Closes https://github.com/elastic/kibana/issues/202423
## Summary
This PR updates the URL validation logic in the UI to allow hostnames
without a dot character. This brings the UI behavior in line with the
API, which already accepts such URLs.
<img width="914" alt="Screenshot 2025-04-14 at 13 53 48"
src="https://github.com/user-attachments/assets/4774b743-d9b6-4a25-8b4a-8e8a8c6f2536"
/>
---------
Co-authored-by: Dima Arnautov <arnautov.dima@gmail.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Christos Nasikas <christos.nasikas@elastic.co>
## Summary
This PR reuses sourcerer data view creation logic for security solution
and applies it to the new flow with data view manager (discover data
view picker).
Closes https://github.com/elastic/security-team/issues/12570
Closes https://github.com/elastic/kibana/issues/220589
## Testing
Starting kibana from scratch with the feature flag enabled should create
default security solution view, **in either default or custom Kibana
Space**.
The FF:
```
xpack.securitySolution.enableExperimental: ['newDataViewPickerEnabled']
```
### Checklist
Check the PR satisfies following conditions.
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated / added
---------
Co-authored-by: Michael Olorunnisola <michael.olorunnisola@elastic.co>
This is largely based of @clintandrewhall's work that he extracted from
the new workspace layout poc. These components are a decent starting
point for [new grid layout
](https://github.com/elastic/kibana-team/issues/1581) and I
[validated](https://github.com/elastic/kibana/pull/223021) that the
layout mostly works for Kibana (fixing a couple of edge cases)
I believe the components are ready to be merged into the main branch to
make future reviews easier:
Bootstraps a new `@kbn/core-chrome-layout-components` package to provide
composable React primitives for Kibana’s Chrome layout, including region
components, a debug overlay, Storybook stories, and initial docs.
- Adds layout region components (Banner, Header, Navigation, Sidebar,
Panels, Application, Footer) and a debug overlay with Emotion styling.
- Provides a README with usage examples (Storybook-driven) and API
documentation.
`yarn storybook sharedux`
---------
Co-authored-by: Clint Andrew Hall <clint@clintandrewhall.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
### 🍒 Summary
resolves https://github.com/elastic/kibana/issues/224476
This PR changes how the summary indices are constructed when remote
clusters is enabled.
When `useAllRemoteCluster` is true, we simply use `*:summary-index`
instead of listing each remote individually.
We also removed the need to fetch the remote clusters info when we use
`useAllRemoteCluster`.
### Release notes
Fix SLO federated view bug when remote clusters and index name listed
exceeded 4096 bytes.
While working on [this
PR](https://github.com/elastic/kibana/pull/221515) I noticed an issue
when trying to bulk update saved objects overriding the current space
for the operation.
---------
Co-authored-by: “jeramysoucy” <jeramy.soucy@elastic.co>
Co-authored-by: Shahzad <shahzad31comp@gmail.com>
Co-authored-by: Rudolf Meijering <skaapgif@gmail.com>
## Summary
Fixes https://github.com/elastic/kibana/issues/222635
When the rule import file contains a connector that specifies an
`originId`, the specified `originId` is carried through to the connector
that gets created even if the connector `id` gets regenerated. In this
case, the created connector does not contain the `id` that was specified
in the import file at all - the `originId` is from the import file, and
the new `id` is a regenerated one. This means that when we attempt to
migrate the connector references on the rules (which reference
connectors by `id`), there is no connector with the expected `id` value
in either the `id` or `originId` field.
This PR fixes the issue by stripping `originId` from connectors before
importing so that the `originId` will be the original `id` value in
cases where the `id` needs to be regenerated (e.g. when a connector with
the same `id` already exists in another space).
## Testing
Steps to reproduce:
1. Export a custom rule with an action connector that has an `originId`
2. Create a new space (or use an existing space without the rule or
connector) and attempt to import the rule with the connector (the
overwrite options checked or unchecked result in the same behavior).
3. Observe that the rule import fails due to the lack of action
connector with the supplied ID. However, the action connector does
import but the ID is changed so it does not match with the original
imported ID.
An `ndjson` export sample that triggers the issue is attached to the bug
ticket. Simply import the sample into one space (which should work) then
import it into a second space (should fail without the fix in this PR).
### Additional Testing Note
I tried creating a rule with a connector in a non-default space on
7.17.28 then upgraded to 8.18.2 to force the connector SO ID to be
regenerated and populate `originId` with the original SO ID. This was to
check if a rule could be exported with a reference to the `originId`
instead of the actual `id`. In this scenario the exported rule does
reference the connector by `id`, not `originId`, so stripping the
`originId` on re-import does not cause a problem.
I also tried upgrading directly from 7.17.28 to 8.0.0 to see if any
intermediate version might cause rule to reference connectors by
`originId`, but the connector reference on the rule is migrated during
the upgrade process. This migration is possible because on the rule SO
in the framework the connector ID is stored in the SO references array,
**not** directly in the `actions` array as it appears in the rules APIs.
So in this scenario as well, stripping the `originId` should not be an
issue because the rules should never be referencing connectors by
`originId`.
## Summary
Original issue: https://github.com/elastic/security-team/issues/10688
This PR adds a new function to the rules client called
`bulkFillGapsByRuleIds`, that takes a list of rule ids and a date range,
and attempts to fill out the gaps simultaneously, 10 rules at a time
(can be customizable).
For all rules we verify if the user has access to write to the gaps
object, then for each rule we fetch gaps and trigger the backfilling of
its unfilled intervals.
During the execution, we aggregate the errors and the rules that are
skipped in lists and return them along with the scheduling outcomes.
### Error handling
There are 2 error types that are handled throughout the scheduling of a
gaps backfilling for a rule:
- A user doesn't have access the rule
- We fail to backfill gaps
### Skipped rules
A rule can be skipped when it doesn't have unfilled gaps in the given
time range, or when gaps are found, but they are currently "in
progress".
### Endpoint
This PR also updates the existing bulk actions endpoint by adding the
action `fill_gaps`. The endpoint for now should limit the amount of
rules per call to 100.
The bulk actions endpoint returns a summary of the execution which is a
list of counters of rules that succeeded, failed or were skipped.
## How to test?
1. Create several rules that run every 5 seconds and disable them. Leave
them disabled for a couple of minutes and then re-enable them in order
to create some gaps for it. You can confirm that there are gaps by
clicking on the rule, then on the "Execution results" tab, and then
scrolling down to "Gaps".
Alternatively you can use [this
tool](https://github.com/elastic/security-documents-generator) to create
1 rule (5m) with 1000 gaps:
```
yarn start rules --rules 1 -g 1000 -c -i"5m"
```
2. Get the ids of each rule that you created and call the endpoint to
backfill them. You can select a time range that is smaller than the gaps
so that you can call it several times. Here is an example of a curl to
do this
```
curl -X POST "http://localhost:5601/api/detection_engine/rules/_bulk_action?dry_run=false" \
-H "Accept: */*" \
-H "Content-Type: application/json" \
-H "kbn-version: 9.1.0" \
-H "kbn-build-number: 9007199254740991" \
-H "elastic-api-version: 2023-10-31" \
-H "Authorization: Basic $(echo -n 'elastic:changeme' | base64)" \
--data-raw '{
"action": "fill_gaps",
"ids": ["307bdea8-28be-419f-bb25-dac0024f32af"],
"fill_gaps": {
"start_date": "2025-05-09T08:12:09.457Z",
"end_date": "2025-05-09T09:12:09.457Z"
}
}'
```
3. Then you can go to the "Gaps" tab from step 1 and verify that the
gaps are being filled. Additionally, you can see that there are manual
runs scheduled for the rule in order to fill the gaps.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This PR implements the frontend for opening a Saved Playground. As a
part of that there are several refactors to the current playground that
warrant regression testing.
### Testing
To test the saved playground view the search mode feature flag should be
enabled, either with a config override or via console:
```
POST kbn:/internal/kibana/settings/searchPlayground:searchModeEnabled
{"value": true}
```
Then you will need to manually save a playground:
```
curl -X "PUT" "http://localhost:5601/internal/search_playground/playgrounds" \
-H 'elastic-api-version: 1' \
-H 'kbn-xsrf: dev' \
-H 'x-elastic-internal-origin: Kibana' \
-H 'Content-Type: application/json; charset=utf-8' \
-u 'elastic_serverless:<PASSWORD>' \
-d $'{
"elasticsearchQueryJSON": "{\\"retriever\\":{\\"standard\\":{\\"query\\":{\\"semantic\\":{\\"field\\":\\"text\\",\\"query\\":\\"{query}\\"}}}},\\"highlight\\":{\\"fields\\":{\\"text\\":{\\"type\\":\\"semantic\\",\\"number_of_fragments\\":2,\\"order\\":\\"score\\"}}}}",
"indices": [
"search-test"
],
"name": "Test playground",
"queryFields": {
"search-test": [
"text"
]
}
}'
```
*Note this creates a saved playground in the Default space, and
playgrounds are space aware so it will only be available in the default
space. If you want to create a playground in another space you will need
to update this URL to include the space.
This assumes you have a `search-test` index created using the
semantic_text onboarding workflow mapping.
Then you can open the saved playground page at:
`/app/search_playground/p/<ID_RETURNED_FROM_CURL>`
## Screenshots
Chat
Chat - Query
Search - Query
### Checklist
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [ ] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Introduces new config key to allow passing app tokens for elasticsearch
and fleet server for agentless deployment:
```
xpack.fleet.agentless.deploymentSecrets:
fleetAppToken: TOKEN1
elasticsearchAppToken: TOKEN2
```
This new config will be passed to the agentless-api to be used by
agentless agents to support traffic filtering.
---------
Co-authored-by: Michel Losier <michel.losier@elastic.co>
Closes#224425
## Summary
This PR adds support for the text panel in the APM dashboards inside the
metrics tab
## Testing
⚠️ UPDATE: The dashboard won't be part of the PR so ⬇️ won't work now
- with connection to edge oblt cluster:
- Open Applications > Service Inventory and click on the `cart` (or any
EDOT .NET service) service
- Go to the metrics tab
- The dashboard should be visible
## Summary
Resolves#219264
The issue revolves around the possiblity of the Entity Store being
enabled without the Asset Inventory DataView being installed. This can
happen when the Entity Store is enabled from the Entity Store page
instead from the Asset Inventory Page.
The original plan was to enhance the enablement process with the
DataView installation but after further considerations it was decided to
decouple the process. Here is a little diagram to explain the thought
process:
(Option 1 is the original plan, option 2 is what we ended up going with)
### Server-side checking
Visiting the Asset Inventory Page triggers a check for the data view
(happening within the status API), if it does not exists, installs it:
https://github.com/user-attachments/assets/d57409e8-9d85-4569-9ef5-90e5136b30a7
### Client-side error handling
In some scenarios, the user might not have the permission to install the
DataView, in this case, there's an error handling:
https://github.com/user-attachments/assets/ee1c348f-9950-4a97-9ce1-8ee5d798f063
---------
Co-authored-by: Paulo Silva <paulo.henrique@elastic.co>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
another attempt of https://github.com/elastic/kibana/pull/224432
@elastic/appex-sharedux Has a couple of dependency groups that need a
lot of manual intervention or are being phased out. We want to reduce
the noise from automatic updates and decided to pin automatic updates to
some of those to minor/patch version
- React - team is working on it manually
https://github.com/elastic/kibana-team/issues/1564
- React-Router - will be huge manual phased dependency upgrade when we
get to it
- Enzyme - Deprecated and teams are migrating away
https://github.com/elastic/kibana/issues/222949, Let's not spend time
upgrading related dependencies since the pull request for the upgrade to
newer versions is failing.https://github.com/elastic/kibana/pull/219581
- Styled Components - Deprecated and teams are moving away from it.
https://github.com/elastic/kibana-team/issues/1417 .I suggest we don't
upgrade and avoid spending time on visual regression testing.
## Summary
Add license gate around agents automatic upgrades feature:
- Hide UI elements if license is less than Enterprise - hide Manage auto
upgrade button in Agent policy details
- Add license gate around API to update target versions in agent policy
update
- Add license gate around auto upgrade task
### Testing
With a basic license, try to access the agent auto upgrades feature and
verify that is not available
### Checklist
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
This PR adds a background task to `share` plugin which periodically
deletes saved objects of type `url` which have been older than a value
controlled by `share.url_expiration.duration` config - the default is 1
year.
The task can be run manually by calling `POST
/internal/unused_urls_task/run` with `superuser` privileges.
Config options (with their default values):
```yaml
share.url_expiration.enabled: false # controls whether the task is enabled
share.url_expiration.duration: '1y' # controls the expiration threshold
share.url_expiration.check_interval: '7d' # controls how often the task runs
share.url_expiration.url_limit: 10000 # controls how many urls should be fetched at once
```
Closes: #179146
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This PR introduces a new "Overview" page within the Entity Analytics
section of the Kibana Security Solution app.
The scope of this PR is to reuse the existing Entity Analytics dashboard
components while providing a new entry point for Overview.
## Key Changes:
- Added a new navigation item called "Overview" under the Entity
Analytics section.
- Introduced a new route at /entity_analytics/overview that renders the
existing EntityAnalyticsDashboard component.
- The new page is searchable via Kibana
- Ensured all code reuse follows existing patterns with no duplication
of dashboard layout or components.
## Testing Steps
1. Navigate to the Security Solution page in Kibana.
2. In the left-hand navigation panel, click on Entity Analytics. You
should see a new submenu item labeled Overview.
3. Click on Overview. You should be directed to a new page with the
heading Entity Analytics, which mirrors the existing Entity Analytics
dashboard.
4. Use the global search at the top of the page to search for
"Overview". You should see a result under Security → Entity Analytics →
Overview. Clicking this result should navigate you to the same Overview
page as described in step 3.
5. The URL of the Overview page should be similar to
`/app/security/entity_analytics/overview?sourcerer=(default:(id:security-solution-default,selectedPatterns:!(%27logs-*%27)))&timerange=(global:(linkTo:!(),timerange:(from:%272025-05-28T18:30:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272025-05-29T18:29:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272025-05-28T07:32:08.611Z%27,kind:absolute,to:%272025-05-29T07:32:08.611Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)`
6. The timeline (`Untitled timeline`) should be visible at the bottom of
the page.
7. Scroll down to the entities and the entity flyout (the tilted
double-header arrow icon) should get opened.
8. Execute a KQL search query. It should return results for the data
present.
### Checklist
Check the PR satisfies following conditions.
Reviewers should verify this PR satisfies this list as well.
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This was checked for breaking HTTP API changes, and any breaking
changes have been approved by the breaking-change committee. The
`release_note:breaking` label should be applied in these situations.
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [ ] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process
Closes https://github.com/elastic/kibana/issues/221927
## Summary
#### New Component: `AttributesOverview`
- Introduced a new component to provide a unified, user-friendly
overview of document attributes in the Observability context.
- The component organizes attributes into three main groups:
- Signal attributes (e.g., attributes.*)
- Resource attributes (e.g., resource.attributes.*)
- Scope attributes (e.g., scope.attributes.*)
- Each group is rendered in its own accordion section for clarity and
ease of navigation.
#### Search and Filtering
- Added a search bar to filter attribute fields by name or value,
improving discoverability.
- Filtering logic ensures only relevant fields are shown in each
section, based on both prefix and search term.
#### Table Actions for Fields
- Each attribute row in the table now includes cell actions, allowing
users to:
- Filter by field value directly from the table.
- Add or remove fields as columns in Discover with a single click.
- These actions improve workflow efficiency and align with Discover’s
interactive capabilities.
#### Integration
- The new overview is integrated into the unified doc viewer, replacing
or enhancing previous attribute display mechanisms.
- Each accordion section uses the `AttributesAccordion` and
`AttributesTable` components.
#### Result
The new attributes overview provides a clear, organized, and filterable
view of all relevant document attributes, improving usability and
consistency across the Observability UI.
<img width="770" alt="image"
src="https://github.com/user-attachments/assets/36fee343-fe63-4c55-ab37-0317a8512abf"
/>
### Test:
#### How to generate OTel data
- Follow
https://github.com/smith/elastic-stack-docker-compose?tab=readme-ov-file#elastic-stack-docker-compose
#### How to test
- Make sure your solution view is Observability
- update your `kibana.yml`
```
discover.experimental.enabledProfiles:
- observability-root-profile-with-attributes-tab
# if you want to test it with the additional profiles add the following to your `kibana.yaml`
- observability-traces-data-source-profile
- observability-traces-transaction-document-profile
- observability-traces-span-document-profile
```
## Summary
Part of https://github.com/elastic/kibana-team/issues/1503
This PR relocates few test files from `/src/platform/test` dir that
imports from `@kbn/enterprise-search-plugin`, which is Search solution
plugin.
Before:
```
/src/platform/test/api_integration/guided_onboarding
| - get_guides.ts
| - put_state.ts
```
After:
```
/x-pack/solutions/search/test/api_integration/guided_onboarding
| - get_guides.ts
| - put_state.ts
```
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This PR adds the ability to upload a CSV file with privileged users from
the Entity Analytics pages
## Changes
### Backend
- Added (or completed) the upload CSV route:
`/api/entity_analytics/monitoring/users/_csv`
- Added shared utilities for batching with Node streams
- Added bulk processing actions for the upload
- Parsing users from CSV
- Soft delete for omitted users
- Batch upsert via the bulk API
- Added a check for installing all required privmon resources
### Frontend
- File uploader components
- File validation logic
- Updated EA privmon page to account for the new flow
- Added managing users panels
- open upload flow (same as asset criticality)
## Screen recording
https://github.com/user-attachments/assets/7956f1cf-49e0-4430-8c23-7d6178a15342
## How to test
#### Prerequisite
Make sure you have a CSV file with usernames
Check
[here](https://gist.github.com/tiansivive/0be2f09e1bb380fdde6609a131e929ed)
for a little helper script
Create a few copies where some of the users are deleted, in order to
test soft delete
1. Start up kibana and ES
2. Navigate to Security > Entity Analytics > Privilege User Monitoring
3. Select the `File` option to add data
4. Add one of the CSV files to the open modal and upload
5. Repeat but now upload one of files with the omitted users
Alternatively, testing only the backend only is possible by directly
hitting the API wit curl
```
curl -u elastic:changeme \
-X POST "http://localhost:5601/api/entity_analytics/monitoring/users/_csv" \
-H "kbn-xsrf: true" \
-F "file=@test.csv;type=text/csv"
```
#### Verifying
Easiest way is to use the dev tools to `_search` the privmon users index
with:
```
GET .entity_analytics.monitoring.users-default/_search
```
Look for number of hits and/or use `query` to search for omitted users.
## Remaining work
- [x] API integration tests
- [ ] Batching logic unit tests
- [ ] E2E tests?
---------
Co-authored-by: machadoum <pablo.nevesmachado@elastic.co>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
- anonymization rules shows up correctly in advanced settings, once
registered.
- adds default rules (disabled)
- updates schema, type, and advanced settings description. removes `id`,
`description` and makes `entityClass` required for regex only
Still unregistered for now, but can [register to
view](https://github.com/elastic/kibana/blob/main/x-pack/platform/plugins/private/observability_ai_assistant_management/server/plugin.ts#L24-L25)
To make sure the rules function without having to register the setting
(and have it show in the UI), you can run the below in dev tools:
```
POST kbn:/api/kibana/settings
{
"changes": {
"observability:aiAssistantAnonymizationRules": "[\n {\n \"type\": \"regex\",\n \"pattern\": \"[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\\\.[A-Za-z]{2,}\",\n \"enabled\": true,\n \"entityClass\": \"EMAIL\"\n },\n {\n \"type\": \"regex\",\n \"pattern\": \"https?://[^\\\\s]+\",\n \"enabled\": true,\n \"entityClass\": \"URL\"\n },\n {\n \"type\": \"regex\",\n \"pattern\": \"\\\\b(?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\b\",\n \"enabled\": true,\n \"entityClass\": \"IP\"\n },\n {\n \"type\": \"ner\",\n \"enabled\": true\n }\n]"
}
}
```
or with kibana config:
```
uiSettings:
overrides:
"observability:aiAssistantAnonymizationRules": |
[
{
"type": "regex",
"pattern": "[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[A-Za-z]{2,}",
"enabled": true,
"entityClass": "EMAIL"
},
{
"type": "regex",
"pattern": "https?://[^\\s]+",
"enabled": true,
"entityClass": "URL"
},
{
"type": "regex",
"pattern": "\\b(?:\\d{1,3}\\.){3}\\d{1,3}\\b",
"enabled": true,
"entityClass": "IP"
},
{
"type": "ner",
"enabled": true
}
]
```
---------
Co-authored-by: Arturo Lidueña <arturo.liduena@elastic.co>
Partially addresses
https://github.com/elastic/observability-dev/issues/4492
This change makes a set of adjustments to the quickstart onboarding
flows to prepare them for Logs Essentials product tier:
* Hides the "Application" onboarding category
* Removes mentions of metrics ingestion from all quickstart onboarding
flows (Host Auto-detect, Host OTel, K8S Elastic Agent, K8S OTel, Cloud
Firehose)
* Disables creation the CloudWatch metric stream for the Firehose flow
* Hides the application instrumentation step for K8S OTel flow
* Changes layout of the onboarding landing page to 3 columns
This change don't disable actual metric collection on the flows (except
Firehose), only changes the copy. Disabling metrics requires
coordination with other teams and will be done in separate PRs.
## How To Test
* Modify `config/serverless.oblt.dev.yml` to include:
```yaml
pricing.tiers.products:
- name: observability
tier: logs_essentials
```
* Run Kibana locally
* Click through all categories on the onboarding landing page and make
sure none of the quickstart flows mention metrics collection
* Enter individual flow pages and also make sure there no mention of
metrics collection
* Enter K8S Otel flow and make sure there is no application
instrumentation step
Additionally, switch back to `tier: complete` in
`config/serverless.oblt.dev.yml` and make sure that onboarding flows
looks as usual.
