* [Expressions] Use table column ID instead of name when set
* Update ID matching to match by name sometimes
* Add an extra case to prevent insertion of duplicate column
* Simplify logic and add test for output ID
* Respond to review comments
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Add new width definition for waterfall sidebar item. Add delay to tooltip.
* Add default value for style if/when undefined.
* Create shared style for eui breakpoints to use by both waterfall tooltip types.
* Add a comment.
* Use viewport units instead of breakpoints.
* Rename a style.
* Add top margin to prevent tooltip from missing target item. Rename a style.
* Adjust custom `margin-top`.
* Add index to tooltip content.
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* do not send telemetry if isScreenshotMode
* Implement PR feedback:
* added another Jest test
* move Boolean() to make the opt-in value always boolean
* remove unused import and convert to import type
* fix type issues
* update jest snapshot
* Expanded test coverage
- added plugin functional test
- added jest test to check TelemetrySender behaviour
- exported the localStorage/window value that flags screenshot
mode
* fix test plugin name in package.json and make sure to opt out of telemetry when the test finishes
* added missing type file to plugin_functional test
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Reenabled _mb suffixed stack monitoring func tests
These tests were disabled temporarily in #98238 because of intermittent failures in master.
* use test_user instead of basic_monitoring_user
* remove security service
* remove logout and cleanup
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: neptunian <sandra.gonzales@elastic.co>
E2E tests are failing because they include the ID field returned by the
package list endpoint. This just updates our request schema to accept an
ID, though we don't persist or deal with the ID anywhere.
Closes#100897
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [Discover] migrate remaining context files from js to ts
* [Discover] get rid of any types
* [Discover] replace constants with enums, update imports
* [Discover] use unknown instead of any, correct types
* [Discover] skip any type for tests
* [Discover] add euiDataGrid view
* [Discover] add support dataGrid columns, provide ability to do not change sorting, highlight anchor doc, rename legacy variables
* [Discover] update context_legacy test and types
* [Discover] update unit tests, add context header
* [Discover] update unit and functional tests
* [Discover] remove docTable from context test which uses new data grid
* [Discover] update EsHitRecord type, use it for context app. add no pagination support
* [Discover] resolve type error in test
* [Discover] add disabling control columns option, change loading feedback
* [Discover] clean up, update functional tests
* [Discover] remove invalid translations
* [Discover] support both no results found and loading feedback
* [Discover] provide loading status for discover
* [Discover] fix functional test
* [Discover] add useDataGridColumns test, update by comments
* [Discover] fix types
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Move inspector adapter integration into search source
* docs and ts
* Move other bucket to search source
* test ts + delete unused tabilfy function
* hierarchical param in aggconfig.
ts improvements
more inspector tests
* fix jest
* separate inspect
more tests
* jest
* inspector
* Error handling and more tests
* put the fun in functional tests
* delete client side legacy msearch code
* ts
* override to sync search in search source
* delete more legacy code
* ts
* delete moarrrr
* deflate bfetch chunks
* update tests
use only zlib
* ts
* extract getInflatedResponse
* tests
* Use fflate in attempt to reduce package size
* use node streams, fflate and hex encoding.
* DISABLE_SEARCH_COMPRESSION UI Settings
Use base64 and async compression
* i18n
* Code review
Use custom header for compression
Promisify once
* use custom headers
* Update jest
* fix tests
* code review, baby!
* integration
* tests
* limit
* limit
* limit
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Fixed color rules behaviour on empty metrics data.
Refactored function `getLastValue`, which was providing unexpected result on empty arrays. It was returning string, instead of null/undefined value.
Created two useful functions, which are providing possibility to handle empty result and get default value, which is expected.
* Tests added.
Tests for getLastValue refactored.
Tests for getLastValueOrDefault and getLastValueOrZero written.
* Removed console.log
* Added default value for empty operator.
Added default value for empty operator, which will compare statistics to empty array.
Added conditional render of colorRuleValue field, if operator doesn't require some specified value to be chosen ( as default, in this case ).
* Added empty data handling.
Added empty value var and way of displaying in widgets.
Added way of handling empty results and prevented comparing null, empty array and numeric rules.
* Prettier fixes.
* Added the same logic of displaying data to gauge.
Added displaying of empty data to gauge module.
Fixed label color styles (before, it was ignoring, because of setting colorValue out of default scope while reactcss(...) call).
* Added empty data handling in Top N chart.
* Removed getLastValueOrZero.
Removed getLastValueOrZero and replaced by getLastValueOrEmpty.
* Added isEmptyValue function.
Added isEmptyValue function, which is able to check equality. It provides a possibility to encapsulate the logic of empty value and flexible changing of its' behavior.
* Fixed and refactor.
Fixed hidden value input, if no operator selected.
Removed useless DEFAULT_VALUE and getLastValueOrDefault.
* Color rules Tests.
Changed from js to ts last_value_utils. Updated tests for color_rules component.
* Replaces isEqual rule with eq.
* Migrations added.
* Fixed types, EMPTY_VALUE, empty method.
Removed type definition for methods in last_value_utils.ts.
Changed EMPTY_VALUE from array to null. Removed default value.
Added logic for handling empty value handling and comparison methods.
* Fixed comparing null and numeric rules.
* Changed migrations.
* Added test for migrations.
* Migration fix.
* Updated code, based on nits and fixed reasons of pipeline errors.
* Moved actions, connected to operators to the separate file. Reduced duplication of code.
* Type names changed.
* Test for operators_utils added.
* Fixed based on nits.
* Added vis_type_timeseries to tsconfig references.
* Changed version and added migrations.
* Small fix in migrations.
* Fixes based on review.
* Revert "Fixes based on review."
This reverts commit 35af7b2b6a.
* Fixes based on review.
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This PR starts the migration of the Security Solution rules to use the rule-registry introduced in https://github.com/elastic/kibana/pull/95903. This is a pathfinding effort in porting over the existing Security Solution rules, and may include some temporary reference rules for testing out different paradigms as we move the rules over. See https://github.com/elastic/kibana/issues/95735 for details
Enable via the following feature flags in your `kibana.dev.yml`:
```
# Security Solution Rules on Rule Registry
xpack.ruleRegistry.index: '.kibana-[USERNAME]-alerts' # Only necessary to scope from other devs testing, if not specified defaults to `.alerts-security-solution`
xpack.securitySolution.enableExperimental: ['ruleRegistryEnabled']
```
> Note: if setting a custom `xpack.ruleRegistry.index`, for the time being you must also update the [DEFAULT_ALERTS_INDEX](9e213fb7a5/x-pack/plugins/security_solution/common/constants.ts (L28)) in order for the UI to display alerts within the alerts table.
---
Three reference rule types have been added (`query`, `eql`, `threshold`), along with scripts for creating them located in:
```
x-pack/plugins/security_solution/server/lib/detection_engine/reference_rules/scripts/
```
Main Detection page TGrid queries have been short-circuited to query `.alerts-security-solution*` for displaying alerts from the new alerts as data indices.
To test, checkout, enable the above feature flag(s), and run one of the scripts from the above directory, e.g. `./create_reference_rule_query.sh` (ensure your ENV vars as set! :)
Alerts as data within the main Detection Page 🎉
<p align="center">
<img width="500" src="https://user-images.githubusercontent.com/2946766/119911768-39cfba00-bf17-11eb-8996-63c0b813fdcc.png" />
</p>
cc @madirey @dgieselaar @pmuellr @yctercero @dhurley14 @marshallmain
