* Upgraded the version of EUI to 47.0.0 and react-beautiful-dnd (an EUI dependancy) to 13.1.0
* Update i18n mappings with required changes
* Fix all data grid types/tests missing the new `colIndex` prop passed by renderCellValue and cellActions
* Fix cellActions closePopover type to indicate conditionality (only passed when popover is open)
* Fix more datagrid colIndex errors
- pass more missing `colIndex`s
- pass RowAction colIndex, because it's inheriting types from EUI
- omit colIndex from the leading controls column renderer, because it doesn't need them
* Improve StatefulCell typing
- pass colIndex (which fixes EUI type match issue)
- DRY out ariaColIndex logic
- rename ariaRowindex passed to StatefulCell to rowIndex
* Updated i18n_eui_mapping tests to add euiSelectable.searchResults to the tokensToSkip array
* Fix failing ML datagrid FTR test
- `visibleRowIndex` is not a prop passed back by `popoverContents` (see `EuiDataGridCellValueElementProps`), but `rowIndex` is
* Revert attempted ML type change
- in actuality this is an EUI typing issue, children is a ReactElement, not a ReactNode. However we'll shortly be deprecationg popoverContents, so this isn't worth fixing right now
* Update test files to include up to date snapshots of code samples
* Updated a test snapshots to match the latest version of code samples
* Upgraded the version of EUI from 47.0.0 to 48.0.0 in package.json and license_checker config files
* Update the required i18n translation mapping file with additions and changes from EUI version 48.0.0
* Updated three security screen accessibility tests to check for the aria-checked attribute instead of the aria-selected attribute as part of an accessibility update to aria made in EUI PR 5581
* Updated two unit cases to that are responsible for checking strict equality of strings. These unit tests were for the EuiSelectable and EuiFilterGroup components. Both of these components contain and utilize EuiScreenReaderOnly which provides text that is used for screen readers, but can still be viewed and queried in the DOM. These tests have been updated with the EuiScreenReaderOnly text in mind.
* Code clean up and added a missing internationalization token
* Ran yarn kbn bootstrap to update the yarn lock file
* Fix failing ML FTR test
- EuiSelectable now relies on aria-checked to indicate selected state, per W3 spec
* Fix failing functional tests that click the datagrid cell expand button
.euiDataGridRowCell__expandButtonIcon was deprecated in favor of a shared .euiDataGridRowCell__actionButtonIcon class, but the expand action is always the last one
* Upgrade to 48.1.1
* Switch to data-test-subj for datagrid cell expansion selectors
* Switch to new `data-test-selected` attribute over `aria-checked`
* Update snapshots/Jest tests to account for EuiSelectable use in EuiFilter
Co-authored-by: Constance Chen <constance.chen@elastic.co>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Julia Bardi <90178898+juliaElastic@users.noreply.github.com>
Co-authored-by: István Zoltán Szabó <szabosteve@gmail.com>
Co-authored-by: Joe Reuter <johannes.reuter@elastic.co>
Co-authored-by: Tiago Costa <tiago.costa@elastic.co>
Co-authored-by: Cristina Amico <criamico@users.noreply.github.com>
Co-authored-by: Aleh Zasypkin <aleh.zasypkin@elastic.co>
Co-authored-by: Gloria Hornero <gloria.hornero@elastic.co>
Co-authored-by: Matthew Kime <matt@mattki.me>
Co-authored-by: Ying Mao <ying.mao@elastic.co>
Co-authored-by: Maja Grubic <maja.grubic@elastic.co>
Co-authored-by: Lee Drengenberg <lee.drengenberg@elastic.co>
Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com>
* render alerts in overview page
* pass routeParams
* create useAlertIndexNames hook
* remove unused file
* use alertIndexNames hook in new overview page
* remove unused stuff
* fix failing tests
* remove min-height from FullWidthFlexGroup in standalone t-grid
* Remove old alerts section from overview and use same style as other sections
* remove alertsStateContainer from overview page
* revert changes in new overview page
* Add refetch function to alerts table
* Fix type
* rename file
* remove not needed check
* fix types
Co-authored-by: Ester Marti <ester.martivilaseca@elastic.co>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Bootstrap user page
* Bootstrap user details page
* Delete ueba
* Create User detail flyout
* Add cypress test to User page
* Add Sourcerer to the users page
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [Observability][RAC] Set display names for columns and fix reason message bug
* Adding missing file
* Adding a way to add additional fields to fetch to the timeline query
* Fetch alert ecs data in actions.tsx and not a hook in every table row
* Add error handling and tests for theshold timelines
* Fix bad merge
* Remove unused imports
* Actually remove unused file
* Remove usage of alertIds and dead code from cases
* Add basic sanity tests that ensure no extra network calls are being made
* Remove unused operator
* Remove unused imports
* Remove unused mock
* Removing subcases from the backend
* making more progress
* Removing sub cases references
* Fixing tests
* Removing sub case class
* Fixing type errors
* First wave of fixes for integration tests
* Fixing integration tests and some types
* Fixing translations
* Fixing comments and todos
* Removing the collection keyword
* Updating readme and fixing type error
* Removing remainder of readme for case connector
* Fixing integration test type error
* Removing references to "sub case"
* Addressing additional feedback
* Removing styled table and fixing type errors
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* eui to 46.1.0
* use optimize build
* dataGridWrapper -> euiDataGridBody
* remove unused dep from bazel
* use column-index and row-index attrs
* datagrid test fixes
* prevent duplicate global styles
* snapshot updates
* rendering_service test
* update comment
* clean up
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Fix success message to show correct language based on timeline type
* Fix translation problems
Co-authored-by: Kristof-Pierre Cummings <kristofpierre.cummings@elastic.co>
* Add aliases, fix types, remove extra fields
* Update aliases version and update tests
* Update aliases version test
* Remove dangling references to fields
* Update test
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Move beats metadata script to timelines plugin
This is the plugin that consumes the artifacts of the script, not
security_solution.
* Remove unused beats metadata file
This file also exists in the timelines plugin, but only that one is
used.
* Update fields metadata from beats 8.0.0-rc1
This will serve as the data source for our metadata in kibana 8.0.
* Update indexFields unit tests following ECS update
8.0 introduced some textual changes to field descriptions.
* Revert "Move beats metadata script to timelines plugin"
This reverts commit cbc8e9db1a.
* Update script to modify the appropriate timelines file
This is the one used by IndexFields.
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Make rule detail link work for both signal.rule.name and kibana.alert.rule.name
* Remove failing test
* Remove incorrect comment about possible bug
* PR feedback
* More cleanup/feedback
* Memoize hook usage
* Add flattend parameters object and populate it in Security Solution
* Fix severity, risk_score, bugs, tests
* Add ALERT_RULE_PARAMETERS to package
* Skip tightly coupled test
* fix more tests
* Remove unused import
* Fix threat matching API test
* Continue overriding kibana.alert.rule.risk_score and severity for now
* Add ignore_above to ALERT_RULE_PARAMETERS
* Exploratory
* Not pretty
* more garbage
* debugging
* use expandDottedObject for alerts data in UI
* Remove kibana.alert.rule.risk_score and severity
* Fix tests related to risk_score and severity
* Make translation a template
* Can't use expression in template literal
* Remove commented line added by bad merge
* Fix linting
* Fix unflattening of UI data
* Fix mapping
* Remove console logs
* Fix imports
* Clean up, fix dupes
* Remaining test and type errors
* Remove comment
* Fix skip param
* Add backcompat for threshold timeline
* Fix linting
* Use indexNames for threshold timeline instead of data view
* Add tests for threshold timeline action
* Implement suggestion for simplified alertIds initialization
Co-authored-by: Marshall Main <marshall.main@elastic.co>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* backend update to use unsecure so
* wip on UI
* fix UI to work with one dataview at the time
* by pass capabilities in data view factory
* fix sourcerer in timeline
* fix types
* fix unit test
* fix index field to work with security data view
* cypress + detection roles tests
* add unit test
* review I
* review II
* review III
* clean up after talking to Larry
* fix latets code
* working to be green
* by pass capabilities from data view API only use saved object kibana privilege
* fix lint
* add commnet per review
Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
* chore(NA): splits types from code on @kbn/rule-data-utils
* chore(NA): remove old style imports for this pkg
* chore(NA): eslint fix
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Remove kibana.alert.rule.risk_score and severity
* Fix tests related to risk_score and severity
* Make translation a template
* Can't use expression in template literal
* Remove commented line added by bad merge
* Fix linting
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* add kibana.alert.rule.parameters as a flattened type
* temp
* rule_data_formatter
* fix bug in search strategy with flattend field type where prefix was wrong (kibana.alert.rule.parameters was ignored)
* fix inventory rule data formatters
* remove console log
* hack that prepends kibana.alerts.rule.parameters in the nested subfields
* import ALERT_RULE_PARAMETERS from kbn rule data utils
* remove console log
* format custom metric link
* remove ALERT_PARAMS from technical field names
* fix bug in timelines plugin to use dotField instead of prependField & fix failing tests
* remove console log and unused variable
* delete kibana.alert.rule.params from the mapping
* flatten kibana.alert.rule.parameters and add some unit tests
* fix rule_data_formatter
* handle scenario of having multiple items in an array (multiple conditions setup in the rule)
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Working lifespan metrics api
* new case metrics container and api call
* Adding remaining metrics handlers and some tests
* Fixing jest snapshot
* Switch to kbn archiver
* tests added, case view page refactor
* test for metrics component added
* fix type
* fix responsivenes on small screens
* type fixes
* use new features prop for case metrics
* test fixed
* fix CasesFeatures type
* integration test fix
* changes and suggestions
* metrics features implementation and connectors type
Co-authored-by: Jonathan Buttner <jonathan.buttner@elastic.co>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Remove comments
* Remove workflow code from Alert page and make currentFilter in t grid optional
* Remove workflow props for AlertsTableTGridProps
* Remove unused import
* Remove workflow state from Alert page state container
* Update page state container
* Update tests
* Remove builk actions tests
* Remove bulk actions provider
* Remove does not render case options in the overflow menu test
* Resume permissions for cases test
* Fix does not render case options in the overflow menu test
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
See: https://github.com/elastic/kibana/issues/110903
This removes all the top level API `export *` spots from:
* `timeline` plugin within both the common and public section
This reduces the number of metrics and warning about undocumented functions.
I also add this text to timeline:
```
// Careful of exporting anything from this file as any file(s) you export here will cause your page bundle size to increase.
// If you're using functions/types/etc... internally or within integration tests it's best to import directly from their paths
// than expose the functions/types/etc... here. You should _only_ expose functions/types/etc... that need to be shared with other plugins here.
// When you do have to add things here you might want to consider creating a package to share with
// other plugins instead as packages are easier to break down and you do not have to carry the cost of extra plugin weight on
// first download since the other plugins/areas of your code can directly pull from the package in their async imports.
// See: https://docs.elastic.dev/kibana-dev-docs/key-concepts/platform-intro#public-plugin-api
```
* chore(NA): auto creation of the package.json for the new types pkg rule
* chore(NA): first alpha api extractor working version
* chore(NA): support kbn-analytics
* chore(NA): correctly read tsconfig files and deps from ts_config rule
* chore(NA): layed out pkg_npm_types tree artifact custom rule
* chore(NA): missing todos
* chore(NA): node modules link mapping
* chore(NA): fully working pkg_npm_types rule
* chore(NA): fix changes on new packages using elastic datemath pkgs
* docs(NA): remove todo
* docs(NA): last todo text correction
* chore(NA): removed commented lines
* fix(NA): include missing package version
* chore(NA): include license keys
* chore(NA): change mock types package into private
* chore(NA): disable validator on ts_project rule
* chore(NA): use the wrapper for ts_project
* commit using @elastic.co
* chore(NA): commit using @elastic.co
* chore(NA): split types from code on @kbn/i18n
* chore(NA): update yarn.lock file
* chore(NA): split @kbn/i18n and @kbn/i18n-react
* chore(NA): missing import fix
* chore(NA): fix jest project configs
* chore(NA): change imports on kbn i18n
* chore(NA): change imports on kbn i18n
* chore(NA): correct loader imports
* chore(NA): missnig i18nLoader export key
* chore(NA): fix type exports
* chore(NA): export type only
* chore(NA): export type only
* fix(NA): type exports
* chore(NA): missing @Kbn/i18n/react imports
* chore(NA): missing skip path for kbn-i18n-react
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Reenable cypress tests for rules
* Indicator match is not yet passing
* Update refs
* Fix eql alert generation original_time and building_block_type
* Unskip a few more tests
* Update field names in jest tests
* Fix unit tests / cypress tests
* Have to keep this one skipped for now
* Fix some more tests?
* cleanup
* Fix translation
## [Security Solution] Restores the `@timestamp` column actions and fixes an `@timestamp` alignment issue
This PR fixes the `@timestamp` column issues described in https://github.com/elastic/kibana/issues/118989
The PR:
- Fixes an issue where the `Filter in`, `Filter out`, and `Investigate in timeline` actions were disabled in the `Security > Alerts` table, per the before / after screenshots below:
**Before**
_Above: The `Filter in`, `Filter out`, and `Investigate in timeline` actions were disabled for `@timestamp` in Security > Alerts_
**After**
_Above: The `Filter in`, `Filter out`, and `Investigate in timeline` actions are enabled for `@timestamp` in Security > Alerts_
- Fixes a CSS issue where text truncation styles were causing the `@timestamp` column to be mis-aligned in Timeline, per the before / after screenshots below:
**Before**
_Above: The `@timestamp` column in Timeline was vertically mis-aligned_
**After**
_Above: The `@timestamp` column in Timeline is correctly (vertically) aligned_
### No changes to the o11y alert actions
There are no changes to the actions shown in the `o11y` alerts table, per the before / after screenshots below:
_Above: Before - the `@timestamp` field in the `o11y` alerts table does NOT have actions_
_Above: After - the `@timestamp` field in the `o11y` alerts table (still) does NOT have actions_
### Field browser search input auto-focus
- Fixed an issue where the `Fields` browser search input was not auto-focused, per the screenshot above:
_Above: The search input is auto-focused when the `Fields` browser is opened_
### Details
The fix that re-enables the `Filter in`, `Filter out`, and `Investigate in timeline` actions in the `Security > Alerts` required removing a recently-introduced `TODO` in `x-pack/plugins/timelines/public/components/t_grid/body/index.tsx`, which defined a common set of disabled actions for both the `o11y` and `Security` solutions.
The `TODO` was replaced by a `disabledCellActions` prop, which enables each solution to configure the disabled cell actions independently.
### Desk testing
While desk testing the `@timestamp` alignment issue:
> - Fixes a CSS issue where text truncation styles were causing the `@timestamp` column to be mis-aligned in Timeline
You may find it informative to locally edit `x-pack/plugins/security_solution/public/common/components/drag_and_drop/draggable_wrapper.tsx` to add the following styles:
```css
background-color: red;
```
and
```css
background-color: green;
```
to `ProviderContentWrapper`, as shown in the code below:
```typescript
export const ProviderContentWrapper = styled.span`
> span.euiToolTipAnchor {
background-color: red;
display: block; /* allow EuiTooltip content to be truncatable */
}
> span.euiToolTipAnchor.eui-textTruncate {
background-color: green;
display: inline-block; /* do not override display when a tooltip is truncated via eui-textTruncate */
}
`;
```
as illustrated by the `diff` below:
_Above: `background-color: green` and `background-color: red` styles added locally for desk testing_
With the (temporary) style changes above, the effect (and scope) of the new style is easily seen, as shown in the screenshot below:
_Above: The effect of the (green) style changes compared with the (red) unchanged styles_
When the new style introduced in this PR is commented-out for desk testing, as shown in the code below:
```typescript
export const ProviderContentWrapper = styled.span`
> span.euiToolTipAnchor {
background-color: red;
display: block; /* allow EuiTooltip content to be truncatable */
}
/*
> span.euiToolTipAnchor.eui-textTruncate {
background-color: green;
display: inline-block; /* do not override display when a tooltip is truncated via eui-textTruncate */
}
*/
`;
```
the behavior of `@timestamp` reverts to the behavior prior to this PR, as shown in the screenshot below:
_Above: The `@timestamp` column defaults to the old (red) unchanged behavior when the new style is commented-out for desk testing_
* eui to v41.0.0
* update eui i18n tokens
* sass tokens
* EuiLoadingKibana
* EuiCodeEditor
* subdued
* betaBadgeProps
* EuiCodeEditor null-loader
* src secondary -> success
* [enterprise_search] Deprecate 'secondary' color prop
* [apm] Deprecate 'secondary' color prop
* [canvas] Deprecate 'secondary' color prop
* [cases] Deprecate 'secondary' color prop
* [cross_cluster_replication] Deprecate 'secondary' color prop
* [data_enhanced] Deprecate 'secondary' color prop
* [data_visualizer] Deprecate 'secondary' color prop
* [fleet] Deprecate 'secondary' color prop
* [index_management] Deprecate 'secondary' color prop
* [infra] Deprecate 'secondary' color prop
* [ingest_pipelines] Deprecate 'secondary' color prop
* [maps] Deprecate 'secondary' color prop
* [ml] Deprecate 'secondary' color prop
* [monitoring] Deprecate 'secondary' color prop
* [observability] Deprecate 'secondary' color prop
NB: conditional became `type === 'success' ? 'success' : type` after find&replace, which felt fairly redundant, so I simplified it
* [osquery] Deprecate 'secondary' color prop
* [painless_lab] Deprecate 'secondary' color prop
* [remote_clusters] Deprecate 'secondary' color prop
* [rollup] Deprecate 'secondary' color prop
* [security] Deprecate 'secondary' color prop
* [security_solution] Deprecate 'secondary' color prop
NB: several conditional became `type === 'success' ? 'success' : type` after find&replace, which felt fairly redundant, so I simplified them
* [snapshot_restore] Deprecate 'secondary' color prop
* [spaces] Deprecate 'secondary' color prop
* [transform] Deprecate 'secondary' color prop
* [triggers_actions_ui] Deprecate 'secondary' color prop
* [uptime] Deprecate 'secondary' color prop
* [watcher] Deprecate 'secondary' color prop
* [infra] replace ambiguous 'secondary' color
- GaugesSectionVis doesn't appear to use the color property but it's required by the SeriesOverrides types, so changing it just in case
* [examples] Deprecate 'secondary' color prop
* [uptime] deprecate 'subdued' prop on EuiButtonIcon
* revert EuiKeyPadMenuItem betaBadge props
* mobileOptions
* examples/ updates
* fix brace import
* fix type exports
* update expressions_explorer requiredBundles
* remove make_id mocks
* snapshot updates
* fix import 🤦
* Fix `ReferenceError: ace is not defined` Jest failures
* Remove unused brace import (?)
- Assuming here, as no code editor is actually being used in this file
* Fix failing Jest test due to EuiCodeEditor moving to es_ui_shared plugin
+ minor cleanup of `jest.mock()`s
* Fix failing Jest test due to snapshot update
* Fix failing `TypeError: Cannot read properties of undefined (reading 'euiBorderRadius')` Jest test
- since this is being mount()'d, EuiThemeProvider as a wrapper is needed to prevent the failure
* access uiSettings
* Move react-ace dependency into kbn-ui-shared-deps-npm
* Revert App Search shenanigans
- caused local unsaved changes shenanigans, somehow
* secondary -> success
Co-authored-by: Constance Chen <constance.chen.3@gmail.com>
Co-authored-by: Chandler Prall <chandler.prall@gmail.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Constance Chen <constance.chen@elastic.co>
## Summary
This removes all the areas marked as deprecated from `.../src/plugins/data/public` with their `@kbn/es-query` equivalent or it uses the directly exported version from `.../src/plugins/data/public`. Anywhere else this adds the `import type {` where it can to encourage the build system to do more type erasures.
### Checklist
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
* [kbn/rule-data-utils] add submodules and require public use them
* fix lint errors
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
