* [ML] enable test selection
* [ML] executor update for annotations
* [ML] update unit tests
* [ML] fix i18n
* [ML] update schema
* [ML] fix ts
* [ML] account for docs count, update unit tests
* [ML] update translation strings
* [ML] add types
* [ML] fetch the latest annotation sorted by modified_time
* [ML] getDelayedDataAnnotations
* [ML] update unit tests
* [ML] set default number of docs to 1, update schema validation
* [ML] getDelayedDataLookbackTimestamp
* [ML] filter null values, update unit tests
* [ML] account for query delay, refactor with memoize
* [ML] update unit test
* [ML] remove previousStartedAt
* [ML] filter based on the job config
* [ML] fix tests
* [ML] add maps
* [ML] combine filters
* [ML] move range query inside of a filter
* [ML] filter out jobs with missing datafeed
* [ML] resolveLookbackInterval only from jobs with datafeeds
* [ML] do not show an error on empty time interval
* [ML] add help tooltips
* [ML] update description for the datafeed check
* Allow users select policies from a dropdown
* Policy filters are passed throguh the API call and the results are now filtered by policy
* Moved policies selector inside search component and triggers search only when refresh button is clicked
* Fixes tests
* Triggers policy filter when policy is selected. Also fix unit test because now policies are loaded at the trusted apps list
* Renamed components and added an index.ts for the exports
* Adds unit tests for policies selector component
* Fix unit tests and changed camelcase by snack case for url params
* adds multilang
* Fixes i18n keys
* Move mock resonse to the mocks file
* Use string templating in test
* remove === true from boolean comparison
* Set function in useCallback. Renames some variables and types. Use reourceState helper function to get the prev state. Use generated data for policies in tests
* Fix ts errors
* Removes unused type and fix type name for Item
* Puts exclude clause on policy dropdown behind a feature flag
* Adds missing feature flags in some tests and in global reducer
* Fix test adding useExperimentalValua mock for FF
* Wrapp handlers in a useCallback in order to prevent useless rerenders
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* incremental changes
* No more type errors
* Type guards
* Begin adding tests
* Flatten
* Reduce scope of branch
* Remove extraneous argument to filter_duplicate_signals
* [Alerting UI] Added visual indicator when enable switched click is processed on the server side.
* fixed rule details
* fixed functional tests
* fixed unit tests
* fixed due to comments
* fixed due to comments
gsutil requires a directory to exist before copying artifacts in.
Prior to https://github.com/elastic/kibana/pull/107217, a
.bootstrap-cache file was written, providing the directory for these
writes. Now that we're no longer writing this file, we need to ensure
it exists.
The heuristic to select provider name `cloud-basic` breaks the CCS
integration tests, where protocol is https, and actually is not needed in
any of the automated tests.
For a better solution we need @MadameSheema to be back from PTO.
This partially reverts commit 9f2d9d4d54.
* [Lens] Synchronize cursor position for X-axis across all Lens visualizations in a dashboard
Closes: #77530
* add mocks for active_cursor service
* fix jest tests
* fix jest tests
* apply PR comments
* fix cursor style
* update heatmap, jest
* add tests
* fix wrong import
* replace cursor for timelion
* update tsvb_dashboard baseline
* fix CI
* update baseline
* Update active_cursor_utils.ts
* add debounce
* remove cursor from heatmap and pie
* add tests for debounce
* return theme order back
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* First draft migrate timelion to elastic-charts
* Some refactoring. Added brush event.
* Added title. Some refactoring
* Fixed some type problems. Added logic for yaxes function
* Fixed some types, added missing functionality for yaxes
* Fixed some types, added missing functionality for stack property
* Fixed unit test
* Removed unneeded code
* Some refactoring
* Some refactoring
* Fixed some remarks.
* Fixed some styles
* Added themes. Removed unneeded styles in BarSeries
* removed unneeded code.
* Fixed some comments
* Fixed vertical cursor across Timelion visualizations of a dashboad
* Fix some problems with styles
* Use RxJS instead of jQuery
* Remove unneeded code
* Fixed some problems
* Fixed unit test
* Fix CI
* Fix eslint
* Fix some gaps
* Fix legend columns
* Some fixes
* add 2 versions of Timeline app
* fix CI
* cleanup code
* fix CI
* fix legend position
* fix some cases
* fix some cases
* remove extra casting
* cleanup code
* fix issue with static
* fix header formatter
* fix points
* fix ts error
* Fix yaxis behavior
* Fix some case with yaxis
* Add deprecation message and update asciidoc
* Fix title
* some text improvements
* [Timelion Viz] Add functional tests
* Add more complex cases for _timelion
* Update test expected data
Co-authored-by: Uladzislau Lasitsa <Uladzislau_Lasitsa@epam.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Alexey Antonov <alexwizp@gmail.com>
* Add duplex content stream
* Add content stream factory
* Move report contents gathering and writing to the content stream
* Update jobs executors to use content stream instead of returning report contents
* add investigate in timeline action to flyout
* close context menu on item clicked
* add investigate in timeline
* add investigat in timeline button
* fix failing tests
* add alerts status actions
* update unit test
* export alerts actions from hook
* add disable props
* add case action items
* clean up
* split alert status hook and hide add to case action
* add useHoseIsolationAction hook
* move out take action dropdown
* refeactor hooks to only manage one thing
* apply hooks to alerts table
* clean up
* fix unit tests
* replace euiCodeBlock
* take actions from case
* fetch ecs in flyout footer
* move fetch alert ecs to container
* add AddExceptionModalWrapperData interface
* fix cypress tests
* update snapshot for json view
* fix cypress test
* update AddEndpointExceptionComponent
* fix data retrieved from event details
* fix host isolation action
* use endpointAlertCheck
Co-authored-by: Xavier Mouligneau <189600+XavierM@users.noreply.github.com>
* Starting configure migration
* Initial refactor of configuration connector id
* Additional clean up and tests
* Adding some tests
* Finishing configure tests
* Starting case attributes transformation refactor
* adding more tests for the cases service
* Adding more functionality and tests for cases migration
* Finished unit tests for cases transition
* Finished tests and moved types
* Cleaning up type names
* Fixing types and renaming
* Adding more tests directly for the transformations
* Fixing tests and renaming some functions
* Adding transformation helper tests
* Adding migration utility tests and some clean up
* Begining logic to remove references when it is the none connector
* Fixing merge reference bug
* Addressing feedback
* Changing test name and creating constants file
* adds entries.list.id field in the searchable event filters fields list
* adds test case for list.id operator
* Revert "adds entries.list.id field in the searchable event filters fields list"
This reverts commit 45a66fd966.
* Revert "adds test case for list.id operator"
This reverts commit 9dba145df2.
* Disable large value list option in operators dropdown
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* allow rules to be managed in RAC page
* return all rules of a rule type instead of first one
* update UI to handle multiple rule types
* add comments about creating the menus by category for alerts and rules
* fix parsing of cluster alerts
Since 7.9.0, APM Server has been copying the `transaction.page.url`
value to the ECS `url` field. We should still use `transaction.page.url`
if it exists and `url` does not (i.e. for very old docs), but we should
stop expecting it in newly written documents.
* change alerts table filter text box placeholder
* update alerts table placeholder to use the status field
* use threshold for the alerts table placeholder
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* adding comparison to inventory page
* new api to get detailed statistics
* show comparison data
* adding api test
* fixing unit test
* fixing ts issue
* adding loading to table
* refactoring
* fixing TS issue
* addressing PR comments
* fixing merge
* addressing PR comments
* fixing api test
* adding comment
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This PR implements sorting in the `TGrid`, per the animated gifs below:
_Above: Sorting in Observability, via `EuiDataGrid`'s sort popover_
_Above: Sorting and hiding columns in the Security Solution via `EuiDataGrid`'s column header actions_
## Details
* Sorting is disabled for non-aggregatble fields
* This PR resolves the `Sort [Object Object]` TODO described [here](https://github.com/elastic/kibana/pull/106199#issuecomment-883668966)
* ~This PR restores the column header tooltips where the TGrid is used in the Security Solution~
## Desk testing
To desk test this PR, you must enable feature flags in the Observability and Security Solution:
- To desk test the `Observability > Alerts` page, add the following settings to `config/kibana.dev.yml`:
```
xpack.observability.unsafe.cases.enabled: true
xpack.observability.unsafe.alertingExperience.enabled: true
xpack.ruleRegistry.write.enabled: true
```
- To desk test the TGrid in the following Security Solution, edit `x-pack/plugins/security_solution/common/experimental_features.ts` and in the `allowedExperimentalValues` section set:
```typescript
tGridEnabled: true,
```
cc @mdefazio
* [maps] deprecate xpack.maps.showMapVisualizationTypes in upgrade assistent
* use custom function instead of unusedFromRoot so config does not get removed
* fix i18n ids and align deprecation message
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* injects bulkCreate and wrapHits to individual rule executors
* WIP create_security_rule_type_factory based on Marshall's work in #d3076ca54526ea0e61a9a99e1c1bce854806977e
* removes ruleStatusService from old rule executors, fixes executor unit tests
* fixes rebase
* Rename reference_rules to rule_types
* Fix type errors
* Fix type errors in base security rule factory
* Additional improvements to types and interfaces
* More type alignment
* Fix remaining type errors in query rule
* Add validation / inject lists plugin
* Formatting
* Improvements to typing
* Static typing on executors
* cleanup
* Hook up params for query/threshold rules... includes exceptionsList and daterange tuple
* Scaffolding for wrapHits and bulkCreate
* Add error handling / status reporting
* Fixup alert type state
* Begin threshold
* Begin work on threshold state
* Organize rule types
* Export base security rule types
* Fixup lifecycle static typing
* WrapHits / bulk changes
* Field mappings (partial)
* whoops
* Remove redundant params
* More flexibile implementation of bulkCreateFactory
* Add mappings
* Finish query rule
* Revert "Remove redundant params"
This reverts commit 87aff9c810.
* Revert "whoops"
This reverts commit a7771bd392.
* Fixup return types
* Use alertWithPersistence
* Fix import
* End-to-end rule mostly working
* Fix bulkCreate
* Bug fixes
* Bug fixes and mapping changes
* Fix indexing
* cleanup
* Fix type errors
* Test fixes
* Fix query tests
* cleanup / rename kibana.rac to kibana
* Remove eql/threshold (for now)
* Move technical fields to package
* Add indexAlias and buildRuleMessageFactory
* imports
* type errors
* Change 'kibana.rac.*' to 'kibana.*'
* Fix lifecycle tests
* Single alert instance
* fix import
* Fix type error
* Fix more type errors
* Fix query rule type test
* revert to previous ts-expect-error
* type errors again
* types / linting
* General readability improvements
* Add invariant function from Dmitrii's branch
* Use invariant and constants
* Improvements to field mappings
* More test failure fixes
* Add refresh param for bulk create
* Update more field refs
* Actually use refresh param
* cleanup
* test fixes
* changes to rule creation script
* Fix created signals count
* Use ruleId
* Updates to bulk indexing
* Mapping updates
* Cannot use 'strict' for dynamic setting
Co-authored-by: Marshall Main <marshall.main@elastic.co>
Co-authored-by: Ece Ozalp <ozale272@newschool.edu>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
