## Summary
This PR adds the following tests for Automatic Import:
- jest unit tests for the CEL generation flyout
- FTR tests for the `analyze_api` and `cel` graph endpoints (excluding
200 tests due to https://github.com/elastic/kibana/issues/204177 still
being open)
There is also some very minor cleanup of a test mocking of the now
deprecated FF for generateCel, and small refactor to move a function to
a different file for consistency.
(Cypress tests coming in a separate PR)
## Summary
This extends initial connector telemetry from PR ref
https://github.com/elastic/kibana/pull/186936.
The PR adds the following optional fields when instantiating a new
actionClient as part of its `subActionParams`:
```ts
{
telemetryMetadata : {
pluginId: "your plugin name or unique identifier",
aggregateBy: "ID to aggregate on"
}
}
```
The support is added to all AI connector models for both
stream/non-stream/raw.
The PR also adds token count usage for bedrock `InvokeAIRaw`, as that
was currently not added correctly.
Pierre also helped with adding a new metadata optional field for the `NL
to ESQL functions`, so that users can pass in similar metadata for LLM
conversations using the InfereceClient.
PluginId is a field used to filter telemetry in the way the team wants
to implement it. It could be a team name, a plugin name etc, all
depending on how the team wants to group and filter on the telemetry
event.
AggregateBy is intended to be used to group multiple LLM calls for
aggregations and stats, for example a conversationId that has multiple
LLM calls.
Both fields are optional, so when you do not want to aggregate the
option can simply be ignored.
### Checklist
Check the PR satisfies following conditions.
Reviewers should verify this PR satisfies this list as well.
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: pgayvallet <pierre.gayvallet@elastic.co>
## 📓 Summary
This change introduce a new recursive record type to let the documents
applied used for sampling and simulation not fail on the excessive
strict keys check.
```tsx
// Any primitive value allowed for schema validation, excludes symbols and bigint
type Primitive + zod primitive
// Recursive object
interface RecursiveRecord + zod recursiveRecord
```
Implements an initial UI to manage the data retention of a stream.
The view displays informations about the lifecycle configuration/origin
and also allows one to update it to one of the available options.
Options depend on the type of stream and the deployment type.
These are the options that should be currently available (the api also
have guards):
| | stateful | serverless |
| -------- | ------- | ------ |
| root stream | dsl, ilm | dsl |
| wired stream | inherit, dsl, ilm | inherit, dsl |
| unwired stream* | inherit, dsl | inherit, dsl |
*unwired stream's retention cannot be updated if it's currently using
ILM
### Screenshots
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Marco Antonio Ghiani <marcoantonio.ghiani01@gmail.com>
Closes https://github.com/elastic/kibana/issues/209308.
### Notes
- Stuck loading state was caused by the changes introduced in
https://github.com/elastic/kibana/pull/206758.
- non-Aggregatable bugs were long running bugs, since this is a tricky
functionality to test I believe they were always there
### 🎥 Demo
In the following scenario, I went into the upgrade scenario, so I
created first a cluster in 7.27.x and then upgrade to latest 8.18.x. The
I performed a manual rollover for `logs-synth.3-default`. Hence what you
can see in the video is:
1. The loading state is not stuck anymore in dataset details page (e.g.
`logs-synth.2-default` )
2. The non-aggregatable is calculated properly for
`logs-synth.3-default`
https://github.com/user-attachments/assets/fa097445-7f0a-4dcb-adae-27688e99bf3c
## Summary
Resolves#209159
Make groupings property in SLO summary optional to fix schema validation
issues with SLOs without groups.
## Release Notes
Fixed bug that caused issues with loading SLOs by status, SLI type, or
instance id.
## Testing
Create a SLO without an entry in the "group by" field. All SLOs should
still be able to be grouped despite this distinction.
Resolves https://github.com/elastic/kibana/issues/205949,
https://github.com/elastic/kibana/issues/191117
## Summary
Trying to fix flaky integration test by performing a bulk create for the
test tasks instead of creating one by one. After making this change, was
able to run the integration test ~100 times without failure.
---------
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
## Summary
PR : https://github.com/elastic/kibana/pull/204034 fixed some issues
with timeline batching. It was not able to fix one of the issue with
`Refetch` logic which exists in `main` ( resulting in a flaky test ) and
causing some tests to fail in `8.16`, `8.17` and `8.x`.
## Issue Description
There are 2 issues with below video:
1. When user updates a status of an alert, the `Refetch` only happens on
the first `batch`. This behaviour is flaky currently. Even if the user
is on nth batch, table will fetch 0th batch and reset the user's page
back to 1.
https://github.com/user-attachments/assets/eaf88a82-0e9b-4743-8b2d-60fd327a2443
3. When user clicks `Refresh` manually, then also only first (0th)
`batch` is fetched, which should have rather fetched all the present
batches.
https://github.com/user-attachments/assets/8d578ce3-4f24-4e70-bc3a-ed6ba99167a0
### Checklist
Check the PR satisfies following conditions.
Reviewers should verify this PR satisfies this list as well.
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
* Categorise and move `@kbn/timelines-plugin` as _platform/shared_,
target location: `x-pack/platform/plugins/shared/timelines`.
This helps reduce the scope of the illegal dependencies from `osquery`
plugin towards _security/private_ code.
cc @tomsonpl
* Simplify path and rename `@kbn/observability-alerting-rule-utils`
(platform/shared):
```
# Before
@kbn/observability-alerting-rule-utils
x-pack/platform/packages/shared/observability/alerting_rule_utils/
# After
@kbn/alerting-rule-utils
x-pack/platform/packages/shared/alerting_rule_utils/
```
* Simplify path and rename `@kbn/observability-logs-overview`
(platform/shared):
```
# Before
@kbn/observability-logs-overview
x-pack/platform/packages/shared/observability/logs_overview/
# After
@kbn/logs-overview
x-pack/platform/packages/shared/logs_overview/
```
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Sets the traceparent for Playwright, so the trace from the test runner
includes the trace events from the browser and Kibana server.
---------
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Fixes https://github.com/elastic/kibana/issues/209566
### Problem
Any input change causes Canvas embeddable's to get re-created. This
means that setting a filter control or clicking the refresh button
causes embeddables to get re-created.
In the old embeddable system, the Canvas would only call
`embeddable.updateInput` and `embeddable.reload` on [input
changes](https://github.com/elastic/kibana/blob/8.13/x-pack/plugins/canvas/canvas_plugin_src/renderers/embeddable/embeddable.tsx#L163).
### Solution
PR updates embeddable renderer to store embeddable API. Then, on input
changes, Canvas calls `embeddable.setFilters`.
There is no `embeddable.updateInput` equivalent in the new embeddable
system. Instead, each state key needs to be updated by a setter. The
[Canvas
documentation](https://www.elastic.co/guide/en/kibana/current/canvas-function-reference.html#embeddable_fn)
states that the embeddable function only accepts `filters`. Therefore,
the only key that is expected to change from the input is `filters`.
Please correct me if this is an incorrect assumption.
### Test instructions
1) install sample web logs
2) install canvas saved object and reload kibana (otherwise canvas is
not available in the nav menu)
3) open new canvas
4) add map embeddable
5) add filter control. set source to sample web logs and field to
`geo.dest`.
<img width="200" alt="Screenshot 2025-02-04 at 2 58 01 PM"
src="https://github.com/user-attachments/assets/6862f0bc-4f61-4f16-aa7c-ea8008cfdbf9"
/>
6) prefix map element expression with `kibana | selectFilter` so it
looks like `kibana | selectFilter | embeddable config=...`
7) change filter. Verify map updates but map embeddable is not
re-created.
8) click refresh button, Verify map updates but is not re-created.
---------
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Based on the discussion regarding the availability of the Inference
Connector in 8.18, the decision was next:
- enable .inference connector type by default for 8.18
https://github.com/elastic/kibana/pull/209197
- do not show inference connector for Kibana GenAI if Inference Endpoint
does not exist. This is related to the preconfigured connector for
Elastic Rainbow Sprinkles availability and UX.
- preconfigured connector for Elastic Rainbow Sprinkles will always
exists in the Stack Management Connectors list, but on run will show the
banner message in case if that Inference Endpoint does not exist
<img width="2265" alt="Screenshot 2025-02-03 at 11 38 41 AM"
src="https://github.com/user-attachments/assets/029a814a-cc66-4a31-9e92-3512587e377f"
/>
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Resolves#209172
### Old
<img width="1728" alt="Screenshot 2025-02-05 at 11 48 59 AM"
src="https://github.com/user-attachments/assets/c08e9544-5a84-462b-80fe-cf5e982bfccf"
/>
### New
<img width="1728" alt="Screenshot 2025-02-05 at 11 47 57 AM"
src="https://github.com/user-attachments/assets/d4f26f21-70a5-4c5c-9f43-05a9da6734c5"
/>
## Testing
Create an APM availability SLO with any service. Use default settings
(`*`) for transaction type and service name. Once SLI drops below
objective, you should see an alert. View alert details. On main branch,
several alerts appear indicating that Kibana is unable to load APM
visualizations, even if for just a second. Now, the errored out charts
(alerts) should not appear.
## Release Notes
Fixes an issue where APM charts were rendered without required
transaction type or service name, causing excessive alerts to appear
Related to https://github.com/elastic/kibana-team/issues/1236
Adds a couple missing explicity authorization opt-outs (since we rely on
Elasticsearch everywhere). For some endpoints in the dashboards we
didn't check Elasticsearch first, I added those checks.
### [Security Solution] [Attack discovery] Display additional Attack Chain tactics
This PR updates the Attack discovery _Attack Chain_ allow list to visualize additional tactics (e.g. `Defense Evasion`), as illustarted by the screenshot below:
_Above: The Attack Chain includes `Defense Evasion`, a newly allow listed tactic_
#### Details
This PR updates the Attack Chain allow list to include the following additional tactics:
- `Resource Development`
- `Defense Evasion`
- `Credential Access`
- `Collection`
- `Impact`
#### Desk testing
1. Navigate to Security > Attack discovery
2. Click `Generate` to generate Attack discoveries
**Expected result**
- The Attack Chain visualization includes the additional allow listed tactics noted in the details of this PR
3. Locate an Attack discovery where one of the newly allow listed tactics is red, (which indicates the tactic was part of the attack), and click the `View in AI Assistant` button
**Expected result**
- A `>` accordion button in the assistant appears next to the selected Attack discovery, indicating it will be included as context
4. Click the `>` button to expand the discovery in the assistant
**Expected result**
- The expanded `Attack Chain` markdown includes an entry for the newly allow listed tactic, and all other tactics that were colored red in the discovery
## 📓 Summary
Closes https://github.com/elastic/streams-program/issues/130
This work decouples the `SchemaEditor` component from the business logic
used for the stream management schema detail to make this part re-usable
with a consistent UX on the enrichment processing part.
The core changes of this work are:
- Move the new `SchemaEditor` component into its own folder and provide
it to the existing stream details section.
- Expose event handlers and custom hooks to facilitate interacting with
a definition streams.
- Refactor internal state to push down those states the consumer doesn't
need to know about (editing form, loadings)
It is now responsibility of a consumer to adapt into the supported
properties, which can of course be extended for upcoming changes.
```tsx
<SchemaEditor
fields={fields}
isLoading={isLoadingDefinition || isLoadingUnmappedFields}
stream={definition.stream}
onFieldUnmap={unmapField}
onFieldUpdate={updateField}
onRefreshData={refreshFields}
withControls
withFieldSimulation
withTableActions={!isRootStreamDefinition(definition.stream)}
/>
```
