Fixes https://github.com/elastic/kibana/issues/169771
Adds a new endpoint
`/internal/ml/trained_models/install_elastic_trained_model/:modelId`
which wraps the `putTrainedModel` call to start the download of the
elser model. It then reassigns the saved object's space to be `*`.
Also updates the saved object sync call to ensure any internal models
(ones which start with `.`) are assigned to the `*` space, if they've
needed syncing.
It is still possible for a user to reassign the spaces for an elser
model and get themselves into the situation covered described in
https://github.com/elastic/kibana/issues/169771.
In this situation, I believe the best we can do is suggest the user
adjusts the spaces via the stack management page.
At the moment a `Model already exists` error is displayed in a toast. In
a follow up PR we could catch this and show more information to direct
the user to the stack management page.
---------
Co-authored-by: Dima Arnautov <arnautov.dima@gmail.com>
## Summary
Enabling the "Most launches" Mobile dashboard panel which shows an
aggregation of log events that contain the attribute
`labels.lifecycle_state` set to either `created` (for Android) or
`active` (for iOS).
### Checklist
Delete any items that are not applicable to this PR.
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
### For maintainers
- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Katerina <kate@kpatticha.com>
## Summary
This PR aims to reduce the possible long length of filter badge test id.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Use the recently added `Logger.isLevelEnabled` API to short circuit
audit logging when disabled
That way we're not passing though the whole audit log event construction
logic when logging would effectively not be performed.
7012ca5454/x-pack/plugins/security/server/audit/audit_service.ts (L170-L202)
## Summary
Fix https://github.com/elastic/kibana/issues/83612
This PR doesn't change any behavior, as we're already supporting (and
awaiting) promises returned from `stop` calls to plugin, it just changes
the type's signature to reflect that.
Also removed empty `stop` methods from existing plugins to make
typescript happy.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
fixes https://github.com/elastic/kibana/issues/170562
## Summary
This PR fixes the error that happens when navigating from infra app to
another app while the charts are still loading
66cecf6d-96e5-4630-b968-aada98b6678a
### How to test
- Navigate to `Infrastructure` > `Hosts`
- While the charts are still loading, navigate to any other app.
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
fixes
- https://github.com/elastic/kibana/issues/170502
defaulting to row height 0 for the findings table. As the default was -1
before, we were defaulting to 0, but due to this change
https://github.com/elastic/kibana/pull/169724/files the default became
3, which broke our table. I guess the logic of taking the UI setting if
it's differnt from default -1 was to cater for users changing the row
height somewhere in the settings, but we need to bring to product/design
to see if we want to support it
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Part of https://github.com/elastic/kibana-team/issues/646
Depends on https://github.com/elastic/kibana/pull/169324
Implements telemetry for fatal errors caught by KibanaErrorBoundary in:
-
`packages/core/application/core-application-browser-internal/src/ui/app_router.tsx`
- `packages/kbn-shared-ux-utility/src/with_suspense.tsx` [*]
- `packages/react/kibana_context/render/render_provider.tsx` [*]
-
`src/plugins/management/public/components/management_app/management_router.tsx`
-
`x-pack/plugins/observability_shared/public/components/page_template/page_template.tsx`
- `x-pack/plugins/security_solution/public/app/app.tsx`
[*] The changes made to these allowed the `analytics` dependency to be
provided optionally, to avoid a breaking API change for maintainers.
## Logging screenshot
You can trigger a fatal error in the new error boundary component in
most places in Kibana by adding a TypeError to a React component:
`<p>{breakHere()}</p>`
<img width="1586" alt="fatal error telemetry console log"
src="97f973ac-bb25-41f2-bfe2-547a23f2f450">
## Telemetry work info
Dashboard:
<img width="1382" alt="image"
src="4fe5353a-61ba-405a-ac18-0dd6a044c182">
Discover:
<img width="1331" alt="image"
src="2161b552-c441-4b7c-adef-25896147c08a">
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Fixes: https://github.com/elastic/security-team/issues/7859
Thanks to @XavierM and @kqualters-elastic for spending time debugging
this with me.
When we added the [server-side
fetching](https://github.com/elastic/kibana/pull/163448) of index
patterns we missed the functionality that was filtering out the alerts
index from the default sourcerer scope. Without this filtering, the
logic for rendering the matched indices was not correctly refreshing
when adding data the first time.
The result was the alerts index would be set as a part of the filtered
index patterns once a source event data index was present (`logs-*`,
`auditbeat-*` etc..) and the redux store action to set the latest
matched indices was not called because the `useDataView` hook would
incorrectly believe the sourcerer data view no longer needed to be
initialized.
Steps to reproduce:
1. Start local ES and kibana
2. Navigate to Security Solution -> Overview page
3. Welcome / landing page should be visible
4. Start auditbeat (or generate any event data that would be part of the
security solution default data view index patterns)
5. Navigate to Discover, wait for data to load
6. Navigate back to Security Solution -> Overview page
7. Data should be visible, Data View (sourcerer) in the header should
display the correct index pattern for which data exists. Alerts index
should not be included.
## Summary
https://github.com/elastic/kibana/issues/166271
Traditional - with `Data quality dashboard` in assistant conversation
dropdown:
<img width="1505" alt="ess_ai_convo"
src="227aab97-b45c-451a-9c0e-7fd6dd534ff8">
Serverless - no `Data quality dashboard` in assistant conversation
dropdown:
<img width="1506" alt="serverless_ai_convo"
src="ee61c249-5cd0-40ca-b2cb-5885a32152ca">
### Checklist
Delete any items that are not applicable to this PR.
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Fixes https://github.com/elastic/kibana/issues/168704
This PR adds a function to the extensions service that allows to render
custom content on overview tab of the index details page. When custom
content is set, it will be rendered instead of the code block describing
adding documents to the index. This PR also moves the ILM content from
the overview tab to a separate tab. We will work on the design of this
tab in a follow up PR.
### How to test
To test the custom content apply changes in this
[commit](16769d6c39).
### Screenshots
#### Custom content (example)
<img width="1357" alt="Screenshot 2023-11-01 at 19 03 32"
src="71372458-4cc2-413d-bf5f-bb29bff73095">
#### ILM tab
<img width="1129" alt="Screenshot 2023-11-01 at 18 54 07"
src="52c09a73-7d75-4f5f-8d52-b704cd9e6859">
### Checklist
- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [ ] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [ ] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
### Risk Matrix
Delete this section if it is not applicable to this PR.
Before closing this PR, invite QA, stakeholders, and other developers to
identify risks that should be tested prior to the change/feature
release.
When forming the risk matrix, consider some of the following examples
and how they may potentially impact the change:
| Risk | Probability | Severity | Mitigation/Notes |
|---------------------------|-------------|----------|-------------------------|
| Multiple Spaces—unexpected behavior in non-default Kibana Space.
| Low | High | Integration tests will verify that all features are still
supported in non-default Kibana Space and when user switches between
spaces. |
| Multiple nodes—Elasticsearch polling might have race conditions
when multiple Kibana nodes are polling for the same tasks. | High | Low
| Tasks are idempotent, so executing them multiple times will not result
in logical error, but will degrade performance. To test for this case we
add plenty of unit tests around this logic and document manual testing
procedure. |
| Code should gracefully handle cases when feature X or plugin Y are
disabled. | Medium | High | Unit tests will verify that any feature flag
or plugin combination still results in our service operational. |
| [See more potential risk
examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |
### For maintainers
- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Alison Goryachev <alisonmllr20@gmail.com>
## Summary
Added a test helper to create required providers. This way now we can
mount all of our logics and test the changes. It also does a lot of
heavy lifting and simplifies tests.
Full mocking should still be available with previous helpers and a bit
of working around.
### Checklist
Delete any items that are not applicable to this PR.
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Resolves https://github.com/elastic/kibana/issues/169868
## Summary
Hides the query delay modal and sub feature privilege for non-serverless
projects until we onboard all rule types
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
### To verify
- Run a non serverless project and verify that you can't edit the query
delay settings in the rules settings modal
- Run a serverless project for search and observability to verify that
you can still edit and update the query delay settings
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Updates the assets client with new methods, new tests, and better types
- found while developing a hosts inventory table POC in a separate PR.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Kevin Lacabane <kevin.lacabane@elastic.co>
## Summary
This PR stabilizes the alerting summary actions test `should schedule
actions for summary of alerts on a custom interval` for MKI runs.
## Details
This test has been reported to be flaky in MKI runs in #169204 and the
fix attempts so far didn't remove the flakiness completely.
I was able to reproduce and added some debug logging to find the root
cause of the flakiness. It turns out, that `waitForDocumentInIndex`
sometimes comes back with three documents (instead of the two expected):
```
[
{
_index: 'alert-action-es-query',
_id: 'ukTylIsBgjaJ6Di2KTpT',
_score: null,
_source: {
all: '1',
new: '0',
newIds: '[]',
ongoing: '1',
ongoingIds: '[query matched,]',
recovered: '0',
recoveredIds: '[]',
date: '2023-11-03T11:29:38.058Z',
ruleId: '1f288dc5-ec93-44e4-8508-24ca31bac52e'
},
sort: [ 1699010978058 ]
},
{
_index: 'alert-action-es-query',
_id: 'tUTxlIsBgjaJ6Di2Pzoz',
_score: null,
_source: {
all: '1',
new: '0',
newIds: '[]',
ongoing: '1',
ongoingIds: '[query matched,]',
recovered: '0',
recoveredIds: '[]',
date: '2023-11-03T11:28:37.578Z',
ruleId: '1f288dc5-ec93-44e4-8508-24ca31bac52e'
},
sort: [ 1699010917578 ]
},
{
_index: 'alert-action-es-query',
_id: 'eAzwlIsBqzjBaGCRSxxs',
_score: null,
_source: {
all: '1',
new: '1',
newIds: '[query matched,]',
ongoing: '0',
ongoingIds: '[]',
recovered: '0',
recoveredIds: '[]',
date: '2023-11-03T11:27:34.977Z',
ruleId: '1f288dc5-ec93-44e4-8508-24ca31bac52e'
},
sort: [ 1699010854977 ]
}
]
```
So it seems due to a search delay, there are already 2 `ongoing` entries
logged, which pushes the `new` entry to index 2 in that array and the
assertion which expects it at index 1 fails.
I think in this test, we don't really care about the number of `ongoing`
items in that array, we just want to make sure that we have a `new`
entry first followed by an `ongoing` entry and we don't care about the
rest of the entries.
With that, I've introduced an optional `sort` parameter to the
`waitForDocumentInIndex` helper that allows to sort `asc` (instead of
the hard coded `desc` so far). That way the test could expect the `new`
entry on index 0, an `ongoing` entry on index 1 and pass no matter how
many `ongoing` entries are following.
## Summary
Adds experimental flag used for the development of SentinelOne connector
Add this to the `kibana.yml` config
```
xpack.stack_connectors.enableExperimental: [sentinelOneConnectorOn]
```
Before:
<img width="1881" alt="Zrzut ekranu 2023-10-26 o 12 45 22"
src="c47bf713-8da9-4bca-89be-d8cfa0ac7e61">
After:
<img width="1882" alt="Zrzut ekranu 2023-10-26 o 12 44 10"
src="a28d1281-f5b3-41f5-bb9d-8381c8a11291">
