## Summary
This moves a number of types that are used outside of the index
management plugin to a package so we can avoid cyclical dependencies in
the work we're doing to add semantic text as a mapping type. That will
depend on the ML plugin, which has dependencies that themselves depend
on a few types from index management. I split this into a separate PR
for ease of reviewing.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>
## Summary
With https://github.com/elastic/kibana/pull/180227, LangSmith
configuration (Project & API Key) could no longer be specified using
environment variables when working locally. This fixes that issue, which
was caused by sending `''` for `langSmithProject` and `langSmithApiKey`
instead of `undefined`.
To test, set the below env vars, then start kibana. Be sure to not have
the UI trace options set as shown in
https://github.com/elastic/kibana/pull/180227.
```
# LangChain LangSmith
export LANGCHAIN_TRACING_V2=true
export LANGCHAIN_ENDPOINT="https://api.smith.langchain.com"
export LANGCHAIN_API_KEY="🫣"
export LANGCHAIN_PROJECT="Best Project Ever"
```
## Summary
- Add connectors flyout to playground
- Add set up gen-ai panel
- Create feature connector id
- Use encrypted objects on the server
- Use management Locator for navigating to connectors management
- Pass dependencies to embeddable app
<img width="397" alt="image"
src="499797f9-1dfa-4806-a364-32d2533945cd">
<img width="1004" alt="image"
src="3171be7c-b3f7-4c8e-99ff-0d81c7b2b9c9">
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
While we wait for https://github.com/elastic/kibana/issues/178304, this
is a PR for allowing users to specify their LangSmith config for tracing
in cloud environments by only storing them in session storage. This is
also behind an experimental feature flag and must be enabled with the
`assistantModelEvaluation` flag ala:
```
xpack.securitySolution.enableExperimental: [ 'assistantModelEvaluation']
```
~Note I: `xpack.securitySolution.enableExperimental` should be
allowlisted in cloud, but I have manually enabled via source for initial
testing.~
Note II: I have verified the above is configurable on cloud deployments
👍
The new `traceOptions` are stored with the
`elasticAssistantDefault.traceOptions` key, and the following keys:
```
{
apmUrl : "${basepath}/app/apm"
langSmithApiKey: "🫣"
langSmithProject: "Cloud Testing"
}
```
The `langSmithApiKey` and `langSmithProject` are then sent along with
the request to `/actions/connector/{connectorId}/_execute`, and a new
`LangChainTracer` is created using the values. The tracing infrastructue
was already in place for evaluation, so no other changes were necessary.
The `apmUrl` value is now used for the `View APM trace for message`
action, so if you have set up a remote APM server, you can now link
directly to that instance from the message.
A basic UI was added for these fields under the `Run` step of the
Evaluation Settings. No need to save or run an evaluation once entering.
Fields are immediately stored in session storage upon entry.
<p align="center">
<img width="500"
src="02445b24-9d4b-40a9-bbad-f261ec098faa"
/>
</p>
### Test Instructions
Click on the [latest Kibana Buildkite
build](https://buildkite.com/elastic/kibana-pull-request/builds/201924#annotation-cloud),
go to the `ci:cloud-deploy` cluster (grabbing creds from vault), then
set a LangChain Project/API key in the above UI, then make a request to
the LLM and verify the trace is collected in the LangSmith UI:
> [!NOTE]
> Only LangChain codepaths can be traced to LangSmith, so you must
ensure LangChain is enabled by either turning on the Knowledge Base or
enabling the Alert tools. The former can't be done in default
`ci:cloud-deploy` deployments as they only have a 1GB ML nodes, so it is
easiest to just turn on the Alert tools.
<p align="center">
<img width="500"
src="b7c6747c-3314-44e2-8d58-f9d2bfdda687"
/>
</p>
### Checklist
Delete any items that are not applicable to this PR.
- [X] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
In this PR, we added the following items.
- Add a semantic_text field type
- Allow the users to add semantic_text to index mapping
- Allow the user to select a text field as reference field
- Allow the user to select inference_id for semantic_text field
Please be aware that currently, we won't be able to save the mapping
using the 'Save mappings' button because the 'semantic_text'
functionality doesn't support 'inference_id'. However, there is ongoing
parallel work in a GitHub
[branch](https://github.com/elastic/elasticsearch/tree/feature/semantic-text)
to enable 'inference_id' in 'semantic_text' for Elasticsearch.
## Summary
This moves code from `plugins/aiops/common` to packages. The `aiops`
plugin will from now on have only a `server` and `public` directory.
This is in preparation for additional AIOps related public APIs and to
avoid cyclic dependency problems for other consuming plugins.
- Package `@kbn/aiops-utils` was renamed to `@kbn/aiops-common`.
- For each AIOps feature a package was created:
`@kbn/aiops-change-point-detection`, `@kbn/aiops-log-pattern-analysis`
and `@kbn/aiops-log-rate-analysis`.
### Checklist
- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
## Summary
- Uses change point detection to identify point in time for deviation
timestamp.
- Expands deviation timestamp into time range covering the whole
deviation area of interest and highlights the time range in the date
histogram chart.
- When clicking on the detected deviation time range, the selected
deviation will be exactly the detected time range.
- If no change point is detected, we just fall back to the previous
behavior.
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
## Summary
This PR adds heartbeat-like data for MongoDB in the `fake_stack` dataset
so users can express an SLO for that service. This also changes some of
the details in the Nginx data to allow for group-by on the same domain
names to be used in testing SLO alert dependencies.
## Summary
I've always been annoyed with these warnings that appear in the console
when starting Kibana:
<img width="1344" alt="Screenshot 2024-03-22 at 3 40 09 PM"
src="9e722ea9-8ca4-47de-8f28-ca511d6e7194">
The trouble is, it's been nearly impossible to find these in the code.
While working with some changes to the `ml` plugin, I noticed something
familiar:
<img width="925" alt="Screenshot 2024-03-22 at 3 39 56 PM"
src="5d69c693-512b-4794-9bd7-f2d12c693d7d">
So with a smaller haystack, I was able to find and fix them.
<img width="671" alt="Screenshot 2024-03-22 at 4 51 43 PM"
src="70db7016-eb04-4171-a4a8-18e4df7131ae">
Closes#174953
## Summary
Adds "Access" section to serverless management page, with cards for
custom roles, organization members, and API keys. These new cards are
gated by the `roleManagementEnabled` feature flag (see #176200).
<img width="1339" alt="Screenshot 2024-03-11 at 10 17 06 PM"
src="f2bb02f3-4154-4f2a-b07f-4c0013429a0c">
### API keys card
Access to this card is gated by API key privileges - any user with
permission to access the API keys management page will see this card.
### Custom roles card
Access to this card is gated by both the feature flag and role
privileges - any user with permission to access the Roles management
page will see this card if the feature flag is enabled.
### Organization members card
Access to this card is gated by only the feature flag. **Currently there
is no way to query if a user has access to manage the cloud
organization.**
### Implementation Notes:
- Previously, only the serverless search solution offered a link to the
API keys management page from the left navigation bar and the landing
page. This PR will provide access to the API keys management page in all
3 serverless solutions, via the management cards page, given the user
has the minimum API key permissions required.
- In order to check the value of the feature flag from outside of the
security plugin, I have exposed an authz service from the security
plugin (following the paradigm of the authc service). This can be
removed once the feature flag is no longer needed.
- The `Organization members` card is an "extension" navigation card
because it is not tied to an actual application. It provides a link to
the cloud organization. This is implemented in the serverless plugin,
alongside a `getNavigationCards` helper function, to be commonly located
for use in the three serverless solutions plugins. Due to dependency
restrictions, each solution plugin passes the feature flag value from
the security plugin to this function - a complication that will be
removed once the feature flag is no longer needed.
## Manual Testing
1. In the `kibana.dev.yml` file, add the following settings. This
enables the role management feature flag, and provides cloud URLs for
the `Manage organization members` card.
```
xpack.security.roleManagementEnabled: true
xpack.cloud.base_url: 'https://cloud.elastic.co'
xpack.cloud.organization_url: '/account/members'
```
2. Add a test user without access to API keys to the serverless search
`roles.yml` file. Example: Copy the viewer role, and remove the
`manage_own_api_key` cluster privilege.
```
tester:
cluster: ['read_pipeline']
indices:
- names:
- '*'
privileges:
- 'read'
- 'view_index_metadata'
applications:
- application: 'kibana-.kibana'
privileges:
- 'read'
resources:
- '*'
```
3. Start Elasticsearch and Kibana in serverless mode and SSL enabled (to
access the test user selector). Examples:
```
yarn es --serverless=es --ssl
yarn start --serverless=es --ssl
```
4. Navigate to Kibana (use `https` as SSL is enabled), and log in as the
`Admin` test user.
5. Navigate to the Management page using the side navigation bar. Verify
the three new cards are rendered in a new `Access` section, and that
each functions correctly by navigating the user the appropriate
application, or to the cloud organization page (in the case of the
Manage organization members card).
6. Switch to a user without access to view or update roles (e.g.
`viewer` in the serverless search solution). Verify that the API keys
and Org members cards are present, but not the Custom roles card.
7. Switch to a user without access to the API keys management page (the
test role added in step 2 for the search solution). Verify that the API
keys card is not present.
8. Disable the `xpack.security.roleManagementEnabled` feature flag.
Switch to the `admin` test user, and verify that the `Access` section
contains only the API keys card
9. Switch to a user without access to the API keys management page.
Verify that the `Access` section does not render at all.
10. Repeat testing with other solutions (security, observability). Keep
in mind that you may have to add additional test roles to the
`roles.yml` file if you want to test conditions for steps 6 and 7
independently.
## Automated Testing
See
`x-pack/test_serverless/functional/test_suites/common/platform_security/navigation/management_nav_cards.ts`,
which can be run from
-
`x-pack/test_serverless/functional/test_suites/search/config.feature_flags.ts`
-
`x-pack/test_serverless/functional/test_suites/security/config.feature_flags.ts`
-
`x-pack/test_serverless/functional/test_suites/observability/config.feature_flags.ts`.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Closes#167897Closes#167518Closes#175499
## Summary
I also added a refresh index after generating data-forge data to
decrease the time of running tests and making sure data is available
when the rule is executed, which in one instance, the time of the tests
decreased from `30.0s` to `15.7s` 🎉
|Before|After|
|---|---|
||
||
[200] Flaky test runner:
https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5539✅
Commands to run test locally:
```
// Server
node scripts/functional_tests_server.js --config x-pack/test_serverless/api_integration/test_suites/observability/config.feature_flags.ts
// One test (Remove --include to run all tests)
node scripts/functional_test_runner --config=x-pack/test_serverless/api_integration/test_suites/observability/config.feature_flags.ts --include=x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/p99_pct_fired.ts
```
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Current PR resolving the bug with AI conversation messages timestamp
conversion from the locale date string format to ISO date.
Due to that issue creating conversation from the Kibana UI, thrown an
error in some timezones:
After changes we use date local format only for rendering in UI:
<img width="186" alt="Screenshot 2024-03-19 at 1 39 43 PM"
src="9db16761-72de-44f6-a2a0-064fc577051a">
## Summary
Part of #173301.
Add a performance journey for AIOps Log Rate Analysis.
To run the performance journey locally, run:
```
node scripts/run_performance.js --journey-path x-pack/performance/journeys/aiops_log_rate_analysis.ts
```
Review notes:
- The small dataset used isn't set up using `esArchiver`, because it's
just 18 docs we're reusing a file from AIOps integration tests und using
bulk ingest to create the index. The data view necessary to populate the
UI is created with an `kibanaServer.request` call.
- Because of the above, the usual `es/kbnArchiver` cleanup cannot kick
in. To support manual cleanup, I added an `afterSteps` option similar to
the existing `beforeSteps` option. This allows us to delete the index
and data view during teardown.
- Kibana operations team triggered by `.buildkite/ftr_configs.yml`.
Journey showing up in APM:
<img width="1638" alt="image"
src="14f130f5-c125-4390-90d0-96002bc916f3">
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
Fixes#178578
The hypothesis is that during adding context variables, it uses a
document that does not have `host.mac`, and in some of the `fake_host`
documents we have this condition, so I fixed that.
## Summary
First part of https://github.com/elastic/kibana/issues/174578
- Introduce the new `security` core service, both on the browser and
server-side.
- In this first stage, this service only has a single API:
`authc.getCurrentUser`
- Have the security plugin register its API to Core for ex-exposition
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This PR including both new APIs and client side changes to use data
stream for Security Solution AI Assistant conversations persistence
storage.
Issue https://github.com/elastic/security-team/issues/7810
## Extended description
#### elastic-assistant plugin
All API changes are introduced in elastic-assistant plugin server
- `RequestContextFactory ` - this class helps to provide the needed
context for each API request for routes handler context.
- `AIAssistantService` - This service instance is created on the plugin
setup and included to the request context factory. It is responsible for
the needed conversations storage resources initialization and
installation. It uses DataStreamAdapter from
`packages/kbn-data-stream-adapter`. Conversations fieldMap definition
[here](https://github.com/elastic/kibana/pull/173487/files#diff-c4fdbd4023c6ebc0c0bb04a32314ce8ea614f2d0916afac5e366a71122687d54)
- `AIAssistantConversationsDataClient` - data client which has a set of
methods to interact with conversation storage on behalf of the current
user and space.
- `ConversationDataWriter` - is a helper class which implements a bulk
method to interact with esClient
- Added new routes using versioned router and o[penAPI code
generator](https://github.com/elastic/kibana/blob/main/packages/kbn-openapi-generator/README.md)
schemas:
`createConversationRoute`
`readConversationRoute`
`updateConversationRoute`
`deleteConversationRoute`
`appendMessagesRoute`
`findUserConversationsRoute`
`bulkActionsRoute`
- Migrated existing `knowledge_base`, `evaluate` and
`post_actions_connector_execute` routes to versioned routing and openAPI
code generator schemas.
#### kbn-elastic-assistant package
- removed local storage persistency logic for assistantConversations.
- added API requests definition to communicate to server side.
-
#### kbn-elastic-assistant-common package
- Changed `transformsRowData` function to use async add replacements
API.
- Exposed routing URLs with constants file to be available for server
and client.
#### security_solution plugin
- Added `migrateConversationsFromLocalStorage` for existing
conversations in the local storage. This migration happening only for
the first time when user doesn't have any conversations persisted in the
current space. After mirgation complete, the old local storage key
`securitySolution.assistantConversation` will be removed.
- Passing security related `baseConversation` as a property to
`ElasticAssistantProvider`
- Changed `useAssistantTelemetry` to fetch information about the
conversation from the conversations API
- Modified `useConversationStore` to fetch the data from the
conversations API
`/api/elastic_assistant/conversations/current_user/_find` and merge with
security predefined `baseConversations` if they are not used(persisted)
yet.
- Extracted `AssistantTab` to a separate lazy loaded file to avoid
unnecessary rendering/requests till this tab will be shown in Timeline.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
Fixes#177780
## Summary
same-field category is missing in summary tab hollow chart. This PR
enables same-field category display in summary tab hollow chart.
#### Before:
b747657a-78c6-4b06-91e0-414317d13d7c
#### After:
0878c593-3a33-418a-94db-54d7922776f9
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
- Moves some query utils from the `transform` plugin to
`@kbn/ml-query-utils` to make them available for the `aiops` plugin.
This allows us to better clean up default queries before sending them
off to API endpoints. Some more unit tests have been added as well as
query utils to clean up the default queries we get from EUI search query
bars.
- Adds assertions for url state to `aiops` functional tests. These
ensure that the overall time frame and window parameters for analysis
get correctly set.
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
## Summary
This PR fixes a bug related to the filter edition:
https://github.com/elastic/kibana/issues/164406
Filter actions were missing the `meta.index` value, which needs to be
assigned to the dataView id being used. When the filter is edited, the
filter component retrieves the index pattern from the dataView saved
object.
The `meta.index` value has been added to all the "Filter in/out" actions
using the `CellActions` metadata object.
Thanks @angorayc for catching this and implementing the fix
### Screenshots
Before:
After:
---------
Co-authored-by: Angela Chuang <yi-chun.chuang@elastic.co>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Angela Chuang <6295984+angorayc@users.noreply.github.com>
## Summary
Enables grouping SLOs by multiple fields.
Resolves https://github.com/elastic/kibana/issues/174228
Adjusts the `instanceId`
[implementation](https://github.com/elastic/kibana/pull/175063/files#diff-c9c4989cf8d323448464b70825408b535b1fa6cc355df26a2acfba45d8c05232R35)
to concat values from each field to build the instance id.
Uses the `groupings` key from the
[summary](https://github.com/elastic/kibana/pull/175063/files#diff-40b886fca239a397d0990f3db135f7b35822ee0aa93063be219bd23cafc9be6cR137)
[documents](https://github.com/elastic/kibana/pull/175063/files#diff-d5cd07fb8fb91091a7f65d9f59c268600f03305167b375ec579773144428ee68R156)
to display group by values in the SLO list and SLO detail pages.
### Testing
1. Before checking out this PR, create an SLO on main with a group by
2. Check out this PR. The instance information should continue to
populate, now with the field label
<img width="364" alt="Screenshot 2024-02-05 at 9 50 12 PM"
src="d6004cc6-58b8-4319-b28b-b09e7849deba">
<img width="1427" alt="Screenshot 2024-02-05 at 9 50 26 PM"
src="10aacc47-ae68-489d-b728-6f74816e7c69">
<img width="583" alt="Screenshot 2024-02-05 at 9 50 38 PM"
src="50bcc168-bdb7-421b-8a6f-9fd0b079b612">
3. Navigate to the edit flow. The group by field should appear in the
ComboBox.
<img width="803" alt="Screenshot 2024-02-05 at 9 56 28 PM"
src="c9601e61-85b9-49ad-adc0-0ebfad67701e">
4. Attempt to create a second group by
<img width="815" alt="Screenshot 2024-02-05 at 10 57 38 PM"
src="e461681c-720f-4290-a01c-0cd00c9cbb72">
5. Save and observe the created instances.
<img width="716" alt="Screenshot 2024-02-06 at 10 39 56 AM"
src="46599aaa-ac93-4362-943a-4579b2e8c552">
<img width="590" alt="Screenshot 2024-02-06 at 11 24 52 AM"
src="ef9d65fb-301c-446d-a748-e82d8460423c">
<img width="666" alt="Screenshot 2024-02-06 at 11 25 08 AM"
src="6713ba80-6a2a-4087-9335-cfa935bf0ebf">
<img width="1449" alt="Screenshot 2024-02-06 at 11 25 20 AM"
src="c7088ab3-847f-436e-8918-2a5f15593ac4">
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Improve security plugin logging:
* [x] If authorization fails with `403` and the user doesn't have any
roles, we can log this valuable information directly in the log.
Similarly, when authentication fails because of `500`, we should
indicate in the logs that the cluster might not be healthy, and so on.
* [x] If Kibana has to create a new session while another one is still
active (e.g., in the case of repeated IdP-initiated login), we should
log this with an `INFO` level, as it's not something ordinary.
* [x] We should reword infamous `License is not available,
authentication is not possible.` message to indicate the underlying
reason in a clearer manner (e.g., ES isn't available etc.).
* [x] We should consider bumping log level to `INFO` for anything else
that would be helpful during debugging
* [x] We shouldn't log `Session is no longer available and cannot be
re-authenticated` (or downgrade it to `DEBUG`) if re-authentication
isn't possible in principle (e.g. in case of HTTP authentication, API
keys, and JWTs)
__Fixes: https://github.com/elastic/kibana/issues/163045__
Closes: https://github.com/elastic/security-team/issues/8565
## Summary
The [axe browser plugin](https://deque.com/axe) has identified four
links without clear text. Upon inspecting the page, it was found that
the SVG icons associated with each rule type are labeled as <a> but with
a negative tabindex, rendering them inaccessible for keyboard
navigation. Additionally, these icons lack an accessible label.
To address this issue, the <a> tag for the SVG icons has been removed.
SVGs inherently possess the appropriate role and aria-hidden attributes,
designating them as decorative elements for assistive technology.
### Screen
### AXE Report
#### Before
#### After
## For discussion only
Alternatively I recommend to refactor LandingLinkIcon component to use
`EuiCard` to make it more EUI friendly e.g.
<img width="1308" alt="image"
src="ca76191f-bec7-473b-af73-838fcdee76af">
POC: [Alternative fix
for](69c9375192)
## Summary
This PR renames `AppFeatures` -> `ProductFeatures`.
This module is responsible for managing the Security _features_ that are
enabled according to the _product_ type used. After talking with
different teams we agreed it would be more intuitive and easier to
understand if we named it `ProductFeatures`, since `AppFeatures` is too
vague and generic.
This refactoring does not introduce any change in the application
behavior.
Internal docs will also be updated.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This PR replaces kbn/ecs package with the official ecs typescript defs
available on npm https://www.npmjs.com/package/@elastic/ecs
The idea here is to be able to update and maintain ecs type defs
independently, and in a transparent way.
ECS version used in kibana currently is 8.10.0, and after this PR is
merged I will generate current version typings & file another PR to
update the kibana dependency,
The `alpha` suffix will be removed once this new flow of ecs management
stabilizes.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This PR copies the example configurations from the High Cardinality
Indexer project into `kbn-data-forge`
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Closes#175200
## Summary
This PR adds a history chart to the custom threshold alert details page.
The history chart is only added if we have only 1 condition in the rule.
Also, this PR fixes the issue of not applying group by information on
the main chart that I mistakenly introduced during refactoring code in
this [PR](https://github.com/elastic/kibana/pull/175777).
## 🧪 How to test
- Create a custom threshold rule with only one condition
- Go to the alert details page from the alert table actions
- You should be able to see the history chart for the last 30 days with
the correct filtering both for optional KQL and group by information
## Summary
This PR enhances support for ES|QL data visualizer. Changes include:
- Add an Update button that when clicked, will update and run the query.
This is to complement the current cmd + Enter keyboard short cut.
5ca3ac0b-782e-404c-a04b-330c8eea6ab7
- Improve logic to no longer fetch total count & document count if only
the limit size is updated (so changing the limit size, but not the query
or time, will not refresh the count chart again)
- Remove dependency from data view's field format
- Refactor into a data fetching & processing into common hook to be used
for embeddable
- Support ES|QL in Field stats embeddable
- Fix count % of documents where field exists is > 100% when there are
multi-field values. (E.g. when row is an array of values like ["a", "b",
"c"], the count is much higher than the total number of rows)
<img width="1492" alt="Screenshot 2024-02-09 at 12 48 13"
src="c437e4f9-10e4-4d26-b00a-57277c5e1287">
- Add support for `geo_point` and `geo_shape` field types
<img width="1492" alt="Screenshot 2024-02-09 at 12 47 37"
src="d72e1e73-9880-4a12-be65-29b569d80694">
### Checklist
Delete any items that are not applicable to this PR.
- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [ ] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [ ] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [ ] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
### Risk Matrix
Delete this section if it is not applicable to this PR.
Before closing this PR, invite QA, stakeholders, and other developers to
identify risks that should be tested prior to the change/feature
release.
When forming the risk matrix, consider some of the following examples
and how they may potentially impact the change:
| Risk | Probability | Severity | Mitigation/Notes |
|---------------------------|-------------|----------|-------------------------|
| Multiple Spaces—unexpected behavior in non-default Kibana Space.
| Low | High | Integration tests will verify that all features are still
supported in non-default Kibana Space and when user switches between
spaces. |
| Multiple nodes—Elasticsearch polling might have race conditions
when multiple Kibana nodes are polling for the same tasks. | High | Low
| Tasks are idempotent, so executing them multiple times will not result
in logical error, but will degrade performance. To test for this case we
add plenty of unit tests around this logic and document manual testing
procedure. |
| Code should gracefully handle cases when feature X or plugin Y are
disabled. | Medium | High | Unit tests will verify that any feature flag
or plugin combination still results in our service operational. |
| [See more potential risk
examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |
### For maintainers
- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This PR fixes a bug with the `--ephermal-project-ids` option. Instead of
using now it should use the timestamp of the first event passed to it.
This also adds `http.response.status_code` and `http.response.bytes` to
the Nginx Proxy logs.
