Serverless load/performance testing. (We do not expect it\r\nto be significantly different than ESS/ECH, but are doing so out of an\r\nabundance of caution).\r\n\r\n---------\r\n\r\nCo-authored-by: Pablo Machado <pablo.nevesmachado@elastic.co>","sha":"ea582dc65029f5537d6093c3fadb8b90b7768f91"}}]}] BACKPORT--> Co-authored-by: Jared Burgett <147995946+jaredburgettelastic@users.noreply.github.com>	2024-10-15 08:20:46 -05:00
Jordan	60d3feffcb	[8.x] [Cloud Posture] Adding CSP 3P support callout for Wiz integration (#196025) (#196274) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Cloud Posture] Adding CSP 3P support callout for Wiz integration (#196025)](https://github.com/elastic/kibana/pull/196025) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jordan","email":"51442161+JordanSh@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-14T12:35:25Z","message":"[Cloud Posture] Adding CSP 3P support callout for Wiz integration (#196025)","sha":"ebe16fa467d6e35e2398ad724780db05c27779cf","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","Team:Cloud Security","backport:prev-minor"],"number":196025,"url":"https://github.com/elastic/kibana/pull/196025","mergeCommit":{"message":"[Cloud Posture] Adding CSP 3P support callout for Wiz integration (#196025)","sha":"ebe16fa467d6e35e2398ad724780db05c27779cf"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196025","number":196025,"mergeCommit":{"message":"[Cloud Posture] Adding CSP 3P support callout for Wiz integration (#196025)","sha":"ebe16fa467d6e35e2398ad724780db05c27779cf"}}]}] BACKPORT--> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>	2024-10-15 07:38:05 -05:00
Kibana Machine	85ab195a78	[8.x] [Onboarding] Small fixes from QA (#196178) (#196276) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Onboarding] Small fixes from QA (#196178)](https://github.com/elastic/kibana/pull/196178) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Joe McElroy","email":"joseph.mcelroy@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T10:44:17Z","message":"[Onboarding] Small fixes from QA (#196178)\n\n## Summary\r\n\r\n- update the code examples to use the normal client, not the\r\nelasticsearch client. The devtools team wants us to use the\r\nelasticsearch client here\r\n- update the code samples highlighting component so you can see\r\nhighlighting","sha":"422cad5c2dca04ed121544079be255ac85f9e479","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor"],"title":"[Onboarding] Small fixes from QA","number":196178,"url":"https://github.com/elastic/kibana/pull/196178","mergeCommit":{"message":"[Onboarding] Small fixes from QA (#196178)\n\n## Summary\r\n\r\n- update the code examples to use the normal client, not the\r\nelasticsearch client. The devtools team wants us to use the\r\nelasticsearch client here\r\n- update the code samples highlighting component so you can see\r\nhighlighting","sha":"422cad5c2dca04ed121544079be255ac85f9e479"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196178","number":196178,"mergeCommit":{"message":"[Onboarding] Small fixes from QA (#196178)\n\n## Summary\r\n\r\n- update the code examples to use the normal client, not the\r\nelasticsearch client. The devtools team wants us to use the\r\nelasticsearch client here\r\n- update the code samples highlighting component so you can see\r\nhighlighting","sha":"422cad5c2dca04ed121544079be255ac85f9e479"}}]}] BACKPORT--> Co-authored-by: Joe McElroy <joseph.mcelroy@elastic.co>	2024-10-15 07:36:57 -05:00
Kibana Machine	68ca73952c	[8.x] fix: [Stateful: Home page] Not checked radio button receive focus a first element in radio group. (#195745) (#196273) ... # Backport This will backport the following commits from `main` to `8.x`: - [fix: [Stateful: Home page] Not checked radio button receive focus a first element in radio group. (#195745)](https://github.com/elastic/kibana/pull/195745) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alexey Antonov","email":"alexwizp@gmail.com"},"sourceCommit":{"committedDate":"2024-10-15T10:33:30Z","message":"fix: [Stateful: Home page] Not checked radio button receive focus a first element in radio group. (#195745)\n\nCloses: #195190\r\n\r\n## Description \r\n\r\nAccording to ARIA Authoring Practices Guide, focus should be on the\r\nchecked radio button when the user reaches radio group while navigating\r\nusing only keyboard. As of now, because all the time first radio button\r\nin the group receives focus, even if it is not checked, it may cause\r\nconfusion and could potentially lead users to unintentionally change\r\ntheir selection without checking all checkboxes which exist in the\r\ngroup.\r\n\r\n## What was changed: \r\n1. Added name attribute for `EuiRadioGroup`. \r\n\r\n## Screen: \r\n\r\n\r\nhttps://github.com/user-attachments/assets/20db2394-b9db-4c40-9e72-53ee860cd066","sha":"2c1d5ce08fa55275148e61012aa49061f01c3dd9","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Project:Accessibility","release_note:skip","v9.0.0","Team:Search","backport:prev-minor"],"title":"fix: [Stateful: Home page] Not checked radio button receive focus a first element in radio group.","number":195745,"url":"https://github.com/elastic/kibana/pull/195745","mergeCommit":{"message":"fix: [Stateful: Home page] Not checked radio button receive focus a first element in radio group. (#195745)\n\nCloses: #195190\r\n\r\n## Description \r\n\r\nAccording to ARIA Authoring Practices Guide, focus should be on the\r\nchecked radio button when the user reaches radio group while navigating\r\nusing only keyboard. As of now, because all the time first radio button\r\nin the group receives focus, even if it is not checked, it may cause\r\nconfusion and could potentially lead users to unintentionally change\r\ntheir selection without checking all checkboxes which exist in the\r\ngroup.\r\n\r\n## What was changed: \r\n1. Added name attribute for `EuiRadioGroup`. \r\n\r\n## Screen: \r\n\r\n\r\nhttps://github.com/user-attachments/assets/20db2394-b9db-4c40-9e72-53ee860cd066","sha":"2c1d5ce08fa55275148e61012aa49061f01c3dd9"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195745","number":195745,"mergeCommit":{"message":"fix: [Stateful: Home page] Not checked radio button receive focus a first element in radio group. (#195745)\n\nCloses: #195190\r\n\r\n## Description \r\n\r\nAccording to ARIA Authoring Practices Guide, focus should be on the\r\nchecked radio button when the user reaches radio group while navigating\r\nusing only keyboard. As of now, because all the time first radio button\r\nin the group receives focus, even if it is not checked, it may cause\r\nconfusion and could potentially lead users to unintentionally change\r\ntheir selection without checking all checkboxes which exist in the\r\ngroup.\r\n\r\n## What was changed: \r\n1. Added name attribute for `EuiRadioGroup`. \r\n\r\n## Screen: \r\n\r\n\r\nhttps://github.com/user-attachments/assets/20db2394-b9db-4c40-9e72-53ee860cd066","sha":"2c1d5ce08fa55275148e61012aa49061f01c3dd9"}}]}] BACKPORT--> Co-authored-by: Alexey Antonov <alexwizp@gmail.com>	2024-10-15 07:33:04 -05:00
Kibana Machine	d2ef45fb9a	[8.x] [Cloud Security] Temporarily disabled rule creation for 3P findings (#196185) (#196268) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Cloud Security] Temporarily disabled rule creation for 3P findings (#196185)](https://github.com/elastic/kibana/pull/196185) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jordan","email":"51442161+JordanSh@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T09:56:18Z","message":"[Cloud Security] Temporarily disabled rule creation for 3P findings (#196185)","sha":"3034dc86a778d8acdf0240fe00f0354132f03bd7","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud Security","backport:prev-minor"],"title":"[Cloud Security] Temporarily disabled rule creation for 3P findings","number":196185,"url":"https://github.com/elastic/kibana/pull/196185","mergeCommit":{"message":"[Cloud Security] Temporarily disabled rule creation for 3P findings (#196185)","sha":"3034dc86a778d8acdf0240fe00f0354132f03bd7"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196185","number":196185,"mergeCommit":{"message":"[Cloud Security] Temporarily disabled rule creation for 3P findings (#196185)","sha":"3034dc86a778d8acdf0240fe00f0354132f03bd7"}}]}] BACKPORT--> Co-authored-by: Jordan <51442161+JordanSh@users.noreply.github.com>	2024-10-15 07:00:49 -05:00
Kfir Peled	06d98dc490	[8.x] [Cloud Security] Refactoring cloud-security-posture packages' folder structure (#196008) (#196267) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Cloud Security] Refactoring cloud-security-posture packages' folder structure (#196008)](https://github.com/elastic/kibana/pull/196008) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Kfir Peled","email":"61654899+kfirpeled@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-14T14:43:08Z","message":"[Cloud Security] Refactoring cloud-security-posture packages' folder structure (#196008)\n\n## Summary\r\n\r\nOrganized the team's packages under the same root folder\r\n\r\n```\r\n \"@kbn/cloud-security-posture\": \"link:x-pack/packages/cloud_security_posture/public\",\r\n \"@kbn/cloud-security-posture-common\": \"link:x-pack/packages/kbn-cloud-security-posture/common\",\r\n \"@kbn/cloud-security-posture-graph\": \"link:x-pack/packages/kbn-cloud-security-posture/graph\",\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"96eff23f50f68a161b85d6d05309fa3ea6a287b4","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor"],"number":196008,"url":"https://github.com/elastic/kibana/pull/196008","mergeCommit":{"message":"[Cloud Security] Refactoring cloud-security-posture packages' folder structure (#196008)\n\n## Summary\r\n\r\nOrganized the team's packages under the same root folder\r\n\r\n```\r\n \"@kbn/cloud-security-posture\": \"link:x-pack/packages/cloud_security_posture/public\",\r\n \"@kbn/cloud-security-posture-common\": \"link:x-pack/packages/kbn-cloud-security-posture/common\",\r\n \"@kbn/cloud-security-posture-graph\": \"link:x-pack/packages/kbn-cloud-security-posture/graph\",\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"96eff23f50f68a161b85d6d05309fa3ea6a287b4"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196008","number":196008,"mergeCommit":{"message":"[Cloud Security] Refactoring cloud-security-posture packages' folder structure (#196008)\n\n## Summary\r\n\r\nOrganized the team's packages under the same root folder\r\n\r\n```\r\n \"@kbn/cloud-security-posture\": \"link:x-pack/packages/cloud_security_posture/public\",\r\n \"@kbn/cloud-security-posture-common\": \"link:x-pack/packages/kbn-cloud-security-posture/common\",\r\n \"@kbn/cloud-security-posture-graph\": \"link:x-pack/packages/kbn-cloud-security-posture/graph\",\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"96eff23f50f68a161b85d6d05309fa3ea6a287b4"}}]}] BACKPORT-->	2024-10-15 06:51:18 -05:00
Kibana Machine	ba5a8fc816	[8.x] [APM][Otel] Use &#x60;fields&#x60; instead of &#x60;_source&#x60; on APM queries (#195242) (#196265) ... # Backport This will backport the following commits from `main` to `8.x`: - [[APM][Otel] Use &#x60;fields&#x60; instead of &#x60;_source&#x60; on APM queries (#195242)](https://github.com/elastic/kibana/pull/195242) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Carlos Crespo","email":"crespocarlos@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T09:38:44Z","message":"[APM][Otel] Use `fields` instead of `_source` on APM queries (#195242)\n\ncloses https://github.com/elastic/kibana/issues/192606\r\n\r\n## Summary\r\n\r\nv2 based on the work done in this PR\r\nhttps://github.com/elastic/kibana/pull/192608 and the suggestion from\r\nDario https://github.com/elastic/kibana/pull/194424\r\n\r\nThis PR replaces the _source usage in APM queries with fields to support\r\nOtel data. The idea is to get rid of existing UI errors we have and make\r\nsure that otel data is shown correctly in the UI.\r\n\r\nOne way to check it is using the [e2e\r\nPoC](https://github.com/elastic/otel-apm-e2e-poc/blob/main/README.md).\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\r\nCo-authored-by: Jenny <dzheni.pavlova@elastic.co>","sha":"7235ed0425100bbf04ff157d0af7980875473c99","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","v9.0.0","apm","apm:opentelemetry","backport:prev-minor","ci:project-deploy-observability","Team:obs-ux-infra_services"],"title":"[APM][Otel] Use `fields` instead of `_source` on APM queries","number":195242,"url":"https://github.com/elastic/kibana/pull/195242","mergeCommit":{"message":"[APM][Otel] Use `fields` instead of `_source` on APM queries (#195242)\n\ncloses https://github.com/elastic/kibana/issues/192606\r\n\r\n## Summary\r\n\r\nv2 based on the work done in this PR\r\nhttps://github.com/elastic/kibana/pull/192608 and the suggestion from\r\nDario https://github.com/elastic/kibana/pull/194424\r\n\r\nThis PR replaces the _source usage in APM queries with fields to support\r\nOtel data. The idea is to get rid of existing UI errors we have and make\r\nsure that otel data is shown correctly in the UI.\r\n\r\nOne way to check it is using the [e2e\r\nPoC](https://github.com/elastic/otel-apm-e2e-poc/blob/main/README.md).\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\r\nCo-authored-by: Jenny <dzheni.pavlova@elastic.co>","sha":"7235ed0425100bbf04ff157d0af7980875473c99"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195242","number":195242,"mergeCommit":{"message":"[APM][Otel] Use `fields` instead of `_source` on APM queries (#195242)\n\ncloses https://github.com/elastic/kibana/issues/192606\r\n\r\n## Summary\r\n\r\nv2 based on the work done in this PR\r\nhttps://github.com/elastic/kibana/pull/192608 and the suggestion from\r\nDario https://github.com/elastic/kibana/pull/194424\r\n\r\nThis PR replaces the _source usage in APM queries with fields to support\r\nOtel data. The idea is to get rid of existing UI errors we have and make\r\nsure that otel data is shown correctly in the UI.\r\n\r\nOne way to check it is using the [e2e\r\nPoC](https://github.com/elastic/otel-apm-e2e-poc/blob/main/README.md).\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\r\nCo-authored-by: Jenny <dzheni.pavlova@elastic.co>","sha":"7235ed0425100bbf04ff157d0af7980875473c99"}}]}] BACKPORT--> Co-authored-by: Carlos Crespo <crespocarlos@users.noreply.github.com>	2024-10-15 06:27:04 -05:00
Kibana Machine	0f2489e85a	[8.x] [Dataset Quality] Introduce Kibana Management Feature (#194825) (#196266) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Dataset Quality] Introduce Kibana Management Feature (#194825)](https://github.com/elastic/kibana/pull/194825) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"mohamedhamed-ahmed","email":"mohamed.ahmed@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T09:40:09Z","message":"[Dataset Quality] Introduce Kibana Management Feature (#194825)\n\ncloses [#3874](https://github.com/elastic/observability-dev/issues/3874)\r\n\r\n\r\n## 📝 Summary\r\n\r\nThis PR adds new kibana privilege feature to control access to `Data Set\r\nQuality` page under Stack Management's `Data` section.\r\n\r\nHad to fix a lot of tests since the `kibana_admin` role gets access by\r\ndefault to all kibana features one of which now is the `Data Set\r\nQuality` page. At the same time this made the `Data` section visible to\r\nany user with `kibana_admin` role.\r\n\r\n## 🎥 Demo\r\n\r\n\r\n\r\nhttps://github.com/user-attachments/assets/ce8c8110-f6f4-44b8-a4e7-5f2dd3deda66\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"b93d3c224aeae33fa59482094c9927f0358c6ec8","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Security","release_note:skip","v9.0.0","Team:ML","Team:EnterpriseSearch","backport:prev-minor","Team:obs-ux-logs"],"title":"[Dataset Quality] Introduce Kibana Management Feature","number":194825,"url":"https://github.com/elastic/kibana/pull/194825","mergeCommit":{"message":"[Dataset Quality] Introduce Kibana Management Feature (#194825)\n\ncloses [#3874](https://github.com/elastic/observability-dev/issues/3874)\r\n\r\n\r\n## 📝 Summary\r\n\r\nThis PR adds new kibana privilege feature to control access to `Data Set\r\nQuality` page under Stack Management's `Data` section.\r\n\r\nHad to fix a lot of tests since the `kibana_admin` role gets access by\r\ndefault to all kibana features one of which now is the `Data Set\r\nQuality` page. At the same time this made the `Data` section visible to\r\nany user with `kibana_admin` role.\r\n\r\n## 🎥 Demo\r\n\r\n\r\n\r\nhttps://github.com/user-attachments/assets/ce8c8110-f6f4-44b8-a4e7-5f2dd3deda66\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"b93d3c224aeae33fa59482094c9927f0358c6ec8"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194825","number":194825,"mergeCommit":{"message":"[Dataset Quality] Introduce Kibana Management Feature (#194825)\n\ncloses [#3874](https://github.com/elastic/observability-dev/issues/3874)\r\n\r\n\r\n## 📝 Summary\r\n\r\nThis PR adds new kibana privilege feature to control access to `Data Set\r\nQuality` page under Stack Management's `Data` section.\r\n\r\nHad to fix a lot of tests since the `kibana_admin` role gets access by\r\ndefault to all kibana features one of which now is the `Data Set\r\nQuality` page. At the same time this made the `Data` section visible to\r\nany user with `kibana_admin` role.\r\n\r\n## 🎥 Demo\r\n\r\n\r\n\r\nhttps://github.com/user-attachments/assets/ce8c8110-f6f4-44b8-a4e7-5f2dd3deda66\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"b93d3c224aeae33fa59482094c9927f0358c6ec8"}}]}] BACKPORT--> Co-authored-by: mohamedhamed-ahmed <mohamed.ahmed@elastic.co>	2024-10-15 06:26:45 -05:00
Kibana Machine	ff7b33c65a	[8.x] [SecuritySolution] Load entity store indices from security solution data view (#195862) (#196209) ... # Backport This will backport the following commits from `main` to `8.x`: - [[SecuritySolution] Load entity store indices from security solution data view (#195862)](https://github.com/elastic/kibana/pull/195862) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Pablo Machado","email":"pablo.nevesmachado@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T20:56:58Z","message":"[SecuritySolution] Load entity store indices from security solution data view (#195862)\n\n## Summary\r\n\r\n* Update the Entity Store to retrieve indices from the security solution\r\ndata view.\r\n* Create a new API that updates all installed entity engine indices\r\n(`api/entity_store/engines/apply_dataview_indices`)\r\n\r\n\r\n### How to test it?\r\n* Install the entity store\r\n* Check if the transform index has the security solutions data view\r\nindices\r\n* Call `apply_dataview_indices` API; it should not return changes\r\n* Update the security solution data view indices\r\n* Call `apply_dataview_indices` API and if the API response contains the\r\nupdated indices\r\n* Check if the transform index also got updated\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"489c0901ffd335879d9652424ab15ef9f39cc4cb","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","v9.0.0","Team: SecuritySolution","backport:prev-minor","Theme: entity_analytics","Feature:Entity Analytics","Team:Entity Analytics"],"title":"[SecuritySolution] Load entity store indices from security solution data view","number":195862,"url":"https://github.com/elastic/kibana/pull/195862","mergeCommit":{"message":"[SecuritySolution] Load entity store indices from security solution data view (#195862)\n\n## Summary\r\n\r\n* Update the Entity Store to retrieve indices from the security solution\r\ndata view.\r\n* Create a new API that updates all installed entity engine indices\r\n(`api/entity_store/engines/apply_dataview_indices`)\r\n\r\n\r\n### How to test it?\r\n* Install the entity store\r\n* Check if the transform index has the security solutions data view\r\nindices\r\n* Call `apply_dataview_indices` API; it should not return changes\r\n* Update the security solution data view indices\r\n* Call `apply_dataview_indices` API and if the API response contains the\r\nupdated indices\r\n* Check if the transform index also got updated\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"489c0901ffd335879d9652424ab15ef9f39cc4cb"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195862","number":195862,"mergeCommit":{"message":"[SecuritySolution] Load entity store indices from security solution data view (#195862)\n\n## Summary\r\n\r\n* Update the Entity Store to retrieve indices from the security solution\r\ndata view.\r\n* Create a new API that updates all installed entity engine indices\r\n(`api/entity_store/engines/apply_dataview_indices`)\r\n\r\n\r\n### How to test it?\r\n* Install the entity store\r\n* Check if the transform index has the security solutions data view\r\nindices\r\n* Call `apply_dataview_indices` API; it should not return changes\r\n* Update the security solution data view indices\r\n* Call `apply_dataview_indices` API and if the API response contains the\r\nupdated indices\r\n* Check if the transform index also got updated\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"489c0901ffd335879d9652424ab15ef9f39cc4cb"}}]}] BACKPORT--> Co-authored-by: Pablo Machado <pablo.nevesmachado@elastic.co>	2024-10-15 06:14:35 -05:00
Kibana Machine	2dcb643610	[8.x] [Lens] Disable config axis side and color picker when groupid is breakdown and collaseFn enable (#195845) (#196247) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Lens] Disable config axis side and color picker when groupid is breakdown and collaseFn enable (#195845)](https://github.com/elastic/kibana/pull/195845) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Linghao Su","email":"linghao.su@daocloud.io"},"sourceCommit":{"committedDate":"2024-10-14T07:54:11Z","message":"[Lens] Disable config axis side and color picker when groupid is breakdown and collaseFn enable (#195845)\n\n## Summary\r\nFixes https://github.com/elastic/kibana/issues/195481\r\n\r\nFor XY charts only, when opening the breakdown dimension editor, we\r\ndisable the color picker and axis side configuration.\r\n\r\n## Before\r\n\r\n\r\n\r\n\r\n## After\r\n\r\n\r\n![image](05ee0e8e-713b-4eb3-a1ef-bf7418226409\r\n\r\n---------\r\n\r\nCo-authored-by: Marta Bondyra <4283304+mbondyra@users.noreply.github.com>\r\nCo-authored-by: Nick Partridge <nicholas.partridge@elastic.co>","sha":"4c4cb1e1678130c300c93e00061f0478047aff28","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Visualizations","Feature:Lens","💝community","v9.0.0","backport:prev-minor","v8.16.0"],"title":"[Lens] Disable config axis side and color picker when groupid is breakdown and collaseFn enable","number":195845,"url":"https://github.com/elastic/kibana/pull/195845","mergeCommit":{"message":"[Lens] Disable config axis side and color picker when groupid is breakdown and collaseFn enable (#195845)\n\n## Summary\r\nFixes https://github.com/elastic/kibana/issues/195481\r\n\r\nFor XY charts only, when opening the breakdown dimension editor, we\r\ndisable the color picker and axis side configuration.\r\n\r\n## Before\r\n\r\n\r\n\r\n\r\n## After\r\n\r\n\r\n![image](05ee0e8e-713b-4eb3-a1ef-bf7418226409\r\n\r\n---------\r\n\r\nCo-authored-by: Marta Bondyra <4283304+mbondyra@users.noreply.github.com>\r\nCo-authored-by: Nick Partridge <nicholas.partridge@elastic.co>","sha":"4c4cb1e1678130c300c93e00061f0478047aff28"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195845","number":195845,"mergeCommit":{"message":"[Lens] Disable config axis side and color picker when groupid is breakdown and collaseFn enable (#195845)\n\n## Summary\r\nFixes https://github.com/elastic/kibana/issues/195481\r\n\r\nFor XY charts only, when opening the breakdown dimension editor, we\r\ndisable the color picker and axis side configuration.\r\n\r\n## Before\r\n\r\n\r\n\r\n\r\n## After\r\n\r\n\r\n![image](05ee0e8e-713b-4eb3-a1ef-bf7418226409\r\n\r\n---------\r\n\r\nCo-authored-by: Marta Bondyra <4283304+mbondyra@users.noreply.github.com>\r\nCo-authored-by: Nick Partridge <nicholas.partridge@elastic.co>","sha":"4c4cb1e1678130c300c93e00061f0478047aff28"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Linghao Su <linghao.su@daocloud.io>	2024-10-15 05:03:48 -05:00
Kibana Machine	bc3620f938	[8.x] [ML] Data visualizer: Add icons for semantic text, sparse vector and dense vector (#196069) (#196238) ... # Backport This will backport the following commits from `main` to `8.x`: - [[ML] Data visualizer: Add icons for semantic text, sparse vector and dense vector (#196069)](https://github.com/elastic/kibana/pull/196069) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Robert Jaszczurek","email":"92210485+rbrtj@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T07:52:06Z","message":"[ML] Data visualizer: Add icons for semantic text, sparse vector and dense vector (#196069)\n\n## Summary\r\n\r\nAdded support for `semantic_text`, `sparse_vector` and `dense_vector` in\r\nthe Data visualizer and Field Statistics.\r\nFor [#192161](https://github.com/elastic/kibana/issues/192161)\r\n\r\n\r\n| Before | After |\r\n| ------------- | ------------- |\r\n|\r\n\r\n|","sha":"ac5b14b1254219f79dddd5da0ab9c1ff8d1ea0c1","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement",":ml","Feature:File and Index Data Viz","v9.0.0","Team:ML","v8.16.0","backport:version"],"title":"[ML] Data visualizer: Add icons for semantic text, sparse vector and dense vector","number":196069,"url":"https://github.com/elastic/kibana/pull/196069","mergeCommit":{"message":"[ML] Data visualizer: Add icons for semantic text, sparse vector and dense vector (#196069)\n\n## Summary\r\n\r\nAdded support for `semantic_text`, `sparse_vector` and `dense_vector` in\r\nthe Data visualizer and Field Statistics.\r\nFor [#192161](https://github.com/elastic/kibana/issues/192161)\r\n\r\n\r\n| Before | After |\r\n| ------------- | ------------- |\r\n|\r\n\r\n|","sha":"ac5b14b1254219f79dddd5da0ab9c1ff8d1ea0c1"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196069","number":196069,"mergeCommit":{"message":"[ML] Data visualizer: Add icons for semantic text, sparse vector and dense vector (#196069)\n\n## Summary\r\n\r\nAdded support for `semantic_text`, `sparse_vector` and `dense_vector` in\r\nthe Data visualizer and Field Statistics.\r\nFor [#192161](https://github.com/elastic/kibana/issues/192161)\r\n\r\n\r\n| Before | After |\r\n| ------------- | ------------- |\r\n|\r\n\r\n|","sha":"ac5b14b1254219f79dddd5da0ab9c1ff8d1ea0c1"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Robert Jaszczurek <92210485+rbrtj@users.noreply.github.com>	2024-10-15 04:47:55 -05:00
Kibana Machine	7245dc57f4	[8.x] [Lens] escape backslash characters in the formula input (#196171) (#196237) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Lens] escape backslash characters in the formula input (#196171)](https://github.com/elastic/kibana/pull/196171) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Marta Bondyra","email":"4283304+mbondyra@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T07:46:56Z","message":"[Lens] escape backslash characters in the formula input (#196171)\n\n## Summary\r\n\r\nEnsures that backslashes are properly escaped in addition to single\r\nquotes in formula","sha":"e0251df6bd944fc53c58b9ee73c0b5d2eb892197","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Visualizations","release_note:skip","Feature:Lens","v9.0.0","backport:prev-minor"],"title":"[Lens] escape backslash characters in the formula input","number":196171,"url":"https://github.com/elastic/kibana/pull/196171","mergeCommit":{"message":"[Lens] escape backslash characters in the formula input (#196171)\n\n## Summary\r\n\r\nEnsures that backslashes are properly escaped in addition to single\r\nquotes in formula","sha":"e0251df6bd944fc53c58b9ee73c0b5d2eb892197"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196171","number":196171,"mergeCommit":{"message":"[Lens] escape backslash characters in the formula input (#196171)\n\n## Summary\r\n\r\nEnsures that backslashes are properly escaped in addition to single\r\nquotes in formula","sha":"e0251df6bd944fc53c58b9ee73c0b5d2eb892197"}}]}] BACKPORT--> Co-authored-by: Marta Bondyra <4283304+mbondyra@users.noreply.github.com>	2024-10-15 04:34:51 -05:00
Kibana Machine	d7ee2da34b	[8.x] [Observability Onboarding] Update onboarding landing page (#194565) (#195329) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Observability Onboarding] Update onboarding landing page (#194565)](https://github.com/elastic/kibana/pull/194565) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Thom Heymann","email":"190132+thomheymann@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-07T22:31:52Z","message":"[Observability Onboarding] Update onboarding landing page (#194565)\n\nResolves https://github.com/elastic/observability-dev/issues/3775\r\nResolves https://github.com/elastic/kibana/issues/192949\r\n\r\n## Summary\r\n\r\nUpdates the \"add data\" page according to new design\r\n\r\n<img width=\"1448\" alt=\"Screenshot 2024-10-01 at 12 36 15\"\r\nsrc=\"https://github.com/user-attachments/assets/1301a487-d3b9-4d6f-ad5d-f88d2cfc029d\">\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"28d6a22263ea1f60d9b17aacde7fa3517efd244e","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","ci:project-deploy-observability"],"title":"[Observability Onboarding] Update onboarding landing page","number":194565,"url":"https://github.com/elastic/kibana/pull/194565","mergeCommit":{"message":"[Observability Onboarding] Update onboarding landing page (#194565)\n\nResolves https://github.com/elastic/observability-dev/issues/3775\r\nResolves https://github.com/elastic/kibana/issues/192949\r\n\r\n## Summary\r\n\r\nUpdates the \"add data\" page according to new design\r\n\r\n<img width=\"1448\" alt=\"Screenshot 2024-10-01 at 12 36 15\"\r\nsrc=\"https://github.com/user-attachments/assets/1301a487-d3b9-4d6f-ad5d-f88d2cfc029d\">\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"28d6a22263ea1f60d9b17aacde7fa3517efd244e"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194565","number":194565,"mergeCommit":{"message":"[Observability Onboarding] Update onboarding landing page (#194565)\n\nResolves https://github.com/elastic/observability-dev/issues/3775\r\nResolves https://github.com/elastic/kibana/issues/192949\r\n\r\n## Summary\r\n\r\nUpdates the \"add data\" page according to new design\r\n\r\n<img width=\"1448\" alt=\"Screenshot 2024-10-01 at 12 36 15\"\r\nsrc=\"https://github.com/user-attachments/assets/1301a487-d3b9-4d6f-ad5d-f88d2cfc029d\">\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"28d6a22263ea1f60d9b17aacde7fa3517efd244e"}}]}] BACKPORT--> Co-authored-by: Thom Heymann <190132+thomheymann@users.noreply.github.com>	2024-10-15 04:32:49 -05:00
Kibana Machine	5a67e4d2e1	[8.x] Update dependency @types/lodash to ^4.17.10 (main) (#194739) (#196234) ... # Backport This will backport the following commits from `main` to `8.x`: - [Update dependency @types/lodash to ^4.17.10 (main) (#194739)](https://github.com/elastic/kibana/pull/194739) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"elastic-renovate-prod[bot]","email":"174716857+elastic-renovate-prod[bot]@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T06:21:03Z","message":"Update dependency @types/lodash to ^4.17.10 (main) (#194739)","sha":"563910b672b6dbe4f9e7931e36ec41e674fe8eb3","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Core","Feature:ExpressionLanguage","release_note:skip","💝community","v9.0.0","backport:prev-minor","ci:project-deploy-observability","Team:obs-ux-infra_services","Team:obs-ux-management"],"title":"Update dependency @types/lodash to ^4.17.10 (main)","number":194739,"url":"https://github.com/elastic/kibana/pull/194739","mergeCommit":{"message":"Update dependency @types/lodash to ^4.17.10 (main) (#194739)","sha":"563910b672b6dbe4f9e7931e36ec41e674fe8eb3"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194739","number":194739,"mergeCommit":{"message":"Update dependency @types/lodash to ^4.17.10 (main) (#194739)","sha":"563910b672b6dbe4f9e7931e36ec41e674fe8eb3"}}]}] BACKPORT--> Co-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com>	2024-10-15 04:11:15 -05:00
Aleh Zasypkin	d63d72664d	[8.x] feat: allow plugins to deprecate and replace features and feature privileges (#186800) (#196204) ... # Backport This will backport the following commits from `main` to `8.x`: - [feat: allow plugins to deprecate and replace features and feature privileges (#186800)](https://github.com/elastic/kibana/pull/186800) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Aleh Zasypkin","email":"aleh.zasypkin@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T19:40:59Z","message":"feat: allow plugins to deprecate and replace features and feature privileges (#186800)\n\n## Summary\r\n\r\nThis change is the implementation of the `Kibana Privilege Migrations`\r\nproposal/RFC and provides a framework that allows developers to replace\r\nan existing feature with a new one that has the desired configuration\r\nwhile teaching the platform how the privileges of the deprecated feature\r\ncan be represented by non-deprecated ones. This approach avoids\r\nintroducing breaking changes for users who still rely on the deprecated\r\nprivileges in their existing roles and any automation.\r\n\r\nAmong the use cases the framework is supposed to handle, the most common\r\nare the following:\r\n\r\n* Changing a feature ID from `Alpha` to `Beta`\r\n* Splitting a feature `Alpha` into two features, `Beta` and `Gamma`\r\n* Moving a capability between privileges within a feature (top-level or\r\nsub-feature)\r\n* Consolidating capabilities across independent features\r\n\r\n## Scope\r\n\r\nThis PR includes only the core functionality proposed in the RFC and\r\nmost of the necessary guardrails (tests, early validations, etc.) to\r\nhelp engineers start planning and implementing their migrations as soon\r\nas possible. The following functionality will be added in follow-ups or\r\nonce we collect enough feedback:\r\n\r\n* Telemetry\r\n* Developer documentation\r\n* UI enhancements (highlighting roles with deprecated privileges and\r\nmanual migration actions)\r\n\r\n## Framework\r\n\r\nThe steps below use a scenario where a feature `Alpha` should be split\r\ninto two other features `Beta` and `Gamma` as an example.\r\n\r\n### Step 1: Create new features with the desired privileges\r\n\r\nFirst of all, define new feature or features with the desired\r\nconfiguration as you'd do before. There are no constraints here.\r\n\r\n<details>\r\n\r\n<summary>Click to see the code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n id: 'feature_beta',\r\n name: 'Feature Beta',\r\n privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1'], read: [] },\r\n ui: ['ui_all'],\r\n api: ['api_all'],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_1'] },\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n\r\ndeps.features.registerKibanaFeature({\r\n id: 'feature_gamma',\r\n name: 'Feature Gamma',\r\n privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n // Note that Feature Gamma, unlike Features Alpha and Beta doesn't provide any API access tags\r\n … omitted for brevity …\r\n },\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_2'] },\r\n ui: ['ui_read'],\r\n // Note that Feature Gamma, unlike Features Alpha and Beta doesn't provide any API access tags\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n```\r\n\r\n</details>\r\n\r\n### Step 2: Mark existing feature as deprecated\r\n\r\nOnce a feature is marked as deprecated, it should essentially be treated\r\nas frozen for backward compatibility reasons. Deprecated features will\r\nno longer be available through the Kibana role management UI and will be\r\nreplaced with non-deprecated privileges.\r\n\r\nDeprecated privileges will still be accepted if the role is created or\r\nupdated via the Kibana role management APIs to avoid disrupting existing\r\nuser automation.\r\n\r\nTo avoid breaking existing roles that reference privileges provided by\r\nthe deprecated features, Kibana will continue registering these\r\nprivileges as Elasticsearch application privileges.\r\n\r\n<details>\r\n\r\n<summary>Click to see the code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n // This is a new `KibanaFeature` property available during feature registration.\r\n deprecated: {\r\n // User-facing justification for privilege deprecation that we can display\r\n // to the user when we ask them to perform role migration.\r\n notice: i18n.translate('xpack.security...', {\r\n defaultMessage: \"Feature Alpha is deprecated, refer to {link}...\",\r\n values: { link: docLinks.links.security.deprecatedFeatureAlpha },\r\n })\r\n },\r\n // Feature id should stay unchanged, and it's not possible to reuse it.\r\n id: 'feature_alpha',\r\n name: 'Feature Alpha (DEPRECATED)',\r\n privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1', 'saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n api: ['api_all'],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_1', 'saved_object_2'] },\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n```\r\n</details>\r\n\r\n### Step 3: Map deprecated feature’s privileges to the privileges of the\r\nnon-deprecated features\r\n\r\nThe important requirement for a successful migration from a deprecated\r\nfeature to a new feature or features is that it should be possible to\r\nexpress **any combination** of the deprecated feature and sub-feature\r\nprivileges with the feature or sub-feature privileges of non-deprecated\r\nfeatures. This way, while editing a role with deprecated feature\r\nprivileges in the UI, the admin will be interacting with new privileges\r\nas if they were creating a new role from scratch, maintaining\r\nconsistency.\r\n\r\nThe relationship between the privileges of the deprecated feature and\r\nthe privileges of the features that are supposed to replace them is\r\nexpressed with a new `replacedBy` property available on the privileges\r\nof the deprecated feature.\r\n\r\n<details>\r\n\r\n<summary>Click to see the code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n // This is a new `KibanaFeature` property available during feature registration.\r\n deprecated: {\r\n // User-facing justification for privilege deprecation that we can display\r\n // to the user when we ask them to perform role migration.\r\n notice: i18n.translate('xpack.security...', {\r\n defaultMessage: \"Feature Alpha is deprecated, refer to {link}...\",\r\n values: { link: docLinks.links.security.deprecatedFeatureAlpha },\r\n })\r\n },\r\n // Feature id should stay unchanged, and it's not possible to reuse it.\r\n id: 'feature_alpha',\r\n name: 'Feature Alpha (DEPRECATED)',\r\n privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1', 'saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n api: ['api_all'],\r\n replacedBy: [\r\n { feature: 'feature_beta', privileges: ['all'] },\r\n { feature: 'feature_gamma', privileges: ['all'] },\r\n ],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_1', 'saved_object_2'] },\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n replacedBy: [\r\n { feature: 'feature_beta', privileges: ['read'] },\r\n { feature: 'feature_gamma', privileges: ['read'] },\r\n\t],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n```\r\n\r\n</details>\r\n\r\n### Step 4: Adjust the code to rely only on new, non-deprecated features\r\n\r\nSpecial care should be taken if the replacement privileges cannot reuse\r\nthe API access tags from the deprecated privileges and introduce new\r\ntags that will be applied to the same API endpoints. In this case,\r\ndevelopers should replace the API access tags of the deprecated\r\nprivileges with the corresponding tags provided by the replacement\r\nprivileges. This is necessary because API endpoints can only be accessed\r\nif the user privileges cover all the tags listed in the API endpoint\r\ndefinition, and without these changes, existing roles referencing\r\ndeprecated privileges won’t be able to access those endpoints.\r\n\r\nThe UI capabilities are handled slightly differently because they are\r\nalways prefixed with the feature ID. When migrating to new features with\r\nnew IDs, the code that interacts with UI capabilities will be updated to\r\nuse these new feature IDs.\r\n\r\n<details>\r\n\r\n<summary>Click to see the code</summary>\r\n\r\n```ts\r\n// BEFORE deprecation/migration\r\n// 1. Feature Alpha defition (not deprecated yet)\r\ndeps.features.registerKibanaFeature({\r\n id: 'feature_alpha',\r\n privileges: {\r\n all: {\r\n api: ['api_all'],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n\r\n// 2. Route protected by `all` privilege of the Feature Alpha\r\nrouter.post(\r\n { path: '/api/domain/my_api', options: { tags: ['access:api_all'] } },\r\n async (_context, request, response) => {}\r\n);\r\n\r\n// AFTER deprecation/migration\r\n// 1. Feature Alpha defition (deprecated, with updated API tags)\r\ndeps.features.registerKibanaFeature({\r\n deprecated: …,\r\n id: 'feature_alpha',\r\n privileges: {\r\n all: {\r\n api: ['api_all_v2'],\r\n replacedBy: [\r\n { feature: 'feature_beta', privileges: ['all'] },\r\n ],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n\r\n// 2. Feature Beta defition (new)\r\ndeps.features.registerKibanaFeature({\r\n id: 'feature_beta',\r\n privileges: {\r\n all: {\r\n api: ['api_all_v2'],\r\n … omitted for brevity …\r\n }\r\n },\r\n … omitted for brevity …\r\n});\r\n\r\n// 3. Route protected by `all` privilege of the Feature Alpha OR Feature Beta\r\nrouter.post(\r\n { path: '/api/domain/my_api', options: { tags: ['access:api_all_v2'] } },\r\n async (_context, request, response) => {}\r\n);\r\n\r\n----\r\n\r\n// ❌ Old client-side code (supports only deprecated privileges)\r\nif (capabilities.feature_alpha.ui_all) {\r\n … omitted for brevity …\r\n}\r\n\r\n// ✅ New client-side code (will work for **both** new and deprecated privileges)\r\nif (capabilities.feature_beta.ui_all) {\r\n … omitted for brevity …\r\n}\r\n```\r\n</details>\r\n\r\n## How to test\r\n\r\nThe code introduces a set of API integration tests that are designed to\r\nvalidate whether the privilege mapping between deprecated and\r\nreplacement privileges maintains backward compatibility.\r\n\r\nYou can run the test server with the following config to register a\r\nnumber of [example deprecated\r\nfeatures](https://github.com/elastic/kibana/pull/186800/files#diff-d887981d43bbe30cda039340b906b0fa7649ba80230be4de8eda326036f10f6fR20-R49)(`x-pack/test/security_api_integration/plugins/features_provider/server/index.ts`)\r\nand the features that replace them, to see the framework in action:\r\n\r\n```bash\r\nnode scripts/functional_tests_server.js --config x-pack/test/security_api_integration/features.config.ts\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"cb2112cae51d5f69b9e47ebfde66cfacb2a6719b","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Security","release_note:skip","Feature:Security/Authorization","v9.0.0","backport:prev-minor","v8.16.0"],"number":186800,"url":"https://github.com/elastic/kibana/pull/186800","mergeCommit":{"message":"feat: allow plugins to deprecate and replace features and feature privileges (#186800)\n\n## Summary\r\n\r\nThis change is the implementation of the `Kibana Privilege Migrations`\r\nproposal/RFC and provides a framework that allows developers to replace\r\nan existing feature with a new one that has the desired configuration\r\nwhile teaching the platform how the privileges of the deprecated feature\r\ncan be represented by non-deprecated ones. This approach avoids\r\nintroducing breaking changes for users who still rely on the deprecated\r\nprivileges in their existing roles and any automation.\r\n\r\nAmong the use cases the framework is supposed to handle, the most common\r\nare the following:\r\n\r\n* Changing a feature ID from `Alpha` to `Beta`\r\n* Splitting a feature `Alpha` into two features, `Beta` and `Gamma`\r\n* Moving a capability between privileges within a feature (top-level or\r\nsub-feature)\r\n* Consolidating capabilities across independent features\r\n\r\n## Scope\r\n\r\nThis PR includes only the core functionality proposed in the RFC and\r\nmost of the necessary guardrails (tests, early validations, etc.) to\r\nhelp engineers start planning and implementing their migrations as soon\r\nas possible. The following functionality will be added in follow-ups or\r\nonce we collect enough feedback:\r\n\r\n* Telemetry\r\n* Developer documentation\r\n* UI enhancements (highlighting roles with deprecated privileges and\r\nmanual migration actions)\r\n\r\n## Framework\r\n\r\nThe steps below use a scenario where a feature `Alpha` should be split\r\ninto two other features `Beta` and `Gamma` as an example.\r\n\r\n### Step 1: Create new features with the desired privileges\r\n\r\nFirst of all, define new feature or features with the desired\r\nconfiguration as you'd do before. There are no constraints here.\r\n\r\n<details>\r\n\r\n<summary>Click to see the code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n id: 'feature_beta',\r\n name: 'Feature Beta',\r\n privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1'], read: [] },\r\n ui: ['ui_all'],\r\n api: ['api_all'],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_1'] },\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n\r\ndeps.features.registerKibanaFeature({\r\n id: 'feature_gamma',\r\n name: 'Feature Gamma',\r\n privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n // Note that Feature Gamma, unlike Features Alpha and Beta doesn't provide any API access tags\r\n … omitted for brevity …\r\n },\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_2'] },\r\n ui: ['ui_read'],\r\n // Note that Feature Gamma, unlike Features Alpha and Beta doesn't provide any API access tags\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n```\r\n\r\n</details>\r\n\r\n### Step 2: Mark existing feature as deprecated\r\n\r\nOnce a feature is marked as deprecated, it should essentially be treated\r\nas frozen for backward compatibility reasons. Deprecated features will\r\nno longer be available through the Kibana role management UI and will be\r\nreplaced with non-deprecated privileges.\r\n\r\nDeprecated privileges will still be accepted if the role is created or\r\nupdated via the Kibana role management APIs to avoid disrupting existing\r\nuser automation.\r\n\r\nTo avoid breaking existing roles that reference privileges provided by\r\nthe deprecated features, Kibana will continue registering these\r\nprivileges as Elasticsearch application privileges.\r\n\r\n<details>\r\n\r\n<summary>Click to see the code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n // This is a new `KibanaFeature` property available during feature registration.\r\n deprecated: {\r\n // User-facing justification for privilege deprecation that we can display\r\n // to the user when we ask them to perform role migration.\r\n notice: i18n.translate('xpack.security...', {\r\n defaultMessage: \"Feature Alpha is deprecated, refer to {link}...\",\r\n values: { link: docLinks.links.security.deprecatedFeatureAlpha },\r\n })\r\n },\r\n // Feature id should stay unchanged, and it's not possible to reuse it.\r\n id: 'feature_alpha',\r\n name: 'Feature Alpha (DEPRECATED)',\r\n privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1', 'saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n api: ['api_all'],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_1', 'saved_object_2'] },\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n```\r\n</details>\r\n\r\n### Step 3: Map deprecated feature’s privileges to the privileges of the\r\nnon-deprecated features\r\n\r\nThe important requirement for a successful migration from a deprecated\r\nfeature to a new feature or features is that it should be possible to\r\nexpress **any combination** of the deprecated feature and sub-feature\r\nprivileges with the feature or sub-feature privileges of non-deprecated\r\nfeatures. This way, while editing a role with deprecated feature\r\nprivileges in the UI, the admin will be interacting with new privileges\r\nas if they were creating a new role from scratch, maintaining\r\nconsistency.\r\n\r\nThe relationship between the privileges of the deprecated feature and\r\nthe privileges of the features that are supposed to replace them is\r\nexpressed with a new `replacedBy` property available on the privileges\r\nof the deprecated feature.\r\n\r\n<details>\r\n\r\n<summary>Click to see the code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n // This is a new `KibanaFeature` property available during feature registration.\r\n deprecated: {\r\n // User-facing justification for privilege deprecation that we can display\r\n // to the user when we ask them to perform role migration.\r\n notice: i18n.translate('xpack.security...', {\r\n defaultMessage: \"Feature Alpha is deprecated, refer to {link}...\",\r\n values: { link: docLinks.links.security.deprecatedFeatureAlpha },\r\n })\r\n },\r\n // Feature id should stay unchanged, and it's not possible to reuse it.\r\n id: 'feature_alpha',\r\n name: 'Feature Alpha (DEPRECATED)',\r\n privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1', 'saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n api: ['api_all'],\r\n replacedBy: [\r\n { feature: 'feature_beta', privileges: ['all'] },\r\n { feature: 'feature_gamma', privileges: ['all'] },\r\n ],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_1', 'saved_object_2'] },\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n replacedBy: [\r\n { feature: 'feature_beta', privileges: ['read'] },\r\n { feature: 'feature_gamma', privileges: ['read'] },\r\n\t],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n```\r\n\r\n</details>\r\n\r\n### Step 4: Adjust the code to rely only on new, non-deprecated features\r\n\r\nSpecial care should be taken if the replacement privileges cannot reuse\r\nthe API access tags from the deprecated privileges and introduce new\r\ntags that will be applied to the same API endpoints. In this case,\r\ndevelopers should replace the API access tags of the deprecated\r\nprivileges with the corresponding tags provided by the replacement\r\nprivileges. This is necessary because API endpoints can only be accessed\r\nif the user privileges cover all the tags listed in the API endpoint\r\ndefinition, and without these changes, existing roles referencing\r\ndeprecated privileges won’t be able to access those endpoints.\r\n\r\nThe UI capabilities are handled slightly differently because they are\r\nalways prefixed with the feature ID. When migrating to new features with\r\nnew IDs, the code that interacts with UI capabilities will be updated to\r\nuse these new feature IDs.\r\n\r\n<details>\r\n\r\n<summary>Click to see the code</summary>\r\n\r\n```ts\r\n// BEFORE deprecation/migration\r\n// 1. Feature Alpha defition (not deprecated yet)\r\ndeps.features.registerKibanaFeature({\r\n id: 'feature_alpha',\r\n privileges: {\r\n all: {\r\n api: ['api_all'],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n\r\n// 2. Route protected by `all` privilege of the Feature Alpha\r\nrouter.post(\r\n { path: '/api/domain/my_api', options: { tags: ['access:api_all'] } },\r\n async (_context, request, response) => {}\r\n);\r\n\r\n// AFTER deprecation/migration\r\n// 1. Feature Alpha defition (deprecated, with updated API tags)\r\ndeps.features.registerKibanaFeature({\r\n deprecated: …,\r\n id: 'feature_alpha',\r\n privileges: {\r\n all: {\r\n api: ['api_all_v2'],\r\n replacedBy: [\r\n { feature: 'feature_beta', privileges: ['all'] },\r\n ],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n\r\n// 2. Feature Beta defition (new)\r\ndeps.features.registerKibanaFeature({\r\n id: 'feature_beta',\r\n privileges: {\r\n all: {\r\n api: ['api_all_v2'],\r\n … omitted for brevity …\r\n }\r\n },\r\n … omitted for brevity …\r\n});\r\n\r\n// 3. Route protected by `all` privilege of the Feature Alpha OR Feature Beta\r\nrouter.post(\r\n { path: '/api/domain/my_api', options: { tags: ['access:api_all_v2'] } },\r\n async (_context, request, response) => {}\r\n);\r\n\r\n----\r\n\r\n// ❌ Old client-side code (supports only deprecated privileges)\r\nif (capabilities.feature_alpha.ui_all) {\r\n … omitted for brevity …\r\n}\r\n\r\n// ✅ New client-side code (will work for **both** new and deprecated privileges)\r\nif (capabilities.feature_beta.ui_all) {\r\n … omitted for brevity …\r\n}\r\n```\r\n</details>\r\n\r\n## How to test\r\n\r\nThe code introduces a set of API integration tests that are designed to\r\nvalidate whether the privilege mapping between deprecated and\r\nreplacement privileges maintains backward compatibility.\r\n\r\nYou can run the test server with the following config to register a\r\nnumber of [example deprecated\r\nfeatures](https://github.com/elastic/kibana/pull/186800/files#diff-d887981d43bbe30cda039340b906b0fa7649ba80230be4de8eda326036f10f6fR20-R49)(`x-pack/test/security_api_integration/plugins/features_provider/server/index.ts`)\r\nand the features that replace them, to see the framework in action:\r\n\r\n```bash\r\nnode scripts/functional_tests_server.js --config x-pack/test/security_api_integration/features.config.ts\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"cb2112cae51d5f69b9e47ebfde66cfacb2a6719b"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/186800","number":186800,"mergeCommit":{"message":"feat: allow plugins to deprecate and replace features and feature privileges (#186800)\n\n## Summary\r\n\r\nThis change is the implementation of the `Kibana Privilege Migrations`\r\nproposal/RFC and provides a framework that allows developers to replace\r\nan existing feature with a new one that has the desired configuration\r\nwhile teaching the platform how the privileges of the deprecated feature\r\ncan be represented by non-deprecated ones. This approach avoids\r\nintroducing breaking changes for users who still rely on the deprecated\r\nprivileges in their existing roles and any automation.\r\n\r\nAmong the use cases the framework is supposed to handle, the most common\r\nare the following:\r\n\r\n* Changing a feature ID from `Alpha` to `Beta`\r\n* Splitting a feature `Alpha` into two features, `Beta` and `Gamma`\r\n* Moving a capability between privileges within a feature (top-level or\r\nsub-feature)\r\n* Consolidating capabilities across independent features\r\n\r\n## Scope\r\n\r\nThis PR includes only the core functionality proposed in the RFC and\r\nmost of the necessary guardrails (tests, early validations, etc.) to\r\nhelp engineers start planning and implementing their migrations as soon\r\nas possible. The following functionality will be added in follow-ups or\r\nonce we collect enough feedback:\r\n\r\n* Telemetry\r\n* Developer documentation\r\n* UI enhancements (highlighting roles with deprecated privileges and\r\nmanual migration actions)\r\n\r\n## Framework\r\n\r\nThe steps below use a scenario where a feature `Alpha` should be split\r\ninto two other features `Beta` and `Gamma` as an example.\r\n\r\n### Step 1: Create new features with the desired privileges\r\n\r\nFirst of all, define new feature or features with the desired\r\nconfiguration as you'd do before. There are no constraints here.\r\n\r\n<details>\r\n\r\n<summary>Click to see the code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n id: 'feature_beta',\r\n name: 'Feature Beta',\r\n privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1'], read: [] },\r\n ui: ['ui_all'],\r\n api: ['api_all'],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_1'] },\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n\r\ndeps.features.registerKibanaFeature({\r\n id: 'feature_gamma',\r\n name: 'Feature Gamma',\r\n privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n // Note that Feature Gamma, unlike Features Alpha and Beta doesn't provide any API access tags\r\n … omitted for brevity …\r\n },\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_2'] },\r\n ui: ['ui_read'],\r\n // Note that Feature Gamma, unlike Features Alpha and Beta doesn't provide any API access tags\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n```\r\n\r\n</details>\r\n\r\n### Step 2: Mark existing feature as deprecated\r\n\r\nOnce a feature is marked as deprecated, it should essentially be treated\r\nas frozen for backward compatibility reasons. Deprecated features will\r\nno longer be available through the Kibana role management UI and will be\r\nreplaced with non-deprecated privileges.\r\n\r\nDeprecated privileges will still be accepted if the role is created or\r\nupdated via the Kibana role management APIs to avoid disrupting existing\r\nuser automation.\r\n\r\nTo avoid breaking existing roles that reference privileges provided by\r\nthe deprecated features, Kibana will continue registering these\r\nprivileges as Elasticsearch application privileges.\r\n\r\n<details>\r\n\r\n<summary>Click to see the code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n // This is a new `KibanaFeature` property available during feature registration.\r\n deprecated: {\r\n // User-facing justification for privilege deprecation that we can display\r\n // to the user when we ask them to perform role migration.\r\n notice: i18n.translate('xpack.security...', {\r\n defaultMessage: \"Feature Alpha is deprecated, refer to {link}...\",\r\n values: { link: docLinks.links.security.deprecatedFeatureAlpha },\r\n })\r\n },\r\n // Feature id should stay unchanged, and it's not possible to reuse it.\r\n id: 'feature_alpha',\r\n name: 'Feature Alpha (DEPRECATED)',\r\n privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1', 'saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n api: ['api_all'],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_1', 'saved_object_2'] },\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n```\r\n</details>\r\n\r\n### Step 3: Map deprecated feature’s privileges to the privileges of the\r\nnon-deprecated features\r\n\r\nThe important requirement for a successful migration from a deprecated\r\nfeature to a new feature or features is that it should be possible to\r\nexpress **any combination** of the deprecated feature and sub-feature\r\nprivileges with the feature or sub-feature privileges of non-deprecated\r\nfeatures. This way, while editing a role with deprecated feature\r\nprivileges in the UI, the admin will be interacting with new privileges\r\nas if they were creating a new role from scratch, maintaining\r\nconsistency.\r\n\r\nThe relationship between the privileges of the deprecated feature and\r\nthe privileges of the features that are supposed to replace them is\r\nexpressed with a new `replacedBy` property available on the privileges\r\nof the deprecated feature.\r\n\r\n<details>\r\n\r\n<summary>Click to see the code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n // This is a new `KibanaFeature` property available during feature registration.\r\n deprecated: {\r\n // User-facing justification for privilege deprecation that we can display\r\n // to the user when we ask them to perform role migration.\r\n notice: i18n.translate('xpack.security...', {\r\n defaultMessage: \"Feature Alpha is deprecated, refer to {link}...\",\r\n values: { link: docLinks.links.security.deprecatedFeatureAlpha },\r\n })\r\n },\r\n // Feature id should stay unchanged, and it's not possible to reuse it.\r\n id: 'feature_alpha',\r\n name: 'Feature Alpha (DEPRECATED)',\r\n privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1', 'saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n api: ['api_all'],\r\n replacedBy: [\r\n { feature: 'feature_beta', privileges: ['all'] },\r\n { feature: 'feature_gamma', privileges: ['all'] },\r\n ],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_1', 'saved_object_2'] },\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n replacedBy: [\r\n { feature: 'feature_beta', privileges: ['read'] },\r\n { feature: 'feature_gamma', privileges: ['read'] },\r\n\t],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n```\r\n\r\n</details>\r\n\r\n### Step 4: Adjust the code to rely only on new, non-deprecated features\r\n\r\nSpecial care should be taken if the replacement privileges cannot reuse\r\nthe API access tags from the deprecated privileges and introduce new\r\ntags that will be applied to the same API endpoints. In this case,\r\ndevelopers should replace the API access tags of the deprecated\r\nprivileges with the corresponding tags provided by the replacement\r\nprivileges. This is necessary because API endpoints can only be accessed\r\nif the user privileges cover all the tags listed in the API endpoint\r\ndefinition, and without these changes, existing roles referencing\r\ndeprecated privileges won’t be able to access those endpoints.\r\n\r\nThe UI capabilities are handled slightly differently because they are\r\nalways prefixed with the feature ID. When migrating to new features with\r\nnew IDs, the code that interacts with UI capabilities will be updated to\r\nuse these new feature IDs.\r\n\r\n<details>\r\n\r\n<summary>Click to see the code</summary>\r\n\r\n```ts\r\n// BEFORE deprecation/migration\r\n// 1. Feature Alpha defition (not deprecated yet)\r\ndeps.features.registerKibanaFeature({\r\n id: 'feature_alpha',\r\n privileges: {\r\n all: {\r\n api: ['api_all'],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n\r\n// 2. Route protected by `all` privilege of the Feature Alpha\r\nrouter.post(\r\n { path: '/api/domain/my_api', options: { tags: ['access:api_all'] } },\r\n async (_context, request, response) => {}\r\n);\r\n\r\n// AFTER deprecation/migration\r\n// 1. Feature Alpha defition (deprecated, with updated API tags)\r\ndeps.features.registerKibanaFeature({\r\n deprecated: …,\r\n id: 'feature_alpha',\r\n privileges: {\r\n all: {\r\n api: ['api_all_v2'],\r\n replacedBy: [\r\n { feature: 'feature_beta', privileges: ['all'] },\r\n ],\r\n … omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity …\r\n});\r\n\r\n// 2. Feature Beta defition (new)\r\ndeps.features.registerKibanaFeature({\r\n id: 'feature_beta',\r\n privileges: {\r\n all: {\r\n api: ['api_all_v2'],\r\n … omitted for brevity …\r\n }\r\n },\r\n … omitted for brevity …\r\n});\r\n\r\n// 3. Route protected by `all` privilege of the Feature Alpha OR Feature Beta\r\nrouter.post(\r\n { path: '/api/domain/my_api', options: { tags: ['access:api_all_v2'] } },\r\n async (_context, request, response) => {}\r\n);\r\n\r\n----\r\n\r\n// ❌ Old client-side code (supports only deprecated privileges)\r\nif (capabilities.feature_alpha.ui_all) {\r\n … omitted for brevity …\r\n}\r\n\r\n// ✅ New client-side code (will work for **both** new and deprecated privileges)\r\nif (capabilities.feature_beta.ui_all) {\r\n … omitted for brevity …\r\n}\r\n```\r\n</details>\r\n\r\n## How to test\r\n\r\nThe code introduces a set of API integration tests that are designed to\r\nvalidate whether the privilege mapping between deprecated and\r\nreplacement privileges maintains backward compatibility.\r\n\r\nYou can run the test server with the following config to register a\r\nnumber of [example deprecated\r\nfeatures](https://github.com/elastic/kibana/pull/186800/files#diff-d887981d43bbe30cda039340b906b0fa7649ba80230be4de8eda326036f10f6fR20-R49)(`x-pack/test/security_api_integration/plugins/features_provider/server/index.ts`)\r\nand the features that replace them, to see the framework in action:\r\n\r\n```bash\r\nnode scripts/functional_tests_server.js --config x-pack/test/security_api_integration/features.config.ts\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"cb2112cae51d5f69b9e47ebfde66cfacb2a6719b"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->	2024-10-15 10:12:15 +02:00
Kibana Machine	65cff56aa4	[8.x] [Security Assistant] Fix error handling on new chat (#195507) (#196215) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Security Assistant] Fix error handling on new chat (#195507)](https://github.com/elastic/kibana/pull/195507) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Steph Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T22:10:43Z","message":"[Security Assistant] Fix error handling on new chat (#195507)","sha":"a15940d9b939dbf29f74dbde28a2a543b8849cc1","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team: SecuritySolution","backport:prev-minor","Team:Security Generative AI","v8.16.0"],"title":"[Security Assistant] Fix error handling on new chat","number":195507,"url":"https://github.com/elastic/kibana/pull/195507","mergeCommit":{"message":"[Security Assistant] Fix error handling on new chat (#195507)","sha":"a15940d9b939dbf29f74dbde28a2a543b8849cc1"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195507","number":195507,"mergeCommit":{"message":"[Security Assistant] Fix error handling on new chat (#195507)","sha":"a15940d9b939dbf29f74dbde28a2a543b8849cc1"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>	2024-10-14 18:54:33 -05:00
Kibana Machine	db28b89f61	[8.x] [SecuritySolution][Notes] - make sure that timeline is saved before allowing users to save notes (#195842) (#196212) ... # Backport This will backport the following commits from `main` to `8.x`: - [[SecuritySolution][Notes] - make sure that timeline is saved before allowing users to save notes (#195842)](https://github.com/elastic/kibana/pull/195842) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Philippe Oberti","email":"philippe.oberti@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T21:31:32Z","message":"[SecuritySolution][Notes] - make sure that timeline is saved before allowing users to save notes (#195842)","sha":"f7b808c543614d890ad2fd2477fd909f63a36c71","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["backport","release_note:skip","v9.0.0","Team:Threat Hunting:Investigations","v8.16.0"],"title":"[SecuritySolution][Notes] - make sure that timeline is saved before allowing users to save notes","number":195842,"url":"https://github.com/elastic/kibana/pull/195842","mergeCommit":{"message":"[SecuritySolution][Notes] - make sure that timeline is saved before allowing users to save notes (#195842)","sha":"f7b808c543614d890ad2fd2477fd909f63a36c71"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195842","number":195842,"mergeCommit":{"message":"[SecuritySolution][Notes] - make sure that timeline is saved before allowing users to save notes (#195842)","sha":"f7b808c543614d890ad2fd2477fd909f63a36c71"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Philippe Oberti <philippe.oberti@elastic.co>	2024-10-14 18:21:16 -05:00
Nikita Indik	ee7bc7ed83	[Security Solution] Add callout to promote blog post (#195943) ... **Resolves: #195423** ## Summary This PR adds a callout to the Rule Management page. This callout displays a [link](https://www.elastic.co/blog/elastic-security-detection-engineering) to a post in Elastic blog. Once a user clicks on "x" in the top-right corner the callout will be dismissed forever. Dismissal state is saved in `localStorage`. This is only for ESS v8.16.0 and beyond. Not for Serverless. ⚠️ Currently the [link](https://www.elastic.co/blog/elastic-security-detection-engineering) leads to a 404 page because the blog post is not yet created. It'll be published in time for 8.16 release. ⚠️ UI copy is not final. It'll be reviewed by the Docs folks on Monday. I'll change it to their suggestion once they review it on Monday. ### Screenshot <img width="1392" alt="Scherm­afbeelding 2024-10-11 om 16 43 59" src="https://github.com/user-attachments/assets/282430c1-4b02-4188-a052-5027e7433981"> --------- Co-authored-by: Joe Peeples <joe.peeples@elastic.co>	2024-10-14 16:10:21 -05:00
Ash	06a2faa6a9	[8.x] [DataUsage][Serverless] Data usage metrics page enhancements (#195556) (#196202) ... # Backport This will backport the following commits from `main` to `8.x`: - [[DataUsage][Serverless] Data usage metrics page enhancements (#195556)](https://github.com/elastic/kibana/pull/195556) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Ash","email":"1849116+ashokaditya@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-14T09:54:22Z","message":"[DataUsage][Serverless] Data usage metrics page enhancements (#195556)\n\n## Summary\r\n\r\nThis PR is a follow-up of elastic/kibana/pull/193966 and adds: \r\n\r\n1. Datastreams filter to data usage metrics page.\r\n2. Metrics filter (hidden for now) that lists out metric types to\r\nrequest.\r\n3. Refactors to make code easier to maintain.\r\n4. Shows a callout if no data stream is selected.\r\n\r\n### screen\r\n\r\n\r\n### clip\r\n\r\n\r\n\r\n### Checklist\r\n- [x] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [x] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [x] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [x] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"a7332ad11611d224a16f2bb3c0d3f207cf746065","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","v8.16.0","backport:version"],"number":195556,"url":"https://github.com/elastic/kibana/pull/195556","mergeCommit":{"message":"[DataUsage][Serverless] Data usage metrics page enhancements (#195556)\n\n## Summary\r\n\r\nThis PR is a follow-up of elastic/kibana/pull/193966 and adds: \r\n\r\n1. Datastreams filter to data usage metrics page.\r\n2. Metrics filter (hidden for now) that lists out metric types to\r\nrequest.\r\n3. Refactors to make code easier to maintain.\r\n4. Shows a callout if no data stream is selected.\r\n\r\n### screen\r\n\r\n\r\n### clip\r\n\r\n\r\n\r\n### Checklist\r\n- [x] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [x] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [x] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [x] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"a7332ad11611d224a16f2bb3c0d3f207cf746065"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195556","number":195556,"mergeCommit":{"message":"[DataUsage][Serverless] Data usage metrics page enhancements (#195556)\n\n## Summary\r\n\r\nThis PR is a follow-up of elastic/kibana/pull/193966 and adds: \r\n\r\n1. Datastreams filter to data usage metrics page.\r\n2. Metrics filter (hidden for now) that lists out metric types to\r\nrequest.\r\n3. Refactors to make code easier to maintain.\r\n4. Shows a callout if no data stream is selected.\r\n\r\n### screen\r\n\r\n\r\n### clip\r\n\r\n\r\n\r\n### Checklist\r\n- [x] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [x] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [x] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [x] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"a7332ad11611d224a16f2bb3c0d3f207cf746065"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->	2024-10-14 16:01:38 -05:00
Kibana Machine	84faa5c7e9	[8.x] [Cloud Security] Only adding &#x60;safe_posture_type&#x60; to native csp findings (#196064) (#196200) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Cloud Security] Only adding &#x60;safe_posture_type&#x60; to native csp findings (#196064)](https://github.com/elastic/kibana/pull/196064) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jordan","email":"51442161+JordanSh@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-14T18:44:48Z","message":"[Cloud Security] Only adding `safe_posture_type` to native csp findings (#196064)","sha":"73c9391c23f6fb52db6d1339da8cc72c602aa855","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud Security","backport:prev-minor"],"title":"[Cloud Security] Only adding `safe_posture_type` to native csp findings","number":196064,"url":"https://github.com/elastic/kibana/pull/196064","mergeCommit":{"message":"[Cloud Security] Only adding `safe_posture_type` to native csp findings (#196064)","sha":"73c9391c23f6fb52db6d1339da8cc72c602aa855"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196064","number":196064,"mergeCommit":{"message":"[Cloud Security] Only adding `safe_posture_type` to native csp findings (#196064)","sha":"73c9391c23f6fb52db6d1339da8cc72c602aa855"}}]}] BACKPORT--> Co-authored-by: Jordan <51442161+JordanSh@users.noreply.github.com>	2024-10-14 15:29:29 -05:00
Kibana Machine	7e8d54c418	[8.x] [Lens] Correctly use UserMessage longMessage as function (#192492) (#196194) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Lens] Correctly use UserMessage longMessage as function (#192492)](https://github.com/elastic/kibana/pull/192492) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Marco Vettorello","email":"marco.vettorello@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T17:34:36Z","message":"[Lens] Correctly use UserMessage longMessage as function (#192492)\n\n## Summary\r\n\r\nAfter https://github.com/elastic/kibana/pull/167205 was merged, the\r\n`UserMessage.longMessage` was typed as `longMessage: string |\r\nReact.ReactNode | ((closePopover: () => void) => React.ReactNode);`\r\n\r\nWith the upcoming React 18 upgrade, an error will become visible because\r\n`((closePopover: () => void) => React.ReactNode);` can't be used as a\r\nReactNode but it correctly needs to be called.\r\n\r\nIn this PR I've made the `closePopover` function being optional (to\r\nsimplify the refactoring) and I've added the typecheck where needed.","sha":"e35507a27d9c8df3fe5947c7227d6072d007dfa5","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Feature:Lens","v9.0.0","backport:prev-minor","v8.16.0"],"title":"[Lens] Correctly use UserMessage longMessage as function ","number":192492,"url":"https://github.com/elastic/kibana/pull/192492","mergeCommit":{"message":"[Lens] Correctly use UserMessage longMessage as function (#192492)\n\n## Summary\r\n\r\nAfter https://github.com/elastic/kibana/pull/167205 was merged, the\r\n`UserMessage.longMessage` was typed as `longMessage: string |\r\nReact.ReactNode | ((closePopover: () => void) => React.ReactNode);`\r\n\r\nWith the upcoming React 18 upgrade, an error will become visible because\r\n`((closePopover: () => void) => React.ReactNode);` can't be used as a\r\nReactNode but it correctly needs to be called.\r\n\r\nIn this PR I've made the `closePopover` function being optional (to\r\nsimplify the refactoring) and I've added the typecheck where needed.","sha":"e35507a27d9c8df3fe5947c7227d6072d007dfa5"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/192492","number":192492,"mergeCommit":{"message":"[Lens] Correctly use UserMessage longMessage as function (#192492)\n\n## Summary\r\n\r\nAfter https://github.com/elastic/kibana/pull/167205 was merged, the\r\n`UserMessage.longMessage` was typed as `longMessage: string |\r\nReact.ReactNode | ((closePopover: () => void) => React.ReactNode);`\r\n\r\nWith the upcoming React 18 upgrade, an error will become visible because\r\n`((closePopover: () => void) => React.ReactNode);` can't be used as a\r\nReactNode but it correctly needs to be called.\r\n\r\nIn this PR I've made the `closePopover` function being optional (to\r\nsimplify the refactoring) and I've added the typecheck where needed.","sha":"e35507a27d9c8df3fe5947c7227d6072d007dfa5"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Marco Vettorello <marco.vettorello@elastic.co>	2024-10-14 14:20:47 -05:00
Kibana Machine	d48190ec6a	[8.x] [Security Solution][Notes] Make MAX_UNASSOCIATED_NOTES an advanced Kibana setting (#194947) (#196192) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution][Notes] Make MAX_UNASSOCIATED_NOTES an advanced Kibana setting (#194947)](https://github.com/elastic/kibana/pull/194947) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jan Monschke","email":"jan.monschke@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T17:14:11Z","message":"[Security Solution][Notes] Make MAX_UNASSOCIATED_NOTES an advanced Kibana setting (#194947)\n\n## Summary\r\n\r\nFixes: https://github.com/elastic/kibana/issues/193097\r\n\r\nAdds a new Kibana advanced setting that allows users to limit the\r\nmaximum amount of unassociated notes. The max value for that used to be\r\nhard coded before.\r\n\r\n\r\nhttps://github.com/user-attachments/assets/34af7f67-9109-4251-a5a3-a1af68f123fe\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"925329ec8429741db1c403795c0c3598a29226bb","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","v9.0.0","Team:Threat Hunting:Investigations","backport:prev-minor"],"title":"[Security Solution][Notes] Make MAX_UNASSOCIATED_NOTES an advanced Kibana setting","number":194947,"url":"https://github.com/elastic/kibana/pull/194947","mergeCommit":{"message":"[Security Solution][Notes] Make MAX_UNASSOCIATED_NOTES an advanced Kibana setting (#194947)\n\n## Summary\r\n\r\nFixes: https://github.com/elastic/kibana/issues/193097\r\n\r\nAdds a new Kibana advanced setting that allows users to limit the\r\nmaximum amount of unassociated notes. The max value for that used to be\r\nhard coded before.\r\n\r\n\r\nhttps://github.com/user-attachments/assets/34af7f67-9109-4251-a5a3-a1af68f123fe\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"925329ec8429741db1c403795c0c3598a29226bb"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194947","number":194947,"mergeCommit":{"message":"[Security Solution][Notes] Make MAX_UNASSOCIATED_NOTES an advanced Kibana setting (#194947)\n\n## Summary\r\n\r\nFixes: https://github.com/elastic/kibana/issues/193097\r\n\r\nAdds a new Kibana advanced setting that allows users to limit the\r\nmaximum amount of unassociated notes. The max value for that used to be\r\nhard coded before.\r\n\r\n\r\nhttps://github.com/user-attachments/assets/34af7f67-9109-4251-a5a3-a1af68f123fe\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"925329ec8429741db1c403795c0c3598a29226bb"}}]}] BACKPORT--> Co-authored-by: Jan Monschke <jan.monschke@elastic.co>	2024-10-14 14:06:42 -05:00
Kibana Machine	3db250479f	[8.x] [Security Solution] &#x60;FinalEdit&#x60;: Add &#x60;name&#x60; and &#x60;kql_query&#x60; fields + shared components (#193828) (#196191) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] &#x60;FinalEdit&#x60;: Add &#x60;name&#x60; and &#x60;kql_query&#x60; fields + shared components (#193828)](https://github.com/elastic/kibana/pull/193828) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Nikita Indik","email":"nikita.indik@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T17:09:59Z","message":"[Security Solution] `FinalEdit`: Add `name` and `kql_query` fields + shared components (#193828)\n\n**Partially addresses: https://github.com/elastic/kibana/issues/171520**\r\n**Is a follow-up PR to: https://github.com/elastic/kibana/pull/192342**\r\n\r\n## Summary\r\n\r\nChanges:\r\n - Adds editable components for `name` and `kql_query` fields\r\n- Adds a `FieldFormWrapper` component that abstracts away form creation\r\nand data preparation for each field\r\n- Adds local context providers to pass data between the main context and\r\nfield components\r\n- Adds some basic layout components to make the \"edit\" functionality\r\nwork\r\n\r\n<img width=\"1392\" alt=\"Scherm­afbeelding 2024-10-04 om 17 17 44\"\r\nsrc=\"https://github.com/user-attachments/assets/6272ac84-8159-4b8a-a0d4-88b458f4bc5f\">\r\n\r\n---------\r\n\r\nCo-authored-by: Maxim Palenov <maxim.palenov@elastic.co>","sha":"424ffbaffc6bdcec2634572d18cad5392ef0ace8","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:prev-minor"],"title":"[Security Solution] `FinalEdit`: Add `name` and `kql_query` fields + shared components","number":193828,"url":"https://github.com/elastic/kibana/pull/193828","mergeCommit":{"message":"[Security Solution] `FinalEdit`: Add `name` and `kql_query` fields + shared components (#193828)\n\n**Partially addresses: https://github.com/elastic/kibana/issues/171520**\r\n**Is a follow-up PR to: https://github.com/elastic/kibana/pull/192342**\r\n\r\n## Summary\r\n\r\nChanges:\r\n - Adds editable components for `name` and `kql_query` fields\r\n- Adds a `FieldFormWrapper` component that abstracts away form creation\r\nand data preparation for each field\r\n- Adds local context providers to pass data between the main context and\r\nfield components\r\n- Adds some basic layout components to make the \"edit\" functionality\r\nwork\r\n\r\n<img width=\"1392\" alt=\"Scherm­afbeelding 2024-10-04 om 17 17 44\"\r\nsrc=\"https://github.com/user-attachments/assets/6272ac84-8159-4b8a-a0d4-88b458f4bc5f\">\r\n\r\n---------\r\n\r\nCo-authored-by: Maxim Palenov <maxim.palenov@elastic.co>","sha":"424ffbaffc6bdcec2634572d18cad5392ef0ace8"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193828","number":193828,"mergeCommit":{"message":"[Security Solution] `FinalEdit`: Add `name` and `kql_query` fields + shared components (#193828)\n\n**Partially addresses: https://github.com/elastic/kibana/issues/171520**\r\n**Is a follow-up PR to: https://github.com/elastic/kibana/pull/192342**\r\n\r\n## Summary\r\n\r\nChanges:\r\n - Adds editable components for `name` and `kql_query` fields\r\n- Adds a `FieldFormWrapper` component that abstracts away form creation\r\nand data preparation for each field\r\n- Adds local context providers to pass data between the main context and\r\nfield components\r\n- Adds some basic layout components to make the \"edit\" functionality\r\nwork\r\n\r\n<img width=\"1392\" alt=\"Scherm­afbeelding 2024-10-04 om 17 17 44\"\r\nsrc=\"https://github.com/user-attachments/assets/6272ac84-8159-4b8a-a0d4-88b458f4bc5f\">\r\n\r\n---------\r\n\r\nCo-authored-by: Maxim Palenov <maxim.palenov@elastic.co>","sha":"424ffbaffc6bdcec2634572d18cad5392ef0ace8"}}]}] BACKPORT--> Co-authored-by: Nikita Indik <nikita.indik@elastic.co>	2024-10-14 13:53:39 -05:00
Kibana Machine	d458824eae	[8.x] [Spaces] Rework privileges computation for customize selection (#195253) (#196186) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Spaces] Rework privileges computation for customize selection (#195253)](https://github.com/elastic/kibana/pull/195253) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Eyo O. Eyo","email":"7893459+eokoneyo@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-14T16:42:11Z","message":"[Spaces] Rework privileges computation for customize selection (#195253)\n\n## Summary\r\n\r\nThis PR reworks how privileges get computed when a user selects the\r\ncustomize option, and then opts to further customize each available\r\nfeature, and is particularly necessary because the previous\r\nimplementation for when bulk actions where applied for customization\r\napplied the privilege value on the `base` property instead of on each\r\nfeature to further easier customization this in turn resulted in quite\r\nthe buggy experience. See visuals below;\r\n\r\n## Visuals\r\n\r\n### Before\r\n\r\nhttps://github.com/user-attachments/assets/e0bf8c39-5aaf-4489-bfe4-efe4a79650a4\r\n\r\n### After\r\n\r\n\r\nhttps://github.com/user-attachments/assets/eacbd2db-b9c1-41c2-9c34-8ba21a3f230c\r\n \r\n\r\n<!-- ### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials -->\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n<!--\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is usable by keyboard only (learn more\r\nabout [keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [ ] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n### Risk Matrix\r\n\r\nDelete this section if it is not applicable to this PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other developers to\r\nidentify risks that should be tested prior to the change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider some of the following examples\r\nand how they may potentially impact the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.\r\n| Low | High | Integration tests will verify that all features are still\r\nsupported in non-default Kibana Space and when user switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch polling might have race conditions\r\nwhen multiple Kibana nodes are polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so executing them multiple times will not result\r\nin logical error, but will degrade performance. To test for this case we\r\nadd plenty of unit tests around this logic and document manual testing\r\nprocedure. |\r\n| Code should gracefully handle cases when feature X or plugin Y are\r\ndisabled. | Medium | High | Unit tests will verify that any feature flag\r\nor plugin combination still results in our service operational. |\r\n| [See more potential risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n-->\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"87f3c49c34eafffb7f4b44438772156b135f932e","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Security","release_note:skip","v9.0.0","backport:prev-major"],"title":"[Spaces] Rework privileges computation for customize selection","number":195253,"url":"https://github.com/elastic/kibana/pull/195253","mergeCommit":{"message":"[Spaces] Rework privileges computation for customize selection (#195253)\n\n## Summary\r\n\r\nThis PR reworks how privileges get computed when a user selects the\r\ncustomize option, and then opts to further customize each available\r\nfeature, and is particularly necessary because the previous\r\nimplementation for when bulk actions where applied for customization\r\napplied the privilege value on the `base` property instead of on each\r\nfeature to further easier customization this in turn resulted in quite\r\nthe buggy experience. See visuals below;\r\n\r\n## Visuals\r\n\r\n### Before\r\n\r\nhttps://github.com/user-attachments/assets/e0bf8c39-5aaf-4489-bfe4-efe4a79650a4\r\n\r\n### After\r\n\r\n\r\nhttps://github.com/user-attachments/assets/eacbd2db-b9c1-41c2-9c34-8ba21a3f230c\r\n \r\n\r\n<!-- ### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials -->\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n<!--\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is usable by keyboard only (learn more\r\nabout [keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [ ] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n### Risk Matrix\r\n\r\nDelete this section if it is not applicable to this PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other developers to\r\nidentify risks that should be tested prior to the change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider some of the following examples\r\nand how they may potentially impact the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.\r\n| Low | High | Integration tests will verify that all features are still\r\nsupported in non-default Kibana Space and when user switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch polling might have race conditions\r\nwhen multiple Kibana nodes are polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so executing them multiple times will not result\r\nin logical error, but will degrade performance. To test for this case we\r\nadd plenty of unit tests around this logic and document manual testing\r\nprocedure. |\r\n| Code should gracefully handle cases when feature X or plugin Y are\r\ndisabled. | Medium | High | Unit tests will verify that any feature flag\r\nor plugin combination still results in our service operational. |\r\n| [See more potential risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n-->\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"87f3c49c34eafffb7f4b44438772156b135f932e"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195253","number":195253,"mergeCommit":{"message":"[Spaces] Rework privileges computation for customize selection (#195253)\n\n## Summary\r\n\r\nThis PR reworks how privileges get computed when a user selects the\r\ncustomize option, and then opts to further customize each available\r\nfeature, and is particularly necessary because the previous\r\nimplementation for when bulk actions where applied for customization\r\napplied the privilege value on the `base` property instead of on each\r\nfeature to further easier customization this in turn resulted in quite\r\nthe buggy experience. See visuals below;\r\n\r\n## Visuals\r\n\r\n### Before\r\n\r\nhttps://github.com/user-attachments/assets/e0bf8c39-5aaf-4489-bfe4-efe4a79650a4\r\n\r\n### After\r\n\r\n\r\nhttps://github.com/user-attachments/assets/eacbd2db-b9c1-41c2-9c34-8ba21a3f230c\r\n \r\n\r\n<!-- ### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials -->\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n<!--\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is usable by keyboard only (learn more\r\nabout [keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [ ] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n### Risk Matrix\r\n\r\nDelete this section if it is not applicable to this PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other developers to\r\nidentify risks that should be tested prior to the change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider some of the following examples\r\nand how they may potentially impact the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.\r\n| Low | High | Integration tests will verify that all features are still\r\nsupported in non-default Kibana Space and when user switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch polling might have race conditions\r\nwhen multiple Kibana nodes are polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so executing them multiple times will not result\r\nin logical error, but will degrade performance. To test for this case we\r\nadd plenty of unit tests around this logic and document manual testing\r\nprocedure. |\r\n| Code should gracefully handle cases when feature X or plugin Y are\r\ndisabled. | Medium | High | Unit tests will verify that any feature flag\r\nor plugin combination still results in our service operational. |\r\n| [See more potential risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n-->\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"87f3c49c34eafffb7f4b44438772156b135f932e"}}]}] BACKPORT--> Co-authored-by: Eyo O. Eyo <7893459+eokoneyo@users.noreply.github.com>	2024-10-14 13:30:13 -05:00
Kibana Machine	df849c5431	[8.x] [ML] Adds ability to toggle visibility for empty fields when choosing an aggregation or field in Anomaly detection, data frame analytics (#186670) (#196180) ... # Backport This will backport the following commits from `main` to `8.x`: - [[ML] Adds ability to toggle visibility for empty fields when choosing an aggregation or field in Anomaly detection, data frame analytics (#186670)](https://github.com/elastic/kibana/pull/186670) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Quynh Nguyen (Quinn)","email":"43350163+qn895@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-14T16:17:38Z","message":"[ML] Adds ability to toggle visibility for empty fields when choosing an aggregation or field in Anomaly detection, data frame analytics (#186670)\n\n## Summary\r\n\r\nThis PR adds new ability to toggle visibility for empty fields when\r\nchoosing an aggregation or field in Anomaly detection and Data frame\r\nanalytics\r\n\r\n\r\n5d8b0788-dd59-44e4-b324-3a4035b7a0ec\r\n\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is usable by keyboard only (learn more\r\nabout [keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [ ] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n### Risk Matrix\r\n\r\nDelete this section if it is not applicable to this PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other developers to\r\nidentify risks that should be tested prior to the change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider some of the following examples\r\nand how they may potentially impact the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.\r\n| Low | High | Integration tests will verify that all features are still\r\nsupported in non-default Kibana Space and when user switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch polling might have race conditions\r\nwhen multiple Kibana nodes are polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so executing them multiple times will not result\r\nin logical error, but will degrade performance. To test for this case we\r\nadd plenty of unit tests around this logic and document manual testing\r\nprocedure. |\r\n| Code should gracefully handle cases when feature X or plugin Y are\r\ndisabled. | Medium | High | Unit tests will verify that any feature flag\r\nor plugin combination still results in our service operational. |\r\n| [See more potential risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"f922089c5f088738acd30aeb17de7c7ec07604ce","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement",":ml","Feature:Anomaly Detection","Feature:Data Frame Analytics","v9.0.0","backport:prev-major","v8.16.0","backport:current-major"],"title":"[ML] Adds ability to toggle visibility for empty fields when choosing an aggregation or field in Anomaly detection, data frame analytics","number":186670,"url":"https://github.com/elastic/kibana/pull/186670","mergeCommit":{"message":"[ML] Adds ability to toggle visibility for empty fields when choosing an aggregation or field in Anomaly detection, data frame analytics (#186670)\n\n## Summary\r\n\r\nThis PR adds new ability to toggle visibility for empty fields when\r\nchoosing an aggregation or field in Anomaly detection and Data frame\r\nanalytics\r\n\r\n\r\n5d8b0788-dd59-44e4-b324-3a4035b7a0ec\r\n\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is usable by keyboard only (learn more\r\nabout [keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [ ] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n### Risk Matrix\r\n\r\nDelete this section if it is not applicable to this PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other developers to\r\nidentify risks that should be tested prior to the change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider some of the following examples\r\nand how they may potentially impact the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.\r\n| Low | High | Integration tests will verify that all features are still\r\nsupported in non-default Kibana Space and when user switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch polling might have race conditions\r\nwhen multiple Kibana nodes are polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so executing them multiple times will not result\r\nin logical error, but will degrade performance. To test for this case we\r\nadd plenty of unit tests around this logic and document manual testing\r\nprocedure. |\r\n| Code should gracefully handle cases when feature X or plugin Y are\r\ndisabled. | Medium | High | Unit tests will verify that any feature flag\r\nor plugin combination still results in our service operational. |\r\n| [See more potential risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"f922089c5f088738acd30aeb17de7c7ec07604ce"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/186670","number":186670,"mergeCommit":{"message":"[ML] Adds ability to toggle visibility for empty fields when choosing an aggregation or field in Anomaly detection, data frame analytics (#186670)\n\n## Summary\r\n\r\nThis PR adds new ability to toggle visibility for empty fields when\r\nchoosing an aggregation or field in Anomaly detection and Data frame\r\nanalytics\r\n\r\n\r\n5d8b0788-dd59-44e4-b324-3a4035b7a0ec\r\n\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is usable by keyboard only (learn more\r\nabout [keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [ ] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n### Risk Matrix\r\n\r\nDelete this section if it is not applicable to this PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other developers to\r\nidentify risks that should be tested prior to the change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider some of the following examples\r\nand how they may potentially impact the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.\r\n| Low | High | Integration tests will verify that all features are still\r\nsupported in non-default Kibana Space and when user switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch polling might have race conditions\r\nwhen multiple Kibana nodes are polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so executing them multiple times will not result\r\nin logical error, but will degrade performance. To test for this case we\r\nadd plenty of unit tests around this logic and document manual testing\r\nprocedure. |\r\n| Code should gracefully handle cases when feature X or plugin Y are\r\ndisabled. | Medium | High | Unit tests will verify that any feature flag\r\nor plugin combination still results in our service operational. |\r\n| [See more potential risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"f922089c5f088738acd30aeb17de7c7ec07604ce"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Quynh Nguyen (Quinn) <43350163+qn895@users.noreply.github.com>	2024-10-14 13:14:58 -05:00
Kibana Machine	77f241184e	[8.x] fix: [Stateful: Indices page] Wrong navigation and announcements for Available indices table (#196141) (#196181) ... # Backport This will backport the following commits from `main` to `8.x`: - [fix: [Stateful: Indices page] Wrong navigation and announcements for Available indices table (#196141)](https://github.com/elastic/kibana/pull/196141) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alexey Antonov","email":"alexwizp@gmail.com"},"sourceCommit":{"committedDate":"2024-10-14T16:22:16Z","message":"fix: [Stateful: Indices page] Wrong navigation and announcements for Available indices table (#196141)\n\nCloses: #196111\r\n\r\n### What was changed?: \r\n1. Added rowHeader attribute for\r\n[EuiTable](https://eui.elastic.co/#/tabular-content/tables).\r\n\r\n\r\n### Screen:\r\n\r\n<img width=\"1792\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/5f7b0a63-8a7f-42ea-88d8-308cee94dd6d\">","sha":"7f032b10213334edbb29c6247aba79ad1a6b4b2b","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Project:Accessibility","release_note:skip","v9.0.0","backport:prev-minor"],"title":"fix: [Stateful: Indices page] Wrong navigation and announcements for Available indices table","number":196141,"url":"https://github.com/elastic/kibana/pull/196141","mergeCommit":{"message":"fix: [Stateful: Indices page] Wrong navigation and announcements for Available indices table (#196141)\n\nCloses: #196111\r\n\r\n### What was changed?: \r\n1. Added rowHeader attribute for\r\n[EuiTable](https://eui.elastic.co/#/tabular-content/tables).\r\n\r\n\r\n### Screen:\r\n\r\n<img width=\"1792\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/5f7b0a63-8a7f-42ea-88d8-308cee94dd6d\">","sha":"7f032b10213334edbb29c6247aba79ad1a6b4b2b"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196141","number":196141,"mergeCommit":{"message":"fix: [Stateful: Indices page] Wrong navigation and announcements for Available indices table (#196141)\n\nCloses: #196111\r\n\r\n### What was changed?: \r\n1. Added rowHeader attribute for\r\n[EuiTable](https://eui.elastic.co/#/tabular-content/tables).\r\n\r\n\r\n### Screen:\r\n\r\n<img width=\"1792\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/5f7b0a63-8a7f-42ea-88d8-308cee94dd6d\">","sha":"7f032b10213334edbb29c6247aba79ad1a6b4b2b"}}]}] BACKPORT--> Co-authored-by: Alexey Antonov <alexwizp@gmail.com>	2024-10-14 13:08:06 -05:00
Ash	0ee30dc0b2	[8.x] [Data Usage] Added AutoOps API service (#195844) (#196182) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Data Usage] Added AutoOps API service (#195844)](https://github.com/elastic/kibana/pull/195844) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Yuliia Naumenko","email":"jo.naumenko@gmail.com"},"sourceCommit":{"committedDate":"2024-10-14T04:37:48Z","message":"[Data Usage] Added AutoOps API service (#195844)\n\n## Summary\r\n\r\nSummarize your PR. If it involves visual changes include a screenshot or\r\ngif.\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is usable by keyboard only (learn more\r\nabout [keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [ ] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n### Risk Matrix\r\n\r\nDelete this section if it is not applicable to this PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other developers to\r\nidentify risks that should be tested prior to the change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider some of the following examples\r\nand how they may potentially impact the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.\r\n| Low | High | Integration tests will verify that all features are still\r\nsupported in non-default Kibana Space and when user switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch polling might have race conditions\r\nwhen multiple Kibana nodes are polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so executing them multiple times will not result\r\nin logical error, but will degrade performance. To test for this case we\r\nadd plenty of unit tests around this logic and document manual testing\r\nprocedure. |\r\n| Code should gracefully handle cases when feature X or plugin Y are\r\ndisabled. | Medium | High | Unit tests will verify that any feature flag\r\nor plugin combination still results in our service operational. |\r\n| [See more potential risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"6c4ac90f72a6d44df2f4affd63505a0150b2891b","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","v8.16.0","backport:version"],"number":195844,"url":"https://github.com/elastic/kibana/pull/195844","mergeCommit":{"message":"[Data Usage] Added AutoOps API service (#195844)\n\n## Summary\r\n\r\nSummarize your PR. If it involves visual changes include a screenshot or\r\ngif.\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is usable by keyboard only (learn more\r\nabout [keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [ ] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n### Risk Matrix\r\n\r\nDelete this section if it is not applicable to this PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other developers to\r\nidentify risks that should be tested prior to the change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider some of the following examples\r\nand how they may potentially impact the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.\r\n| Low | High | Integration tests will verify that all features are still\r\nsupported in non-default Kibana Space and when user switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch polling might have race conditions\r\nwhen multiple Kibana nodes are polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so executing them multiple times will not result\r\nin logical error, but will degrade performance. To test for this case we\r\nadd plenty of unit tests around this logic and document manual testing\r\nprocedure. |\r\n| Code should gracefully handle cases when feature X or plugin Y are\r\ndisabled. | Medium | High | Unit tests will verify that any feature flag\r\nor plugin combination still results in our service operational. |\r\n| [See more potential risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"6c4ac90f72a6d44df2f4affd63505a0150b2891b"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195844","number":195844,"mergeCommit":{"message":"[Data Usage] Added AutoOps API service (#195844)\n\n## Summary\r\n\r\nSummarize your PR. If it involves visual changes include a screenshot or\r\ngif.\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is usable by keyboard only (learn more\r\nabout [keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI touched in this PR does not create any new axe failures\r\n(run axe in browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This renders correctly on smaller devices using a responsive\r\nlayout. (You can test this [in your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n- [ ] This was checked for [cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n### Risk Matrix\r\n\r\nDelete this section if it is not applicable to this PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other developers to\r\nidentify risks that should be tested prior to the change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider some of the following examples\r\nand how they may potentially impact the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.\r\n| Low | High | Integration tests will verify that all features are still\r\nsupported in non-default Kibana Space and when user switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch polling might have race conditions\r\nwhen multiple Kibana nodes are polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so executing them multiple times will not result\r\nin logical error, but will degrade performance. To test for this case we\r\nadd plenty of unit tests around this logic and document manual testing\r\nprocedure. |\r\n| Code should gracefully handle cases when feature X or plugin Y are\r\ndisabled. | Medium | High | Unit tests will verify that any feature flag\r\nor plugin combination still results in our service operational. |\r\n| [See more potential risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"6c4ac90f72a6d44df2f4affd63505a0150b2891b"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Yuliia Naumenko <jo.naumenko@gmail.com>	2024-10-14 13:04:20 -05:00
Kibana Machine	8481b66459	[8.x] [Stateful sidenav] Fix collapsed menu for panels with no landing pages (#195904) (#196098) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Stateful sidenav] Fix collapsed menu for panels with no landing pages (#195904)](https://github.com/elastic/kibana/pull/195904) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Sébastien Loix","email":"sebastien.loix@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T10:37:15Z","message":"[Stateful sidenav] Fix collapsed menu for panels with no landing pages (#195904)","sha":"a3289e440ad88825b1ae17495caf13ef5720ae7c","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:SharedUX","backport:prev-minor","Feature:Chrome","ci:project-deploy-observability","Team:obs-ux-management"],"title":"[Stateful sidenav] Fix collapsed menu for panels with no landing pages","number":195904,"url":"https://github.com/elastic/kibana/pull/195904","mergeCommit":{"message":"[Stateful sidenav] Fix collapsed menu for panels with no landing pages (#195904)","sha":"a3289e440ad88825b1ae17495caf13ef5720ae7c"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195904","number":195904,"mergeCommit":{"message":"[Stateful sidenav] Fix collapsed menu for panels with no landing pages (#195904)","sha":"a3289e440ad88825b1ae17495caf13ef5720ae7c"}}]}] BACKPORT--> Co-authored-by: Sébastien Loix <sebastien.loix@elastic.co>	2024-10-14 13:01:05 -05:00
Kibana Machine	fadc97658c	[8.x] [Response Ops][Rules] Version Unmute All Rule API (#196070) (#196170) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Response Ops][Rules] Version Unmute All Rule API (#196070)](https://github.com/elastic/kibana/pull/196070) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Julian Gernun","email":"17549662+jcger@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-14T15:28:57Z","message":"[Response Ops][Rules] Version Unmute All Rule API (#196070)\n\n## Summary\r\n\r\n`POST /api/alerting/rule/{id}/_unmute_all` in\r\nhttps://github.com/elastic/kibana/issues/195181","sha":"c901fec4f1ea9407265e6f450a5a9390fa31454b","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","v9.0.0","backport:prev-minor","v8.16.0"],"title":"[Response Ops][Rules] Version Unmute All Rule API","number":196070,"url":"https://github.com/elastic/kibana/pull/196070","mergeCommit":{"message":"[Response Ops][Rules] Version Unmute All Rule API (#196070)\n\n## Summary\r\n\r\n`POST /api/alerting/rule/{id}/_unmute_all` in\r\nhttps://github.com/elastic/kibana/issues/195181","sha":"c901fec4f1ea9407265e6f450a5a9390fa31454b"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196070","number":196070,"mergeCommit":{"message":"[Response Ops][Rules] Version Unmute All Rule API (#196070)\n\n## Summary\r\n\r\n`POST /api/alerting/rule/{id}/_unmute_all` in\r\nhttps://github.com/elastic/kibana/issues/195181","sha":"c901fec4f1ea9407265e6f450a5a9390fa31454b"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Julian Gernun <17549662+jcger@users.noreply.github.com>	2024-10-14 12:24:16 -05:00
Tiago Costa	26c0e9e4d6	skip flaky suite (#193482)	2024-10-14 18:04:50 +01:00
Jonathan Budzenski	faaf34adc4	skip failing test suite (#189719)	2024-10-14 18:01:47 +01:00
Kibana Machine	828133d7ed	[8.x] [ML] Transforms: Pagination in the source documents data grid fix (#196119) (#196163) ... # Backport This will backport the following commits from `main` to `8.x`: - [[ML] Transforms: Pagination in the source documents data grid fix (#196119)](https://github.com/elastic/kibana/pull/196119) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Robert Jaszczurek","email":"92210485+rbrtj@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-14T15:01:36Z","message":"[ML] Transforms: Pagination in the source documents data grid fix (#196119)\n\n## Summary\r\n\r\nFix for: [#195881](https://github.com/elastic/kibana/issues/195881)\r\n\r\nAfter:\r\nIt's hardly visible in the recording, but if you look at the\r\n`@timestamp` column, you can see that the values are changing correctly\r\nwhile navigating to a previous page, which was not the case before the\r\nfix.\r\n\r\n\r\nhttps://github.com/user-attachments/assets/33be9e8c-e558-4f48-994a-562c4e3788de","sha":"1489396c84356fb6226290438ce805c209ef650a","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","backport pending",":ml","Feature:Transforms","v9.0.0","Team:ML","v8.16.0","backport:version"],"title":"[ML] Transforms: Pagination in the source documents data grid fix","number":196119,"url":"https://github.com/elastic/kibana/pull/196119","mergeCommit":{"message":"[ML] Transforms: Pagination in the source documents data grid fix (#196119)\n\n## Summary\r\n\r\nFix for: [#195881](https://github.com/elastic/kibana/issues/195881)\r\n\r\nAfter:\r\nIt's hardly visible in the recording, but if you look at the\r\n`@timestamp` column, you can see that the values are changing correctly\r\nwhile navigating to a previous page, which was not the case before the\r\nfix.\r\n\r\n\r\nhttps://github.com/user-attachments/assets/33be9e8c-e558-4f48-994a-562c4e3788de","sha":"1489396c84356fb6226290438ce805c209ef650a"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196119","number":196119,"mergeCommit":{"message":"[ML] Transforms: Pagination in the source documents data grid fix (#196119)\n\n## Summary\r\n\r\nFix for: [#195881](https://github.com/elastic/kibana/issues/195881)\r\n\r\nAfter:\r\nIt's hardly visible in the recording, but if you look at the\r\n`@timestamp` column, you can see that the values are changing correctly\r\nwhile navigating to a previous page, which was not the case before the\r\nfix.\r\n\r\n\r\nhttps://github.com/user-attachments/assets/33be9e8c-e558-4f48-994a-562c4e3788de","sha":"1489396c84356fb6226290438ce805c209ef650a"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Robert Jaszczurek <92210485+rbrtj@users.noreply.github.com>	2024-10-14 12:00:51 -05:00
Kibana Machine	2240eb45bf	[8.x] [Response Ops][Task Manager] Stop polling on Kibana shutdown (#195415) (#196159) ... # Backport This will backport the following commits from `main` to `8.x`: - [[Response Ops][Task Manager] Stop polling on Kibana shutdown (#195415)](https://github.com/elastic/kibana/pull/195415) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Ying Mao","email":"ying.mao@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T14:49:50Z","message":"[Response Ops][Task Manager] Stop polling on Kibana shutdown (#195415)\n\nResolves https://github.com/elastic/kibana/issues/160329\r\n\r\n## Summary\r\n\r\nStop polling when task manager `stop()` is called. When Kibana receives\r\na `SIGTERM` signal, all the plugin stop functions are called. When TM\r\nreceives this signal, it should immediately stop claiming any new tasks\r\nand then there is a grace period before kubernetes kills the pod that\r\nallows any running tasks to complete.\r\n\r\nI experimented with removing the code that prevents the event log from\r\nindexing any additional documents after the `stop` signal is received,\r\nbut I received a bulk indexing error `There are no living connections`\r\neven thought Elasticsearch was up and running so it seems that some of\r\nthe core functionality that the event log uses are gone at this point.\r\n\r\n## To Verify\r\n\r\n1. Add a log indicating that polling is occuring\r\n\r\n```\r\n--- a/x-pack/plugins/task_manager/server/polling/task_poller.ts\r\n+++ b/x-pack/plugins/task_manager/server/polling/task_poller.ts\r\n@@ -61,6 +61,7 @@ export function createTaskPoller<T, H>({\r\n const subject = new Subject<Result<H, PollingError<T>>>();\r\n\r\n async function runCycle() {\r\n+ console.log('polling');\r\n timeoutId = null;\r\n const start = Date.now();\r\n try {\r\n```\r\n\r\n2. Start ES and Kibana. Use `ps aux` to determine Kibana's PID\r\n3. Send a sigterm signal to Kibana: `kill -TERM <kibana_pid>`. Task\r\nmanager should log `Stopping the task poller` and you should no longer\r\nsee the console logs indicating that TM is polling\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"674027d66c94f4865c4f73c14a71c454d5198c98","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Feature:Task Manager","Team:ResponseOps","v9.0.0","backport:prev-minor","v8.16.0"],"title":"[Response Ops][Task Manager] Stop polling on Kibana shutdown","number":195415,"url":"https://github.com/elastic/kibana/pull/195415","mergeCommit":{"message":"[Response Ops][Task Manager] Stop polling on Kibana shutdown (#195415)\n\nResolves https://github.com/elastic/kibana/issues/160329\r\n\r\n## Summary\r\n\r\nStop polling when task manager `stop()` is called. When Kibana receives\r\na `SIGTERM` signal, all the plugin stop functions are called. When TM\r\nreceives this signal, it should immediately stop claiming any new tasks\r\nand then there is a grace period before kubernetes kills the pod that\r\nallows any running tasks to complete.\r\n\r\nI experimented with removing the code that prevents the event log from\r\nindexing any additional documents after the `stop` signal is received,\r\nbut I received a bulk indexing error `There are no living connections`\r\neven thought Elasticsearch was up and running so it seems that some of\r\nthe core functionality that the event log uses are gone at this point.\r\n\r\n## To Verify\r\n\r\n1. Add a log indicating that polling is occuring\r\n\r\n```\r\n--- a/x-pack/plugins/task_manager/server/polling/task_poller.ts\r\n+++ b/x-pack/plugins/task_manager/server/polling/task_poller.ts\r\n@@ -61,6 +61,7 @@ export function createTaskPoller<T, H>({\r\n const subject = new Subject<Result<H, PollingError<T>>>();\r\n\r\n async function runCycle() {\r\n+ console.log('polling');\r\n timeoutId = null;\r\n const start = Date.now();\r\n try {\r\n```\r\n\r\n2. Start ES and Kibana. Use `ps aux` to determine Kibana's PID\r\n3. Send a sigterm signal to Kibana: `kill -TERM <kibana_pid>`. Task\r\nmanager should log `Stopping the task poller` and you should no longer\r\nsee the console logs indicating that TM is polling\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"674027d66c94f4865c4f73c14a71c454d5198c98"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195415","number":195415,"mergeCommit":{"message":"[Response Ops][Task Manager] Stop polling on Kibana shutdown (#195415)\n\nResolves https://github.com/elastic/kibana/issues/160329\r\n\r\n## Summary\r\n\r\nStop polling when task manager `stop()` is called. When Kibana receives\r\na `SIGTERM` signal, all the plugin stop functions are called. When TM\r\nreceives this signal, it should immediately stop claiming any new tasks\r\nand then there is a grace period before kubernetes kills the pod that\r\nallows any running tasks to complete.\r\n\r\nI experimented with removing the code that prevents the event log from\r\nindexing any additional documents after the `stop` signal is received,\r\nbut I received a bulk indexing error `There are no living connections`\r\neven thought Elasticsearch was up and running so it seems that some of\r\nthe core functionality that the event log uses are gone at this point.\r\n\r\n## To Verify\r\n\r\n1. Add a log indicating that polling is occuring\r\n\r\n```\r\n--- a/x-pack/plugins/task_manager/server/polling/task_poller.ts\r\n+++ b/x-pack/plugins/task_manager/server/polling/task_poller.ts\r\n@@ -61,6 +61,7 @@ export function createTaskPoller<T, H>({\r\n const subject = new Subject<Result<H, PollingError<T>>>();\r\n\r\n async function runCycle() {\r\n+ console.log('polling');\r\n timeoutId = null;\r\n const start = Date.now();\r\n try {\r\n```\r\n\r\n2. Start ES and Kibana. Use `ps aux` to determine Kibana's PID\r\n3. Send a sigterm signal to Kibana: `kill -TERM <kibana_pid>`. Task\r\nmanager should log `Stopping the task poller` and you should no longer\r\nsee the console logs indicating that TM is polling\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"674027d66c94f4865c4f73c14a71c454d5198c98"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Ying Mao <ying.mao@elastic.co>	2024-10-14 11:59:27 -05:00