## Summary
The PR introduces the first iteration of the side navigation bar for
serverless observability. Part of
https://github.com/elastic/kibana/issues/153777
### Run locally
```
yarn serverless-oblt
```
#### Screenshots
39ded143-0d4b-4ea6-9534-0ca87b80662d
### Fixes
- Fix rendering the icon for the nested navigation items
-
24ee4dc616
### Notes
- There is an issue where the selected navigation item is not properly
highlighted and loses focus when the user clicks anywhere else on the
page. (atm out of the scope of the PR)
- The navigation tree is subject to change as there is an ongoing
discussion about the naming and order
---------
Co-authored-by: Søren Louv-Jansen <soren.louv@elastic.co>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Reverts elastic/kibana#156869
We need to revert because after talking to @kobelb, we are introducing a
new bug where user always need to be a super user to access the fields
from the alert index since only only super user can access the kibana
index.
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
- Adds the results of the `upload` action to the details tray in the
Actions Log
- Refactors the `parameters` sent to the Endpoint for `upload` to meet
the newly agreed structure
## Summary
This PR converts the remaining cases' hooks to React Query. It also adds
the `QueryProvider` to the `CasesProvider` to be able to use the hooks
when attaching data to a case from outside cases like ML.
Fixes: https://github.com/elastic/kibana/issues/134663
## Testing
- Verify you can add a comment successfully and the new comment markdown
editor is empty after submission
- Verify you can add attachments to a new case and an existing case
- Add a file to a case. Verify that the entry in the user activity is
being shown
- Verify that you can push a case to an external service
- Verify that you can push a case to an external service when creating a
case
- Verify that the loading spinner is being shown when you edit a comment
in the actions of the comment
- Verify that the loading spinner is being shown when you edit a title
next to the title
- Verify that the loading spinner is being shown when you edit a tag
next to the tags section
- Verify that the loading spinner is being shown when you edit severity
next to the severity selectable
- Verify that the status and "Sync alerts" is disabled when changing the
status
- Verify that the status and "Sync alerts" is disabled when changing the
"Sync alerts"
- Verify that the "edit pencil" is changed to a loading spinner when
changing assignees
- Verify you can update a comment
- Verify you can update the fields of the case
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This was most likely a mistake during the migrating packages to jsonc,
`kibana-design` should be before the overrides so in PR's we would have
specific team members as reviewers. If none specified than
`kibana-design` would take over.
This is communicated with @elastic/kibana-design members.
## Summary
Fix CODEOWNERS overriding scss files. Deleted duplicates of the
overriding rule, it is still at the bottom.
### Checklist
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
The PR fixes the below
1. `props.onRefresh` prop was missed during prop drilling. Due to this
the Auto Refresh feature is broken.
2. `props.onRefreshChange` event is currently not exposing a callback
function directly on the SearchBar. This is required on APM side as when
a user changes the Refresh Interval, we need to know the set duration
and paused toggle to update the application URL.
## Summary
Follow-up of https://github.com/elastic/kibana/pull/157154
Continue the cleanup started in the previous PR, by moving more things
around.
- Move everything search-related (dsl, aggregations, kql utils) to a
dedicated `search` folder
- Move a few more things to `/apis/internals`
- Remove the 'v5' field compatibility in the field list generation (see
comment)
- Cleanup some files a bit.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This PR is to address issue where Findings and Dashboard page is not
loading correctly due cloudbeat is running in the background without
cloud_security_package being installed. This is because on how we
determine status state on status API.
To fix this we will return not-installed in this case, no matter if
there are findings or not
## Summary
After the ELSER model has been downloaded, the user has two options for
starting it: with a single-click using a minimal default configuration,
or fine-tuning it. Since the former is not meant for production use, we
encourage the user to make the model more resilient by configuring more
threads or allocations. This is mentioned on the ELSER status panel; it
shows "running single-threaded" if
- ~there is a single deployment of the model, AND~
- the model deployment is allocated to a single node, AND
- the deployment uses a single thread.
If any of these numbers is greater than 1, the panel just says the model
is running.
### Checklist
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Fixes an onboarding issue related to using the old "create" and "edit"
fleet extensions. Agent flyout would not automatically open after adding
the integration.
Using the 'package-policy-replace-define-step' hook fixes the problem.
New hook does not implement integration **name** and **description**
fields, so those were added in as well.
### Checklist
Delete any items that are not applicable to this PR.
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
Adds the release notes for the 8.8.0 release.
---------
Co-authored-by: Lisa Cawley <lcawley@elastic.co>
Co-authored-by: Jen Huang <its.jenetic@gmail.com>
Co-authored-by: Larry Gregory <lgregorydev@gmail.com>
Co-authored-by: Alison Goryachev <alisonmllr20@gmail.com>
Co-authored-by: István Zoltán Szabó <istvan.szabo@elastic.co>
Co-authored-by: Devon Thomson <devon.thomson@elastic.co>
closes [#987](https://github.com/elastic/obs-infraobs-team/issues/987)
## Summary
This PR changes the hosts view to graciously handle exceptions caused by
invalid KQL submissions
<img width="1451" alt="image"
src="5bafc987-9a14-4b03-9038-53179f7b6735">
Besides, it changes the way it was handling a fatal error that can
happen if something wrong happens while creating an ad-hoc data-view -
this is highly unlike to happen, but we're standardizing how we display
errors on the hosts view
_Previously:_
<img width="1439" alt="image"
src="https://user-images.githubusercontent.com/2767137/236833673-c994512f-cb73-441b-9783-506bab67ff4b.png">
_Now:_
<img width="1439" alt="image"
src="https://user-images.githubusercontent.com/2767137/236862216-fada9f50-5d27-45b9-a6f3-8ac497a3e048.png">
### How to test
- Go to hosts view
- Type invalid KQL expressions on the search bar
### For reviewer
If the page is loaded with a querystring containing an invalid `query`
(e.g:
`_a=(dateRange:(from:now-15m,to:now),filters:!(),limit:20,panelFilters:!(),query:(language:kuery,query:%27%7D%27)`),
the Control components will show an error. However, they can't recover
from fatal errors. So even after the user corrects the mistake in the
query, the controls will remain in the error state.
A ticket has been opened to address this problem:
https://github.com/elastic/kibana/issues/156430
---------
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Closes [#153942](https://github.com/elastic/kibana/issues/153942)
## Summary
This PR shows 'N/A' when the values inside the process summary are not
available (and the actual value when available)
## Testing
- Open Hosts view and find a host ( where the process summary is not
available )
- Open the flyout and select the "Processes" tab
- The values inside the process summary should be 'N/A'
(Same should be shown in inventory)
<img width="2259" alt="Screenshot 2023-05-11 at 13 34 58"
src="7f8a6e3d-cd87-452a-9f73-13dbc567501d">
<img width="2258" alt="Screenshot 2023-05-11 at 13 36 05"
src="2708ef2f-b119-46a4-80e8-048e25a22c21">
- Open Hosts view and find a host ( where the process summary is
available )
- Open the flyout and select the "Processes" tab
- The values inside the process summary should be available (and total
processes > 0)
(Same should be shown in inventory)
<img width="2262" alt="Screenshot 2023-05-11 at 13 35 33"
src="89aeb53f-c7c2-483f-b21f-9a0b67ca22c4">
<img width="2265" alt="Screenshot 2023-05-11 at 13 36 29"
src="06b44138-21bb-4c47-a31b-b43749df58a0">
## Summary
This PR fixes#155083 with the following changes:
- Create a new field to store the action context for an alert under
`ALERT_CONTEXT` (`kibana.alert.context`) for Log Threshold Rule.
- Change the alert detail page to reference the `groupByKeys` under
`ALERT_CONTEXT` for the group by section
- Change the history chart to only display `12h` buckets
I plan to do a follow up PR to add the ALERT_CONTEXT to the other
Observability Rules which we will also need for our alert details pages.
### How to test
1. Index data using:
https://github.com/elastic/high-cardinality-cluster/tree/main/high_cardinality_indexer
by running the following command:
```
DATASET="fake_stack" EVENTS_PER_CYCLE=1 INDEX_INTERVAL=60000 ELASTICSEARCH_HOSTS=http://localhost:9200 node src/run.js
```
2. Create a DataView for named "Admin Console" with the index pattern of
`high-cardinality-data-fake_stack.admin-console-*` and the timestamp
field set to `@timestamp`
3. Go to the Log Stream in Observability and change the index pattern to
"Admin Console"
4. Create a rule that looks like:
<img width="600" alt="image"
src="https://user-images.githubusercontent.com/41702/232578891-e65a3f1a-457c-459a-8d7f-cadc85e7067c.png">
5. Create a rule WITHOUT a group by that will trigger and check the
alert detail page
6. Create a rule with a ratio WITHOUT a group by that will trigger and
check the alert detail page
7. Create a rule with a ratio WITH a group by that will trigger and
check the alert detail page
---------
Co-authored-by: Kevin Delemme <kdelemme@gmail.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
closes: https://github.com/elastic/kibana/issues/155567
## Summary
This PR adds a new custom event to track the total number of hosts, as
well as adjusts a few `data-test-subj` attribute values to meet the
naming convention defined in the observability-dev
[docs](https://github.com/elastic/observability-dev/blob/main/docs/how-we-work/telemetry/telemetry-convention.md#naming-convention)
### For Reviewers
An option for not allowing yet a new custom event in FS could be
triggering the new custom events only for self-managed customers, and in
FS watch the element that holds the total number of hosts. But for now,
I decided to allow the new custom event in FS for consistency
---------
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Fixes#155978
## Summary
- Remove the `fields` parameter from the find cases API
- Limit the `searchFields` parameter in the find cases API
One of the FTR tests was actually successfully calling the find_cases
API while passing the fields parameter but only certain combinations of
fields would actually work.
Passing single fields would not work.
I just removed the test as we won't support the `fields` param anymore.
---------
Co-authored-by: lcawl <lcawley@elastic.co>
## Summary
Adjust download links for Universal Profiling host-agent in the Add Data
page.
The links need to be updated because of a breaking change in the
protocol.
Signed-off-by: inge4pres <francesco.gualazzi@elastic.co>
## Summary
Updated the inference pipeline flyout logic to refetch ml models when
the user deploys the ELSER text expansion model. This will allow them to
select the model if they deploy it from the flyout.
25916c61-cdad-4213-8034-265aaac1f945
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
