### Summary
Remove history and backfill transforms, leaving latest transform in
place.
Notable changes to latest transform:
- it does not read from history output anymore but source indices
defined on the definition
- it defines a `latest.lookbackPeriod` to limit the amount of data
ingested, which defaults to 24h
- each metadata aggregation now accepts a
`metadata.aggregation.lookbackPeriod` which defaults to the
`latest.lookbackPeriod`
- `entity.firstSeenTimestamp` is removed. this should be temporary until
we have a solution for
https://github.com/elastic/elastic-entity-model/issues/174
- latest metrics used to get the latest pre-computed value from history
data, but is it now aggregating over the `lookbackPeriod` in the source
indices (which can be filtered down with `metrics.filter`)
- `latest` block on the entity definition is now mandatory
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Mark Hopkin <mark.hopkin@elastic.co>
This introduces a "Logs Overview" component for use in solution UIs
behind a feature flag.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Kerry Gallagher <471693+Kerry350@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
## Summary
This PR is a follow up to #192665 and addresses a bunch of feedback and
fixes including:
- [X] Adds support for updating/editing entries
- [X] Fixes initial loading experience of the KB Settings Setup/Table
- [X] Fixes two bugs where `semantic_text` and `text` must be declared
for `IndexEntries` to work
- [X] Add new Settings Context Menu items for KB and Alerts
- [X] Add support for `required` entries in initial prompt
* See [this
trace](https://smith.langchain.com/public/84a17a31-8ce8-4bd9-911e-38a854484dd8/r)
for included knowledge. Note that the KnowledgeBaseRetrievalTool was not
selected.
* Note: All prompts were updated to include the `{knowledge_history}`
placeholder, and _not behind the feature flag_, as this will just be the
empty case until the feature flag is enabled.
TODO (in this or follow-up PR):
- [ ] Add suggestions to `index` and `fields` inputs
- [ ] Adds URL deeplinking to securityAssistantManagement
- [ ] Fix bug where updating entry does not re-create embeddings (see
[comment](https://github.com/elastic/kibana/pull/194354#discussion_r1786475496))
- [ ] Fix loading indicators when adding/editing entries
- [ ] API integration tests for update API (@e40pud)
### Checklist
Delete any items that are not applicable to this PR.
- [X] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
* Docs being tracked in
https://github.com/elastic/security-docs/issues/5337 for when feature
flag is enabled
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Patryk Kopycinski <contact@patrykkopycinski.com>
## Summary
Part of #187772.
We had a mix of passing around `embeddingOrigin` via props and context.
This PR cleans this up, `embeddingOrigin` is now be required to be
passed in on the outer most component and will then be used internally
via context only.
The PR also renames references to `AppDependencies` to
`AiopsAppContextValue`. Originally, this context was used only to pass
in dependencies to be used via `useKibana`. Over time this changed a bit
and we started passing in other non-changing values, the naming change
now reflects that more properly and brings the name in line with the
other context related vars like `AiopsAppContext.Provider` and
`useAiopsAppContext`.
### Checklist
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
Fixes https://github.com/elastic/kibana/issues/190710
Adds an additional check for `query_string` to the query creating
function to adjust the query if only a single `query_string` condition
is being used.
This function was originally only used for pattern analysis, but has
been renamed and moved to a common location so change point analysis can
also use it.
## Summary
Related https://github.com/elastic/kibana/issues/193473
Add initial implementation of the knowledge base artifact builder. This
PR only introduces the builder script, it doesn't do anything about
automation.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
*Epic:** https://github.com/elastic/security-team/issues/9401 (internal)
## Summary
This PR includes Security Solution OpenAPI domain bundles into the production OpenAPI Kibana bundle. The result Kibana bundler is expected to be published to Bump.sh manually by @lcawl.
In an attempt to make Reviewing easier and more accurate, the
implementation of Vulnerabilities on Host.name flyout in Alerts Page
will be split into 2 Phases
Phase 1: Move Functions, Utils or Helpers, Hooks, constants to Package
Phase 2: Implementing the feature
This is Phase 2
<img width="1465" alt="Screenshot 2024-09-20 at 5 33 01 PM"
src="https://github.com/user-attachments/assets/cabe2f3a-d35a-4825-9fe5-61fe2d570328">
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Maxim Kholod <maxim.kholod@elastic.co>
## Summary
Closes - https://github.com/elastic/kibana/issues/192471
Closes - https://github.com/elastic/kibana/issues/191055
The PR adds Flyout to the Degraded Fields inside the Dataset Quality
Details page where the Root Cause of the Degraded Field is diagnosed.
## Pending Items
- [x] API Tests for 1 new and 2 old API modifications
- [x] E2E Tests for the Flyout
## How to test this
NOTE (Below guide is for Stateful, you can do the same for serverless)
- Checkout the PR using - `gh pr checkout 192370`
1. Start the FTR server using the command below
```
yarn test:ftr:server --config ./x-pack/test/functional/apps/dataset_quality/config.ts
```
2. Go to the following path - `x-pack/test/functional/apps/dataset_quality/degraded_field_flyout.ts`
3. Comment out the 2 `after` blocks present at Line - 54-56 and 414-416
4. Run the FTR runner using the command below
```
yarn test:ftr:runner --config ./x-pack/test/functional/apps/dataset_quality/config.ts --include ./x-pack/test/functional/apps/dataset_quality/degraded_field_flyout.ts
```
Let the test run and go green
5. Navigate to `http://localhost:5620/app/management/data/data_quality/`
username - `test_user` and password - `changeme`
6. Select the `degraded.dataset.rca` dataset
You will have an environment ready to test the flyout different
scenarios
## Demo
## Field Limit and Ignore above isse
## Warning about not current quality issue
## Blocker
There is an Elasticsearch issue on Serverless, which becomes a blocker
for merging this PR
https://github.com/elastic/elasticsearch-serverless/issues/2815
## Summary
Fixes https://github.com/elastic/kibana/issues/175298
Improve synthetics alerting !!
User will be able to create custom synthetics status alert by defining
three kind of criteria
### Monitor is down over last consective checks with threshold
<img width="639" alt="image"
src="390da238-f7f2-4eb0-9606-3279b3199fdf">
### From Locations threshold
Will be considered down only when from defined number of locations
<img width="618" alt="image"
src="24741a10-0880-4247-9048-8ce03df25bf5">
### Over time with checks threshold just like uptime custom status alert
<img width="631" alt="image"
src="64e1c808-8d4b-4dd0-b794-eb7f4e5d1e6b">
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Dominique Clarke <dominique.clarke@elastic.co>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Maryam Saeidi <maryam.saeidi@elastic.co>
Co-authored-by: Justin Kambic <jk@elastic.co>
This PR implements tier-based gating for custom notification messages in
Protections. Only users on the Endpoint Complete tier will have the
ability to modify these messages, while users on the Endpoint Essentials
tier will no longer have this capability. If a user on the Essentials
tier had made any changes to custom notifications before this update,
those messages will be reset to the default ones.
The changes are applied in three areas:
1. UI - An upsell banner is displayed for Essentials users.
2. API - We now prevent API calls that attempt to set or modify custom
notification messages for Essentials users.
3. Policy Watcher - Upon Kibana startup (e.g., after a downgrade), we
validate all policies for tier compliance. If a policy contains a custom
notification message and the user is on the Essentials tier, the message
will be reset to the default.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Part of https://github.com/elastic/kibana/issues/138222
This PR finilizes the breaking type fixes that are needed for upgrade to
React@18.
Most of the remaining issues are muted with "@ts-expect-error" are
tricky or could be runtime bugs that need to be looked at.
**Since the types changes are backward compatible (except the new APIs)
we can upgrade to @types/react@18 now so that we "save" the progress and
all the code in Kibana from now on is written in compatbile for react@18
way from types perspective.**
## Summary
On cloud environments we don't send the LangSmith credentials through
the `GET /evaluate` route which returns available datasets for
selection, so the datasets are never populated. Since the Dataset field
didn't allow custom options, this means you couldn't perform evals in
cloud environments.
This PR updates the Dataset field to take custom options so that you can
manually enter the dataset name in cloud environments:
<p align="center">
<img width="500"
src="https://github.com/user-attachments/assets/4828e085-180c-42bb-9656-34bda57b74b5"
/>
</p>
To test, enable the below feature flag to show the evaluation tab under
settings:
```
xpack.securitySolution.enableExperimental:
- "assistantModelEvaluation"
```
### [Security Solution] [Attack discovery] Use common replacements function
This PR is a follow-up to <https://github.com/elastic/kibana/pull/193428>, to make use of the common function for replacing anonymized values with original values
## Summary
#### Notes for reviewers
https://github.com/elastic/elasticsearch/pull/113455 PR has to be merged
first to support `min_number_of_allocation: 0`. At the moment it's not
possible to start a `Low` vCPUs usage deployment from the UI.
Resolves#189975
- Updates the Start/Update model deployment dialogue, replacing
allocation and threading params with use cases and advanced settings
with vCPUs/VCUs controls.
The vCPUs (or VCUs for serverless env) are derived from the number of
allocations times threads per allocation.
_Optimised for ingest_ sets 1 thread per allocation.
_Optimised for search_ for low vCPUs level sets 2 threads per
allocation, and the maximum available number of threads for medium and
high. This value is limited to the `max_single_ml_node_processors`.
vCPUs control acts differently depending on "Adaptive resources".
- When On, it enables `adaptive_allocations` and sets the range
`min_number_of_allocations` and `max_number_of_allocations` based on the
use-case (threads per allocation) and cluster configuration.
- For cloud deployments with enabled ML autoscaling, vCPUs ranges are 1
-2 for, 2-32, 33-max
- For on-prem deployments and cloud deployments with disabled
autoscaling, vCPUs ranges are based on the hardware limitations. E.g.
with `total_ml_processors` = 32, and `max_single_ml_node_processors` =
16 ranges are 1-2, 3-16, 17-32.
- When Off, it sets a static `number_of_allocations`. The number of
allocations is an upper bound of the ranges mentioned above.
For serverless deployments adaptive resources are enabled at all times,
and control is hidden.
<img width="795" alt="image"
src="https://github.com/user-attachments/assets/20b2528f-b631-49f9-82f8-fef6175873fd">
- Start deployment modal checks if there is a deployment optimized for a
certain use case, and sets another use case by default. E.g. If an
optimized deployment for a certain use case (e.g., ingestion) is found,
the modal will set a different use case (e.g., search) as the default
upon opening.
- For the cloud deployments, also display a message about vCPU values in
the Cloud Console and a link to edit the deployment:
<img width="791" alt="image"
src="https://github.com/user-attachments/assets/2f98ebca-579e-43c1-ab78-e0dd38ce4786">
- For Serverless, the "Adaptive Resources" control is hidden, as
adaptive allocations are enabled at all times.
<img width="659" alt="image"
src="https://github.com/user-attachments/assets/8133ebf9-6b2b-4fea-95f1-7351cfcf85b6">
- Update action was updated accordingly. As it is not possible to update
threads per allocation, the optimize control is disabled. Advanced
settings are expanded by default and allows the user to adjust vCPUs
level and enable/disable adaptive resources.
<img width="785" alt="image"
src="https://github.com/user-attachments/assets/13c3f0bc-4436-4528-8641-d33eb5384ea2">
- Indicate if adaptive allocations are enabled in the expanded row
<img width="1322" alt="image"
src="https://github.com/user-attachments/assets/894916df-4c77-4e75-b175-229131b8ecc8">
### Checklist
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [x] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [x] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [ ] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
---------
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: István Zoltán Szabó <istvan.szabo@elastic.co>
## Summary
This PR updates the Knowledge Base Management Settings page to use the
new `entries` API introduced in
https://github.com/elastic/kibana/pull/186566. Many thanks to @angorayc
for her work on the Assistant Management Settings overhaul, and initial
implementation of this new KB Management UI over in
https://github.com/elastic/kibana/pull/186847.
<p align="center">
<img width="600"
src="https://github.com/user-attachments/assets/0a82587e-f33c-45f1-9165-1a676d6db5fa"
/>
</p>
### Feature Flag & Setup
The changes in this PR, as with the other [recent V2 KB
enhancements](https://github.com/elastic/kibana/pull/186566), are behind
the following feature flag:
```
xpack.securitySolution.enableExperimental:
- 'assistantKnowledgeBaseByDefault'
```
~They also require a code change in the `AIAssistantService` to enable
the new mapping (since setup happens on plugin start before FF
registration), so be sure to update `fieldMap` to
`knowledgeBaseFieldMapV2` below before testing:~
This is no longer the case as of
[cdec104](cdec10402f).
Just changing the above feature flag is now sufficient, just note that
if upgrading and the KB was previously setup, you'll need to manually
delete the data stream (`DELETE
/_data_stream/.kibana-elastic-ai-assistant-knowledge-base-default`) or
the management table will be littered with the old ESQL docs instead of
being a single aggregate entry.
Once configured, the new Knowledge Base Management Settings will become
available in Stack Management. The old settings UI is currently still
available via the Settings Modal, but will soon be removed and replaced
with links to the new interface via the Assistant Settings Context Menu
(replacing the existing `cog`). Please see the designs ([Security
GenAI](https://www.figma.com/design/BMvpY9EhcPIaoOS7LSrkL0/%5B8.15%2C-%5D-GenAI-Security-Settings?node-id=51-25207&node-type=canvas&t=t3vZSPhMxQhScJVt-0)
/ [Unified AI
Assistant](https://www.figma.com/design/xN20zMRNtMlirWB6n9n1xJ/Unified-AI-Assistant-Settings?node-id=0-1&node-type=canvas&t=3RDYE7h2DjLlFlcN-0))
for all changes.
> [!IMPORTANT]
> There are no migrations in place between the legacy and v2 KB
mappings, so be sure to start with a clean ES data directory.
### Testing
To aid with developing the UI, I took the opportunity to start fleshing
out the KB Entries API integration tests. These live in
[x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries](7ae6be136a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries),
and are currently configured to only run on `@ess`, as running
`tiny_elser` in serverless and MKI environments can be tricky (more on
that later).
To start the server and run the tests, from the
`x-pack/test/security_solution_api_integration/` directory run `yarn
genai_kb_entries:server:ess`, and once started, `yarn
genai_kb_entries🏃ess`.
##### Changes in support of testing
In order to setup the API integration tests for use with the Knowledge
Base, some functional changes needed to be made to the assistant/config:
1. Since ELSER is a heavy model to run in CI, the ML folks have created
`pt_tiny_elser` for use in testing. Unfortunately, the `getELSER()`
helper off the `ml` client that we use to get the `modelld` for
installing ELSER, ingest pipelines, etc, cannot be overridden
([#193633](https://github.com/elastic/kibana/issues/193633)), so we must
have some other means of doing that. So to get things working in the
test env, I've plumbed through an optional `modelId` override to the
POST knowledge base route (`/ internal/ elastic_assistant/
knowledge_base/{resource?}?modelId=pt_tiny_elser`). This then overrides
the aiAssistantService `getELSER()` function [when
fetching](645b3b863b/x-pack/plugins/elastic_assistant/server/ai_assistant_service/index.ts (L334-L354))
a `kbDataClient` using the request, which appears to be the only way to
also trigger a reinitialization of the ingest pipeline (which required
the `modelId`), since that usually only occurs on plugin start. If there
is a cleaner way to perform this reinitialization, please let me know!
2. Turns out
[`getService('ml').importTrainedModel()`](f18224c686/x-pack/test/functional/services/ml/api.ts (L1575-L1587))
can't be run in test env's with `ssl:true`, which is the default
security config. You can read more about that issue in
[#193477](https://github.com/elastic/kibana/issues/193477), but the
current workaround is to turn off `ssl` for this specific test
configuration, so that's why
[`ess.config.ts`](cf73d4c7fc/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/ess.config.ts (L22))
looks a little different. If there's a better way to manage this config,
also please let me know!
##### Additional notes
We don't currently have a `securityAssistant` API client/service to use
in integration tests, so I've just been creating one-off functions using
`supertest` for now. I don't have the bandwidth to work this now, but
perhaps @MadameSheema / @muskangulati-qasource could lend a hand here? I
did need to test multi-user and multi-space scenarios, so I ported over
the same [auth
helpers](dc26f1012f/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/auth)
I saw used in other suites. Would be nice if these were bundled into the
client as well ala how the o11y folks have done it
[here](e9f23aa98e/x-pack/test/observability_ai_assistant_api_integration/tests/knowledge_base/knowledge_base.spec.ts (L27-L34)).
Perhaps this is also on the list of things for @maximpn to generate from
OAS's.... 🙃
### RBAC
In plumbing the UI, I've tried to place `// TODO: KB-RBAC` tags in all
the places I came across that will require an RBAC check/change. This
includes some of the API integration tests, which I currently have
skipped as they would fail without RBAC.
### Other notable changes
* There are now dedicated `legacy` and `v2` helper functions when
managing persistence/retrieval of knowledge base entries. This should
help with tearing out the old KB later, and better readability now.
* I've tried to remove dependency on the `ElasticsearchStore` as much as
possible. The store's only use should now be within tools as a retriever
[here](de89153368/x-pack/plugins/elastic_assistant/server/routes/helpers.ts (L397-L405)),
and in post_evaluate
[here](de89153368/x-pack/plugins/elastic_assistant/server/routes/evaluate/post_evaluate.ts (L170-L179)).
If we adopt the new
[`naturalLanguageToESQL`](https://github.com/elastic/kibana/pull/192042)
tool in `8.16` (or update our existing ESQL tool to use the
`kbDataClient` for retrieval), we should be able to get rid of this
entirely.
* Added a
[`spaces_roles_users_data.http`](7447394fe3/x-pack/packages/kbn-elastic-assistant-common/impl/utils/spaces_roles_users_data.http (L1))
file for adding spaces, roles, users, and a sample `slackbot` index for
use with [sample `IndexEntries`
here](7447394fe3/x-pack/packages/kbn-elastic-assistant-common/impl/schemas/knowledge_base/entries/crud_knowledge_base_entries_route.http (L18-L56)).
### // TODO
In effort to make incremental progress and facilitate early knowledge
share with @patrykkopycinski, I'm capping this PR where it's at, and so
here are the remaining items to complete full integration of the new
Knowledge Base Management Settings interface:
- [ ] Support `Update` action
- [ ] Move from `EuiInMemoryTable`
- [ ] Finalize `Setup` UI
- [ ] Cleanup `Save` loaders
- [ ] Plumb through `{{knowledge_history}}` prompt template and include
use's `required` entries
All this work is behind the aforementioned feature flag and required
code change, and this changeset has also been manually upgrade tested to
ensure there are no issues that would impact the regularly scheduled
serverless releases. This is more of a note to reviewers when testing
that full functionality is not present.
### Checklist
- [X] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
* Feature currently behind feature flag. Documentation to be added
before flag is removed. Tracked in
https://github.com/elastic/security-docs/issues/5337
- [X] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
## Summary
This is a follow up to EUI's Emotion conversion of
**EuiFormControlLayout/Delimited** (see
https://github.com/elastic/kibana/pull/190752,
https://github.com/elastic/eui/pull/7954, and
https://github.com/elastic/eui/pull/7957).
> [!note]
> Please manually QA your team's affected form control(s) to confirm
they still look and behave as expected and are non-broken. The EUI team
is not familiar enough with each plugin's setups to pull down and QA
this PR ourselves.
While QA testing the upgrade, I noticed a few incorrect usages of
**EuiFormControlLayout** but wanted to wait until after the upgrade to
push out fixes (to prevent delaying the PR further). In general, here is
EUI's [recommended usage of the
component](https://eui.elastic.co/#/forms/form-controls#form-control-layout):
- Where possible, **simply don't use it**. Almost all form controls are
**already** automatically wrapped in any EuiFormControlLayout by
default, and should accept a large majority of the props that the layout
accepts.
- If you **must** use it, set the `controlOnly` prop on the child
input/control to avoid buggy styling (e.g. duplicate borders).
- If you can't do either of the above for any reason (e.g. missing prop
support), reach out to the EUI team to ask for your UX as a feature
request!
### Checklist
Delete any items that are not applicable to this PR.
- [x] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [x] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [x] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
## Summary
Part of #159917.
Moves code from `plugins/ml/common|public` to packages that is used by
transforms too.
While the transforms plugin is maintained by the ML team too, the
transform plugin itself is independently available from the ML UI in the
Kibana management section. We should try to avoid that the transform
plugin is directly depending on the `ml` plugin. This PR moves some code
from `plugins/ml/common|public` to packages so that we can remove `ml`
from the list of `requiredBundles` of the `transform` plugin.
The packages were created with these commands:
```
node scripts/generate package @kbn/ml-field-stats-flyout --dir ./x-pack/packages/ml/field_stats_flyout
node scripts/generate package @kbn/ml-parse-interval --dir ./x-pack/packages/ml/parse_interval
node scripts/generate package @kbn/ml-validators --dir ./x-pack/packages/ml/validators
```
The following commands were used to check missing jsdoc comments and
exports:
```
node scripts/build_api_docs --plugin @kbn/ml-field-stats-flyout --stats comments
node scripts/build_api_docs --plugin @kbn/ml-field-stats-flyout --stats exports
node scripts/build_api_docs --plugin @kbn/ml-parse-interval --stats comments
node scripts/build_api_docs --plugin @kbn/ml-parse-interval --stats exports
node scripts/build_api_docs --plugin @kbn/ml-validators --stats comments
node scripts/build_api_docs --plugin @kbn/ml-validators --stats exports
```
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
`v95.10.1`⏩`v95.11.0`
> [!note]
> The bulk of this release is **EuiDataGrid**. The component has been
fully converted to Emotion, and several UX changes have been made to
data cell actions. We recommend QA testing any data grid(s) that have
custom styles applied to them.
_[Questions? Please see our Kibana upgrade
FAQ.](https://github.com/elastic/eui/blob/main/wiki/eui-team-processes/upgrading-kibana.md#faq-for-kibana-teams)_
---
## [`v95.11.0`](https://github.com/elastic/eui/releases/v95.11.0)
- Updated `EuiText`, `EuiTextColor`, and `EuiTextAlign` with a new
`component` prop that allows changing the default rendered `<div>`
wrapper to a `<span>` or `<p>` tag.
([#7993](https://github.com/elastic/eui/pull/7993))
- Updated `EuiDataGrid`'s cell actions to always consistently be
left-aligned, regardless of text content alignment
([#8011](https://github.com/elastic/eui/pull/8011))
- Increased `EuiDataGrid`'s cell actions hover zone to reduce UX
friction when mousing over from the grid cell to its actions
([#8011](https://github.com/elastic/eui/pull/8011))
**Bug fixes**
- Fixed `EuiPopover` to correctly inherit from `EuiProvider`'s
`componentDefaults.EuiPortal.insert`
([#8003](https://github.com/elastic/eui/pull/8003))
- Fixed push `EuiFlyoutResizable`s to not potentially block scrollbars
on outside content ([#8010](https://github.com/elastic/eui/pull/8010))
- Fixed an `EuiDataGrid` bug where the `setCellProps` callback passed by
`renderCellValue` was not correctly applying custom `data-test-subj`s
([#8011](https://github.com/elastic/eui/pull/8011))
**Accessibility**
- Updated the `EuiBasicTable` actions button's `aria-label` by adding a
reference to the current row
([#7994](https://github.com/elastic/eui/pull/7994))
**CSS-in-JS conversions**
- Converted `EuiDataGrid`'s toolbar controls to Emotion
([#7997](https://github.com/elastic/eui/pull/7997))
- Removed `$euiDataGridPopoverMaxHeight`
- Converted `EuiDataGrid` to Emotion
([#7998](https://github.com/elastic/eui/pull/7998))
- Removed `$euiZDataGrid`
- Removed `$euiZHeaderBelowDataGrid`
- Converted `EuiDataGrid`'s `gridStyle`s to Emotion; Removed the
following Sass variables and mixins:
([#8006](https://github.com/elastic/eui/pull/8006))
- `$euiDataGridCellPaddingS`
- `$euiDataGridCellPaddingM`
- `$euiDataGridCellPaddingL`
- `$euiDataGridVerticalBorder`
- `$euiDataGridPrefix`
- `$euiDataGridStyles`
- `@euiDataGridSelector`
- `@euiDataGridStyles`
- Converted `EuiDataGrid`'s cell popover, actions, and focus outline to
Emotion; Removed the following Sass variables and mixins:
([#8011](https://github.com/elastic/eui/pull/8011))
- `$euiZDataGridCellPopover`
- `@euiDataGridCellFocus`
- Converted `EuiDataGrid`'s row, header, and footer cells to Emotion;
Removed the following Sass variables and mixins:
([#8013](https://github.com/elastic/eui/pull/8013))
- `$euiDataGridColumnResizerWidth`
- `@euiDataGridRowCell`
- `@euiDataGridHeaderCell`
- `@euiDataGridFooterCell`
## Summary
In an attempt to make Reviewing easier and more accurate, the
implementation of Vulnerabilities on Host.name flyout in Alerts Page
will be split into 2 Phases
Phase 1: Move Functions, Utils or Helpers, Hooks, constants to Package
Phase 2: Implementing the feature
## Summary
### Kibana Core Security plugin
- Updated several Role forms to include `data-test-subj` in order to
better select items from tests
### Security Solution Plugin (and associated packages)
Changes in support of space awareness:
- New feature flag control: `endpointManagementSpaceAwarenessEnabled`
- Elastic Defend related kibana feature controls are changed to
`requireAllSpaces: false` when feature flag is enabled
In addition:
- The Cypress serverless FTR configuration used for Defend Workflows
tests was updated to enable the creation of spaces and also role
management UI
## Summary
Updated `js-yaml` to `4.1.0`.
This PR also introduces a type override for the `js-yaml` load function
to maintain compatibility across the codebase. Specifically, updated
type definition of the load function looks as follows:
```typescript
function load<T = any>(str: string, opts?: jsyaml.LoadOptions): T;
```
The original type definition of the load function in `js-yaml` changed
from `any` to `unknown`. This change would require extensive type
updates throughout the entire repository to accommodate the `unknown`
type. To avoid widespread type changes and potential issues in the
codebase, the type is overriden back to `any` for now.
This is a temporary measure, we plan to address the necessary type
changes in subsequent PRs, where teams will gradually update the
codebase to work with the `unknown` type.
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Release note
Updated `js-yaml` to `4.1.0`.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Maxim Palenov <maxim.palenov@elastic.co>
## Summary
Adds support for clicking on Anomaly Explorer charts to trigger the
actions popover menu.
- [x] ExplorerChartSingleMetric
- [x] ExplorerChartDistribution
- [x] Support for embedded charts
Anomaly Explorer
[ml-anomaly-charts-actions-0001.webm](9502b234-7df8-4290-9914-163936487af8)
Embedding
[ml-anomaly-charts-actions-embedding-0001.webm](ee519b47-e924-4947-b127-4f3ecf62616e)
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
Real data:
<img width="1237" alt="Screenshot 2024-09-18 at 14 23 17"
src="https://github.com/user-attachments/assets/ecc496aa-1c43-4c3c-9ac8-d6e4e6cb8aad">
Storybook:
<img width="1256" alt="Screenshot 2024-09-18 at 14 23 22"
src="https://github.com/user-attachments/assets/03d9f940-7b3f-4aea-9221-42b1c07119d1">
Tooltips:
<img width="1250" alt="Screenshot 2024-09-18 at 13 49 19"
src="https://github.com/user-attachments/assets/dc99b4cc-4eba-4815-8892-8e3fe7a041bb">
- Use ESQL to fetch the top 500 entities sorted by last seen property.
- Display 20 entities per page.
- Sorting is handles by the server and saved on the URL
- Current page is saved on the URL
- Filter entities types `service`, `host` or `container`
- Filter only entities from the built in definition
- LIMITATION: The EuiGrid doesn't have an embedded loading state, for
now, I'm switching the entire view to display a loading spinner while
data is being fetched.
- PLUS: Storybook created with mock data.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
