mirror of
https://github.com/elastic/kibana.git
synced 2025-04-24 09:48:58 -04:00
176 commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Kibana Machine
|
6a854ca75b
|
[8.10] [Security Solution][Bug] Fixes visual issue in Safari (#165377) (#165448)
# Backport This will backport the following commits from `main` to `8.10`: - [[Security Solution][Bug] Fixes visual issue in Safari (#165377)](https://github.com/elastic/kibana/pull/165377) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Sergi Massaneda","email":"sergi.massaneda@elastic.co"},"sourceCommit":{"committedDate":"2023-09-01T10:14:51Z","message":"[Security Solution][Bug] Fixes visual issue in Safari (#165377)\n\n## Summary\r\n\r\nFixes issue in descriptions of landing page icons which were always\r\ndisplaying in white color. It only happens in Safari, other browsers\r\nshow the text in the correct color.\r\n\r\nFix: Remove misuse of `color` property in `EuiText` component\r\n\r\nBefore:\r\n\r\n\r\n
Sergi Massaneda
|
0d7f6c5430
|
[8.10][Security Solution][Bug] Fix a11y bug in Safari (#165210)
## Summary Fixes a bug showing the Dashboard card description texts in white color, making it impossible to read. The bug is caused by misuse of the `color="text"` prop of `EuiText`. This has no effect on other browsers, Safari however displays white text. This is an 8.10-only fix, in 8.11 we don't use `EuiText` anymore.  (#165046)
# Backport This will backport the following commits from `main` to `8.10`: - [[Security Solution] Fixes Preconfigured Connectors not working with Assistant (#164900)](https://github.com/elastic/kibana/pull/164900) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Garrett Spong","email":"spong@users.noreply.github.com"},"sourceCommit":{"committedDate":"2023-08-28T20:46:33Z","message":"[Security Solution] Fixes Preconfigured Connectors not working with Assistant (#164900)\n\n## Summary\r\n\r\nFixes Preconfigured Connectors not working with the Assistant, and also\r\nensures default `model` from connector will be used first if available\r\n(instead of defaulting to `gpt-3.5-turbo`).\r\n\r\n<p align=\"center\">\r\n<img width=\"500\"\r\nsrc=\" |
||
|
Kibana Machine
|
c47cdbf1ed
|
[8.10] chore(slo): general enhancement (#164723) (#165032)
# Backport This will backport the following commits from `main` to `8.10`: - [chore(slo): general enhancement (#164723)](https://github.com/elastic/kibana/pull/164723) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Kevin Delemme","email":"kevin.delemme@elastic.co"},"sourceCommit":{"committedDate":"2023-08-28T18:50:38Z","message":"chore(slo): general enhancement (#164723)","sha":"733869e9e5774c4813126c80e8c00532ba8659ed","branchLabelMapping":{"^v8.11.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["backport","release_note:skip","Team: Actionable Observability","v8.10.0","v8.11.0"],"number":164723,"url":"https://github.com/elastic/kibana/pull/164723","mergeCommit":{"message":"chore(slo): general enhancement (#164723)","sha":"733869e9e5774c4813126c80e8c00532ba8659ed"}},"sourceBranch":"main","suggestedTargetBranches":["8.10"],"targetPullRequestStates":[{"branch":"8.10","label":"v8.10.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.11.0","labelRegex":"^v8.11.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/164723","number":164723,"mergeCommit":{"message":"chore(slo): general enhancement (#164723)","sha":"733869e9e5774c4813126c80e8c00532ba8659ed"}}]}] BACKPORT--> Co-authored-by: Kevin Delemme <kevin.delemme@elastic.co> |
||
|
Kibana Machine
|
eb217d5997
|
[8.10] [Security Solution] Adds new Elastic AI Assistant logo and global header menu item (#164763) (#164909)
# Backport This will backport the following commits from `main` to `8.10`: - [[Security Solution] Adds new Elastic AI Assistant logo and global header menu item (#164763)](https://github.com/elastic/kibana/pull/164763) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Garrett Spong","email":"spong@users.noreply.github.com"},"sourceCommit":{"committedDate":"2023-08-26T00:45:43Z","message":"[Security Solution] Adds new Elastic AI Assistant logo and global header menu item (#164763)\n\n## Summary\r\n\r\nAdds new Elastic AI Assistant logo and global header menu item to all\r\nSecurity Solution pages.\r\n\r\nResolves https://github.com/elastic/security-team/issues/7407\r\n\r\nNew logo within the assistant itself (header and assistant avatar):\r\n\r\n<p align=\"center\">\r\n<img width=\"500\"\r\nsrc=\" |
||
|
Kibana Machine
|
0e988a60f2
|
[8.10] chore(slo): optional filter fields (#164630) (#164699)
# Backport This will backport the following commits from `main` to `8.10`: - [chore(slo): optional filter fields (#164630)](https://github.com/elastic/kibana/pull/164630) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Kevin Delemme","email":"kevin.delemme@elastic.co"},"sourceCommit":{"committedDate":"2023-08-24T12:09:31Z","message":"chore(slo): optional filter fields (#164630)","sha":"65573fc93e95d4f64e323b8c1f7bd0cb417414b6","branchLabelMapping":{"^v8.11.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["backport","release_note:skip","Team: Actionable Observability","v8.10.0","v8.11.0"],"number":164630,"url":"https://github.com/elastic/kibana/pull/164630","mergeCommit":{"message":"chore(slo): optional filter fields (#164630)","sha":"65573fc93e95d4f64e323b8c1f7bd0cb417414b6"}},"sourceBranch":"main","suggestedTargetBranches":["8.10"],"targetPullRequestStates":[{"branch":"8.10","label":"v8.10.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.11.0","labelRegex":"^v8.11.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/164630","number":164630,"mergeCommit":{"message":"chore(slo): optional filter fields (#164630)","sha":"65573fc93e95d4f64e323b8c1f7bd0cb417414b6"}}]}] BACKPORT--> Co-authored-by: Kevin Delemme <kevin.delemme@elastic.co> |
||
|
Kibana Machine
|
d27124a99c
|
[8.10] feat(slo): refactor fetch slo definitions hook (#164466) (#164697)
# Backport This will backport the following commits from `main` to `8.10`: - [feat(slo): refactor fetch slo definitions hook (#164466)](https://github.com/elastic/kibana/pull/164466) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Kevin Delemme","email":"kevin.delemme@elastic.co"},"sourceCommit":{"committedDate":"2023-08-24T12:07:02Z","message":"feat(slo): refactor fetch slo definitions hook (#164466)","sha":"b270602601229c5afafa997db99cc4e59ff97a13","branchLabelMapping":{"^v8.11.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["backport","release_note:skip","Team: Actionable Observability","v8.10.0","v8.11.0"],"number":164466,"url":"https://github.com/elastic/kibana/pull/164466","mergeCommit":{"message":"feat(slo): refactor fetch slo definitions hook (#164466)","sha":"b270602601229c5afafa997db99cc4e59ff97a13"}},"sourceBranch":"main","suggestedTargetBranches":["8.10"],"targetPullRequestStates":[{"branch":"8.10","label":"v8.10.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.11.0","labelRegex":"^v8.11.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/164466","number":164466,"mergeCommit":{"message":"feat(slo): refactor fetch slo definitions hook (#164466)","sha":"b270602601229c5afafa997db99cc4e59ff97a13"}}]}] BACKPORT--> Co-authored-by: Kevin Delemme <kevin.delemme@elastic.co> |
||
|
Kibana Machine
|
c94b0f883b
|
[8.10] [Security Solution] Fixes Assistant Connector and Actions RBAC Flow (#164382) (#164645)
# Backport This will backport the following commits from `main` to `8.10`: - [[Security Solution] Fixes Assistant Connector and Actions RBAC Flow (#164382)](https://github.com/elastic/kibana/pull/164382) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Garrett Spong","email":"spong@users.noreply.github.com"},"sourceCommit":{"committedDate":"2023-08-23T21:22:39Z","message":"[Security Solution] Fixes Assistant Connector and Actions RBAC Flow (#164382)\n\n## Summary\r\n\r\nResolves https://github.com/elastic/kibana/issues/159374 by ensuring\r\nthat if a user doesn't have the appropriate `Connectors & Actions`\r\nprivileges, they will be shown the appropriate messaging and any UI\r\ncontrols for adding Connectors will be disabled or unavailable.\r\n\r\n#### Connectors and Actions `NONE` or Connectors and Actions `READ` if\r\n*NO* existing connectors exist:\r\n\r\n<p align=\"center\">\r\n<img width=\"500\"\r\nsrc=\" |
||
|
Kibana Machine
|
109b4b6926
|
[8.10] [ML] Fixes dark mode in flyouts and modals (#164399) (#164559)
# Backport This will backport the following commits from `main` to `8.10`: - [[ML] Fixes dark mode in flyouts and modals (#164399)](https://github.com/elastic/kibana/pull/164399) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"James Gowdy","email":"jgowdy@elastic.co"},"sourceCommit":{"committedDate":"2023-08-23T10:47:18Z","message":"[ML] Fixes dark mode in flyouts and modals (#164399)\n\nA recent EUI change has caused a problem with the theme when using the\r\ndeprecated `toMountPoint` inside `overlays.openFlyout` to create\r\nflyouts.\r\nThis causes the contents of the rendered flyout to not know the current\r\ntheme, this is obvious when running in dark mode.\r\n\r\nThe fix is to switch to the non-deprecated version of `toMountPoint`.\r\n\r\nFlyouts:\r\nCreate anomaly detection job from Lens flyout in Dashboard.\r\nAnomaly swim lane and anomaly chart job embeddables job selection flyout\r\nin Dashboard.\r\nLog pattern analysis flyout in Discover.\r\n\r\nModals:\r\nTrained models start deployment modal.\r\nTrained models force stop deployment modal.\r\nTrained models stop deployment modal when there are multiple\r\ndeployments.\r\n\r\nMisc:\r\nPage not found banner.\r\nJobs list header, which contains the settings button.\r\nDFA clone job warning toast when the original data view no longer\r\nexists.\r\nComponents in ml's date picker package\r\n\r\nFixes https://github.com/elastic/kibana/issues/164379\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Dima Arnautov <arnautov.dima@gmail.com>","sha":"af440aae4b55e3090dc6a7983105fd98e16402ab","branchLabelMapping":{"^v8.11.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["non-issue",":ml","release_note:skip","Feature:ML/AIOps","v8.10.0","v8.11.0"],"number":164399,"url":"https://github.com/elastic/kibana/pull/164399","mergeCommit":{"message":"[ML] Fixes dark mode in flyouts and modals (#164399)\n\nA recent EUI change has caused a problem with the theme when using the\r\ndeprecated `toMountPoint` inside `overlays.openFlyout` to create\r\nflyouts.\r\nThis causes the contents of the rendered flyout to not know the current\r\ntheme, this is obvious when running in dark mode.\r\n\r\nThe fix is to switch to the non-deprecated version of `toMountPoint`.\r\n\r\nFlyouts:\r\nCreate anomaly detection job from Lens flyout in Dashboard.\r\nAnomaly swim lane and anomaly chart job embeddables job selection flyout\r\nin Dashboard.\r\nLog pattern analysis flyout in Discover.\r\n\r\nModals:\r\nTrained models start deployment modal.\r\nTrained models force stop deployment modal.\r\nTrained models stop deployment modal when there are multiple\r\ndeployments.\r\n\r\nMisc:\r\nPage not found banner.\r\nJobs list header, which contains the settings button.\r\nDFA clone job warning toast when the original data view no longer\r\nexists.\r\nComponents in ml's date picker package\r\n\r\nFixes https://github.com/elastic/kibana/issues/164379\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Dima Arnautov <arnautov.dima@gmail.com>","sha":"af440aae4b55e3090dc6a7983105fd98e16402ab"}},"sourceBranch":"main","suggestedTargetBranches":["8.10"],"targetPullRequestStates":[{"branch":"8.10","label":"v8.10.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.11.0","labelRegex":"^v8.11.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/164399","number":164399,"mergeCommit":{"message":"[ML] Fixes dark mode in flyouts and modals (#164399)\n\nA recent EUI change has caused a problem with the theme when using the\r\ndeprecated `toMountPoint` inside `overlays.openFlyout` to create\r\nflyouts.\r\nThis causes the contents of the rendered flyout to not know the current\r\ntheme, this is obvious when running in dark mode.\r\n\r\nThe fix is to switch to the non-deprecated version of `toMountPoint`.\r\n\r\nFlyouts:\r\nCreate anomaly detection job from Lens flyout in Dashboard.\r\nAnomaly swim lane and anomaly chart job embeddables job selection flyout\r\nin Dashboard.\r\nLog pattern analysis flyout in Discover.\r\n\r\nModals:\r\nTrained models start deployment modal.\r\nTrained models force stop deployment modal.\r\nTrained models stop deployment modal when there are multiple\r\ndeployments.\r\n\r\nMisc:\r\nPage not found banner.\r\nJobs list header, which contains the settings button.\r\nDFA clone job warning toast when the original data view no longer\r\nexists.\r\nComponents in ml's date picker package\r\n\r\nFixes https://github.com/elastic/kibana/issues/164379\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Dima Arnautov <arnautov.dima@gmail.com>","sha":"af440aae4b55e3090dc6a7983105fd98e16402ab"}}]}] BACKPORT--> Co-authored-by: James Gowdy <jgowdy@elastic.co> |
||
|
Kibana Machine
|
c45d10890c
|
[8.10] Add indexName to data quality telemetry (#163937) (#164351)
# Backport This will backport the following commits from `main` to `8.10`: - [Add indexName to data quality telemetry (#163937)](https://github.com/elastic/kibana/pull/163937) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Angela Chuang","email":"6295984+angorayc@users.noreply.github.com"},"sourceCommit":{"committedDate":"2023-08-21T18:54:00Z","message":"Add indexName to data quality telemetry (#163937)\n\n## Summary\r\n\r\n\r\n[Staging]( |
||
Garrett Spong
|
847e0cbe72
|
[Security Solution] Adds Connector Selector to Assistant Title Header (#163666)
## Summary Adds a new `ConnectorSelectorInline` component that is displayed below the Assistant title header. Default: <p align="center"> <img width="500" src=" |
||
Dima Arnautov
|
fb6ac2e445
|
[ML] AIOps: Add/edit change point charts embeddable from the Dashboard app (#163694) | ||
Khristinin Nikita
|
cd65fbbacb
|
## Risk score from new Risk Engine showing in UI (#163237)
## Risk score from new Risk Engine showing in UI
What happened in this pr:
1. We create the latest transform and index on the `init` call when we
install resources for Risk Engine. The original plan was to just get
some API layer around our datastream with historical data. But it's not
possible in one all to achieve pagination/sorting/filtering of risk
scores, so we decided to create transforms.
Latest transform: `risk_score_latest_transform_${spaceId}`
Latest Index: `risk-score.risk-score-latest-${spaceId}`
2. To get the risk score to UI we use the existing search strategy from
the old risk score module, and just pass the new index to the search
3. UI are the same except for the single host/user risk score page, when
we change the explanation parts and instead of the old UI, we will show
alerts table with grouping etc.
<img width="1365" alt="Screenshot 2023-08-09 at 16 19 20"
src="
|
||
|
Sergi Massaneda
|
560c87179b
|
[Security Solution][Unified IA] New sections with landing page (#163102)
## Summary closes: https://github.com/elastic/kibana/issues/157847 The new links and pages in Security Solution for Serverless: - `Investigations` - `Timelines` - `Osquery` - `Assets` - `Fleet` (and all its sub-links) - `Endpoints` (and all its sub-links) - `Cloud defend` (and all its sub-links) - Callout with button linking `Integrations` in Project Setting - `Project settings` - `Users & roles` (Cloud UI) - `Billing & consumption` (Cloud UI) - `Integrations` (link to integrations with _/browse/security_ path parameter) - `Entity risk score` (link currently under the `riskScoringRoutesEnabled` experimental flag) - `Management` accordion with a set of (stack) management categories and pages links Sections updated: (ESS & Serverless) `Rules` links have been updated according to new specs. (ESS) The `Settings` page was renamed back to `Manage`. (Serverless) The `Dev tools` link was moved to the bottom of the side navigation. #### Cypress tests for serverless: They will be implemented in a follow-up PR when the infrastructure is ready https://github.com/elastic/kibana/pull/162698 ## Screenshots ### Serverless Investigations: 
Steph Milovic
|
d829927dbe
|
[Security Solution] AI Assistant telemetry (#162653) | ||
Trevor Pierce
|
83d9644b74
|
Upgrade EUI to v86.0.0 (#163088)
`85.1.0` ➡️ `86.0.0` ⚠️ The biggest change in this PR is migrating the `react-beautiful-dnd` dependency to it's open-source forked successor, `@hello-pangea/dnd`. This new fork has better typescript support and additionally supports both React 17 and React 18. ## [`86.0.0`](https://github.com/elastic/eui/tree/v86.0.0) - Added React 18 support (StrictMode not yet supported). ([#7012](https://github.com/elastic/eui/pull/7012)) **Deprecations** - Deprecated `euiPaletteComplimentary`; Use `euiPaletteComplementary` instead. ([#6992](https://github.com/elastic/eui/pull/6992)) **Breaking changes** - Replaced the underlying drag-and-drop library from `react-beautiful-dnd` to its fork `@hello-pangea/dnd` ([#7012](https://github.com/elastic/eui/pull/7012)) ([#7012](https://github.com/elastic/eui/pull/7012)) - No code updates are needed if using only `<EuiDragDropContext>`, `<EuiDroppable>` and `<EuiDraggable>` with no direct imports from `react-beautiful-dnd`. In case you were importing things from `react-beautiful-dnd` and using them together with EUI components, you need to switch to `@hello-pangea/dnd` which has cross-compatible API. --------- Co-authored-by: Tomasz Kajtoch <tomasz.kajtoch@elastic.co> Co-authored-by: Tomasz Kajtoch <tomek@kajto.ch> Co-authored-by: Cee Chen <549407+cee-chen@users.noreply.github.com> Co-authored-by: Drew Tate <andrew.tate@elastic.co> |
||
Angela Chuang
|
e0c3c525ed
|
[SecuritySolution] Telemetry for data quality dashboard (#162680)
## Summary
https://github.com/elastic/security-team/issues/6531
### Success Criteria [Telemetry]
- [x] Date and time of the check
- [x] Number of indices that were checked
- [x] Time it took for each quality check to complete
- [x] Number of failures, if any
- [x] Number of incompatible fields per index
- [x] Identifying the fields that are incompatible to spot recurring
mapping conflicts in customers' environments - an array of incompatible
fields
- [x] Identifying unallowed values to determine patterns of unallowed
values found in customers' environments - an array of incompatible
fields
- [x] Number of documents per cluster, index pattern, and index -
pattern not tracked, index is tracked by uuid
- [x] Storage information per cluster, index pattern, and index -
pattern not tracked, index is tracked by uuid
### Additional properties tracked:
1. batchId: events triggered by the same action share the same batchId
2. ecsVersion
[sample
data](
|
||
Walter Rafelsberger
|
da0fb1d987
|
[ML] AIOps: Auto-detect if spike or dip selected in log rate analysis. (#163100)
This updates log rate analysis to be able to auto-detect whether the selected deviation is a spike or dip compared to the baseline time range. To achieve this, we compare the median bucket size of the two selections. If a dip gets detected, the analysis will then switch the window parameters sent to the API endpoint to run the analysis. An info callout points out the auto-selected analysis type and explains to which time range the analysis results refer to. We need to do this to make it clear that for dip analysis the significant terms and their doc counts refer to the baseline time range and vice versa for spike analysis. |
||
Chris Cowan
|
d87d998a2e
|
[SLO] Add support to burn rate visualization for group by (#163125)
## Summary This PR fixes #163121 by adding support for the `instanceId` the burn rate endpoint. This also updates the burn rate visualization to send the `instanceId` as an optional attribute to the post body JSON object. ```JSON POST /internal/observability/slos/6bad8fe0-323b-11ee-ac4c-37263913b2b5/_burn_rates { "windows": [ { "name": "CRITICAL_LONG", "duration": "1h" }, { "name": "CRITICAL_SHORT", "duration": "5m" }, { "name": "HIGH_LONG", "duration": "6h" }, { "name": "HIGH_SHORT", "duration": "30m" }, { "name": "MEDIUM_LONG", "duration": "24h" }, { "name": "MEDIUM_SHORT", "duration": "120m" }, { "name": "LOW_LONG", "duration": "72h" }, { "name": "LOW_SHORT", "duration": "360m" } ], "instanceId": "you-got.mail" } ``` |
||
Kevin Delemme
|
498d6fdccc
|
feat(slo): Handle instanceId for historical summary (#163114) | ||
|
Kevin Delemme
|
7d3fe32976
|
feat(slo): Introduce group by (#163008) | ||
|
Walter Rafelsberger
|
0dabaca508
|
[ML] AIOps: Adds dip support for log rate analysis in observability alert details page. (#162476)
Adds support for analysing dips for log rate analysis on Observability's alert details page. - This removes the filter against `Comparator.GT/Comparator.GT_OR_EQ` which hides log rate analysis for log threshold alerts. Instead an `analysisType` is passed on to log rate analysis: When analysing dips the baseline and deviation ranges will be switched for both the analysis and the brush labels on the document count chart. - Updates all references to "spikes" only in UI text, e.g. the AI Assistant prompt. |
||
Pablo Machado
|
b95241f9ff
|
[Security Solutions] Add PLI authorisation for Threat Intelligence (#162562)
## Summary
Add PLI authorization checks for the Intelligence page.
*This PR restricts access to the features* and creates a simplified
Upselling page.
* Rename `threat_intelligence-indicators` page name to
`threat_intelligence` to simplify the code
### Not included
* Final Upselling/PLG design
### How to test it?
#### ESS `yarn start`
* Run ESS with a basic license
* It should not change
* Run ESS with a platinum
* It should not change
#### Serverless `yarn serverless-security`
* Run Serverless with security essentials (serverless.security.yml)
* It should show the new Threat Intelligence Upsell
```
xpack.serverless.security.productTypes:
[
{ product_line: 'security', product_tier: 'essentials' }
]
```
* Run Serverless with security complete
(kibana/config/serverless.security.yml)
* It should show the Therat Intelligence page
```
xpack.serverless.security.productTypes:
[
{ product_line: 'security', product_tier: 'complete' },
]
```
<img width="1785" alt="Screenshot 2023-07-26 at 15 59 52" src="
|
||
|
Kevin Delemme
|
757c881b9a
|
feat(slo): introduce new search capabilities (#162665) | ||
Quynh Nguyen (Quinn)
|
eebc0a4245
|
[ML] Add map view for models in Trained Models and expand support for models in Analytics map (#162443)
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> |
||
|
Walter Rafelsberger
|
96de1482e0
|
[ML] @kbn/ml-response-stream: Fix race condition related to throttling. (#162803)
Fixes a race condition in the case where a response stream finishes and sets `isRunning` to `false`, but `useThrottle` didn't trigger it's last update yet within the refresh rate. In the case of log rate analysis, `isRunning` could be set to `false` too early and the UI wouldn't consider later throttled updates (for example, setting `loaded=1` which would result in inconsistent UI state). The fix in this case is to return the unthrottled raw data instead of the throttled one as soon as the stream finished. |
||
|
Quynh Nguyen (Quinn)
|
0728003865
|
[ML] Add new Data comparison view (#161365)
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
James Gowdy
|
716ecb8a04
|
[ML] Log pattern analysis field validation (#162319)
Uses the recently created [category validation package](https://github.com/elastic/kibana/pull/161261) to perform validation on the field selected for pattern analysis. If the field is considered unsuitable for categorization, a warning callout is displayed which lists the reasons it is unsuitable. If the field is suitable, no callout is displayed. Other changes: - Adds the selected field to the URL state, so it is remembered on page refresh. - If no field is in the URL, it will look for a field called `message` in the data view and auto select it. - renames the ML route `/jobs/categorization_field_examples` to `/jobs/categorization_field_validation` as it is a more accurate name and it's consistent with the newly added route in AIOPs. **Log Pattern Analysis page in ML** 
Thomas Watson
|
d213ed274c
|
Upgrade ESLint React plugins (#162464) | ||
Ievgen Sorokopud
|
5f913066a9
|
[Security Solution] Fix Accessibility Tests (#162143)
## Summary This PR un-skips security solution a11y tests. There were four main issues fixes: 1. All list items (`li`) must be contained within `ul` or `ol` parent elements: https://dequeuniversity.com/rules/axe/4.6/listitem?application=axeAPI 2. Lists must be marked up correctly, meaning they must not contain content elements other than `li` elements: https://dequeuniversity.com/rules/axe/4.6/list?application=axeAPI 3. Ensures elements marked `role="img"` elements have alternate text: https://dequeuniversity.com/rules/axe/4.6/role-img-alt?application=axeAPI 4. Each `select` element must have a programmatically associated label element: https://dequeuniversity.com/rules/axe/4.6/select-name?application=axeAPI Fixes next tests: 1. https://github.com/elastic/kibana/issues/95707 2. https://github.com/elastic/kibana/issues/101923 |
||
|
Walter Rafelsberger
|
0ab24e566c
|
[ML] AIOps: Use Kibana's http service instead of fetch, fix throttling. (#162335)
- Originally Kibana's `http` service did not support receiving streams, that's why we used plain `fetch` for this. This has been fixed in #158678, so this PR updates the streaming helpers to use Kibana's `http` service from now on. - The PR also breaks out the response stream code into its own package and restructures it to separate client and server side code. This brings down the `aiops` bundle size by `~300KB`! 🥳 - The approach to client side throttling/buffering was also revamped: There was an issue doing the throttling inside the generator function, it always waited for the timeout. The buffering is now removed from `fetchStream`, instead `useThrottle` from `react-use` is used on the reduced `data` in `useFetchStream`. Loading log rate analysis results got a lot snappier with this update! |
||
|
Sergi Massaneda
|
3d6dbd4ad7
|
[Security Solution] Unified IA Project Navigation (#161667)
## Summary
Implementation of serverless-specific pages within the Unified IA
Navigation.
#### Links implemented:
- `Machine Learning`
- Landing page created on serverless only
- All links in the landing page go to `/ml` app
- `Dev Tools`
- Links directly to `/dev_tools` app
 | ||
Faisal Kanout
|
6bae659a1d
|
[AO][SERVERLESS] Create serverless integration tests for the Threshold rule #161458 (#161569)
## Summary It fixes #161458 by adding API integration tests for the Threshold rule, with many scenarios (file per scenario), and each scenario has a complete life-cycle ### The scenario life-cycle - Generating data using the `fake_host` dataset from the high-card - Create a DataView based on the generated data - Create the rule and wait to be active - Get the fired alert and matches its value - Clean up ### The covered scenarios - Avg. percentage, fires alert - Avg. percentage, fires alert with no data - Custom equation on bytes filed, fires alert - Doc count, fires alert - Group by two fields, fires alert. --------- |
||
|
Walter Rafelsberger
|
11cc1e1be6
|
[ML] AIOps: Rename Explain Log Rate Spikes to Log Rate Analysis. (#161764)
## Summary Part of #161832. This PR renames the Explain Log Rate Spikes feature to **Log Rate Analysis**. - [x] Renamed references in `docs/developer/*` - [x] Updated docs screenshots - [x] Redirect in docs - [x] Redirect urls from `explain_log_rate_spikes` to `log_rate_analysis` - [x] API versioning - [x] Renamed navigation links - [x] Renamed variable names - [x] Renamed file names - [x] Renamed i18n ids - [x] Renamed breadcrumbs - [x] Removed hard coded `AIOPS_ENABLED` feature flag |
||
|
James Gowdy
|
219426dc7a
|
[ML] Creating category validation package (#161261)
Moves the server and client side code which performs analysis on data to
see whether it is suitable for categorization.
This is currently only used by the categorization job wizard to display
this callout:
## Summary Resolves System Prompt not sending issues: https://github.com/elastic/kibana/issues/161809 Also resolves: - [X] Not being able to delete really long Conversation, System Prompt, and Quick Prompt names - [X] Fix user/all System Prompts being overridden on refresh - [X] Conversation without default System Prompt not healed if it is initial conversation when Assistant opens (Timeline) - [X] New conversation created from Conversations Settings not getting a connector by default - [X] Current conversation not selected by default when settings gear is clicked (and other assistant instances exist) - [X] Sent to Timeline action sends anonymized values instead of actual plaintext - [X] Clicking Submit does not clear the text area - [X] Remove System Prompt Tooltip - [X] Fixes confusion when System or Quick Prompt is empty by adding a placeholder value - [X] Shows (empty prompt) in System Prompt selector when the Prompt content is empty - [X] Fixes connector error callout flashing on initial load - [X] Shows `(empty prompt)` text within Prompt Editor when prompt content is empty to prevent confusion ### Checklist Delete any items that are not applicable to this PR. - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios |
||
|
Steph Milovic
|
11cf01ea43
|
[Security solution] AI Assistant Fix Up (#161784) | ||
|
Garrett Spong
|
b323923e65
|
[Security Solution] [Elastic AI Assistant] Consolidates settings into a single modal (#160468)
## Summary This PR fixes the disjointed settings across the assistant by combining them all into a single settings modal. It also resolves the Connector `Model` configuration not being available when using the `OpenAI` variant of the GenAI Connector. Additional issues resolved: - [x] Clearing conversation doesn't restore default system prompt - [X] Double repeated welcome prompt - [X] Clicking skip button broken Resolves: https://github.com/elastic/security-team/issues/7110 Resolves: https://github.com/elastic/kibana/pull/161039#pullrequestreview-1517129764 Resolves: https://github.com/elastic/kibana/pull/161027#pullrequestreview-1523018176 #### Conversations <p align="center"> <img width="500" src=" |
||
Luke
|
ca3146f0ca
|
[Security Solution] Store last conversation in localstorage #6993 (#161373) | ||
|
Chris Cowan
|
06f7cbf9b6
|
[SLO] Add indicator to support histogram fields (#161582)
## Summary
This PR add a new indicator to support histogram fields. This will allow
you to either use a `range` aggregation or `value_count` aggregation for
the good and total events; including support for filtering with KQL on
both event types. When using a `range` aggregation, both the `from` and
`to` thresholds are required for the range and events will be to total
number of events within that range.[ Keep in mind, with the `range`
aggregation, the range includes the `from` value and excludes the `to`
value.](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-bucket-range-aggregation.html)
This PR also includes support for using the histogram field for a
"Custom Metric" indicator, `sum` is calculated on the values and not the
counts. If you need it calculated on the counts then you have to use the
histogram indicator.
<img width="776" alt="image"
src="
|
||
|
Steph Milovic
|
6673ffbf18
|
[Security solution] Elastic Assistant adds beta label (#161682) | ||
Jatin Kathuria
|
091b5c133b
|
[Security Solution][Security Assistant] Investigate in timeline control should be visible only on eligible queries. (#161240)
## Summary Handles elastic/security-team#6971 This PR mainly resolved below 3 issues: ### Rename to `Add To Timeline` control in conversation code blocks to `Investigate in Timeline` - `Add to Timeline` according to existing Security Solution actions means, adding a condition to the timeline with an `OR` clause without affecting the existing Timeline. - But the `Add to Timeline` control in the Security Assistant, creates a new timeline on each action by the user, which contradicts the above workflow. Hence, it might confuse user. - `Investigate in Timeline` already means that a new timeline will be created. ### `Add To Timeline` control was visible on types of codeblock. For example, it does not make sense for a `Query DSL` to have an `Add to Timeline` control. - This PR adds the list of eligible types of queries/code blocks on which `Add To Timeline` action can be added. - Currently, that list only contains `kql`, `dsl` and `eql`. Below is the complete list of types of query that can occur in code blocks. - Please feel free to suggest a change. ``` 'eql' | 'kql' | 'dsl' | 'json' | 'no-type'; ``` ### Lazy calculation of CodeBlockPortals and CodeBlock Action container - To add controls to the conversation code blocks, we need to follow below 2 steps. 1. get the codeBlock containers on which the controls can be added. 2. create portals in the HTML container with our `Add to Timeline` control. - Below are issues these steps sometime created. 1. We get codeBlock container in the `useLayoutEffect` but at the time, all conversations might not have loaded because of which containers are returns as the undefined. 2. Then, we try to create portal in the `undefined` container, which fails and hence, `Add to Timeline` controls are not visible. - Solution: 1. Instead of getting the codeblock container in useLayoutEffect, we get the function which will eventually return that container, whenever we are creating the portal. 2. Converted codeBlock Portal to a callback such that callback can be called during the rendering which makes sure that all needed conversations are available and using above step we can easily get the portal containers. Feel free to let me know if there are any issues with above strategy. ### Better Pattern matching. - Currently, when we are trying to identify the type of codeblock it might result in unexpected output because of below reason. 1. Let say, we are trying to identify KQL Query and for that we use below phrases to match in the `OpenAI` response. `'Kibana Query Language', 'KQL Query'` 2. Because of this, if the `OpenAI` response contains the phrase `KQL query` or `kql query`, that fails because of case senstivity when searching the above phrases. 3. This PR makes that part of pattern matching case insensitive ### Before |
||
|
Steph Milovic
|
ac0630015f
|
[Security solution] Create AI assistant availability model (#161027) | ||
|
Pablo Machado
|
6db79db1e0
|
[Security Solutions] Update Events/alerts table to use FieldSpec for CellActions (#161361)
EPIC: https://github.com/elastic/kibana/issues/144943 ## Summary Update Events/alerts table to provide `CellActions` with a complete `FieldSpec`object from DataView ### Affected pages: * Alerts page * Security Dashboards * Rule preview * Host events * Users events ### How to test it Use CellActions on one of the affected pages. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
Christos Nasikas
|
67fc8333e7
|
[Actions] Set system actions on Kibana start (#160983)
## Summary This PR: - Adds the ability to create system action types - Creates system connectors on Kibana `start` from the system action types - Prevents system action to be created/updated/deleted - Return system actions from the get/getAll endpoints ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios ### For maintainers - [x] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> |
||
|
Jatin Kathuria
|
75bd6dd854
|
[Security Solution][Security Assistant] Fixes relationship between system prompts & conversations (#161039)
## Summary This PR handles bugs - elastic/security-team#6977 - https://github.com/elastic/security-team/issues/6978 - elastic/security-team#6979. Currently, below operations between System Prompts and Conversarions do not work. 1. When a prompt is set as default for all conversation, it should be automatically selected for any new conversation user creates. 2. When a new prompt is creates and set as default for all conversation, it should be automatically selected for any new conversation user creates. 3. When a prompt is edited such that, it is default for only certain conversation, it should be automatically selected for that conversation. 4. When a prompt is edited such that conversations are removed to have that default prompt, it should be automatically removed from conversation default system prompt list. In addition to above scenarios, this PR also handles one more bug. Consider below interface of Conversation which has a property `apiConfig.defaultSystemPrompt` is of type Prompt. It has been changed from `defaultSystemPrompt?: Prompt` to `defaultSystemPrompt?: string` where it will store `promptId` instead of complete prompt. The current model was posing a problem where, if a prompt was updated, all its copies in `Conversation` were needed to be updated leading to inconsistencies. This is now resolved. ```typescript export interface Conversation { apiConfig: { connectorId?: string; defaultSystemPrompt?: Prompt; provider?: OpenAiProviderType; }; id: string; messages: Message[]; replacements?: Record<string, string>; theme?: ConversationTheme; isDefault?: boolean; } ``` |
||
Bree Hall
|
4cf630bfec
|
Upgrade EUI to 83.0.0 (#160813)
`eui@82.1.0` ⏩ `83.0.0` ⚠️ The biggest change in this PR by far is the `EuiButtonEmpty` Emotion conversion, which changes the DOM structure of the button slightly as well as several CSS classes around it. EUI has attempted to convert any custom EuiButtonEmpty CSS overrides where possible, but would super appreciate it if CODEOWNERS checked their touched files. If anything other than a snapshot or test was touched, please double check the display of your button(s) and confirm everything still looks shipshape. Feel free to ping us for advice if not. --- ## [`83.0.0`](https://github.com/elastic/eui/tree/v83.0.0) **Bug fixes** - Fixed `EuiPaginationButton` styling affected by `EuiButtonEmpty`'s Emotion conversion ([#6893](https://github.com/elastic/eui/pull/6893)) **Breaking changes** - Removed `isPlaceholder` prop from `EuiPaginationButton` ([#6893](https://github.com/elastic/eui/pull/6893)) ## [`82.2.1`](https://github.com/elastic/eui/tree/v82.2.1) - Updated supported Node engine versions to allow Node 16, 18 and >=20 ([#6884](https://github.com/elastic/eui/pull/6884)) ## [`82.2.0`](https://github.com/elastic/eui/tree/v82.2.0) - Updated EUI's SVG icons library to use latest SVGO v3 optimization ([#6843](https://github.com/elastic/eui/pull/6843)) - Added success color `EuiNotificationBadge` ([#6864](https://github.com/elastic/eui/pull/6864)) - Added `badgeColor` prop to `EuiFilterButton` ([#6864](https://github.com/elastic/eui/pull/6864)) - Updated `EuiBadge` to use CSS-in-JS for named colors instead of inline styles. Custom colors will still use inline styles. ([#6864](https://github.com/elastic/eui/pull/6864)) **CSS-in-JS conversions** - Converted `EuiButtonGroup` and `EuiButtonGroupButton` to Emotion ([#6841](https://github.com/elastic/eui/pull/6841)) - Converted `EuiButtonIcon` to Emotion ([#6844](https://github.com/elastic/eui/pull/6844)) - Converted `EuiButtonEmpty` to Emotion ([#6863](https://github.com/elastic/eui/pull/6863)) - Converted `EuiCollapsibleNav` and `EuiCollapsibleNavGroup` to Emotion ([#6865](https://github.com/elastic/eui/pull/6865)) - Removed Sass variables `$euiCollapsibleNavGroupLightBackgroundColor`, `$euiCollapsibleNavGroupDarkBackgroundColor`, and `$euiCollapsibleNavGroupDarkHighContrastColor` ([#6865](https://github.com/elastic/eui/pull/6865)) --------- Co-authored-by: Cee Chen <constance.chen@elastic.co> Co-authored-by: Jeramy Soucy <jeramy.soucy@elastic.co> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> |
||
|
Chris Cowan
|
099835fad5
|
[SLO] Support filters for good/total custom metrics (#161308)
## Summary
This PR adds support for applying a KQL filter to the good/total
metrics.
<img width="858" alt="image"
src="
|
||
|
Pablo Machado
|
360c4c30fd
|
[SecuritySolutions] Update CellActions to support all types used by Discover (#160524)
Original issue: https://github.com/elastic/kibana/issues/144943 ## Summary * Update CellActions value to be `Serializable`. * Update Default Actions and SecuritySolution Actions to allowlist the supported Kibana types. * Add an extra check to Action's `execute` to ensure the field value is compatible. ### How to test it? * Open Discover and create a saved search with many different field types * Go to Security Solutions dashboards * Create a new dashboard and import the saved search * Test the created dashboard inside Security Solutions ### Checklist - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |