github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity
83689 commits 432 branches 496 tags 23 GiB
Commit graph

869 commits

Author SHA1 Message Date
Kibana Machine
e8b7c25925
[8.x] Add watsonx icon for inference endpoints management page (#197116) (#197276) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [Add watsonx icon for inference endpoints management page
(#197116)](https://github.com/elastic/kibana/pull/197116)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Saikat
Sarkar","email":"132922331+saikatsarkar056@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-22T15:10:40Z","message":"Add
watsonx icon for inference endpoints management page (#197116)\n\nThis
PR adds IBM Watsonx ai support for the Inference Endpoints\r\nManagement
UI.\r\n\r\n<img width=\"1249\" alt=\"Screenshot 2024-10-21 at 12 22
09 PM\"\r\nsrc=\"https://github.com/user-attachments/assets/58516bef-4800-4198-91bf-c428d878d787\">","sha":"8e1fcc126ac1b5b012b5730d51ca1ba6304020d5","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:EnterpriseSearch","backport:prev-minor","v8.16.0"],"title":"Add
watsonx icon for inference endpoints management
page","number":197116,"url":"https://github.com/elastic/kibana/pull/197116","mergeCommit":{"message":"Add
watsonx icon for inference endpoints management page (#197116)\n\nThis
PR adds IBM Watsonx ai support for the Inference Endpoints\r\nManagement
UI.\r\n\r\n<img width=\"1249\" alt=\"Screenshot 2024-10-21 at 12 22
09 PM\"\r\nsrc=\"https://github.com/user-attachments/assets/58516bef-4800-4198-91bf-c428d878d787\">","sha":"8e1fcc126ac1b5b012b5730d51ca1ba6304020d5"}},"sourceBranch":"main","suggestedTargetBranches":["8.16"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/197116","number":197116,"mergeCommit":{"message":"Add
watsonx icon for inference endpoints management page (#197116)\n\nThis
PR adds IBM Watsonx ai support for the Inference Endpoints\r\nManagement
UI.\r\n\r\n<img width=\"1249\" alt=\"Screenshot 2024-10-21 at 12 22
09 PM\"\r\nsrc=\"https://github.com/user-attachments/assets/58516bef-4800-4198-91bf-c428d878d787\">","sha":"8e1fcc126ac1b5b012b5730d51ca1ba6304020d5"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Saikat Sarkar <132922331+saikatsarkar056@users.noreply.github.com>
 2024-10-22 12:16:46 -05:00
Kibana Machine
5ececbb765
[8.x] [Security Solution][Notes] - fix user filter not checking correct license in notes management page (#197149) (#197245) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Solution][Notes] - fix user filter not checking correct
license in notes management page
(#197149)](https://github.com/elastic/kibana/pull/197149)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Philippe
Oberti","email":"philippe.oberti@elastic.co"},"sourceCommit":{"committedDate":"2024-10-22T13:32:48Z","message":"[Security
Solution][Notes] - fix user filter not checking correct license in notes
management page
(#197149)","sha":"dcd8e0c614183ae648e00979eb82123656076d16","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["backport","release_note:skip","v9.0.0","Team:Threat
Hunting:Investigations","v8.16.0"],"title":"[Security Solution][Notes] -
fix user filter not checking correct license in notes management
page","number":197149,"url":"https://github.com/elastic/kibana/pull/197149","mergeCommit":{"message":"[Security
Solution][Notes] - fix user filter not checking correct license in notes
management page
(#197149)","sha":"dcd8e0c614183ae648e00979eb82123656076d16"}},"sourceBranch":"main","suggestedTargetBranches":["8.16"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/197149","number":197149,"mergeCommit":{"message":"[Security
Solution][Notes] - fix user filter not checking correct license in notes
management page
(#197149)","sha":"dcd8e0c614183ae648e00979eb82123656076d16"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Philippe Oberti <philippe.oberti@elastic.co>
 2024-10-22 10:24:37 -05:00
Kibana Machine
7c542e2bbc
[8.x] [Security Assistant] Knowledge base settings author column fix (#197114) (#197138) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Assistant] Knowledge base settings author column fix
(#197114)](https://github.com/elastic/kibana/pull/197114)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Steph
Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2024-10-21T20:18:44Z","message":"[Security
Assistant] Knowledge base settings author column fix
(#197114)","sha":"1e12f31a7082ce8286f933f8a586fdb706c35a01","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:
SecuritySolution","backport:prev-minor","Team:Security Generative
AI","v8.16.0"],"title":"[Security Assistant] Knowledge base settings
author column fix
","number":197114,"url":"https://github.com/elastic/kibana/pull/197114","mergeCommit":{"message":"[Security
Assistant] Knowledge base settings author column fix
(#197114)","sha":"1e12f31a7082ce8286f933f8a586fdb706c35a01"}},"sourceBranch":"main","suggestedTargetBranches":["8.16"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/197114","number":197114,"mergeCommit":{"message":"[Security
Assistant] Knowledge base settings author column fix
(#197114)","sha":"1e12f31a7082ce8286f933f8a586fdb706c35a01"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
 2024-10-21 17:07:08 -05:00
Kibana Machine
20627745ee
[8.x] [Security Assistant] Fix KB output fields (#196567) (#197119) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Assistant] Fix KB output fields
(#196567)](https://github.com/elastic/kibana/pull/196567)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Patryk
Kopyciński","email":"contact@patrykkopycinski.com"},"sourceCommit":{"committedDate":"2024-10-21T18:32:06Z","message":"[Security
Assistant] Fix KB output fields (#196567)\n\n## Summary\r\n\r\nFixes
Assistant Knowledge Base output fields field logic\r\nFixes Security
Assistant card not appearing on Serverless \r\nReverts Assistant Cog
wheel settings button when FF\r\n`assistantKnowledgeBaseByDefault` is
off\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/2460cf22-c02a-4513-98d1-5fbcd75d117b)","sha":"399aed9b19935651b979dc68ad88429a156dae2f","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","v9.0.0","backport:prev-minor","Feature:Security
Assistant","Team:Security Generative
AI","v8.16.0","v8.17.0"],"title":"[Security Assistant] Reverts Assistant
Cog wheel settings button when assistantKnowledgeBaseByDefault FF is
off","number":196567,"url":"https://github.com/elastic/kibana/pull/196567","mergeCommit":{"message":"[Security
Assistant] Fix KB output fields (#196567)\n\n## Summary\r\n\r\nFixes
Assistant Knowledge Base output fields field logic\r\nFixes Security
Assistant card not appearing on Serverless \r\nReverts Assistant Cog
wheel settings button when FF\r\n`assistantKnowledgeBaseByDefault` is
off\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/2460cf22-c02a-4513-98d1-5fbcd75d117b)","sha":"399aed9b19935651b979dc68ad88429a156dae2f"}},"sourceBranch":"main","suggestedTargetBranches":["8.16","8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196567","number":196567,"mergeCommit":{"message":"[Security
Assistant] Fix KB output fields (#196567)\n\n## Summary\r\n\r\nFixes
Assistant Knowledge Base output fields field logic\r\nFixes Security
Assistant card not appearing on Serverless \r\nReverts Assistant Cog
wheel settings button when FF\r\n`assistantKnowledgeBaseByDefault` is
off\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/2460cf22-c02a-4513-98d1-5fbcd75d117b)","sha":"399aed9b19935651b979dc68ad88429a156dae2f"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Patryk Kopyciński <contact@patrykkopycinski.com>
 2024-10-21 15:17:01 -05:00
Kibana Machine
740930048b
[8.x] [ML] Transforms: Limit the data grid result window (#196510) (#197002) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[ML] Transforms: Limit the data grid result window
(#196510)](https://github.com/elastic/kibana/pull/196510)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Robert
Jaszczurek","email":"92210485+rbrtj@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-18T09:45:10Z","message":"[ML]
Transforms: Limit the data grid result window (#196510)\n\n##
Summary\r\n\r\nFix for:
[#196101](https://github.com/elastic/kibana/issues/196101)\r\nAdded a
limit for grid data, capping it at a max of `10000` documents,\r\nas any
number above this triggers an error due to ES pagination\r\nlimitations.
Since this is only a preview, displaying all the data in\r\nthe grid is
unnecessary.\r\nAfter:\r\n![Screenshot 2024-10-16 at 11
37\r\n29](https://github.com/user-attachments/assets/f73c8169-3be7-4a27-9169-c4161b22c214)\r\n\r\n\r\n\r\n###
Checklist\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n\r\n---------\r\n\r\nCo-authored-by:
István Zoltán Szabó
<istvan.szabo@elastic.co>","sha":"592225dfb6ffefa2717b49479491231dec12ecf2","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix",":ml","v9.0.0","Team:ML","v8.16.0","backport:version","v8.17.0"],"title":"[ML]
Transforms: Limit the data grid result
window","number":196510,"url":"https://github.com/elastic/kibana/pull/196510","mergeCommit":{"message":"[ML]
Transforms: Limit the data grid result window (#196510)\n\n##
Summary\r\n\r\nFix for:
[#196101](https://github.com/elastic/kibana/issues/196101)\r\nAdded a
limit for grid data, capping it at a max of `10000` documents,\r\nas any
number above this triggers an error due to ES pagination\r\nlimitations.
Since this is only a preview, displaying all the data in\r\nthe grid is
unnecessary.\r\nAfter:\r\n![Screenshot 2024-10-16 at 11
37\r\n29](https://github.com/user-attachments/assets/f73c8169-3be7-4a27-9169-c4161b22c214)\r\n\r\n\r\n\r\n###
Checklist\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n\r\n---------\r\n\r\nCo-authored-by:
István Zoltán Szabó
<istvan.szabo@elastic.co>","sha":"592225dfb6ffefa2717b49479491231dec12ecf2"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196510","number":196510,"mergeCommit":{"message":"[ML]
Transforms: Limit the data grid result window (#196510)\n\n##
Summary\r\n\r\nFix for:
[#196101](https://github.com/elastic/kibana/issues/196101)\r\nAdded a
limit for grid data, capping it at a max of `10000` documents,\r\nas any
number above this triggers an error due to ES pagination\r\nlimitations.
Since this is only a preview, displaying all the data in\r\nthe grid is
unnecessary.\r\nAfter:\r\n![Screenshot 2024-10-16 at 11
37\r\n29](https://github.com/user-attachments/assets/f73c8169-3be7-4a27-9169-c4161b22c214)\r\n\r\n\r\n\r\n###
Checklist\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n\r\n---------\r\n\r\nCo-authored-by:
István Zoltán Szabó
<istvan.szabo@elastic.co>","sha":"592225dfb6ffefa2717b49479491231dec12ecf2"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/196829","number":196829,"state":"MERGED","mergeCommit":{"sha":"21a3625dd5933dcdc87195f5cb3bfa450a5287c9","message":"[8.16]
[ML] Transforms: Limit the data grid result window (#196510)
(#196829)\n\n# Backport\n\nThis will backport the following commits from
`main` to `8.16`:\n- [[ML] Transforms: Limit the data grid result
window\n(#196510)](https://github.com/elastic/kibana/pull/196510)\n\n<!---
Backport version: 9.4.3 -->\n\n### Questions ?\nPlease refer to the
[Backport
tool\ndocumentation](https://github.com/sqren/backport)\n\n<!--BACKPORT
[{\"author\":{\"name\":\"Robert\nJaszczurek\",\"email\":\"92210485+rbrtj@users.noreply.github.com\"},\"sourceCommit\":{\"committedDate\":\"2024-10-18T09:45:10Z\",\"message\":\"[ML]\nTransforms:
Limit the data grid result window
(#196510)\\n\\n##\nSummary\\r\\n\\r\\nFix
for:\n[#196101](https://github.com/elastic/kibana/issues/196101)\\r\\nAdded
a\nlimit for grid data, capping it at a max of `10000`
documents,\\r\\nas any\nnumber above this triggers an error due to ES
pagination\\r\\nlimitations.\nSince this is only a preview, displaying
all the data in\\r\\nthe grid
is\nunnecessary.\\r\\nAfter:\\r\\n![Screenshot 2024-10-16 at
11\n37\\r\\n29](https://github.com/user-attachments/assets/f73c8169-3be7-4a27-9169-c4161b22c214)\\r\\n\\r\\n\\r\\n\\r\\n###\nChecklist\\r\\n\\r\\n-
[ ] Any text added follows
[EUI's\nwriting\\r\\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),\nuses\\r\\nsentence
case text and
includes\n[i18n\\r\\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\\r\\n\\r\\n---------\\r\\n\\r\\nCo-authored-by:\nIstván
Zoltán
Szabó\n<istvan.szabo@elastic.co>\",\"sha\":\"592225dfb6ffefa2717b49479491231dec12ecf2\",\"branchLabelMapping\":{\"^v9.0.0$\":\"main\",\"^v8.17.0$\":\"8.x\",\"^v(\\\\d+).(\\\\d+).\\\\d+$\":\"$1.$2\"}},\"sourcePullRequest\":{\"labels\":[\"release_note:fix\",\":ml\",\"v9.0.0\",\"Team:ML\",\"v8.16.0\",\"backport:version\"],\"title\":\"[ML]\nTransforms:
Limit the data grid
result\nwindow\",\"number\":196510,\"url\":\"https://github.com/elastic/kibana/pull/196510\",\"mergeCommit\":{\"message\":\"[ML]\nTransforms:
Limit the data grid result window
(#196510)\\n\\n##\nSummary\\r\\n\\r\\nFix
for:\n[#196101](https://github.com/elastic/kibana/issues/196101)\\r\\nAdded
a\nlimit for grid data, capping it at a max of `10000`
documents,\\r\\nas any\nnumber above this triggers an error due to ES
pagination\\r\\nlimitations.\nSince this is only a preview, displaying
all the data in\\r\\nthe grid
is\nunnecessary.\\r\\nAfter:\\r\\n![Screenshot 2024-10-16 at
11\n37\\r\\n29](https://github.com/user-attachments/assets/f73c8169-3be7-4a27-9169-c4161b22c214)\\r\\n\\r\\n\\r\\n\\r\\n###\nChecklist\\r\\n\\r\\n-
[ ] Any text added follows
[EUI's\nwriting\\r\\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),\nuses\\r\\nsentence
case text and
includes\n[i18n\\r\\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\\r\\n\\r\\n---------\\r\\n\\r\\nCo-authored-by:\nIstván
Zoltán
Szabó\n<istvan.szabo@elastic.co>\",\"sha\":\"592225dfb6ffefa2717b49479491231dec12ecf2\"}},\"sourceBranch\":\"main\",\"suggestedTargetBranches\":[\"8.16\"],\"targetPullRequestStates\":[{\"branch\":\"main\",\"label\":\"v9.0.0\",\"branchLabelMappingKey\":\"^v9.0.0$\",\"isSourceBranch\":true,\"state\":\"MERGED\",\"url\":\"https://github.com/elastic/kibana/pull/196510\",\"number\":196510,\"mergeCommit\":{\"message\":\"[ML]\nTransforms:
Limit the data grid result window
(#196510)\\n\\n##\nSummary\\r\\n\\r\\nFix
for:\n[#196101](https://github.com/elastic/kibana/issues/196101)\\r\\nAdded
a\nlimit for grid data, capping it at a max of `10000`
documents,\\r\\nas any\nnumber above this triggers an error due to ES
pagination\\r\\nlimitations.\nSince this is only a preview, displaying
all the data in\\r\\nthe grid
is\nunnecessary.\\r\\nAfter:\\r\\n![Screenshot 2024-10-16 at
11\n37\\r\\n29](https://github.com/user-attachments/assets/f73c8169-3be7-4a27-9169-c4161b22c214)\\r\\n\\r\\n\\r\\n\\r\\n###\nChecklist\\r\\n\\r\\n-
[ ] Any text added follows
[EUI's\nwriting\\r\\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),\nuses\\r\\nsentence
case text and
includes\n[i18n\\r\\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\\r\\n\\r\\n---------\\r\\n\\r\\nCo-authored-by:\nIstván
Zoltán
Szabó\n<istvan.szabo@elastic.co>\",\"sha\":\"592225dfb6ffefa2717b49479491231dec12ecf2\"}},{\"branch\":\"8.16\",\"label\":\"v8.16.0\",\"branchLabelMappingKey\":\"^v(\\\\d+).(\\\\d+).\\\\d+$\",\"isSourceBranch\":false,\"state\":\"NOT_CREATED\"}]}]\nBACKPORT-->\n\nCo-authored-by:
Robert Jaszczurek
<92210485+rbrtj@users.noreply.github.com>"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Robert Jaszczurek <92210485+rbrtj@users.noreply.github.com>
 2024-10-21 12:20:19 -05:00
Ievgen Sorokopud
307a08ef6e
[8.x] Hide assistant's knowledge base UI when assistantKnowledgeBaseByDefault feature flag is disabled (#196762) (#196980) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [Hide assistant's knowledge base UI when
`assistantKnowledgeBaseByDefault` feature flag is disabled
(#196762)](https://github.com/elastic/kibana/pull/196762)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Ievgen
Sorokopud","email":"ievgen.sorokopud@elastic.co"},"sourceCommit":{"committedDate":"2024-10-18T11:35:04Z","message":"Hide
assistant's knowledge base UI when `assistantKnowledgeBaseByDefault`
feature flag is disabled (#196762)\n\n## Summary\r\n\r\nThis is the
followup to https://github.com/elastic/kibana/pull/195733\r\nwhere we
implemented the RBAC to allow managing Global Knowledge Base\r\ndocs.
With those changes we introduced a bug where we do not hide the\r\nRBAC
configuration setting when `assistantKnowledgeBaseByDefault`\r\nfeature
flag is disabled. It means that in Serverless users will see\r\nthis
setting but it will do nothing for them.\r\n\r\n### Screenshots of the
fixed behaviour\r\n\r\n* `assistantKnowledgeBaseByDefault =
true`\r\n\r\n\r\n![Capture-2024-10-17-204859](https://github.com/user-attachments/assets/ca4489b1-8ad9-4e57-824f-455ddb74da6c)\r\n\r\n*
`assistantKnowledgeBaseByDefault =
false`\r\n\r\n\r\n![Capture-2024-10-17-204752](https://github.com/user-attachments/assets/fbd2511f-4e09-4ef9-8403-6578366728e4)","sha":"f6e8065dd75116ddf596b77f75a8468804008323","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Feature:Security
Assistant","Team:Security Generative
AI","v8.16.0","backport:version"],"number":196762,"url":"https://github.com/elastic/kibana/pull/196762","mergeCommit":{"message":"Hide
assistant's knowledge base UI when `assistantKnowledgeBaseByDefault`
feature flag is disabled (#196762)\n\n## Summary\r\n\r\nThis is the
followup to https://github.com/elastic/kibana/pull/195733\r\nwhere we
implemented the RBAC to allow managing Global Knowledge Base\r\ndocs.
With those changes we introduced a bug where we do not hide the\r\nRBAC
configuration setting when `assistantKnowledgeBaseByDefault`\r\nfeature
flag is disabled. It means that in Serverless users will see\r\nthis
setting but it will do nothing for them.\r\n\r\n### Screenshots of the
fixed behaviour\r\n\r\n* `assistantKnowledgeBaseByDefault =
true`\r\n\r\n\r\n![Capture-2024-10-17-204859](https://github.com/user-attachments/assets/ca4489b1-8ad9-4e57-824f-455ddb74da6c)\r\n\r\n*
`assistantKnowledgeBaseByDefault =
false`\r\n\r\n\r\n![Capture-2024-10-17-204752](https://github.com/user-attachments/assets/fbd2511f-4e09-4ef9-8403-6578366728e4)","sha":"f6e8065dd75116ddf596b77f75a8468804008323"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196762","number":196762,"mergeCommit":{"message":"Hide
assistant's knowledge base UI when `assistantKnowledgeBaseByDefault`
feature flag is disabled (#196762)\n\n## Summary\r\n\r\nThis is the
followup to https://github.com/elastic/kibana/pull/195733\r\nwhere we
implemented the RBAC to allow managing Global Knowledge Base\r\ndocs.
With those changes we introduced a bug where we do not hide the\r\nRBAC
configuration setting when `assistantKnowledgeBaseByDefault`\r\nfeature
flag is disabled. It means that in Serverless users will see\r\nthis
setting but it will do nothing for them.\r\n\r\n### Screenshots of the
fixed behaviour\r\n\r\n* `assistantKnowledgeBaseByDefault =
true`\r\n\r\n\r\n![Capture-2024-10-17-204859](https://github.com/user-attachments/assets/ca4489b1-8ad9-4e57-824f-455ddb74da6c)\r\n\r\n*
`assistantKnowledgeBaseByDefault =
false`\r\n\r\n\r\n![Capture-2024-10-17-204752](https://github.com/user-attachments/assets/fbd2511f-4e09-4ef9-8403-6578366728e4)","sha":"f6e8065dd75116ddf596b77f75a8468804008323"}},{"branch":"8.16","label":"v8.16.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/196857","number":196857,"state":"MERGED","mergeCommit":{"sha":"8094dd6d7791a5fd6e8ead925a1ba42b6bb7acfa","message":"[8.16]
Hide assistant&#x27;s knowledge base UI when
&#x60;assistantKnowledgeBaseByDefault&#x60; feature flag is disabled
(#196762) (#196857)\n\n# Backport\n\nThis will backport the following
commits from `main` to `8.16`:\n- [Hide assistant&#x27;s knowledge base
UI when\n&#x60;assistantKnowledgeBaseByDefault&#x60; feature flag is
disabled\n(#196762)](https://github.com/elastic/kibana/pull/196762)\n\n<!---
Backport version: 9.4.3 -->\n\n### Questions ?\nPlease refer to the
[Backport
tool\ndocumentation](https://github.com/sqren/backport)\n\n<!--BACKPORT
[{\"author\":{\"name\":\"Ievgen\nSorokopud\",\"email\":\"ievgen.sorokopud@elastic.co\"},\"sourceCommit\":{\"committedDate\":\"2024-10-18T11:35:04Z\",\"message\":\"Hide\nassistant's
knowledge base UI when `assistantKnowledgeBaseByDefault`\nfeature flag
is disabled (#196762)\\n\\n## Summary\\r\\n\\r\\nThis is the\nfollowup
to https://github.com/elastic/kibana/pull/195733\\r\\nwhere
we\nimplemented the RBAC to allow managing Global Knowledge
Base\\r\\ndocs.\nWith those changes we introduced a bug where we do not
hide the\\r\\nRBAC\nconfiguration setting when
`assistantKnowledgeBaseByDefault`\\r\\nfeature\nflag is disabled. It
means that in Serverless users will see\\r\\nthis\nsetting but it will
do nothing for them.\\r\\n\\r\\n### Screenshots of the\nfixed
behaviour\\r\\n\\r\\n* `assistantKnowledgeBaseByDefault
=\ntrue`\\r\\n\\r\\n\\r\\n![Capture-2024-10-17-204859](https://github.com/user-attachments/assets/ca4489b1-8ad9-4e57-824f-455ddb74da6c)\\r\\n\\r\\n*\n`assistantKnowledgeBaseByDefault
=\nfalse`\\r\\n\\r\\n\\r\\n![Capture-2024-10-17-204752](https://github.com/user-attachments/assets/fbd2511f-4e09-4ef9-8403-6578366728e4)\",\"sha\":\"f6e8065dd75116ddf596b77f75a8468804008323\",\"branchLabelMapping\":{\"^v9.0.0$\":\"main\",\"^v8.17.0$\":\"8.x\",\"^v(\\\\d+).(\\\\d+).\\\\d+$\":\"$1.$2\"}},\"sourcePullRequest\":{\"labels\":[\"release_note:skip\",\"v9.0.0\",\"Feature:Security\nAssistant\",\"Team:Security
Generative\nAI\",\"v8.16.0\",\"backport:version\"],\"title\":\"Hide
assistant's knowledge\nbase UI when `assistantKnowledgeBaseByDefault`
feature flag
is\ndisabled\",\"number\":196762,\"url\":\"https://github.com/elastic/kibana/pull/196762\",\"mergeCommit\":{\"message\":\"Hide\nassistant's
knowledge base UI when `assistantKnowledgeBaseByDefault`\nfeature flag
is disabled (#196762)\\n\\n## Summary\\r\\n\\r\\nThis is the\nfollowup
to https://github.com/elastic/kibana/pull/195733\\r\\nwhere
we\nimplemented the RBAC to allow managing Global Knowledge
Base\\r\\ndocs.\nWith those changes we introduced a bug where we do not
hide the\\r\\nRBAC\nconfiguration setting when
`assistantKnowledgeBaseByDefault`\\r\\nfeature\nflag is disabled. It
means that in Serverless users will see\\r\\nthis\nsetting but it will
do nothing for them.\\r\\n\\r\\n### Screenshots of the\nfixed
behaviour\\r\\n\\r\\n* `assistantKnowledgeBaseByDefault
=\ntrue`\\r\\n\\r\\n\\r\\n![Capture-2024-10-17-204859](https://github.com/user-attachments/assets/ca4489b1-8ad9-4e57-824f-455ddb74da6c)\\r\\n\\r\\n*\n`assistantKnowledgeBaseByDefault
=\nfalse`\\r\\n\\r\\n\\r\\n![Capture-2024-10-17-204752](https://github.com/user-attachments/assets/fbd2511f-4e09-4ef9-8403-6578366728e4)\",\"sha\":\"f6e8065dd75116ddf596b77f75a8468804008323\"}},\"sourceBranch\":\"main\",\"suggestedTargetBranches\":[\"8.16\"],\"targetPullRequestStates\":[{\"branch\":\"main\",\"label\":\"v9.0.0\",\"branchLabelMappingKey\":\"^v9.0.0$\",\"isSourceBranch\":true,\"state\":\"MERGED\",\"url\":\"https://github.com/elastic/kibana/pull/196762\",\"number\":196762,\"mergeCommit\":{\"message\":\"Hide\nassistant's
knowledge base UI when `assistantKnowledgeBaseByDefault`\nfeature flag
is disabled (#196762)\\n\\n## Summary\\r\\n\\r\\nThis is the\nfollowup
to https://github.com/elastic/kibana/pull/195733\\r\\nwhere
we\nimplemented the RBAC to allow managing Global Knowledge
Base\\r\\ndocs.\nWith those changes we introduced a bug where we do not
hide the\\r\\nRBAC\nconfiguration setting when
`assistantKnowledgeBaseByDefault`\\r\\nfeature\nflag is disabled. It
means that in Serverless users will see\\r\\nthis\nsetting but it will
do nothing for them.\\r\\n\\r\\n### Screenshots of the\nfixed
behaviour\\r\\n\\r\\n* `assistantKnowledgeBaseByDefault
=\ntrue`\\r\\n\\r\\n\\r\\n![Capture-2024-10-17-204859](https://github.com/user-attachments/assets/ca4489b1-8ad9-4e57-824f-455ddb74da6c)\\r\\n\\r\\n*\n`assistantKnowledgeBaseByDefault
=\nfalse`\\r\\n\\r\\n\\r\\n![Capture-2024-10-17-204752](https://github.com/user-attachments/assets/fbd2511f-4e09-4ef9-8403-6578366728e4)\",\"sha\":\"f6e8065dd75116ddf596b77f75a8468804008323\"}},{\"branch\":\"8.16\",\"label\":\"v8.16.0\",\"branchLabelMappingKey\":\"^v(\\\\d+).(\\\\d+).\\\\d+$\",\"isSourceBranch\":false,\"state\":\"NOT_CREATED\"}]}]\nBACKPORT-->\n\nCo-authored-by:
Ievgen Sorokopud <ievgen.sorokopud@elastic.co>"}}]}] BACKPORT-->
 2024-10-21 09:47:35 +02:00
Tim Sullivan
ecf451f132
[8.x] [Spaces] Read Security license to infer eligibility for sub feature customization (#195389) (#196925) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Spaces] Read Security license to infer eligibility for sub feature
customization (#195389)](https://github.com/elastic/kibana/pull/195389)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Eyo O.
Eyo","email":"7893459+eokoneyo@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-16T10:02:51Z","message":"[Spaces]
Read Security license to infer eligibility for sub feature customization
(#195389)\n\n## Summary\r\n\r\nCloses
https://github.com/elastic/kibana/issues/195549\r\n\r\nThis PR adds
implementation such that eligibility to allow for the\r\ntoggling of the
switch for customization of sub features whilst defining\r\nprivileges
that would be assigned to a space is determined from
security\r\nlicense.\r\n\r\n\r\n###
Before\r\n![ScreenRecording2024-10-09at10 09
33-ezgif\r\ncom-video-to-gif-converter](https://github.com/user-attachments/assets/c80761c9-a45e-4784-835e-e6895d2fbed5)\r\n\r\n###
After\r\n\r\n![ScreenRecording2024-10-09at10 05
53-ezgif\r\ncom-video-to-gif-converter](https://github.com/user-attachments/assets/4e7d5724-42b0-4495-8fae-b47e7a97957c)\r\n\r\n<!--
### Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n-->","sha":"e6e30c20215ce7cbb8bd25d6646edc5d0a8bc33e","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Security","release_note:skip","backport
missing","v9.0.0","backport:prev-major"],"number":195389,"url":"https://github.com/elastic/kibana/pull/195389","mergeCommit":{"message":"[Spaces]
Read Security license to infer eligibility for sub feature customization
(#195389)\n\n## Summary\r\n\r\nCloses
https://github.com/elastic/kibana/issues/195549\r\n\r\nThis PR adds
implementation such that eligibility to allow for the\r\ntoggling of the
switch for customization of sub features whilst defining\r\nprivileges
that would be assigned to a space is determined from
security\r\nlicense.\r\n\r\n\r\n###
Before\r\n![ScreenRecording2024-10-09at10 09
33-ezgif\r\ncom-video-to-gif-converter](https://github.com/user-attachments/assets/c80761c9-a45e-4784-835e-e6895d2fbed5)\r\n\r\n###
After\r\n\r\n![ScreenRecording2024-10-09at10 05
53-ezgif\r\ncom-video-to-gif-converter](https://github.com/user-attachments/assets/4e7d5724-42b0-4495-8fae-b47e7a97957c)\r\n\r\n<!--
### Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n-->","sha":"e6e30c20215ce7cbb8bd25d6646edc5d0a8bc33e"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195389","number":195389,"mergeCommit":{"message":"[Spaces]
Read Security license to infer eligibility for sub feature customization
(#195389)\n\n## Summary\r\n\r\nCloses
https://github.com/elastic/kibana/issues/195549\r\n\r\nThis PR adds
implementation such that eligibility to allow for the\r\ntoggling of the
switch for customization of sub features whilst defining\r\nprivileges
that would be assigned to a space is determined from
security\r\nlicense.\r\n\r\n\r\n###
Before\r\n![ScreenRecording2024-10-09at10 09
33-ezgif\r\ncom-video-to-gif-converter](https://github.com/user-attachments/assets/c80761c9-a45e-4784-835e-e6895d2fbed5)\r\n\r\n###
After\r\n\r\n![ScreenRecording2024-10-09at10 05
53-ezgif\r\ncom-video-to-gif-converter](https://github.com/user-attachments/assets/4e7d5724-42b0-4495-8fae-b47e7a97957c)\r\n\r\n<!--
### Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n-->","sha":"e6e30c20215ce7cbb8bd25d6646edc5d0a8bc33e"}},{"url":"https://github.com/elastic/kibana/pull/196924","number":196924,"branch":"8.16","state":"OPEN"}]}]
BACKPORT-->

Co-authored-by: Eyo O. Eyo <7893459+eokoneyo@users.noreply.github.com>
 2024-10-18 13:16:21 -05:00
Kibana Machine
ef9f373008
[8.x] [EEM] Replace hashed ID with human readable ID (#193652) (#196902) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[EEM] Replace hashed ID with human readable ID
(#193652)](https://github.com/elastic/kibana/pull/193652)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Milton
Hultgren","email":"milton.hultgren@elastic.co"},"sourceCommit":{"committedDate":"2024-10-18T14:42:38Z","message":"[EEM]
Replace hashed ID with human readable ID (#193652)\n\nThis PR turns the
`entity.id` field format from a hashed value to a\r\nhuman readable
string of the **values** found in the identity fields,\r\nsuch as
`my_host-my_cloud_zone` for the identity fields
`[host.name,\r\ncloud.availability_zone]`.\r\nThe order of the values is
based on the order in the identity
fields\r\nlist.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"ae2c6ad321f2b4318d4114c1309b4420861bcd29","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","ci:project-deploy-observability","Feature:EEM"],"title":"[EEM]
Replace hashed ID with human readable
ID","number":193652,"url":"https://github.com/elastic/kibana/pull/193652","mergeCommit":{"message":"[EEM]
Replace hashed ID with human readable ID (#193652)\n\nThis PR turns the
`entity.id` field format from a hashed value to a\r\nhuman readable
string of the **values** found in the identity fields,\r\nsuch as
`my_host-my_cloud_zone` for the identity fields
`[host.name,\r\ncloud.availability_zone]`.\r\nThe order of the values is
based on the order in the identity
fields\r\nlist.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"ae2c6ad321f2b4318d4114c1309b4420861bcd29"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193652","number":193652,"mergeCommit":{"message":"[EEM]
Replace hashed ID with human readable ID (#193652)\n\nThis PR turns the
`entity.id` field format from a hashed value to a\r\nhuman readable
string of the **values** found in the identity fields,\r\nsuch as
`my_host-my_cloud_zone` for the identity fields
`[host.name,\r\ncloud.availability_zone]`.\r\nThe order of the values is
based on the order in the identity
fields\r\nlist.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"ae2c6ad321f2b4318d4114c1309b4420861bcd29"}}]}]
BACKPORT-->

Co-authored-by: Milton Hultgren <milton.hultgren@elastic.co>
 2024-10-18 11:25:33 -05:00
Anton Dosov
4770383016
[8.x] fix no-restricted-imports (#195456) (#196517) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [fix `no-restricted-imports`
(#195456)](https://github.com/elastic/kibana/pull/195456)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Anton
Dosov","email":"anton.dosov@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T11:55:53Z","message":"fix
`no-restricted-imports` (#195456)\n\n## Summary\r\n\r\nI noticed that
our `no-restricted-imports` rules were not working on\r\nsome parts of
the codebase. Turns our the rule was overriden by mistake.\r\nThis PR
fixes the rules and places that were not following them:\r\n\r\n- lodash
set for safety\r\n- react-use for a bit smaller bundles\r\n- router for
context annoncement (`useExecutionContext`) and hopefully\r\neasier
upgrade to newer
version","sha":"1055120d0f4640af67881b4909d4881681d9575d","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","ci:project-deploy-observability","Team:obs-ux-management"],"number":195456,"url":"https://github.com/elastic/kibana/pull/195456","mergeCommit":{"message":"fix
`no-restricted-imports` (#195456)\n\n## Summary\r\n\r\nI noticed that
our `no-restricted-imports` rules were not working on\r\nsome parts of
the codebase. Turns our the rule was overriden by mistake.\r\nThis PR
fixes the rules and places that were not following them:\r\n\r\n- lodash
set for safety\r\n- react-use for a bit smaller bundles\r\n- router for
context annoncement (`useExecutionContext`) and hopefully\r\neasier
upgrade to newer
version","sha":"1055120d0f4640af67881b4909d4881681d9575d"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195456","number":195456,"mergeCommit":{"message":"fix
`no-restricted-imports` (#195456)\n\n## Summary\r\n\r\nI noticed that
our `no-restricted-imports` rules were not working on\r\nsome parts of
the codebase. Turns our the rule was overriden by mistake.\r\nThis PR
fixes the rules and places that were not following them:\r\n\r\n- lodash
set for safety\r\n- react-use for a bit smaller bundles\r\n- router for
context annoncement (`useExecutionContext`) and hopefully\r\neasier
upgrade to newer
version","sha":"1055120d0f4640af67881b4909d4881681d9575d"}}]}]
BACKPORT-->

---------

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
 2024-10-17 15:16:27 +01:00
Kibana Machine
4c2bf78751
[8.x] [Cloud Security] Remove Cursor pointer when hovering over Distribution Bar (#196402) (#196626) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Cloud Security] Remove Cursor pointer when hovering over
Distribution Bar
(#196402)](https://github.com/elastic/kibana/pull/196402)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Rickyanto
Ang","email":"rickyangwyn@gmail.com"},"sourceCommit":{"committedDate":"2024-10-17T03:21:19Z","message":"[Cloud
Security] Remove Cursor pointer when hovering over Distribution Bar
(#196402)\n\n## Summary\r\n\r\nCurrently since clicking on Distribution
Bar on Alerts Flyout or\r\nContextual Flyout doesn't do anything (like
filtering), showing pointer\r\ncursor when user hovers over the
Distribution is a bit misleading. As\r\nsuch this PR removes that cursor
pointer when hovering over the bar.\r\nOnce we have the filter
functionality, we will add it
back","sha":"455e91ae970b6b54bae8de8d247feb73a90aa558","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud
Security","backport:prev-minor","v8.16.0"],"title":"[Cloud Security]
Remove Cursor pointer when hovering over Distribution
Bar","number":196402,"url":"https://github.com/elastic/kibana/pull/196402","mergeCommit":{"message":"[Cloud
Security] Remove Cursor pointer when hovering over Distribution Bar
(#196402)\n\n## Summary\r\n\r\nCurrently since clicking on Distribution
Bar on Alerts Flyout or\r\nContextual Flyout doesn't do anything (like
filtering), showing pointer\r\ncursor when user hovers over the
Distribution is a bit misleading. As\r\nsuch this PR removes that cursor
pointer when hovering over the bar.\r\nOnce we have the filter
functionality, we will add it
back","sha":"455e91ae970b6b54bae8de8d247feb73a90aa558"}},"sourceBranch":"main","suggestedTargetBranches":["8.16"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196402","number":196402,"mergeCommit":{"message":"[Cloud
Security] Remove Cursor pointer when hovering over Distribution Bar
(#196402)\n\n## Summary\r\n\r\nCurrently since clicking on Distribution
Bar on Alerts Flyout or\r\nContextual Flyout doesn't do anything (like
filtering), showing pointer\r\ncursor when user hovers over the
Distribution is a bit misleading. As\r\nsuch this PR removes that cursor
pointer when hovering over the bar.\r\nOnce we have the filter
functionality, we will add it
back","sha":"455e91ae970b6b54bae8de8d247feb73a90aa558"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Rickyanto Ang <rickyangwyn@gmail.com>
 2024-10-17 00:05:39 -05:00
Kibana Machine
a9b526a3ad
[8.x] [Security assistant] Fix &#x60;AlertsRange&#x60; for Assistant (#196582) (#196590) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security assistant] Fix &#x60;AlertsRange&#x60; for Assistant
(#196582)](https://github.com/elastic/kibana/pull/196582)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Steph
Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2024-10-16T18:31:32Z","message":"[Security
assistant] Fix `AlertsRange` for Assistant
(#196582)","sha":"6438520c6522263bd38bf68606cf36fce4ce9697","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:
SecuritySolution","backport:prev-minor","Team:Security Generative
AI","v8.16.0"],"title":"[Security assistant] Fix `AlertsRange` for
Assistant","number":196582,"url":"https://github.com/elastic/kibana/pull/196582","mergeCommit":{"message":"[Security
assistant] Fix `AlertsRange` for Assistant
(#196582)","sha":"6438520c6522263bd38bf68606cf36fce4ce9697"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196582","number":196582,"mergeCommit":{"message":"[Security
assistant] Fix `AlertsRange` for Assistant
(#196582)","sha":"6438520c6522263bd38bf68606cf36fce4ce9697"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
 2024-10-16 15:29:35 -05:00
Kibana Machine
24d9229d0f
[8.x] [Obs AI Assistant] Pass function responses when copying conversation (#195635) (#196558) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Obs AI Assistant] Pass function responses when copying conversation
(#195635)](https://github.com/elastic/kibana/pull/195635)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Viduni
Wickramarachchi","email":"viduni.wickramarachchi@elastic.co"},"sourceCommit":{"committedDate":"2024-10-16T14:42:09Z","message":"[Obs
AI Assistant] Pass function responses when copying conversation
(#195635)\n\nCloses
https://github.com/elastic/kibana/issues/181216\r\n\r\n##
Summary\r\n\r\n### Problem\r\nFunction call arguments and responses are
serialized separately.\r\nTherefore, when a conversation is copied,
arguments and responses\r\n(`content` and `data`) appear as strings
instead of JSON objects. This\r\nmakes it harder to debug.\r\n\r\n###
Solution\r\nDeserialize the arguments and responses and include it in
the copied\r\nconversation object.\r\n\r\nExample of original copied
conversation:\r\n<details>\r\n <summary>Click to expand
JSON</summary>\r\n\r\n```json\r\n{\r\n \"title\": \"\",\r\n
\"messages\": [\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.723Z\",\r\n \"message\": {\r\n \"role\":
\"system\",\r\n \"content\": \"You are a helpful assistant for Elastic
Observability....\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:26.881Z\",\r\n \"message\": { \"role\": \"user\",
\"content\": \"Give me examples of questions I can ask here.\" }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:26.965Z\",\r\n
\"message\": { \"role\": \"assistant\", \"function_call\": { \"name\":
\"context\", \"trigger\": \"assistant\" }, \"content\": \"\" }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:27.063Z\",\r\n
\"message\": {\r\n \"role\": \"user\",\r\n \"data\":
\"{\\\"scores\\\":[],\\\"suggestions\\\":[]}\",\r\n \"name\":
\"context\",\r\n \"content\": \"{\\\"screen_description\\\":\\\"The user
is looking at
http://localhost:5601/kyq/app/observability/overview?rangeFrom=now-15m&rangeTo=now.
The current time range is 2024-10-09T13:40:00.288Z -
2024-10-09T13:55:00.288Z.\\\\n\\\\nThe user is viewing the Overview page
which shows a summary of the following apps:
{\\\\\\\"universal_profiling\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"uptime\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"heartbeat-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"infra_metrics\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"metrics-*,metricbeat-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"alert\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"apm\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":{\\\\\\\"transaction\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*\\\\\\\",\\\\\\\"span\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*\\\\\\\",\\\\\\\"error\\\\\\\":\\\\\\\"logs-apm*,apm-*,logs-*.otel-*\\\\\\\",\\\\\\\"metric\\\\\\\":\\\\\\\"metrics-apm*,apm-*,metrics-*.otel-*\\\\\\\",\\\\\\\"onboarding\\\\\\\":\\\\\\\"apm-*\\\\\\\",\\\\\\\"sourcemap\\\\\\\":\\\\\\\"apm-*\\\\\\\"},\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"ux\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*,logs-apm*,apm-*,logs-*.otel-*,metrics-apm*,apm-*,metrics-*.otel-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"infra_logs\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"logs-*-*,logs-*,filebeat-*,kibana_sample_data_logs*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"}}\\\",\\\"learnings\\\":[]}\"\r\n
}\r\n },\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:35.140Z\",\r\n
\"message\": {\r\n \"role\": \"assistant\",\r\n \"function_call\": {
\"name\": \"\", \"arguments\": \"\", \"trigger\": \"assistant\" },\r\n
\"content\": \"Sure, here are some examples of questions you can
ask:\\n\\n1. \\\"What is the average response time for my
services?\\\"\\n2. \\\"Show me the error rate for my services.\\\"\\n3.
\\\"Are there any anomalies in my system?\\\"\\n4. \\\"What are the top
5 services by transaction volume?\\\"\\n5. \\\"Show me the logs for a
specific service.\\\"\\n6. \\\"Are there any alerts in my
system?\\\"\\n7. \\\"What is the CPU usage of my hosts?\\\"\\n8.
\\\"Show me the network traffic in my system.\\\"\\n9. \\\"What is the
disk usage of my hosts?\\\"\\n10. \\\"Show me the memory usage of my
containers.\\\"\\n\\nPlease note that the actual questions you can ask
depend on the data you have in your system.\"\r\n }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:41.651Z\",\r\n \"message\": {
\"role\": \"user\", \"content\": \"What are the top 5 services by
transaction volume\" }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.723Z\",\r\n \"message\": { \"role\":
\"assistant\", \"function_call\": { \"name\": \"context\", \"trigger\":
\"assistant\" }, \"content\": \"\" }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.784Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"data\":
\"{\\\"scores\\\":[],\\\"suggestions\\\":[]}\",\r\n \"name\":
\"context\",\r\n \"content\": \"{\\\"screen_description\\\":\\\"The user
is looking at
http://localhost:5601/kyq/app/observability/overview?rangeFrom=now-15m&rangeTo=now.
The current time range is 2024-10-09T13:40:00.288Z -
2024-10-09T13:55:00.288Z.\\\\n\\\\nThe user is viewing the Overview page
which shows a summary of the following apps:
{\\\\\\\"universal_profiling\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"uptime\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"heartbeat-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"infra_metrics\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"metrics-*,metricbeat-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"alert\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"apm\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":{\\\\\\\"transaction\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*\\\\\\\",\\\\\\\"span\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*\\\\\\\",\\\\\\\"error\\\\\\\":\\\\\\\"logs-apm*,apm-*,logs-*.otel-*\\\\\\\",\\\\\\\"metric\\\\\\\":\\\\\\\"metrics-apm*,apm-*,metrics-*.otel-*\\\\\\\",\\\\\\\"onboarding\\\\\\\":\\\\\\\"apm-*\\\\\\\",\\\\\\\"sourcemap\\\\\\\":\\\\\\\"apm-*\\\\\\\"},\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"ux\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*,logs-apm*,apm-*,logs-*.otel-*,metrics-apm*,apm-*,metrics-*.otel-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"infra_logs\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"logs-*-*,logs-*,filebeat-*,kibana_sample_data_logs*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"}}\\\",\\\"learnings\\\":[]}\"\r\n
}\r\n },\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:43.370Z\",\r\n
\"message\": {\r\n \"role\": \"assistant\",\r\n \"function_call\": {\r\n
\"name\": \"get_dataset_info\",\r\n \"arguments\": \"{\\n \\\"index\\\":
\\\"traces-apm*,apm-*,traces-*.otel-*\\\"\\n}\",\r\n \"trigger\":
\"assistant\"\r\n },\r\n \"content\": \"\"\r\n }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:43.379Z\",\r\n \"message\": {
\"role\": \"user\", \"name\": \"get_dataset_info\", \"content\":
\"{\\\"indices\\\":[],\\\"fields\\\":[]}\" }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:43.998Z\",\r\n \"message\": {\r\n
\"role\": \"assistant\",\r\n \"function_call\": { \"name\": \"query\",
\"arguments\": \"{}\", \"trigger\": \"assistant\" },\r\n \"content\":
\"\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:47.572Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"data\":
\"{\\\"keywords\\\":[\\\"STATS\\\",\\\"SORT\\\",\\\"LIMIT\\\",\\\"COUNT\\\"],\\\"requestedDocumentation\\\":{\\\"STATS\\\":\\\"#
STATS ... BY\\\\n\\\\nThe `STATS ... BY` command groups rows based on a
common value and calculates one or more aggregated values over these
grouped rows.\\\\n\\\\n## Syntax\\\\n\\\\n```esql\\\\nSTATS [column1 =]
expression1[, ..., [columnN =] expressionN] [BY grouping_expression1[,
..., grouping_expressionN]]\\\\n```\\\\n\\\\n###
Parameters\\\\n\\\\n#### columnX\\\\n\\\\nThe name for the aggregated
value in the output. If not provided....\"}}\",\r\n \"name\":
\"query\",\r\n \"content\": \"{}\"\r\n }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:51.481Z\",\r\n \"message\": {\r\n
\"role\": \"assistant\",\r\n \"function_call\": {\r\n \"name\":
\"execute_query\",\r\n \"arguments\": \"{\\\"query\\\":\\\"FROM
traces-apm*,apm-*,traces-*.otel-* | STATS COUNT(*) BY service.name |
SORT COUNT(*) DESC | LIMIT 5\\\"}\",\r\n \"trigger\": \"assistant\"\r\n
},\r\n \"content\": \"\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:51.619Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"name\": \"execute_query\",\r\n \"content\":
\"{\\\"message\\\":\\\"The query failed to
execute\\\",\\\"error\\\":{\\\"name\\\":\\\"ResponseError\\\",\\\"message\\\":\\\"verification_exception\\\\n\\\\tRoot
causes:\\\\n\\\\t\\\\tverification_exception: Found 1 problem\\\\nline
1:1: Unknown index [traces-apm*,apm-*,traces-*.otel-*]\\\"}}\"\r\n }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:56.600Z\",\r\n
\"message\": {\r\n \"role\": \"assistant\",\r\n \"function_call\": {
\"name\": \"\", \"arguments\": \"\", \"trigger\": \"assistant\" },\r\n
\"content\": \"I'm sorry, but it seems like there are no indices
matching the pattern \\\"traces-apm*,apm-*,traces-*.otel-*\\\" in your
system. Therefore, I'm unable to retrieve the top 5 services by
transaction volume. Please ensure that your APM data is being ingested
correctly into Elasticsearch.\"\r\n }\r\n }\r\n
]\r\n}\r\n```\r\n</details>\r\n<br/>\r\nCopied conversation after
deserializing:\r\n<details>\r\n <summary>Click to expand
JSON</summary>\r\n\r\n```json\r\n{\r\n \"title\": \"\",\r\n
\"messages\": [\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.723Z\",\r\n \"message\": {\r\n \"role\":
\"system\",\r\n \"content\": \"You are a helpful assistant for Elastic
Observability. Your goal is to help the Elastic Observability users to
quickly assess what is happening in their observed systems...\"\r\n
}\r\n },\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:26.881Z\",\r\n
\"message\": { \"role\": \"user\", \"content\": \"Give me examples of
questions I can ask here.\" }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:26.965Z\",\r\n \"message\": { \"role\":
\"assistant\", \"function_call\": { \"name\": \"context\", \"trigger\":
\"assistant\" }, \"content\": \"\" }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:27.063Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"data\": { \"scores\": [], \"suggestions\": [] },\r\n
\"name\": \"context\",\r\n \"content\": {\r\n \"screen_description\":
\"The user is looking at
http://localhost:5601/kyq/app/observability/overview?rangeFrom=now-15m&rangeTo=now.
The current time range is 2024-10-09T13:40:00.288Z -
2024-10-09T13:55:00.288Z.\\n\\nThe user is viewing the Overview page
which shows a summary of the following apps:
{\\\"universal_profiling\\\":{\\\"hasData\\\":false,\\\"status\\\":\\\"success\\\"},\\\"uptime\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"heartbeat-*\\\",\\\"status\\\":\\\"success\\\"},\\\"infra_metrics\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"metrics-*,metricbeat-*\\\",\\\"status\\\":\\\"success\\\"},\\\"alert\\\":{\\\"hasData\\\":false,\\\"status\\\":\\\"success\\\"},\\\"apm\\\":{\\\"hasData\\\":false,\\\"indices\\\":{\\\"transaction\\\":\\\"traces-apm*,apm-*,traces-*.otel-*\\\",\\\"span\\\":\\\"traces-apm*,apm-*,traces-*.otel-*\\\",\\\"error\\\":\\\"logs-apm*,apm-*,logs-*.otel-*\\\",\\\"metric\\\":\\\"metrics-apm*,apm-*,metrics-*.otel-*\\\",\\\"onboarding\\\":\\\"apm-*\\\",\\\"sourcemap\\\":\\\"apm-*\\\"},\\\"status\\\":\\\"success\\\"},\\\"ux\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"traces-apm*,apm-*,traces-*.otel-*,logs-apm*,apm-*,logs-*.otel-*,metrics-apm*,apm-*,metrics-*.otel-*\\\",\\\"status\\\":\\\"success\\\"},\\\"infra_logs\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"logs-*-*,logs-*,filebeat-*,kibana_sample_data_logs*\\\",\\\"status\\\":\\\"success\\\"}}\",\r\n
\"learnings\": []\r\n }\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:35.140Z\",\r\n \"message\": {\r\n \"role\":
\"assistant\",\r\n \"function_call\": { \"name\": \"\", \"arguments\":
\"\", \"trigger\": \"assistant\" },\r\n \"content\": \"Sure, here are
some examples of questions...\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.651Z\",\r\n \"message\": { \"role\": \"user\",
\"content\": \"What are the top 5 services by transaction volume\" }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:41.723Z\",\r\n
\"message\": { \"role\": \"assistant\", \"function_call\": { \"name\":
\"context\", \"trigger\": \"assistant\" }, \"content\": \"\" }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:41.784Z\",\r\n
\"message\": {\r\n \"role\": \"user\",\r\n \"data\": { \"scores\": [],
\"suggestions\": [] },\r\n \"name\": \"context\",\r\n \"content\": {\r\n
\"screen_description\": \"The user is looking at
http://localhost:5601/kyq/app/observability/overview?rangeFrom=now-15m&rangeTo=now.
The current time range is 2024-10-09T13:40:00.288Z -
2024-10-09T13:55:00.288Z.\\n\\nThe user is viewing the Overview page
which shows a summary of the following apps:
{\\\"universal_profiling\\\":{\\\"hasData\\\":false,\\\"status\\\":\\\"success\\\"},\\\"uptime\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"heartbeat-*\\\",\\\"status\\\":\\\"success\\\"},\\\"infra_metrics\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"metrics-*,metricbeat-*\\\",\\\"status\\\":\\\"success\\\"},\\\"alert\\\":{\\\"hasData\\\":false,\\\"status\\\":\\\"success\\\"},\\\"apm\\\":{\\\"hasData\\\":false,\\\"indices\\\":{\\\"transaction\\\":\\\"traces-apm*,apm-*,traces-*.otel-*\\\",\\\"span\\\":\\\"traces-apm*,apm-*,traces-*.otel-*\\\",\\\"error\\\":\\\"logs-apm*,apm-*,logs-*.otel-*\\\",\\\"metric\\\":\\\"metrics-apm*,apm-*,metrics-*.otel-*\\\",\\\"onboarding\\\":\\\"apm-*\\\",\\\"sourcemap\\\":\\\"apm-*\\\"},\\\"status\\\":\\\"success\\\"},\\\"ux\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"traces-apm*,apm-*,traces-*.otel-*,logs-apm*,apm-*,logs-*.otel-*,metrics-apm*,apm-*,metrics-*.otel-*\\\",\\\"status\\\":\\\"success\\\"},\\\"infra_logs\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"logs-*-*,logs-*,filebeat-*,kibana_sample_data_logs*\\\",\\\"status\\\":\\\"success\\\"}}\",\r\n
\"learnings\": []\r\n }\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:43.370Z\",\r\n \"message\": {\r\n \"role\":
\"assistant\",\r\n \"function_call\": {\r\n \"name\":
\"get_dataset_info\",\r\n \"arguments\": { \"index\":
\"traces-apm*,apm-*,traces-*.otel-*\" },\r\n \"trigger\":
\"assistant\"\r\n },\r\n \"content\": \"\"\r\n }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:43.379Z\",\r\n \"message\": {
\"role\": \"user\", \"name\": \"get_dataset_info\", \"content\": {
\"indices\": [], \"fields\": [] } }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:43.998Z\",\r\n \"message\": {\r\n \"role\":
\"assistant\",\r\n \"function_call\": { \"name\": \"query\",
\"arguments\": {}, \"trigger\": \"assistant\" },\r\n \"content\":
\"\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:47.572Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"data\": {\r\n \"keywords\": [\"STATS\", \"SORT\",
\"LIMIT\", \"COUNT\"],\r\n \"requestedDocumentation\": {\r\n \"STATS\":
\"# STATS ... BY\\n\\nThe `STATS ... BY`...\",\r\n \"SORT\": \"#
SORT\\n\\nThe SORT command...\",\r\n \"LIMIT\": \"# LIMIT\\n\\nThe LIMIT
command...\",\r\n \"COUNT\": \"# COUNT\\n\\n....\",\r\n \"SYNTAX\": \"#
ES|QL Syntax Guide....\",\r\n \"OVERVIEW\": \"## ES|QL Overview\\n\\n###
ES|QL....\",\r\n \"OPERATORS\": \"# ES|QL Operators\\n\\nThis
document....\"\r\n }\r\n },\r\n \"name\": \"query\",\r\n \"content\":
{}\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:51.481Z\",\r\n \"message\": {\r\n \"role\":
\"assistant\",\r\n \"function_call\": {\r\n \"name\":
\"execute_query\",\r\n \"arguments\": {\r\n \"query\": \"FROM
traces-apm*,apm-*,traces-*.otel-* | STATS COUNT(*) BY service.name |
SORT COUNT(*) DESC | LIMIT 5\"\r\n },\r\n \"trigger\": \"assistant\"\r\n
},\r\n \"content\": \"\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:51.619Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"name\": \"execute_query\",\r\n \"content\": {\r\n
\"message\": \"The query failed to execute\",\r\n \"error\": {\r\n
\"name\": \"ResponseError\",\r\n \"message\":
\"verification_exception\\n\\tRoot
causes:\\n\\t\\tverification_exception: Found 1 problem\\nline 1:1:
Unknown index [traces-apm*,apm-*,traces-*.otel-*]\"\r\n }\r\n }\r\n
}\r\n },\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:56.600Z\",\r\n
\"message\": {\r\n \"role\": \"assistant\",\r\n \"function_call\": {
\"name\": \"\", \"arguments\": \"\", \"trigger\": \"assistant\" },\r\n
\"content\": \"I'm sorry, but it seems like there are no indices
matching the pattern \\\"traces-apm*,apm-*,traces-*.otel-*\\\" in your
system. Therefore, I'm unable to retrieve the top 5 services by
transaction volume. Please ensure that your APM data is being ingested
correctly into Elasticsearch.\"\r\n }\r\n }\r\n
]\r\n}\r\n```\r\n</details>","sha":"e34876aa6809a5ea79a836ce61e94192a4769d59","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","v9.0.0","backport:prev-minor","Team:Obs
AI Assistant","ci:project-deploy-observability"],"title":"[Obs AI
Assistant] Pass function responses when copying
conversation","number":195635,"url":"https://github.com/elastic/kibana/pull/195635","mergeCommit":{"message":"[Obs
AI Assistant] Pass function responses when copying conversation
(#195635)\n\nCloses
https://github.com/elastic/kibana/issues/181216\r\n\r\n##
Summary\r\n\r\n### Problem\r\nFunction call arguments and responses are
serialized separately.\r\nTherefore, when a conversation is copied,
arguments and responses\r\n(`content` and `data`) appear as strings
instead of JSON objects. This\r\nmakes it harder to debug.\r\n\r\n###
Solution\r\nDeserialize the arguments and responses and include it in
the copied\r\nconversation object.\r\n\r\nExample of original copied
conversation:\r\n<details>\r\n <summary>Click to expand
JSON</summary>\r\n\r\n```json\r\n{\r\n \"title\": \"\",\r\n
\"messages\": [\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.723Z\",\r\n \"message\": {\r\n \"role\":
\"system\",\r\n \"content\": \"You are a helpful assistant for Elastic
Observability....\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:26.881Z\",\r\n \"message\": { \"role\": \"user\",
\"content\": \"Give me examples of questions I can ask here.\" }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:26.965Z\",\r\n
\"message\": { \"role\": \"assistant\", \"function_call\": { \"name\":
\"context\", \"trigger\": \"assistant\" }, \"content\": \"\" }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:27.063Z\",\r\n
\"message\": {\r\n \"role\": \"user\",\r\n \"data\":
\"{\\\"scores\\\":[],\\\"suggestions\\\":[]}\",\r\n \"name\":
\"context\",\r\n \"content\": \"{\\\"screen_description\\\":\\\"The user
is looking at
http://localhost:5601/kyq/app/observability/overview?rangeFrom=now-15m&rangeTo=now.
The current time range is 2024-10-09T13:40:00.288Z -
2024-10-09T13:55:00.288Z.\\\\n\\\\nThe user is viewing the Overview page
which shows a summary of the following apps:
{\\\\\\\"universal_profiling\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"uptime\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"heartbeat-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"infra_metrics\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"metrics-*,metricbeat-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"alert\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"apm\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":{\\\\\\\"transaction\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*\\\\\\\",\\\\\\\"span\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*\\\\\\\",\\\\\\\"error\\\\\\\":\\\\\\\"logs-apm*,apm-*,logs-*.otel-*\\\\\\\",\\\\\\\"metric\\\\\\\":\\\\\\\"metrics-apm*,apm-*,metrics-*.otel-*\\\\\\\",\\\\\\\"onboarding\\\\\\\":\\\\\\\"apm-*\\\\\\\",\\\\\\\"sourcemap\\\\\\\":\\\\\\\"apm-*\\\\\\\"},\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"ux\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*,logs-apm*,apm-*,logs-*.otel-*,metrics-apm*,apm-*,metrics-*.otel-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"infra_logs\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"logs-*-*,logs-*,filebeat-*,kibana_sample_data_logs*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"}}\\\",\\\"learnings\\\":[]}\"\r\n
}\r\n },\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:35.140Z\",\r\n
\"message\": {\r\n \"role\": \"assistant\",\r\n \"function_call\": {
\"name\": \"\", \"arguments\": \"\", \"trigger\": \"assistant\" },\r\n
\"content\": \"Sure, here are some examples of questions you can
ask:\\n\\n1. \\\"What is the average response time for my
services?\\\"\\n2. \\\"Show me the error rate for my services.\\\"\\n3.
\\\"Are there any anomalies in my system?\\\"\\n4. \\\"What are the top
5 services by transaction volume?\\\"\\n5. \\\"Show me the logs for a
specific service.\\\"\\n6. \\\"Are there any alerts in my
system?\\\"\\n7. \\\"What is the CPU usage of my hosts?\\\"\\n8.
\\\"Show me the network traffic in my system.\\\"\\n9. \\\"What is the
disk usage of my hosts?\\\"\\n10. \\\"Show me the memory usage of my
containers.\\\"\\n\\nPlease note that the actual questions you can ask
depend on the data you have in your system.\"\r\n }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:41.651Z\",\r\n \"message\": {
\"role\": \"user\", \"content\": \"What are the top 5 services by
transaction volume\" }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.723Z\",\r\n \"message\": { \"role\":
\"assistant\", \"function_call\": { \"name\": \"context\", \"trigger\":
\"assistant\" }, \"content\": \"\" }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.784Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"data\":
\"{\\\"scores\\\":[],\\\"suggestions\\\":[]}\",\r\n \"name\":
\"context\",\r\n \"content\": \"{\\\"screen_description\\\":\\\"The user
is looking at
http://localhost:5601/kyq/app/observability/overview?rangeFrom=now-15m&rangeTo=now.
The current time range is 2024-10-09T13:40:00.288Z -
2024-10-09T13:55:00.288Z.\\\\n\\\\nThe user is viewing the Overview page
which shows a summary of the following apps:
{\\\\\\\"universal_profiling\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"uptime\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"heartbeat-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"infra_metrics\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"metrics-*,metricbeat-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"alert\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"apm\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":{\\\\\\\"transaction\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*\\\\\\\",\\\\\\\"span\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*\\\\\\\",\\\\\\\"error\\\\\\\":\\\\\\\"logs-apm*,apm-*,logs-*.otel-*\\\\\\\",\\\\\\\"metric\\\\\\\":\\\\\\\"metrics-apm*,apm-*,metrics-*.otel-*\\\\\\\",\\\\\\\"onboarding\\\\\\\":\\\\\\\"apm-*\\\\\\\",\\\\\\\"sourcemap\\\\\\\":\\\\\\\"apm-*\\\\\\\"},\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"ux\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*,logs-apm*,apm-*,logs-*.otel-*,metrics-apm*,apm-*,metrics-*.otel-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"infra_logs\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"logs-*-*,logs-*,filebeat-*,kibana_sample_data_logs*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"}}\\\",\\\"learnings\\\":[]}\"\r\n
}\r\n },\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:43.370Z\",\r\n
\"message\": {\r\n \"role\": \"assistant\",\r\n \"function_call\": {\r\n
\"name\": \"get_dataset_info\",\r\n \"arguments\": \"{\\n \\\"index\\\":
\\\"traces-apm*,apm-*,traces-*.otel-*\\\"\\n}\",\r\n \"trigger\":
\"assistant\"\r\n },\r\n \"content\": \"\"\r\n }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:43.379Z\",\r\n \"message\": {
\"role\": \"user\", \"name\": \"get_dataset_info\", \"content\":
\"{\\\"indices\\\":[],\\\"fields\\\":[]}\" }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:43.998Z\",\r\n \"message\": {\r\n
\"role\": \"assistant\",\r\n \"function_call\": { \"name\": \"query\",
\"arguments\": \"{}\", \"trigger\": \"assistant\" },\r\n \"content\":
\"\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:47.572Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"data\":
\"{\\\"keywords\\\":[\\\"STATS\\\",\\\"SORT\\\",\\\"LIMIT\\\",\\\"COUNT\\\"],\\\"requestedDocumentation\\\":{\\\"STATS\\\":\\\"#
STATS ... BY\\\\n\\\\nThe `STATS ... BY` command groups rows based on a
common value and calculates one or more aggregated values over these
grouped rows.\\\\n\\\\n## Syntax\\\\n\\\\n```esql\\\\nSTATS [column1 =]
expression1[, ..., [columnN =] expressionN] [BY grouping_expression1[,
..., grouping_expressionN]]\\\\n```\\\\n\\\\n###
Parameters\\\\n\\\\n#### columnX\\\\n\\\\nThe name for the aggregated
value in the output. If not provided....\"}}\",\r\n \"name\":
\"query\",\r\n \"content\": \"{}\"\r\n }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:51.481Z\",\r\n \"message\": {\r\n
\"role\": \"assistant\",\r\n \"function_call\": {\r\n \"name\":
\"execute_query\",\r\n \"arguments\": \"{\\\"query\\\":\\\"FROM
traces-apm*,apm-*,traces-*.otel-* | STATS COUNT(*) BY service.name |
SORT COUNT(*) DESC | LIMIT 5\\\"}\",\r\n \"trigger\": \"assistant\"\r\n
},\r\n \"content\": \"\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:51.619Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"name\": \"execute_query\",\r\n \"content\":
\"{\\\"message\\\":\\\"The query failed to
execute\\\",\\\"error\\\":{\\\"name\\\":\\\"ResponseError\\\",\\\"message\\\":\\\"verification_exception\\\\n\\\\tRoot
causes:\\\\n\\\\t\\\\tverification_exception: Found 1 problem\\\\nline
1:1: Unknown index [traces-apm*,apm-*,traces-*.otel-*]\\\"}}\"\r\n }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:56.600Z\",\r\n
\"message\": {\r\n \"role\": \"assistant\",\r\n \"function_call\": {
\"name\": \"\", \"arguments\": \"\", \"trigger\": \"assistant\" },\r\n
\"content\": \"I'm sorry, but it seems like there are no indices
matching the pattern \\\"traces-apm*,apm-*,traces-*.otel-*\\\" in your
system. Therefore, I'm unable to retrieve the top 5 services by
transaction volume. Please ensure that your APM data is being ingested
correctly into Elasticsearch.\"\r\n }\r\n }\r\n
]\r\n}\r\n```\r\n</details>\r\n<br/>\r\nCopied conversation after
deserializing:\r\n<details>\r\n <summary>Click to expand
JSON</summary>\r\n\r\n```json\r\n{\r\n \"title\": \"\",\r\n
\"messages\": [\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.723Z\",\r\n \"message\": {\r\n \"role\":
\"system\",\r\n \"content\": \"You are a helpful assistant for Elastic
Observability. Your goal is to help the Elastic Observability users to
quickly assess what is happening in their observed systems...\"\r\n
}\r\n },\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:26.881Z\",\r\n
\"message\": { \"role\": \"user\", \"content\": \"Give me examples of
questions I can ask here.\" }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:26.965Z\",\r\n \"message\": { \"role\":
\"assistant\", \"function_call\": { \"name\": \"context\", \"trigger\":
\"assistant\" }, \"content\": \"\" }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:27.063Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"data\": { \"scores\": [], \"suggestions\": [] },\r\n
\"name\": \"context\",\r\n \"content\": {\r\n \"screen_description\":
\"The user is looking at
http://localhost:5601/kyq/app/observability/overview?rangeFrom=now-15m&rangeTo=now.
The current time range is 2024-10-09T13:40:00.288Z -
2024-10-09T13:55:00.288Z.\\n\\nThe user is viewing the Overview page
which shows a summary of the following apps:
{\\\"universal_profiling\\\":{\\\"hasData\\\":false,\\\"status\\\":\\\"success\\\"},\\\"uptime\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"heartbeat-*\\\",\\\"status\\\":\\\"success\\\"},\\\"infra_metrics\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"metrics-*,metricbeat-*\\\",\\\"status\\\":\\\"success\\\"},\\\"alert\\\":{\\\"hasData\\\":false,\\\"status\\\":\\\"success\\\"},\\\"apm\\\":{\\\"hasData\\\":false,\\\"indices\\\":{\\\"transaction\\\":\\\"traces-apm*,apm-*,traces-*.otel-*\\\",\\\"span\\\":\\\"traces-apm*,apm-*,traces-*.otel-*\\\",\\\"error\\\":\\\"logs-apm*,apm-*,logs-*.otel-*\\\",\\\"metric\\\":\\\"metrics-apm*,apm-*,metrics-*.otel-*\\\",\\\"onboarding\\\":\\\"apm-*\\\",\\\"sourcemap\\\":\\\"apm-*\\\"},\\\"status\\\":\\\"success\\\"},\\\"ux\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"traces-apm*,apm-*,traces-*.otel-*,logs-apm*,apm-*,logs-*.otel-*,metrics-apm*,apm-*,metrics-*.otel-*\\\",\\\"status\\\":\\\"success\\\"},\\\"infra_logs\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"logs-*-*,logs-*,filebeat-*,kibana_sample_data_logs*\\\",\\\"status\\\":\\\"success\\\"}}\",\r\n
\"learnings\": []\r\n }\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:35.140Z\",\r\n \"message\": {\r\n \"role\":
\"assistant\",\r\n \"function_call\": { \"name\": \"\", \"arguments\":
\"\", \"trigger\": \"assistant\" },\r\n \"content\": \"Sure, here are
some examples of questions...\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.651Z\",\r\n \"message\": { \"role\": \"user\",
\"content\": \"What are the top 5 services by transaction volume\" }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:41.723Z\",\r\n
\"message\": { \"role\": \"assistant\", \"function_call\": { \"name\":
\"context\", \"trigger\": \"assistant\" }, \"content\": \"\" }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:41.784Z\",\r\n
\"message\": {\r\n \"role\": \"user\",\r\n \"data\": { \"scores\": [],
\"suggestions\": [] },\r\n \"name\": \"context\",\r\n \"content\": {\r\n
\"screen_description\": \"The user is looking at
http://localhost:5601/kyq/app/observability/overview?rangeFrom=now-15m&rangeTo=now.
The current time range is 2024-10-09T13:40:00.288Z -
2024-10-09T13:55:00.288Z.\\n\\nThe user is viewing the Overview page
which shows a summary of the following apps:
{\\\"universal_profiling\\\":{\\\"hasData\\\":false,\\\"status\\\":\\\"success\\\"},\\\"uptime\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"heartbeat-*\\\",\\\"status\\\":\\\"success\\\"},\\\"infra_metrics\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"metrics-*,metricbeat-*\\\",\\\"status\\\":\\\"success\\\"},\\\"alert\\\":{\\\"hasData\\\":false,\\\"status\\\":\\\"success\\\"},\\\"apm\\\":{\\\"hasData\\\":false,\\\"indices\\\":{\\\"transaction\\\":\\\"traces-apm*,apm-*,traces-*.otel-*\\\",\\\"span\\\":\\\"traces-apm*,apm-*,traces-*.otel-*\\\",\\\"error\\\":\\\"logs-apm*,apm-*,logs-*.otel-*\\\",\\\"metric\\\":\\\"metrics-apm*,apm-*,metrics-*.otel-*\\\",\\\"onboarding\\\":\\\"apm-*\\\",\\\"sourcemap\\\":\\\"apm-*\\\"},\\\"status\\\":\\\"success\\\"},\\\"ux\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"traces-apm*,apm-*,traces-*.otel-*,logs-apm*,apm-*,logs-*.otel-*,metrics-apm*,apm-*,metrics-*.otel-*\\\",\\\"status\\\":\\\"success\\\"},\\\"infra_logs\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"logs-*-*,logs-*,filebeat-*,kibana_sample_data_logs*\\\",\\\"status\\\":\\\"success\\\"}}\",\r\n
\"learnings\": []\r\n }\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:43.370Z\",\r\n \"message\": {\r\n \"role\":
\"assistant\",\r\n \"function_call\": {\r\n \"name\":
\"get_dataset_info\",\r\n \"arguments\": { \"index\":
\"traces-apm*,apm-*,traces-*.otel-*\" },\r\n \"trigger\":
\"assistant\"\r\n },\r\n \"content\": \"\"\r\n }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:43.379Z\",\r\n \"message\": {
\"role\": \"user\", \"name\": \"get_dataset_info\", \"content\": {
\"indices\": [], \"fields\": [] } }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:43.998Z\",\r\n \"message\": {\r\n \"role\":
\"assistant\",\r\n \"function_call\": { \"name\": \"query\",
\"arguments\": {}, \"trigger\": \"assistant\" },\r\n \"content\":
\"\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:47.572Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"data\": {\r\n \"keywords\": [\"STATS\", \"SORT\",
\"LIMIT\", \"COUNT\"],\r\n \"requestedDocumentation\": {\r\n \"STATS\":
\"# STATS ... BY\\n\\nThe `STATS ... BY`...\",\r\n \"SORT\": \"#
SORT\\n\\nThe SORT command...\",\r\n \"LIMIT\": \"# LIMIT\\n\\nThe LIMIT
command...\",\r\n \"COUNT\": \"# COUNT\\n\\n....\",\r\n \"SYNTAX\": \"#
ES|QL Syntax Guide....\",\r\n \"OVERVIEW\": \"## ES|QL Overview\\n\\n###
ES|QL....\",\r\n \"OPERATORS\": \"# ES|QL Operators\\n\\nThis
document....\"\r\n }\r\n },\r\n \"name\": \"query\",\r\n \"content\":
{}\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:51.481Z\",\r\n \"message\": {\r\n \"role\":
\"assistant\",\r\n \"function_call\": {\r\n \"name\":
\"execute_query\",\r\n \"arguments\": {\r\n \"query\": \"FROM
traces-apm*,apm-*,traces-*.otel-* | STATS COUNT(*) BY service.name |
SORT COUNT(*) DESC | LIMIT 5\"\r\n },\r\n \"trigger\": \"assistant\"\r\n
},\r\n \"content\": \"\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:51.619Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"name\": \"execute_query\",\r\n \"content\": {\r\n
\"message\": \"The query failed to execute\",\r\n \"error\": {\r\n
\"name\": \"ResponseError\",\r\n \"message\":
\"verification_exception\\n\\tRoot
causes:\\n\\t\\tverification_exception: Found 1 problem\\nline 1:1:
Unknown index [traces-apm*,apm-*,traces-*.otel-*]\"\r\n }\r\n }\r\n
}\r\n },\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:56.600Z\",\r\n
\"message\": {\r\n \"role\": \"assistant\",\r\n \"function_call\": {
\"name\": \"\", \"arguments\": \"\", \"trigger\": \"assistant\" },\r\n
\"content\": \"I'm sorry, but it seems like there are no indices
matching the pattern \\\"traces-apm*,apm-*,traces-*.otel-*\\\" in your
system. Therefore, I'm unable to retrieve the top 5 services by
transaction volume. Please ensure that your APM data is being ingested
correctly into Elasticsearch.\"\r\n }\r\n }\r\n
]\r\n}\r\n```\r\n</details>","sha":"e34876aa6809a5ea79a836ce61e94192a4769d59"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195635","number":195635,"mergeCommit":{"message":"[Obs
AI Assistant] Pass function responses when copying conversation
(#195635)\n\nCloses
https://github.com/elastic/kibana/issues/181216\r\n\r\n##
Summary\r\n\r\n### Problem\r\nFunction call arguments and responses are
serialized separately.\r\nTherefore, when a conversation is copied,
arguments and responses\r\n(`content` and `data`) appear as strings
instead of JSON objects. This\r\nmakes it harder to debug.\r\n\r\n###
Solution\r\nDeserialize the arguments and responses and include it in
the copied\r\nconversation object.\r\n\r\nExample of original copied
conversation:\r\n<details>\r\n <summary>Click to expand
JSON</summary>\r\n\r\n```json\r\n{\r\n \"title\": \"\",\r\n
\"messages\": [\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.723Z\",\r\n \"message\": {\r\n \"role\":
\"system\",\r\n \"content\": \"You are a helpful assistant for Elastic
Observability....\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:26.881Z\",\r\n \"message\": { \"role\": \"user\",
\"content\": \"Give me examples of questions I can ask here.\" }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:26.965Z\",\r\n
\"message\": { \"role\": \"assistant\", \"function_call\": { \"name\":
\"context\", \"trigger\": \"assistant\" }, \"content\": \"\" }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:27.063Z\",\r\n
\"message\": {\r\n \"role\": \"user\",\r\n \"data\":
\"{\\\"scores\\\":[],\\\"suggestions\\\":[]}\",\r\n \"name\":
\"context\",\r\n \"content\": \"{\\\"screen_description\\\":\\\"The user
is looking at
http://localhost:5601/kyq/app/observability/overview?rangeFrom=now-15m&rangeTo=now.
The current time range is 2024-10-09T13:40:00.288Z -
2024-10-09T13:55:00.288Z.\\\\n\\\\nThe user is viewing the Overview page
which shows a summary of the following apps:
{\\\\\\\"universal_profiling\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"uptime\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"heartbeat-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"infra_metrics\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"metrics-*,metricbeat-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"alert\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"apm\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":{\\\\\\\"transaction\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*\\\\\\\",\\\\\\\"span\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*\\\\\\\",\\\\\\\"error\\\\\\\":\\\\\\\"logs-apm*,apm-*,logs-*.otel-*\\\\\\\",\\\\\\\"metric\\\\\\\":\\\\\\\"metrics-apm*,apm-*,metrics-*.otel-*\\\\\\\",\\\\\\\"onboarding\\\\\\\":\\\\\\\"apm-*\\\\\\\",\\\\\\\"sourcemap\\\\\\\":\\\\\\\"apm-*\\\\\\\"},\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"ux\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*,logs-apm*,apm-*,logs-*.otel-*,metrics-apm*,apm-*,metrics-*.otel-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"infra_logs\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"logs-*-*,logs-*,filebeat-*,kibana_sample_data_logs*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"}}\\\",\\\"learnings\\\":[]}\"\r\n
}\r\n },\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:35.140Z\",\r\n
\"message\": {\r\n \"role\": \"assistant\",\r\n \"function_call\": {
\"name\": \"\", \"arguments\": \"\", \"trigger\": \"assistant\" },\r\n
\"content\": \"Sure, here are some examples of questions you can
ask:\\n\\n1. \\\"What is the average response time for my
services?\\\"\\n2. \\\"Show me the error rate for my services.\\\"\\n3.
\\\"Are there any anomalies in my system?\\\"\\n4. \\\"What are the top
5 services by transaction volume?\\\"\\n5. \\\"Show me the logs for a
specific service.\\\"\\n6. \\\"Are there any alerts in my
system?\\\"\\n7. \\\"What is the CPU usage of my hosts?\\\"\\n8.
\\\"Show me the network traffic in my system.\\\"\\n9. \\\"What is the
disk usage of my hosts?\\\"\\n10. \\\"Show me the memory usage of my
containers.\\\"\\n\\nPlease note that the actual questions you can ask
depend on the data you have in your system.\"\r\n }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:41.651Z\",\r\n \"message\": {
\"role\": \"user\", \"content\": \"What are the top 5 services by
transaction volume\" }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.723Z\",\r\n \"message\": { \"role\":
\"assistant\", \"function_call\": { \"name\": \"context\", \"trigger\":
\"assistant\" }, \"content\": \"\" }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.784Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"data\":
\"{\\\"scores\\\":[],\\\"suggestions\\\":[]}\",\r\n \"name\":
\"context\",\r\n \"content\": \"{\\\"screen_description\\\":\\\"The user
is looking at
http://localhost:5601/kyq/app/observability/overview?rangeFrom=now-15m&rangeTo=now.
The current time range is 2024-10-09T13:40:00.288Z -
2024-10-09T13:55:00.288Z.\\\\n\\\\nThe user is viewing the Overview page
which shows a summary of the following apps:
{\\\\\\\"universal_profiling\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"uptime\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"heartbeat-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"infra_metrics\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"metrics-*,metricbeat-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"alert\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"apm\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":{\\\\\\\"transaction\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*\\\\\\\",\\\\\\\"span\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*\\\\\\\",\\\\\\\"error\\\\\\\":\\\\\\\"logs-apm*,apm-*,logs-*.otel-*\\\\\\\",\\\\\\\"metric\\\\\\\":\\\\\\\"metrics-apm*,apm-*,metrics-*.otel-*\\\\\\\",\\\\\\\"onboarding\\\\\\\":\\\\\\\"apm-*\\\\\\\",\\\\\\\"sourcemap\\\\\\\":\\\\\\\"apm-*\\\\\\\"},\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"ux\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"traces-apm*,apm-*,traces-*.otel-*,logs-apm*,apm-*,logs-*.otel-*,metrics-apm*,apm-*,metrics-*.otel-*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"},\\\\\\\"infra_logs\\\\\\\":{\\\\\\\"hasData\\\\\\\":false,\\\\\\\"indices\\\\\\\":\\\\\\\"logs-*-*,logs-*,filebeat-*,kibana_sample_data_logs*\\\\\\\",\\\\\\\"status\\\\\\\":\\\\\\\"success\\\\\\\"}}\\\",\\\"learnings\\\":[]}\"\r\n
}\r\n },\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:43.370Z\",\r\n
\"message\": {\r\n \"role\": \"assistant\",\r\n \"function_call\": {\r\n
\"name\": \"get_dataset_info\",\r\n \"arguments\": \"{\\n \\\"index\\\":
\\\"traces-apm*,apm-*,traces-*.otel-*\\\"\\n}\",\r\n \"trigger\":
\"assistant\"\r\n },\r\n \"content\": \"\"\r\n }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:43.379Z\",\r\n \"message\": {
\"role\": \"user\", \"name\": \"get_dataset_info\", \"content\":
\"{\\\"indices\\\":[],\\\"fields\\\":[]}\" }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:43.998Z\",\r\n \"message\": {\r\n
\"role\": \"assistant\",\r\n \"function_call\": { \"name\": \"query\",
\"arguments\": \"{}\", \"trigger\": \"assistant\" },\r\n \"content\":
\"\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:47.572Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"data\":
\"{\\\"keywords\\\":[\\\"STATS\\\",\\\"SORT\\\",\\\"LIMIT\\\",\\\"COUNT\\\"],\\\"requestedDocumentation\\\":{\\\"STATS\\\":\\\"#
STATS ... BY\\\\n\\\\nThe `STATS ... BY` command groups rows based on a
common value and calculates one or more aggregated values over these
grouped rows.\\\\n\\\\n## Syntax\\\\n\\\\n```esql\\\\nSTATS [column1 =]
expression1[, ..., [columnN =] expressionN] [BY grouping_expression1[,
..., grouping_expressionN]]\\\\n```\\\\n\\\\n###
Parameters\\\\n\\\\n#### columnX\\\\n\\\\nThe name for the aggregated
value in the output. If not provided....\"}}\",\r\n \"name\":
\"query\",\r\n \"content\": \"{}\"\r\n }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:51.481Z\",\r\n \"message\": {\r\n
\"role\": \"assistant\",\r\n \"function_call\": {\r\n \"name\":
\"execute_query\",\r\n \"arguments\": \"{\\\"query\\\":\\\"FROM
traces-apm*,apm-*,traces-*.otel-* | STATS COUNT(*) BY service.name |
SORT COUNT(*) DESC | LIMIT 5\\\"}\",\r\n \"trigger\": \"assistant\"\r\n
},\r\n \"content\": \"\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:51.619Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"name\": \"execute_query\",\r\n \"content\":
\"{\\\"message\\\":\\\"The query failed to
execute\\\",\\\"error\\\":{\\\"name\\\":\\\"ResponseError\\\",\\\"message\\\":\\\"verification_exception\\\\n\\\\tRoot
causes:\\\\n\\\\t\\\\tverification_exception: Found 1 problem\\\\nline
1:1: Unknown index [traces-apm*,apm-*,traces-*.otel-*]\\\"}}\"\r\n }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:56.600Z\",\r\n
\"message\": {\r\n \"role\": \"assistant\",\r\n \"function_call\": {
\"name\": \"\", \"arguments\": \"\", \"trigger\": \"assistant\" },\r\n
\"content\": \"I'm sorry, but it seems like there are no indices
matching the pattern \\\"traces-apm*,apm-*,traces-*.otel-*\\\" in your
system. Therefore, I'm unable to retrieve the top 5 services by
transaction volume. Please ensure that your APM data is being ingested
correctly into Elasticsearch.\"\r\n }\r\n }\r\n
]\r\n}\r\n```\r\n</details>\r\n<br/>\r\nCopied conversation after
deserializing:\r\n<details>\r\n <summary>Click to expand
JSON</summary>\r\n\r\n```json\r\n{\r\n \"title\": \"\",\r\n
\"messages\": [\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.723Z\",\r\n \"message\": {\r\n \"role\":
\"system\",\r\n \"content\": \"You are a helpful assistant for Elastic
Observability. Your goal is to help the Elastic Observability users to
quickly assess what is happening in their observed systems...\"\r\n
}\r\n },\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:26.881Z\",\r\n
\"message\": { \"role\": \"user\", \"content\": \"Give me examples of
questions I can ask here.\" }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:26.965Z\",\r\n \"message\": { \"role\":
\"assistant\", \"function_call\": { \"name\": \"context\", \"trigger\":
\"assistant\" }, \"content\": \"\" }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:27.063Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"data\": { \"scores\": [], \"suggestions\": [] },\r\n
\"name\": \"context\",\r\n \"content\": {\r\n \"screen_description\":
\"The user is looking at
http://localhost:5601/kyq/app/observability/overview?rangeFrom=now-15m&rangeTo=now.
The current time range is 2024-10-09T13:40:00.288Z -
2024-10-09T13:55:00.288Z.\\n\\nThe user is viewing the Overview page
which shows a summary of the following apps:
{\\\"universal_profiling\\\":{\\\"hasData\\\":false,\\\"status\\\":\\\"success\\\"},\\\"uptime\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"heartbeat-*\\\",\\\"status\\\":\\\"success\\\"},\\\"infra_metrics\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"metrics-*,metricbeat-*\\\",\\\"status\\\":\\\"success\\\"},\\\"alert\\\":{\\\"hasData\\\":false,\\\"status\\\":\\\"success\\\"},\\\"apm\\\":{\\\"hasData\\\":false,\\\"indices\\\":{\\\"transaction\\\":\\\"traces-apm*,apm-*,traces-*.otel-*\\\",\\\"span\\\":\\\"traces-apm*,apm-*,traces-*.otel-*\\\",\\\"error\\\":\\\"logs-apm*,apm-*,logs-*.otel-*\\\",\\\"metric\\\":\\\"metrics-apm*,apm-*,metrics-*.otel-*\\\",\\\"onboarding\\\":\\\"apm-*\\\",\\\"sourcemap\\\":\\\"apm-*\\\"},\\\"status\\\":\\\"success\\\"},\\\"ux\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"traces-apm*,apm-*,traces-*.otel-*,logs-apm*,apm-*,logs-*.otel-*,metrics-apm*,apm-*,metrics-*.otel-*\\\",\\\"status\\\":\\\"success\\\"},\\\"infra_logs\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"logs-*-*,logs-*,filebeat-*,kibana_sample_data_logs*\\\",\\\"status\\\":\\\"success\\\"}}\",\r\n
\"learnings\": []\r\n }\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:35.140Z\",\r\n \"message\": {\r\n \"role\":
\"assistant\",\r\n \"function_call\": { \"name\": \"\", \"arguments\":
\"\", \"trigger\": \"assistant\" },\r\n \"content\": \"Sure, here are
some examples of questions...\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:41.651Z\",\r\n \"message\": { \"role\": \"user\",
\"content\": \"What are the top 5 services by transaction volume\" }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:41.723Z\",\r\n
\"message\": { \"role\": \"assistant\", \"function_call\": { \"name\":
\"context\", \"trigger\": \"assistant\" }, \"content\": \"\" }\r\n
},\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:41.784Z\",\r\n
\"message\": {\r\n \"role\": \"user\",\r\n \"data\": { \"scores\": [],
\"suggestions\": [] },\r\n \"name\": \"context\",\r\n \"content\": {\r\n
\"screen_description\": \"The user is looking at
http://localhost:5601/kyq/app/observability/overview?rangeFrom=now-15m&rangeTo=now.
The current time range is 2024-10-09T13:40:00.288Z -
2024-10-09T13:55:00.288Z.\\n\\nThe user is viewing the Overview page
which shows a summary of the following apps:
{\\\"universal_profiling\\\":{\\\"hasData\\\":false,\\\"status\\\":\\\"success\\\"},\\\"uptime\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"heartbeat-*\\\",\\\"status\\\":\\\"success\\\"},\\\"infra_metrics\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"metrics-*,metricbeat-*\\\",\\\"status\\\":\\\"success\\\"},\\\"alert\\\":{\\\"hasData\\\":false,\\\"status\\\":\\\"success\\\"},\\\"apm\\\":{\\\"hasData\\\":false,\\\"indices\\\":{\\\"transaction\\\":\\\"traces-apm*,apm-*,traces-*.otel-*\\\",\\\"span\\\":\\\"traces-apm*,apm-*,traces-*.otel-*\\\",\\\"error\\\":\\\"logs-apm*,apm-*,logs-*.otel-*\\\",\\\"metric\\\":\\\"metrics-apm*,apm-*,metrics-*.otel-*\\\",\\\"onboarding\\\":\\\"apm-*\\\",\\\"sourcemap\\\":\\\"apm-*\\\"},\\\"status\\\":\\\"success\\\"},\\\"ux\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"traces-apm*,apm-*,traces-*.otel-*,logs-apm*,apm-*,logs-*.otel-*,metrics-apm*,apm-*,metrics-*.otel-*\\\",\\\"status\\\":\\\"success\\\"},\\\"infra_logs\\\":{\\\"hasData\\\":false,\\\"indices\\\":\\\"logs-*-*,logs-*,filebeat-*,kibana_sample_data_logs*\\\",\\\"status\\\":\\\"success\\\"}}\",\r\n
\"learnings\": []\r\n }\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:43.370Z\",\r\n \"message\": {\r\n \"role\":
\"assistant\",\r\n \"function_call\": {\r\n \"name\":
\"get_dataset_info\",\r\n \"arguments\": { \"index\":
\"traces-apm*,apm-*,traces-*.otel-*\" },\r\n \"trigger\":
\"assistant\"\r\n },\r\n \"content\": \"\"\r\n }\r\n },\r\n {\r\n
\"@timestamp\": \"2024-10-09T13:58:43.379Z\",\r\n \"message\": {
\"role\": \"user\", \"name\": \"get_dataset_info\", \"content\": {
\"indices\": [], \"fields\": [] } }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:43.998Z\",\r\n \"message\": {\r\n \"role\":
\"assistant\",\r\n \"function_call\": { \"name\": \"query\",
\"arguments\": {}, \"trigger\": \"assistant\" },\r\n \"content\":
\"\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:47.572Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"data\": {\r\n \"keywords\": [\"STATS\", \"SORT\",
\"LIMIT\", \"COUNT\"],\r\n \"requestedDocumentation\": {\r\n \"STATS\":
\"# STATS ... BY\\n\\nThe `STATS ... BY`...\",\r\n \"SORT\": \"#
SORT\\n\\nThe SORT command...\",\r\n \"LIMIT\": \"# LIMIT\\n\\nThe LIMIT
command...\",\r\n \"COUNT\": \"# COUNT\\n\\n....\",\r\n \"SYNTAX\": \"#
ES|QL Syntax Guide....\",\r\n \"OVERVIEW\": \"## ES|QL Overview\\n\\n###
ES|QL....\",\r\n \"OPERATORS\": \"# ES|QL Operators\\n\\nThis
document....\"\r\n }\r\n },\r\n \"name\": \"query\",\r\n \"content\":
{}\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:51.481Z\",\r\n \"message\": {\r\n \"role\":
\"assistant\",\r\n \"function_call\": {\r\n \"name\":
\"execute_query\",\r\n \"arguments\": {\r\n \"query\": \"FROM
traces-apm*,apm-*,traces-*.otel-* | STATS COUNT(*) BY service.name |
SORT COUNT(*) DESC | LIMIT 5\"\r\n },\r\n \"trigger\": \"assistant\"\r\n
},\r\n \"content\": \"\"\r\n }\r\n },\r\n {\r\n \"@timestamp\":
\"2024-10-09T13:58:51.619Z\",\r\n \"message\": {\r\n \"role\":
\"user\",\r\n \"name\": \"execute_query\",\r\n \"content\": {\r\n
\"message\": \"The query failed to execute\",\r\n \"error\": {\r\n
\"name\": \"ResponseError\",\r\n \"message\":
\"verification_exception\\n\\tRoot
causes:\\n\\t\\tverification_exception: Found 1 problem\\nline 1:1:
Unknown index [traces-apm*,apm-*,traces-*.otel-*]\"\r\n }\r\n }\r\n
}\r\n },\r\n {\r\n \"@timestamp\": \"2024-10-09T13:58:56.600Z\",\r\n
\"message\": {\r\n \"role\": \"assistant\",\r\n \"function_call\": {
\"name\": \"\", \"arguments\": \"\", \"trigger\": \"assistant\" },\r\n
\"content\": \"I'm sorry, but it seems like there are no indices
matching the pattern \\\"traces-apm*,apm-*,traces-*.otel-*\\\" in your
system. Therefore, I'm unable to retrieve the top 5 services by
transaction volume. Please ensure that your APM data is being ingested
correctly into Elasticsearch.\"\r\n }\r\n }\r\n
]\r\n}\r\n```\r\n</details>","sha":"e34876aa6809a5ea79a836ce61e94192a4769d59"}}]}]
BACKPORT-->

Co-authored-by: Viduni Wickramarachchi <viduni.wickramarachchi@elastic.co>
 2024-10-16 11:29:34 -05:00
Kibana Machine
cbd40a81e4
[8.x] Kb settings followup (#195733) (#196477) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [Kb settings followup
(#195733)](https://github.com/elastic/kibana/pull/195733)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Patryk
Kopyciński","email":"contact@patrykkopycinski.com"},"sourceCommit":{"committedDate":"2024-10-16T03:41:57Z","message":"Kb
settings followup
(#195733)","sha":"983a3e5723f7c2ab6e33663e03355f431723b1b5","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["v9.0.0","release_note:feature","Feature:Security
Assistant","Team:Security Generative
AI","v8.16.0","backport:version"],"title":"Kb settings
followup","number":195733,"url":"https://github.com/elastic/kibana/pull/195733","mergeCommit":{"message":"Kb
settings followup
(#195733)","sha":"983a3e5723f7c2ab6e33663e03355f431723b1b5"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195733","number":195733,"mergeCommit":{"message":"Kb
settings followup
(#195733)","sha":"983a3e5723f7c2ab6e33663e03355f431723b1b5"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Patryk Kopyciński <contact@patrykkopycinski.com>
 2024-10-16 00:21:47 -05:00
Kibana Machine
1549d38d02
[8.x] [Security Solution][DQD] Add historical results tour guide (#196127) (#196456) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Solution][DQD] Add historical results tour guide
(#196127)](https://github.com/elastic/kibana/pull/196127)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Karen
Grigoryan","email":"karen.grigoryan@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T23:18:50Z","message":"[Security
Solution][DQD] Add historical results tour guide (#196127)\n\naddresses
#195971\r\n\r\nThis PR adds missing new historical results feature tour
guide.\r\n\r\n## Tour guide features:\r\n- ability to maintain visual
presence while collapsing accordions in\r\nlist-view\r\n- move from
list-view to flyout view and back\r\n- seamlessly integrates with
existing opening flyout and history tab\r\nfunctionality\r\n\r\n## PR
decisions with explanation:\r\n- data-tour-element has been introduced
on select elements (like first\r\nactions of each first row) to avoid
polluting every single element with\r\ndata-test-subj. This way it's
imho specific and semantically more clear\r\nwhat the elements are
for.\r\n- early on I tried to control the anchoring with refs but some
eui\r\nelements don't allow passing refs like EuiTab, so instead a more
simpler\r\nand straightforward approach with dom selectors has been
chosen\r\n- localStorage key name has been picked in accordance with
other\r\ninstances of
usage\r\n`securitySolution.dataQualityDashboard.historicalResultsTour.v8.16.isActive`\r\nthe
name includes the full domain + the version when it's introduced.\r\nAnd
since this tour step is a single step there is no need to
stringify\r\nan object with `isTourActive` in and it's much simpler to
just bake the\r\nactivity state into the name and make the value just a
boolean.\r\n\r\n## UI Demo\r\n\r\n### Anchor reposition demo (listview +
flyout)\r\n\r\nhttps://github.com/user-attachments/assets/0f961c51-0e36-48ca-aab4-bef3b0d1269e\r\n\r\n###
List view tour guide try it + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/ca1f5fda-ee02-4a48-827c-91df757a8ddf\r\n\r\n###
FlyOut Try It + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/d0801ac3-1ed1-4e64-9d6b-3140b8402bdf\r\n\r\n###
Manual history tab selection path + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/34dbb447-2fd6-4dc0-a4f5-682c9c65cc8b\r\n\r\n###
Manual open history view path + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/945dd042-fc12-476e-8d23-f48c9ded9f65\r\n\r\n###
Dismiss list view tour guide + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/d20d1416-827f-46f2-9161-a3c0a8cbd932\r\n\r\n###
Dismiss FlyOut tour guide + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/8f085f59-20a9-49f0-b5b3-959c4719f5cb\r\n\r\n###
Serverless empty pattern handling + reposition
demo\r\n\r\nhttps://github.com/user-attachments/assets/4af5939e-663c-4439-a3fc-deff2d4de7e4","sha":"c448593d546f6200b0d2d35bce043bef521f41a6","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["v9.0.0","Team:Threat
Hunting","release_note:feature","Team:Threat
Hunting:Explore","backport:prev-minor"],"title":"[Security
Solution][DQD] Add historical results tour
guide","number":196127,"url":"https://github.com/elastic/kibana/pull/196127","mergeCommit":{"message":"[Security
Solution][DQD] Add historical results tour guide (#196127)\n\naddresses
#195971\r\n\r\nThis PR adds missing new historical results feature tour
guide.\r\n\r\n## Tour guide features:\r\n- ability to maintain visual
presence while collapsing accordions in\r\nlist-view\r\n- move from
list-view to flyout view and back\r\n- seamlessly integrates with
existing opening flyout and history tab\r\nfunctionality\r\n\r\n## PR
decisions with explanation:\r\n- data-tour-element has been introduced
on select elements (like first\r\nactions of each first row) to avoid
polluting every single element with\r\ndata-test-subj. This way it's
imho specific and semantically more clear\r\nwhat the elements are
for.\r\n- early on I tried to control the anchoring with refs but some
eui\r\nelements don't allow passing refs like EuiTab, so instead a more
simpler\r\nand straightforward approach with dom selectors has been
chosen\r\n- localStorage key name has been picked in accordance with
other\r\ninstances of
usage\r\n`securitySolution.dataQualityDashboard.historicalResultsTour.v8.16.isActive`\r\nthe
name includes the full domain + the version when it's introduced.\r\nAnd
since this tour step is a single step there is no need to
stringify\r\nan object with `isTourActive` in and it's much simpler to
just bake the\r\nactivity state into the name and make the value just a
boolean.\r\n\r\n## UI Demo\r\n\r\n### Anchor reposition demo (listview +
flyout)\r\n\r\nhttps://github.com/user-attachments/assets/0f961c51-0e36-48ca-aab4-bef3b0d1269e\r\n\r\n###
List view tour guide try it + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/ca1f5fda-ee02-4a48-827c-91df757a8ddf\r\n\r\n###
FlyOut Try It + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/d0801ac3-1ed1-4e64-9d6b-3140b8402bdf\r\n\r\n###
Manual history tab selection path + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/34dbb447-2fd6-4dc0-a4f5-682c9c65cc8b\r\n\r\n###
Manual open history view path + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/945dd042-fc12-476e-8d23-f48c9ded9f65\r\n\r\n###
Dismiss list view tour guide + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/d20d1416-827f-46f2-9161-a3c0a8cbd932\r\n\r\n###
Dismiss FlyOut tour guide + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/8f085f59-20a9-49f0-b5b3-959c4719f5cb\r\n\r\n###
Serverless empty pattern handling + reposition
demo\r\n\r\nhttps://github.com/user-attachments/assets/4af5939e-663c-4439-a3fc-deff2d4de7e4","sha":"c448593d546f6200b0d2d35bce043bef521f41a6"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196127","number":196127,"mergeCommit":{"message":"[Security
Solution][DQD] Add historical results tour guide (#196127)\n\naddresses
#195971\r\n\r\nThis PR adds missing new historical results feature tour
guide.\r\n\r\n## Tour guide features:\r\n- ability to maintain visual
presence while collapsing accordions in\r\nlist-view\r\n- move from
list-view to flyout view and back\r\n- seamlessly integrates with
existing opening flyout and history tab\r\nfunctionality\r\n\r\n## PR
decisions with explanation:\r\n- data-tour-element has been introduced
on select elements (like first\r\nactions of each first row) to avoid
polluting every single element with\r\ndata-test-subj. This way it's
imho specific and semantically more clear\r\nwhat the elements are
for.\r\n- early on I tried to control the anchoring with refs but some
eui\r\nelements don't allow passing refs like EuiTab, so instead a more
simpler\r\nand straightforward approach with dom selectors has been
chosen\r\n- localStorage key name has been picked in accordance with
other\r\ninstances of
usage\r\n`securitySolution.dataQualityDashboard.historicalResultsTour.v8.16.isActive`\r\nthe
name includes the full domain + the version when it's introduced.\r\nAnd
since this tour step is a single step there is no need to
stringify\r\nan object with `isTourActive` in and it's much simpler to
just bake the\r\nactivity state into the name and make the value just a
boolean.\r\n\r\n## UI Demo\r\n\r\n### Anchor reposition demo (listview +
flyout)\r\n\r\nhttps://github.com/user-attachments/assets/0f961c51-0e36-48ca-aab4-bef3b0d1269e\r\n\r\n###
List view tour guide try it + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/ca1f5fda-ee02-4a48-827c-91df757a8ddf\r\n\r\n###
FlyOut Try It + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/d0801ac3-1ed1-4e64-9d6b-3140b8402bdf\r\n\r\n###
Manual history tab selection path + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/34dbb447-2fd6-4dc0-a4f5-682c9c65cc8b\r\n\r\n###
Manual open history view path + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/945dd042-fc12-476e-8d23-f48c9ded9f65\r\n\r\n###
Dismiss list view tour guide + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/d20d1416-827f-46f2-9161-a3c0a8cbd932\r\n\r\n###
Dismiss FlyOut tour guide + reload
demo\r\n\r\nhttps://github.com/user-attachments/assets/8f085f59-20a9-49f0-b5b3-959c4719f5cb\r\n\r\n###
Serverless empty pattern handling + reposition
demo\r\n\r\nhttps://github.com/user-attachments/assets/4af5939e-663c-4439-a3fc-deff2d4de7e4","sha":"c448593d546f6200b0d2d35bce043bef521f41a6"}}]}]
BACKPORT-->

Co-authored-by: Karen Grigoryan <karen.grigoryan@elastic.co>
 2024-10-15 20:01:40 -05:00
Kibana Machine
e24a6653d2
[8.x] [ML] Add control to show or hide empty fields in dropdown in Transform (#195485) (#196451) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[ML] Add control to show or hide empty fields in dropdown in
Transform (#195485)](https://github.com/elastic/kibana/pull/195485)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Quynh Nguyen
(Quinn)","email":"43350163+qn895@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T22:04:04Z","message":"[ML]
Add control to show or hide empty fields in dropdown in Transform
(#195485)\n\n## Summary\r\nFollow up of
https://github.com/elastic/kibana/pull/186670. This PR adds\r\na new
control show or hide empty fields in dropdowns in Transform.\r\n\r\n####
Transform\r\n\r\nPivot transform
creation\r\n\r\n\r\nhttps://github.com/user-attachments/assets/35366671-c7a0-4ba1-ae24-ae3d965a2d69\r\n\r\nLatest
transform creation\r\n\r\n<img width=\"1473\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/db53e7ed-17d5-44d7-93ab-1d0c5ca22f20\">\r\n\r\n\r\n\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"d89f32a6aca0b522c606e5aec668cee5a3267d4a","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement",":ml","Feature:Transforms","v9.0.0","backport:prev-minor","v8.16.0"],"title":"[ML]
Add control to show or hide empty fields in dropdown in Transform
","number":195485,"url":"https://github.com/elastic/kibana/pull/195485","mergeCommit":{"message":"[ML]
Add control to show or hide empty fields in dropdown in Transform
(#195485)\n\n## Summary\r\nFollow up of
https://github.com/elastic/kibana/pull/186670. This PR adds\r\na new
control show or hide empty fields in dropdowns in Transform.\r\n\r\n####
Transform\r\n\r\nPivot transform
creation\r\n\r\n\r\nhttps://github.com/user-attachments/assets/35366671-c7a0-4ba1-ae24-ae3d965a2d69\r\n\r\nLatest
transform creation\r\n\r\n<img width=\"1473\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/db53e7ed-17d5-44d7-93ab-1d0c5ca22f20\">\r\n\r\n\r\n\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"d89f32a6aca0b522c606e5aec668cee5a3267d4a"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195485","number":195485,"mergeCommit":{"message":"[ML]
Add control to show or hide empty fields in dropdown in Transform
(#195485)\n\n## Summary\r\nFollow up of
https://github.com/elastic/kibana/pull/186670. This PR adds\r\na new
control show or hide empty fields in dropdowns in Transform.\r\n\r\n####
Transform\r\n\r\nPivot transform
creation\r\n\r\n\r\nhttps://github.com/user-attachments/assets/35366671-c7a0-4ba1-ae24-ae3d965a2d69\r\n\r\nLatest
transform creation\r\n\r\n<img width=\"1473\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/db53e7ed-17d5-44d7-93ab-1d0c5ca22f20\">\r\n\r\n\r\n\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"d89f32a6aca0b522c606e5aec668cee5a3267d4a"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Quynh Nguyen (Quinn) <43350163+qn895@users.noreply.github.com>
 2024-10-15 18:49:31 -05:00
Kibana Machine
d2e04412a8
[8.x] CDR workflow UI counters (#196346) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [CDR workflow UI
counters](https://github.com/elastic/kibana/pull/196305)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Ido
Cohen","email":"90558359+CohenIdo@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T15:16:15Z","message":"CDR
workflow UI
counters","sha":"489dc1dca3dc7793ebbf147e698834b9e54e3d7f","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud
Security","backport:prev-minor"],"title":"CDR workflow UI
counters","number":196305,"url":"https://github.com/elastic/kibana/pull/196305","mergeCommit":{"message":"CDR
workflow UI
counters","sha":"489dc1dca3dc7793ebbf147e698834b9e54e3d7f"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196305","number":196305,"mergeCommit":{"message":"CDR
workflow UI
counters","sha":"489dc1dca3dc7793ebbf147e698834b9e54e3d7f"}}]}]
BACKPORT-->

Co-authored-by: Ido Cohen <90558359+CohenIdo@users.noreply.github.com>
 2024-10-15 12:03:03 -05:00
Kibana Machine
e3996ca47a
[8.x] [Security Solution] [Attack discovery] Output chunking / refinement, LangGraph migration, and evaluation improvements (#195669) (#196334) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Solution] [Attack discovery] Output chunking / refinement,
LangGraph migration, and evaluation improvements
(#195669)](https://github.com/elastic/kibana/pull/195669)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Andrew
Macri","email":"andrew.macri@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T14:39:48Z","message":"[Security
Solution] [Attack discovery] Output chunking / refinement, LangGraph
migration, and evaluation improvements (#195669)\n\n## [Security
Solution] [Attack discovery] Output chunking / refinement, LangGraph
migration, and evaluation improvements\r\n\r\n### Summary\r\n\r\nThis PR
improves the Attack discovery user and developer experience with output
chunking / refinement, migration to LangGraph, and improvements to
evaluations.\r\n\r\nThe improvements were realized by transitioning from
directly using lower-level LangChain apis to LangGraph in this PR, and a
deeper integration with the evaluation features of
LangSmith.\r\n\r\n#### Output chunking\r\n\r\n_Output chunking_
increases the maximum and default number of alerts sent as context,
working around the output token limitations of popular large language
models (LLMs):\r\n\r\n| | Old | New
|\r\n|----------------|-------|-------|\r\n| max alerts | `100` | `500`
|\r\n| default alerts | `20` | `200` |\r\n\r\nSee _Output chunking
details_ below for more information.\r\n\r\n#### Settings\r\n\r\nA new
settings modal makes it possible to configure the number of alerts sent
as context directly from the Attack discovery
page:\r\n\r\n![settings](https://github.com/user-attachments/assets/3f5ab4e9-5eae-4f99-8490-e392c758fa6e)\r\n\r\n-
Previously, users configured this value for Attack discovery via the
security assistant Knowledge base settings, as documented
[here](https://www.elastic.co/guide/en/security/8.15/attack-discovery.html#attack-discovery-generate-discoveries)\r\n-
The new settings modal uses local storage (instead of the
previously-shared assistant Knowledge base setting, which is stored in
Elasticsearch)\r\n\r\n#### Output refinement\r\n\r\n_Output refinement_
automatically combines related discoveries (that were previously
represented as two or more discoveries):\r\n\r\n
![default_attack_discovery_graph](https://github.com/user-attachments/assets/c092bb42-a41e-4fba-85c2-a4b2c1ef3053)\r\n\r\n-
The `refine` step in the graph diagram above may (for example), combine
three discoveries from the `generate` step into two discoveries when
they are related\r\n\r\n### Hallucination detection\r\n\r\nNew
_hallucination detection_ displays an error in lieu of showing
hallucinated
output:\r\n\r\n![hallucination_detection](https://github.com/user-attachments/assets/1d849908-3f10-4fe8-8741-c0cf418b1524)\r\n\r\n-
A new tour step was added to the Attack discovery page to share the
improvements:\r\n\r\n![tour_step](https://github.com/user-attachments/assets/0cedf770-baba-41b1-8ec6-b12b14c0c57a)\r\n\r\n###
Summary of improvements for developers\r\n\r\nThe following features
improve the developer experience when running evaluations for Attack
discovery:\r\n\r\n#### Replay alerts in evaluations\r\n\r\nThis
evaluation feature eliminates the need to populate a local environment
with alerts to (re)run evaluations:\r\n\r\n
![alerts_as_input](https://github.com/user-attachments/assets/b29dc847-3d53-4b17-8757-ed59852c1623)\r\n\r\nAlert
replay skips the `retrieve_anonymized_alerts` step in the graph, because
it uses the `anonymizedAlerts` and `replacements` provided as `Input` in
a dataset example. See _Replay alerts in evaluations details_ below for
more information.\r\n\r\n#### Override graph state\r\n\r\nOverride graph
state via datatset examples to test prompt improvements and edge cases
via evaluations:\r\n\r\n
![override_graph_input](https://github.com/user-attachments/assets/a685177b-1e07-4f49-9b8d-c0b652975237)\r\n\r\nTo
use this feature, add an `overrides` key to the `Input` of a dataset
example. See _Override graph state details_ below for more
information.\r\n\r\n#### New custom evaluator\r\n\r\nPrior to this PR,
an evaluator had to be manually added to each dataset in LangSmith to
use an LLM as the judge for correctness.\r\n\r\nThis PR introduces a
custom, programmatic evaluator that handles anonymization automatically,
and eliminates the need to manually create evaluators in LangSmith. To
use it, simply run evaluations from the `Evaluation` tab in
settings.\r\n\r\n#### New evaluation settings\r\n\r\nThis PR introduces
new settings in the `Evaluation`
tab:\r\n\r\n![new_evaluation_settings](https://github.com/user-attachments/assets/ca72aa2a-b0dc-4bec-9409-386d77d6a2f4)\r\n\r\nNew
evaluation settings:\r\n\r\n- `Evaluator model (optional)` - Judge the
quality of predictions using a single model. (Default: use the same
model as the connector)\r\n\r\nThis new setting is useful when you want
to use the same model, e.g. `GPT-4o` to judge the quality of all the
models evaluated in an experiment.\r\n\r\n- `Default max alerts` - The
default maximum number of alerts to send as context, which may be
overridden by the example input\r\n\r\nThis new setting is useful when
using the alerts in the local environment to run evaluations. Examples
that use the Alerts replay feature will ignore this value, because the
alerts in the example `Input` will be used instead.\r\n\r\n####
Directory structure refactoring\r\n\r\n- The server-side directory
structure was refactored to consolidate the location of Attack discovery
related files\r\n\r\n### Details\r\n\r\nThis section describes some of
the improvements above in detail.\r\n\r\n#### Output chunking
details\r\n\r\nThe new output chunking feature increases the maximum and
default number of alerts that may be sent as context. It achieves this
improvement by working around output token limitations.\r\n\r\nLLMs have
different limits for the number of tokens accepted as _input_ for
requests, and the number of tokens available for _output_ when
generating responses.\r\n\r\nToday, the output token limits of most
popular models are significantly smaller than the input token
limits.\r\n\r\nFor example, at the time of this writing, the Gemini 1.5
Pro model's limits are
([source](https://ai.google.dev/gemini-api/docs/models/gemini)):\r\n\r\n-
Input token limit: `2,097,152`\r\n- Output token limit:
`8,192`\r\n\r\nAs a result of this relatively smaller output token
limit, previous versions of Attack discovery would simply fail when an
LLM ran out of output tokens when generating a response. This often
happened \"mid sentence\", and resulted in errors or hallucinations
being displayed to users.\r\n\r\nThe new output chunking feature detects
incomplete responses from the LLM in the `generate` step of the Graph.
When an incomplete response is detected, the `generate` step will run
again with:\r\n\r\n- The original prompt\r\n- The Alerts provided as
context\r\n- The partially generated response\r\n- Instructions to
\"continue where you left off\"\r\n\r\nThe `generate` step in the graph
will run until one of the following conditions is met:\r\n\r\n- The
incomplete response can be successfully parsed\r\n- The maximum number
of generation attempts (default: `10`) is reached\r\n- The maximum
number of hallucinations detected (default: `5`) is reached\r\n\r\n####
Output refinement details\r\n\r\nThe new output refinement feature
automatically combines related discoveries (that were previously
represented as two or more discoveries).\r\n\r\nThe new `refine` step in
the graph re-submits the discoveries from the `generate` step with a
`refinePrompt` to combine related attack discoveries.\r\n\r\nThe
`refine` step is subject to the model's output token limits, just like
the `generate` step. That means a response to the refine prompt from the
LLM may be cut off \"mid\" sentence. To that end:\r\n\r\n- The refine
step will re-run until the (same, shared) `maxGenerationAttempts` and
`maxHallucinationFailures` limits as the `generate` step are
reached\r\n- The maximum number of attempts (default: `10`) is _shared_
with the `generate` step. For example, if it took `7` tries
(`generationAttempts`) to complete the `generate` step, the refine
`step` will only run up to `3` times.\r\n\r\nThe `refine` step will
return _unrefined_ results from the `generate` step when:\r\n\r\n- The
`generate` step uses all `10` generation attempts. When this happens,
the `refine` step will be skipped, and the unrefined output of the
`generate` step will be returned to the user\r\n- If the `refine` step
uses all remaining attempts, but fails to produce a refined response,
due to output token limitations, or hallucinations in the refined
response\r\n\r\n#### Hallucination detection details\r\n\r\nBefore this
PR, Attack discovery directly used lower level LangChain APIs to parse
responses from the LLM. After this PR, Attack discovery uses
LangGraph.\r\n\r\nIn the previous implementation, when Attack discovery
received an incomplete response because the output token limits of a
model were hit, the LangChain APIs automatically re-submitted the
incomplete response in an attempt to \"repair\" it. However, the
re-submitted results didn't include all of the original context (i.e.
alerts that generated them). The repair process often resulted in
hallucinated results being presented to users, especially with some
models i.e. `Claude 3.5 Haiku`.\r\n\r\nIn this PR, the `generate` and
`refine` steps detect (some) hallucinations. When hallucinations are
detected:\r\n\r\n- The current accumulated `generations` or
`refinements` are (respectively) discarded, effectively restarting the
`generate` or `refine` process\r\n- The `generate` and `refine` steps
will be retried until the maximum generation attempts (default: `10`) or
hallucinations detected (default: `5`) limits are reached\r\n\r\nHitting
the hallucination limit during the `generate` step will result in an
error being displayed to the user.\r\n\r\nHitting the hallucination
limit during the `refine` step will result in the unrefined discoveries
being displayed to the user.\r\n\r\n#### Replay alerts in evaluations
details\r\n\r\nAlerts replay makes it possible to re-run evaluations,
even when your local deployment has zero alerts.\r\n\r\nThis feature
eliminates the chore of populating your local instance with specific
alerts for each example.\r\n\r\nEvery example in a dataset may
(optionally) specify a different set of alerts.\r\n\r\nAlert replay
skips the `retrieve_anonymized_alerts` step in the graph, because it
uses the `anonymizedAlerts` and `replacements` provided as `Input` in a
dataset example.\r\n\r\nThe following instructions document the process
of creating a new LangSmith dataset example that uses the Alerts replay
feature:\r\n\r\n1) In Kibana, navigate to Security > Attack
discovery\r\n\r\n2) Click `Generate` to generate Attack
discoveries\r\n\r\n3) In LangSmith, navigate to Projects > _Your
project_\r\n\r\n4) In the `Runs` tab of the LangSmith project, click on
the latest `Attack discovery` entry to open the trace\r\n\r\n5)
**IMPORTANT**: In the trace, select the **LAST**
`ChannelWriteChannelWrite<attackDiscoveries,attackDisc...` entry. The
last entry will appear inside the **LAST** `refine` step in the trace,
as illustrated by the screenshot
below:\r\n\r\n![last_channel_write](https://github.com/user-attachments/assets/c57fc803-3bbb-4603-b99f-d2b130428201)\r\n\r\n6)
With the last `ChannelWriteChannelWrite<attackDiscoveries,attackDisc...`
entry selected, click `Add to` > `Add to Dataset`\r\n\r\n7) Copy-paste
the `Input` to the `Output`, because evaluation Experiments always
compare the current run with the `Output` in an example.\r\n\r\n- This
step is _always_ required to create a dataset.\r\n- If you don't want to
use the Alert replay feature, replace `Input` with an empty
object:\r\n\r\n```json\r\n{}\r\n```\r\n\r\n8) Choose an existing
dataset, or create a new one\r\n\r\n9) Click the `Submit` button to add
the example to the dataset.\r\n\r\nAfter completing the steps above, the
dataset is ready to be run in evaluations.\r\n\r\n#### Override graph
state details\r\n\r\nWhen a dataset is run in an evaluation (to create
Experiments):\r\n\r\n- The (optional) `anonymizedAlerts` and
`replacements` provided as `Input` in the example will be replayed,
bypassing the `retrieve_anonymized_alerts` step in the graph\r\n- The
rest of the properties in `Input` will not be used as inputs to the
graph\r\n- In contrast, an empty object `{}` in `Input` means the latest
and riskiest alerts in the last 24 hours in the local environment will
be queried\r\n\r\nIn addition to the above, you may add an optional
`overrides` key in the `Input` of a dataset example to test changes or
edge cases. This is useful for evaluating changes without updating the
code directly.\r\n\r\nThe `overrides` set the initial state of the graph
before it's run in an evaluation.\r\n\r\nThe example `Input` below
overrides the prompts used in the `generate` and `refine`
steps:\r\n\r\n```json\r\n{\r\n \"overrides\": {\r\n \"refinePrompt\":
\"This overrides the refine prompt\",\r\n \"attackDiscoveryPrompt\":
\"This overrides the attack discovery prompt\"\r\n
}\r\n}\r\n```\r\n\r\nTo use the `overrides` feature in evaluations to
set the initial state of the graph:\r\n\r\n1) Create a dataset example,
as documented in the _Replay alerts in evaluations details_ section
above\r\n\r\n2) In LangSmith, navigate to Datasets & Testing > _Your
Dataset_\r\n\r\n3) In the dataset, click the Examples tab\r\n\r\n4)
Click an example to open it in the flyout\r\n\r\n5) Click the `Edit`
button to edit the example\r\n\r\n6) Add the `overrides` key shown below
to the `Input` e.g.:\r\n\r\n```json\r\n{\r\n \"overrides\": {\r\n
\"refinePrompt\": \"This overrides the refine prompt\",\r\n
\"attackDiscoveryPrompt\": \"This overrides the attack discovery
prompt\"\r\n }\r\n}\r\n```\r\n\r\n7) Edit the `overrides` in the example
`Input` above to add (or remove) entries that will determine the initial
state of the graph.\r\n\r\nAll of the `overides` shown in step 6 are
optional. The `refinePrompt` and `attackDiscoveryPrompt` could be
removed from the `overrides` example above, and replaced with
`maxGenerationAttempts` to test a higher limit.\r\n\r\nAll valid graph
state may be specified in
`overrides`.","sha":"2c21adb8faafc0016ad7a6591837118f6bdf0907","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","v9.0.0","Team:
SecuritySolution","ci:cloud-deploy","ci:cloud-persist-deployment","Team:Security
Generative AI","v8.16.0","backport:version"],"title":"[Security
Solution] [Attack discovery] Output chunking / refinement, LangGraph
migration, and evaluation
improvements","number":195669,"url":"https://github.com/elastic/kibana/pull/195669","mergeCommit":{"message":"[Security
Solution] [Attack discovery] Output chunking / refinement, LangGraph
migration, and evaluation improvements (#195669)\n\n## [Security
Solution] [Attack discovery] Output chunking / refinement, LangGraph
migration, and evaluation improvements\r\n\r\n### Summary\r\n\r\nThis PR
improves the Attack discovery user and developer experience with output
chunking / refinement, migration to LangGraph, and improvements to
evaluations.\r\n\r\nThe improvements were realized by transitioning from
directly using lower-level LangChain apis to LangGraph in this PR, and a
deeper integration with the evaluation features of
LangSmith.\r\n\r\n#### Output chunking\r\n\r\n_Output chunking_
increases the maximum and default number of alerts sent as context,
working around the output token limitations of popular large language
models (LLMs):\r\n\r\n| | Old | New
|\r\n|----------------|-------|-------|\r\n| max alerts | `100` | `500`
|\r\n| default alerts | `20` | `200` |\r\n\r\nSee _Output chunking
details_ below for more information.\r\n\r\n#### Settings\r\n\r\nA new
settings modal makes it possible to configure the number of alerts sent
as context directly from the Attack discovery
page:\r\n\r\n![settings](https://github.com/user-attachments/assets/3f5ab4e9-5eae-4f99-8490-e392c758fa6e)\r\n\r\n-
Previously, users configured this value for Attack discovery via the
security assistant Knowledge base settings, as documented
[here](https://www.elastic.co/guide/en/security/8.15/attack-discovery.html#attack-discovery-generate-discoveries)\r\n-
The new settings modal uses local storage (instead of the
previously-shared assistant Knowledge base setting, which is stored in
Elasticsearch)\r\n\r\n#### Output refinement\r\n\r\n_Output refinement_
automatically combines related discoveries (that were previously
represented as two or more discoveries):\r\n\r\n
![default_attack_discovery_graph](https://github.com/user-attachments/assets/c092bb42-a41e-4fba-85c2-a4b2c1ef3053)\r\n\r\n-
The `refine` step in the graph diagram above may (for example), combine
three discoveries from the `generate` step into two discoveries when
they are related\r\n\r\n### Hallucination detection\r\n\r\nNew
_hallucination detection_ displays an error in lieu of showing
hallucinated
output:\r\n\r\n![hallucination_detection](https://github.com/user-attachments/assets/1d849908-3f10-4fe8-8741-c0cf418b1524)\r\n\r\n-
A new tour step was added to the Attack discovery page to share the
improvements:\r\n\r\n![tour_step](https://github.com/user-attachments/assets/0cedf770-baba-41b1-8ec6-b12b14c0c57a)\r\n\r\n###
Summary of improvements for developers\r\n\r\nThe following features
improve the developer experience when running evaluations for Attack
discovery:\r\n\r\n#### Replay alerts in evaluations\r\n\r\nThis
evaluation feature eliminates the need to populate a local environment
with alerts to (re)run evaluations:\r\n\r\n
![alerts_as_input](https://github.com/user-attachments/assets/b29dc847-3d53-4b17-8757-ed59852c1623)\r\n\r\nAlert
replay skips the `retrieve_anonymized_alerts` step in the graph, because
it uses the `anonymizedAlerts` and `replacements` provided as `Input` in
a dataset example. See _Replay alerts in evaluations details_ below for
more information.\r\n\r\n#### Override graph state\r\n\r\nOverride graph
state via datatset examples to test prompt improvements and edge cases
via evaluations:\r\n\r\n
![override_graph_input](https://github.com/user-attachments/assets/a685177b-1e07-4f49-9b8d-c0b652975237)\r\n\r\nTo
use this feature, add an `overrides` key to the `Input` of a dataset
example. See _Override graph state details_ below for more
information.\r\n\r\n#### New custom evaluator\r\n\r\nPrior to this PR,
an evaluator had to be manually added to each dataset in LangSmith to
use an LLM as the judge for correctness.\r\n\r\nThis PR introduces a
custom, programmatic evaluator that handles anonymization automatically,
and eliminates the need to manually create evaluators in LangSmith. To
use it, simply run evaluations from the `Evaluation` tab in
settings.\r\n\r\n#### New evaluation settings\r\n\r\nThis PR introduces
new settings in the `Evaluation`
tab:\r\n\r\n![new_evaluation_settings](https://github.com/user-attachments/assets/ca72aa2a-b0dc-4bec-9409-386d77d6a2f4)\r\n\r\nNew
evaluation settings:\r\n\r\n- `Evaluator model (optional)` - Judge the
quality of predictions using a single model. (Default: use the same
model as the connector)\r\n\r\nThis new setting is useful when you want
to use the same model, e.g. `GPT-4o` to judge the quality of all the
models evaluated in an experiment.\r\n\r\n- `Default max alerts` - The
default maximum number of alerts to send as context, which may be
overridden by the example input\r\n\r\nThis new setting is useful when
using the alerts in the local environment to run evaluations. Examples
that use the Alerts replay feature will ignore this value, because the
alerts in the example `Input` will be used instead.\r\n\r\n####
Directory structure refactoring\r\n\r\n- The server-side directory
structure was refactored to consolidate the location of Attack discovery
related files\r\n\r\n### Details\r\n\r\nThis section describes some of
the improvements above in detail.\r\n\r\n#### Output chunking
details\r\n\r\nThe new output chunking feature increases the maximum and
default number of alerts that may be sent as context. It achieves this
improvement by working around output token limitations.\r\n\r\nLLMs have
different limits for the number of tokens accepted as _input_ for
requests, and the number of tokens available for _output_ when
generating responses.\r\n\r\nToday, the output token limits of most
popular models are significantly smaller than the input token
limits.\r\n\r\nFor example, at the time of this writing, the Gemini 1.5
Pro model's limits are
([source](https://ai.google.dev/gemini-api/docs/models/gemini)):\r\n\r\n-
Input token limit: `2,097,152`\r\n- Output token limit:
`8,192`\r\n\r\nAs a result of this relatively smaller output token
limit, previous versions of Attack discovery would simply fail when an
LLM ran out of output tokens when generating a response. This often
happened \"mid sentence\", and resulted in errors or hallucinations
being displayed to users.\r\n\r\nThe new output chunking feature detects
incomplete responses from the LLM in the `generate` step of the Graph.
When an incomplete response is detected, the `generate` step will run
again with:\r\n\r\n- The original prompt\r\n- The Alerts provided as
context\r\n- The partially generated response\r\n- Instructions to
\"continue where you left off\"\r\n\r\nThe `generate` step in the graph
will run until one of the following conditions is met:\r\n\r\n- The
incomplete response can be successfully parsed\r\n- The maximum number
of generation attempts (default: `10`) is reached\r\n- The maximum
number of hallucinations detected (default: `5`) is reached\r\n\r\n####
Output refinement details\r\n\r\nThe new output refinement feature
automatically combines related discoveries (that were previously
represented as two or more discoveries).\r\n\r\nThe new `refine` step in
the graph re-submits the discoveries from the `generate` step with a
`refinePrompt` to combine related attack discoveries.\r\n\r\nThe
`refine` step is subject to the model's output token limits, just like
the `generate` step. That means a response to the refine prompt from the
LLM may be cut off \"mid\" sentence. To that end:\r\n\r\n- The refine
step will re-run until the (same, shared) `maxGenerationAttempts` and
`maxHallucinationFailures` limits as the `generate` step are
reached\r\n- The maximum number of attempts (default: `10`) is _shared_
with the `generate` step. For example, if it took `7` tries
(`generationAttempts`) to complete the `generate` step, the refine
`step` will only run up to `3` times.\r\n\r\nThe `refine` step will
return _unrefined_ results from the `generate` step when:\r\n\r\n- The
`generate` step uses all `10` generation attempts. When this happens,
the `refine` step will be skipped, and the unrefined output of the
`generate` step will be returned to the user\r\n- If the `refine` step
uses all remaining attempts, but fails to produce a refined response,
due to output token limitations, or hallucinations in the refined
response\r\n\r\n#### Hallucination detection details\r\n\r\nBefore this
PR, Attack discovery directly used lower level LangChain APIs to parse
responses from the LLM. After this PR, Attack discovery uses
LangGraph.\r\n\r\nIn the previous implementation, when Attack discovery
received an incomplete response because the output token limits of a
model were hit, the LangChain APIs automatically re-submitted the
incomplete response in an attempt to \"repair\" it. However, the
re-submitted results didn't include all of the original context (i.e.
alerts that generated them). The repair process often resulted in
hallucinated results being presented to users, especially with some
models i.e. `Claude 3.5 Haiku`.\r\n\r\nIn this PR, the `generate` and
`refine` steps detect (some) hallucinations. When hallucinations are
detected:\r\n\r\n- The current accumulated `generations` or
`refinements` are (respectively) discarded, effectively restarting the
`generate` or `refine` process\r\n- The `generate` and `refine` steps
will be retried until the maximum generation attempts (default: `10`) or
hallucinations detected (default: `5`) limits are reached\r\n\r\nHitting
the hallucination limit during the `generate` step will result in an
error being displayed to the user.\r\n\r\nHitting the hallucination
limit during the `refine` step will result in the unrefined discoveries
being displayed to the user.\r\n\r\n#### Replay alerts in evaluations
details\r\n\r\nAlerts replay makes it possible to re-run evaluations,
even when your local deployment has zero alerts.\r\n\r\nThis feature
eliminates the chore of populating your local instance with specific
alerts for each example.\r\n\r\nEvery example in a dataset may
(optionally) specify a different set of alerts.\r\n\r\nAlert replay
skips the `retrieve_anonymized_alerts` step in the graph, because it
uses the `anonymizedAlerts` and `replacements` provided as `Input` in a
dataset example.\r\n\r\nThe following instructions document the process
of creating a new LangSmith dataset example that uses the Alerts replay
feature:\r\n\r\n1) In Kibana, navigate to Security > Attack
discovery\r\n\r\n2) Click `Generate` to generate Attack
discoveries\r\n\r\n3) In LangSmith, navigate to Projects > _Your
project_\r\n\r\n4) In the `Runs` tab of the LangSmith project, click on
the latest `Attack discovery` entry to open the trace\r\n\r\n5)
**IMPORTANT**: In the trace, select the **LAST**
`ChannelWriteChannelWrite<attackDiscoveries,attackDisc...` entry. The
last entry will appear inside the **LAST** `refine` step in the trace,
as illustrated by the screenshot
below:\r\n\r\n![last_channel_write](https://github.com/user-attachments/assets/c57fc803-3bbb-4603-b99f-d2b130428201)\r\n\r\n6)
With the last `ChannelWriteChannelWrite<attackDiscoveries,attackDisc...`
entry selected, click `Add to` > `Add to Dataset`\r\n\r\n7) Copy-paste
the `Input` to the `Output`, because evaluation Experiments always
compare the current run with the `Output` in an example.\r\n\r\n- This
step is _always_ required to create a dataset.\r\n- If you don't want to
use the Alert replay feature, replace `Input` with an empty
object:\r\n\r\n```json\r\n{}\r\n```\r\n\r\n8) Choose an existing
dataset, or create a new one\r\n\r\n9) Click the `Submit` button to add
the example to the dataset.\r\n\r\nAfter completing the steps above, the
dataset is ready to be run in evaluations.\r\n\r\n#### Override graph
state details\r\n\r\nWhen a dataset is run in an evaluation (to create
Experiments):\r\n\r\n- The (optional) `anonymizedAlerts` and
`replacements` provided as `Input` in the example will be replayed,
bypassing the `retrieve_anonymized_alerts` step in the graph\r\n- The
rest of the properties in `Input` will not be used as inputs to the
graph\r\n- In contrast, an empty object `{}` in `Input` means the latest
and riskiest alerts in the last 24 hours in the local environment will
be queried\r\n\r\nIn addition to the above, you may add an optional
`overrides` key in the `Input` of a dataset example to test changes or
edge cases. This is useful for evaluating changes without updating the
code directly.\r\n\r\nThe `overrides` set the initial state of the graph
before it's run in an evaluation.\r\n\r\nThe example `Input` below
overrides the prompts used in the `generate` and `refine`
steps:\r\n\r\n```json\r\n{\r\n \"overrides\": {\r\n \"refinePrompt\":
\"This overrides the refine prompt\",\r\n \"attackDiscoveryPrompt\":
\"This overrides the attack discovery prompt\"\r\n
}\r\n}\r\n```\r\n\r\nTo use the `overrides` feature in evaluations to
set the initial state of the graph:\r\n\r\n1) Create a dataset example,
as documented in the _Replay alerts in evaluations details_ section
above\r\n\r\n2) In LangSmith, navigate to Datasets & Testing > _Your
Dataset_\r\n\r\n3) In the dataset, click the Examples tab\r\n\r\n4)
Click an example to open it in the flyout\r\n\r\n5) Click the `Edit`
button to edit the example\r\n\r\n6) Add the `overrides` key shown below
to the `Input` e.g.:\r\n\r\n```json\r\n{\r\n \"overrides\": {\r\n
\"refinePrompt\": \"This overrides the refine prompt\",\r\n
\"attackDiscoveryPrompt\": \"This overrides the attack discovery
prompt\"\r\n }\r\n}\r\n```\r\n\r\n7) Edit the `overrides` in the example
`Input` above to add (or remove) entries that will determine the initial
state of the graph.\r\n\r\nAll of the `overides` shown in step 6 are
optional. The `refinePrompt` and `attackDiscoveryPrompt` could be
removed from the `overrides` example above, and replaced with
`maxGenerationAttempts` to test a higher limit.\r\n\r\nAll valid graph
state may be specified in
`overrides`.","sha":"2c21adb8faafc0016ad7a6591837118f6bdf0907"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195669","number":195669,"mergeCommit":{"message":"[Security
Solution] [Attack discovery] Output chunking / refinement, LangGraph
migration, and evaluation improvements (#195669)\n\n## [Security
Solution] [Attack discovery] Output chunking / refinement, LangGraph
migration, and evaluation improvements\r\n\r\n### Summary\r\n\r\nThis PR
improves the Attack discovery user and developer experience with output
chunking / refinement, migration to LangGraph, and improvements to
evaluations.\r\n\r\nThe improvements were realized by transitioning from
directly using lower-level LangChain apis to LangGraph in this PR, and a
deeper integration with the evaluation features of
LangSmith.\r\n\r\n#### Output chunking\r\n\r\n_Output chunking_
increases the maximum and default number of alerts sent as context,
working around the output token limitations of popular large language
models (LLMs):\r\n\r\n| | Old | New
|\r\n|----------------|-------|-------|\r\n| max alerts | `100` | `500`
|\r\n| default alerts | `20` | `200` |\r\n\r\nSee _Output chunking
details_ below for more information.\r\n\r\n#### Settings\r\n\r\nA new
settings modal makes it possible to configure the number of alerts sent
as context directly from the Attack discovery
page:\r\n\r\n![settings](https://github.com/user-attachments/assets/3f5ab4e9-5eae-4f99-8490-e392c758fa6e)\r\n\r\n-
Previously, users configured this value for Attack discovery via the
security assistant Knowledge base settings, as documented
[here](https://www.elastic.co/guide/en/security/8.15/attack-discovery.html#attack-discovery-generate-discoveries)\r\n-
The new settings modal uses local storage (instead of the
previously-shared assistant Knowledge base setting, which is stored in
Elasticsearch)\r\n\r\n#### Output refinement\r\n\r\n_Output refinement_
automatically combines related discoveries (that were previously
represented as two or more discoveries):\r\n\r\n
![default_attack_discovery_graph](https://github.com/user-attachments/assets/c092bb42-a41e-4fba-85c2-a4b2c1ef3053)\r\n\r\n-
The `refine` step in the graph diagram above may (for example), combine
three discoveries from the `generate` step into two discoveries when
they are related\r\n\r\n### Hallucination detection\r\n\r\nNew
_hallucination detection_ displays an error in lieu of showing
hallucinated
output:\r\n\r\n![hallucination_detection](https://github.com/user-attachments/assets/1d849908-3f10-4fe8-8741-c0cf418b1524)\r\n\r\n-
A new tour step was added to the Attack discovery page to share the
improvements:\r\n\r\n![tour_step](https://github.com/user-attachments/assets/0cedf770-baba-41b1-8ec6-b12b14c0c57a)\r\n\r\n###
Summary of improvements for developers\r\n\r\nThe following features
improve the developer experience when running evaluations for Attack
discovery:\r\n\r\n#### Replay alerts in evaluations\r\n\r\nThis
evaluation feature eliminates the need to populate a local environment
with alerts to (re)run evaluations:\r\n\r\n
![alerts_as_input](https://github.com/user-attachments/assets/b29dc847-3d53-4b17-8757-ed59852c1623)\r\n\r\nAlert
replay skips the `retrieve_anonymized_alerts` step in the graph, because
it uses the `anonymizedAlerts` and `replacements` provided as `Input` in
a dataset example. See _Replay alerts in evaluations details_ below for
more information.\r\n\r\n#### Override graph state\r\n\r\nOverride graph
state via datatset examples to test prompt improvements and edge cases
via evaluations:\r\n\r\n
![override_graph_input](https://github.com/user-attachments/assets/a685177b-1e07-4f49-9b8d-c0b652975237)\r\n\r\nTo
use this feature, add an `overrides` key to the `Input` of a dataset
example. See _Override graph state details_ below for more
information.\r\n\r\n#### New custom evaluator\r\n\r\nPrior to this PR,
an evaluator had to be manually added to each dataset in LangSmith to
use an LLM as the judge for correctness.\r\n\r\nThis PR introduces a
custom, programmatic evaluator that handles anonymization automatically,
and eliminates the need to manually create evaluators in LangSmith. To
use it, simply run evaluations from the `Evaluation` tab in
settings.\r\n\r\n#### New evaluation settings\r\n\r\nThis PR introduces
new settings in the `Evaluation`
tab:\r\n\r\n![new_evaluation_settings](https://github.com/user-attachments/assets/ca72aa2a-b0dc-4bec-9409-386d77d6a2f4)\r\n\r\nNew
evaluation settings:\r\n\r\n- `Evaluator model (optional)` - Judge the
quality of predictions using a single model. (Default: use the same
model as the connector)\r\n\r\nThis new setting is useful when you want
to use the same model, e.g. `GPT-4o` to judge the quality of all the
models evaluated in an experiment.\r\n\r\n- `Default max alerts` - The
default maximum number of alerts to send as context, which may be
overridden by the example input\r\n\r\nThis new setting is useful when
using the alerts in the local environment to run evaluations. Examples
that use the Alerts replay feature will ignore this value, because the
alerts in the example `Input` will be used instead.\r\n\r\n####
Directory structure refactoring\r\n\r\n- The server-side directory
structure was refactored to consolidate the location of Attack discovery
related files\r\n\r\n### Details\r\n\r\nThis section describes some of
the improvements above in detail.\r\n\r\n#### Output chunking
details\r\n\r\nThe new output chunking feature increases the maximum and
default number of alerts that may be sent as context. It achieves this
improvement by working around output token limitations.\r\n\r\nLLMs have
different limits for the number of tokens accepted as _input_ for
requests, and the number of tokens available for _output_ when
generating responses.\r\n\r\nToday, the output token limits of most
popular models are significantly smaller than the input token
limits.\r\n\r\nFor example, at the time of this writing, the Gemini 1.5
Pro model's limits are
([source](https://ai.google.dev/gemini-api/docs/models/gemini)):\r\n\r\n-
Input token limit: `2,097,152`\r\n- Output token limit:
`8,192`\r\n\r\nAs a result of this relatively smaller output token
limit, previous versions of Attack discovery would simply fail when an
LLM ran out of output tokens when generating a response. This often
happened \"mid sentence\", and resulted in errors or hallucinations
being displayed to users.\r\n\r\nThe new output chunking feature detects
incomplete responses from the LLM in the `generate` step of the Graph.
When an incomplete response is detected, the `generate` step will run
again with:\r\n\r\n- The original prompt\r\n- The Alerts provided as
context\r\n- The partially generated response\r\n- Instructions to
\"continue where you left off\"\r\n\r\nThe `generate` step in the graph
will run until one of the following conditions is met:\r\n\r\n- The
incomplete response can be successfully parsed\r\n- The maximum number
of generation attempts (default: `10`) is reached\r\n- The maximum
number of hallucinations detected (default: `5`) is reached\r\n\r\n####
Output refinement details\r\n\r\nThe new output refinement feature
automatically combines related discoveries (that were previously
represented as two or more discoveries).\r\n\r\nThe new `refine` step in
the graph re-submits the discoveries from the `generate` step with a
`refinePrompt` to combine related attack discoveries.\r\n\r\nThe
`refine` step is subject to the model's output token limits, just like
the `generate` step. That means a response to the refine prompt from the
LLM may be cut off \"mid\" sentence. To that end:\r\n\r\n- The refine
step will re-run until the (same, shared) `maxGenerationAttempts` and
`maxHallucinationFailures` limits as the `generate` step are
reached\r\n- The maximum number of attempts (default: `10`) is _shared_
with the `generate` step. For example, if it took `7` tries
(`generationAttempts`) to complete the `generate` step, the refine
`step` will only run up to `3` times.\r\n\r\nThe `refine` step will
return _unrefined_ results from the `generate` step when:\r\n\r\n- The
`generate` step uses all `10` generation attempts. When this happens,
the `refine` step will be skipped, and the unrefined output of the
`generate` step will be returned to the user\r\n- If the `refine` step
uses all remaining attempts, but fails to produce a refined response,
due to output token limitations, or hallucinations in the refined
response\r\n\r\n#### Hallucination detection details\r\n\r\nBefore this
PR, Attack discovery directly used lower level LangChain APIs to parse
responses from the LLM. After this PR, Attack discovery uses
LangGraph.\r\n\r\nIn the previous implementation, when Attack discovery
received an incomplete response because the output token limits of a
model were hit, the LangChain APIs automatically re-submitted the
incomplete response in an attempt to \"repair\" it. However, the
re-submitted results didn't include all of the original context (i.e.
alerts that generated them). The repair process often resulted in
hallucinated results being presented to users, especially with some
models i.e. `Claude 3.5 Haiku`.\r\n\r\nIn this PR, the `generate` and
`refine` steps detect (some) hallucinations. When hallucinations are
detected:\r\n\r\n- The current accumulated `generations` or
`refinements` are (respectively) discarded, effectively restarting the
`generate` or `refine` process\r\n- The `generate` and `refine` steps
will be retried until the maximum generation attempts (default: `10`) or
hallucinations detected (default: `5`) limits are reached\r\n\r\nHitting
the hallucination limit during the `generate` step will result in an
error being displayed to the user.\r\n\r\nHitting the hallucination
limit during the `refine` step will result in the unrefined discoveries
being displayed to the user.\r\n\r\n#### Replay alerts in evaluations
details\r\n\r\nAlerts replay makes it possible to re-run evaluations,
even when your local deployment has zero alerts.\r\n\r\nThis feature
eliminates the chore of populating your local instance with specific
alerts for each example.\r\n\r\nEvery example in a dataset may
(optionally) specify a different set of alerts.\r\n\r\nAlert replay
skips the `retrieve_anonymized_alerts` step in the graph, because it
uses the `anonymizedAlerts` and `replacements` provided as `Input` in a
dataset example.\r\n\r\nThe following instructions document the process
of creating a new LangSmith dataset example that uses the Alerts replay
feature:\r\n\r\n1) In Kibana, navigate to Security > Attack
discovery\r\n\r\n2) Click `Generate` to generate Attack
discoveries\r\n\r\n3) In LangSmith, navigate to Projects > _Your
project_\r\n\r\n4) In the `Runs` tab of the LangSmith project, click on
the latest `Attack discovery` entry to open the trace\r\n\r\n5)
**IMPORTANT**: In the trace, select the **LAST**
`ChannelWriteChannelWrite<attackDiscoveries,attackDisc...` entry. The
last entry will appear inside the **LAST** `refine` step in the trace,
as illustrated by the screenshot
below:\r\n\r\n![last_channel_write](https://github.com/user-attachments/assets/c57fc803-3bbb-4603-b99f-d2b130428201)\r\n\r\n6)
With the last `ChannelWriteChannelWrite<attackDiscoveries,attackDisc...`
entry selected, click `Add to` > `Add to Dataset`\r\n\r\n7) Copy-paste
the `Input` to the `Output`, because evaluation Experiments always
compare the current run with the `Output` in an example.\r\n\r\n- This
step is _always_ required to create a dataset.\r\n- If you don't want to
use the Alert replay feature, replace `Input` with an empty
object:\r\n\r\n```json\r\n{}\r\n```\r\n\r\n8) Choose an existing
dataset, or create a new one\r\n\r\n9) Click the `Submit` button to add
the example to the dataset.\r\n\r\nAfter completing the steps above, the
dataset is ready to be run in evaluations.\r\n\r\n#### Override graph
state details\r\n\r\nWhen a dataset is run in an evaluation (to create
Experiments):\r\n\r\n- The (optional) `anonymizedAlerts` and
`replacements` provided as `Input` in the example will be replayed,
bypassing the `retrieve_anonymized_alerts` step in the graph\r\n- The
rest of the properties in `Input` will not be used as inputs to the
graph\r\n- In contrast, an empty object `{}` in `Input` means the latest
and riskiest alerts in the last 24 hours in the local environment will
be queried\r\n\r\nIn addition to the above, you may add an optional
`overrides` key in the `Input` of a dataset example to test changes or
edge cases. This is useful for evaluating changes without updating the
code directly.\r\n\r\nThe `overrides` set the initial state of the graph
before it's run in an evaluation.\r\n\r\nThe example `Input` below
overrides the prompts used in the `generate` and `refine`
steps:\r\n\r\n```json\r\n{\r\n \"overrides\": {\r\n \"refinePrompt\":
\"This overrides the refine prompt\",\r\n \"attackDiscoveryPrompt\":
\"This overrides the attack discovery prompt\"\r\n
}\r\n}\r\n```\r\n\r\nTo use the `overrides` feature in evaluations to
set the initial state of the graph:\r\n\r\n1) Create a dataset example,
as documented in the _Replay alerts in evaluations details_ section
above\r\n\r\n2) In LangSmith, navigate to Datasets & Testing > _Your
Dataset_\r\n\r\n3) In the dataset, click the Examples tab\r\n\r\n4)
Click an example to open it in the flyout\r\n\r\n5) Click the `Edit`
button to edit the example\r\n\r\n6) Add the `overrides` key shown below
to the `Input` e.g.:\r\n\r\n```json\r\n{\r\n \"overrides\": {\r\n
\"refinePrompt\": \"This overrides the refine prompt\",\r\n
\"attackDiscoveryPrompt\": \"This overrides the attack discovery
prompt\"\r\n }\r\n}\r\n```\r\n\r\n7) Edit the `overrides` in the example
`Input` above to add (or remove) entries that will determine the initial
state of the graph.\r\n\r\nAll of the `overides` shown in step 6 are
optional. The `refinePrompt` and `attackDiscoveryPrompt` could be
removed from the `overrides` example above, and replaced with
`maxGenerationAttempts` to test a higher limit.\r\n\r\nAll valid graph
state may be specified in
`overrides`.","sha":"2c21adb8faafc0016ad7a6591837118f6bdf0907"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Andrew Macri <andrew.macri@elastic.co>
 2024-10-15 11:28:55 -05:00
Kibana Machine
a8cec560a6
[8.x] [Onboarding] UX Feedback - Slight Tweaks to search detail (#194873) (#196314) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Onboarding] UX Feedback - Slight Tweaks to search detail
(#194873)](https://github.com/elastic/kibana/pull/194873)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Michael
DeFazio","email":"michael.defazio@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T13:33:31Z","message":"[Onboarding]
UX Feedback - Slight Tweaks to search detail (#194873)\n\nTweaks to
search
details\r\n\r\n\r\nhttps://github.com/user-attachments/assets/a583a9d9-b059-4ce1-beaa-f7c733feabf0\r\n\r\n---------\r\n\r\nCo-authored-by:
Joseph McElroy <joseph.mcelroy@elastic.co>\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"545f5a42f7af27bad33e272aa67eb59ac27e04ce","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Search","backport:prev-minor"],"title":"[Onboarding]
UX Feedback - Slight Tweaks to search
detail","number":194873,"url":"https://github.com/elastic/kibana/pull/194873","mergeCommit":{"message":"[Onboarding]
UX Feedback - Slight Tweaks to search detail (#194873)\n\nTweaks to
search
details\r\n\r\n\r\nhttps://github.com/user-attachments/assets/a583a9d9-b059-4ce1-beaa-f7c733feabf0\r\n\r\n---------\r\n\r\nCo-authored-by:
Joseph McElroy <joseph.mcelroy@elastic.co>\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"545f5a42f7af27bad33e272aa67eb59ac27e04ce"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194873","number":194873,"mergeCommit":{"message":"[Onboarding]
UX Feedback - Slight Tweaks to search detail (#194873)\n\nTweaks to
search
details\r\n\r\n\r\nhttps://github.com/user-attachments/assets/a583a9d9-b059-4ce1-beaa-f7c733feabf0\r\n\r\n---------\r\n\r\nCo-authored-by:
Joseph McElroy <joseph.mcelroy@elastic.co>\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"545f5a42f7af27bad33e272aa67eb59ac27e04ce"}}]}]
BACKPORT-->

Co-authored-by: Michael DeFazio <michael.defazio@elastic.co>
 2024-10-15 10:33:38 -05:00
Kibana Machine
c04b25b9ee
[8.x] [Inventory][ECO] Show alerts for entities (#195250) (#196288) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Inventory][ECO] Show alerts for entities
(#195250)](https://github.com/elastic/kibana/pull/195250)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT
[{"author":{"name":"Katerina","email":"aikaterini.patticha@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T11:51:34Z","message":"[Inventory][ECO]
Show alerts for entities (#195250)\n\n## Summary\r\n\r\nShow alerts
related to entities\r\n\r\nclose
https://github.com/elastic/kibana/issues/194381 \r\n\r\n###
Checklist\r\n\r\n- change default sorting from last seen to
alertsCount\r\n- when alertsCount is not available server side sorting
fallbacks to\r\nlast seen\r\n- [Change app route from
/app/observability/inventory
to\r\n/app/inventory](57598d05fb)\r\n(causing
issue when importing observability plugin\r\n- refactoring: move columns
into seperate file
\r\n\r\n\r\n\r\n\r\nhttps://github.com/user-attachments/assets/ea3abc5a-0581-41e7-a174-6655a39c1133\r\n\r\n\r\n\r\n###
How to test\r\n- run any synthtrace scenario ex`node
scripts/synthtrace\r\ninfra_hosts_with_apm_hosts.ts`\r\n- create a rule
(SLO or apm) \r\n- click on the alert
count\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Cauê Marcondes
<55978943+cauemarcondes@users.noreply.github.com>","sha":"c0bd82b30ca7e0fec99321412a37a2e37bc20970","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["v9.0.0","release_note:feature","backport:prev-minor","ci:project-deploy-observability","Team:obs-ux-infra_services","v8.16.0"],"title":"[Inventory][ECO]
Show alerts for entities
","number":195250,"url":"https://github.com/elastic/kibana/pull/195250","mergeCommit":{"message":"[Inventory][ECO]
Show alerts for entities (#195250)\n\n## Summary\r\n\r\nShow alerts
related to entities\r\n\r\nclose
https://github.com/elastic/kibana/issues/194381 \r\n\r\n###
Checklist\r\n\r\n- change default sorting from last seen to
alertsCount\r\n- when alertsCount is not available server side sorting
fallbacks to\r\nlast seen\r\n- [Change app route from
/app/observability/inventory
to\r\n/app/inventory](57598d05fb)\r\n(causing
issue when importing observability plugin\r\n- refactoring: move columns
into seperate file
\r\n\r\n\r\n\r\n\r\nhttps://github.com/user-attachments/assets/ea3abc5a-0581-41e7-a174-6655a39c1133\r\n\r\n\r\n\r\n###
How to test\r\n- run any synthtrace scenario ex`node
scripts/synthtrace\r\ninfra_hosts_with_apm_hosts.ts`\r\n- create a rule
(SLO or apm) \r\n- click on the alert
count\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Cauê Marcondes
<55978943+cauemarcondes@users.noreply.github.com>","sha":"c0bd82b30ca7e0fec99321412a37a2e37bc20970"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195250","number":195250,"mergeCommit":{"message":"[Inventory][ECO]
Show alerts for entities (#195250)\n\n## Summary\r\n\r\nShow alerts
related to entities\r\n\r\nclose
https://github.com/elastic/kibana/issues/194381 \r\n\r\n###
Checklist\r\n\r\n- change default sorting from last seen to
alertsCount\r\n- when alertsCount is not available server side sorting
fallbacks to\r\nlast seen\r\n- [Change app route from
/app/observability/inventory
to\r\n/app/inventory](57598d05fb)\r\n(causing
issue when importing observability plugin\r\n- refactoring: move columns
into seperate file
\r\n\r\n\r\n\r\n\r\nhttps://github.com/user-attachments/assets/ea3abc5a-0581-41e7-a174-6655a39c1133\r\n\r\n\r\n\r\n###
How to test\r\n- run any synthtrace scenario ex`node
scripts/synthtrace\r\ninfra_hosts_with_apm_hosts.ts`\r\n- create a rule
(SLO or apm) \r\n- click on the alert
count\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Cauê Marcondes
<55978943+cauemarcondes@users.noreply.github.com>","sha":"c0bd82b30ca7e0fec99321412a37a2e37bc20970"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Katerina <aikaterini.patticha@elastic.co>
 2024-10-15 08:58:28 -05:00
Kfir Peled
06d98dc490
[8.x] [Cloud Security] Refactoring cloud-security-posture packages' folder structure (#196008) (#196267) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Cloud Security] Refactoring cloud-security-posture packages' folder
structure (#196008)](https://github.com/elastic/kibana/pull/196008)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Kfir
Peled","email":"61654899+kfirpeled@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-14T14:43:08Z","message":"[Cloud
Security] Refactoring cloud-security-posture packages' folder structure
(#196008)\n\n## Summary\r\n\r\nOrganized the team's packages under the
same root folder\r\n\r\n```\r\n \"@kbn/cloud-security-posture\":
\"link:x-pack/packages/cloud_security_posture/public\",\r\n
\"@kbn/cloud-security-posture-common\":
\"link:x-pack/packages/kbn-cloud-security-posture/common\",\r\n
\"@kbn/cloud-security-posture-graph\":
\"link:x-pack/packages/kbn-cloud-security-posture/graph\",\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"96eff23f50f68a161b85d6d05309fa3ea6a287b4","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor"],"number":196008,"url":"https://github.com/elastic/kibana/pull/196008","mergeCommit":{"message":"[Cloud
Security] Refactoring cloud-security-posture packages' folder structure
(#196008)\n\n## Summary\r\n\r\nOrganized the team's packages under the
same root folder\r\n\r\n```\r\n \"@kbn/cloud-security-posture\":
\"link:x-pack/packages/cloud_security_posture/public\",\r\n
\"@kbn/cloud-security-posture-common\":
\"link:x-pack/packages/kbn-cloud-security-posture/common\",\r\n
\"@kbn/cloud-security-posture-graph\":
\"link:x-pack/packages/kbn-cloud-security-posture/graph\",\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"96eff23f50f68a161b85d6d05309fa3ea6a287b4"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196008","number":196008,"mergeCommit":{"message":"[Cloud
Security] Refactoring cloud-security-posture packages' folder structure
(#196008)\n\n## Summary\r\n\r\nOrganized the team's packages under the
same root folder\r\n\r\n```\r\n \"@kbn/cloud-security-posture\":
\"link:x-pack/packages/cloud_security_posture/public\",\r\n
\"@kbn/cloud-security-posture-common\":
\"link:x-pack/packages/kbn-cloud-security-posture/common\",\r\n
\"@kbn/cloud-security-posture-graph\":
\"link:x-pack/packages/kbn-cloud-security-posture/graph\",\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"96eff23f50f68a161b85d6d05309fa3ea6a287b4"}}]}]
BACKPORT-->
 2024-10-15 06:51:18 -05:00
Kibana Machine
ba5a8fc816
[8.x] [APM][Otel] Use &#x60;fields&#x60; instead of &#x60;_source&#x60; on APM queries (#195242) (#196265) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[APM][Otel] Use &#x60;fields&#x60; instead of &#x60;_source&#x60; on
APM queries (#195242)](https://github.com/elastic/kibana/pull/195242)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Carlos
Crespo","email":"crespocarlos@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T09:38:44Z","message":"[APM][Otel]
Use `fields` instead of `_source` on APM queries (#195242)\n\ncloses
https://github.com/elastic/kibana/issues/192606\r\n\r\n##
Summary\r\n\r\nv2 based on the work done in this
PR\r\nhttps://github.com/elastic/kibana/pull/192608 and the suggestion
from\r\nDario https://github.com/elastic/kibana/pull/194424\r\n\r\nThis
PR replaces the _source usage in APM queries with fields to
support\r\nOtel data. The idea is to get rid of existing UI errors we
have and make\r\nsure that otel data is shown correctly in the
UI.\r\n\r\nOne way to check it is using the
[e2e\r\nPoC](https://github.com/elastic/otel-apm-e2e-poc/blob/main/README.md).\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Elastic Machine
<elasticmachine@users.noreply.github.com>\r\nCo-authored-by: Jenny
<dzheni.pavlova@elastic.co>","sha":"7235ed0425100bbf04ff157d0af7980875473c99","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","v9.0.0","apm","apm:opentelemetry","backport:prev-minor","ci:project-deploy-observability","Team:obs-ux-infra_services"],"title":"[APM][Otel]
Use `fields` instead of `_source` on APM
queries","number":195242,"url":"https://github.com/elastic/kibana/pull/195242","mergeCommit":{"message":"[APM][Otel]
Use `fields` instead of `_source` on APM queries (#195242)\n\ncloses
https://github.com/elastic/kibana/issues/192606\r\n\r\n##
Summary\r\n\r\nv2 based on the work done in this
PR\r\nhttps://github.com/elastic/kibana/pull/192608 and the suggestion
from\r\nDario https://github.com/elastic/kibana/pull/194424\r\n\r\nThis
PR replaces the _source usage in APM queries with fields to
support\r\nOtel data. The idea is to get rid of existing UI errors we
have and make\r\nsure that otel data is shown correctly in the
UI.\r\n\r\nOne way to check it is using the
[e2e\r\nPoC](https://github.com/elastic/otel-apm-e2e-poc/blob/main/README.md).\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Elastic Machine
<elasticmachine@users.noreply.github.com>\r\nCo-authored-by: Jenny
<dzheni.pavlova@elastic.co>","sha":"7235ed0425100bbf04ff157d0af7980875473c99"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195242","number":195242,"mergeCommit":{"message":"[APM][Otel]
Use `fields` instead of `_source` on APM queries (#195242)\n\ncloses
https://github.com/elastic/kibana/issues/192606\r\n\r\n##
Summary\r\n\r\nv2 based on the work done in this
PR\r\nhttps://github.com/elastic/kibana/pull/192608 and the suggestion
from\r\nDario https://github.com/elastic/kibana/pull/194424\r\n\r\nThis
PR replaces the _source usage in APM queries with fields to
support\r\nOtel data. The idea is to get rid of existing UI errors we
have and make\r\nsure that otel data is shown correctly in the
UI.\r\n\r\nOne way to check it is using the
[e2e\r\nPoC](https://github.com/elastic/otel-apm-e2e-poc/blob/main/README.md).\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Elastic Machine
<elasticmachine@users.noreply.github.com>\r\nCo-authored-by: Jenny
<dzheni.pavlova@elastic.co>","sha":"7235ed0425100bbf04ff157d0af7980875473c99"}}]}]
BACKPORT-->

Co-authored-by: Carlos Crespo <crespocarlos@users.noreply.github.com>
 2024-10-15 06:27:04 -05:00
Kibana Machine
5a67e4d2e1
[8.x] Update dependency @types/lodash to ^4.17.10 (main) (#194739) (#196234) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [Update dependency @types/lodash to ^4.17.10 (main)
(#194739)](https://github.com/elastic/kibana/pull/194739)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT
[{"author":{"name":"elastic-renovate-prod[bot]","email":"174716857+elastic-renovate-prod[bot]@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-15T06:21:03Z","message":"Update
dependency @types/lodash to ^4.17.10 (main)
(#194739)","sha":"563910b672b6dbe4f9e7931e36ec41e674fe8eb3","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Core","Feature:ExpressionLanguage","release_note:skip","💝community","v9.0.0","backport:prev-minor","ci:project-deploy-observability","Team:obs-ux-infra_services","Team:obs-ux-management"],"title":"Update
dependency @types/lodash to ^4.17.10
(main)","number":194739,"url":"https://github.com/elastic/kibana/pull/194739","mergeCommit":{"message":"Update
dependency @types/lodash to ^4.17.10 (main)
(#194739)","sha":"563910b672b6dbe4f9e7931e36ec41e674fe8eb3"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194739","number":194739,"mergeCommit":{"message":"Update
dependency @types/lodash to ^4.17.10 (main)
(#194739)","sha":"563910b672b6dbe4f9e7931e36ec41e674fe8eb3"}}]}]
BACKPORT-->

Co-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com>
 2024-10-15 04:11:15 -05:00
Aleh Zasypkin
d63d72664d
[8.x] feat: allow plugins to deprecate and replace features and feature privileges (#186800) (#196204) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [feat: allow plugins to deprecate and replace features and feature
privileges (#186800)](https://github.com/elastic/kibana/pull/186800)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Aleh
Zasypkin","email":"aleh.zasypkin@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T19:40:59Z","message":"feat:
allow plugins to deprecate and replace features and feature privileges
(#186800)\n\n## Summary\r\n\r\nThis change is the implementation of the
`Kibana Privilege Migrations`\r\nproposal/RFC and provides a framework
that allows developers to replace\r\nan existing feature with a new one
that has the desired configuration\r\nwhile teaching the platform how
the privileges of the deprecated feature\r\ncan be represented by
non-deprecated ones. This approach avoids\r\nintroducing breaking
changes for users who still rely on the deprecated\r\nprivileges in
their existing roles and any automation.\r\n\r\nAmong the use cases the
framework is supposed to handle, the most common\r\nare the
following:\r\n\r\n* Changing a feature ID from `Alpha` to `Beta`\r\n*
Splitting a feature `Alpha` into two features, `Beta` and `Gamma`\r\n*
Moving a capability between privileges within a feature (top-level
or\r\nsub-feature)\r\n* Consolidating capabilities across independent
features\r\n\r\n## Scope\r\n\r\nThis PR includes only the core
functionality proposed in the RFC and\r\nmost of the necessary
guardrails (tests, early validations, etc.) to\r\nhelp engineers start
planning and implementing their migrations as soon\r\nas possible. The
following functionality will be added in follow-ups or\r\nonce we
collect enough feedback:\r\n\r\n* Telemetry\r\n* Developer
documentation\r\n* UI enhancements (highlighting roles with deprecated
privileges and\r\nmanual migration actions)\r\n\r\n##
Framework\r\n\r\nThe steps below use a scenario where a feature `Alpha`
should be split\r\ninto two other features `Beta` and `Gamma` as an
example.\r\n\r\n### Step 1: Create new features with the desired
privileges\r\n\r\nFirst of all, define new feature or features with the
desired\r\nconfiguration as you'd do before. There are no constraints
here.\r\n\r\n<details>\r\n\r\n<summary>Click to see the
code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n
id: 'feature_beta',\r\n name: 'Feature Beta',\r\n privileges: {\r\n all:
{\r\n savedObject: { all: ['saved_object_1'], read: [] },\r\n ui:
['ui_all'],\r\n api: ['api_all'],\r\n … omitted for brevity …\r\n },\r\n
read: {\r\n savedObject: { all: [], read: ['saved_object_1'] },\r\n ui:
['ui_read'],\r\n api: ['api_read'],\r\n … omitted for brevity …\r\n
},\r\n },\r\n … omitted for brevity
…\r\n});\r\n\r\ndeps.features.registerKibanaFeature({\r\n id:
'feature_gamma',\r\n name: 'Feature Gamma',\r\n privileges: {\r\n all:
{\r\n savedObject: { all: ['saved_object_2'], read: [] },\r\n ui:
['ui_all'],\r\n // Note that Feature Gamma, unlike Features Alpha and
Beta doesn't provide any API access tags\r\n … omitted for brevity …\r\n
},\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_2']
},\r\n ui: ['ui_read'],\r\n // Note that Feature Gamma, unlike Features
Alpha and Beta doesn't provide any API access tags\r\n … omitted for
brevity …\r\n },\r\n },\r\n … omitted for brevity
…\r\n});\r\n```\r\n\r\n</details>\r\n\r\n### Step 2: Mark existing
feature as deprecated\r\n\r\nOnce a feature is marked as deprecated, it
should essentially be treated\r\nas frozen for backward compatibility
reasons. Deprecated features will\r\nno longer be available through the
Kibana role management UI and will be\r\nreplaced with non-deprecated
privileges.\r\n\r\nDeprecated privileges will still be accepted if the
role is created or\r\nupdated via the Kibana role management APIs to
avoid disrupting existing\r\nuser automation.\r\n\r\nTo avoid breaking
existing roles that reference privileges provided by\r\nthe deprecated
features, Kibana will continue registering these\r\nprivileges as
Elasticsearch application
privileges.\r\n\r\n<details>\r\n\r\n<summary>Click to see the
code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n
// This is a new `KibanaFeature` property available during feature
registration.\r\n deprecated: {\r\n // User-facing justification for
privilege deprecation that we can display\r\n // to the user when we ask
them to perform role migration.\r\n notice:
i18n.translate('xpack.security...', {\r\n defaultMessage: \"Feature
Alpha is deprecated, refer to {link}...\",\r\n values: { link:
docLinks.links.security.deprecatedFeatureAlpha },\r\n })\r\n },\r\n //
Feature id should stay unchanged, and it's not possible to reuse it.\r\n
id: 'feature_alpha',\r\n name: 'Feature Alpha (DEPRECATED)',\r\n
privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1',
'saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n api:
['api_all'],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n
savedObject: { all: [], read: ['saved_object_1', 'saved_object_2']
},\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n … omitted for brevity
…\r\n },\r\n },\r\n … omitted for brevity
…\r\n});\r\n```\r\n</details>\r\n\r\n### Step 3: Map deprecated
feature’s privileges to the privileges of the\r\nnon-deprecated
features\r\n\r\nThe important requirement for a successful migration
from a deprecated\r\nfeature to a new feature or features is that it
should be possible to\r\nexpress **any combination** of the deprecated
feature and sub-feature\r\nprivileges with the feature or sub-feature
privileges of non-deprecated\r\nfeatures. This way, while editing a role
with deprecated feature\r\nprivileges in the UI, the admin will be
interacting with new privileges\r\nas if they were creating a new role
from scratch, maintaining\r\nconsistency.\r\n\r\nThe relationship
between the privileges of the deprecated feature and\r\nthe privileges
of the features that are supposed to replace them is\r\nexpressed with a
new `replacedBy` property available on the privileges\r\nof the
deprecated feature.\r\n\r\n<details>\r\n\r\n<summary>Click to see the
code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n
// This is a new `KibanaFeature` property available during feature
registration.\r\n deprecated: {\r\n // User-facing justification for
privilege deprecation that we can display\r\n // to the user when we ask
them to perform role migration.\r\n notice:
i18n.translate('xpack.security...', {\r\n defaultMessage: \"Feature
Alpha is deprecated, refer to {link}...\",\r\n values: { link:
docLinks.links.security.deprecatedFeatureAlpha },\r\n })\r\n },\r\n //
Feature id should stay unchanged, and it's not possible to reuse it.\r\n
id: 'feature_alpha',\r\n name: 'Feature Alpha (DEPRECATED)',\r\n
privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1',
'saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n api:
['api_all'],\r\n replacedBy: [\r\n { feature: 'feature_beta',
privileges: ['all'] },\r\n { feature: 'feature_gamma', privileges:
['all'] },\r\n ],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n
savedObject: { all: [], read: ['saved_object_1', 'saved_object_2']
},\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n replacedBy: [\r\n {
feature: 'feature_beta', privileges: ['read'] },\r\n { feature:
'feature_gamma', privileges: ['read'] },\r\n\t],\r\n … omitted for
brevity …\r\n },\r\n },\r\n … omitted for brevity
…\r\n});\r\n```\r\n\r\n</details>\r\n\r\n### Step 4: Adjust the code to
rely only on new, non-deprecated features\r\n\r\nSpecial care should be
taken if the replacement privileges cannot reuse\r\nthe API access tags
from the deprecated privileges and introduce new\r\ntags that will be
applied to the same API endpoints. In this case,\r\ndevelopers should
replace the API access tags of the deprecated\r\nprivileges with the
corresponding tags provided by the replacement\r\nprivileges. This is
necessary because API endpoints can only be accessed\r\nif the user
privileges cover all the tags listed in the API endpoint\r\ndefinition,
and without these changes, existing roles referencing\r\ndeprecated
privileges won’t be able to access those endpoints.\r\n\r\nThe UI
capabilities are handled slightly differently because they are\r\nalways
prefixed with the feature ID. When migrating to new features with\r\nnew
IDs, the code that interacts with UI capabilities will be updated
to\r\nuse these new feature IDs.\r\n\r\n<details>\r\n\r\n<summary>Click
to see the code</summary>\r\n\r\n```ts\r\n// BEFORE
deprecation/migration\r\n// 1. Feature Alpha defition (not deprecated
yet)\r\ndeps.features.registerKibanaFeature({\r\n id:
'feature_alpha',\r\n privileges: {\r\n all: {\r\n api: ['api_all'],\r\n
… omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity
…\r\n});\r\n\r\n// 2. Route protected by `all` privilege of the Feature
Alpha\r\nrouter.post(\r\n { path: '/api/domain/my_api', options: { tags:
['access:api_all'] } },\r\n async (_context, request, response) =>
{}\r\n);\r\n\r\n// AFTER deprecation/migration\r\n// 1. Feature Alpha
defition (deprecated, with updated API
tags)\r\ndeps.features.registerKibanaFeature({\r\n deprecated: …,\r\n
id: 'feature_alpha',\r\n privileges: {\r\n all: {\r\n api:
['api_all_v2'],\r\n replacedBy: [\r\n { feature: 'feature_beta',
privileges: ['all'] },\r\n ],\r\n … omitted for brevity …\r\n },\r\n
},\r\n … omitted for brevity …\r\n});\r\n\r\n// 2. Feature Beta defition
(new)\r\ndeps.features.registerKibanaFeature({\r\n id:
'feature_beta',\r\n privileges: {\r\n all: {\r\n api:
['api_all_v2'],\r\n … omitted for brevity …\r\n }\r\n },\r\n … omitted
for brevity …\r\n});\r\n\r\n// 3. Route protected by `all` privilege of
the Feature Alpha OR Feature Beta\r\nrouter.post(\r\n { path:
'/api/domain/my_api', options: { tags: ['access:api_all_v2'] } },\r\n
async (_context, request, response) => {}\r\n);\r\n\r\n----\r\n\r\n// 
Old client-side code (supports only deprecated privileges)\r\nif
(capabilities.feature_alpha.ui_all) {\r\n … omitted for brevity
…\r\n}\r\n\r\n//  New client-side code (will work for **both** new and
deprecated privileges)\r\nif (capabilities.feature_beta.ui_all) {\r\n …
omitted for brevity …\r\n}\r\n```\r\n</details>\r\n\r\n## How to
test\r\n\r\nThe code introduces a set of API integration tests that are
designed to\r\nvalidate whether the privilege mapping between deprecated
and\r\nreplacement privileges maintains backward
compatibility.\r\n\r\nYou can run the test server with the following
config to register a\r\nnumber of [example
deprecated\r\nfeatures](https://github.com/elastic/kibana/pull/186800/files#diff-d887981d43bbe30cda039340b906b0fa7649ba80230be4de8eda326036f10f6fR20-R49)(`x-pack/test/security_api_integration/plugins/features_provider/server/index.ts`)\r\nand
the features that replace them, to see the framework in
action:\r\n\r\n```bash\r\nnode scripts/functional_tests_server.js
--config
x-pack/test/security_api_integration/features.config.ts\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"cb2112cae51d5f69b9e47ebfde66cfacb2a6719b","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Security","release_note:skip","Feature:Security/Authorization","v9.0.0","backport:prev-minor","v8.16.0"],"number":186800,"url":"https://github.com/elastic/kibana/pull/186800","mergeCommit":{"message":"feat:
allow plugins to deprecate and replace features and feature privileges
(#186800)\n\n## Summary\r\n\r\nThis change is the implementation of the
`Kibana Privilege Migrations`\r\nproposal/RFC and provides a framework
that allows developers to replace\r\nan existing feature with a new one
that has the desired configuration\r\nwhile teaching the platform how
the privileges of the deprecated feature\r\ncan be represented by
non-deprecated ones. This approach avoids\r\nintroducing breaking
changes for users who still rely on the deprecated\r\nprivileges in
their existing roles and any automation.\r\n\r\nAmong the use cases the
framework is supposed to handle, the most common\r\nare the
following:\r\n\r\n* Changing a feature ID from `Alpha` to `Beta`\r\n*
Splitting a feature `Alpha` into two features, `Beta` and `Gamma`\r\n*
Moving a capability between privileges within a feature (top-level
or\r\nsub-feature)\r\n* Consolidating capabilities across independent
features\r\n\r\n## Scope\r\n\r\nThis PR includes only the core
functionality proposed in the RFC and\r\nmost of the necessary
guardrails (tests, early validations, etc.) to\r\nhelp engineers start
planning and implementing their migrations as soon\r\nas possible. The
following functionality will be added in follow-ups or\r\nonce we
collect enough feedback:\r\n\r\n* Telemetry\r\n* Developer
documentation\r\n* UI enhancements (highlighting roles with deprecated
privileges and\r\nmanual migration actions)\r\n\r\n##
Framework\r\n\r\nThe steps below use a scenario where a feature `Alpha`
should be split\r\ninto two other features `Beta` and `Gamma` as an
example.\r\n\r\n### Step 1: Create new features with the desired
privileges\r\n\r\nFirst of all, define new feature or features with the
desired\r\nconfiguration as you'd do before. There are no constraints
here.\r\n\r\n<details>\r\n\r\n<summary>Click to see the
code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n
id: 'feature_beta',\r\n name: 'Feature Beta',\r\n privileges: {\r\n all:
{\r\n savedObject: { all: ['saved_object_1'], read: [] },\r\n ui:
['ui_all'],\r\n api: ['api_all'],\r\n … omitted for brevity …\r\n },\r\n
read: {\r\n savedObject: { all: [], read: ['saved_object_1'] },\r\n ui:
['ui_read'],\r\n api: ['api_read'],\r\n … omitted for brevity …\r\n
},\r\n },\r\n … omitted for brevity
…\r\n});\r\n\r\ndeps.features.registerKibanaFeature({\r\n id:
'feature_gamma',\r\n name: 'Feature Gamma',\r\n privileges: {\r\n all:
{\r\n savedObject: { all: ['saved_object_2'], read: [] },\r\n ui:
['ui_all'],\r\n // Note that Feature Gamma, unlike Features Alpha and
Beta doesn't provide any API access tags\r\n … omitted for brevity …\r\n
},\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_2']
},\r\n ui: ['ui_read'],\r\n // Note that Feature Gamma, unlike Features
Alpha and Beta doesn't provide any API access tags\r\n … omitted for
brevity …\r\n },\r\n },\r\n … omitted for brevity
…\r\n});\r\n```\r\n\r\n</details>\r\n\r\n### Step 2: Mark existing
feature as deprecated\r\n\r\nOnce a feature is marked as deprecated, it
should essentially be treated\r\nas frozen for backward compatibility
reasons. Deprecated features will\r\nno longer be available through the
Kibana role management UI and will be\r\nreplaced with non-deprecated
privileges.\r\n\r\nDeprecated privileges will still be accepted if the
role is created or\r\nupdated via the Kibana role management APIs to
avoid disrupting existing\r\nuser automation.\r\n\r\nTo avoid breaking
existing roles that reference privileges provided by\r\nthe deprecated
features, Kibana will continue registering these\r\nprivileges as
Elasticsearch application
privileges.\r\n\r\n<details>\r\n\r\n<summary>Click to see the
code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n
// This is a new `KibanaFeature` property available during feature
registration.\r\n deprecated: {\r\n // User-facing justification for
privilege deprecation that we can display\r\n // to the user when we ask
them to perform role migration.\r\n notice:
i18n.translate('xpack.security...', {\r\n defaultMessage: \"Feature
Alpha is deprecated, refer to {link}...\",\r\n values: { link:
docLinks.links.security.deprecatedFeatureAlpha },\r\n })\r\n },\r\n //
Feature id should stay unchanged, and it's not possible to reuse it.\r\n
id: 'feature_alpha',\r\n name: 'Feature Alpha (DEPRECATED)',\r\n
privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1',
'saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n api:
['api_all'],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n
savedObject: { all: [], read: ['saved_object_1', 'saved_object_2']
},\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n … omitted for brevity
…\r\n },\r\n },\r\n … omitted for brevity
…\r\n});\r\n```\r\n</details>\r\n\r\n### Step 3: Map deprecated
feature’s privileges to the privileges of the\r\nnon-deprecated
features\r\n\r\nThe important requirement for a successful migration
from a deprecated\r\nfeature to a new feature or features is that it
should be possible to\r\nexpress **any combination** of the deprecated
feature and sub-feature\r\nprivileges with the feature or sub-feature
privileges of non-deprecated\r\nfeatures. This way, while editing a role
with deprecated feature\r\nprivileges in the UI, the admin will be
interacting with new privileges\r\nas if they were creating a new role
from scratch, maintaining\r\nconsistency.\r\n\r\nThe relationship
between the privileges of the deprecated feature and\r\nthe privileges
of the features that are supposed to replace them is\r\nexpressed with a
new `replacedBy` property available on the privileges\r\nof the
deprecated feature.\r\n\r\n<details>\r\n\r\n<summary>Click to see the
code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n
// This is a new `KibanaFeature` property available during feature
registration.\r\n deprecated: {\r\n // User-facing justification for
privilege deprecation that we can display\r\n // to the user when we ask
them to perform role migration.\r\n notice:
i18n.translate('xpack.security...', {\r\n defaultMessage: \"Feature
Alpha is deprecated, refer to {link}...\",\r\n values: { link:
docLinks.links.security.deprecatedFeatureAlpha },\r\n })\r\n },\r\n //
Feature id should stay unchanged, and it's not possible to reuse it.\r\n
id: 'feature_alpha',\r\n name: 'Feature Alpha (DEPRECATED)',\r\n
privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1',
'saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n api:
['api_all'],\r\n replacedBy: [\r\n { feature: 'feature_beta',
privileges: ['all'] },\r\n { feature: 'feature_gamma', privileges:
['all'] },\r\n ],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n
savedObject: { all: [], read: ['saved_object_1', 'saved_object_2']
},\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n replacedBy: [\r\n {
feature: 'feature_beta', privileges: ['read'] },\r\n { feature:
'feature_gamma', privileges: ['read'] },\r\n\t],\r\n … omitted for
brevity …\r\n },\r\n },\r\n … omitted for brevity
…\r\n});\r\n```\r\n\r\n</details>\r\n\r\n### Step 4: Adjust the code to
rely only on new, non-deprecated features\r\n\r\nSpecial care should be
taken if the replacement privileges cannot reuse\r\nthe API access tags
from the deprecated privileges and introduce new\r\ntags that will be
applied to the same API endpoints. In this case,\r\ndevelopers should
replace the API access tags of the deprecated\r\nprivileges with the
corresponding tags provided by the replacement\r\nprivileges. This is
necessary because API endpoints can only be accessed\r\nif the user
privileges cover all the tags listed in the API endpoint\r\ndefinition,
and without these changes, existing roles referencing\r\ndeprecated
privileges won’t be able to access those endpoints.\r\n\r\nThe UI
capabilities are handled slightly differently because they are\r\nalways
prefixed with the feature ID. When migrating to new features with\r\nnew
IDs, the code that interacts with UI capabilities will be updated
to\r\nuse these new feature IDs.\r\n\r\n<details>\r\n\r\n<summary>Click
to see the code</summary>\r\n\r\n```ts\r\n// BEFORE
deprecation/migration\r\n// 1. Feature Alpha defition (not deprecated
yet)\r\ndeps.features.registerKibanaFeature({\r\n id:
'feature_alpha',\r\n privileges: {\r\n all: {\r\n api: ['api_all'],\r\n
… omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity
…\r\n});\r\n\r\n// 2. Route protected by `all` privilege of the Feature
Alpha\r\nrouter.post(\r\n { path: '/api/domain/my_api', options: { tags:
['access:api_all'] } },\r\n async (_context, request, response) =>
{}\r\n);\r\n\r\n// AFTER deprecation/migration\r\n// 1. Feature Alpha
defition (deprecated, with updated API
tags)\r\ndeps.features.registerKibanaFeature({\r\n deprecated: …,\r\n
id: 'feature_alpha',\r\n privileges: {\r\n all: {\r\n api:
['api_all_v2'],\r\n replacedBy: [\r\n { feature: 'feature_beta',
privileges: ['all'] },\r\n ],\r\n … omitted for brevity …\r\n },\r\n
},\r\n … omitted for brevity …\r\n});\r\n\r\n// 2. Feature Beta defition
(new)\r\ndeps.features.registerKibanaFeature({\r\n id:
'feature_beta',\r\n privileges: {\r\n all: {\r\n api:
['api_all_v2'],\r\n … omitted for brevity …\r\n }\r\n },\r\n … omitted
for brevity …\r\n});\r\n\r\n// 3. Route protected by `all` privilege of
the Feature Alpha OR Feature Beta\r\nrouter.post(\r\n { path:
'/api/domain/my_api', options: { tags: ['access:api_all_v2'] } },\r\n
async (_context, request, response) => {}\r\n);\r\n\r\n----\r\n\r\n// 
Old client-side code (supports only deprecated privileges)\r\nif
(capabilities.feature_alpha.ui_all) {\r\n … omitted for brevity
…\r\n}\r\n\r\n//  New client-side code (will work for **both** new and
deprecated privileges)\r\nif (capabilities.feature_beta.ui_all) {\r\n …
omitted for brevity …\r\n}\r\n```\r\n</details>\r\n\r\n## How to
test\r\n\r\nThe code introduces a set of API integration tests that are
designed to\r\nvalidate whether the privilege mapping between deprecated
and\r\nreplacement privileges maintains backward
compatibility.\r\n\r\nYou can run the test server with the following
config to register a\r\nnumber of [example
deprecated\r\nfeatures](https://github.com/elastic/kibana/pull/186800/files#diff-d887981d43bbe30cda039340b906b0fa7649ba80230be4de8eda326036f10f6fR20-R49)(`x-pack/test/security_api_integration/plugins/features_provider/server/index.ts`)\r\nand
the features that replace them, to see the framework in
action:\r\n\r\n```bash\r\nnode scripts/functional_tests_server.js
--config
x-pack/test/security_api_integration/features.config.ts\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"cb2112cae51d5f69b9e47ebfde66cfacb2a6719b"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/186800","number":186800,"mergeCommit":{"message":"feat:
allow plugins to deprecate and replace features and feature privileges
(#186800)\n\n## Summary\r\n\r\nThis change is the implementation of the
`Kibana Privilege Migrations`\r\nproposal/RFC and provides a framework
that allows developers to replace\r\nan existing feature with a new one
that has the desired configuration\r\nwhile teaching the platform how
the privileges of the deprecated feature\r\ncan be represented by
non-deprecated ones. This approach avoids\r\nintroducing breaking
changes for users who still rely on the deprecated\r\nprivileges in
their existing roles and any automation.\r\n\r\nAmong the use cases the
framework is supposed to handle, the most common\r\nare the
following:\r\n\r\n* Changing a feature ID from `Alpha` to `Beta`\r\n*
Splitting a feature `Alpha` into two features, `Beta` and `Gamma`\r\n*
Moving a capability between privileges within a feature (top-level
or\r\nsub-feature)\r\n* Consolidating capabilities across independent
features\r\n\r\n## Scope\r\n\r\nThis PR includes only the core
functionality proposed in the RFC and\r\nmost of the necessary
guardrails (tests, early validations, etc.) to\r\nhelp engineers start
planning and implementing their migrations as soon\r\nas possible. The
following functionality will be added in follow-ups or\r\nonce we
collect enough feedback:\r\n\r\n* Telemetry\r\n* Developer
documentation\r\n* UI enhancements (highlighting roles with deprecated
privileges and\r\nmanual migration actions)\r\n\r\n##
Framework\r\n\r\nThe steps below use a scenario where a feature `Alpha`
should be split\r\ninto two other features `Beta` and `Gamma` as an
example.\r\n\r\n### Step 1: Create new features with the desired
privileges\r\n\r\nFirst of all, define new feature or features with the
desired\r\nconfiguration as you'd do before. There are no constraints
here.\r\n\r\n<details>\r\n\r\n<summary>Click to see the
code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n
id: 'feature_beta',\r\n name: 'Feature Beta',\r\n privileges: {\r\n all:
{\r\n savedObject: { all: ['saved_object_1'], read: [] },\r\n ui:
['ui_all'],\r\n api: ['api_all'],\r\n … omitted for brevity …\r\n },\r\n
read: {\r\n savedObject: { all: [], read: ['saved_object_1'] },\r\n ui:
['ui_read'],\r\n api: ['api_read'],\r\n … omitted for brevity …\r\n
},\r\n },\r\n … omitted for brevity
…\r\n});\r\n\r\ndeps.features.registerKibanaFeature({\r\n id:
'feature_gamma',\r\n name: 'Feature Gamma',\r\n privileges: {\r\n all:
{\r\n savedObject: { all: ['saved_object_2'], read: [] },\r\n ui:
['ui_all'],\r\n // Note that Feature Gamma, unlike Features Alpha and
Beta doesn't provide any API access tags\r\n … omitted for brevity …\r\n
},\r\n read: {\r\n savedObject: { all: [], read: ['saved_object_2']
},\r\n ui: ['ui_read'],\r\n // Note that Feature Gamma, unlike Features
Alpha and Beta doesn't provide any API access tags\r\n … omitted for
brevity …\r\n },\r\n },\r\n … omitted for brevity
…\r\n});\r\n```\r\n\r\n</details>\r\n\r\n### Step 2: Mark existing
feature as deprecated\r\n\r\nOnce a feature is marked as deprecated, it
should essentially be treated\r\nas frozen for backward compatibility
reasons. Deprecated features will\r\nno longer be available through the
Kibana role management UI and will be\r\nreplaced with non-deprecated
privileges.\r\n\r\nDeprecated privileges will still be accepted if the
role is created or\r\nupdated via the Kibana role management APIs to
avoid disrupting existing\r\nuser automation.\r\n\r\nTo avoid breaking
existing roles that reference privileges provided by\r\nthe deprecated
features, Kibana will continue registering these\r\nprivileges as
Elasticsearch application
privileges.\r\n\r\n<details>\r\n\r\n<summary>Click to see the
code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n
// This is a new `KibanaFeature` property available during feature
registration.\r\n deprecated: {\r\n // User-facing justification for
privilege deprecation that we can display\r\n // to the user when we ask
them to perform role migration.\r\n notice:
i18n.translate('xpack.security...', {\r\n defaultMessage: \"Feature
Alpha is deprecated, refer to {link}...\",\r\n values: { link:
docLinks.links.security.deprecatedFeatureAlpha },\r\n })\r\n },\r\n //
Feature id should stay unchanged, and it's not possible to reuse it.\r\n
id: 'feature_alpha',\r\n name: 'Feature Alpha (DEPRECATED)',\r\n
privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1',
'saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n api:
['api_all'],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n
savedObject: { all: [], read: ['saved_object_1', 'saved_object_2']
},\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n … omitted for brevity
…\r\n },\r\n },\r\n … omitted for brevity
…\r\n});\r\n```\r\n</details>\r\n\r\n### Step 3: Map deprecated
feature’s privileges to the privileges of the\r\nnon-deprecated
features\r\n\r\nThe important requirement for a successful migration
from a deprecated\r\nfeature to a new feature or features is that it
should be possible to\r\nexpress **any combination** of the deprecated
feature and sub-feature\r\nprivileges with the feature or sub-feature
privileges of non-deprecated\r\nfeatures. This way, while editing a role
with deprecated feature\r\nprivileges in the UI, the admin will be
interacting with new privileges\r\nas if they were creating a new role
from scratch, maintaining\r\nconsistency.\r\n\r\nThe relationship
between the privileges of the deprecated feature and\r\nthe privileges
of the features that are supposed to replace them is\r\nexpressed with a
new `replacedBy` property available on the privileges\r\nof the
deprecated feature.\r\n\r\n<details>\r\n\r\n<summary>Click to see the
code</summary>\r\n\r\n```ts\r\ndeps.features.registerKibanaFeature({\r\n
// This is a new `KibanaFeature` property available during feature
registration.\r\n deprecated: {\r\n // User-facing justification for
privilege deprecation that we can display\r\n // to the user when we ask
them to perform role migration.\r\n notice:
i18n.translate('xpack.security...', {\r\n defaultMessage: \"Feature
Alpha is deprecated, refer to {link}...\",\r\n values: { link:
docLinks.links.security.deprecatedFeatureAlpha },\r\n })\r\n },\r\n //
Feature id should stay unchanged, and it's not possible to reuse it.\r\n
id: 'feature_alpha',\r\n name: 'Feature Alpha (DEPRECATED)',\r\n
privileges: {\r\n all: {\r\n savedObject: { all: ['saved_object_1',
'saved_object_2'], read: [] },\r\n ui: ['ui_all'],\r\n api:
['api_all'],\r\n replacedBy: [\r\n { feature: 'feature_beta',
privileges: ['all'] },\r\n { feature: 'feature_gamma', privileges:
['all'] },\r\n ],\r\n … omitted for brevity …\r\n },\r\n read: {\r\n
savedObject: { all: [], read: ['saved_object_1', 'saved_object_2']
},\r\n ui: ['ui_read'],\r\n api: ['api_read'],\r\n replacedBy: [\r\n {
feature: 'feature_beta', privileges: ['read'] },\r\n { feature:
'feature_gamma', privileges: ['read'] },\r\n\t],\r\n … omitted for
brevity …\r\n },\r\n },\r\n … omitted for brevity
…\r\n});\r\n```\r\n\r\n</details>\r\n\r\n### Step 4: Adjust the code to
rely only on new, non-deprecated features\r\n\r\nSpecial care should be
taken if the replacement privileges cannot reuse\r\nthe API access tags
from the deprecated privileges and introduce new\r\ntags that will be
applied to the same API endpoints. In this case,\r\ndevelopers should
replace the API access tags of the deprecated\r\nprivileges with the
corresponding tags provided by the replacement\r\nprivileges. This is
necessary because API endpoints can only be accessed\r\nif the user
privileges cover all the tags listed in the API endpoint\r\ndefinition,
and without these changes, existing roles referencing\r\ndeprecated
privileges won’t be able to access those endpoints.\r\n\r\nThe UI
capabilities are handled slightly differently because they are\r\nalways
prefixed with the feature ID. When migrating to new features with\r\nnew
IDs, the code that interacts with UI capabilities will be updated
to\r\nuse these new feature IDs.\r\n\r\n<details>\r\n\r\n<summary>Click
to see the code</summary>\r\n\r\n```ts\r\n// BEFORE
deprecation/migration\r\n// 1. Feature Alpha defition (not deprecated
yet)\r\ndeps.features.registerKibanaFeature({\r\n id:
'feature_alpha',\r\n privileges: {\r\n all: {\r\n api: ['api_all'],\r\n
… omitted for brevity …\r\n },\r\n },\r\n … omitted for brevity
…\r\n});\r\n\r\n// 2. Route protected by `all` privilege of the Feature
Alpha\r\nrouter.post(\r\n { path: '/api/domain/my_api', options: { tags:
['access:api_all'] } },\r\n async (_context, request, response) =>
{}\r\n);\r\n\r\n// AFTER deprecation/migration\r\n// 1. Feature Alpha
defition (deprecated, with updated API
tags)\r\ndeps.features.registerKibanaFeature({\r\n deprecated: …,\r\n
id: 'feature_alpha',\r\n privileges: {\r\n all: {\r\n api:
['api_all_v2'],\r\n replacedBy: [\r\n { feature: 'feature_beta',
privileges: ['all'] },\r\n ],\r\n … omitted for brevity …\r\n },\r\n
},\r\n … omitted for brevity …\r\n});\r\n\r\n// 2. Feature Beta defition
(new)\r\ndeps.features.registerKibanaFeature({\r\n id:
'feature_beta',\r\n privileges: {\r\n all: {\r\n api:
['api_all_v2'],\r\n … omitted for brevity …\r\n }\r\n },\r\n … omitted
for brevity …\r\n});\r\n\r\n// 3. Route protected by `all` privilege of
the Feature Alpha OR Feature Beta\r\nrouter.post(\r\n { path:
'/api/domain/my_api', options: { tags: ['access:api_all_v2'] } },\r\n
async (_context, request, response) => {}\r\n);\r\n\r\n----\r\n\r\n// 
Old client-side code (supports only deprecated privileges)\r\nif
(capabilities.feature_alpha.ui_all) {\r\n … omitted for brevity
…\r\n}\r\n\r\n//  New client-side code (will work for **both** new and
deprecated privileges)\r\nif (capabilities.feature_beta.ui_all) {\r\n …
omitted for brevity …\r\n}\r\n```\r\n</details>\r\n\r\n## How to
test\r\n\r\nThe code introduces a set of API integration tests that are
designed to\r\nvalidate whether the privilege mapping between deprecated
and\r\nreplacement privileges maintains backward
compatibility.\r\n\r\nYou can run the test server with the following
config to register a\r\nnumber of [example
deprecated\r\nfeatures](https://github.com/elastic/kibana/pull/186800/files#diff-d887981d43bbe30cda039340b906b0fa7649ba80230be4de8eda326036f10f6fR20-R49)(`x-pack/test/security_api_integration/plugins/features_provider/server/index.ts`)\r\nand
the features that replace them, to see the framework in
action:\r\n\r\n```bash\r\nnode scripts/functional_tests_server.js
--config
x-pack/test/security_api_integration/features.config.ts\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"cb2112cae51d5f69b9e47ebfde66cfacb2a6719b"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
 2024-10-15 10:12:15 +02:00
Pierre Gayvallet
abfed861e6
[8.x] [KB] create @kbn/product-doc-artifact-builder package (#193847) (#196206) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[KB] create `@kbn/product-doc-artifact-builder` package
(#193847)](https://github.com/elastic/kibana/pull/193847)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Pierre
Gayvallet","email":"pierre.gayvallet@elastic.co"},"sourceCommit":{"committedDate":"2024-10-07T12:21:09Z","message":"[KB]
create `@kbn/product-doc-artifact-builder` package (#193847)\n\n##
Summary\r\n\r\nRelated
https://github.com/elastic/kibana/issues/193473\r\n\r\nAdd initial
implementation of the knowledge base artifact builder. This\r\nPR only
introduces the builder script, it doesn't do anything
about\r\nautomation.\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"1ab1add68e15b4a227209952c6ab69b0f96ca456","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport
missing","v9.0.0","backport:prev-minor","v8.16.0","Team:AI
Infra"],"number":193847,"url":"https://github.com/elastic/kibana/pull/193847","mergeCommit":{"message":"[KB]
create `@kbn/product-doc-artifact-builder` package (#193847)\n\n##
Summary\r\n\r\nRelated
https://github.com/elastic/kibana/issues/193473\r\n\r\nAdd initial
implementation of the knowledge base artifact builder. This\r\nPR only
introduces the builder script, it doesn't do anything
about\r\nautomation.\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"1ab1add68e15b4a227209952c6ab69b0f96ca456"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193847","number":193847,"mergeCommit":{"message":"[KB]
create `@kbn/product-doc-artifact-builder` package (#193847)\n\n##
Summary\r\n\r\nRelated
https://github.com/elastic/kibana/issues/193473\r\n\r\nAdd initial
implementation of the knowledge base artifact builder. This\r\nPR only
introduces the builder script, it doesn't do anything
about\r\nautomation.\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"1ab1add68e15b4a227209952c6ab69b0f96ca456"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
 2024-10-15 08:02:35 +02:00
Kibana Machine
65cff56aa4
[8.x] [Security Assistant] Fix error handling on new chat (#195507) (#196215) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Assistant] Fix error handling on new chat
(#195507)](https://github.com/elastic/kibana/pull/195507)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Steph
Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T22:10:43Z","message":"[Security
Assistant] Fix error handling on new chat
(#195507)","sha":"a15940d9b939dbf29f74dbde28a2a543b8849cc1","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:
SecuritySolution","backport:prev-minor","Team:Security Generative
AI","v8.16.0"],"title":"[Security Assistant] Fix error handling on new
chat","number":195507,"url":"https://github.com/elastic/kibana/pull/195507","mergeCommit":{"message":"[Security
Assistant] Fix error handling on new chat
(#195507)","sha":"a15940d9b939dbf29f74dbde28a2a543b8849cc1"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195507","number":195507,"mergeCommit":{"message":"[Security
Assistant] Fix error handling on new chat
(#195507)","sha":"a15940d9b939dbf29f74dbde28a2a543b8849cc1"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
 2024-10-14 18:54:33 -05:00
Kibana Machine
df849c5431
[8.x] [ML] Adds ability to toggle visibility for empty fields when choosing an aggregation or field in Anomaly detection, data frame analytics (#186670) (#196180) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[ML] Adds ability to toggle visibility for empty fields when choosing
an aggregation or field in Anomaly detection, data frame analytics
(#186670)](https://github.com/elastic/kibana/pull/186670)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Quynh Nguyen
(Quinn)","email":"43350163+qn895@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-14T16:17:38Z","message":"[ML]
Adds ability to toggle visibility for empty fields when choosing an
aggregation or field in Anomaly detection, data frame analytics
(#186670)\n\n## Summary\r\n\r\nThis PR adds new ability to toggle
visibility for empty fields when\r\nchoosing an aggregation or field in
Anomaly detection and Data
frame\r\nanalytics\r\n\r\n\r\n5d8b0788-dd59-44e4-b324-3a4035b7a0ec\r\n\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"f922089c5f088738acd30aeb17de7c7ec07604ce","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement",":ml","Feature:Anomaly
Detection","Feature:Data Frame
Analytics","v9.0.0","backport:prev-major","v8.16.0","backport:current-major"],"title":"[ML]
Adds ability to toggle visibility for empty fields when choosing an
aggregation or field in Anomaly detection, data frame
analytics","number":186670,"url":"https://github.com/elastic/kibana/pull/186670","mergeCommit":{"message":"[ML]
Adds ability to toggle visibility for empty fields when choosing an
aggregation or field in Anomaly detection, data frame analytics
(#186670)\n\n## Summary\r\n\r\nThis PR adds new ability to toggle
visibility for empty fields when\r\nchoosing an aggregation or field in
Anomaly detection and Data
frame\r\nanalytics\r\n\r\n\r\n5d8b0788-dd59-44e4-b324-3a4035b7a0ec\r\n\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"f922089c5f088738acd30aeb17de7c7ec07604ce"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/186670","number":186670,"mergeCommit":{"message":"[ML]
Adds ability to toggle visibility for empty fields when choosing an
aggregation or field in Anomaly detection, data frame analytics
(#186670)\n\n## Summary\r\n\r\nThis PR adds new ability to toggle
visibility for empty fields when\r\nchoosing an aggregation or field in
Anomaly detection and Data
frame\r\nanalytics\r\n\r\n\r\n5d8b0788-dd59-44e4-b324-3a4035b7a0ec\r\n\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"f922089c5f088738acd30aeb17de7c7ec07604ce"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Quynh Nguyen (Quinn) <43350163+qn895@users.noreply.github.com>
 2024-10-14 13:14:58 -05:00
Kibana Machine
d3a6059054
[8.x] [Index management] Add locator for deep linking into datastreams flyout (#195299) (#196123) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Index management] Add locator for deep linking into datastreams
flyout (#195299)](https://github.com/elastic/kibana/pull/195299)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Ignacio
Rivas","email":"rivasign@gmail.com"},"sourceCommit":{"committedDate":"2024-10-08T12:36:55Z","message":"[Index
management] Add locator for deep linking into datastreams flyout
(#195299)","sha":"17ae71b3d9008bc41582c8c92e1c3dadddd2e38b","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Index
Management","Team:Kibana
Management","release_note:skip","v9.0.0","backport:prev-minor"],"title":"[Index
management] Add locator for deep linking into datastreams
flyout","number":195299,"url":"https://github.com/elastic/kibana/pull/195299","mergeCommit":{"message":"[Index
management] Add locator for deep linking into datastreams flyout
(#195299)","sha":"17ae71b3d9008bc41582c8c92e1c3dadddd2e38b"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195299","number":195299,"mergeCommit":{"message":"[Index
management] Add locator for deep linking into datastreams flyout
(#195299)","sha":"17ae71b3d9008bc41582c8c92e1c3dadddd2e38b"}}]}]
BACKPORT-->

Co-authored-by: Ignacio Rivas <rivasign@gmail.com>
 2024-10-14 08:47:57 -05:00
Kibana Machine
98c93aa10f
[8.x] [Cloud Security] handle both rule.references and rule.reference in misconfiguraiton flyout (#195932) (#196115) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Cloud Security] handle both rule.references and rule.reference in
misconfiguraiton flyout
(#195932)](https://github.com/elastic/kibana/pull/195932)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Maxim
Kholod","email":"maxim.kholod@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T11:31:59Z","message":"[Cloud
Security] handle both rule.references and rule.reference in
misconfiguraiton flyout (#195932)\n\n## Summary\r\n\r\nFixes:\r\n-
https://github.com/elastic/security-team/issues/10793","sha":"cc46549c2f293bed7d24d8b1abf02c4d65db7bcb","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud
Security","backport:prev-minor","Feature:Cloud-Security","v8.16.0"],"title":"[Cloud
Security] handle both rule.references and rule.reference in
misconfiguraiton
flyout","number":195932,"url":"https://github.com/elastic/kibana/pull/195932","mergeCommit":{"message":"[Cloud
Security] handle both rule.references and rule.reference in
misconfiguraiton flyout (#195932)\n\n## Summary\r\n\r\nFixes:\r\n-
https://github.com/elastic/security-team/issues/10793","sha":"cc46549c2f293bed7d24d8b1abf02c4d65db7bcb"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195932","number":195932,"mergeCommit":{"message":"[Cloud
Security] handle both rule.references and rule.reference in
misconfiguraiton flyout (#195932)\n\n## Summary\r\n\r\nFixes:\r\n-
https://github.com/elastic/security-team/issues/10793","sha":"cc46549c2f293bed7d24d8b1abf02c4d65db7bcb"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Maxim Kholod <maxim.kholod@elastic.co>
 2024-10-14 08:23:48 -05:00
Kibana Machine
0c6ab08a02
[8.x] [Connectors][GenAI] Inference Service Kibana connector (#189027) (#196035) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Connectors][GenAI] Inference Service Kibana connector
(#189027)](https://github.com/elastic/kibana/pull/189027)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Yuliia
Naumenko","email":"jo.naumenko@gmail.com"},"sourceCommit":{"committedDate":"2024-10-13T20:39:09Z","message":"[Connectors][GenAI]
Inference Service Kibana connector (#189027)\n\n## Summary\r\nResolves
https://github.com/elastic/kibana/issues/188043\r\n\r\nThis PR adds new
connector which is define integration with Elastic\r\nInference Endpoint
via
[Inference\r\nAPIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/inference-apis.html)\r\nThe
lifecycle of the Inference Endpoint are managed by the
connector\r\nregistered handlers:\r\n\r\n- `preSaveHook`
-\r\n[create](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html)\r\nnew
Inference Endpoint in the connector create mode (`isEdit ===
false`)\r\nand\r\n[delete](https://www.elastic.co/guide/en/elasticsearch/reference/current/delete-inference-api.html)+[create](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html)\r\nin
the connector edit mode (`isEdit === true`)\r\n- `postSaveHook` - check
if the connector SO was created/updated and if\r\nnot removes Inference
Endpoint from preSaveHook\r\n- `postDeleteHook`
-\r\n[delete](https://www.elastic.co/guide/en/elasticsearch/reference/current/delete-inference-api.html)\r\nInference
Endpoint if connector was deleted.\r\n\r\nIn the Kibana Stack Management
Connectors, its represented with the new\r\ncard (Technical preview
badge):\r\n\r\n<img width=\"1261\" alt=\"Screenshot 2024-09-27 at 2 11
12 PM\"\r\nsrc=\"https://github.com/user-attachments/assets/dcbcce1f-06e7-4d08-8b77-0ba4105354f8\">\r\n\r\nTo
simplify the future integration with AI Assistants, the
Connector\r\nconsists from the two main UI parts: provider selector and
required\r\nprovider settings, which will be always displayed\r\n<img
width=\"862\" alt=\"Screenshot 2024-10-07 at 7 59
09 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/87bae493-c642-479e-b28f-6150354608dd\">\r\n\r\nand
Additional options, which contains optional provider settings
and\r\nTask Type configuration:\r\n\r\n<img width=\"861\"
alt=\"Screenshot 2024-10-07 at 8 00
15 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/2341c034-6198-4731-8ce7-e22e6c6fb20f\">\r\n\r\n\r\nsubActions
corresponds to the different taskTypes Inference API\r\nsupports. Each
of the task type has its own Inference Perform params.\r\nCurrently
added:\r\n\r\n- completion & completionStream\r\n- rerank\r\n-
text_embedding\r\n- sparse_embedding\r\n\r\nFollow up work:\r\n\r\n1.
Collapse/expand Additional options, when the connector
flyout/modal\r\nhas AI Assistant as a context (path through the
extending context\r\nimplementation on the connector framework
level)\r\n2. Add support for additional params for Completion subAction
to be able\r\nto path functions\r\n3. Add support for tokens usage
Dashboard, when inference API will\r\ninclude the used tokens count in
the response\r\n4. Add functionality and UX for migration from existing
specific AI\r\nconnectors to the Inference connector with proper
provider and\r\ncompletion task\r\n5. Integrate Connector with the AI
Assistants\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
István Zoltán Szabó <istvan.szabo@elastic.co>\r\nCo-authored-by: Liam
Thompson
<32779855+leemthompo@users.noreply.github.com>\r\nCo-authored-by: Steph
Milovic
<stephanie.milovic@elastic.co>","sha":"288d41d61ec2389b2e8856da75fd0f3107f9c484","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["v9.0.0","release_note:feature","Feature:Actions/ConnectorTypes","8.16
candidate","v8.16.0","backport:version"],"title":"[Connectors][GenAI]
Inference Service Kibana
connector","number":189027,"url":"https://github.com/elastic/kibana/pull/189027","mergeCommit":{"message":"[Connectors][GenAI]
Inference Service Kibana connector (#189027)\n\n## Summary\r\nResolves
https://github.com/elastic/kibana/issues/188043\r\n\r\nThis PR adds new
connector which is define integration with Elastic\r\nInference Endpoint
via
[Inference\r\nAPIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/inference-apis.html)\r\nThe
lifecycle of the Inference Endpoint are managed by the
connector\r\nregistered handlers:\r\n\r\n- `preSaveHook`
-\r\n[create](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html)\r\nnew
Inference Endpoint in the connector create mode (`isEdit ===
false`)\r\nand\r\n[delete](https://www.elastic.co/guide/en/elasticsearch/reference/current/delete-inference-api.html)+[create](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html)\r\nin
the connector edit mode (`isEdit === true`)\r\n- `postSaveHook` - check
if the connector SO was created/updated and if\r\nnot removes Inference
Endpoint from preSaveHook\r\n- `postDeleteHook`
-\r\n[delete](https://www.elastic.co/guide/en/elasticsearch/reference/current/delete-inference-api.html)\r\nInference
Endpoint if connector was deleted.\r\n\r\nIn the Kibana Stack Management
Connectors, its represented with the new\r\ncard (Technical preview
badge):\r\n\r\n<img width=\"1261\" alt=\"Screenshot 2024-09-27 at 2 11
12 PM\"\r\nsrc=\"https://github.com/user-attachments/assets/dcbcce1f-06e7-4d08-8b77-0ba4105354f8\">\r\n\r\nTo
simplify the future integration with AI Assistants, the
Connector\r\nconsists from the two main UI parts: provider selector and
required\r\nprovider settings, which will be always displayed\r\n<img
width=\"862\" alt=\"Screenshot 2024-10-07 at 7 59
09 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/87bae493-c642-479e-b28f-6150354608dd\">\r\n\r\nand
Additional options, which contains optional provider settings
and\r\nTask Type configuration:\r\n\r\n<img width=\"861\"
alt=\"Screenshot 2024-10-07 at 8 00
15 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/2341c034-6198-4731-8ce7-e22e6c6fb20f\">\r\n\r\n\r\nsubActions
corresponds to the different taskTypes Inference API\r\nsupports. Each
of the task type has its own Inference Perform params.\r\nCurrently
added:\r\n\r\n- completion & completionStream\r\n- rerank\r\n-
text_embedding\r\n- sparse_embedding\r\n\r\nFollow up work:\r\n\r\n1.
Collapse/expand Additional options, when the connector
flyout/modal\r\nhas AI Assistant as a context (path through the
extending context\r\nimplementation on the connector framework
level)\r\n2. Add support for additional params for Completion subAction
to be able\r\nto path functions\r\n3. Add support for tokens usage
Dashboard, when inference API will\r\ninclude the used tokens count in
the response\r\n4. Add functionality and UX for migration from existing
specific AI\r\nconnectors to the Inference connector with proper
provider and\r\ncompletion task\r\n5. Integrate Connector with the AI
Assistants\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
István Zoltán Szabó <istvan.szabo@elastic.co>\r\nCo-authored-by: Liam
Thompson
<32779855+leemthompo@users.noreply.github.com>\r\nCo-authored-by: Steph
Milovic
<stephanie.milovic@elastic.co>","sha":"288d41d61ec2389b2e8856da75fd0f3107f9c484"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/189027","number":189027,"mergeCommit":{"message":"[Connectors][GenAI]
Inference Service Kibana connector (#189027)\n\n## Summary\r\nResolves
https://github.com/elastic/kibana/issues/188043\r\n\r\nThis PR adds new
connector which is define integration with Elastic\r\nInference Endpoint
via
[Inference\r\nAPIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/inference-apis.html)\r\nThe
lifecycle of the Inference Endpoint are managed by the
connector\r\nregistered handlers:\r\n\r\n- `preSaveHook`
-\r\n[create](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html)\r\nnew
Inference Endpoint in the connector create mode (`isEdit ===
false`)\r\nand\r\n[delete](https://www.elastic.co/guide/en/elasticsearch/reference/current/delete-inference-api.html)+[create](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html)\r\nin
the connector edit mode (`isEdit === true`)\r\n- `postSaveHook` - check
if the connector SO was created/updated and if\r\nnot removes Inference
Endpoint from preSaveHook\r\n- `postDeleteHook`
-\r\n[delete](https://www.elastic.co/guide/en/elasticsearch/reference/current/delete-inference-api.html)\r\nInference
Endpoint if connector was deleted.\r\n\r\nIn the Kibana Stack Management
Connectors, its represented with the new\r\ncard (Technical preview
badge):\r\n\r\n<img width=\"1261\" alt=\"Screenshot 2024-09-27 at 2 11
12 PM\"\r\nsrc=\"https://github.com/user-attachments/assets/dcbcce1f-06e7-4d08-8b77-0ba4105354f8\">\r\n\r\nTo
simplify the future integration with AI Assistants, the
Connector\r\nconsists from the two main UI parts: provider selector and
required\r\nprovider settings, which will be always displayed\r\n<img
width=\"862\" alt=\"Screenshot 2024-10-07 at 7 59
09 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/87bae493-c642-479e-b28f-6150354608dd\">\r\n\r\nand
Additional options, which contains optional provider settings
and\r\nTask Type configuration:\r\n\r\n<img width=\"861\"
alt=\"Screenshot 2024-10-07 at 8 00
15 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/2341c034-6198-4731-8ce7-e22e6c6fb20f\">\r\n\r\n\r\nsubActions
corresponds to the different taskTypes Inference API\r\nsupports. Each
of the task type has its own Inference Perform params.\r\nCurrently
added:\r\n\r\n- completion & completionStream\r\n- rerank\r\n-
text_embedding\r\n- sparse_embedding\r\n\r\nFollow up work:\r\n\r\n1.
Collapse/expand Additional options, when the connector
flyout/modal\r\nhas AI Assistant as a context (path through the
extending context\r\nimplementation on the connector framework
level)\r\n2. Add support for additional params for Completion subAction
to be able\r\nto path functions\r\n3. Add support for tokens usage
Dashboard, when inference API will\r\ninclude the used tokens count in
the response\r\n4. Add functionality and UX for migration from existing
specific AI\r\nconnectors to the Inference connector with proper
provider and\r\ncompletion task\r\n5. Integrate Connector with the AI
Assistants\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
István Zoltán Szabó <istvan.szabo@elastic.co>\r\nCo-authored-by: Liam
Thompson
<32779855+leemthompo@users.noreply.github.com>\r\nCo-authored-by: Steph
Milovic
<stephanie.milovic@elastic.co>","sha":"288d41d61ec2389b2e8856da75fd0f3107f9c484"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Yuliia Naumenko <jo.naumenko@gmail.com>
 2024-10-13 17:21:49 -05:00
Kibana Machine
73d98d3d8e
[8.x] [Cloud Security] Graph visualization and API (#195307) (#196015) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Cloud Security] Graph visualization and API
(#195307)](https://github.com/elastic/kibana/pull/195307)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Kfir
Peled","email":"61654899+kfirpeled@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-12T03:37:02Z","message":"[Cloud
Security] Graph visualization and API (#195307)\n\n##
Summary\r\n\r\nThis PR adds:\r\n- Graph visualization component using
`xyflow`, and layouts the graph\r\nusing `dagre`.\r\n- API that supports
the graph visualization\r\n- API tests\r\n- Serverless API
tests\r\n\r\n**List of open issues (will be tracked in a different
ticket):**\r\n- Identify if `related.hosts`, `related.ip` and
`related.user` are\r\nmapped before the query. (can be fixed
by\r\nhttps://github.com/elastic/elasticsearch/issues/112912)\r\n-
Update nodes rendering to match recent figma changes\r\n- Return 404
when feature is not enabled\r\n- Add keyboard accessibility\r\n- Resolve
axe failures (run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n\r\n###
How to test\r\n\r\nYou can view the graph using
storybook's\r\n[playground](https://supreme-adventure-8qjmlp1.pages.github.io/graph-storybook/?path=/story/components-graph-components-dagree-layout-graph--graph-stacked-edge-cases).\r\n\r\nTo
test this PR you can run\r\n\r\n```\r\nyarn storybook
cloud_security_posture_packages\r\n```\r\n\r\nTo test the API you can
use the mocked data\r\n\r\n```bash\r\nnode scripts/es_archiver load
x-pack/test/cloud_security_posture_api/es_archives/logs_gcp_audit \\
\r\n--es-url http://elastic:changeme@localhost:9200 \\\r\n--kibana-url
http://elastic:changeme@localhost:5601\r\n```\r\n\r\nAnd through dev
tools:\r\n\r\n```\r\nPOST
kbn:/internal/cloud_security_posture/graph?apiVersion=1\r\n{\r\n
\"query\": {\r\n \"actorIds\": [\"admin@example.com\"],\r\n
\"eventIds\": [\"\"],\r\n \"start\": \"now-1y/y\",\r\n \"end\":
\"now/d\"\r\n }\r\n}\r\n```\r\n\r\n### Checklist\r\n\r\nDelete any items
that are not applicable to this PR.\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [x] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[x] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[x] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"be0eadfb9fa08f0d73383884dc67bf2005b7daba","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor"],"title":"[Cloud
Security] Graph visualization and
API","number":195307,"url":"https://github.com/elastic/kibana/pull/195307","mergeCommit":{"message":"[Cloud
Security] Graph visualization and API (#195307)\n\n##
Summary\r\n\r\nThis PR adds:\r\n- Graph visualization component using
`xyflow`, and layouts the graph\r\nusing `dagre`.\r\n- API that supports
the graph visualization\r\n- API tests\r\n- Serverless API
tests\r\n\r\n**List of open issues (will be tracked in a different
ticket):**\r\n- Identify if `related.hosts`, `related.ip` and
`related.user` are\r\nmapped before the query. (can be fixed
by\r\nhttps://github.com/elastic/elasticsearch/issues/112912)\r\n-
Update nodes rendering to match recent figma changes\r\n- Return 404
when feature is not enabled\r\n- Add keyboard accessibility\r\n- Resolve
axe failures (run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n\r\n###
How to test\r\n\r\nYou can view the graph using
storybook's\r\n[playground](https://supreme-adventure-8qjmlp1.pages.github.io/graph-storybook/?path=/story/components-graph-components-dagree-layout-graph--graph-stacked-edge-cases).\r\n\r\nTo
test this PR you can run\r\n\r\n```\r\nyarn storybook
cloud_security_posture_packages\r\n```\r\n\r\nTo test the API you can
use the mocked data\r\n\r\n```bash\r\nnode scripts/es_archiver load
x-pack/test/cloud_security_posture_api/es_archives/logs_gcp_audit \\
\r\n--es-url http://elastic:changeme@localhost:9200 \\\r\n--kibana-url
http://elastic:changeme@localhost:5601\r\n```\r\n\r\nAnd through dev
tools:\r\n\r\n```\r\nPOST
kbn:/internal/cloud_security_posture/graph?apiVersion=1\r\n{\r\n
\"query\": {\r\n \"actorIds\": [\"admin@example.com\"],\r\n
\"eventIds\": [\"\"],\r\n \"start\": \"now-1y/y\",\r\n \"end\":
\"now/d\"\r\n }\r\n}\r\n```\r\n\r\n### Checklist\r\n\r\nDelete any items
that are not applicable to this PR.\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [x] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[x] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[x] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"be0eadfb9fa08f0d73383884dc67bf2005b7daba"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195307","number":195307,"mergeCommit":{"message":"[Cloud
Security] Graph visualization and API (#195307)\n\n##
Summary\r\n\r\nThis PR adds:\r\n- Graph visualization component using
`xyflow`, and layouts the graph\r\nusing `dagre`.\r\n- API that supports
the graph visualization\r\n- API tests\r\n- Serverless API
tests\r\n\r\n**List of open issues (will be tracked in a different
ticket):**\r\n- Identify if `related.hosts`, `related.ip` and
`related.user` are\r\nmapped before the query. (can be fixed
by\r\nhttps://github.com/elastic/elasticsearch/issues/112912)\r\n-
Update nodes rendering to match recent figma changes\r\n- Return 404
when feature is not enabled\r\n- Add keyboard accessibility\r\n- Resolve
axe failures (run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n\r\n###
How to test\r\n\r\nYou can view the graph using
storybook's\r\n[playground](https://supreme-adventure-8qjmlp1.pages.github.io/graph-storybook/?path=/story/components-graph-components-dagree-layout-graph--graph-stacked-edge-cases).\r\n\r\nTo
test this PR you can run\r\n\r\n```\r\nyarn storybook
cloud_security_posture_packages\r\n```\r\n\r\nTo test the API you can
use the mocked data\r\n\r\n```bash\r\nnode scripts/es_archiver load
x-pack/test/cloud_security_posture_api/es_archives/logs_gcp_audit \\
\r\n--es-url http://elastic:changeme@localhost:9200 \\\r\n--kibana-url
http://elastic:changeme@localhost:5601\r\n```\r\n\r\nAnd through dev
tools:\r\n\r\n```\r\nPOST
kbn:/internal/cloud_security_posture/graph?apiVersion=1\r\n{\r\n
\"query\": {\r\n \"actorIds\": [\"admin@example.com\"],\r\n
\"eventIds\": [\"\"],\r\n \"start\": \"now-1y/y\",\r\n \"end\":
\"now/d\"\r\n }\r\n}\r\n```\r\n\r\n### Checklist\r\n\r\nDelete any items
that are not applicable to this PR.\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [x] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[x] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[x] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"be0eadfb9fa08f0d73383884dc67bf2005b7daba"}},{"url":"https://github.com/elastic/kibana/pull/196012","number":196012,"branch":"8.x","state":"OPEN"}]}]
BACKPORT-->

Co-authored-by: Kfir Peled <61654899+kfirpeled@users.noreply.github.com>
 2024-10-12 12:41:22 -05:00
Kibana Machine
4951ab959c
[8.x] [Search Assistant] Use scopes to modify behavior contextually (#195785) (#196014) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Search Assistant] Use scopes to modify behavior contextually
(#195785)](https://github.com/elastic/kibana/pull/195785)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Sander
Philipse","email":"94373878+sphilipse@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-11T23:09:06Z","message":"[Search
Assistant] Use scopes to modify behavior contextually (#195785)\n\n##
Summary\r\n\r\nThis actually uses the Search Assistant scope to modify
the assistant's\r\nbehavior depending on the context they're in. The
assistant now:\r\n- Defaults to Observability mode\r\n- Is a Search
assistant in the Search pages\r\n- Switches dynamically, changing
available functions, prompts and\r\ninstructions based on
context\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"ee341d5f801ca42ed26acf0544b0bc59948d0214","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Search","Team:Obs
AI
Assistant","ci:project-deploy-observability","v8.16.0","backport:version"],"title":"[Search
Assistant] Use scopes to modify behavior
contextually","number":195785,"url":"https://github.com/elastic/kibana/pull/195785","mergeCommit":{"message":"[Search
Assistant] Use scopes to modify behavior contextually (#195785)\n\n##
Summary\r\n\r\nThis actually uses the Search Assistant scope to modify
the assistant's\r\nbehavior depending on the context they're in. The
assistant now:\r\n- Defaults to Observability mode\r\n- Is a Search
assistant in the Search pages\r\n- Switches dynamically, changing
available functions, prompts and\r\ninstructions based on
context\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"ee341d5f801ca42ed26acf0544b0bc59948d0214"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195785","number":195785,"mergeCommit":{"message":"[Search
Assistant] Use scopes to modify behavior contextually (#195785)\n\n##
Summary\r\n\r\nThis actually uses the Search Assistant scope to modify
the assistant's\r\nbehavior depending on the context they're in. The
assistant now:\r\n- Defaults to Observability mode\r\n- Is a Search
assistant in the Search pages\r\n- Switches dynamically, changing
available functions, prompts and\r\ninstructions based on
context\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"ee341d5f801ca42ed26acf0544b0bc59948d0214"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/196013","number":196013,"state":"OPEN"}]}]
BACKPORT-->

Co-authored-by: Sander Philipse <94373878+sphilipse@users.noreply.github.com>
 2024-10-12 10:42:43 -05:00
Aleh Zasypkin
d301b8f7b0
[8.x] chore(security, eslint): apply platform security-specific rules to all exclusively owned paths. (#195711) (#196010) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [chore(security, eslint): apply platform security-specific rules to
all exclusively owned paths.
(#195711)](https://github.com/elastic/kibana/pull/195711)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Aleh
Zasypkin","email":"aleh.zasypkin@elastic.co"},"sourceCommit":{"committedDate":"2024-10-11T07:49:12Z","message":"chore(security,
eslint): apply platform security-specific rules to all exclusively owned
paths. (#195711)\n\n## Summary\r\n\r\nApply platform security-specific
rules to all exclusively owned
paths.","sha":"a2d6e102d37217c58bf771a17c77976575e87a84","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["chore","Team:Security","release_note:skip","v9.0.0","backport:prev-major","v8.16.0"],"number":195711,"url":"https://github.com/elastic/kibana/pull/195711","mergeCommit":{"message":"chore(security,
eslint): apply platform security-specific rules to all exclusively owned
paths. (#195711)\n\n## Summary\r\n\r\nApply platform security-specific
rules to all exclusively owned
paths.","sha":"a2d6e102d37217c58bf771a17c77976575e87a84"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195711","number":195711,"mergeCommit":{"message":"chore(security,
eslint): apply platform security-specific rules to all exclusively owned
paths. (#195711)\n\n## Summary\r\n\r\nApply platform security-specific
rules to all exclusively owned
paths.","sha":"a2d6e102d37217c58bf771a17c77976575e87a84"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
 2024-10-12 11:19:03 -04:00
Sander Philipse
8fef06fa55
[8.x] Extract AI assistant to package (#194552) (#196011) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [Extract AI assistant to package
(#194552)](https://github.com/elastic/kibana/pull/194552)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Sander
Philipse","email":"94373878+sphilipse@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-10T13:11:49Z","message":"Extract
AI assistant to package (#194552)\n\n## Summary\r\n\r\nThis extracts the
Observability AI Assistant into a shared package so\r\nSearch and
Observability can both consume it.\r\n\r\nA few notes:\r\n\r\nThis still
relies on significantly tight coupling with the Obs AI\r\nassistant
plugin, which we will want to slowly decouple over time. It\r\nmeans
that currently to consume this in multiple places, you need
to\r\nprovide a number of plugins for useKibana. Hopefully we can get
rid of\r\nthat and replace them with props eventually and make the
interface a\r\nlittle less
plugin-dependent.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"8a3a05927bdbe264c491b4034ff5d81674f3db73","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Search","Team:Obs
AI
Assistant","ci:project-deploy-observability","v8.16.0","backport:version"],"number":194552,"url":"https://github.com/elastic/kibana/pull/194552","mergeCommit":{"message":"Extract
AI assistant to package (#194552)\n\n## Summary\r\n\r\nThis extracts the
Observability AI Assistant into a shared package so\r\nSearch and
Observability can both consume it.\r\n\r\nA few notes:\r\n\r\nThis still
relies on significantly tight coupling with the Obs AI\r\nassistant
plugin, which we will want to slowly decouple over time. It\r\nmeans
that currently to consume this in multiple places, you need
to\r\nprovide a number of plugins for useKibana. Hopefully we can get
rid of\r\nthat and replace them with props eventually and make the
interface a\r\nlittle less
plugin-dependent.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"8a3a05927bdbe264c491b4034ff5d81674f3db73"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194552","number":194552,"mergeCommit":{"message":"Extract
AI assistant to package (#194552)\n\n## Summary\r\n\r\nThis extracts the
Observability AI Assistant into a shared package so\r\nSearch and
Observability can both consume it.\r\n\r\nA few notes:\r\n\r\nThis still
relies on significantly tight coupling with the Obs AI\r\nassistant
plugin, which we will want to slowly decouple over time. It\r\nmeans
that currently to consume this in multiple places, you need
to\r\nprovide a number of plugins for useKibana. Hopefully we can get
rid of\r\nthat and replace them with props eventually and make the
interface a\r\nlittle less
plugin-dependent.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"8a3a05927bdbe264c491b4034ff5d81674f3db73"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
 2024-10-12 13:19:36 +02:00
Kibana Machine
644692ab84
[8.x] [Onboarding] Make search_indices index details page as default route in index management (#194857) (#195973) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Onboarding] Make search_indices index details page as default route
in index management
(#194857)](https://github.com/elastic/kibana/pull/194857)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Saarika
Bhasi","email":"55930906+saarikabhasi@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-11T17:53:41Z","message":"[Onboarding]
Make search_indices index details page as default route in index
management (#194857)\n\n## Summary\r\nMakes `search_indices` index
details page as default route in the\r\nindex_management plugin list
page.\r\n\r\n\r\n\r\nhttps://github.com/user-attachments/assets/65afec5c-733f-4657-a793-56e29c65cf11\r\n\r\n\r\n**How
to test:** \r\n1. Enable searchIndices plugin in `kibana.dev.yml` as
this plugin is\r\nbehind Feature
flag\r\n```\r\nxpack.searchIndices.enabled: true\r\n\r\n```\r\n2.
[Create
new\r\nindex](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-create-index.html)\r\n3.
Navigate to `index management` app\r\n4. Click on index name and confirm
is navigated
to\r\n`/app/elasticsearch/indices/index_details/my-index/data`\r\n5. set
`xpack.searchIndices.enabled: false` in `kibana.dev.yml` \r\n6. Navigate
again to `index management` app\r\n7. Click on index name and confirm is
navigated to index management\r\nindex details page\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [x] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Ignacio Rivas <rivasign@gmail.com>\r\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"8d82a239531ce633c866cf755deed46848cfeb47","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","v8.16.0"],"title":"[Onboarding]
Make search_indices index details page as default route in index
management","number":194857,"url":"https://github.com/elastic/kibana/pull/194857","mergeCommit":{"message":"[Onboarding]
Make search_indices index details page as default route in index
management (#194857)\n\n## Summary\r\nMakes `search_indices` index
details page as default route in the\r\nindex_management plugin list
page.\r\n\r\n\r\n\r\nhttps://github.com/user-attachments/assets/65afec5c-733f-4657-a793-56e29c65cf11\r\n\r\n\r\n**How
to test:** \r\n1. Enable searchIndices plugin in `kibana.dev.yml` as
this plugin is\r\nbehind Feature
flag\r\n```\r\nxpack.searchIndices.enabled: true\r\n\r\n```\r\n2.
[Create
new\r\nindex](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-create-index.html)\r\n3.
Navigate to `index management` app\r\n4. Click on index name and confirm
is navigated
to\r\n`/app/elasticsearch/indices/index_details/my-index/data`\r\n5. set
`xpack.searchIndices.enabled: false` in `kibana.dev.yml` \r\n6. Navigate
again to `index management` app\r\n7. Click on index name and confirm is
navigated to index management\r\nindex details page\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [x] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Ignacio Rivas <rivasign@gmail.com>\r\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"8d82a239531ce633c866cf755deed46848cfeb47"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194857","number":194857,"mergeCommit":{"message":"[Onboarding]
Make search_indices index details page as default route in index
management (#194857)\n\n## Summary\r\nMakes `search_indices` index
details page as default route in the\r\nindex_management plugin list
page.\r\n\r\n\r\n\r\nhttps://github.com/user-attachments/assets/65afec5c-733f-4657-a793-56e29c65cf11\r\n\r\n\r\n**How
to test:** \r\n1. Enable searchIndices plugin in `kibana.dev.yml` as
this plugin is\r\nbehind Feature
flag\r\n```\r\nxpack.searchIndices.enabled: true\r\n\r\n```\r\n2.
[Create
new\r\nindex](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-create-index.html)\r\n3.
Navigate to `index management` app\r\n4. Click on index name and confirm
is navigated
to\r\n`/app/elasticsearch/indices/index_details/my-index/data`\r\n5. set
`xpack.searchIndices.enabled: false` in `kibana.dev.yml` \r\n6. Navigate
again to `index management` app\r\n7. Click on index name and confirm is
navigated to index management\r\nindex details page\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [x] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Ignacio Rivas <rivasign@gmail.com>\r\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"8d82a239531ce633c866cf755deed46848cfeb47"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Saarika Bhasi <55930906+saarikabhasi@users.noreply.github.com>
 2024-10-11 15:01:37 -05:00
Kibana Machine
c9b0d86381
[8.x] [ML] Transforms: Improve data grid memoization. (#195394) (#195975) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[ML] Transforms: Improve data grid memoization.
(#195394)](https://github.com/elastic/kibana/pull/195394)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Walter
Rafelsberger","email":"walter.rafelsberger@elastic.co"},"sourceCommit":{"committedDate":"2024-10-11T18:18:11Z","message":"[ML]
Transforms: Improve data grid memoization. (#195394)\n\n##
Summary\r\n\r\nPart of #178606 and #151664.\r\n\r\n- Removes some unused
code related to identifying populated index\r\nfields.\r\n- Changes
`useIndexData()` to accept just one config options arg instead\r\nof
individual args.\r\n- Improves data grid
memoziation.\r\n\r\nImprovements tested locally:\r\n\r\n####
`many_fields` dataset (no timestamp)\r\n\r\n- `main`: `~22s` and 10 data
grid rerenders until many_fields data set\r\nloaded. The transform
config dropdown are hardly usable and super slow,\r\neach edit causes 3
data grid rerenders.\r\n- This PR: `~4.5s` and 7 data grid rerenders
until many_fields data set\r\nloaded. The transform config dropdowns are
a bit slow but usable!\r\n\r\n#### `kibana_sample_data_logs` dataset
(whole dataset in the past to\r\ntest rerenders on load without
data)\r\n\r\n- `main`: 5 rerenders.\r\n- This PR: 3 rerenders\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [x] This was checked for breaking
API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"869ceec5ca8a1156d077bb2a888a91ef73e30511","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":[":ml","release_note:skip","Feature:Transforms","v9.0.0","v8.16.0","backport:version"],"title":"[ML]
Transforms: Improve data grid
memoization.","number":195394,"url":"https://github.com/elastic/kibana/pull/195394","mergeCommit":{"message":"[ML]
Transforms: Improve data grid memoization. (#195394)\n\n##
Summary\r\n\r\nPart of #178606 and #151664.\r\n\r\n- Removes some unused
code related to identifying populated index\r\nfields.\r\n- Changes
`useIndexData()` to accept just one config options arg instead\r\nof
individual args.\r\n- Improves data grid
memoziation.\r\n\r\nImprovements tested locally:\r\n\r\n####
`many_fields` dataset (no timestamp)\r\n\r\n- `main`: `~22s` and 10 data
grid rerenders until many_fields data set\r\nloaded. The transform
config dropdown are hardly usable and super slow,\r\neach edit causes 3
data grid rerenders.\r\n- This PR: `~4.5s` and 7 data grid rerenders
until many_fields data set\r\nloaded. The transform config dropdowns are
a bit slow but usable!\r\n\r\n#### `kibana_sample_data_logs` dataset
(whole dataset in the past to\r\ntest rerenders on load without
data)\r\n\r\n- `main`: 5 rerenders.\r\n- This PR: 3 rerenders\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [x] This was checked for breaking
API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"869ceec5ca8a1156d077bb2a888a91ef73e30511"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195394","number":195394,"mergeCommit":{"message":"[ML]
Transforms: Improve data grid memoization. (#195394)\n\n##
Summary\r\n\r\nPart of #178606 and #151664.\r\n\r\n- Removes some unused
code related to identifying populated index\r\nfields.\r\n- Changes
`useIndexData()` to accept just one config options arg instead\r\nof
individual args.\r\n- Improves data grid
memoziation.\r\n\r\nImprovements tested locally:\r\n\r\n####
`many_fields` dataset (no timestamp)\r\n\r\n- `main`: `~22s` and 10 data
grid rerenders until many_fields data set\r\nloaded. The transform
config dropdown are hardly usable and super slow,\r\neach edit causes 3
data grid rerenders.\r\n- This PR: `~4.5s` and 7 data grid rerenders
until many_fields data set\r\nloaded. The transform config dropdowns are
a bit slow but usable!\r\n\r\n#### `kibana_sample_data_logs` dataset
(whole dataset in the past to\r\ntest rerenders on load without
data)\r\n\r\n- `main`: 5 rerenders.\r\n- This PR: 3 rerenders\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [x] This was checked for breaking
API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"869ceec5ca8a1156d077bb2a888a91ef73e30511"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Walter Rafelsberger <walter.rafelsberger@elastic.co>
 2024-10-11 14:59:01 -05:00
Kibana Machine
3926570553
[8.x] [Secuity Solution][DQD] add historical results (Phase 1) (#191898) (#195962) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Secuity Solution][DQD] add historical results (Phase 1)
(#191898)](https://github.com/elastic/kibana/pull/191898)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Karen
Grigoryan","email":"karen.grigoryan@elastic.co"},"sourceCommit":{"committedDate":"2024-10-11T16:14:11Z","message":"[Secuity
Solution][DQD] add historical results (Phase 1) (#191898)\n\naddresses
#185882 \r\n\r\nleverages changes introduced
in\r\nhttps://github.com/elastic/kibana/pull/188468\r\n\r\n# Data
Quality Dashboard Historical Results (Phase 1)\r\n\r\nThis PR introduces
new functionality to the Data Quality Dashboard\r\n\r\nHistory tab
(new):\r\n- view last 30 days of check results by default:\r\n- filter
by historical checks by outcome (PASS/FAIL/ALL)\r\n- paginate all
results (10 per page by default)\r\n- each result can be viewed in
individually and independently\r\nexpandable/collapsible accordion panel
(collapsed by default)\r\n- each result contains an extended index stats
panel with (custom, ecs\r\nand all fields counts)\r\n- each result
contains index properties tabs (incompatible and same\r\nfamily)\r\n-
check now checks and redirects to latest check tab with latest
check\r\ninfo\r\n- switching from initial historical tab to latest check
tab triggers\r\nlatest check\r\n- subsequent switching back and forth
between already open history or\r\nlatest check tabs doesn't trigger a
check\r\n- legacy data (before release of
this\r\nhttps://github.com/elastic/kibana/pull/185025) is supported
with\r\ndegraded view (same family tab is disabled with warning
tooltip),\r\nincompatible tab tables are statically rendered from
markdown\r\n\r\nLatest checks list view (changes):\r\n- remove check
index button icon from list view\r\n- add historical results button icon
instead of check index button\r\n- historical results button icon
directly opens history tab without\r\ngoing through latest
check\r\n\r\n# UI Changes (before/after):\r\n\r\n## ESS
Changes\r\n\r\n### Latest check expand icon\r\n- expand icon is replaced
with check now icon (functionality is the\r\nsame)\r\n- tooltip text is
updated\r\n- this new icon is still opening the index check flyout tab
(latest\r\ncheck
tab)\r\n\r\n![ess_before_after_0](https://github.com/user-attachments/assets/795af721-6867-4f56-882e-2a0f52793560)\r\n\r\n###
Historical check icon **(NEW)**\r\n- inline check now functionality is
removed\r\n- view history icon is added in its stead to open a flyout
with history\r\ntab\r\n- tooltip text is
updated\r\n\r\n![ess_before_after_1](https://github.com/user-attachments/assets/7f2c6009-35c3-488c-87ac-3048f4bded7b)\r\n\r\n###
Flyout Header\r\n- \"checked at\" subheader is now shorter (milliseconds
are removed)\r\n- Tabline with Latest check and History tabs is added
**(NEW)**\r\n\r\n![ess_before_after_2](https://github.com/user-attachments/assets/728ff743-500e-435a-a07e-4287647a0af5)\r\n\r\n###
History tab **(NEW)**\r\n- top left: filter by check outcome\r\n- top
right: filter by date range\r\n- list of checks collapsed by default
(individually separately\r\ncontrolled, multiple can be open at a
time)\r\n- pagination (10,25,50). 10 by
default\r\n\r\n![ess_after_3](https://github.com/user-attachments/assets/36fc0cee-b103-483d-ba79-d583bba89acf)\r\n\r\n###
Individual check result view **(NEW)**\r\n- topline: extended index
stats including new \"custom\", \"ecs compliant\"\r\n& \"all
fields\".\r\n- incompatible fields and same family fields view (custom,
ecs compliant\r\nand all fields view is unavailable in history
tab)\r\n\r\n![ess_after_4](https://github.com/user-attachments/assets/57e6d5a1-1470-4c4b-9272-ccc872d80dc5)\r\n\r\n###
Legacy check result view **(NEW)**\r\n- before this PR went to
production\r\nhttps://github.com/elastic/kibana/pull/185025 check result
data\r\ncontained information allowing to recreate detailed view of
incompatible\r\nfields from markdown only (without same family
fields)\r\n- we recreate incompatible field tables in degraded view from
markdown\r\n- same family tab is permanently disabled with an
explanation tooltip\r\n- action buttons still work as is for
incompatible fields view\r\n- index stats panel is showing as for
non-legacy
result\r\n\r\n![SCR-20241009-lmcu](https://github.com/user-attachments/assets/cd11435e-7335-40f3-a0b8-4e5c6bcc2f38)\r\n\r\n###
No
results\r\n\r\n![SCR-20241009-llzw](https://github.com/user-attachments/assets/a942ce8e-6e0e-46d3-9104-c30648a18208)\r\n\r\n###
Loading
view\r\n\r\n![ess_after_8](https://github.com/user-attachments/assets/1411ccc2-4978-41f6-a02d-2ca404a01c16)\r\n\r\n###
Error
view\r\n\r\n![ess_after_9](https://github.com/user-attachments/assets/adc80e19-0005-46f9-a667-ffd3bf8ecb4f)\r\n\r\n##
Serverless Changes\r\n### Empty checks result badge **(FIX)**\r\n-
**previously empty pattern check result badge was marked as
`PASS`\r\nwhich was incorrect. It was
removed.**\r\n\r\n![serverless_before_after_0](https://github.com/user-attachments/assets/67e02e9c-cd7f-46d7-9b7a-9bdaa0abfc6c)\r\n\r\n###
Latest check expand icon\r\n- expand icon is replaced with check now
icon (functionality is the\r\nsame)\r\n- tooltip text is updated\r\n-
this new icon is still opening the index check flyout tab
(latest\r\ncheck
tab)\r\n\r\n![serverless_before_after_1](https://github.com/user-attachments/assets/dfac9aad-158b-4863-b719-47d50b06bda3)\r\n\r\n###
Historical check icon **(NEW)**\r\n- inline check now functionality is
removed\r\n- view history icon is added in its stead to open a flyout
with history\r\ntab\r\n- tooltip text is
updated\r\n\r\n![serverless_before_after_2](https://github.com/user-attachments/assets/c688c28c-2d86-4669-a9bb-ffc297d21bbf)\r\n\r\n###
Flyout Header and Body Topline\r\n- \"checked at\" subheader is now
shorter (milliseconds are removed)\r\n- Tabline with Latest check and
History tabs is added **(NEW)**\r\n- **Index Stats Panel is now also
showing here just like in latest check\r\ntab (but without phase label
as ilm is not available in
serverless)**\r\n**(NEW)**\r\n\r\n![serverless_before_after_3](https://github.com/user-attachments/assets/c3ae4160-d07c-4049-b8b4-4b66faa50320)\r\n\r\n###
History tab **(NEW)**\r\n- top left: filter by check outcome\r\n- top
right: filter by date range\r\n- list of checks collapsed by default
(individually separately\r\ncontrolled, multiple can be open at a
time)\r\n- pagination (10,25,50). 10 by
default\r\n\r\n![serverless_after_4](https://github.com/user-attachments/assets/8b767de3-1ab1-4b9f-b0b8-84754a3776ae)\r\n\r\n###
Individual check result view **(NEW)**\r\n- topline: extended index
stats including new \"custom\", \"ecs compliant\"\r\n& \"all fields\"
but **excluding ilm phase label section**.\r\n- incompatible fields and
same family fields view (custom, ecs compliant\r\nand all fields view is
unavailable in history
tab)\r\n\r\n![serverless_after_5](https://github.com/user-attachments/assets/d8fdd48f-63f2-48f2-8ede-3613bffaa157)\r\n\r\n###
Legacy check result view **(NEW)**\r\n- before this PR went to
production\r\nhttps://github.com/elastic/kibana/pull/185025 check result
data\r\ncontained information allowing to recreate detailed view of
incompatible\r\nfields from markdown only (without same family
fields)\r\n- we recreate incompatible field tables in degraded view from
markdown\r\n- same family tab is permanently disabled with an
explanation tooltip\r\n- action buttons still work as is for
incompatible fields view\r\n- index stats panel is showing as for
non-legacy
result\r\n\r\n![SCR-20241009-lkhi](https://github.com/user-attachments/assets/10adee1c-c11a-428a-9c56-ecc20a37f97f)\r\n\r\n###
No
results\r\n\r\n![SCR-20241009-ljwg](https://github.com/user-attachments/assets/8bf48778-98d6-4a96-a713-b49d4cc5165a)\r\n\r\n###
Loading
view\r\n\r\n![serverless_after_9](https://github.com/user-attachments/assets/5ba1f2cc-cbd9-4cfa-964c-962be150016f)\r\n\r\n###
Error
view\r\n\r\n![serverless_after_10](https://github.com/user-attachments/assets/b5c33ded-4ee5-46ff-9e13-f9e5dfc7546e)","sha":"e5f7739b263902bd01aca9fa902be7cc5181e855","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["v9.0.0","Team:Threat
Hunting","release_note:feature","Team:Threat
Hunting:Explore","backport:prev-minor","ci:cloud-deploy","ci:cloud-redeploy","ci:cloud-persist-deployment","ci:build-serverless-image","ci:project-deploy-security","ci:project-persist-deployment","ci:project-redeploy","v8.16.0"],"title":"[Secuity
Solution][DQD] add historical results (Phase 1)
","number":191898,"url":"https://github.com/elastic/kibana/pull/191898","mergeCommit":{"message":"[Secuity
Solution][DQD] add historical results (Phase 1) (#191898)\n\naddresses
#185882 \r\n\r\nleverages changes introduced
in\r\nhttps://github.com/elastic/kibana/pull/188468\r\n\r\n# Data
Quality Dashboard Historical Results (Phase 1)\r\n\r\nThis PR introduces
new functionality to the Data Quality Dashboard\r\n\r\nHistory tab
(new):\r\n- view last 30 days of check results by default:\r\n- filter
by historical checks by outcome (PASS/FAIL/ALL)\r\n- paginate all
results (10 per page by default)\r\n- each result can be viewed in
individually and independently\r\nexpandable/collapsible accordion panel
(collapsed by default)\r\n- each result contains an extended index stats
panel with (custom, ecs\r\nand all fields counts)\r\n- each result
contains index properties tabs (incompatible and same\r\nfamily)\r\n-
check now checks and redirects to latest check tab with latest
check\r\ninfo\r\n- switching from initial historical tab to latest check
tab triggers\r\nlatest check\r\n- subsequent switching back and forth
between already open history or\r\nlatest check tabs doesn't trigger a
check\r\n- legacy data (before release of
this\r\nhttps://github.com/elastic/kibana/pull/185025) is supported
with\r\ndegraded view (same family tab is disabled with warning
tooltip),\r\nincompatible tab tables are statically rendered from
markdown\r\n\r\nLatest checks list view (changes):\r\n- remove check
index button icon from list view\r\n- add historical results button icon
instead of check index button\r\n- historical results button icon
directly opens history tab without\r\ngoing through latest
check\r\n\r\n# UI Changes (before/after):\r\n\r\n## ESS
Changes\r\n\r\n### Latest check expand icon\r\n- expand icon is replaced
with check now icon (functionality is the\r\nsame)\r\n- tooltip text is
updated\r\n- this new icon is still opening the index check flyout tab
(latest\r\ncheck
tab)\r\n\r\n![ess_before_after_0](https://github.com/user-attachments/assets/795af721-6867-4f56-882e-2a0f52793560)\r\n\r\n###
Historical check icon **(NEW)**\r\n- inline check now functionality is
removed\r\n- view history icon is added in its stead to open a flyout
with history\r\ntab\r\n- tooltip text is
updated\r\n\r\n![ess_before_after_1](https://github.com/user-attachments/assets/7f2c6009-35c3-488c-87ac-3048f4bded7b)\r\n\r\n###
Flyout Header\r\n- \"checked at\" subheader is now shorter (milliseconds
are removed)\r\n- Tabline with Latest check and History tabs is added
**(NEW)**\r\n\r\n![ess_before_after_2](https://github.com/user-attachments/assets/728ff743-500e-435a-a07e-4287647a0af5)\r\n\r\n###
History tab **(NEW)**\r\n- top left: filter by check outcome\r\n- top
right: filter by date range\r\n- list of checks collapsed by default
(individually separately\r\ncontrolled, multiple can be open at a
time)\r\n- pagination (10,25,50). 10 by
default\r\n\r\n![ess_after_3](https://github.com/user-attachments/assets/36fc0cee-b103-483d-ba79-d583bba89acf)\r\n\r\n###
Individual check result view **(NEW)**\r\n- topline: extended index
stats including new \"custom\", \"ecs compliant\"\r\n& \"all
fields\".\r\n- incompatible fields and same family fields view (custom,
ecs compliant\r\nand all fields view is unavailable in history
tab)\r\n\r\n![ess_after_4](https://github.com/user-attachments/assets/57e6d5a1-1470-4c4b-9272-ccc872d80dc5)\r\n\r\n###
Legacy check result view **(NEW)**\r\n- before this PR went to
production\r\nhttps://github.com/elastic/kibana/pull/185025 check result
data\r\ncontained information allowing to recreate detailed view of
incompatible\r\nfields from markdown only (without same family
fields)\r\n- we recreate incompatible field tables in degraded view from
markdown\r\n- same family tab is permanently disabled with an
explanation tooltip\r\n- action buttons still work as is for
incompatible fields view\r\n- index stats panel is showing as for
non-legacy
result\r\n\r\n![SCR-20241009-lmcu](https://github.com/user-attachments/assets/cd11435e-7335-40f3-a0b8-4e5c6bcc2f38)\r\n\r\n###
No
results\r\n\r\n![SCR-20241009-llzw](https://github.com/user-attachments/assets/a942ce8e-6e0e-46d3-9104-c30648a18208)\r\n\r\n###
Loading
view\r\n\r\n![ess_after_8](https://github.com/user-attachments/assets/1411ccc2-4978-41f6-a02d-2ca404a01c16)\r\n\r\n###
Error
view\r\n\r\n![ess_after_9](https://github.com/user-attachments/assets/adc80e19-0005-46f9-a667-ffd3bf8ecb4f)\r\n\r\n##
Serverless Changes\r\n### Empty checks result badge **(FIX)**\r\n-
**previously empty pattern check result badge was marked as
`PASS`\r\nwhich was incorrect. It was
removed.**\r\n\r\n![serverless_before_after_0](https://github.com/user-attachments/assets/67e02e9c-cd7f-46d7-9b7a-9bdaa0abfc6c)\r\n\r\n###
Latest check expand icon\r\n- expand icon is replaced with check now
icon (functionality is the\r\nsame)\r\n- tooltip text is updated\r\n-
this new icon is still opening the index check flyout tab
(latest\r\ncheck
tab)\r\n\r\n![serverless_before_after_1](https://github.com/user-attachments/assets/dfac9aad-158b-4863-b719-47d50b06bda3)\r\n\r\n###
Historical check icon **(NEW)**\r\n- inline check now functionality is
removed\r\n- view history icon is added in its stead to open a flyout
with history\r\ntab\r\n- tooltip text is
updated\r\n\r\n![serverless_before_after_2](https://github.com/user-attachments/assets/c688c28c-2d86-4669-a9bb-ffc297d21bbf)\r\n\r\n###
Flyout Header and Body Topline\r\n- \"checked at\" subheader is now
shorter (milliseconds are removed)\r\n- Tabline with Latest check and
History tabs is added **(NEW)**\r\n- **Index Stats Panel is now also
showing here just like in latest check\r\ntab (but without phase label
as ilm is not available in
serverless)**\r\n**(NEW)**\r\n\r\n![serverless_before_after_3](https://github.com/user-attachments/assets/c3ae4160-d07c-4049-b8b4-4b66faa50320)\r\n\r\n###
History tab **(NEW)**\r\n- top left: filter by check outcome\r\n- top
right: filter by date range\r\n- list of checks collapsed by default
(individually separately\r\ncontrolled, multiple can be open at a
time)\r\n- pagination (10,25,50). 10 by
default\r\n\r\n![serverless_after_4](https://github.com/user-attachments/assets/8b767de3-1ab1-4b9f-b0b8-84754a3776ae)\r\n\r\n###
Individual check result view **(NEW)**\r\n- topline: extended index
stats including new \"custom\", \"ecs compliant\"\r\n& \"all fields\"
but **excluding ilm phase label section**.\r\n- incompatible fields and
same family fields view (custom, ecs compliant\r\nand all fields view is
unavailable in history
tab)\r\n\r\n![serverless_after_5](https://github.com/user-attachments/assets/d8fdd48f-63f2-48f2-8ede-3613bffaa157)\r\n\r\n###
Legacy check result view **(NEW)**\r\n- before this PR went to
production\r\nhttps://github.com/elastic/kibana/pull/185025 check result
data\r\ncontained information allowing to recreate detailed view of
incompatible\r\nfields from markdown only (without same family
fields)\r\n- we recreate incompatible field tables in degraded view from
markdown\r\n- same family tab is permanently disabled with an
explanation tooltip\r\n- action buttons still work as is for
incompatible fields view\r\n- index stats panel is showing as for
non-legacy
result\r\n\r\n![SCR-20241009-lkhi](https://github.com/user-attachments/assets/10adee1c-c11a-428a-9c56-ecc20a37f97f)\r\n\r\n###
No
results\r\n\r\n![SCR-20241009-ljwg](https://github.com/user-attachments/assets/8bf48778-98d6-4a96-a713-b49d4cc5165a)\r\n\r\n###
Loading
view\r\n\r\n![serverless_after_9](https://github.com/user-attachments/assets/5ba1f2cc-cbd9-4cfa-964c-962be150016f)\r\n\r\n###
Error
view\r\n\r\n![serverless_after_10](https://github.com/user-attachments/assets/b5c33ded-4ee5-46ff-9e13-f9e5dfc7546e)","sha":"e5f7739b263902bd01aca9fa902be7cc5181e855"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/191898","number":191898,"mergeCommit":{"message":"[Secuity
Solution][DQD] add historical results (Phase 1) (#191898)\n\naddresses
#185882 \r\n\r\nleverages changes introduced
in\r\nhttps://github.com/elastic/kibana/pull/188468\r\n\r\n# Data
Quality Dashboard Historical Results (Phase 1)\r\n\r\nThis PR introduces
new functionality to the Data Quality Dashboard\r\n\r\nHistory tab
(new):\r\n- view last 30 days of check results by default:\r\n- filter
by historical checks by outcome (PASS/FAIL/ALL)\r\n- paginate all
results (10 per page by default)\r\n- each result can be viewed in
individually and independently\r\nexpandable/collapsible accordion panel
(collapsed by default)\r\n- each result contains an extended index stats
panel with (custom, ecs\r\nand all fields counts)\r\n- each result
contains index properties tabs (incompatible and same\r\nfamily)\r\n-
check now checks and redirects to latest check tab with latest
check\r\ninfo\r\n- switching from initial historical tab to latest check
tab triggers\r\nlatest check\r\n- subsequent switching back and forth
between already open history or\r\nlatest check tabs doesn't trigger a
check\r\n- legacy data (before release of
this\r\nhttps://github.com/elastic/kibana/pull/185025) is supported
with\r\ndegraded view (same family tab is disabled with warning
tooltip),\r\nincompatible tab tables are statically rendered from
markdown\r\n\r\nLatest checks list view (changes):\r\n- remove check
index button icon from list view\r\n- add historical results button icon
instead of check index button\r\n- historical results button icon
directly opens history tab without\r\ngoing through latest
check\r\n\r\n# UI Changes (before/after):\r\n\r\n## ESS
Changes\r\n\r\n### Latest check expand icon\r\n- expand icon is replaced
with check now icon (functionality is the\r\nsame)\r\n- tooltip text is
updated\r\n- this new icon is still opening the index check flyout tab
(latest\r\ncheck
tab)\r\n\r\n![ess_before_after_0](https://github.com/user-attachments/assets/795af721-6867-4f56-882e-2a0f52793560)\r\n\r\n###
Historical check icon **(NEW)**\r\n- inline check now functionality is
removed\r\n- view history icon is added in its stead to open a flyout
with history\r\ntab\r\n- tooltip text is
updated\r\n\r\n![ess_before_after_1](https://github.com/user-attachments/assets/7f2c6009-35c3-488c-87ac-3048f4bded7b)\r\n\r\n###
Flyout Header\r\n- \"checked at\" subheader is now shorter (milliseconds
are removed)\r\n- Tabline with Latest check and History tabs is added
**(NEW)**\r\n\r\n![ess_before_after_2](https://github.com/user-attachments/assets/728ff743-500e-435a-a07e-4287647a0af5)\r\n\r\n###
History tab **(NEW)**\r\n- top left: filter by check outcome\r\n- top
right: filter by date range\r\n- list of checks collapsed by default
(individually separately\r\ncontrolled, multiple can be open at a
time)\r\n- pagination (10,25,50). 10 by
default\r\n\r\n![ess_after_3](https://github.com/user-attachments/assets/36fc0cee-b103-483d-ba79-d583bba89acf)\r\n\r\n###
Individual check result view **(NEW)**\r\n- topline: extended index
stats including new \"custom\", \"ecs compliant\"\r\n& \"all
fields\".\r\n- incompatible fields and same family fields view (custom,
ecs compliant\r\nand all fields view is unavailable in history
tab)\r\n\r\n![ess_after_4](https://github.com/user-attachments/assets/57e6d5a1-1470-4c4b-9272-ccc872d80dc5)\r\n\r\n###
Legacy check result view **(NEW)**\r\n- before this PR went to
production\r\nhttps://github.com/elastic/kibana/pull/185025 check result
data\r\ncontained information allowing to recreate detailed view of
incompatible\r\nfields from markdown only (without same family
fields)\r\n- we recreate incompatible field tables in degraded view from
markdown\r\n- same family tab is permanently disabled with an
explanation tooltip\r\n- action buttons still work as is for
incompatible fields view\r\n- index stats panel is showing as for
non-legacy
result\r\n\r\n![SCR-20241009-lmcu](https://github.com/user-attachments/assets/cd11435e-7335-40f3-a0b8-4e5c6bcc2f38)\r\n\r\n###
No
results\r\n\r\n![SCR-20241009-llzw](https://github.com/user-attachments/assets/a942ce8e-6e0e-46d3-9104-c30648a18208)\r\n\r\n###
Loading
view\r\n\r\n![ess_after_8](https://github.com/user-attachments/assets/1411ccc2-4978-41f6-a02d-2ca404a01c16)\r\n\r\n###
Error
view\r\n\r\n![ess_after_9](https://github.com/user-attachments/assets/adc80e19-0005-46f9-a667-ffd3bf8ecb4f)\r\n\r\n##
Serverless Changes\r\n### Empty checks result badge **(FIX)**\r\n-
**previously empty pattern check result badge was marked as
`PASS`\r\nwhich was incorrect. It was
removed.**\r\n\r\n![serverless_before_after_0](https://github.com/user-attachments/assets/67e02e9c-cd7f-46d7-9b7a-9bdaa0abfc6c)\r\n\r\n###
Latest check expand icon\r\n- expand icon is replaced with check now
icon (functionality is the\r\nsame)\r\n- tooltip text is updated\r\n-
this new icon is still opening the index check flyout tab
(latest\r\ncheck
tab)\r\n\r\n![serverless_before_after_1](https://github.com/user-attachments/assets/dfac9aad-158b-4863-b719-47d50b06bda3)\r\n\r\n###
Historical check icon **(NEW)**\r\n- inline check now functionality is
removed\r\n- view history icon is added in its stead to open a flyout
with history\r\ntab\r\n- tooltip text is
updated\r\n\r\n![serverless_before_after_2](https://github.com/user-attachments/assets/c688c28c-2d86-4669-a9bb-ffc297d21bbf)\r\n\r\n###
Flyout Header and Body Topline\r\n- \"checked at\" subheader is now
shorter (milliseconds are removed)\r\n- Tabline with Latest check and
History tabs is added **(NEW)**\r\n- **Index Stats Panel is now also
showing here just like in latest check\r\ntab (but without phase label
as ilm is not available in
serverless)**\r\n**(NEW)**\r\n\r\n![serverless_before_after_3](https://github.com/user-attachments/assets/c3ae4160-d07c-4049-b8b4-4b66faa50320)\r\n\r\n###
History tab **(NEW)**\r\n- top left: filter by check outcome\r\n- top
right: filter by date range\r\n- list of checks collapsed by default
(individually separately\r\ncontrolled, multiple can be open at a
time)\r\n- pagination (10,25,50). 10 by
default\r\n\r\n![serverless_after_4](https://github.com/user-attachments/assets/8b767de3-1ab1-4b9f-b0b8-84754a3776ae)\r\n\r\n###
Individual check result view **(NEW)**\r\n- topline: extended index
stats including new \"custom\", \"ecs compliant\"\r\n& \"all fields\"
but **excluding ilm phase label section**.\r\n- incompatible fields and
same family fields view (custom, ecs compliant\r\nand all fields view is
unavailable in history
tab)\r\n\r\n![serverless_after_5](https://github.com/user-attachments/assets/d8fdd48f-63f2-48f2-8ede-3613bffaa157)\r\n\r\n###
Legacy check result view **(NEW)**\r\n- before this PR went to
production\r\nhttps://github.com/elastic/kibana/pull/185025 check result
data\r\ncontained information allowing to recreate detailed view of
incompatible\r\nfields from markdown only (without same family
fields)\r\n- we recreate incompatible field tables in degraded view from
markdown\r\n- same family tab is permanently disabled with an
explanation tooltip\r\n- action buttons still work as is for
incompatible fields view\r\n- index stats panel is showing as for
non-legacy
result\r\n\r\n![SCR-20241009-lkhi](https://github.com/user-attachments/assets/10adee1c-c11a-428a-9c56-ecc20a37f97f)\r\n\r\n###
No
results\r\n\r\n![SCR-20241009-ljwg](https://github.com/user-attachments/assets/8bf48778-98d6-4a96-a713-b49d4cc5165a)\r\n\r\n###
Loading
view\r\n\r\n![serverless_after_9](https://github.com/user-attachments/assets/5ba1f2cc-cbd9-4cfa-964c-962be150016f)\r\n\r\n###
Error
view\r\n\r\n![serverless_after_10](https://github.com/user-attachments/assets/b5c33ded-4ee5-46ff-9e13-f9e5dfc7546e)","sha":"e5f7739b263902bd01aca9fa902be7cc5181e855"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Karen Grigoryan <karen.grigoryan@elastic.co>
 2024-10-11 13:02:33 -05:00
Kibana Machine
d360231339
[8.x] [Onboarding] Increasing telemetry coverage (#195741) (#195903) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Onboarding] Increasing telemetry coverage
(#195741)](https://github.com/elastic/kibana/pull/195741)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Joe
McElroy","email":"joseph.mcelroy@elastic.co"},"sourceCommit":{"committedDate":"2024-10-11T12:08:07Z","message":"[Onboarding]
Increasing telemetry coverage (#195741)\n\n## Summary\r\n\r\nAdding
telemetry coverage for onboarding.\r\n\r\nAlso adds the eslint rule
which warns of elements that do not have a\r\ndata-test-subj for
telemetry needs.\r\n\r\n![Screenshot 2024-10-10 at 20
07\r\n20](https://github.com/user-attachments/assets/5ea449d9-01da-4a1c-8b5a-da727e0f2c49)\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"4aa491dd7793a974a91cc295579d71529a9029df","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:EnterpriseSearch","backport:prev-minor"],"title":"[Onboarding]
Increasing telemetry
coverage","number":195741,"url":"https://github.com/elastic/kibana/pull/195741","mergeCommit":{"message":"[Onboarding]
Increasing telemetry coverage (#195741)\n\n## Summary\r\n\r\nAdding
telemetry coverage for onboarding.\r\n\r\nAlso adds the eslint rule
which warns of elements that do not have a\r\ndata-test-subj for
telemetry needs.\r\n\r\n![Screenshot 2024-10-10 at 20
07\r\n20](https://github.com/user-attachments/assets/5ea449d9-01da-4a1c-8b5a-da727e0f2c49)\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"4aa491dd7793a974a91cc295579d71529a9029df"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195741","number":195741,"mergeCommit":{"message":"[Onboarding]
Increasing telemetry coverage (#195741)\n\n## Summary\r\n\r\nAdding
telemetry coverage for onboarding.\r\n\r\nAlso adds the eslint rule
which warns of elements that do not have a\r\ndata-test-subj for
telemetry needs.\r\n\r\n![Screenshot 2024-10-10 at 20
07\r\n20](https://github.com/user-attachments/assets/5ea449d9-01da-4a1c-8b5a-da727e0f2c49)\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"4aa491dd7793a974a91cc295579d71529a9029df"}}]}]
BACKPORT-->

Co-authored-by: Joe McElroy <joseph.mcelroy@elastic.co>
 2024-10-11 15:58:35 +02:00
Kibana Machine
8f86639706
[8.x] [Cloud Security] Increase retention period on queries related to 3rd party data loading (#195636) (#195871) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Cloud Security] Increase retention period on queries related to 3rd
party data loading
(#195636)](https://github.com/elastic/kibana/pull/195636)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Maxim
Kholod","email":"maxim.kholod@elastic.co"},"sourceCommit":{"committedDate":"2024-10-11T09:34:12Z","message":"[Cloud
Security] Increase retention period on queries related to 3rd party data
loading (#195636)\n\n## Summary\r\n\r\nIncrease retention on Cloud
Security queries to accommodate a longer\r\nretention period on
third-party CDR integrations, such as Wiz and AWS\r\nSecurityHub. This
introduces regression
for\r\nhttps://github.com/elastic/kibana/issues/142198\r\nThis is meant
is a temporary workaround until we find a robust way to\r\nget full
posture for third-party CDR integrations\r\nThis change goes together
with increasing retention period on Wiz: \r\n-
https://github.com/elastic/integrations/pull/11393\r\n\r\nfixes:\r\n-
https://github.com/elastic/security-team/issues/10683\r\n\r\n## How to
test\r\nThe CI deployed a serverless project where I installed Wiz and
CSP\r\nintegrations and ingested some
data.","sha":"e18c52eec2cb18dc2590b61d7649de4507f060a7","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud
Security","backport:prev-major","ci:cloud-deploy","ci:project-deploy-security","v8.16.0"],"title":"[Cloud
Security] Increase retention period on queries related to 3rd party data
loading","number":195636,"url":"https://github.com/elastic/kibana/pull/195636","mergeCommit":{"message":"[Cloud
Security] Increase retention period on queries related to 3rd party data
loading (#195636)\n\n## Summary\r\n\r\nIncrease retention on Cloud
Security queries to accommodate a longer\r\nretention period on
third-party CDR integrations, such as Wiz and AWS\r\nSecurityHub. This
introduces regression
for\r\nhttps://github.com/elastic/kibana/issues/142198\r\nThis is meant
is a temporary workaround until we find a robust way to\r\nget full
posture for third-party CDR integrations\r\nThis change goes together
with increasing retention period on Wiz: \r\n-
https://github.com/elastic/integrations/pull/11393\r\n\r\nfixes:\r\n-
https://github.com/elastic/security-team/issues/10683\r\n\r\n## How to
test\r\nThe CI deployed a serverless project where I installed Wiz and
CSP\r\nintegrations and ingested some
data.","sha":"e18c52eec2cb18dc2590b61d7649de4507f060a7"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195636","number":195636,"mergeCommit":{"message":"[Cloud
Security] Increase retention period on queries related to 3rd party data
loading (#195636)\n\n## Summary\r\n\r\nIncrease retention on Cloud
Security queries to accommodate a longer\r\nretention period on
third-party CDR integrations, such as Wiz and AWS\r\nSecurityHub. This
introduces regression
for\r\nhttps://github.com/elastic/kibana/issues/142198\r\nThis is meant
is a temporary workaround until we find a robust way to\r\nget full
posture for third-party CDR integrations\r\nThis change goes together
with increasing retention period on Wiz: \r\n-
https://github.com/elastic/integrations/pull/11393\r\n\r\nfixes:\r\n-
https://github.com/elastic/security-team/issues/10683\r\n\r\n## How to
test\r\nThe CI deployed a serverless project where I installed Wiz and
CSP\r\nintegrations and ingested some
data.","sha":"e18c52eec2cb18dc2590b61d7649de4507f060a7"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Maxim Kholod <maxim.kholod@elastic.co>
 2024-10-11 13:43:30 +02:00
Kibana Machine
afebfae443
[8.x] [Security GenAI] Fix &#x60;VertexChatAI&#x60; tool calling (#195689) (#195832) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security GenAI] Fix &#x60;VertexChatAI&#x60; tool calling
(#195689)](https://github.com/elastic/kibana/pull/195689)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Steph
Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2024-10-10T21:59:10Z","message":"[Security
GenAI] Fix `VertexChatAI` tool calling
(#195689)","sha":"6ff2d87b5c8ed48ccfaa66f9cc8d712ae161a076","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:
SecuritySolution","backport:prev-minor","Team:Security Generative
AI","v8.16.0"],"title":"[Security GenAI] Fix `VertexChatAI` tool
calling","number":195689,"url":"https://github.com/elastic/kibana/pull/195689","mergeCommit":{"message":"[Security
GenAI] Fix `VertexChatAI` tool calling
(#195689)","sha":"6ff2d87b5c8ed48ccfaa66f9cc8d712ae161a076"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195689","number":195689,"mergeCommit":{"message":"[Security
GenAI] Fix `VertexChatAI` tool calling
(#195689)","sha":"6ff2d87b5c8ed48ccfaa66f9cc8d712ae161a076"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
 2024-10-11 01:49:12 +02:00
Kibana Machine
e435c47a8a
[8.x] [Security Solution] Add alert and cloud insights to document flyout (#195509) (#195825) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Solution] Add alert and cloud insights to document flyout
(#195509)](https://github.com/elastic/kibana/pull/195509)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT
[{"author":{"name":"christineweng","email":"18648970+christineweng@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-10T20:46:51Z","message":"[Security
Solution] Add alert and cloud insights to document flyout
(#195509)\n\n## Summary\r\n\r\nThis PR adds alert count,
misconfiguration and vulnerabilities insights\r\nto alert/event flyout.
If data is not available, the insights
are\r\nhidden.\r\n\r\n\r\n[Mocks](ba706ab8-448a-4286-8229-c4c398136638)\r\n\r\n###
Checklist\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"cd217c072fc786cb76ee47d885501688507c2dde","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["v9.0.0","Team:Threat
Hunting","release_note:feature","Team:Threat
Hunting:Investigations","backport:prev-major","8.16
candidate","v8.16.0"],"title":"[Security Solution] Add alert and cloud
insights to document
flyout","number":195509,"url":"https://github.com/elastic/kibana/pull/195509","mergeCommit":{"message":"[Security
Solution] Add alert and cloud insights to document flyout
(#195509)\n\n## Summary\r\n\r\nThis PR adds alert count,
misconfiguration and vulnerabilities insights\r\nto alert/event flyout.
If data is not available, the insights
are\r\nhidden.\r\n\r\n\r\n[Mocks](ba706ab8-448a-4286-8229-c4c398136638)\r\n\r\n###
Checklist\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"cd217c072fc786cb76ee47d885501688507c2dde"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195509","number":195509,"mergeCommit":{"message":"[Security
Solution] Add alert and cloud insights to document flyout
(#195509)\n\n## Summary\r\n\r\nThis PR adds alert count,
misconfiguration and vulnerabilities insights\r\nto alert/event flyout.
If data is not available, the insights
are\r\nhidden.\r\n\r\n\r\n[Mocks](ba706ab8-448a-4286-8229-c4c398136638)\r\n\r\n###
Checklist\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"cd217c072fc786cb76ee47d885501688507c2dde"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: christineweng <18648970+christineweng@users.noreply.github.com>
 2024-10-11 00:30:49 +02:00
Steph Milovic
e92919e7d0
[8.x] [Security GenAI] Remove assistantNaturalLanguageESQLTool feature flag and enable by default (#195480) (#195674) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security GenAI] Remove `assistantNaturalLanguageESQLTool` feature
flag and enable by default
(#195480)](https://github.com/elastic/kibana/pull/195480)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Steph
Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2024-10-09T14:13:05Z","message":"[Security
GenAI] Remove `assistantNaturalLanguageESQLTool` feature flag and enable
by default
(#195480)","sha":"3dd1ee8ae00a40b582f2d1f784c96269a1d2e016","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","v9.0.0","Team:
SecuritySolution","backport:prev-minor","Feature:Security
Assistant","Team:Security Generative
AI","v8.16.0"],"number":195480,"url":"https://github.com/elastic/kibana/pull/195480","mergeCommit":{"message":"[Security
GenAI] Remove `assistantNaturalLanguageESQLTool` feature flag and enable
by default
(#195480)","sha":"3dd1ee8ae00a40b582f2d1f784c96269a1d2e016"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195480","number":195480,"mergeCommit":{"message":"[Security
GenAI] Remove `assistantNaturalLanguageESQLTool` feature flag and enable
by default
(#195480)","sha":"3dd1ee8ae00a40b582f2d1f784c96269a1d2e016"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
 2024-10-10 16:51:35 +02:00
Felix Stürmer
38de3b93a8
[8.x] [Logs Overview] Overview component (iteration 1) (attempt 2) (#195673) (#195742) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Logs Overview] Overview component (iteration 1) (attempt 2)
(#195673)](https://github.com/elastic/kibana/pull/195673)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Felix
Stürmer","email":"weltenwort@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-10T10:46:25Z","message":"[Logs
Overview] Overview component (iteration 1) (attempt 2) (#195673)\n\nThis
is a re-submission of https://github.com/elastic/kibana/pull/191899,
which was reverted due to\r\na storybook build problem. This introduces
a \"Logs Overview\" component for use in solution UIs\r\nbehind a
feature flag.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Kerry Gallagher
<471693+Kerry350@users.noreply.github.com>\r\nCo-authored-by: Elastic
Machine
<elasticmachine@users.noreply.github.com>","sha":"0caea22006591486fbfd80d7899e116743acd8a2","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Logs
UI","v9.0.0","release_note:feature","backport:prev-minor","ci:build-storybooks","ci:project-deploy-observability","Team:obs-ux-logs","Team:obs-ux-infra_services"],"number":195673,"url":"https://github.com/elastic/kibana/pull/195673","mergeCommit":{"message":"[Logs
Overview] Overview component (iteration 1) (attempt 2) (#195673)\n\nThis
is a re-submission of https://github.com/elastic/kibana/pull/191899,
which was reverted due to\r\na storybook build problem. This introduces
a \"Logs Overview\" component for use in solution UIs\r\nbehind a
feature flag.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Kerry Gallagher
<471693+Kerry350@users.noreply.github.com>\r\nCo-authored-by: Elastic
Machine
<elasticmachine@users.noreply.github.com>","sha":"0caea22006591486fbfd80d7899e116743acd8a2"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195673","number":195673,"mergeCommit":{"message":"[Logs
Overview] Overview component (iteration 1) (attempt 2) (#195673)\n\nThis
is a re-submission of https://github.com/elastic/kibana/pull/191899,
which was reverted due to\r\na storybook build problem. This introduces
a \"Logs Overview\" component for use in solution UIs\r\nbehind a
feature flag.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Kerry Gallagher
<471693+Kerry350@users.noreply.github.com>\r\nCo-authored-by: Elastic
Machine
<elasticmachine@users.noreply.github.com>","sha":"0caea22006591486fbfd80d7899e116743acd8a2"}}]}]
BACKPORT-->
 2024-10-10 14:06:41 +01:00
Kibana Machine
0035e94287
[8.x] [Epic] AI Insights + Assistant - Add &quot;Other&quot; option to the existing OpenAI Connector dropdown list (#8936) (#194831) (#195688) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Epic] AI Insights + Assistant - Add &quot;Other&quot; option to the
existing OpenAI Connector dropdown list (#8936)
(#194831)](https://github.com/elastic/kibana/pull/194831)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Ievgen
Sorokopud","email":"ievgen.sorokopud@elastic.co"},"sourceCommit":{"committedDate":"2024-10-09T22:07:31Z","message":"[Epic]
AI Insights + Assistant - Add \"Other\" option to the existing OpenAI
Connector dropdown list (#8936)
(#194831)","sha":"83a701e837a7a84a86dcc8d359154f900f69676a","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["v9.0.0","release_note:feature","Feature:Security
Assistant","Team:Security Generative
AI","v8.16.0","backport:version"],"title":"[Epic] AI Insights +
Assistant - Add \"Other\" option to the existing OpenAI Connector
dropdown list
(#8936)","number":194831,"url":"https://github.com/elastic/kibana/pull/194831","mergeCommit":{"message":"[Epic]
AI Insights + Assistant - Add \"Other\" option to the existing OpenAI
Connector dropdown list (#8936)
(#194831)","sha":"83a701e837a7a84a86dcc8d359154f900f69676a"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194831","number":194831,"mergeCommit":{"message":"[Epic]
AI Insights + Assistant - Add \"Other\" option to the existing OpenAI
Connector dropdown list (#8936)
(#194831)","sha":"83a701e837a7a84a86dcc8d359154f900f69676a"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Ievgen Sorokopud <ievgen.sorokopud@elastic.co>
 2024-10-10 01:56:19 +02:00
Kibana Machine
365bb613db
[8.x] [eem] remove history transforms (#193999) (#195680) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[eem] remove history transforms
(#193999)](https://github.com/elastic/kibana/pull/193999)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Kevin
Lacabane","email":"kevin.lacabane@elastic.co"},"sourceCommit":{"committedDate":"2024-10-09T21:15:33Z","message":"[eem]
remove history transforms (#193999)\n\n### Summary\r\n\r\nRemove history
and backfill transforms, leaving latest transform
in\r\nplace.\r\n\r\nNotable changes to latest transform:\r\n- it does
not read from history output anymore but source indices\r\ndefined on
the definition\r\n- it defines a `latest.lookbackPeriod` to limit the
amount of data\r\ningested, which defaults to 24h\r\n- each metadata
aggregation now accepts a\r\n`metadata.aggregation.lookbackPeriod` which
defaults to the\r\n`latest.lookbackPeriod`\r\n-
`entity.firstSeenTimestamp` is removed. this should be temporary
until\r\nwe have a solution
for\r\nhttps://github.com/elastic/elastic-entity-model/issues/174\r\n-
latest metrics used to get the latest pre-computed value from
history\r\ndata, but is it now aggregating over the `lookbackPeriod` in
the source\r\nindices (which can be filtered down with
`metrics.filter`)\r\n- `latest` block on the entity definition is now
mandatory\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Mark Hopkin
<mark.hopkin@elastic.co>","sha":"8f8e9883e0a8e78a632418a0677980f758450351","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","ci:project-deploy-observability","Feature:EEM","team:obs-entities"],"title":"[eem]
remove history
transforms","number":193999,"url":"https://github.com/elastic/kibana/pull/193999","mergeCommit":{"message":"[eem]
remove history transforms (#193999)\n\n### Summary\r\n\r\nRemove history
and backfill transforms, leaving latest transform
in\r\nplace.\r\n\r\nNotable changes to latest transform:\r\n- it does
not read from history output anymore but source indices\r\ndefined on
the definition\r\n- it defines a `latest.lookbackPeriod` to limit the
amount of data\r\ningested, which defaults to 24h\r\n- each metadata
aggregation now accepts a\r\n`metadata.aggregation.lookbackPeriod` which
defaults to the\r\n`latest.lookbackPeriod`\r\n-
`entity.firstSeenTimestamp` is removed. this should be temporary
until\r\nwe have a solution
for\r\nhttps://github.com/elastic/elastic-entity-model/issues/174\r\n-
latest metrics used to get the latest pre-computed value from
history\r\ndata, but is it now aggregating over the `lookbackPeriod` in
the source\r\nindices (which can be filtered down with
`metrics.filter`)\r\n- `latest` block on the entity definition is now
mandatory\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Mark Hopkin
<mark.hopkin@elastic.co>","sha":"8f8e9883e0a8e78a632418a0677980f758450351"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193999","number":193999,"mergeCommit":{"message":"[eem]
remove history transforms (#193999)\n\n### Summary\r\n\r\nRemove history
and backfill transforms, leaving latest transform
in\r\nplace.\r\n\r\nNotable changes to latest transform:\r\n- it does
not read from history output anymore but source indices\r\ndefined on
the definition\r\n- it defines a `latest.lookbackPeriod` to limit the
amount of data\r\ningested, which defaults to 24h\r\n- each metadata
aggregation now accepts a\r\n`metadata.aggregation.lookbackPeriod` which
defaults to the\r\n`latest.lookbackPeriod`\r\n-
`entity.firstSeenTimestamp` is removed. this should be temporary
until\r\nwe have a solution
for\r\nhttps://github.com/elastic/elastic-entity-model/issues/174\r\n-
latest metrics used to get the latest pre-computed value from
history\r\ndata, but is it now aggregating over the `lookbackPeriod` in
the source\r\nindices (which can be filtered down with
`metrics.filter`)\r\n- `latest` block on the entity definition is now
mandatory\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Mark Hopkin
<mark.hopkin@elastic.co>","sha":"8f8e9883e0a8e78a632418a0677980f758450351"}}]}]
BACKPORT-->

Co-authored-by: Kevin Lacabane <kevin.lacabane@elastic.co>
 2024-10-10 00:57:35 +02:00
Kibana Machine
9bdf698bb7
[8.x] [ML] Updates for Trained Models table layout and model states (#194614) (#195546) 2024-10-09 21:51:26 +02:00
Steph Milovic
6b9c7586b4
[8.x] [Security GenAI] Remove assistantBedrockChat feature flag (#195461) (#195516) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security GenAI] Remove `assistantBedrockChat` feature flag
(#195461)](https://github.com/elastic/kibana/pull/195461)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Steph
Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2024-10-08T22:31:05Z","message":"[Security
GenAI] Remove `assistantBedrockChat` feature flag
(#195461)","sha":"38d0bdd3deeb72ca4e502361fb0df1f68fa7f443","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","v9.0.0","Team:
SecuritySolution","backport:prev-minor","Team:Security Generative
AI","v8.16.0"],"number":195461,"url":"https://github.com/elastic/kibana/pull/195461","mergeCommit":{"message":"[Security
GenAI] Remove `assistantBedrockChat` feature flag
(#195461)","sha":"38d0bdd3deeb72ca4e502361fb0df1f68fa7f443"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195461","number":195461,"mergeCommit":{"message":"[Security
GenAI] Remove `assistantBedrockChat` feature flag
(#195461)","sha":"38d0bdd3deeb72ca4e502361fb0df1f68fa7f443"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
 2024-10-09 21:36:47 +02:00
Kibana Machine
e8992e3749
[8.x] [Security Assistant] V2 Knowledge Base Settings feedback and fixes (#194354) (#195644) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Assistant] V2 Knowledge Base Settings feedback and fixes
(#194354)](https://github.com/elastic/kibana/pull/194354)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Garrett
Spong","email":"spong@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-09T16:17:47Z","message":"[Security
Assistant] V2 Knowledge Base Settings feedback and fixes (#194354)\n\n##
Summary\r\n\r\nThis PR is a follow up to #192665 and addresses a bunch
of feedback and\r\nfixes including:\r\n\r\n- [X] Adds support for
updating/editing entries\r\n- [X] Fixes initial loading experience of
the KB Settings Setup/Table\r\n- [X] Fixes two bugs where
`semantic_text` and `text` must be declared\r\nfor `IndexEntries` to
work\r\n- [X] Add new Settings Context Menu items for KB and Alerts\r\n
- [X] Add support for `required` entries in initial prompt\r\n* See
[this\r\ntrace](https://smith.langchain.com/public/84a17a31-8ce8-4bd9-911e-38a854484dd8/r)\r\nfor
included knowledge. Note that the KnowledgeBaseRetrievalTool was
not\r\nselected.\r\n* Note: All prompts were updated to include the
`{knowledge_history}`\r\nplaceholder, and _not behind the feature flag_,
as this will just be the\r\nempty case until the feature flag is
enabled.\r\n\r\nTODO (in this or follow-up PR):\r\n - [ ] Add
suggestions to `index` and `fields` inputs\r\n - [ ] Adds URL
deeplinking to securityAssistantManagement\r\n- [ ] Fix bug where
updating entry does not re-create embeddings
(see\r\n[comment](https://github.com/elastic/kibana/pull/194354#discussion_r1786475496))\r\n
- [ ] Fix loading indicators when adding/editing entries\r\n - [ ] API
integration tests for update API (@e40pud)\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [X] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n* Docs being
tracked in\r\nhttps://github.com/elastic/security-docs/issues/5337 for
when feature\r\nflag is enabled\r\n- [ ] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Patryk Kopycinski
<contact@patrykkopycinski.com>","sha":"7df36721923159f45bc4fdbd26f76b20ad84249a","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Feature:Security
Assistant","Team:Security Generative
AI","v8.16.0","backport:version"],"title":"[Security Assistant] V2
Knowledge Base Settings feedback and
fixes","number":194354,"url":"https://github.com/elastic/kibana/pull/194354","mergeCommit":{"message":"[Security
Assistant] V2 Knowledge Base Settings feedback and fixes (#194354)\n\n##
Summary\r\n\r\nThis PR is a follow up to #192665 and addresses a bunch
of feedback and\r\nfixes including:\r\n\r\n- [X] Adds support for
updating/editing entries\r\n- [X] Fixes initial loading experience of
the KB Settings Setup/Table\r\n- [X] Fixes two bugs where
`semantic_text` and `text` must be declared\r\nfor `IndexEntries` to
work\r\n- [X] Add new Settings Context Menu items for KB and Alerts\r\n
- [X] Add support for `required` entries in initial prompt\r\n* See
[this\r\ntrace](https://smith.langchain.com/public/84a17a31-8ce8-4bd9-911e-38a854484dd8/r)\r\nfor
included knowledge. Note that the KnowledgeBaseRetrievalTool was
not\r\nselected.\r\n* Note: All prompts were updated to include the
`{knowledge_history}`\r\nplaceholder, and _not behind the feature flag_,
as this will just be the\r\nempty case until the feature flag is
enabled.\r\n\r\nTODO (in this or follow-up PR):\r\n - [ ] Add
suggestions to `index` and `fields` inputs\r\n - [ ] Adds URL
deeplinking to securityAssistantManagement\r\n- [ ] Fix bug where
updating entry does not re-create embeddings
(see\r\n[comment](https://github.com/elastic/kibana/pull/194354#discussion_r1786475496))\r\n
- [ ] Fix loading indicators when adding/editing entries\r\n - [ ] API
integration tests for update API (@e40pud)\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [X] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n* Docs being
tracked in\r\nhttps://github.com/elastic/security-docs/issues/5337 for
when feature\r\nflag is enabled\r\n- [ ] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Patryk Kopycinski
<contact@patrykkopycinski.com>","sha":"7df36721923159f45bc4fdbd26f76b20ad84249a"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194354","number":194354,"mergeCommit":{"message":"[Security
Assistant] V2 Knowledge Base Settings feedback and fixes (#194354)\n\n##
Summary\r\n\r\nThis PR is a follow up to #192665 and addresses a bunch
of feedback and\r\nfixes including:\r\n\r\n- [X] Adds support for
updating/editing entries\r\n- [X] Fixes initial loading experience of
the KB Settings Setup/Table\r\n- [X] Fixes two bugs where
`semantic_text` and `text` must be declared\r\nfor `IndexEntries` to
work\r\n- [X] Add new Settings Context Menu items for KB and Alerts\r\n
- [X] Add support for `required` entries in initial prompt\r\n* See
[this\r\ntrace](https://smith.langchain.com/public/84a17a31-8ce8-4bd9-911e-38a854484dd8/r)\r\nfor
included knowledge. Note that the KnowledgeBaseRetrievalTool was
not\r\nselected.\r\n* Note: All prompts were updated to include the
`{knowledge_history}`\r\nplaceholder, and _not behind the feature flag_,
as this will just be the\r\nempty case until the feature flag is
enabled.\r\n\r\nTODO (in this or follow-up PR):\r\n - [ ] Add
suggestions to `index` and `fields` inputs\r\n - [ ] Adds URL
deeplinking to securityAssistantManagement\r\n- [ ] Fix bug where
updating entry does not re-create embeddings
(see\r\n[comment](https://github.com/elastic/kibana/pull/194354#discussion_r1786475496))\r\n
- [ ] Fix loading indicators when adding/editing entries\r\n - [ ] API
integration tests for update API (@e40pud)\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [X] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n* Docs being
tracked in\r\nhttps://github.com/elastic/security-docs/issues/5337 for
when feature\r\nflag is enabled\r\n- [ ] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Patryk Kopycinski
<contact@patrykkopycinski.com>","sha":"7df36721923159f45bc4fdbd26f76b20ad84249a"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Garrett Spong <spong@users.noreply.github.com>
 2024-10-09 19:59:46 +02:00
Kibana Machine
0751a8ea34
[8.x] [Cloud Security]Vulnerabilities table in Contextual flyout (#195143) (#195597) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Cloud Security]Vulnerabilities table in Contextual flyout
(#195143)](https://github.com/elastic/kibana/pull/195143)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Rickyanto
Ang","email":"rickyangwyn@gmail.com"},"sourceCommit":{"committedDate":"2024-10-09T13:25:28Z","message":"[Cloud
Security]Vulnerabilities table in Contextual flyout (#195143)\n\n##
Summary\r\n\r\nThis PR is for Vulnerabilities data table in contextual
flyout\r\nIt also addresses the ticket to remove Empty State for Preview
Component\r\n[ticket](https://github.com/elastic/security-team/issues/10746)\r\n<img
width=\"1510\" alt=\"Screenshot 2024-10-07 at 2 14
52 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/3c4cdc86-68c6-439c-96a1-92cece88e42e\">\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Maxim Kholod
<maxim.kholod@elastic.co>","sha":"59f2f85b8a18cc23c7f0c168830fbc304a9346b6","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud
Security","backport:prev-minor","ci:build-cloud-image","ci:project-deploy-security","v8.16.0"],"title":"[Cloud
Security]Vulnerabilities table in Contextual
flyout","number":195143,"url":"https://github.com/elastic/kibana/pull/195143","mergeCommit":{"message":"[Cloud
Security]Vulnerabilities table in Contextual flyout (#195143)\n\n##
Summary\r\n\r\nThis PR is for Vulnerabilities data table in contextual
flyout\r\nIt also addresses the ticket to remove Empty State for Preview
Component\r\n[ticket](https://github.com/elastic/security-team/issues/10746)\r\n<img
width=\"1510\" alt=\"Screenshot 2024-10-07 at 2 14
52 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/3c4cdc86-68c6-439c-96a1-92cece88e42e\">\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Maxim Kholod
<maxim.kholod@elastic.co>","sha":"59f2f85b8a18cc23c7f0c168830fbc304a9346b6"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195143","number":195143,"mergeCommit":{"message":"[Cloud
Security]Vulnerabilities table in Contextual flyout (#195143)\n\n##
Summary\r\n\r\nThis PR is for Vulnerabilities data table in contextual
flyout\r\nIt also addresses the ticket to remove Empty State for Preview
Component\r\n[ticket](https://github.com/elastic/security-team/issues/10746)\r\n<img
width=\"1510\" alt=\"Screenshot 2024-10-07 at 2 14
52 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/3c4cdc86-68c6-439c-96a1-92cece88e42e\">\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Maxim Kholod
<maxim.kholod@elastic.co>","sha":"59f2f85b8a18cc23c7f0c168830fbc304a9346b6"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Rickyanto Ang <rickyangwyn@gmail.com>
 2024-10-09 17:47:38 +02:00
Kibana Machine
0556cfc88f
[8.x] [Cloud Security] Fix vulnerability detection rule creation logic (#195291) (#195596) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Cloud Security] Fix vulnerability detection rule creation logic
(#195291)](https://github.com/elastic/kibana/pull/195291)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT
[{"author":{"name":"Jordan","email":"51442161+JordanSh@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-09T13:18:33Z","message":"[Cloud
Security] Fix vulnerability detection rule creation logic
(#195291)","sha":"fbf3f8b8b24575bd9fdc10e05ed0e5032a1a4340","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud
Security","backport:prev-minor"],"title":"[Cloud Security] Fix
vulnerability detection rule creation
logic","number":195291,"url":"https://github.com/elastic/kibana/pull/195291","mergeCommit":{"message":"[Cloud
Security] Fix vulnerability detection rule creation logic
(#195291)","sha":"fbf3f8b8b24575bd9fdc10e05ed0e5032a1a4340"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195291","number":195291,"mergeCommit":{"message":"[Cloud
Security] Fix vulnerability detection rule creation logic
(#195291)","sha":"fbf3f8b8b24575bd9fdc10e05ed0e5032a1a4340"}}]}]
BACKPORT-->

Co-authored-by: Jordan <51442161+JordanSh@users.noreply.github.com>
 2024-10-09 17:21:01 +02:00
Shahzad
c033f0d0bd
[8.x] [RCA] Events timeline !! (#193265) (#195280) 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[RCA] Events timeline !!
(#193265)](https://github.com/elastic/kibana/pull/193265)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT
[{"author":{"name":"Shahzad","email":"shahzad31comp@gmail.com"},"sourceCommit":{"committedDate":"2024-10-07T13:41:24Z","message":"[RCA]
Events timeline !! (#193265)\n\n## Summary\r\n\r\nEvents timeline
!!\r\n\r\n<img width=\"1728\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/c00c2368-5f7e-4e5e-a6a1-cbcfacb859cd\">\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"89f28025052da4309087014330ed649468fc78b5","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","ci:project-deploy-observability"],"number":193265,"url":"https://github.com/elastic/kibana/pull/193265","mergeCommit":{"message":"[RCA]
Events timeline !! (#193265)\n\n## Summary\r\n\r\nEvents timeline
!!\r\n\r\n<img width=\"1728\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/c00c2368-5f7e-4e5e-a6a1-cbcfacb859cd\">\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"89f28025052da4309087014330ed649468fc78b5"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193265","number":193265,"mergeCommit":{"message":"[RCA]
Events timeline !! (#193265)\n\n## Summary\r\n\r\nEvents timeline
!!\r\n\r\n<img width=\"1728\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/c00c2368-5f7e-4e5e-a6a1-cbcfacb859cd\">\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"89f28025052da4309087014330ed649468fc78b5"}}]}]
BACKPORT-->
 2024-10-08 19:24:39 +02:00