## Summary
Introduced the search_notebooks plugin which has a set of default python
notebooks that can be served to the frontend via API endpoints.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Related to #179100.
Sets up Synthetics API Integrations suite in Serverless Tests and adds
tests for the enablement endpoint.
Additional API test ports will be posted following up on this in the
coming days.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Resolves: https://github.com/elastic/kibana/issues/171309
## Summary
- Creates an RFC for Milestone 3 of the Prebuilt Rules Customization,
including:
- rule schema changes
- mappings
- migration strategy and technical implementation
- exporting and importing rules
- schema-related changes needed in endpoints
- calculation of `isCustomized` field on endpoints that update/patch
rules.
- additional changes needed to `/upgrade/_review` and
`/upgrade/_perform` endpoints
- concrete diff algorithms
- UI Changes
- Creates
`x-pack/plugins/security_solution/docs/rfcs/detection_response` folder
and adds it to CODEOWNER file, with owners the Detection Engine and Rule
Management teams.
## Summary
This moves code from `plugins/aiops/common` to packages. The `aiops`
plugin will from now on have only a `server` and `public` directory.
This is in preparation for additional AIOps related public APIs and to
avoid cyclic dependency problems for other consuming plugins.
- Package `@kbn/aiops-utils` was renamed to `@kbn/aiops-common`.
- For each AIOps feature a package was created:
`@kbn/aiops-change-point-detection`, `@kbn/aiops-log-pattern-analysis`
and `@kbn/aiops-log-rate-analysis`.
### Checklist
- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
There are 2 paths for decoupling from AttributeService
1. replace existing actions with new actions that use
`HasLibraryTransforms` interface. Update all embeddables to implement
`HasLibraryTransforms` interfaces.
2. Rename existing actions as `legacy`. Create new actions that use
`HasLibraryTransforms` interface. Provide a reference implementation for
new actions. Convert embeddables to new `HasLibraryTransforms` interface
as the embeddables get converted to react embeddables.
Option 2 was chosen to limit scope and gradually convert embeddables to
`HasLibraryTransforms` interface.
This PR:
1. Remove `@kbn/presentation-library` package. Interfaces in this
package have been rolled into `@kbn/presentation-publishing` package.
2. Rename existing interface as `HasLegacyLibraryTransforms`
3. Create new interface `HasLibraryTransforms`
4. Rename `AddToLibraryAction` action to `LegacyAddToLibraryAction`.
Modify action to use `HasLegacyLibraryTransforms` interface and guards.
5. Rename `UnlinkFromLibraryAction` action to
`LegacyUnlinkFromLibraryAction`. Modify action to use
`HasLegacyLibraryTransforms` interface and guards.
6. Rename `LibraryNotificationAction` action to
`LegacyLibraryNotificationAction`. Modify action to use
`LegacyUnlinkFromLibraryAction`.
7. Create new `AddToLibraryAction`. Code action to use
`HasLibraryTransforms` interface.
8. Create new `UnlinkFromLibraryAction`. Code action to use
`HasLibraryTransforms` interface.
9. Create new `LibraryNotificationAction`. Code action to use
`UnlinkFromLibraryAction` action.
10. Update MapEmbeddable to implement `HasLibraryTransforms` interface
so that Map embeddable can be used to test new actions.
### Test
1. install sample web logs
2. create new dashboard
3. Click "Add panel" and select "Maps".
4. Click "Save and return".
5. Save dashboard. Inspect dashboard saved object. Verify panel is
by-value and contains `attributes` in `panelsJSON`
<img width="300" alt="Screenshot 2024-03-22 at 2 49 56 PM"
src="49189613-f7c4-435d-88ab-d9c8ceb1575f">
6. Go back to dashboard and open context menu. Click "more" and then
click "Save to library".
7. Save dashboard. Inspect dashboard saved object. Verify panel is
by-reference and does not contain `attributes` in `panelsJSON`.
<img width="300" alt="Screenshot 2024-03-22 at 2 52 19 PM"
src="e3b2eace-a48d-4dd0-a771-f22436d72935">
8. Go to maps listing page. Verify map is displayed in listing page.
Open map and verify it opens. Add some new layers and save map.
11. Go back to dashboard. Verify map contains new layers added to saved
object.
12. Open context menu. Click "more" and then click "Unlink from
library".
13. Save dashboard and verify map panel is now by-value again.
---------
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Moving ES|QL ownership to the new esql project team
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Whenever a test is failing and the label `failed-test` is added or a
test is skipped, then a notification will be sent to the slack channel
of preference of the team. Currently this is enabled only for Security
Solution.
This PR depends on completion of the [PR in
kibana-operations](https://github.com/elastic/kibana-operations/pull/72)
This PR moves the AI Assistant Management plugin into x-pack to
co-locate it with the other assistant plugins and to make it possible to
statically import from the other assistant plugins. This is not
currently possible because the Management plugin is in OSS and the other
plugins are in xpack.
## Summary
Introduces a CI job to check for changes to the Elasticsearch grammar.
Part of https://github.com/elastic/kibana/issues/178262
The first time this job runs, it will result in a PR to update the
grammar because of formatting differences. That should be merged. Then,
it will only create a PR when something has changed on the Elasticsearch
side.
---------
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Fixes https://github.com/elastic/kibana/issues/176420
## 🍒 Summary
This PR copies the SLO code that was inside the Observability app into
its own app under `observability-solution/slo` folder.
4f6b8dfb-9612-4d30-ad50-4ee5c55a9c32
## ✔️ Acceptance criteria
- URL of new app: `app/slos`
- Design and functionality are not changed.
- Git history has been retained for all files in
`x-pack/plugins/observability_solution/slo`.
- SLO should appear on server less
- SLO code inside `observability_solution/observability` code has been
removed. A new clean up round might be needed though for possible
leftovers.
- Burn rate rule is registered within the new slo app
- SLO embeddables are moved inside the new slo app
- overview
- alerts embeddable
- error budget burn down
- Alerts table configuration registration for slo details page and
alerts table embeddable is still done in the observability app. Response
Ops team is working on removing the need to register the alert table
anyway
- Slo app is wrapped into `ApplicationUsageTrackingProvider` which will
send slo `Application usage` information tracked by the `slo` appId
- Redirect old `app/observability/slos` route to `app/slos`
- Rename old `xpack.observability.slo` keys to `xpack.slo` in the
translation files
## 🌮 How to test
Design and functionality didn't change, so simply navigate to existing
slo pages and try to break it
- Slo list page
- group by
- unified search
- toggle buttons
- actions
- Slo creation
- try group by as well
- Slo detail page
- Actions on top
- navigate to overview and alerts tabs
- Create SLO flyout in Logs Explorer
- Create burn rate rules and verify they appear on rules page
- Verify SLO alerts appear on Alerts page and slo details page
- Embeddables
- Through the dashboard app
- Using the attach to dashboard action on the slo card item on slo list
page and the error budget burn down chart on the slo detail page
- SLOs only for platinum users
- Permissions
- Spaces
## TODO
- [x] Move slo stuff from observability folder to new slo plugin
- [x] Remove old slo stuff from observability folder
- [x] Update references
- [x] Fix typescript and eslint errors
- [x] Paths
- [x] Locators
- [x] Burn rate rule registration
- [x] Embeddable Alerts table configuration registration
- [x] Embeddables
- [x] Translations
- [x] Verify plugin.ts files contain all registration logic
- [x] public
- [x] server
- [x] Final cleanup for observability folder
- [x] Run tests
- [x] Application Usage (Telemetry)
- [x] Permissions
---------
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: shahzad31 <shahzad31comp@gmail.com>
Co-authored-by: Coen Warmer <coen.warmer@gmail.com>
## Summary
Part of #173301.
Add a performance journey for AIOps Log Rate Analysis.
To run the performance journey locally, run:
```
node scripts/run_performance.js --journey-path x-pack/performance/journeys/aiops_log_rate_analysis.ts
```
Review notes:
- The small dataset used isn't set up using `esArchiver`, because it's
just 18 docs we're reusing a file from AIOps integration tests und using
bulk ingest to create the index. The data view necessary to populate the
UI is created with an `kibanaServer.request` call.
- Because of the above, the usual `es/kbnArchiver` cleanup cannot kick
in. To support manual cleanup, I added an `afterSteps` option similar to
the existing `beforeSteps` option. This allows us to delete the index
and data view during teardown.
- Kibana operations team triggered by `.buildkite/ftr_configs.yml`.
Journey showing up in APM:
<img width="1638" alt="image"
src="14f130f5-c125-4390-90d0-96002bc916f3">
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
The AppEx Management team was recently renamed on GitHub from
`platform-deployment-management` to `kibana-management`. This PR updates
the Codeowners file and all references to the team name.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
First part of https://github.com/elastic/kibana/issues/174578
- Introduce the new `security` core service, both on the browser and
server-side.
- In this first stage, this service only has a single API:
`authc.getCurrentUser`
- Have the security plugin register its API to Core for ex-exposition
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Splits up the Observability AI Assistant plugin so it can be used
outside of the context of the Observability apps. Additionally, the
following changes were made:
- Add the AI Assistant button to the top nav, instead of the header
menu. This prevents unmounts and remounts (and makes it much easier to
use everywhere).
- Contextual messages now use a function request/response to inject the
data of the insight. This allows us to remove `startedFrom`.
- ML is now an runtime dependency only (via `core.plugins.onStart`).
With a static dependency, we'll run into circular dependency issues.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Closes#156023
## Summary
ESO = Encrypted Saved Object(s)
This PR modifies the `EncryptedSavedObjectTypeRegistration` definition,
replacing the `attributesToExcludeFromAAD` property with a
`attributesToIncludeInAAD` property. The purpose is to alter the default
inclusion of new SO attributes, which will help to resolve potential
decryption issues with serverless zero downtime upgrades (see
https://github.com/elastic/kibana/issues/156023).
NOTE: nested fields are included when the parent field is added to the
include list. In this way the include list behaves just as the exclude
list did.
#### Attention Code Owners:
I attempted to create the include list for existing ESOs by comparing
the exclude list to the full list of attributes, ~~however, I am sure
this is either incomplete or partially incorrect~~ UPDATE: new tests
have been created to validate the include list (see the **Testing**
section). These changes will need to be carefully audited by the owning
teams during the review process. This PR will not merge until all code
owners have reviewed and approved the changes. If your team is a
consumer of ESOs, please see the **Testing** section below.
## Testing
Automated test suites have been updated to account for the changes to
ESO registration. The riskier part of this PR are the changes to
existing ESOs, and validating that they are effectively identical to
their previous implementations. I have used main branch Kibana to
generate several ESOs - one of each type, then saved those raw encrypted
objects to an esArchiver JSON file. New functional tests, in the
`encrypted_saved_objects_api_integration` suite, have been created to
verify that those objects can be successfully decrypted using the new
ESO definitions containing the AAD include list.
### ESO Types to Validate
See
`x-pack/test/encrypted_saved_objects_api_integration/tests/encrypted_saved_objects_aad_include_list.ts`
- [x] ACTION_SAVED_OBJECT_TYPE/'action'
- [x] ACTION_TASK_PARAMS_SAVED_OBJECT_TYPE/'action_task_params'
- [x] CONNECTOR_TOKEN_SAVED_OBJECT_TYPE/'connector_token'
- [x] RULE_SAVED_OBJECT_TYPE/'alert'
- [x] 'api_key_pending_invalidation'
- [x] OUTPUT_SAVED_OBJECT_TYPE/'ingest-outputs
- [x] MESSAGE_SIGNING_KEYS_SAVED_OBJECT_TYPE/'fleet-message-signing-keys
- [x] UNINSTALL_TOKENS_SAVED_OBJECT_TYPE/'fleet-uninstall-tokens'
- [x] syntheticsApiKeyObjectType/'uptime-synthetics-api-key'
- [x] syntheticsMonitorType/'synthetics-monitor'
- [x] syntheticsParamType/'synthetics-param'
### Flaky Test Runner
https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5419
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Aleh Zasypkin <aleh.zasypkin@gmail.com>
## 📓 Summary
Both the `@elastic/obs-ux-infra_services-team` and
`@elastic/obs-ux-logs-team` teams were still required as code owners for
many parts of the `infra` plugin which didn't require the logs team
supervision.
To unblock this situation and allow the infra
`@elastic/obs-ux-infra_services-team` to work autonomously, while
preserving the logs team shared code ownership over the plugin manifest
and logs area, the following updates on the CODEOWNERS file establish
that:
- infra -> both teams (automatically generated by script)
- infra/{common,docs,public,server}/{sub-folders}/ ->
obs-ux-infra_services-team
- Logs UI code exceptions -> obs-ux-logs-team
**_N.B._** Although the ownership definition is not absolute since any
new root sub-folder needs a new entry on the codeowners file, creating
new folders at that level is less common as the main folder structure is
already defined.
This should allow the infra team to work without dependencies on the
`obs-ux-logs-team`, which will maintain ownership of the Logs UI code
only.
Co-authored-by: Marco Antonio Ghiani <marcoantonio.ghiani@elastic.co>
## Summary
Adds Obs UX infra Services team to the metrics-data-access plugin owners
list
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This PR moves `AlertIds` schema definition to one schema to avoid duplication.
## Details
OAS should as simple and straightforward as possible. Having the same entities defined in different schemas may spawn ambiguity issues. On top of that [OAS docs bundler](https://github.com/elastic/kibana/pull/171526) requires unique names for shared schemas.
`AlertIds` definition is duplicated in `x-pack/plugins/security_solution/common/api/endpoint/model/schema/common.schema.yaml` and `x-pack/plugins/security_solution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.schema.yaml`.
To get rid of this duplication `AlertIds` definition has been moved in a common `Shared Alert Schema Primitives` and referenced accordingly in the schema files it's used. Additionally `NonEmptyString` and `UUID` schemas were moved from rule schema to a common `Shared Primitives Schema` as it's not only related to the rule schema.
