## Summary
This PR is a follow up of [this previous
one](https://github.com/elastic/kibana/pull/220590) that removed the
advanced setting allowing users to switch between the Session View
component rendered in the expandable flyout and as an overlay to the
alerts table.
This PR focuses on removing all code related to the Session View
component when displayed as an overlay of the Alerts page alerts table
and in Timeline.
**_As the previous PR had removed the ability to switch back to this
overlay mode, this PR does not introduces any visible changes in the UI.
If anything looks different or behaves differently, then there is an
issue and this PR should not be merged._**
Session View in expandable flyout remains unchanged:
https://github.com/user-attachments/assets/54107185-ff9b-4090-ac0d-7c4f3f1a421f
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
This PR removes the `securitySolution:enableVisualizationsInFlyout`
advanced settings that allowed users to switch between Analyzer and
Session View components displayed in an overlay on top of tables, or
within the flyout expanded panel.
The setting was already defaulted to true, so this PR just removes the
ability to go back to the analyzer and session view components displayed
as table overlay.
This PR is the first of 4 that perform the clean up:
- this first PR that removes the advanced setting
- a follow up PR that will remove the code related to rendering session
view as overlay
- a follow up PR that will remove the code related to rendering analyzer
as overlay
- a final clean up that removes a lot of dead code related to timeline
full screen and such
The work is divided in multiple PRs because when I got everything
working locally it ended up touching nearly 120 files, making the review
difficult...
---------------------------
No more advanced settings
The alerts table goes to the flyout
https://github.com/user-attachments/assets/b8b934ba-ea9f-4bb2-aaf4-0f73f359eb3a
The table still works from the Cases page
https://github.com/user-attachments/assets/65ffe289-3a3c-4766-aa52-4f68a2f2dd87
And from timeline (the tabs are not showing up either)
https://github.com/user-attachments/assets/0bb17b2f-b6b7-4417-9212-2302b778cc23
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
There is a bug in kibana 8.17, where no transaction marks are shown in
the APM's transaction waterfall ui.
The marks are stored in the field `transaction.marks.agent` of
documents, but kibana apm server is querying `transaction.agent.marks`.
This PR fixes the field name.
I also added `span.id` in the query source to include the marks in the
response, even if there is no `span.links` in the transaction info.
(I found the case from RUM data with `transaction.marks.agent` but
without `span.links`, so that the response does not include marks
because there is no `source` field in the query result)
I am not sure if it's the right way to fix it, as i have no
understanding about the relationsip between `transaction.marks.agent`
and `span.links`, so this PR is more like a bug report.
### Checklist
Check the PR satisfies following conditions.
Reviewers should verify this PR satisfies this list as well.
- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This was checked for breaking HTTP API changes, and any breaking
changes have been approved by the breaking-change committee. The
`release_note:breaking` label should be applied in these situations.
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [ ] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
### Identify risks
Does this PR introduce any risks? For example, consider risks like hard
to test bugs, performance regression, potential of data loss.
Describe the risk, its severity, and mitigation for each identified
risk. Invite stakeholders and evaluate how to proceed before merging.
- [ ] [See some risk
examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
- [ ] ...
None
