## Summary
This PR refactors https://github.com/elastic/kibana/pull/179206 to have
each export type be registered in Reporting and then passed into the
share plugin.
This PR is focused on the redesign in terms of the export modals. Test
refactoring will be done in a separate PR.
Partially closes https://github.com/elastic/kibana-team/issues/753
- [x] Need to refactor this PR to include @eokoneyo's general modal
component
- [x] Lens needs to have Export with all three report type options - to
avoid circular dependencies move the Lens CSV stuff into the reporting
plugin vs having it in Lens
- [x] Canvas should not be affected by these changes (so the old
share/reporting code has to stay for canvas)
https://github.com/elastic/kibana/issues/151523 to keep in mind for the
redesign
Failed tests will be covered in this PR
https://github.com/elastic/kibana/pull/180406
### TO TEST
Mark `share.new_version.enabled: true` in your kibana.dev.yml
### Checklist
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
---------
Co-authored-by: Eyo Okon Eyo <eyo.eyo@elastic.co>
Co-authored-by: Tim Sullivan <tsullivan@users.noreply.github.com>
Co-authored-by: Marco Liberati <dej611@users.noreply.github.com>
## Summary
This is needed where users want to generate links to synthetics monitors
using uptime alerts !!
### Example usage
<img width="625" alt="image"
src="4f2f7833-9313-4c3a-8ea0-a383cb2ec857">
<img width="956" alt="image"
src="10541a9c-987b-427c-a55e-4e0ba01891cf">
closes https://github.com/elastic/kibana/issues/178719
A new ES API has been created to support linking APM from the Profiling
UI. It's called `topN/functions`. The new API allows grouping fields. So
we first fetch functions grouping by `service.name` and when the user
opens the APM Transactions we make another request grouping by
`transaction.name`.
A new Advanced setting was created to toggle the old API on (fetch
functions from Stacktraces API): It's turned off by default.
<img width="1235" alt="Screenshot 2024-04-12 at 10 39 36"
src="ee6e7731-2f44-43ca-9793-23ba87e22e6e">
When there are services on the selected function:
*If we cannot find the transaction, we show `N/A`.
<img width="933" alt="Screenshot 2024-04-12 at 10 16 34"
src="2c5dbf60-3a47-4f4c-a46d-8a0984e0e482">
When there are **no** services on the selected function:
*hide the APM transactions section
<img width="921" alt="Screenshot 2024-04-12 at 10 59 14"
src="3fc4c5b1-da62-47c8-97a8-8bcbd1ae1b75">
--
Performance boost:
The new API is faster than the Stacktraces API, especially because
there's no logic on the Kibana side.
Stacktraces API:
<img width="1210" alt="Screenshot 2024-04-12 at 10 50 26"
src="158d73d1-ed91-4652-97c1-c7c3328d5e3d">
TopN/Functions API:
<img width="1195" alt="Screenshot 2024-04-12 at 10 51 20"
src="2de4ef46-eb8a-4557-b7b8-a1c2fed6fd8a">
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Adds the Breakdown field to Degraded Docs Visualization.
The PR exposes the `BreakdownFieldSelector` from
**@kbn/unified-histogram-plugin** as a similar visualization behaviors
and actions are needed on the Dataset Quality flyout as with Logs
Explorer.
<img width="1242" alt="Screenshot 2024-04-12 at 04 00 06"
src="0e34397a-ac56-4a2b-8483-94c96dcbf3c2">
## Summary
- Renames `GlobalAlertsPage` to `StackAlertsPage` to better account for
the change in scope
- Renames the `triggerActionsUi.globalAlertsPage` flag to
`triggerActionsUi.stackAlertsPage`
- Toggles the flag on by default
- Updates the tech preview badge to match the other badges used across
triggers_actions_ui
- Fixes the feature cell rendering logic not displaying Observability
alerts correctly
- Other small fixes and improvements
## To verify
1. Navigate to the `Stack management > Alerts` page (the page should now
be visible without a the feature flag turned on manually)
2. Check that the tech preview badge appears correctly and shows the
tooltip on hover
3. Check that Observability alerts show an `Observability` badge in the
`Feature` column
## Bugs Fixed
1. The OpenAI `invokeAI` method did not properly handle `signal`
2. Bedrock did not have a `signal` implementation at all 😳
## Summary
In my [LangChain streaming
PR](https://github.com/elastic/kibana/pull/174126), I poorly implemented
a fix to stop the stream on the server when "Stop generating..." was hit
on the client. I did this by piping through an `AbortSignal` to
`invokeStream`/`invokeAsyncIterator` subactions. However, in the
`invokeAI` subaction I did not properly remove `signal` before
`JSON.strinigfy`ing the body, so the below error was happening in the
security non-streaming implementation. Additionally, for Bedrock I
somehow only implemented `signal` in part of the type and nothing else,
so token tracking would be off when Stop generating button is hit 🤦
<img width="1376" alt="Screenshot 2024-04-15 at 2 00 38 PM"
src="e57241d9-9fd2-4dd3-bb3a-72a7c61a3d4b">
## To test
1. Turn off streaming in the Security AI Assistant and select an OpenAI
connector (LangChain off)
3. Send a message
4. Ensure expected results (prior the above error would occur)
The test of the Bedrock connector will be harder to confirm. Where the
issue would show up would be subtle, in the token counter. Before I
implemented the signal in the Bedrock connector, if you ask Bedrock to
repeat a word 100 times with streaming enabled, and then hit "Stop
generating..." after 10 words, you would see a token count for
`completion_tokens` be equivalent to ~100 tokens as the full response
would have "streamed" on the server. After this bug fix, if you hit
"Stop generating..." after 10 words, you will see a token count for
`completion_tokens` be equivalent to ~15 tokens as it takes a second for
the `abort()` to reach the server. To be clear, this bug would not have
shown in persistent storage because we call abort in
`handleStreamStorage` ASAP instead of relying on axios to complete its
abort.
## Summary
Exclude tiers function wasn't working for alerting and other server side
data view usage. This PR moves the tier exclusion code to a more central
location so it will apply in ALL circumstances, not just REST API
requests for fields.
There are three places that call the IndexPatternsFetcher - the
fields_for_wildcard API, the fields API, and the IndexPatternsApiServer
for server side field loading.
Oh, `x-pack/plugins/alerting/server/routes/suggestions/fields_rules.ts`
calls IndexPatternFetcher too. And some rules, which don't need this
functionality. IndexPatternsFetcher is used in more places than I knew /
intended.
Closes https://github.com/elastic/kibana/issues/180675
## Summary
Changes done in SentinelOne connector in support of Security Solution
`get-file` response action (forthcoming):
- Added `fetchAgentFiles()` sub-action
- Added `downloadAgentFile()` sub-action
- Added `getActivities()` sub-action
- Improved error messages for SentinelOne API failures
- Added `logger.debug()` to Sub-Actions connector `validateResponse()`
to output data that failed validation
## Summary
Fixes a bug with OpenAI (not azure) connectors when used with
`invokeAsyncIterator`:
```
ActionsClientChatOpenAI: an error occurred while running the action - Unexpected API Error: - 404 Invalid URL (POST /v1/chat/completions/chat/completions)
```
Our current default url for OpenAI connectors is
`https://api.openai.com/v1/chat/completions`
When using the `invokeAsyncIterator` subaction, we use the OpenAI node
package. This takes the url as an argument to instatiate. It wants the
URL of OpenAI, not the completions endpoint which is our default.
Looking back, I wish we had made the default url
`https://api.openai.com/v1`. However, because we want to support
existing connectors I think we should keep this the default and remove
the endpoint from the url when it is passed to the OpenAI node package.
### To test
Send a message in Security Assistant with an OpenAI (not azure)
connector with streaming enabled. Observe a successful response.
### Note to docs team
@elastic/security-docs We should call this out. If a user has an open
source OpenAI connector with a chat completions endpoint that does not
have the same structure as OpenAI's ending in `/chat/completions`, their
full endpoint url will be used with LangChain OpenAI Streaming
implementations. For example, if a user had a url like
`https://mycustomllm.com/execute/completions` and tries to use the the
Security Assistant with Knowledge Base on and Streaming on, they may get
this error:
```
ActionsClientChatOpenAI: an error occurred while running the action - Unexpected API Error: - 404 Invalid URL (POST /execute/completions/chat/completions)
```
We should instruct them to follow the same route structure as OpenAI.
Their endpoint needs to end in `/chat/completions`
## Summary
Moves Security's alerts filter controls bar implementation to the
`@kbn/alerts-ui-shared` package for re-use in the Stack alerts (unified)
page and Observability solution (separate PR).
<img width="1339" alt="image"
src="986e984a-0290-4980-859b-9d6e02ef335f">
## To verify
1. Enable the Stack alerts page feature flag:
```yaml
# config/kibana.dev.yml
xpack.trigger_actions_ui.enableExperimental:
- globalAlertsPage
```
2. Create some Stack/O11y rules that fire some alerts
3. Navigate to `Management > Stack management > Alerts`, you should see
the new controls below the KQL bar.
4. Check that the filters apply correctly and reflect on the table
results
5. Check that the filter controls can be customized (`••• > Edit
controls`, add/remove controls, save)
6. Check that the customized configuration persists across reloads
7. Check that the filter controls can be temporarily overridden through
the URL param `filterControls`
8. Check that when the filters are overridden through the URL, a notice
is shown to the user with CTAs to discard/save the temporary filter
configuration
---
1. Navigate to `Security > Alerts > Manage rules`
2. Create one or more security rule that fire alerts
3. Go back to the security alerts page
4. Repeat steps 4-8
Closes#176711
---------
Co-authored-by: Xavier Mouligneau <xavier.mouligneau@elastic.co>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Jatin Kathuria <jtn.kathuria@gmail.com>
This adds an API call to the contextual insights component which should
improve the relevance of the responses by providing more context to the
LLM.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Cauê Marcondes <55978943+cauemarcondes@users.noreply.github.com>
## Summary
This pr makes use of a new prop (and some generic memoization fixes) in
2 eui prs merged recently (https://github.com/elastic/eui/pull/7556 and
https://github.com/elastic/eui/pull/7374) to improve the performance of
the alerts table. Mainly, the cellContext prop is now available to
consumers of the triggersActionsUi alerts table to pass in custom props
in a way that allows the renderCellValue/rowCellRender functions of the
various EuiDataGrid prop apis to remain referentially stable across
re-renders. There are also some various changes to various hooks and
props found throughout plugins that use the table to improve
performance. There should be no change in functionality, just a moderate
to substantial reduction in time the app spends rendering the alerts
table in various scenarios. Below will be some react dev tools
performance profiles, main compared to this branch, with the exact same
set of generated data.
Main, switching from 10-100 rows:
This branch 10-100 rows:
Pretty modest gain here, 1 render is slower than any others on main, but
overall less time spent rendering by about a second.
Main, opening the cell popover on 2 cells
This branch, opening cellpopover
Again nothing crazy here, modest improvement.
Main opening timeline and hitting refresh
This branch, opening timeline and hitting refresh
This is the case that brought this about in the first place, as security
solution shares a lot of code between tables, the alerts table
recreating all cells on every render was destroying performance of the
timeline rendering in a flyout/modal while users were on alerts page or
the rule detail page, which is probably the most common use case. 93ms
in this branch vs 2500+ ms in main. This type of performance hit happens
when almost any action is taken in timeline.
Main, selecting 3 alerts 1 at a time
This branch selecting 3 alerts 1 at a time
Pretty substantial improvement here as well, ~2000ms vs 67ms.
Apologies if some of the gifs are cut off, please try the branch vs main
on your own! This was done on a local kibana in dev mode, so things like
emotion are eating up more cpu than they would for a user, but there
still should be improvement, and I can't think of any circumstance where
things will be worse. Also this branch was a little longer lived than I
would have liked, so if you are reviewing and changed something around
these files recently please double check I didn't miss anything.
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
- [x] Adds updated warning messaging for trusted apps entries that use
wildcards `*?` with the "IS" operator
- [x] Three different warnings: callout, individual entry item warnings
and a final confirmation modal when the user tries to add an event
filter with ineffective IS / wildcard combination entry.
- [x] Unit tests
- [x] Fixes bug in endpoint exceptions where there is a missing tooltip
icon for the wildcard performance warning
# Screenshots
Bug Fix
## Summary
Adds a bunch of descriptive tooltips to the stats.
<img width="324" alt="Screenshot 2024-04-16 at 15 02 57"
src="c0df028f-ad1d-45c3-b16e-abaa496b55ad">
<img width="283" alt="Screenshot 2024-04-16 at 15 03 11"
src="8569e289-4a21-4df2-9f5c-7d75205a03f2">
<img width="281" alt="Screenshot 2024-04-16 at 15 03 13"
src="f17b6023-0468-46c7-b5b0-c7c62af5c353">
### Checklist
Delete any items that are not applicable to this PR.
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [x] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [x] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
### Risk Matrix
Delete this section if it is not applicable to this PR.
Before closing this PR, invite QA, stakeholders, and other developers to
identify risks that should be tested prior to the change/feature
release.
When forming the risk matrix, consider some of the following examples
and how they may potentially impact the change:
| Risk | Probability | Severity | Mitigation/Notes |
|---------------------------|-------------|----------|-------------------------|
| Multiple Spaces—unexpected behavior in non-default Kibana Space.
| Low | High | Integration tests will verify that all features are still
supported in non-default Kibana Space and when user switches between
spaces. |
| Multiple nodes—Elasticsearch polling might have race conditions
when multiple Kibana nodes are polling for the same tasks. | High | Low
| Tasks are idempotent, so executing them multiple times will not result
in logical error, but will degrade performance. To test for this case we
add plenty of unit tests around this logic and document manual testing
procedure. |
| Code should gracefully handle cases when feature X or plugin Y are
disabled. | Medium | High | Unit tests will verify that any feature flag
or plugin combination still results in our service operational. |
| [See more potential risk
examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |
### For maintainers
- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: Liam Thompson <32779855+leemthompo@users.noreply.github.com>
Fixes https://github.com/elastic/kibana/issues/178446
This PR adds the following AI Ops features to the Burn rate alert detail
page:
- Log Rate Analysis
- ML features / AI Assistant
bf00c636-10ab-4cd8-859b-4a8f0471bf15
## Implementation details
Log rate analysis is useful when there is a significant dip/spike in
number of logs. It finds significant differences between the logs in
baseline (before dip/spike) and in deviation (after dip/spike). For the
Log Rate Analysis to work on the Alert details of an SLO burn rate rule
we had to specify a few params, here are the most important ones:
- dataView
- esSearchQuery
- timeRange -> I am looking into this and need a few clarifications
regarding lookBackPeriod
- initialAnalysisStart
For the esQuery here's what we used
```
const finalQuery = {
bool: {
filter: [customTotalFilter, customFilters, customGroupByFilters],
must_not: customGoodFilter,
},
};
```
We add the `total query`, any `optional filters` and any `group by
filters` to the `filter` clause of the ES query, where as we add the
good filter in the `must_not` clause.
## 🔬 How to test
- Add the following lines to your `config/kibana.dev.yaml`:
- `server.basePath: '/kibana'`
- `server.publicBaseUrl: 'http://localhost:5601/kibana'`
- Start with the following command: `node x-pack/scripts/data_forge.js
--events-per-cycle 50 --lookback now-1d --dataset fake_stack
--install-kibana-assets --kibana-url http://localhost:5601/kibana
--event-template good` to start with some good events
- Wait til the log message says `info Waiting 60000ms`
- Create one SLO:
- "Admin Console Availability" using the "Custom Query" SLI with the
`Admin Console` DataView, set the "Good query" to
`http.response.status_code < 500` and the set the "Total query" to
`http.response.status_code: *` using a rolling `7d` time window
- You should have 1 burn rate rule created by default
- Stop the first `data_forge.js` command
- Start `node x-pack/scripts/data_forge.js --events-per-cycle 50
--lookback now --dataset fake_stack --install-kibana-assets --kibana-url
http://localhost:5601/kibana --event-template bad`
- Go to alert details page of the burn rate rule to verify that the Log
Rate Analysis tool detected a spike
Note: you can skip first step, but in this case you should start kibana
with this command instead `yarn start --no-base-path`. This way you
don't have to pass `--kibana-url` when running the `data_forge` command
I included some snapshot tests with different SLOs that could be used
for verifying the generation of the ES query. Here are a few examples:
- Good query (KQL), no filter, no total query
- Good query (filter), no optional filter, no total query
- Good query (kql) optional filter (KQL), no total query
- Good query (kql), optional filter (filter), no total query
- Good query (kql), optional filter (kql), total query (kql)
- Good query (filter), optional filter(filter), total query(kql)
💀 I will need extra help testing this feature, to make sure that
provided params to the `LogRateAnalysisContent` component. Especially
`esSearchQuery` and `timeRange` (timeRange still WIP, but I want some
early feedback on the lookbackDuration and the intervalFactor)
## ✔️ Acceptance criteria
- Render the Log Rate Analysis tool only to platinum users and above
- Render AI assistant contextual insights only to platinum users and
above
---------
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Cauê Marcondes <55978943+cauemarcondes@users.noreply.github.com>
Co-authored-by: Walter Rafelsberger <walter.rafelsberger@elastic.co>
## Summary
Fixes#180405
The PR above introduces an RxJS pipeline to buffer Core SO usage stats
operations, aiming at writing in batches, instead of for each API call.
However, a small implementation detail makes the enhancement
unsuccessful.
This PR aims at fixing this, so that #180405 works as intended.
## Summary
* [Prettify asset criticality alert
column](38fa0e2b50)
* [Memoize badge to prevent unnecessary
rerender](22599d2f25)
Before | After
:-------------------------:|:-------------------------:
<img width="200"
src="78fb2130-9ce2-4c67-85d7-5a5d78e39773"/>
| <img width="200"
src="91cfcdab-4fa0-4022-8fc4-ac218a75a377"/>
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
This PR enables Session View to support for auditbeat data stream and
adds the `event.action: executed`.
- In the `Security>Explore>Hosts>Events` and
`Security>Explore>Hosts>Session` tab, shows process events from
Auditbeats and should show `event.action: [ fork, executed, end ]`.
- Auditbeat session events now has alerts capabiltiy
<img width="1722" alt="image"
src="3824347f-fc34-4b24-b949-284e530ada19">
1fb7dcc7-184f-4e02-a431-892e62f239f6
---------
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Switching to use retrievers instead of query. This also makes use of RRF
support in retrievers for sparse, dense and bm25 combinations.
# ELSER only
# ELSER + bm25 hybrid
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Close https://github.com/elastic/kibana/issues/180061
Key fixes
- `auto_bucket`
- now just called `bucket` as of
https://github.com/elastic/elasticsearch/pull/107197
- now accepts dates for the 3rd and 4th parameters
- now accepts a number field for the first parameter
- Constant-only parameters
- We no longer suggest fields or variables for `auto-bucket`'s 2nd, 3rd,
and 4th parameters, all of which must be constants
- Validator catches non-constants even if they are nested in layers of
functions (e.g. `auto_bucket(@timestamp, abs(length(bytes)), "", "")`)
Outstanding issues
- [x] Validation catches fields in a constant-only parameter spot, but
not if they are nested in a function
<img width="600" alt="Screenshot 2024-04-10 at 11 31 38 AM"
src="3b73419a-f9d1-4d59-a128-b0135eb50a90">
_Validator sees the problem_
<img width="600" alt="Screenshot 2024-04-10 at 11 31 14 AM"
src="1b5b0999-a697-4625-a8a3-15415054200b">
_Validator doesn't see the problem_
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Closes https://github.com/elastic/kibana/issues/178990
This PR adds the actions buttons to the monaco editor and the
functionality for the buttons to send a request and copy the request as
a curl command. When the cursor or user selection doesn't overlap or
contain any requests on the selected line, the actions buttons are
hidden. When the cursor or selection changes, the buttons are displayed
on the 1st line of the 1st selected request. Several requests can be
sent at once. Only the 1st request is copied as a curl command.
There are also some minor UI and copy changes (see screenshots below) as
suggested by @MichaelMarcialis in the review.
### Screenshot
#### Before
<img width="882" alt="Screenshot 2024-04-15 at 15 16 59"
src="8fa95a5b-51c6-4220-8837-38adc4696602">
<img width="296" alt="Screenshot 2024-04-15 at 15 17 07"
src="6c99a4db-f7a6-4872-a24a-cddb56e0ec3d">
#### After
<img width="916" alt="Screenshot 2024-04-15 at 15 18 08"
src="1ae0b161-c731-42e1-90af-69468e9f0905">
<img width="367" alt="Screenshot 2024-04-15 at 15 18 14"
src="bb8818bd-38d4-4ec3-8bf4-30e24afd3664">
### How to test
- Check that the actions buttons are not displayed when there are no
requests in the input
- Check that the actions buttons are not displayed when no requests are
selected by the cursor or the selection
- Check that the selected requests are highlighted
- Check that the buttons are displayed on the 1st line of the 1st
selected request
- Check that the position of the buttons is updated when the editor is
scrolled up or down
### Follow up issues
- The functionality for the button to open a documentation for the 1st
selected request
- The functionality for the button to auto-indent input
- The input highlighting is temporarily reset when sending a request
- Sent requests need to be saved to history
- After sending a request, the autocomplete polling needs to be
restarted
- Add more unit tests
## Summary
Fixes https://github.com/elastic/kibana/issues/172698
The default setting for the header row height is custom, 3 lines (so if
user doesn't modify the header row height). It doesn't visually affect
datatables with short labels.
<img width="765" alt="Screenshot 2024-04-10 at 18 39 51"
src="bdec216b-36e4-4ca4-8135-85008b7f311d">
<img width="739" alt="Screenshot 2024-04-10 at 18 39 25"
src="e5e6c4d5-f9c6-4270-85ba-f0ada2fbea69">
To code reviewers - this PR in itself is quite small but I rewrote all
the datatable tests to testing library and made some code style
improvements.
## Summary
In this PR:
- Address @adcoelho comments regarding documentation.
- Fix @js-jankisalvi bug about unsupported consumers
(https://github.com/elastic/kibana/pull/168369#pullrequestreview-1988654505).
- Address @shanisagiv1 feedback regarding the title and the description.
Specifically:
- The title changed to "<rule_name> - Grouping by <grouping_by_value>
(Auto-created)".
- The description changed to "This case was created by the Case action
in <rule_name_link>. The assigned alerts are grouped by
<grouping_by_key>:<grouping_by_value>".
- Add the grouping key as a tag.
<img width="2289" alt="Screenshot 2024-04-13 at 4 41 36 PM"
src="63e17947-5f39-4437-820b-7c69f42bfbe3">
The issue about the "Unknown" user will be fixed in another PR.
About @adcoelho bug:
c46aa7c4-9d1a-475b-9d07-6bdff3ef00c8
I think it is fine to leave it as it is because a) the value will not be
saved even if they are added b) an error is being shown c) the only way
to do it properly is to validate while the user is typing which is going
to lead to bad UX. If you feel otherwise let me know.
### Checklist
Delete any items that are not applicable to this PR.
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
### For maintainers
- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
## Summary
Related to https://github.com/elastic/kibana/pull/179891
* Display error message in case user doesn't have write access to asset
criticality index
* Display error message if the user navigates to the page when the user
advanced (UI) setting is disabled
* Remove links from menus and global search if advanced (UI) setting is
disabled
Recoding of what happens when you don't refresh the page:
2b67403c-d58e-4d92-b12d-9f9de4c9a213
### Expected behaviour:
* After the setting is enabled, the user needs to refresh the browser to
find the page
* If users disable the setting on a different browser/tab and navigate
to the page without refreshing, they will see an error message on the
page.
* If users disable the flag while the page is already rendered and try
to upload the file, it will display an error on the last step.
### Checklist
Delete any items that are not applicable to this PR.
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
