## Summary
This fixes a bug where Windows and Mac Blocklist file path entries
should be passed as case insensitive. This is because Mac and Windows
are caseless for most use cases.
Bug ticket: https://github.com/elastic/kibana/issues/158581
Here is how it will be displayed in the UI:
<img width="1728" alt="image"
src="a3006397-f49e-4de0-818d-94e2de20dba3">
Here are the breakdown of the artifacts after the fix:
Linux:
```
-------------------------------------------------------------------
Policy: Protect
Manifest: 1.0.6 | v1
Artifact: endpoint-blocklist-linux-v1
Relative URL: /api/fleet/artifacts/endpoint-blocklist-linux-v1/f33e6890aeced00861c26a08121dd42d2d29ba08abfeb3c065d0447e32e18640
Encoded SHA256: a907835be40af89b8b7aa23a6efc66c01ceaa5a19622edd378139319f3ca5fa0
Decoded SHA256: f33e6890aeced00861c26a08121dd42d2d29ba08abfeb3c065d0447e32e18640
-------------------------------------------------------------------
{
"entries": [
{
"type": "simple",
"entries": [
{
"field": "file.path",
"operator": "included",
"type": "exact_cased_any",
"value": [
"/opt/bin/bin.exe"
]
}
]
}
]
}
```
Mac:
```
-------------------------------------------------------------------
Policy: Protect
Manifest: 1.0.6 | v1
Artifact: endpoint-blocklist-macos-v1
Relative URL: /api/fleet/artifacts/endpoint-blocklist-macos-v1/b28e7978da4314ebc2c94770e0638fc4b2270f9dc17a11d6d32b8634b1fbec0f
Encoded SHA256: 4f3e80d688f5cae4bf6a88b0704e37909f9fa4f47fe8325b7b154cddd46a2db9
Decoded SHA256: b28e7978da4314ebc2c94770e0638fc4b2270f9dc17a11d6d32b8634b1fbec0f
-------------------------------------------------------------------
{
"entries": [
{
"type": "simple",
"entries": [
{
"field": "file.path",
"operator": "included",
"type": "exact_caseless_any",
"value": [
"/opt/exe.exe"
]
}
]
}
```
Windows:
```
-------------------------------------------------------------------
Policy: Protect
Manifest: 1.0.6 | v1
Artifact: endpoint-blocklist-windows-v1
Relative URL: /api/fleet/artifacts/endpoint-blocklist-windows-v1/2a6fcc67c696ad4e29d91f8b685bff46977198cd34b9a61e8003d55b78dff6ac
Encoded SHA256: c6e045fce97651336eeb400f0123541475b940e3aa38ce721f299585683da288
Decoded SHA256: 2a6fcc67c696ad4e29d91f8b685bff46977198cd34b9a61e8003d55b78dff6ac
-------------------------------------------------------------------
{
"entries": [
{
"type": "simple",
"entries": [
{
"field": "file.path",
"operator": "included",
"type": "exact_caseless_any",
"value": [
"C:\\path\\path.exe"
]
}
]
}
]
}
```
### Checklist
Delete any items that are not applicable to this PR.
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Closes https://github.com/elastic/kibana/issues/163678
* Raise the notion of "internal" into `CoreKibanaRequest`. This enables
us to share this with lifecycle handlers and control validation of query
params
* Added new `isInternalRequest` alongside `isSystemRequest` and
`isFakeRequest`
* Slight simplification to existing internal restriction check
* Some other chores and minor fixes
## Test
* Start ES with `yarn es serverless` and Kibana with `yarn start
--serverless --server.restrictInternalApis=true`
* Add the service account token to `kibana.dev.yml`:
`elasticsearch.serviceAccountToken: <SAT>`
* Send a request to an internal endpoint like: `curl -XPOST
-uelastic:changeme http://localhost:5601/<base-path>/api/files/find -H
'kbn-xsrf: foo' -H 'content-type: application/json' -d '{}'`
* Should give you a 400 result
* message like `{"statusCode":400,"error":"Bad Request","message":"uri
[http://localhost:5603/api/files/find] with method [post] exists but is
not available with the current configuration"}`
* Send the same request, but include the query param:
`elasticInternalOrigin=true`
* Should give you a 200 result
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
> [!WARNING]
> Sorry, I had to recreate the PR
https://github.com/elastic/kibana/pull/157241
> Please submit your review again.
- Closes https://github.com/elastic/kibana/issues/155019
Per docs
https://www.elastic.co/guide/en/elasticsearch/reference/current/paginate-search-results.html
<img width="851" alt="Screenshot 2023-05-10 at 10 25 20"
src="b4b9fef4-7dd8-40ed-8244-343889fc4367">
## Summary
1. This PR improves `search_after` pagination for `date_nanos` time
fields. `sort` value will be returned from ES as a string instead of a
rounded and incorrect timestamp. This change allows to also simplify
logic on Surrounding document page.
Before:
<img width="400" alt="Screenshot 2023-05-08 at 17 36 19"
src="fd9f45c4-5dc2-4103-83b9-8810e3a6e0df">
After:
<img width="400" alt="Screenshot 2023-05-08 at 17 37 13"
src="fe9090c0-2116-4f77-9a57-a96ae6b00365">
2. Also in this PR we now allow users to load more documents within the
same time range. Once the button is pressed, it will load next portion
of documents (same "sampleSize" value will be used). Currently, we limit
max total loaded documents to 10000.
"Load more" demo:
If refresh interval is on, the button becomes disabled:
Date nanos demo:
100x Flaky test runner
https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/2801
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Note: this is only the API changes, the UI element will follow.
Part of #162862
Add the ability to specify a `proxy_id` on a download source.
If an agent policy uses a download source with a `proxy_id`, then the
proxy url will be added to the policy like so:
`agent.download.proxy_url: <proxy_url>`.
Test cases automated:
- create a download source with a valid proxy_id
- create a download source with an invalid proxy_id
- update download wource proxy_id
- update download_source proxy_id to null (remove proxy)
- updating a download source proxy bumps all policies using that
download source
- removing a download source proxy bumps all policies using that
download source
- updating the proxy url bumps all policies using a download source with
the proxy id set
- deleting the proxy bumps all policies using a download source with the
proxy id set to remove the proxy
### Checklist
Delete any items that are not applicable to this PR.
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Related to #163089
Adding the first performance journey for the Lens Editor. It simulated
loading existing Lens visualisation with data view having 10k fields.
We collect the following metrics:
- `fetchFieldsExistenceInfo` reports time it takes to fetch fields in
Data Panel
- `lensVisualizationRenderTime` reports both time it takes to fetch the
data (`time_to_data`) and render the main visualization
(`time_to_render`)
- `lensSuggestionsRenderTime` reports time it takes to render
suggestions panel
Metrics consistency
<img width="568" alt="image"
src="3384bb8e-6152-4bae-93dc-4f7f4167ed07">
Run locally with
```
node scripts/functional_tests --config x-pack/performance/journeys/many_fields_lens_editor.ts
```
Metrics will be available here
dd0473ac-826f-5621-9a10-25319700326e?_g=h@61c5ac8
---------
Co-authored-by: Drew Tate <drewctate@gmail.com>
This PR fixes a bug in the source classifier as it is currently not
identifying xml as a static file.
As part of this I've also identified a TODO in the source classifier
related with the evaluating order.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
closes [#163797](https://github.com/elastic/kibana/issues/163797)
## Summary
This PR extracts the dashboard configuration from the components that
renders them to common. This aims to make discoverability and
maintainability easier.
It doesn't change any functional behaviour
### How to test
- Start a local kibana instance
- Navigate to `Infrastructure` > `hosts`
- Verify if the charts still work as expected
## Summary
This PR uses the new script to generate autocomplete definitions for Dev
Tools Console from the ES specification repo.
#### Definitions changes
- New property `availability` is added to filter out endpoints that are
not available in Serverless
- Some endpoints' query parameters have more details now, for example
common query params are now defined in definitions
```json
"url_params": {
"error_trace": "__flag__",
"filter_path": [],
"human": "__flag__",
"pretty": "__flag__"
},
```
- Url components in few endpoints are removed, but those were added to
overrides files in https://github.com/elastic/kibana/pull/163096
- Documentation links contain `{branch}` instead of `master` (fix for
that added in https://github.com/elastic/kibana/pull/159241)
#### Script changes
- The logic for generating `availability` for endpoint has been updated
based on the feedback from the Clients team. Details added to the script
file.
- Added a few "safe guards" to the spots in the script where an
unexpected type of data might be coming from the ES specification schema
#### Console changes
- Fixed the autocomplete request on Serverless (we might need a proper
fix for that, details in
https://github.com/elastic/kibana/issues/163318)
Also updates to readme files both in Console and the new script.
I will remove the old script in a separate PR.
## Screenshots
"ILM" autocomplete suggestions displayed on stateful
<img width="583" alt="Screenshot 2023-08-07 at 17 47 48"
src="641a48b0-fb1a-4d3b-a8c9-99eab8795510">
"ILM" autocomplete suggestions not displayed on serverless
<img width="572" alt="Screenshot 2023-08-07 at 17 35 16"
src="a1ee5468-eb9f-4f52-81d5-c661b06f8ceb">
## How to test
- Start Kibana on stateful (`yarn start`) and check that autocomplete
suggestions are working as before (no changes)
- Start Kibana on serverless (`yarn start --serverless`) and check that
autocomplete suggestions are not displayed for endpoints
blocked/internal on serverless.
### Checklist
Delete any items that are not applicable to this PR.
- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [ ] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [ ] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
## Summary
closes: https://github.com/elastic/kibana/issues/157847
The new links and pages in Security Solution for Serverless:
- `Investigations`
- `Timelines`
- `Osquery`
- `Assets`
- `Fleet` (and all its sub-links)
- `Endpoints` (and all its sub-links)
- `Cloud defend` (and all its sub-links)
- Callout with button linking `Integrations` in Project Setting
- `Project settings`
- `Users & roles` (Cloud UI)
- `Billing & consumption` (Cloud UI)
- `Integrations` (link to integrations with _/browse/security_ path
parameter)
- `Entity risk score` (link currently under the
`riskScoringRoutesEnabled` experimental flag)
- `Management` accordion with a set of (stack) management categories and
pages links
Sections updated:
(ESS & Serverless) `Rules` links have been updated according to new
specs.
(ESS) The `Settings` page was renamed back to `Manage`.
(Serverless) The `Dev tools` link was moved to the bottom of the side
navigation.
#### Cypress tests for serverless:
They will be implemented in a follow-up PR when the infrastructure is
ready https://github.com/elastic/kibana/pull/162698
## Screenshots
### Serverless
Investigations:
Assets:
Rules:
Project Settings:
## ESS
Side Navigation:
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Co-authored-by: Tomasz Ciecierski <tomasz.ciecierski@elastic.co>
`85.1.0` ➡️ `86.0.0`
⚠️ The biggest change in this PR is migrating the `react-beautiful-dnd`
dependency to it's open-source forked successor, `@hello-pangea/dnd`.
This new fork has better typescript support and additionally supports
both React 17 and React 18.
## [`86.0.0`](https://github.com/elastic/eui/tree/v86.0.0)
- Added React 18 support (StrictMode not yet supported).
([#7012](https://github.com/elastic/eui/pull/7012))
**Deprecations**
- Deprecated `euiPaletteComplimentary`; Use `euiPaletteComplementary`
instead. ([#6992](https://github.com/elastic/eui/pull/6992))
**Breaking changes**
- Replaced the underlying drag-and-drop library from
`react-beautiful-dnd` to its fork `@hello-pangea/dnd`
([#7012](https://github.com/elastic/eui/pull/7012))
([#7012](https://github.com/elastic/eui/pull/7012))
- No code updates are needed if using only `<EuiDragDropContext>`,
`<EuiDroppable>` and `<EuiDraggable>` with no direct imports from
`react-beautiful-dnd`. In case you were importing things from
`react-beautiful-dnd` and using them together with EUI components, you
need to switch to `@hello-pangea/dnd` which has cross-compatible API.
---------
Co-authored-by: Tomasz Kajtoch <tomasz.kajtoch@elastic.co>
Co-authored-by: Tomasz Kajtoch <tomek@kajto.ch>
Co-authored-by: Cee Chen <549407+cee-chen@users.noreply.github.com>
Co-authored-by: Drew Tate <andrew.tate@elastic.co>
## Summary
While working to extract various portions of the `advancedSettings`
plugin into packages, I found the `ComponentRegistry` in the plugin to
have a number of issues that contributed to a fairly bad UX:
- the API allows for adding/overriding the title, subtitle and footer of
the Advanced Settings page, but only the footer is rendered.
- the API is available to all plugins, but only renders a single
entry... so depending on the plugin load order, the render is not
guaranteed.
- filtering the footer in or out of the display is delegated to the
component itself, so:
- it only takes effect on render.
- the count is only updated if you click on the page that contains it,
but that logic is currently broken.
- the error message is inaccurate.
This PR fixes those issues and more:
- extracts the registry into its own package.
- changes the API to allow for multiple sections from multiple plugins.
- changes the API to filter these sections from the plugin, rather than
from each individual component.
- fixes state management to show sections, keep counts accurate, etc.
---------
Co-authored-by: Vadim Kibana <82822460+vadimkibana@users.noreply.github.com>
## Summary
To fix the following error when running `node scripts/synthtrace
simple_trace.ts --local --live`:
```
Error: Could not connect to Kibana: request to http://elastic:changeme@localhost:5601/ failed, reason: connect ECONNREFUSED ::1:5601
at getKibanaUrl (/kibana/packages/kbn-apm-synthtrace/src/cli/utils/get_service_urls.ts:76:11)
```
Lots of small fixes, but mainly new (APM) functions for the
Observability AI Assistant.
f489a310-6ba8-4591-8ac9-54a176e0b58d
---------
Co-authored-by: Coen Warmer <coen.warmer@gmail.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Clint Andrew Hall <clint@clintandrewhall.com>
Resolves: #159493
This PR replaces `AlertFactory` in ES Query rule type with
`AlertsClient` so the alerts are persistent in an alert-as-data index.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
closes [#163491](https://github.com/elastic/kibana/issues/163491)
## Summary
This PR creates a new package that contains a utility API that helps to
generate the JSON with the attributes required to render a Lens chart
with the `EmbeddableComponent`.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Closes#157456
Secret storage requires that fleet servers are 8.10.0 or above.
This PR adds a backend check that all fleet servers are above 8.10.0
before enabling secrets storage. Once all fleet servers are above that
version, secrets are permanently enabled.
the fleet server check checks all agents in policies that contain the
fleet server package.
A flag on the`ingest_manager_settings` saved. object
`secret_storage_requirements_met` is used to make a note that the check
has previously passed, meaning we don't have to keep querying the agents
and policies.
Test scenarios (all covered by integration tests) :
- given a deployment with no fleet servers connected, on creating a
package policy with secret variables, the values should be stored in
plain text not as a secret reference
- given a deployment with at least one fleet server that is below
8.10.0, on creating a package policy with secret variables, the values
should be stored in plain text not as a secret reference
- given a deployment where all fleet servers are 8.10.0 or above,
secrets should be stored as secret references and in the secrets index
- if a package policy was created before secrets were enabled, and since
its creation the fleet server versions pass the check, when updating
that policy, all secrets should move to being secret references.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Julia Bardi <julia.bardi@elastic.co>
Co-authored-by: Julia Bardi <90178898+juliaElastic@users.noreply.github.com>
## Summary
I was not sure if there are other plans for these stats, but I went
ahead and cleaned those up:
### Issue 1. Sidenav groups are collapsed on a smaller screen
#### Before
#### After
<img width="1456" alt="Screenshot 2023-08-11 at 14 13 23"
src="3e52d05f-12fa-4d38-addb-538239e7d8d1">
### Issue 2. Collapsed sidenav state is empty
We reserved this for icons, but until we have them, I think it makes
sense to just hide the bar:
#### Berfore
#### After
<img width="1456" alt="Screenshot 2023-08-11 at 14 14 35"
src="99adadb4-637b-404b-9909-fe7e78e0224e">
### Issue 3. Navigation is not initialized when Kibana loaded with
hidden navigation
We initialize the navigation as we render the nav tree (the sidenav).
But if the sidenav is hidden, then the navigation is not initialized.
**So, for example, breadcrumbs are not displayed correctly until the nav
is opened.** As a hack, we will always render the tree, but will make it
hidden.
#### Before
<img width="1296" alt="Screenshot 2023-08-11 at 14 35 14"
src="499e4a97-b5c3-405d-968b-bae753f15b99">
#### After
<img width="1296" alt="Screenshot 2023-08-11 at 14 34 37"
src="ae51dea4-8d98-40f6-b3bc-c4d5df8e97fa">
## Summary
This PR adjusts the `data-test-subj` for the global loading indicator in
serverless projects such that at matches the stateful version. This
makes sure that functional tests and corresponding test helper methods
continue to work the same in stateful and serverless environments when
comes to waiting for global loading to finish, which is a key mechanism
to avoid test flakiness.
### Additional information
- The serverless project specific global loading indicator was
introduced with #158523
- The stateful loading indicator `data-test-subj` naming is implemented
here:
https://github.com/elastic/kibana/blob/main/packages/core/chrome/core-chrome-browser-internal/src/ui/loading_indicator.tsx#L61
Co-authored-by: Tim Sullivan <tsullivan@users.noreply.github.com>
## Summary
This closes https://github.com/elastic/kibana/issues/161960, a basic
integration will now be created whilst onboarding logs (though the
custom logs flow).
This implements the *initial* version of this work, and does not include
things like adding a dataset to an existing integration.
## UI / UX
General:
Naming conflict errors:
Lack of permissions error:
General errors:
Success callout on the next panel:
Delete previous flow (happens in the background):
## Pointers for reviewers / next steps
- This PR also creates a new package for the `useTrackedPromise` hook,
as this is used in several places and I didn't want to just duplicate it
again (I haven't replaced other current uses in this PR, but will as a
followup).
- `useFetcher` was avoided as A) it's very tightly coupled with the
observability onboarding server route repository (and `callApi` is
scoped to this) and I wanted to call an "external" API in Fleet and B) I
wanted explicit control over when the request is dispatched (not on
mount), and whilst this can sort of be achieved by not returning a
promise from the callback it gets quite messy. I also wanted more
granular error handling control.
- Moving forward I think we'll need to enhance the state management of
the plugin. We'll want to add the ability to "add to existing
integration" and this is going to make the state more complex (even with
chunks of this functionality likely moved to it's own package). I did
actually have the Wizard state moved in to a constate container at one
point (as a starter) but I reverted this commit to make the changeset
less intrusive. It's for this same reason that, for now, I haven't
focussed too closely on extracting things like generating the friendly
error messages etc as we'll likely want to extract some of the "create
integration" hooks / UI in to a standalone package so they can be used
elsewhere (not just onboarding). There are also quite a few `
eslint-disable-next-line react-hooks/exhaustive-deps` rules in the
plugin at the moment due to the references not being stable, we could
improve that at the same time as any state changes.
- You can technically navigate directly to
`/fox/app/observabilityOnboarding/customLogs/installElasticAgent`, but
no state is stored in the URL, so nothing is rehydrated resulting in a
very empty configuration. I'm not entirely sure this is a behaviour we
want, but for now I've just made the callout conditional on state
existing (so coming from the previous panel).
- The Fleet custom integrations API now throws a 409 (conflict) when
using a name that already exists.
## Testing
- Head to `/app/observabilityOnboarding` to trigger the onboarding flow
- Select "Stream log files"
- When hitting "continue" an integration should be created in the
background (check the network requests for
`api/fleet/epm/custom_integrations`)
- When continuing (to install shipper), then going back **and** making
changes to your integration options, when clicking continue again there
should be a network request that deletes the previously created
integration (to clean things up). This should be seamless to the user.
- You should not be able to use a name that already exists (for an
existing custom integration)
- General errors (like permission issues, asset installation issues)
should display at the bottom
- When you hit the next panel (install shipper) there should be a
success callout that also contains the name of the integration that was
created
## In progress
~Two changes still in progress, but they don't need to hold up the
review (8.10 coming soon 👀):~
- ~To have a friendlier error for permissions issues (not just
"forbidden")~
- ~Fleet API integration test for the naming collision~
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Closes https://github.com/elastic/kibana/issues/162230.
### Changes
- Card `Collect and analyse my logs` in getting started is now pointing
to `app/observabilityOnboarding`.
- `Data assistant for observability` callout in observability overview
was removed in favour of `Collect and analyse logs in observability`
callout.
#### Getting started - Before
4a3a0f64-ee34-48c5-9395-f3965763a1d1
#### Getting started - After
d30c2cf0-dc01-4a9d-a808-7caa5da7c008
#### Observability overview - before
6960b178-4e3e-49a6-bea8-4501778f1e12
#### Observability overview - after
316f27f7-5ac2-44a9-85a6-7f8c2b343300
---------
Co-authored-by: Achyut Jhunjhunwala <achyut.jhunjhunwala@elastic.co>
## Summary
Closes https://github.com/elastic/kibana/issues/161889
Closes https://github.com/elastic/kibana/issues/162935
This PR gives the correct look and feel to the app menu bar.
1. The bar appears to the right of the side panel
2. The bar has fixed position below the fixed EuiHeader
3. Page content flows after the the bar
### Testing
1. Run `yarn es snapshot` in a terminal pane
2. Run `yarn serverless` in another pane
3. Log into the Kibana UI and check different forms of the menu bar
4. Use the dev-project switcher to test other solution projects
5. Test with a header banner:
```
#!/bin/bash
HOST=http://elastic:changeme@localhost:5601
curl -X POST "$HOST/internal/kibana/settings" \
-H 'kbn-xsrf: true' \
-H 'X-Elastic-Internal-Origin: Kibana' \
-H 'Content-Type: application/json' \
-d '{
"changes": {
"banners:placement": "top",
"banners:textContent": "Prefix. **SIMPLE BANNER MESSAGE CONTENT**.
Suffix."
}
}'
```
Set `banners:placement` to `null` to turn off the header banner.
**Known issue:** in some Observability project pages, the app menu bar
may appear as an empty div. This is explained in the [serverless project
layout
documentation](https://docs.elastic.dev/kibana-dev-docs/serverless-project-navigation#header-action-menu):
> **Note** The display of the toolbar container is conditional, based on
whether there is toolbar content to show. Make sure to pass undefined to
setHeaderActionMenu if there is no application content to show. In
classic layout, passing an empty span or div element suffices to "clear"
the toolbar, but in serverless projects it will cause a large empty
container to show below the header.
### Screenshots
_Will not be updated past a5222e428814c9d2211f4c14fe160dbea93f3e1b_
| | |
|---|---|
| **Project layout in Observability app** |
9fb8f57a-3de9-49e8-9d6d-d10fa83a3c83
|
| **Project layout in Observability app w/ header banner** |
19a0bf68-0df7-4f08-b987-125abe9e5680
|
| **Project layout in Security app** |
af1940fa-9d48-48a4-b675-0b3c8bcffc39
|
| **Project layout in Security app w/ header banner** |
d962952a-1d21-4bb3-8992-cafe4aed82a4
|
### Checklist
Delete any items that are not applicable to this PR.
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [x] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [x] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
---------
Co-authored-by: Cee Chen <549407+cee-chen@users.noreply.github.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
This PR is part 2 of adding a rule preview panel to the expandable
flyout. PR (https://github.com/elastic/kibana/pull/161999) adds the
preview skeleton, and this PR populates the actual content related to
rule details:
Expandable flyout:
- Updated title to include `created by` and `updated by` timestamps, and
rule switch button
- Added contents for about, define, schedule and actions (if any)
- Added a hook to fetch data for rule switch button - logic mimics rule
details page
(`~/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/index.tsx`)
Rule & detections:
- Added `isPanelView` option allow rendering rule details in smaller
font, so that it can fit in panel view
- Minor UI updates to gutter sizes and spacing to accommodate long text
- Extracted `createdBy` and `updatedBy` to
`~/security_solution/public/detections/components/rules/rule_info` to be
shared between rule details page and flyout
**How to test**
- add `xpack.securitySolution.enableExperimental:
['securityFlyoutEnabled']` to the `kibana.dev.json` file
- go to the Alerts page, and click on the expand detail button on any
row of the table
- click on Overview, About, view Rule Summary, the rule preview panel
should pop up
### Checklist
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
This PR fixes#163120 by adding support for group by's to the SLO Burn
Rate rule. I refactored the rule to push all the executions down to
Elasticsearch, it uses the same technique as the Metric Threshold rule.
I also added a callout to the rule form to let the user know when
they've selected an SLO with a group by so it's clear what the behavior
will be.
<img width="617" alt="image"
src="f1fb0220-1be7-4c13-829f-5895ecb09cfa">
<img width="1623" alt="image"
src="c34db593-d7c0-4214-a76d-f21b4ed65eb0">
- Closes https://github.com/elastic/kibana/issues/155216
## Summary
This PR replaces shard falures toasts with inline warnings in Discover.
- [x] Intercept shard failures in Discover main app
- [x] Show inline warnings above the grid instead
- [x] Handle NoResultsFound case too
- [x] Implement for Discover context app
- [x] Implement for saved search embeddable on Dashboard
- [x] Can we inline timeouts too?
- [x] Check SQL view
- [x] Add tests
Discover view with shard failures
<img width="400" alt="Screenshot 2023-07-06 at 14 23 48"
src="a0799aa0-9d2e-42ee-b89b-e0e1180220a5">
Discover view with shard failures (and no results)
<img width="400" alt="Screenshot 2023-07-07 at 13 24 50"
src="28dc2bad-9776-4aa9-8f51-219d1c87487a">
Dashboard view with shard failures
<img width="400" alt="Screenshot 2023-07-06 at 16 15 49"
src="2a68c19a-1ca8-4f10-a9f5-4aa56f9160b0">
Surrounding documents view with shard failures
<img width="400" alt="Screenshot 2023-07-10 at 17 26 31"
src="ade63cfe-a1c2-4c22-8823-58dcfef9357f">
Discover view with timeouts
<img width="400" alt="Screenshot 2023-07-07 at 16 47 27"
src="0101be19-a555-4f96-b963-7fe418d51fb5">
Dashboard view with timeouts
<img width="400" alt="Screenshot 2023-07-07 at 16 48 18"
src="82979365-4129-4385-8a13-9c139e1acbf1">
Surrounding documents view with timeouts
<img width="400" alt="Screenshot 2023-07-11 at 15 03 41"
src="0ea41b79-ac6b-4456-9cfa-0d038b10da7d">
## Testing
For testing please uncomment
3f102cf688/src/plugins/data/common/search/search_source/search_source.ts (L922)
or
3f102cf688/src/plugins/data/common/search/search_source/search_source.ts (L547)
and switch to `kibana*` data view.
### Checklist
Delete any items that are not applicable to this PR.
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [x] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
---------
Co-authored-by: Davis McPhee <davismcphee@hotmail.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Adds new connector type to support https://www.sentinelone.com/
The scope of this PR was limited to the Connector logic, schemas, and
types to make PR more digestible.
In the current PR, the connector is NOT registered, so it's not going to
be available to the users.
In the follow-up PR I'm going to improve the UX of Param's form and then
enable the connector
<img width="1685" alt="Zrzut ekranu 2023-08-3 o 11 18 54"
src="965ef8ef-497f-42a8-983e-38fd0370cba8">
visual changes include a screenshot or gif.
<img width="1685" alt="image"
src="119d2255-ed9f-4923-886d-eb139223a47d">
<img width="1690" alt="image"
src="e2c569d2-b497-4641-a6a6-454494223ffc">
1. Removed Kerberos option from auth type selection
2. Used EuiFieldPassword component for password input
State:
3. Added `None` authentication option. This will save `auth_type` as
`none` and won't pass `usernamer`, `password` nor `ssl` to the SO.
4. Renamed `broker_ack_reliability` to `required_acks` in UI and API.
Changed value type to `1 || 0 || -1`
5. Renamed `broker_buffer_size` to `channel_buffer_size` in UI and API.
6. Temporarily disabled `password` field encryption.
7. `partition` key stored in yaml follows proper requirements
8. `topics` key stored in yaml follows proper requirements
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
fix https://github.com/elastic/kibana/issues/163337 for dashboard.
### Context:
In serverless navigation we changed how breadcrumbs work. Instead of
setting the full path manually, we automatically calculate the main
parts of the path from the side nav + current URL. This was done to keep
side nav and breadcrumbs in sync as much as possible and solve
consistency issues with breadcrumbs across apps.
https://docs.elastic.dev/kibana-dev-docs/serverless-project-navigation#breadcrumbs
Apps can append custom deeper context using the
`serverless.setBreadcrumbs` api. Regular `core.chrome.setBreadcrumbs`
has no effect when serverless nav is rendered.
Implements chat & function calling for the Observability AI Assistant.
The APM related changes are due to a correction in the `toBooleanRt`
type.
Code in `x-pack/observability_ai_assistant` has been reviewed via
feature branches.
---------
Co-authored-by: Coen Warmer <coen.warmer@gmail.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Clint Andrew Hall <clint@clintandrewhall.com>
## Summary
close https://github.com/elastic/kibana/issues/161545
close https://github.com/elastic/kibana/issues/153257
This PR makes `SavedObjectFinder` component backward compatible. It is
achieved by going through content- management layer, more technical
details
[here](https://docs.google.com/document/d/1ssYmqSEUPrsuCR4iz8DohkEWekoYrm2yL4QR_fVxXLg/edit)
### Testing
`SavedObjectFinder` is this component that allows to pick a saved object
(supports: `search` `index-pattern` `map` `visualization` `lens`
`event-annotation-group`:
It is used in the following places:
- Dashboard
- Add panel
- Replace panel
- Discover - Open Search
- Visualization - Select search as a source for new viz
- Graph - select source
- Cases - markdown editor add lens
- ML (3 places)
- Canvas - select embeddable panel
- Transform
- Lens > select event annotation
### Risks / Follow up
The `SavedObjectFinder` should stay mostly the same, the only notable
functional change is that now `SavedObjectFinder` doesn't support
`includeFields` which allowed partial saved object returns, this was
done to make the call backward-compatible without making the system even
more complicated as otherwise we'll need a way to abstract
`includeFields` from so attributes and allow to run migrations on it
before making a search. follow up issue to bring it back
https://github.com/elastic/kibana/issues/163043
The risk with that is that some client that have a lot of large objects
might run into performance issues when using `SavedObjectFinder`. This
can be mitigated by changing listing limit in advanced setting from
default 1000 to something lower
## Summary
Closes#144481.
Closes#160256.
This enables content editor in dashboard to allow users to edit the
title, description, and tags from the listing page.
c2212882-43e3-45cb-83fc-493860857019
The only validation added to this flyout is the duplicate title check. I
used the same warning message as the visualize listing page.
<img width="600" alt="Screenshot 2023-07-06 at 2 11 38 PM"
src="42f7244a-1c4d-47ec-8f66-a98a63eff473">
### Checklist
Delete any items that are not applicable to this PR.
- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [ ] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [ ] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
### Risk Matrix
Delete this section if it is not applicable to this PR.
Before closing this PR, invite QA, stakeholders, and other developers to
identify risks that should be tested prior to the change/feature
release.
When forming the risk matrix, consider some of the following examples
and how they may potentially impact the change:
| Risk | Probability | Severity | Mitigation/Notes |
|---------------------------|-------------|----------|-------------------------|
| Multiple Spaces—unexpected behavior in non-default Kibana Space.
| Low | High | Integration tests will verify that all features are still
supported in non-default Kibana Space and when user switches between
spaces. |
| Multiple nodes—Elasticsearch polling might have race conditions
when multiple Kibana nodes are polling for the same tasks. | High | Low
| Tasks are idempotent, so executing them multiple times will not result
in logical error, but will degrade performance. To test for this case we
add plenty of unit tests around this logic and document manual testing
procedure. |
| Code should gracefully handle cases when feature X or plugin Y are
disabled. | Medium | High | Unit tests will verify that any feature flag
or plugin combination still results in our service operational. |
| [See more potential risk
examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |
### For maintainers
- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
While working on https://github.com/elastic/kibana/pull/162917, I
noticed that there is a property `url_components` that is being
generated with the old script. This PR adds the same functionality to
the new script. The purpose of this property is to provide autocomplete
suggestions for dynamic parameters used in `patterns`. For example, the
URL defined as `_cluster/state/{metrics}` has a list of options allowed
for the parameter `metrics`. These options are defined in the json
specs, but unfortunately they are not always translated into concrete
types in the specification repo. In this example, `metrics` is described
as `string | string[]` in the specification repo. Because of that I
added some override files with `url_components` that will not be
available when we switch to the new script and re-generate the
definitions with it.
The logic for generating the url components is the same as for query
parameters. Most changes in this PR is extracting the code so that both
functions `generateQueryParams` and `generateUrlComponents` can share
it. The only difference between query parameters and url components:
with query parameters we keep all properties so that all parameters are
displayed in the autocomplete suggestions, for example `{ param1: '',
param2: '' }` provide information about 2 query parameters, specifically
their names. For url components, the name of the parameter is not
important, because only the values will be displayed for autocompletion.
That is why, we ignore all parameters without known values and only keep
properties like `{ param: ['value1', 'value2'] }`.
