* tests for delete action
* revert the original delete action for dfa models
(cherry picked from commit 6d9d1b92af)
Co-authored-by: Dima Arnautov <dmitrii.arnautov@elastic.co>
* [Security Solution] Add "Rule Preview" title before the rule preview section (#138165)
* Review feedback: naming according to guidelines
(cherry picked from commit a0cb2608fb)
Co-authored-by: Ievgen Sorokopud <ievgen.sorokopud@elastic.co>
Workaround
- As suggested by EUI team, we can do a workaround by giving each Flyout instance a unique key which will force React to unmount and remount the flyout and never directly update it.
- This does impact user experience in minor way (imho), where user will see a new flyout sliding from right side everytime they click on a particular row. Please see below video to see how it looks like.
Co-authored-by: Jan Monschke <janmonschke@fastmail.com>
(cherry picked from commit 05ef19f7da)
Co-authored-by: Jatin Kathuria <jtn.kathuria@gmail.com>
Fixes small ui misalignment on generate API key modal.
When fieldname and fieldvalue are too long, result table will not
truncate the text on expanded view to make all content visible.
(cherry picked from commit 8f0b6b5c45)
Co-authored-by: Efe Gürkan YALAMAN <efeguerkan.yalaman@elastic.co>
## Summary
Addresses [bug](https://github.com/elastic/kibana/issues/138383) found where even when `overwrite_data_views` was false, the rule's `index` property was being modified.
Please see added integration tests to understand desired behavior of changes. There is one edge case which is a bit weird, but I think too late to address in 8.4. If a user uses bulk delete on a rule with a data view and _no_ index patterns defined and `overwrite_data_views = true`, both data view and index will be set to `undefined`. Per our current behavior, a rule with no data source defaults to using the default index patterns. Not sure this is ideal, but it is in line with the behavior that already exists for a rule.
(cherry picked from commit 9e8b5b9784)
Co-authored-by: Yara Tercero <yctercero@users.noreply.github.com>
## Summary
Overlooked a param name - should be snake case per our APIs. `overwriteDataViews` --> `overwrite_data_views`
(cherry picked from commit 6da6f18b2d)
Co-authored-by: Yara Tercero <yctercero@users.noreply.github.com>
* Make event list count for 3000
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
(cherry picked from commit 42b798779b)
Co-authored-by: Khristinin Nikita <nikita.khristinin@elastic.co>
* Add tooltip message to notify users they need permission to modify private locations.
* Update copy based on PR feedback.
(cherry picked from commit 7800f4fb75)
Co-authored-by: Justin Kambic <jk@elastic.co>
## Summary
The default security data view includes the alerts index. This means that a rule that uses this data view can result in alerts on alerts. At first glance, it seems the default data view is equivalent to the default index patterns we normally display on rule creation, but it is not in that it includes the alerts index.
(cherry picked from commit b40663299a)
Co-authored-by: Yara Tercero <yctercero@users.noreply.github.com>
* test start model deployment
* start and stop tests
* wait for refresh
* wait for refresh
* update assertLastToastHeader with retry
(cherry picked from commit b08914c0db)
Co-authored-by: Dima Arnautov <dmitrii.arnautov@elastic.co>
* [Discover]
* [Discover] try to exclude one test
* [Discover] move doc navigation tests into one file
* [Discover] exclude doc navigation tests
* [Discover] change test order
* [Discover] skip one test file
* [Discover] revert changes to check build result
* [Discover] try to skip one file
* [Discover] add test_logstash_reader role
* [Discover] unskip test file
* [Discover] add roles per each test which uses logstash
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
(cherry picked from commit 247d2fb557)
Co-authored-by: Dmitry Tomashevich <39378793+dimaanj@users.noreply.github.com>
* data view rest api request body field documentation
* document sub-fields of the api request body
* add examples of different ways to create the data view
* switch order of 2 examples
* Update docs/api/data-views/create.asciidoc
* data_view properties documentation
* update documentation
* fix broken link
* Apply suggestions from code review
Co-authored-by: Kaarina Tungseth <kaarina.tungseth@elastic.co>
* Update docs/api/data-views/create.asciidoc
* Update docs/api/data-views/create.asciidoc
Co-authored-by: Kaarina Tungseth <kaarina.tungseth@elastic.co>
Co-authored-by: Kaarina Tungseth <kaarina.tungseth@elastic.co>
(cherry picked from commit f5133d449c)
Co-authored-by: Tim Sullivan <tsullivan@users.noreply.github.com>
## Summary
- fixes https://github.com/elastic/kibana/issues/136006
- in this PR, bulk delete index will only be applied to rule, if index pattern exists
- small code cleanup around dataViewId and index patterns actions
- adds unit/functional tests
### Checklist
Delete any items that are not applicable to this PR.
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
(cherry picked from commit b93d4fb04b)
Co-authored-by: Vitalii Dmyterko <92328789+vitaliidm@users.noreply.github.com>
- show/hide navbar entries in both old and new navigation per feature flag value
- load plugin per feature flag value
- flag: xpack.securitySolution.enableExperimental: ['threatIntelligenceEnabled']
https://github.com/elastic/security-team/issues/4505
(cherry picked from commit ff28e68159)
Co-authored-by: Philippe Oberti <philippe.oberti@elastic.co>
* [ML] Use data view name in anomaly detection job wizards
* adding to data recognizer
(cherry picked from commit 1bcd865363)
Co-authored-by: James Gowdy <jgowdy@elastic.co>
* rephrase flout title
* fix host validation error display
* Make text even more consistent
* Make text even more consistent
* trim values before submitting
(cherry picked from commit 46a2c63ab3)
Co-authored-by: Mark Hopkin <mark.hopkin@elastic.co>
* Add validation to ensure that 'historyWindowStart' is earlier than 'from'
* Fix tests
* Fix test again
* Add comment
(cherry picked from commit f3f7498b76)
Co-authored-by: Marshall Main <55718608+marshallmain@users.noreply.github.com>
* update event tab to show both alerts and events with toggle. (#136540)
* add test for SignasByCategory
* modify external_alerts_filter to be more efficient
* Update usage across explore views to only use EventsQueryTabBody
* remove unused files and code related to external alerts and move old alerts files to events_tab folder
* test fixes, and more removal of old usage
* update failing snapshots
* last bit of cleanup
* Fix type error
* fix type and translations issue
Co-authored-by: Kristof-Pierre Cummings <kristofpierre.cummings@elastic.co>
* update network details to match hosts, and users details pages
* add events table to network pages
* Fix minor bugs with network routeing and allow old route to reach new view
* Fix failing tests
* fix types and transltions
* minor fixes before code review
* [CI] Auto-commit changed files from 'node scripts/precommit_hook.js --ref HEAD~1..HEAD --fix'
* update failing snapshot
* re-add /ip/ and have :/flowTarget appear before :/tabName
* [CI] Auto-commit changed files from 'node scripts/precommit_hook.js --ref HEAD~1..HEAD --fix'
* remove unneeded import and update type
* fix navigation issue
* use constant for administration page, and add fallback route
* Update links and redirect behaviour
* fix dependency array
Co-authored-by: Kristof-Pierre Cummings <kristofpierre.cummings@elastic.co>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
(cherry picked from commit 241406a8df)
Co-authored-by: Kristof C <kpac.ja@gmail.com>
