## Summary
Upgrades devDependencies `@redocly/cli` from v1.27.2 to 1.28.5, and
`redoc` from 2.2.0 to 2.4.0.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
When switching to borealis palettes there is no longer a need for
`euiPaletteColorBlindBehindText` palette. Removing this created the
linked issue as there was no default applied when accessing the mapped
colors. This change attempts to lookup behind text color otherwise
defaults to normal color. This was only reachable when the dashboard
`syncColors` option was enabled.
Fixes#209610
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
## Release note
This fixes and issues where behind text colors were not correctly
assigned, such as in `Pie`, `Treemap` and `Mosaic` charts.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Closes https://github.com/elastic/kibana/issues/180057
The following items needed to be replaced with add panel actions
* vega - visType
* markdown - visType
* lens - visTypeAlias
* maps - visTypeAlias
As an added benefit, now these actions are displayed in embeddable
examples that uses ADD_PANEL_TRIGGER
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
## Summary
This PR cleans up the `kbn-grid-layout` code in two ways:
1. Rather than memoizing components in their parents, I swapped to using
`React.memo` for all components, which accomplishes the same behaviour
in a slightly cleaner way.
2. I moved all Emotion style definitions **outside** of the React
components so that we no longer have to re-parse the CSS string on every
render (see [this
comment](https://github.com/elastic/eui/discussions/6828#discussioncomment-11247425)).
### Checklist
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
## Summary
This adds performance telemetry to the profiling pages listed in
[#205393](https://github.com/elastic/kibana/issues/205393)
### Checklist
Check the PR satisfies following conditions.
Reviewers should verify this PR satisfies this list as well.
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Carlos Crespo <crespocarlos@users.noreply.github.com>
### Summary
Addresses https://github.com/elastic/kibana/issues/208204.
The general idea here is to add aliases to the legacy indices in order
to "backfill" some newer fields that are now required in various alerts
UIs. We already have the mechanism to apply mappings changes for just
this scenario, so this was just a matter of adding the new mappings and
bumping versions appropriately.
While the consumer field is static ('siem'), we're opting to use a
`keyword` runtime field instead of a `constant_keyword` in order to
allow the possibility of other values for this field in the future.
While we do not expect the legacy indices to be written to at all in
8.x+, new legacy indices are still created every 30d due to the rollover
policy, and so neglecting to add the mappings to those new indices could
lead to mapping conflicts. So: while the mappings on the index template
are not expected to be used, we still update them for
consistency/future-proofing.
### Screenshots
<details>
<summary>
</summary>
<kbd>
Alerts Table before fix:
<img width="1727" alt="Screenshot 2025-02-06 at 5 15 59 PM"
src="https://github.com/user-attachments/assets/1f83d6f3-a1b0-4025-b1e3-78e34340ef91"
/>
</kbd>
<kbd>
Alerts Table after fix:
<img width="1727" alt="Screenshot 2025-02-06 at 5 40 02 PM"
src="https://github.com/user-attachments/assets/c68ad198-226c-413e-a4ac-7f590e6d500b"
/>
</kbd>
</details>
### Steps to review
1. Create a 7.17 cloud GCP instance (on us-west-2 so that you can
upgrade to 8.18)
2. Create several rules of different types (since part of this bug
involves mapping existing rule types to the new `rule_type_id` field)
3. Generate alerts with those rules (I prefer to use auditbeat to
quickly ingest some ECS data)
4. (optional) Take a snapshot of your instance (so as to skip steps 2-3
in subsequent tests)
5. Upgrade the instance to 8.18
6. Observe the absence of any 7.17 alerts in the 8.18 Alerts table
(note: if you have no 8.18 alerts, the table will be empty)
7. Connect your local kibana (running this branch) to your cloud
instance:
```yaml
elasticsearch:
username: USERNAME_HERE # Note: user will need index management
privileges
password: PASSWORD_HERE
hosts: https://ES_ENDPOINT_HERE.es.us-west2.gcp.elastic-cloud.com
ssl:
verificationMode: none
ignoreVersionMismatch: true
node.roles: ['ui'] # Only run UI (not task manager) locally
```
8. Navigate to a security page in your browser. This will trigger the
call to update 7.x signals
9. Observe that the 7.x alerts are now visible on the alerts table, both
locally and using the cloud instance's kibana
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
## Summary
Closes https://github.com/elastic/kibana/issues/210341
Catch yaml error when updating package policies to throw a Fleet error,
this results in a 400 response code instead of 500 which caused a PD
alert in serverless.
To verify:
- add System integration, then go to Edit integration policy
- add the yaml below to Processors
- click on Save and continue
- expect a HTTP 400 error response
```
data_stream:
dataset: test
processors:
- add_host_metadata: \~
- add_cloud_metadata: \~
```
<img width="2551" alt="image"
src="https://github.com/user-attachments/assets/0c839601-e278-4715-a7e9-743235e69832"
/>
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
This PR fixes the issue of navigation link behaviour not updating after
first click/update.
## Testing Steps
1. Kibana - 8.18
2. Generate some data using data generator and alerts.
3. Enable Risk Score
4. Go to Security -> Alerts
5. Open Host Flyout of a host with risk score
6. Click alert/risk summary link, then click the other one and observe
the tab on the left and content change in response ✅
### Screen Recordings
#### Host Selected
https://github.com/user-attachments/assets/ac071adc-8255-496e-956b-cf727191cbe3
#### User Selected
https://github.com/user-attachments/assets/ab10a640-964d-457f-9ff3-198c19641889
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
This PR ensures that errors encountered during insight creation are
properly propagated to the UI, specifically to the endpoint insights
component. I opted for a UI-only approach because I believe these
creation errors shouldn’t be returned as API responses. Instead, we
should rely on the already stored insight status and potential
failureReason.
Additionally, I’ve updated the Cypress tests to no longer explicitly
include feature flags for this functionality, as the feature flag has
now been enabled.
https://github.com/user-attachments/assets/11f7f601-931f-41a0-a02c-e961b4424d1e
Close#185032
## Summary
An Observability AI Assistant connector is available to be set as action
for Observability rules. When an alert is triggered, a conversation with
the AI assistant will be created sending the initial prompt set by the
user in the rule action. The conversation is then stored and can be
retrieved from the AI Assistant interface. the action is triggered on
any status change of the alert (active, recovered, untracked), creating
a new conversation for each of them using the same initial prompt which
may not be suitable for the 3 cases.
Improvement
The user is able to choose in when the action should be run (active,
recovered, untracked, all),. That would allow the user to specify more
than one AI Assistant action, with a different and more suitable prompt
in each case.
https://github.com/user-attachments/assets/69463fa0-de5e-441c-8e99-a888e076f311
### Checklist
Check the PR satisfies following conditions.
Reviewers should verify this PR satisfies this list as well.
- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This was checked for breaking HTTP API changes, and any breaking
changes have been approved by the breaking-change committee. The
`release_note:breaking` label should be applied in these situations.
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [ ] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Sandra G <neptunian@users.noreply.github.com>
## Add refresh for event log, when we fill gap
As we update gaps, and don't wait for refresh in UI we can have
inconsistent state:
- Go to gap table
- Click fill gap, wait for api response
- Then we refetch gaps, but because we don't wait for refresh we get old
gaps and action "Fill gap" still remain in the table
In this PR we introduce index refresh, which only happens when user make
an action to fill gap
---------
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
We started out with streams having an id, but we switched that to `name`
at some point. However, some places would still use `id` which bothered
me.
This PR switches all occurrences to `name` - Kibana and Elasticearch
assets still have "id"s, but streams are all names.
This PR updates the function definitions and inline docs based on the
latest metadata from Elasticsearch.
---------
Co-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>
## Summary
This PR resolves https://github.com/elastic/kibana/issues/201882 by
making sure that EUI palette functions are called during component
re-renders in Security Solution.
### Testing
Please verify if visualizations are displayed properly.
Running Kibana with the Borealis theme
In order to run Kibana with Borealis, you'll need to do the following:
Set the following in kibana.dev.yml:
`uiSettings.experimental.themeSwitcherEnabled: true`
Run Kibana with the following environment variable set:
`KBN_OPTIMIZER_THEMES="borealislight,borealisdark,v8light,v8dark" yarn
start`
This will expose a toggle under Stack Management > Advanced Settings >
Theme version, which you can use to toggle between Amsterdam and
Borealis.
This PR is adding the Serverless Kibana preconfigured `.inference`
connector for Elastic Rainbow Rainbow Sprinkles LLM.
Instead of adding within kibana-controller
