Closes https://github.com/elastic/kibana/issues/206590
Closes https://github.com/elastic/kibana/issues/211710
Closes https://github.com/elastic/kibana/issues/211604
Closes https://github.com/elastic/obs-ai-assistant-team/issues/215
## Summary
This PR implements conversation sharing for Obs AI Assistant
conversations.
The features included are as follows:
1. Refactored `ChatActionsMenu` - Removed Copy Conversation and
Duplicate options
2. Removed the banner added in
https://github.com/elastic/kibana/issues/209382
3. Removed the conversation input box (`PromptEditor`), if the user who
is viewing the conversation cannot continue it.
4. Implemented a `ChatBanner` - This will show whether a conversation is
shared with the team (The banner content differs based on who is viewing
the conversation)
5. Implemented `ChatContextMenu` for conversation specific actions. This
includes "Duplicate", "Copy conversation", "Copy URL" and "Delete".
"Delete" functionality is only available to the conversation owner.
(This menu is only included in the `ChatHeader` at the moment because
`Eui` doesn't support passing a node to `EuiListGroupItem` to include
this in the `ConversationList`. This will be refactored in
https://github.com/elastic/kibana/issues/209386)
6. Implemented `useConversationContextMenu` for "copy" and "delete"
functionalities.
7. Implemented `ChatSharingMenu` to mark a conversation as
`shared/private`. This is only enabled for the owner of the
conversation. For other users, a disabled badge will be shown stating
whether the conversation is Private or Shared.
8. Implemented `updateConversationAccess` route.
9. Updated the Chat Item Actions Inspect Prompt Button to `Inspect`.
This was `eye` before.
10. Implemented a custom component `ConversationListItemLabel` to show
the shared icon in `ConversationList`.
11. Re-named "Copy conversation" to "Copy to clipboard" to avoid
ambiguity with "Duplicate".
12. Added success toast on "Copy to clipboard"
Note: If a conversation started from contextual insights, and then the
user continue the conversation --> The conversation will be stored.
However, if the user deletes the continued conversation, they will be
reverted to the initial messages from the contextual insights.
### Screen recording
https://github.com/user-attachments/assets/50b1fd3c-c2f5-406f-91bc-2b51bb58833e
### Checklist
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
- Enabled @typescript-eslint/consistent-type-imports eslint rule for
ResponseOps packages and plugins:
- this rule ensures that imports used only for type declarations are
consistently written using `import type ` syntax
- fixed eslint errors for:
- `src/platform/packages/shared/response-ops`
- `x-pack/platform/plugins/shared/alerting`
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Download, parse and replay loghub data with Synthtrace, for use in the
Streams project. In summary:
- adds a `@kbn/sample-log-parser` package which parses Loghub sample
data, creates valid parsers for extracting and replacing timestamps,
using the LLM
- add a `sample_logs` scenario which uses the parsed data sets to replay
Loghub data continuously as if it were live data
- refactor some parts of Synthtrace (follow-up work captured in
https://github.com/elastic/kibana/issues/212179)
## Synthtrace changes
- Replace custom Logger object with Kibana-standard ToolingLog
- Report progress and estimated time to completion for long-running jobs
- Simplify scenarioOpts (allow comma-separated key-value pairs instead
of just JSON)
- Simplify client initialization
- When using workers, only bootstrap once (in the main thread)
- Allow workers to gracefully shutdown
- Downgrade some logging levels for less noise
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Resolves#212919
We noticed that setting the header `'Content-Type':
'text/event-stream',` didn't work as the browser's native EventSource
implementation.
```JS
return res.ok({
headers: {
'Content-Type': 'text/event-stream',
'Cache-Control': 'no-cache',
},
body: observableIntoEventSourceStream(events$ as unknown as Observable<ServerSentEvent>, {
signal: abortController.signal,
logger,
}),
});
```
The reason, apparently, is that we need to flush the compressor's buffer
negotiated in the HTTP request.
### How to test it:
Run Kibana with examples `yarn start --no-base-path --run-examples
--http2` and open the SSE example app in Kibana. You should see a clock
updating every second in the UI (the clock is coming from the server).
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [cytoscape](http://js.cytoscape.org)
([source](https://redirect.github.com/cytoscape/cytoscape.js)) |
dependencies | patch | [`^3.31.0` ->
`^3.31.1`](https://renovatebot.com/diffs/npm/cytoscape/3.31.0/3.31.1) |
---
### Release Notes
<details>
<summary>cytoscape/cytoscape.js (cytoscape)</summary>
###
[`v3.31.1`](https://redirect.github.com/cytoscape/cytoscape.js/releases/tag/v3.31.1)
[Compare
Source](https://redirect.github.com/cytoscape/cytoscape.js/compare/v3.31.0...v3.31.1)
Release version v3.31.1
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xMDcuMCIsInVwZGF0ZWRJblZlciI6IjM5LjEwNy4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJiYWNrcG9ydDphbGwtb3BlbiIsInJlbGVhc2Vfbm90ZTpza2lwIl19-->
Co-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com>
Co-authored-by: jennypavlova <dzheni.pavlova@elastic.co>
## Refactor Instruction Handling: Remove Adhoc Instructions and
Standardize API
Closes#211190
## Summary
This PR removes the concept of *Adhoc Instructions* and standardizes how
instructions are handled across the system. The `/complete` API now
explicitly accepts **user instructions**, and redundant functions have
been removed or replaced.
## Changes Implemented
### Renamed API Parameter
- The `/complete` API’s `instructions` parameter is now
`userInstructions`.
- Application instructions can no longer be sent via the API (future
support can be added if needed).
### Removed Redundant Functions
- Deleted `getAdhocInstructions` and `registerAdhocInstruction`.
- API-passed instructions are now treated as **user instructions**.
- Updated function calls to use `getInstructions` and
`registerInstruction` instead.
### Refactored Function Calls
- Replaced `registerAdhocInstruction` with `registerInstruction`.
## Impact & Benefits
- **Simplifies** instruction handling by removing unnecessary
complexity.
- **Aligns** API behavior with internal instruction management.
## Summary
Closes https://github.com/elastic/kibana/issues/211778 and
https://github.com/elastic/kibana/issues/211871
This PR is a follow-up to issue
[#208693](https://github.com/elastic/kibana/issues/208693) and
incorporates the suggestions from its associated PR
[#210612](https://github.com/elastic/kibana/pull/210612).
>[!NOTE]
> Please note that most of the changes in this PR involve moving files,
renaming `data-test-subj` attributes, updating imports, and not creating
the files from scratch.
**What's happening in this PR?**
- Transitioning from data source profile to document profile.
- Splitting the traces document viewer into separate span and
transaction viewers.
- Enhancing the `useTransaction` hook to abort requests on component
unmount.
As noted in the `TODOs`, a follow-up issue will focus on using for
APM-configured indexes to enable the experience and retrieve the
`transaction.name` for spans.
### How to test
Add this to your kibana.dev.yml:
```
discover.experimental.enabledProfiles:
- observability-traces-span-document-profile
- observability-traces-transaction-document-profile
`````
- Go to Discover page
- Select APM data view
- Check your traces data
- Spans and transactions should show the new overview tabs when opening
the flyout
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Cauê Marcondes <55978943+cauemarcondes@users.noreply.github.com>
Co-authored-by: Carlos Crespo <crespocarlos@users.noreply.github.com>
## Summary
Cluster with autoscaling for ML nodes can take couple minutes to
properly allocate ML node on Cloud, so increasing timeout by 10min
should improve the UX and make the process more streamlined.
However it's still just arbitrary value, so in the future we should
think about more reliable solution
## Summary
Upgrading to 9.x involves reindexing indices created in 7.x, which does
include rollup indices. Reindexing means relying on aliases to preserve
existing index names. As it turns out, our existing code did not work
with rollups that referenced aliases, rather than indices. This is
because the index name is used as an object key even if it was retrieved
via alias.
Note - I need to verify this on 9.0 from scratch. I used upgraded data
and need to verify the steps to make this work when testing.
To test
1. Add sample data
2. Create a rollup job that references the sample data.
3. Create a data view that references the rollup index. It may take a
few minutes for the rollup index to be populated.
4. Create an alias from the dev console, like such -
```
POST _aliases
{
"actions": [
{
"add": {
"index": "rollup",
"alias": "my-alias"
}
}
]
}
```
5. Create a rollup data view based in the alias you just created.
Part of https://github.com/elastic/kibana/issues/211850
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
The inventory_view saved object allows the legend attribute to be
optional and limits and/or sets the number of steps during an upgrade
between model version 1 and 2. The transform function needs to handle
cases where legend is not set to prevent migration failures.
Related to https://github.com/elastic/kibana/pull/207007
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
This PR contains the following updates:
| Package | Update | Change |
|---|---|---|
| docker.elastic.co/wolfi/chainguard-base | digest | `10f7cda` ->
`a37e513` |
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xMDcuMCIsInVwZGF0ZWRJblZlciI6IjM5LjEwNy4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJUZWFtOk9wZXJhdGlvbnMiLCJiYWNrcG9ydDpza2lwIiwicmVsZWFzZV9ub3RlOnNraXAiXX0=-->
Co-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com>
## Summary
This pr fixes a few very different but compounding upon one another
issues with how redux/reselect is currently being used across a range of
places in the security app. To start, I will focus on the notes
selectors.
The first issue was our use of filter. filter creates a shallow copy of
an array every time it runs, even if nothing matches, creating a new
reference quite often, even just in the flyout with 0 notes. This is
explicitly mentioned in the docs:
https://reselect.js.org/usage/handling-empty-array-results . Using a
static reference if filter returns 0 items with the fallbackToEmptyArray
reduces a lot of references changing everywhere notes selectors are
used, especially in the alerts table, which I will get to in a bit. The
next issue was with how we were extracting arguments, namely this
pattern:
```
createSelector(
[
selectAllNotes,
(_: State, { documentId, savedObjectId }: { documentId: string; savedObjectId: string }) => ({
documentId,
savedObjectId,
}),
],
(notes, { documentId, savedObjectId }) =>
fallbackToEmptyArray(
notes.filter((note) => note.eventId === documentId && note.timelineId === savedObjectId)
)
);
```
will not actually work as expected, because the 2nd input selector
function is creating a new object reference every time it's called, All
arguments are actually passed to all input selectors, so changing this
to something like
```
createSelector(
[
selectAllNotes,
(_: State, documentId: string) => documentId,
(_: State, documentId: string, savedObjectId: string) => savedObjectId,
],
(notes, documentId, savedObjectId) =>
fallbackToEmptyArray(
notes.filter((note) => note.eventId === documentId && note.timelineId === savedObjectId)
)
);
```
where documentId and savedObjectId are both primitives, will work as
expected...if you are expecting to only call it with a small number of
documentIds. Would work well with just the flyout, but when using it
with 50 different doc ids in the alerts table, and a different set of 50
in the timeline, not only is the memoization doing nothing, we are
looping over all the document ids x 100 constantly, rough on the app
performance, less so with very few notes, but would scale terribly. To
fix this, we use the selector creator pattern in the components, like
action cells in the table, where there would be lots of different
document ids, that don't change through the life of the component.
```
const selectNotesByDocumentId = useMemo(() => makeSelectNotesByDocumentId(), []);
const documentBasedNotes = useSelector((state: State) => selectNotesByDocumentId(state, eventId));
```
The final issue was the sort, we were creating a new object reference
every time, which was a problem, but also didn't actually make use of
sorting on different fields, just always on created. I changed the state
logic for this a bit, we fetch the notes from the api on the management
page just as before, only now we use an optional argument to
redux-toolkit's createEntityAdapter that allows us to sort the notes
whenever the reducer runs. If the user changes the sort direction, a
different selector runs that reverses the notes, and renders those in
the table. selectAllReversed, it works exactly as the built in
selectAll, just makes use of .reverse().
Also changed some things in the recently alerts table package changes
that were not referentially stable, fixed a useEffect that was calling
the useFetchNotes logic way too often in each tab of the timeline, and
cleaned up various selectors, some of which were completely unneeded in
the first place, or didn't work (read: didn't actually memoize anything)
at all. Finally, we fetch the notes for the alerts table correctly once
again, that is only when the data fetching query completes and is
successful, for a while now it's been running way too often, in onUpdate
instead of onLoaded
### Checklist
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
Part of https://github.com/elastic/kibana/issues/194222
## Summary
This PR moves the flapping and alert delay features into two new
functions in the alerts client `determineFlappingAlerts` and
`determineDelayedAlerts`. They will be called in the rule_type_runner
after `processAlerts`.
- I removed `recoveredCurrent` and `activeCurrent` 😌 . This PR
simplifies them to be activeAlerts, recoveredAlerts,
trackedRecoveredAlerts, and trackedActiveAlerts. trackedRecoveredAlerts
and trackedActiveAlerts are the alerts that will be stored in the task
state.
- I also updated the logic so that the AAD docs and state match to help
with ongoing work to use AAD docs instead of the state.
- I removed an optimization for the task state to stop tracking a
recovered alert if it wasn't flapping and doesn't have state changes. We
won't need this optimization with using AAD docs instead of the state.
### Checklist
Check the PR satisfies following conditions.
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
Closes#212796
This PR fixes OTel span links
## Testing
- Using the edge oblt go to Service inventory and find the `accounting`
service and click on it
- Click on the transactions tab and scroll to the waterfall
- Click on the Span link inside the Span
- Navigate to the linked service
- Then try the navigation back by finding the span link again in the
waterfall and go back to the accounting service / its trace
https://github.com/user-attachments/assets/83bb6ec3-86d5-45ad-8b81-6df73751fa31
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
- Adds a filter by rule type ids to the `/internal/alerting/rules/_find`
API endpoint, with the same logic as other similar endpoints.
- Updates unit and API integration tests to cover the new filter.
## To verify
1. Create rules of different types with common and exclusive tags
2. Use the `Stack Management > Dev Console` to call the endpoint with
different combinations of rule type ids:
```
GET
kbn:/internal/alerting/rules/_tags?rule_type_ids=[".es-query",".index-threshold",
...]
```
4. Verify that the returned tags correspond to the filtered rule types
## Implementation details
Adds the filter to the v1 schema for the get tags endpoint since it's an
additive change to an internal API.
## References
Closes#213057
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
Relates to #208729
## Summary
This PR removed the visual regression service map tests and the
screenshots used there. Unfortunately, we won't be able to use
screenshots for testing as it is not supported.
The tests should still pass and there shouldn't be an error in the CI
like:
## Summary
Part of https://github.com/elastic/kibana/issues/195418
Gives `LIMIT` and `MV_EXPAND` autocomplete logic its own home 🏡
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
### Identify risks
- [ ] As with any refactor, there's a possibility this will introduce a
regression in the behavior of commands. However, all automated tests are
passing and I have tested the behavior manually and can detect no
regression.
---------
Co-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>
closes https://github.com/elastic/kibana/issues/210552
Before:
- Top dependencies API returned baseline and comparison timeseries data.
<img width="1208" alt="Screenshot 2025-02-14 at 14 27 28"
src="https://github.com/user-attachments/assets/f7770395-0575-4950-9acd-8808de5794b7"
/>
After:
- Removing timeseries and comparison data.
- The API is ~2s faster than before.
- Response size is also smaller after removing the timeseries data.
<img width="1203" alt="Screenshot 2025-02-14 at 14 26 34"
src="https://github.com/user-attachments/assets/5bd2ed09-1d2e-4ef1-8e55-6c3e9fba6348"
/>
Created a new API: `POST
/internal/apm/dependencies/top_dependencies/statistics` to fetch the
statistics for the visible dependencies.
---------
Co-authored-by: Carlos Crespo <crespocarlos@users.noreply.github.com>
Co-authored-by: Milosz Marcinkowski <38698566+miloszmarcinkowski@users.noreply.github.com>
## Summary
It fixes#212014 by adding a recovery context to the APM anomaly rule.
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## How to test the PR:
- Run Kibana locally and use oblt-edge
- From the Service Inventory, create an anomaly detection job for
`elastic-co-frontend` and `packetbeat` services
- Create an APM Anomaly rule for all services with severity warning
- Create an action with Log, then select when recovered
<img width="1188" alt="Screenshot 2025-03-10 at 12 45 36"
src="https://github.com/user-attachments/assets/4b356981-f5dc-4493-ac7a-061b0a1a98f8"
/>
- Once the rule fires an alert, edit the rule and change the severity
level to something else to recover the alert.
- Watch the logs where Kibana is running; you should see the recovery
message printed with all the variable values.
## Summary
Changes in support of Spaces, which is currently behind feature flag
`endpointManagementSpaceAwarenessEnabled`:
- Artifacts `find` API (via `lists` plugin extension points) were
updated to append additional filtering criteria to the request that
ensure only data scoped to the active space is returned. The Find API
will return:
- global artifacts
- per-policy artifacts currently assigned to policies that are visible
in the current space
- per-policy artifacts currently NOT assigned to any policies that have
an owner space id that matches the active space (dangling artifats)
- Artifacts `get`-one API was updated to validate that user can read
artifact in active space. Read of single artifact will be allowed:
- artifact is global
- If per-space artifact is assigned to policies and at least one policy
is visible in active space
- if per-space artifact is not assigned to any policies but its owner
space matches the active space
- if user has the global artifact management privilege
- In addition to API integration tests for the `find`/`get` APIs, tests
were also added for endpoint exceptions
- Consolidated endpoint exceptions generator
(`endpoint_exceptions_generator.ts`) into `EndpointListItemGenerator`
for better reuse
## Summary
Adds serverless security AI4SOC add-on metering.
- emits a ai4soc metering usage record with the corresponding tier every
~20 minutes
- records are unique to the project + hour
- records are backfilled up to a week
- adds usage record backfill functionality to the shared usage reporting
task
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
This PR:
- add an extra information when hovering over a variable
<img width="479" alt="image"
src="https://github.com/user-attachments/assets/331f7faf-89e9-468d-9887-9d58a2f66ff7"
/>
- passes the variables on the fields retrieval endpoint in the editor to
get the fields correctly when there are variables in the query
### Checklist
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
