mirror of
https://github.com/elastic/kibana.git
synced 2025-04-24 17:59:23 -04:00
81896 commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Kibana Machine
|
c864f54c1a
|
[8.x] Update dependency elastic-apm-node to ^4.11.0 (main) (#207313) (#207705)
# Backport This will backport the following commits from `main` to `8.x`: - [Update dependency elastic-apm-node to ^4.11.0 (main) (#207313)](https://github.com/elastic/kibana/pull/207313) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"elastic-renovate-prod[bot]","email":"174716857+elastic-renovate-prod[bot]@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-01-22T08:48:20Z","message":"Update dependency elastic-apm-node to ^4.11.0 (main) (#207313)","sha":"fc72ba9ec9ac53f1c3acbc9321323b4b465dfa5d","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Core","release_note:skip","v9.0.0","backport:prev-minor"],"title":"Update dependency elastic-apm-node to ^4.11.0 (main)","number":207313,"url":"https://github.com/elastic/kibana/pull/207313","mergeCommit":{"message":"Update dependency elastic-apm-node to ^4.11.0 (main) (#207313)","sha":"fc72ba9ec9ac53f1c3acbc9321323b4b465dfa5d"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207313","number":207313,"mergeCommit":{"message":"Update dependency elastic-apm-node to ^4.11.0 (main) (#207313)","sha":"fc72ba9ec9ac53f1c3acbc9321323b4b465dfa5d"}}]}] BACKPORT--> Co-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com> |
||
Jean-Louis Leysens
|
4ca8cef44b
|
Fix 8.x 9 forward compat tests part ii (#207407)
## Summary Follow up from https://github.com/elastic/kibana/pull/206624 aimed at fixing failing compat tests: https://buildkite.com/elastic/kibana-es-forward-compatibility-testing-9-dot-0/builds?branch=8.x ### Core * Fixed jest integration tests, generated new archives * Skipped the UA tests for 8.x -> 9 if ES >8, I assume these tests only make sense if ES is on v8 ### Security solution ES|QL * Made the `metadata [...` test only run when ES is v8 ### Kibana management * Made the unfreeze test only run when ES is v8 |
||
|
Kibana Machine
|
7a48da7ba1
|
[8.x] [ES `body` removal] `@elastic/stack-monitoring` (#204865) (#207703)
# Backport This will backport the following commits from `main` to `8.x`: - [[ES `body` removal] `@elastic/stack-monitoring` (#204865)](https://github.com/elastic/kibana/pull/204865) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alejandro Fernández Haro","email":"alejandro.haro@elastic.co"},"sourceCommit":{"committedDate":"2025-01-22T08:25:21Z","message":"[ES `body` removal] `@elastic/stack-monitoring` (#204865)","sha":"ca26eaa718ead4c5ba75177e183adb5ad8d9c287","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Monitoring","release_note:skip","Feature:Stack Monitoring","v9.0.0","backport:prev-minor"],"title":"[ES `body` removal] `@elastic/stack-monitoring`","number":204865,"url":"https://github.com/elastic/kibana/pull/204865","mergeCommit":{"message":"[ES `body` removal] `@elastic/stack-monitoring` (#204865)","sha":"ca26eaa718ead4c5ba75177e183adb5ad8d9c287"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/204865","number":204865,"mergeCommit":{"message":"[ES `body` removal] `@elastic/stack-monitoring` (#204865)","sha":"ca26eaa718ead4c5ba75177e183adb5ad8d9c287"}}]}] BACKPORT--> Co-authored-by: Alejandro Fernández Haro <alejandro.haro@elastic.co> |
||
|
Kibana Machine
|
1885eff54c
|
[8.x] fix: [Security:Explore:Users page]Add new timeline or template button dialog cannot be closed (#207232) (#207702)
# Backport This will backport the following commits from `main` to `8.x`: - [fix: [Security:Explore:Users page]Add new timeline or template button dialog cannot be closed (#207232)](https://github.com/elastic/kibana/pull/207232) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alexey Antonov","email":"alexwizp@gmail.com"},"sourceCommit":{"committedDate":"2025-01-22T08:22:55Z","message":"fix: [Security:Explore:Users page]Add new timeline or template button dialog cannot be closed (#207232)\n\nCloses: #205377\r\n\r\n**Description**\r\nUsers don't get stuck on elements, dialogs can be closed by pressing\r\nEsc.\r\n\r\n**Preconditions**\r\nSecurity -> Explore -> Users page.\r\n\r\n**Steps to reproduce**\r\n\r\n1.Navigate to Add new timeline or template button.\r\n2.Press Enter.\r\n3.Press Esc.\r\n4.Press Tab few times.\r\n5.Observe page.\r\n\r\n\r\n**Changes made:**\r\n1. Fixed typo, method should be called","sha":"e2c138bca119015715e26ac519f2eb75b98e1541","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Project:Accessibility","release_note:skip","v9.0.0","backport:prev-minor"],"title":"fix: [Security:Explore:Users page]Add new timeline or template button dialog cannot be closed","number":207232,"url":"https://github.com/elastic/kibana/pull/207232","mergeCommit":{"message":"fix: [Security:Explore:Users page]Add new timeline or template button dialog cannot be closed (#207232)\n\nCloses: #205377\r\n\r\n**Description**\r\nUsers don't get stuck on elements, dialogs can be closed by pressing\r\nEsc.\r\n\r\n**Preconditions**\r\nSecurity -> Explore -> Users page.\r\n\r\n**Steps to reproduce**\r\n\r\n1.Navigate to Add new timeline or template button.\r\n2.Press Enter.\r\n3.Press Esc.\r\n4.Press Tab few times.\r\n5.Observe page.\r\n\r\n\r\n**Changes made:**\r\n1. Fixed typo, method should be called","sha":"e2c138bca119015715e26ac519f2eb75b98e1541"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207232","number":207232,"mergeCommit":{"message":"fix: [Security:Explore:Users page]Add new timeline or template button dialog cannot be closed (#207232)\n\nCloses: #205377\r\n\r\n**Description**\r\nUsers don't get stuck on elements, dialogs can be closed by pressing\r\nEsc.\r\n\r\n**Preconditions**\r\nSecurity -> Explore -> Users page.\r\n\r\n**Steps to reproduce**\r\n\r\n1.Navigate to Add new timeline or template button.\r\n2.Press Enter.\r\n3.Press Esc.\r\n4.Press Tab few times.\r\n5.Observe page.\r\n\r\n\r\n**Changes made:**\r\n1. Fixed typo, method should be called","sha":"e2c138bca119015715e26ac519f2eb75b98e1541"}}]}] BACKPORT--> Co-authored-by: Alexey Antonov <alexwizp@gmail.com> |
||
|
Kibana Machine
|
04c7f8c937
|
[8.x] [Lens][Embeddable] Remove unused cruft from by-reference panels when saving in a dashboard (#206740) (#207699)
# Backport This will backport the following commits from `main` to `8.x`: - [[Lens][Embeddable] Remove unused cruft from by-reference panels when saving in a dashboard (#206740)](https://github.com/elastic/kibana/pull/206740) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Marco Liberati","email":"dej611@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-01-22T08:07:59Z","message":"[Lens][Embeddable] Remove unused cruft from by-reference panels when saving in a dashboard (#206740)\n\n## Summary\r\n\r\nFixes #206596 \r\n\r\nThis PR fixes a bug that made dashboard save extra (unused) state within\r\nthe dashboard saved object when a panel is by-references.\r\nLuckily this has only the side effect of using more storage than usual,\r\nas the Lens SO initializer would use fresh state from the Content\r\nManagement to load, but it would be great to be as lean as possible\r\nhere.\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"b0b44bbd22f7be4e651f4003bea7f3adc5c9f2a8","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Visualizations","release_note:skip","Feature:Lens","v9.0.0","backport:prev-minor","Feature:Embeddables"],"title":"[Lens][Embeddable] Remove unused cruft from by-reference panels when saving in a dashboard","number":206740,"url":"https://github.com/elastic/kibana/pull/206740","mergeCommit":{"message":"[Lens][Embeddable] Remove unused cruft from by-reference panels when saving in a dashboard (#206740)\n\n## Summary\r\n\r\nFixes #206596 \r\n\r\nThis PR fixes a bug that made dashboard save extra (unused) state within\r\nthe dashboard saved object when a panel is by-references.\r\nLuckily this has only the side effect of using more storage than usual,\r\nas the Lens SO initializer would use fresh state from the Content\r\nManagement to load, but it would be great to be as lean as possible\r\nhere.\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"b0b44bbd22f7be4e651f4003bea7f3adc5c9f2a8"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206740","number":206740,"mergeCommit":{"message":"[Lens][Embeddable] Remove unused cruft from by-reference panels when saving in a dashboard (#206740)\n\n## Summary\r\n\r\nFixes #206596 \r\n\r\nThis PR fixes a bug that made dashboard save extra (unused) state within\r\nthe dashboard saved object when a panel is by-references.\r\nLuckily this has only the side effect of using more storage than usual,\r\nas the Lens SO initializer would use fresh state from the Content\r\nManagement to load, but it would be great to be as lean as possible\r\nhere.\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"b0b44bbd22f7be4e651f4003bea7f3adc5c9f2a8"}}]}] BACKPORT--> Co-authored-by: Marco Liberati <dej611@users.noreply.github.com> |
||
|
Kibana Machine
|
db7e3e1b59
|
[8.x] [inference] surface error message from connector (#207393) (#207693)
# Backport This will backport the following commits from `main` to `8.x`: - [[inference] surface error message from connector (#207393)](https://github.com/elastic/kibana/pull/207393) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Pierre Gayvallet","email":"pierre.gayvallet@elastic.co"},"sourceCommit":{"committedDate":"2025-01-22T07:23:16Z","message":"[inference] surface error message from connector (#207393)\n\n## Summary\r\n\r\nIn case of error during the connector's execution, the inference\r\nadapters were not properly propagating the error message. This PR\r\naddresses it.\r\n\r\n### Before\r\n\r\n<img width=\"368\" alt=\"Screenshot 2025-01-21 at 14 05 30\"\r\nsrc=\"https://github.com/user-attachments/assets/65cce33d-cdca-442e-bf31-9bf09c4c6800\"\r\n/>\r\n\r\n### After\r\n\r\n<img width=\"738\" alt=\"Screenshot 2025-01-21 at 14 04 44\"\r\nsrc=\"https://github.com/user-attachments/assets/7d4fdee8-5989-47a1-8e56-21621f9b79fc\"\r\n/>","sha":"52be83272471a7fb87ed95c45bbab33e9a33757b","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:version","Team:AI Infra","v8.18.0"],"title":"[inference] surface error message from connector","number":207393,"url":"https://github.com/elastic/kibana/pull/207393","mergeCommit":{"message":"[inference] surface error message from connector (#207393)\n\n## Summary\r\n\r\nIn case of error during the connector's execution, the inference\r\nadapters were not properly propagating the error message. This PR\r\naddresses it.\r\n\r\n### Before\r\n\r\n<img width=\"368\" alt=\"Screenshot 2025-01-21 at 14 05 30\"\r\nsrc=\"https://github.com/user-attachments/assets/65cce33d-cdca-442e-bf31-9bf09c4c6800\"\r\n/>\r\n\r\n### After\r\n\r\n<img width=\"738\" alt=\"Screenshot 2025-01-21 at 14 04 44\"\r\nsrc=\"https://github.com/user-attachments/assets/7d4fdee8-5989-47a1-8e56-21621f9b79fc\"\r\n/>","sha":"52be83272471a7fb87ed95c45bbab33e9a33757b"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207393","number":207393,"mergeCommit":{"message":"[inference] surface error message from connector (#207393)\n\n## Summary\r\n\r\nIn case of error during the connector's execution, the inference\r\nadapters were not properly propagating the error message. This PR\r\naddresses it.\r\n\r\n### Before\r\n\r\n<img width=\"368\" alt=\"Screenshot 2025-01-21 at 14 05 30\"\r\nsrc=\"https://github.com/user-attachments/assets/65cce33d-cdca-442e-bf31-9bf09c4c6800\"\r\n/>\r\n\r\n### After\r\n\r\n<img width=\"738\" alt=\"Screenshot 2025-01-21 at 14 04 44\"\r\nsrc=\"https://github.com/user-attachments/assets/7d4fdee8-5989-47a1-8e56-21621f9b79fc\"\r\n/>","sha":"52be83272471a7fb87ed95c45bbab33e9a33757b"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Pierre Gayvallet <pierre.gayvallet@elastic.co> |
||
David Sánchez
|
8c09c9a0e4
|
[8.x] [Security Solution] [EDR Workflows] Adds upgrade notes for management deprecated apis (#206903) (#207403)
# Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] [EDR Workflows] Adds upgrade notes for management deprecated apis (#206903)](https://github.com/elastic/kibana/pull/206903) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"David Sánchez","email":"david.sanchezsoler@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T14:56:03Z","message":"[Security Solution] [EDR Workflows] Adds upgrade notes for management deprecated apis (#206903)\n\n## Summary\r\n\r\nIt adds upgrade notes and create docs link for Endpoint management\r\ndeprecated apis in 9.0.\r\n\r\nThis pr is for main (9.0) and 8.x (8.18) and will follow up with this\r\none on 8.x branch: https://github.com/elastic/kibana/pull/206904 in\r\norder to add these notes to the Upgrade Assistant for these deprecated\r\napi's\r\n\r\nThe Api routes were already removed in this pr (only in main):\r\nhttps://github.com/elastic/kibana/pull/199598\r\n\r\n---------\r\n\r\nCo-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"adb6cded6ab778b59378f5be78a8ed563470b5aa","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:deprecation","v9.0.0","Team:Defend Workflows","backport:version","v8.18.0"],"title":"[Security Solution] [EDR Workflows] Adds upgrade notes for management deprecated apis","number":206903,"url":"https://github.com/elastic/kibana/pull/206903","mergeCommit":{"message":"[Security Solution] [EDR Workflows] Adds upgrade notes for management deprecated apis (#206903)\n\n## Summary\r\n\r\nIt adds upgrade notes and create docs link for Endpoint management\r\ndeprecated apis in 9.0.\r\n\r\nThis pr is for main (9.0) and 8.x (8.18) and will follow up with this\r\none on 8.x branch: https://github.com/elastic/kibana/pull/206904 in\r\norder to add these notes to the Upgrade Assistant for these deprecated\r\napi's\r\n\r\nThe Api routes were already removed in this pr (only in main):\r\nhttps://github.com/elastic/kibana/pull/199598\r\n\r\n---------\r\n\r\nCo-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"adb6cded6ab778b59378f5be78a8ed563470b5aa"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206903","number":206903,"mergeCommit":{"message":"[Security Solution] [EDR Workflows] Adds upgrade notes for management deprecated apis (#206903)\n\n## Summary\r\n\r\nIt adds upgrade notes and create docs link for Endpoint management\r\ndeprecated apis in 9.0.\r\n\r\nThis pr is for main (9.0) and 8.x (8.18) and will follow up with this\r\none on 8.x branch: https://github.com/elastic/kibana/pull/206904 in\r\norder to add these notes to the Upgrade Assistant for these deprecated\r\napi's\r\n\r\nThe Api routes were already removed in this pr (only in main):\r\nhttps://github.com/elastic/kibana/pull/199598\r\n\r\n---------\r\n\r\nCo-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"adb6cded6ab778b59378f5be78a8ed563470b5aa"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> |
||
|
Kibana Machine
|
5db5189398
|
[8.x] [search profiler] Move profile button inline with index field (#202253) (#207648)
# Backport This will backport the following commits from `main` to `8.x`: - [[search profiler] Move profile button inline with index field (#202253)](https://github.com/elastic/kibana/pull/202253) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Matthew Kime","email":"matt@mattki.me"},"sourceCommit":{"committedDate":"2025-01-22T04:01:43Z","message":"[search profiler] Move profile button inline with index field (#202253)\n\n## Summary\r\n\r\nAt smaller window sizes, the `Profile` button disappears beneath the\r\ncode editor. Lets move it to the top and shrink it.\r\n\r\n<img width=\"1051\" alt=\"Screenshot 2024-11-30 at 11 47 27 PM\"\r\nsrc=\"https://github.com/user-attachments/assets/1d8b99cd-1b07-43cc-8d75-597b37f74e59\">","sha":"c12c88d243840d498b767a5f9b29f2748d4b2ff3","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Kibana Management","release_note:skip","Feature:Search Profiler","v9.0.0","backport:prev-major"],"title":"[search profiler] Move profile button inline with index field","number":202253,"url":"https://github.com/elastic/kibana/pull/202253","mergeCommit":{"message":"[search profiler] Move profile button inline with index field (#202253)\n\n## Summary\r\n\r\nAt smaller window sizes, the `Profile` button disappears beneath the\r\ncode editor. Lets move it to the top and shrink it.\r\n\r\n<img width=\"1051\" alt=\"Screenshot 2024-11-30 at 11 47 27 PM\"\r\nsrc=\"https://github.com/user-attachments/assets/1d8b99cd-1b07-43cc-8d75-597b37f74e59\">","sha":"c12c88d243840d498b767a5f9b29f2748d4b2ff3"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/202253","number":202253,"mergeCommit":{"message":"[search profiler] Move profile button inline with index field (#202253)\n\n## Summary\r\n\r\nAt smaller window sizes, the `Profile` button disappears beneath the\r\ncode editor. Lets move it to the top and shrink it.\r\n\r\n<img width=\"1051\" alt=\"Screenshot 2024-11-30 at 11 47 27 PM\"\r\nsrc=\"https://github.com/user-attachments/assets/1d8b99cd-1b07-43cc-8d75-597b37f74e59\">","sha":"c12c88d243840d498b767a5f9b29f2748d4b2ff3"}}]}] BACKPORT--> Co-authored-by: Matthew Kime <matt@mattki.me> |
||
seanrathier
|
3f654766d6
|
[8.x] [Cloud Security] Default CSPM integration to use Agentless as the setup technology. (#205965) (#206985)
# Backport This will backport the following commits from `main` to `8.x`: - [[Cloud Security] Default CSPM integration to use Agentless as the setup technology. (#205965)](https://github.com/elastic/kibana/pull/205965) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"seanrathier","email":"sean.rathier@gmail.com"},"sourceCommit":{"committedDate":"2025-01-15T17:07:02Z","message":"[Cloud Security] Default CSPM integration to use Agentless as the setup technology. (#205965)","sha":"c30212f9c0d091bd2564592ac21a6ef2f30368c8","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","Team:Cloud Security","backport:prev-minor","ci:project-deploy-security"],"title":"[Cloud Security] Default CSPM integration to use Agentless as the setup technology.","number":205965,"url":"https://github.com/elastic/kibana/pull/205965","mergeCommit":{"message":"[Cloud Security] Default CSPM integration to use Agentless as the setup technology. (#205965)","sha":"c30212f9c0d091bd2564592ac21a6ef2f30368c8"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/205965","number":205965,"mergeCommit":{"message":"[Cloud Security] Default CSPM integration to use Agentless as the setup technology. (#205965)","sha":"c30212f9c0d091bd2564592ac21a6ef2f30368c8"}}]}] BACKPORT--> |
||
Hannah Mudge
|
b060301d45
|
[8.x] [Dashboard][kbn-grid-layout] Update styles (#206503) (#207446)
# Backport This will backport the following commits from `main` to `8.x`: - [[Dashboard][`kbn-grid-layout`] Update styles (#206503)](https://github.com/elastic/kibana/pull/206503) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Hannah Mudge","email":"Heenawter@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-01-21T19:52:39Z","message":"[Dashboard][`kbn-grid-layout`] Update styles (#206503)\n\nCloses https://github.com/elastic/kibana/issues/204060\r\n\r\n## Summary\r\n\r\nThis PR updates the styles used for `kbn-grid-layout` in Dashboard as\r\nshown below.\r\n\r\n- **Dragging**\r\n\r\n | Before | After |\r\n |--------|--------|\r\n|\r\n
Devon Thomson
|
13d328677e
|
[8.x] [Serialized state only] Update Library Transforms and Duplicate (#206140) (#207455)
# Backport This will backport the following commits from `main` to `8.x`: - [[Serialized state only] Update Library Transforms and Duplicate (#206140)](https://github.com/elastic/kibana/pull/206140) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Devon Thomson","email":"devon.thomson@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T18:43:43Z","message":"[Serialized state only] Update Library Transforms and Duplicate (#206140)\n\nUnifies the various `LibraryTransforms` interfaces, updates all by reference capable embeddables to use them in the same way, and migrates the clone functionality to use only serialized state.","sha":"3719be0144d0f5b1fc71d1c564a41446c8ef3133","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Embedding","release_note:fix","Team:Presentation","v9.0.0","backport:prev-minor","Feature:Embeddables","project:embeddableRebuild"],"title":"[Serialized state only] Update Library Transforms and Duplicate","number":206140,"url":"https://github.com/elastic/kibana/pull/206140","mergeCommit":{"message":"[Serialized state only] Update Library Transforms and Duplicate (#206140)\n\nUnifies the various `LibraryTransforms` interfaces, updates all by reference capable embeddables to use them in the same way, and migrates the clone functionality to use only serialized state.","sha":"3719be0144d0f5b1fc71d1c564a41446c8ef3133"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206140","number":206140,"mergeCommit":{"message":"[Serialized state only] Update Library Transforms and Duplicate (#206140)\n\nUnifies the various `LibraryTransforms` interfaces, updates all by reference capable embeddables to use them in the same way, and migrates the clone functionality to use only serialized state.","sha":"3719be0144d0f5b1fc71d1c564a41446c8ef3133"}}]}] BACKPORT--> |
||
|
Kibana Machine
|
9a24fe8eca
|
[8.x] [ResponseOps] Granular connector RBAC followup (#205818) (#207575)
# Backport This will backport the following commits from `main` to `8.x`: - [[ResponseOps] Granular connector RBAC followup (#205818)](https://github.com/elastic/kibana/pull/205818) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alexi Doak","email":"109488926+doakalexi@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-01-21T21:33:54Z","message":"[ResponseOps] Granular connector RBAC followup (#205818)\n\n## Summary\r\n\r\nThis PR is followup to, https://github.com/elastic/kibana/pull/203503.\r\nThis PR adds a test to make sure that sub-feature description remains\r\naccurate, and changes to hide the connector edit test tab and create\r\nconnector button when a user only has read access.\r\n\r\n### Checklist\r\n\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n\r\n### To verify\r\n\r\n1. Create a new read only role and disable EDR connectors under the\r\nActions and Connectors privilege\r\n2. Create a new user and assign that role to user\r\n3. Create a Sentinel One connector (It doesn't need to work, you can use\r\nfake values for the url and token)\r\n4. Login as the new user and go to the connector page in stack\r\nmanagement\r\n5. Verify that the \"Create connector\" button is not visible\r\n6. Click on the connector you created, verify that you can't see the\r\ntest tab","sha":"12998a8fe1823c3ba672ad8ff68a1292ccc72d8e","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","v9.0.0","backport:prev-minor","v8.18.0"],"title":"[ResponseOps] Granular connector RBAC followup","number":205818,"url":"https://github.com/elastic/kibana/pull/205818","mergeCommit":{"message":"[ResponseOps] Granular connector RBAC followup (#205818)\n\n## Summary\r\n\r\nThis PR is followup to, https://github.com/elastic/kibana/pull/203503.\r\nThis PR adds a test to make sure that sub-feature description remains\r\naccurate, and changes to hide the connector edit test tab and create\r\nconnector button when a user only has read access.\r\n\r\n### Checklist\r\n\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n\r\n### To verify\r\n\r\n1. Create a new read only role and disable EDR connectors under the\r\nActions and Connectors privilege\r\n2. Create a new user and assign that role to user\r\n3. Create a Sentinel One connector (It doesn't need to work, you can use\r\nfake values for the url and token)\r\n4. Login as the new user and go to the connector page in stack\r\nmanagement\r\n5. Verify that the \"Create connector\" button is not visible\r\n6. Click on the connector you created, verify that you can't see the\r\ntest tab","sha":"12998a8fe1823c3ba672ad8ff68a1292ccc72d8e"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/205818","number":205818,"mergeCommit":{"message":"[ResponseOps] Granular connector RBAC followup (#205818)\n\n## Summary\r\n\r\nThis PR is followup to, https://github.com/elastic/kibana/pull/203503.\r\nThis PR adds a test to make sure that sub-feature description remains\r\naccurate, and changes to hide the connector edit test tab and create\r\nconnector button when a user only has read access.\r\n\r\n### Checklist\r\n\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n\r\n### To verify\r\n\r\n1. Create a new read only role and disable EDR connectors under the\r\nActions and Connectors privilege\r\n2. Create a new user and assign that role to user\r\n3. Create a Sentinel One connector (It doesn't need to work, you can use\r\nfake values for the url and token)\r\n4. Login as the new user and go to the connector page in stack\r\nmanagement\r\n5. Verify that the \"Create connector\" button is not visible\r\n6. Click on the connector you created, verify that you can't see the\r\ntest tab","sha":"12998a8fe1823c3ba672ad8ff68a1292ccc72d8e"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Alexi Doak <109488926+doakalexi@users.noreply.github.com> |
||
|
Kibana Machine
|
46fd73585b
|
[8.x] [Security Solution][Alerts Detail] - fix missing investigated alert id when fetching all alerts for the details panel alerts tab (#206873) (#207430)
# Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution][Alerts Detail] - fix missing investigated alert id when fetching all alerts for the details panel alerts tab (#206873)](https://github.com/elastic/kibana/pull/206873) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Philippe Oberti","email":"philippe.oberti@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T19:28:15Z","message":"[Security Solution][Alerts Detail] - fix missing investigated alert id when fetching all alerts for the details panel alerts tab (#206873)\n\n## Summary\r\n\r\nThis PR fixes an issue in the session view detailed panel alerts tab\r\nwhen used in the expandable flyout.\r\n\r\nAs can seen in the screenshot below, when used in the alerts table, the\r\ndetailed panel alerts tab renders the investigated alert if it is\r\navailable.\r\n\r\n\r\n\r\nBut when rendered in the expandable flyout the investigated alert is not\r\nalways rendered.\r\n\r\n\r\n\r\nThe issue came from a mistake done in [this previous\r\nPR](https://github.com/elastic/kibana/pull/200270) that aimed at\r\nextracting the session view detailed panel in the expandable flyout\r\npreview panel. Specifically [this\r\nline](https://github.com/elastic/kibana/pull/200270/files#diff-1f5a98dfb88e0067b1557ae15325887e48f561b35a0f99989360efea7f4aa6adR33)\r\nwhere I hardcoded the `investigatedAlertId` to `undefined`. I believe\r\nthis happened during early stage of the development where I just wanted\r\nto get things to run. Then when I made the `investigatedAlertId`\r\navailable via the session view panel context, I forgot to come back and\r\nreplace the `undefined`...\r\n\r\nWhen looking at the network tab, I see 2 calls to the\r\n`internal/session_view/alerts` endpoint:\r\n- the first one made when opening the session view component the first\r\ntime contains the `investigatedAlertId` value and returns more data\r\n\r\n\r\n- the same call made when navigating to the detailed panel alerts tab\r\nonly has `undefined` and returns less data\r\n\r\n\r\n \r\n### How to test\r\n\r\n- make sure the `securitySolution:enableVisualizationsInFlyout` advanced\r\nsettings is turned on\r\n\r\nCo-authored-by: Paulo Silva <paulo.henrique@elastic.co>","sha":"326a8d3f3b17d420f063cada2925828729186998","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Threat Hunting:Investigations","backport:version","v8.18.0"],"title":"[Security Solution][Alerts Detail] - fix missing investigated alert id when fetching all alerts for the details panel alerts tab","number":206873,"url":"https://github.com/elastic/kibana/pull/206873","mergeCommit":{"message":"[Security Solution][Alerts Detail] - fix missing investigated alert id when fetching all alerts for the details panel alerts tab (#206873)\n\n## Summary\r\n\r\nThis PR fixes an issue in the session view detailed panel alerts tab\r\nwhen used in the expandable flyout.\r\n\r\nAs can seen in the screenshot below, when used in the alerts table, the\r\ndetailed panel alerts tab renders the investigated alert if it is\r\navailable.\r\n\r\n\r\n\r\nBut when rendered in the expandable flyout the investigated alert is not\r\nalways rendered.\r\n\r\n\r\n\r\nThe issue came from a mistake done in [this previous\r\nPR](https://github.com/elastic/kibana/pull/200270) that aimed at\r\nextracting the session view detailed panel in the expandable flyout\r\npreview panel. Specifically [this\r\nline](https://github.com/elastic/kibana/pull/200270/files#diff-1f5a98dfb88e0067b1557ae15325887e48f561b35a0f99989360efea7f4aa6adR33)\r\nwhere I hardcoded the `investigatedAlertId` to `undefined`. I believe\r\nthis happened during early stage of the development where I just wanted\r\nto get things to run. Then when I made the `investigatedAlertId`\r\navailable via the session view panel context, I forgot to come back and\r\nreplace the `undefined`...\r\n\r\nWhen looking at the network tab, I see 2 calls to the\r\n`internal/session_view/alerts` endpoint:\r\n- the first one made when opening the session view component the first\r\ntime contains the `investigatedAlertId` value and returns more data\r\n\r\n\r\n- the same call made when navigating to the detailed panel alerts tab\r\nonly has `undefined` and returns less data\r\n\r\n\r\n \r\n### How to test\r\n\r\n- make sure the `securitySolution:enableVisualizationsInFlyout` advanced\r\nsettings is turned on\r\n\r\nCo-authored-by: Paulo Silva <paulo.henrique@elastic.co>","sha":"326a8d3f3b17d420f063cada2925828729186998"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206873","number":206873,"mergeCommit":{"message":"[Security Solution][Alerts Detail] - fix missing investigated alert id when fetching all alerts for the details panel alerts tab (#206873)\n\n## Summary\r\n\r\nThis PR fixes an issue in the session view detailed panel alerts tab\r\nwhen used in the expandable flyout.\r\n\r\nAs can seen in the screenshot below, when used in the alerts table, the\r\ndetailed panel alerts tab renders the investigated alert if it is\r\navailable.\r\n\r\n\r\n\r\nBut when rendered in the expandable flyout the investigated alert is not\r\nalways rendered.\r\n\r\n\r\n\r\nThe issue came from a mistake done in [this previous\r\nPR](https://github.com/elastic/kibana/pull/200270) that aimed at\r\nextracting the session view detailed panel in the expandable flyout\r\npreview panel. Specifically [this\r\nline](https://github.com/elastic/kibana/pull/200270/files#diff-1f5a98dfb88e0067b1557ae15325887e48f561b35a0f99989360efea7f4aa6adR33)\r\nwhere I hardcoded the `investigatedAlertId` to `undefined`. I believe\r\nthis happened during early stage of the development where I just wanted\r\nto get things to run. Then when I made the `investigatedAlertId`\r\navailable via the session view panel context, I forgot to come back and\r\nreplace the `undefined`...\r\n\r\nWhen looking at the network tab, I see 2 calls to the\r\n`internal/session_view/alerts` endpoint:\r\n- the first one made when opening the session view component the first\r\ntime contains the `investigatedAlertId` value and returns more data\r\n\r\n\r\n- the same call made when navigating to the detailed panel alerts tab\r\nonly has `undefined` and returns less data\r\n\r\n\r\n \r\n### How to test\r\n\r\n- make sure the `securitySolution:enableVisualizationsInFlyout` advanced\r\nsettings is turned on\r\n\r\nCo-authored-by: Paulo Silva <paulo.henrique@elastic.co>","sha":"326a8d3f3b17d420f063cada2925828729186998"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Philippe Oberti <philippe.oberti@elastic.co> |
||
|
Kibana Machine
|
2113b30773
|
[8.x] [Stack Connectors][Microsoft Defender] Add caching of OAuth access token to connector (#206975) (#207435)
# Backport This will backport the following commits from `main` to `8.x`: - [[Stack Connectors][Microsoft Defender] Add caching of OAuth access token to connector (#206975)](https://github.com/elastic/kibana/pull/206975) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Paul Tavares","email":"56442535+paul-tavares@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-01-21T19:59:14Z","message":"[Stack Connectors][Microsoft Defender] Add caching of OAuth access token to connector (#206975)\n\n## Summary\r\n\r\n- Adds caching of the OAuth token needed to call Microsoft Defender's\r\nAPI to the connector along with auto-regenerate when it expires\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"1e688f2cbea273809dfda3f88ee52b70593cce6b","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Defend Workflows","backport:prev-minor","v8.18.0"],"title":"[Stack Connectors][Microsoft Defender] Add caching of OAuth access token to connector","number":206975,"url":"https://github.com/elastic/kibana/pull/206975","mergeCommit":{"message":"[Stack Connectors][Microsoft Defender] Add caching of OAuth access token to connector (#206975)\n\n## Summary\r\n\r\n- Adds caching of the OAuth token needed to call Microsoft Defender's\r\nAPI to the connector along with auto-regenerate when it expires\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"1e688f2cbea273809dfda3f88ee52b70593cce6b"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206975","number":206975,"mergeCommit":{"message":"[Stack Connectors][Microsoft Defender] Add caching of OAuth access token to connector (#206975)\n\n## Summary\r\n\r\n- Adds caching of the OAuth token needed to call Microsoft Defender's\r\nAPI to the connector along with auto-regenerate when it expires\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"1e688f2cbea273809dfda3f88ee52b70593cce6b"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Paul Tavares <56442535+paul-tavares@users.noreply.github.com> |
||
|
Kibana Machine
|
dcf2cad74f
|
[8.x] [Inventory] Fix Open Explore in Discover link in a new tab (#207346) (#207434)
# Backport This will backport the following commits from `main` to `8.x`: - [[Inventory] Fix Open Explore in Discover link in a new tab (#207346)](https://github.com/elastic/kibana/pull/207346) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Sergi Romeu","email":"sergi.romeu@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T19:54:55Z","message":"[Inventory] Fix Open Explore in Discover link in a new tab (#207346)\n\n## Summary\n\nCloses #207064\n\nThis PR fixes the Explore in Discover link to be able to open it in a\nnew tab using `dataViewSpec: dataView.toMinimalSpec()`.\n\n## How to test it\n1. Enable `entityCentricExperience` feature flag\n2. Run some synthtrace scenario, for example `node scripts/synthtrace\ninfra_docker_containers`\n3. Click into an entity group and select Explore in Discover in any\nentity.\n4. You should be redirected to the data view correctly by clicking or\nopening in a new tab\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"131a543eb280e45d3d4493da96e29fbd2e5df87c","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","v9.0.0","backport:prev-minor","Team:obs-ux-infra_services"],"title":"[Inventory] Fix Open Explore in Discover link in a new tab","number":207346,"url":"https://github.com/elastic/kibana/pull/207346","mergeCommit":{"message":"[Inventory] Fix Open Explore in Discover link in a new tab (#207346)\n\n## Summary\n\nCloses #207064\n\nThis PR fixes the Explore in Discover link to be able to open it in a\nnew tab using `dataViewSpec: dataView.toMinimalSpec()`.\n\n## How to test it\n1. Enable `entityCentricExperience` feature flag\n2. Run some synthtrace scenario, for example `node scripts/synthtrace\ninfra_docker_containers`\n3. Click into an entity group and select Explore in Discover in any\nentity.\n4. You should be redirected to the data view correctly by clicking or\nopening in a new tab\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"131a543eb280e45d3d4493da96e29fbd2e5df87c"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207346","number":207346,"mergeCommit":{"message":"[Inventory] Fix Open Explore in Discover link in a new tab (#207346)\n\n## Summary\n\nCloses #207064\n\nThis PR fixes the Explore in Discover link to be able to open it in a\nnew tab using `dataViewSpec: dataView.toMinimalSpec()`.\n\n## How to test it\n1. Enable `entityCentricExperience` feature flag\n2. Run some synthtrace scenario, for example `node scripts/synthtrace\ninfra_docker_containers`\n3. Click into an entity group and select Explore in Discover in any\nentity.\n4. You should be redirected to the data view correctly by clicking or\nopening in a new tab\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"131a543eb280e45d3d4493da96e29fbd2e5df87c"}}]}] BACKPORT--> Co-authored-by: Sergi Romeu <sergi.romeu@elastic.co> |
||
|
Kibana Machine
|
a352e11d47
|
[8.x] [Security Solution] Fix reason building logic for EQL sequences with fields key (#206489) (#207433)
# Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Fix reason building logic for EQL sequences with fields key (#206489)](https://github.com/elastic/kibana/pull/206489) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Marshall Main","email":"55718608+marshallmain@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-01-21T19:35:25Z","message":"[Security Solution] Fix reason building logic for EQL sequences with fields key (#206489)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana/issues/206456\r\n\r\nThe cast to `SignalSourceHit` in `build_alert_group_from_sequence` was\r\nincorrect, so instead of passing the merged document to\r\n`buildReasonMessage` as a wrapped hit we were passing the raw merged\r\ndocument. For most source docs this worked because the build reason\r\nlogic would check the input for `_source` and `fields` and treat the\r\ninput as a raw doc if it didn't find either key. However, if the input\r\nis a raw document with `fields` or `_source` as keys (i.e. if `fields`\r\nor `_source` are actual fields in the source data), then the build\r\nreason logic incorrectly uses that source data field as the raw document\r\nand looks for ECS fields as sub-fields. Effectively if the source data\r\nhas a `fields` key then for EQL sequences the reason building logic is\r\nlooking for e.g. `fields.destination.ip` in source data instead of\r\n`destination.ip` and isn't finding it.\r\n\r\nThis PR fixes the issue by wrapping the raw document correctly in the\r\nEQL sequence alert building logic and removes the fallback in\r\n`getFieldsFromDoc` to help prevent this from reoccurring.","sha":"58113622abfd1483e09ef745003965c80d0a8adc","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","Team:Detection Engine","v8.18.0"],"title":"[Security Solution] Fix reason building logic for EQL sequences with fields key","number":206489,"url":"https://github.com/elastic/kibana/pull/206489","mergeCommit":{"message":"[Security Solution] Fix reason building logic for EQL sequences with fields key (#206489)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana/issues/206456\r\n\r\nThe cast to `SignalSourceHit` in `build_alert_group_from_sequence` was\r\nincorrect, so instead of passing the merged document to\r\n`buildReasonMessage` as a wrapped hit we were passing the raw merged\r\ndocument. For most source docs this worked because the build reason\r\nlogic would check the input for `_source` and `fields` and treat the\r\ninput as a raw doc if it didn't find either key. However, if the input\r\nis a raw document with `fields` or `_source` as keys (i.e. if `fields`\r\nor `_source` are actual fields in the source data), then the build\r\nreason logic incorrectly uses that source data field as the raw document\r\nand looks for ECS fields as sub-fields. Effectively if the source data\r\nhas a `fields` key then for EQL sequences the reason building logic is\r\nlooking for e.g. `fields.destination.ip` in source data instead of\r\n`destination.ip` and isn't finding it.\r\n\r\nThis PR fixes the issue by wrapping the raw document correctly in the\r\nEQL sequence alert building logic and removes the fallback in\r\n`getFieldsFromDoc` to help prevent this from reoccurring.","sha":"58113622abfd1483e09ef745003965c80d0a8adc"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206489","number":206489,"mergeCommit":{"message":"[Security Solution] Fix reason building logic for EQL sequences with fields key (#206489)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana/issues/206456\r\n\r\nThe cast to `SignalSourceHit` in `build_alert_group_from_sequence` was\r\nincorrect, so instead of passing the merged document to\r\n`buildReasonMessage` as a wrapped hit we were passing the raw merged\r\ndocument. For most source docs this worked because the build reason\r\nlogic would check the input for `_source` and `fields` and treat the\r\ninput as a raw doc if it didn't find either key. However, if the input\r\nis a raw document with `fields` or `_source` as keys (i.e. if `fields`\r\nor `_source` are actual fields in the source data), then the build\r\nreason logic incorrectly uses that source data field as the raw document\r\nand looks for ECS fields as sub-fields. Effectively if the source data\r\nhas a `fields` key then for EQL sequences the reason building logic is\r\nlooking for e.g. `fields.destination.ip` in source data instead of\r\n`destination.ip` and isn't finding it.\r\n\r\nThis PR fixes the issue by wrapping the raw document correctly in the\r\nEQL sequence alert building logic and removes the fallback in\r\n`getFieldsFromDoc` to help prevent this from reoccurring.","sha":"58113622abfd1483e09ef745003965c80d0a8adc"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Marshall Main <55718608+marshallmain@users.noreply.github.com> |
||
Kevin Delemme
|
8418be4877
|
[8.x] chore(slo): update telemetry data (#206135) (#207101)
# Backport This will backport the following commits from `main` to `8.x`: - [chore(slo): update telemetry data (#206135)](https://github.com/elastic/kibana/pull/206135) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Kevin Delemme","email":"kevin.delemme@elastic.co"},"sourceCommit":{"committedDate":"2025-01-14T18:29:25Z","message":"chore(slo): update telemetry data (#206135)","sha":"9618e4254894e2fcf73572edaab417f54845fe7b","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport missing","v9.0.0","backport:prev-minor","Team:obs-ux-management","v8.18.0"],"title":"chore(slo): update telemetry data","number":206135,"url":"https://github.com/elastic/kibana/pull/206135","mergeCommit":{"message":"chore(slo): update telemetry data (#206135)","sha":"9618e4254894e2fcf73572edaab417f54845fe7b"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206135","number":206135,"mergeCommit":{"message":"chore(slo): update telemetry data (#206135)","sha":"9618e4254894e2fcf73572edaab417f54845fe7b"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> |
||
|
Kibana Machine
|
6817e90917
|
[8.x] Fix useAbortableAsync race condition (#207365) (#207422)
# Backport This will backport the following commits from `main` to `8.x`: - [Fix useAbortableAsync race condition (#207365)](https://github.com/elastic/kibana/pull/207365) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Joe Reuter","email":"johannes.reuter@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T17:45:43Z","message":"Fix useAbortableAsync race condition (#207365)\n\n`useAbortableAsync` can easily get confused about the current state -\ne.g. when a previous invocation gets aborted and a new one is started at\nthe same time, the `loading` state gets set to false _after_ the next\ninvocation got started, so it's false for the time it's running:\n\n\n\n\nYou can see that while typing, the old slow request is aborted properly,\nbut the `loading` state gets lost and the abort error from the last\ninvocation is still set even though a new request is running already.\n\nThis is not the only possible issue that could happen here - e.g. if the\npromise chain throws too late, an unrelated error could be set in the\nerror handling logic, which is not related to the currently running\n`fn`.\n\nThis is hard to fix because as the hook does not control the `fn`, it\ndoes not know at which point it resolves, even after a new invocation\nwas started already. The abort signal asks the `fn` nicely to throw with\nan abort error, but it can't be controlled when that happens.\n\nThis PR introduces a notion of the current \"generation\" and only accepts\nstate updates from the most recent one.\n\nWith this, the new invocation correctly sets the loading state after the\nabort - what happens to the old promise chain after the abort can't\naffect the state anymore:\n\n\n\nI'm not sure whether this is the best way to resolve this issue, but I\ncouldn't come up with a better way. Happy to adjust, but I think we need\na solution that doesn't assume any special behavior of the passed in\n`fn`, otherwise this helper will always be super brittle.","sha":"8ff18e25758a05d4deff76ffa4b3407d98722a3c","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:version","v8.18.0"],"title":"Fix useAbortableAsync race condition","number":207365,"url":"https://github.com/elastic/kibana/pull/207365","mergeCommit":{"message":"Fix useAbortableAsync race condition (#207365)\n\n`useAbortableAsync` can easily get confused about the current state -\ne.g. when a previous invocation gets aborted and a new one is started at\nthe same time, the `loading` state gets set to false _after_ the next\ninvocation got started, so it's false for the time it's running:\n\n\n\n\nYou can see that while typing, the old slow request is aborted properly,\nbut the `loading` state gets lost and the abort error from the last\ninvocation is still set even though a new request is running already.\n\nThis is not the only possible issue that could happen here - e.g. if the\npromise chain throws too late, an unrelated error could be set in the\nerror handling logic, which is not related to the currently running\n`fn`.\n\nThis is hard to fix because as the hook does not control the `fn`, it\ndoes not know at which point it resolves, even after a new invocation\nwas started already. The abort signal asks the `fn` nicely to throw with\nan abort error, but it can't be controlled when that happens.\n\nThis PR introduces a notion of the current \"generation\" and only accepts\nstate updates from the most recent one.\n\nWith this, the new invocation correctly sets the loading state after the\nabort - what happens to the old promise chain after the abort can't\naffect the state anymore:\n\n\n\nI'm not sure whether this is the best way to resolve this issue, but I\ncouldn't come up with a better way. Happy to adjust, but I think we need\na solution that doesn't assume any special behavior of the passed in\n`fn`, otherwise this helper will always be super brittle.","sha":"8ff18e25758a05d4deff76ffa4b3407d98722a3c"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207365","number":207365,"mergeCommit":{"message":"Fix useAbortableAsync race condition (#207365)\n\n`useAbortableAsync` can easily get confused about the current state -\ne.g. when a previous invocation gets aborted and a new one is started at\nthe same time, the `loading` state gets set to false _after_ the next\ninvocation got started, so it's false for the time it's running:\n\n\n\n\nYou can see that while typing, the old slow request is aborted properly,\nbut the `loading` state gets lost and the abort error from the last\ninvocation is still set even though a new request is running already.\n\nThis is not the only possible issue that could happen here - e.g. if the\npromise chain throws too late, an unrelated error could be set in the\nerror handling logic, which is not related to the currently running\n`fn`.\n\nThis is hard to fix because as the hook does not control the `fn`, it\ndoes not know at which point it resolves, even after a new invocation\nwas started already. The abort signal asks the `fn` nicely to throw with\nan abort error, but it can't be controlled when that happens.\n\nThis PR introduces a notion of the current \"generation\" and only accepts\nstate updates from the most recent one.\n\nWith this, the new invocation correctly sets the loading state after the\nabort - what happens to the old promise chain after the abort can't\naffect the state anymore:\n\n\n\nI'm not sure whether this is the best way to resolve this issue, but I\ncouldn't come up with a better way. Happy to adjust, but I think we need\na solution that doesn't assume any special behavior of the passed in\n`fn`, otherwise this helper will always be super brittle.","sha":"8ff18e25758a05d4deff76ffa4b3407d98722a3c"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Joe Reuter <johannes.reuter@elastic.co> |
||
|
Kibana Machine
|
15026abfeb
|
[8.x] [Fleet] Disable `Upgrade agents on this policy` action when 0 agents (#207344) (#207421)
# Backport This will backport the following commits from `main` to `8.x`: - [[Fleet] Disable `Upgrade agents on this policy` action when 0 agents (#207344)](https://github.com/elastic/kibana/pull/207344) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Julia Bardi","email":"90178898+juliaElastic@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-01-21T17:39:19Z","message":"[Fleet] Disable `Upgrade agents on this policy` action when 0 agents (#207344)\n\n## Summary\r\n\r\nCloses https://github.com/elastic/kibana/issues/205588\r\n\r\nDisable the upgarde and uninstall action on the agent policy when there\r\nare 0 agents enrolled.\r\n\r\n<img width=\"1014\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/7174540b-9933-48c9-9f74-c51973f7582a\"\r\n/>","sha":"1ec624524ee1fc48fea26069db7d063053ca94f7","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","backport:prev-minor"],"title":"[Fleet] Disable `Upgrade agents on this policy` action when 0 agents","number":207344,"url":"https://github.com/elastic/kibana/pull/207344","mergeCommit":{"message":"[Fleet] Disable `Upgrade agents on this policy` action when 0 agents (#207344)\n\n## Summary\r\n\r\nCloses https://github.com/elastic/kibana/issues/205588\r\n\r\nDisable the upgarde and uninstall action on the agent policy when there\r\nare 0 agents enrolled.\r\n\r\n<img width=\"1014\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/7174540b-9933-48c9-9f74-c51973f7582a\"\r\n/>","sha":"1ec624524ee1fc48fea26069db7d063053ca94f7"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207344","number":207344,"mergeCommit":{"message":"[Fleet] Disable `Upgrade agents on this policy` action when 0 agents (#207344)\n\n## Summary\r\n\r\nCloses https://github.com/elastic/kibana/issues/205588\r\n\r\nDisable the upgarde and uninstall action on the agent policy when there\r\nare 0 agents enrolled.\r\n\r\n<img width=\"1014\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/7174540b-9933-48c9-9f74-c51973f7582a\"\r\n/>","sha":"1ec624524ee1fc48fea26069db7d063053ca94f7"}}]}] BACKPORT--> Co-authored-by: Julia Bardi <90178898+juliaElastic@users.noreply.github.com> |
||
|
Kibana Machine
|
b58c5a9e3a
|
[8.x] [Inventory v2] Fix issue with logs only views (#207305) (#207399)
# Backport This will backport the following commits from `main` to `8.x`: - [[Inventory v2] Fix issue with logs only views (#207305)](https://github.com/elastic/kibana/pull/207305) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"jennypavlova","email":"dzheni.pavlova@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T16:29:05Z","message":"[Inventory v2] Fix issue with logs only views (#207305)\n\nCloses https://github.com/elastic/kibana/issues/206967\r\n\r\n## Summary\r\n\r\nAfter some changes related to V2 migration of getting the entities,\r\nthere was an issue with the new data coming from the endpoint - the\r\n`data_stream.type` is a string instead of an array in case of a single\r\ndata stream so this PR adds a fix to support that (and a test)\r\n\r\n## Bug fixes\r\n- Service overview page loads for a logs-only data stream\r\n- After adding the fix, I saw another error related to the `useTheme`\r\nand changed it to use the `euiTheme` similar to the other changes\r\nrelated to the Borealis team upgrade\r\n\r\n## Testing\r\nTo test the scenario with services and hosts coming from logs (without\r\nAPM / metrics) I added a new scenario in synthtrace so to test then we\r\nshould:\r\n- Run the new scenario: `node scripts/synthtrace logs_only` (if possible\r\non a clean ES)\r\n- Enable `observability:entityCentricExperience` in Stack Management >\r\nAdvanced Setting\r\n- Go to Inventory and click on a service\r\n - The logs-only views should be available\r\n- Go to Inventory and click on a host\r\n - The logs-only views should be available\r\n \r\n\r\n\r\nhttps://github.com/user-attachments/assets/cfd5fd40-ac44-4807-9a29-f3ee3015d814\r\n\r\n\r\n - Test one of the scenarios with mix of APM/metrics/logs\r\n - Run `node scripts/synthtrace infra_hosts_with_apm_hosts`\r\n- Enable `observability:entityCentricExperience` in Stack Management >\r\nAdvanced Setting\r\n - Go to Inventory and click on a service from APM\r\n - The APM views (service/traces) should be available\r\n - Go to Inventory and click on a host\r\n - The asset details view should be available and show metrics\r\n \r\n\r\n\r\nhttps://github.com/user-attachments/assets/894c7c1a-aaa1-42cb-9dcb-05c9a5ca8177\r\n\r\n\r\n\r\n- Infrastructure (Inventory/Hosts, etc) and Applications (Service\r\nInventory/Traces, etc) should load the data for this scenario and not\r\nfor the logs only (also for an oblt cluster connection)\r\n \r\n \r\n\r\n\r\nhttps://github.com/user-attachments/assets/4d092cc6-a8ad-4022-b980-b443be09acc9","sha":"bd5e8ca3209886d5d67e5c78eaf9f3a55b6df55a","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","ci:project-deploy-observability","Team:obs-ux-infra_services"],"title":"[Inventory v2] Fix issue with logs only views","number":207305,"url":"https://github.com/elastic/kibana/pull/207305","mergeCommit":{"message":"[Inventory v2] Fix issue with logs only views (#207305)\n\nCloses https://github.com/elastic/kibana/issues/206967\r\n\r\n## Summary\r\n\r\nAfter some changes related to V2 migration of getting the entities,\r\nthere was an issue with the new data coming from the endpoint - the\r\n`data_stream.type` is a string instead of an array in case of a single\r\ndata stream so this PR adds a fix to support that (and a test)\r\n\r\n## Bug fixes\r\n- Service overview page loads for a logs-only data stream\r\n- After adding the fix, I saw another error related to the `useTheme`\r\nand changed it to use the `euiTheme` similar to the other changes\r\nrelated to the Borealis team upgrade\r\n\r\n## Testing\r\nTo test the scenario with services and hosts coming from logs (without\r\nAPM / metrics) I added a new scenario in synthtrace so to test then we\r\nshould:\r\n- Run the new scenario: `node scripts/synthtrace logs_only` (if possible\r\non a clean ES)\r\n- Enable `observability:entityCentricExperience` in Stack Management >\r\nAdvanced Setting\r\n- Go to Inventory and click on a service\r\n - The logs-only views should be available\r\n- Go to Inventory and click on a host\r\n - The logs-only views should be available\r\n \r\n\r\n\r\nhttps://github.com/user-attachments/assets/cfd5fd40-ac44-4807-9a29-f3ee3015d814\r\n\r\n\r\n - Test one of the scenarios with mix of APM/metrics/logs\r\n - Run `node scripts/synthtrace infra_hosts_with_apm_hosts`\r\n- Enable `observability:entityCentricExperience` in Stack Management >\r\nAdvanced Setting\r\n - Go to Inventory and click on a service from APM\r\n - The APM views (service/traces) should be available\r\n - Go to Inventory and click on a host\r\n - The asset details view should be available and show metrics\r\n \r\n\r\n\r\nhttps://github.com/user-attachments/assets/894c7c1a-aaa1-42cb-9dcb-05c9a5ca8177\r\n\r\n\r\n\r\n- Infrastructure (Inventory/Hosts, etc) and Applications (Service\r\nInventory/Traces, etc) should load the data for this scenario and not\r\nfor the logs only (also for an oblt cluster connection)\r\n \r\n \r\n\r\n\r\nhttps://github.com/user-attachments/assets/4d092cc6-a8ad-4022-b980-b443be09acc9","sha":"bd5e8ca3209886d5d67e5c78eaf9f3a55b6df55a"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207305","number":207305,"mergeCommit":{"message":"[Inventory v2] Fix issue with logs only views (#207305)\n\nCloses https://github.com/elastic/kibana/issues/206967\r\n\r\n## Summary\r\n\r\nAfter some changes related to V2 migration of getting the entities,\r\nthere was an issue with the new data coming from the endpoint - the\r\n`data_stream.type` is a string instead of an array in case of a single\r\ndata stream so this PR adds a fix to support that (and a test)\r\n\r\n## Bug fixes\r\n- Service overview page loads for a logs-only data stream\r\n- After adding the fix, I saw another error related to the `useTheme`\r\nand changed it to use the `euiTheme` similar to the other changes\r\nrelated to the Borealis team upgrade\r\n\r\n## Testing\r\nTo test the scenario with services and hosts coming from logs (without\r\nAPM / metrics) I added a new scenario in synthtrace so to test then we\r\nshould:\r\n- Run the new scenario: `node scripts/synthtrace logs_only` (if possible\r\non a clean ES)\r\n- Enable `observability:entityCentricExperience` in Stack Management >\r\nAdvanced Setting\r\n- Go to Inventory and click on a service\r\n - The logs-only views should be available\r\n- Go to Inventory and click on a host\r\n - The logs-only views should be available\r\n \r\n\r\n\r\nhttps://github.com/user-attachments/assets/cfd5fd40-ac44-4807-9a29-f3ee3015d814\r\n\r\n\r\n - Test one of the scenarios with mix of APM/metrics/logs\r\n - Run `node scripts/synthtrace infra_hosts_with_apm_hosts`\r\n- Enable `observability:entityCentricExperience` in Stack Management >\r\nAdvanced Setting\r\n - Go to Inventory and click on a service from APM\r\n - The APM views (service/traces) should be available\r\n - Go to Inventory and click on a host\r\n - The asset details view should be available and show metrics\r\n \r\n\r\n\r\nhttps://github.com/user-attachments/assets/894c7c1a-aaa1-42cb-9dcb-05c9a5ca8177\r\n\r\n\r\n\r\n- Infrastructure (Inventory/Hosts, etc) and Applications (Service\r\nInventory/Traces, etc) should load the data for this scenario and not\r\nfor the logs only (also for an oblt cluster connection)\r\n \r\n \r\n\r\n\r\nhttps://github.com/user-attachments/assets/4d092cc6-a8ad-4022-b980-b443be09acc9","sha":"bd5e8ca3209886d5d67e5c78eaf9f3a55b6df55a"}}]}] BACKPORT--> Co-authored-by: jennypavlova <dzheni.pavlova@elastic.co> |
||
|
Kibana Machine
|
8517fc39cc
|
[8.x] [Obs AI Assistant] Make KB tests more resilient by waiting for KB to be ready (#207272) (#207408)
# Backport This will backport the following commits from `main` to `8.x`: - [[Obs AI Assistant] Make KB tests more resilient by waiting for KB to be ready (#207272)](https://github.com/elastic/kibana/pull/207272) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Søren Louv-Jansen","email":"soren.louv@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T16:52:44Z","message":"[Obs AI Assistant] Make KB tests more resilient by waiting for KB to be ready (#207272)\n\nCloses https://github.com/elastic/kibana/issues/207356\n\n- Unskip knowledge base MKI tests\n- Improve resilience and reduce flakiness by waiting for the knowledge\nbase to be ready\n\nDepends on: https://github.com/elastic/kibana/pull/207069","sha":"3ccac04ec0760959241e53e2eca4cf4b3d7f9df9","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","Team:Obs AI Assistant","ci:project-deploy-observability"],"title":"[Obs AI Assistant] Make KB tests more resilient by waiting for KB to be ready","number":207272,"url":"https://github.com/elastic/kibana/pull/207272","mergeCommit":{"message":"[Obs AI Assistant] Make KB tests more resilient by waiting for KB to be ready (#207272)\n\nCloses https://github.com/elastic/kibana/issues/207356\n\n- Unskip knowledge base MKI tests\n- Improve resilience and reduce flakiness by waiting for the knowledge\nbase to be ready\n\nDepends on: https://github.com/elastic/kibana/pull/207069","sha":"3ccac04ec0760959241e53e2eca4cf4b3d7f9df9"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207272","number":207272,"mergeCommit":{"message":"[Obs AI Assistant] Make KB tests more resilient by waiting for KB to be ready (#207272)\n\nCloses https://github.com/elastic/kibana/issues/207356\n\n- Unskip knowledge base MKI tests\n- Improve resilience and reduce flakiness by waiting for the knowledge\nbase to be ready\n\nDepends on: https://github.com/elastic/kibana/pull/207069","sha":"3ccac04ec0760959241e53e2eca4cf4b3d7f9df9"}}]}] BACKPORT--> Co-authored-by: Søren Louv-Jansen <soren.louv@elastic.co> |
||
|
Kibana Machine
|
41482d6fa6
|
[8.x] [Synonyms UI] Search synonyms delete modal (#207075) (#207402)
# Backport This will backport the following commits from `main` to `8.x`: - [[Synonyms UI] Search synonyms delete modal (#207075)](https://github.com/elastic/kibana/pull/207075) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Efe Gürkan YALAMAN","email":"efeguerkan.yalaman@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T16:31:25Z","message":"[Synonyms UI] Search synonyms delete modal (#207075)\n\n<img width=\"1407\" alt=\"Screenshot 2025-01-17 at 14 27 09\"\r\nsrc=\"https://github.com/user-attachments/assets/6fac058d-bbe4-4d0f-b076-e3c51ea2b306\"\r\n/>\r\n<img width=\"1354\" alt=\"Screenshot 2025-01-17 at 14 27 14\"\r\nsrc=\"https://github.com/user-attachments/assets/cb72d521-d6ec-409f-b722-64887bdf572c\"\r\n/>\r\n## Summary\r\n\r\nAdds delete modal to synonyms UI table.\r\n\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [x] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [x] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n---------\r\n\r\nCo-authored-by: Liam Thompson <32779855+leemthompo@users.noreply.github.com>\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"d6ca7b95474fb3fc96e4f11ef28d2065d662cbbe","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Search","backport:version","v8.18.0"],"title":"[Synonyms UI] Search synonyms delete modal","number":207075,"url":"https://github.com/elastic/kibana/pull/207075","mergeCommit":{"message":"[Synonyms UI] Search synonyms delete modal (#207075)\n\n<img width=\"1407\" alt=\"Screenshot 2025-01-17 at 14 27 09\"\r\nsrc=\"https://github.com/user-attachments/assets/6fac058d-bbe4-4d0f-b076-e3c51ea2b306\"\r\n/>\r\n<img width=\"1354\" alt=\"Screenshot 2025-01-17 at 14 27 14\"\r\nsrc=\"https://github.com/user-attachments/assets/cb72d521-d6ec-409f-b722-64887bdf572c\"\r\n/>\r\n## Summary\r\n\r\nAdds delete modal to synonyms UI table.\r\n\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [x] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [x] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n---------\r\n\r\nCo-authored-by: Liam Thompson <32779855+leemthompo@users.noreply.github.com>\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"d6ca7b95474fb3fc96e4f11ef28d2065d662cbbe"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207075","number":207075,"mergeCommit":{"message":"[Synonyms UI] Search synonyms delete modal (#207075)\n\n<img width=\"1407\" alt=\"Screenshot 2025-01-17 at 14 27 09\"\r\nsrc=\"https://github.com/user-attachments/assets/6fac058d-bbe4-4d0f-b076-e3c51ea2b306\"\r\n/>\r\n<img width=\"1354\" alt=\"Screenshot 2025-01-17 at 14 27 14\"\r\nsrc=\"https://github.com/user-attachments/assets/cb72d521-d6ec-409f-b722-64887bdf572c\"\r\n/>\r\n## Summary\r\n\r\nAdds delete modal to synonyms UI table.\r\n\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [x] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [ ] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [x] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n---------\r\n\r\nCo-authored-by: Liam Thompson <32779855+leemthompo@users.noreply.github.com>\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"d6ca7b95474fb3fc96e4f11ef28d2065d662cbbe"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Efe Gürkan YALAMAN <efeguerkan.yalaman@elastic.co> |
||
Sergi Romeu
|
67096beac6
|
[8.x] [Profiling] Migrate Profiling Cypress tests to on_merge from on_merge_unsupported_ftrs (#206727) (#207401)
# Backport This will backport the following commits from `main` to `8.x`: - [[Profiling] Migrate Profiling Cypress tests to `on_merge` from `on_merge_unsupported_ftrs` (#206727)](https://github.com/elastic/kibana/pull/206727) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Sergi Romeu","email":"sergi.romeu@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T16:09:42Z","message":"[Profiling] Migrate Profiling Cypress tests to `on_merge` from `on_merge_unsupported_ftrs` (#206727)\n\n## Summary\n\nCloses https://github.com/elastic/kibana/issues/206664\n\nThis PR moves Profiling Cypress tests to be run on the main pipeline\ninstead of the unsupported one.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"3498d509ef2cf079e222bbd4aa6a5512adf4f608","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["technical debt","release_note:skip","v9.0.0","backport:prev-minor","Team:obs-ux-infra_services"],"title":"[Profiling] Migrate Profiling Cypress tests to `on_merge` from `on_merge_unsupported_ftrs`","number":206727,"url":"https://github.com/elastic/kibana/pull/206727","mergeCommit":{"message":"[Profiling] Migrate Profiling Cypress tests to `on_merge` from `on_merge_unsupported_ftrs` (#206727)\n\n## Summary\n\nCloses https://github.com/elastic/kibana/issues/206664\n\nThis PR moves Profiling Cypress tests to be run on the main pipeline\ninstead of the unsupported one.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"3498d509ef2cf079e222bbd4aa6a5512adf4f608"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206727","number":206727,"mergeCommit":{"message":"[Profiling] Migrate Profiling Cypress tests to `on_merge` from `on_merge_unsupported_ftrs` (#206727)\n\n## Summary\n\nCloses https://github.com/elastic/kibana/issues/206664\n\nThis PR moves Profiling Cypress tests to be run on the main pipeline\ninstead of the unsupported one.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"3498d509ef2cf079e222bbd4aa6a5512adf4f608"}}]}] BACKPORT--> |
||
|
Kibana Machine
|
8aa225d1b5
|
[8.x] 🌊 Streams: Speed up sampling (#207334) (#207392)
# Backport This will backport the following commits from `main` to `8.x`: - [🌊 Streams: Speed up sampling (#207334)](https://github.com/elastic/kibana/pull/207334) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Joe Reuter","email":"johannes.reuter@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T15:58:58Z","message":"🌊 Streams: Speed up sampling (#207334)\n\nThe sampling API can easily get slow because it matches on runtime\nfields.\n\nThis PR picks the low hanging fruits in speeding it up:\n* Not tracking the total hits because that would require to scan all\ndocuments (by default it goes up to 10k)\n* Stopping the search after as many matches as requested were found\n\nThis is not sufficient as search can still be very slow if condition\nmatches are rare, as millions of docs might have to be scanned. This can\nbe improved further in follow-up PRs.","sha":"49b28eda6521b8dba75931f0cc9b595be1d017aa","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:version","v8.18.0","Feature:Streams"],"title":"🌊 Streams: Speed up sampling","number":207334,"url":"https://github.com/elastic/kibana/pull/207334","mergeCommit":{"message":"🌊 Streams: Speed up sampling (#207334)\n\nThe sampling API can easily get slow because it matches on runtime\nfields.\n\nThis PR picks the low hanging fruits in speeding it up:\n* Not tracking the total hits because that would require to scan all\ndocuments (by default it goes up to 10k)\n* Stopping the search after as many matches as requested were found\n\nThis is not sufficient as search can still be very slow if condition\nmatches are rare, as millions of docs might have to be scanned. This can\nbe improved further in follow-up PRs.","sha":"49b28eda6521b8dba75931f0cc9b595be1d017aa"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207334","number":207334,"mergeCommit":{"message":"🌊 Streams: Speed up sampling (#207334)\n\nThe sampling API can easily get slow because it matches on runtime\nfields.\n\nThis PR picks the low hanging fruits in speeding it up:\n* Not tracking the total hits because that would require to scan all\ndocuments (by default it goes up to 10k)\n* Stopping the search after as many matches as requested were found\n\nThis is not sufficient as search can still be very slow if condition\nmatches are rare, as millions of docs might have to be scanned. This can\nbe improved further in follow-up PRs.","sha":"49b28eda6521b8dba75931f0cc9b595be1d017aa"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Joe Reuter <johannes.reuter@elastic.co> |
||
|
Kibana Machine
|
5c3e96fdf8
|
[8.x] [Rule Migration] Add PackageClient to fetch integrations (#207197) (#207391)
# Backport This will backport the following commits from `main` to `8.x`: - [[Rule Migration] Add PackageClient to fetch integrations (#207197)](https://github.com/elastic/kibana/pull/207197) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Marius Iversen","email":"marius.iversen@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T15:46:44Z","message":"[Rule Migration] Add PackageClient to fetch integrations (#207197)\n\n## Summary\r\n\r\nAwaiting the changes to the EPR API to include datasets we temporarily\r\nincluded a JSON file to simulate the expected outcome so we could move\r\nforward while waiting.\r\n\r\nSince the changes is now done, the calls to\r\nhttps://epr.elastic.co/search? now returns data_streams in their\r\nresponses so this PR replaces the temp JSON with the proper\r\nPackageClient implementation.\r\n\r\nTested a few migrations with both prebuilt rule matches and without, and\r\nseems to be working as intended. The integration count also seems to be\r\nconsistent with what to be expected.","sha":"1e5abbe8eeb198a62b9ef43179db3124fc6c7a1b","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Threat Hunting","Team: SecuritySolution","backport:version","v8.18.0"],"title":"[Rule Migration] Add PackageClient to fetch integrations","number":207197,"url":"https://github.com/elastic/kibana/pull/207197","mergeCommit":{"message":"[Rule Migration] Add PackageClient to fetch integrations (#207197)\n\n## Summary\r\n\r\nAwaiting the changes to the EPR API to include datasets we temporarily\r\nincluded a JSON file to simulate the expected outcome so we could move\r\nforward while waiting.\r\n\r\nSince the changes is now done, the calls to\r\nhttps://epr.elastic.co/search? now returns data_streams in their\r\nresponses so this PR replaces the temp JSON with the proper\r\nPackageClient implementation.\r\n\r\nTested a few migrations with both prebuilt rule matches and without, and\r\nseems to be working as intended. The integration count also seems to be\r\nconsistent with what to be expected.","sha":"1e5abbe8eeb198a62b9ef43179db3124fc6c7a1b"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207197","number":207197,"mergeCommit":{"message":"[Rule Migration] Add PackageClient to fetch integrations (#207197)\n\n## Summary\r\n\r\nAwaiting the changes to the EPR API to include datasets we temporarily\r\nincluded a JSON file to simulate the expected outcome so we could move\r\nforward while waiting.\r\n\r\nSince the changes is now done, the calls to\r\nhttps://epr.elastic.co/search? now returns data_streams in their\r\nresponses so this PR replaces the temp JSON with the proper\r\nPackageClient implementation.\r\n\r\nTested a few migrations with both prebuilt rule matches and without, and\r\nseems to be working as intended. The integration count also seems to be\r\nconsistent with what to be expected.","sha":"1e5abbe8eeb198a62b9ef43179db3124fc6c7a1b"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Marius Iversen <marius.iversen@elastic.co> |
||
|
Kibana Machine
|
66164fb14f
|
[8.x] [ Security Solution ] - Better row indicators with `getRowIndicator` callback (#206736) (#207387)
# Backport This will backport the following commits from `main` to `8.x`: - [[ Security Solution ] - Better row indicators with `getRowIndicator` callback (#206736)](https://github.com/elastic/kibana/pull/206736) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jatin Kathuria","email":"jatin.kathuria@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T15:28:55Z","message":"[ Security Solution ] - Better row indicators with `getRowIndicator` callback (#206736)\n\n## Summary\n\nRecently unified table introduced `getRowIndicator` callback to add row\nhighlighting. Today Security solution achieves that by using\n`border-left` style.\n\nThis PR replaces that `border-left` with `getRowIndicator` . \n\n> [!Note]\n> One thing to note is that `Event/Row Renderers` will still make use of\n`border-left` as it is a cell and `getRowIndicator` applies only to a\ncomplete `row`.\n\n### Without Row Renderers\n\n|| Before | After |\n|---|---|---|\n|Query Tab |\n (#207388)
# Backport This will backport the following commits from `main` to `8.x`: - [[ES `body` removal] `@elastic/obs-ai-assistant` (#204870)](https://github.com/elastic/kibana/pull/204870) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alejandro Fernández Haro","email":"alejandro.haro@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T15:24:50Z","message":"[ES `body` removal] `@elastic/obs-ai-assistant` (#204870)","sha":"41a03ee738d669941528ab52e7a16059a68bd1a2","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","Team:Obs AI Assistant"],"title":"[ES `body` removal] `@elastic/obs-ai-assistant`","number":204870,"url":"https://github.com/elastic/kibana/pull/204870","mergeCommit":{"message":"[ES `body` removal] `@elastic/obs-ai-assistant` (#204870)","sha":"41a03ee738d669941528ab52e7a16059a68bd1a2"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/204870","number":204870,"mergeCommit":{"message":"[ES `body` removal] `@elastic/obs-ai-assistant` (#204870)","sha":"41a03ee738d669941528ab52e7a16059a68bd1a2"}}]}] BACKPORT--> Co-authored-by: Alejandro Fernández Haro <alejandro.haro@elastic.co> |
||
|
Kibana Machine
|
8129cdbb14
|
[8.x] [Security Solution ] Fixes Timeline `Unsaved changes` badge color as per EUI recs (#207351) (#207380)
# Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution ] Fixes Timeline `Unsaved changes` badge color as per EUI recs (#207351)](https://github.com/elastic/kibana/pull/207351) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jatin Kathuria","email":"jatin.kathuria@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T15:02:56Z","message":"[Security Solution ] Fixes Timeline `Unsaved changes` badge color as per EUI recs (#207351)\n\n## Summary\n\nHandles\n- https://github.com/elastic/kibana/issues/205733\n\n||Before|After|\n|---|---|---|\n|Light theme| <video\nsrc=\"https://github.com/user-attachments/assets/b8b89b2f-3c4f-40c1-b5b9-88a1044208cf\"\n/>| <video\nsrc=\"https://github.com/user-attachments/assets/33495309-c672-47c1-9f0d-e26892b62ef6\"\n/>|\n| Borealis Timeline Minimized |\n (#207379)
# Backport This will backport the following commits from `main` to `8.x`: - [[ES `body` removal] `@elastic/security-generative-ai` (#204859)](https://github.com/elastic/kibana/pull/204859) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alejandro Fernández Haro","email":"alejandro.haro@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T14:57:44Z","message":"[ES `body` removal] `@elastic/security-generative-ai` (#204859)","sha":"db6a1b0bee730b06cfcf527231df2f6ab46f2563","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","Team:Security Generative AI"],"title":"[ES `body` removal] `@elastic/security-generative-ai`","number":204859,"url":"https://github.com/elastic/kibana/pull/204859","mergeCommit":{"message":"[ES `body` removal] `@elastic/security-generative-ai` (#204859)","sha":"db6a1b0bee730b06cfcf527231df2f6ab46f2563"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/204859","number":204859,"mergeCommit":{"message":"[ES `body` removal] `@elastic/security-generative-ai` (#204859)","sha":"db6a1b0bee730b06cfcf527231df2f6ab46f2563"}}]}] BACKPORT--> Co-authored-by: Alejandro Fernández Haro <alejandro.haro@elastic.co> |
||
|
Kibana Machine
|
af02ddceed
|
[8.x] [Security Solution] Fix old siem feature override (#207333) (#207373)
# Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Fix old siem feature override (#207333)](https://github.com/elastic/kibana/pull/207333) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Sergi Massaneda","email":"sergi.massaneda@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T14:50:53Z","message":"[Security Solution] Fix old siem feature override (#207333)\n\n## Summary\r\n\r\nAdds the feature override for the old `siem` feature as well, we changed\r\nthat to the new one here\r\n\r\n\r\nhttps://github.com/elastic/kibana/pull/201780/files#diff-5aba630e58630c087c90368aa97296afb736f62579a23285cef901dc1c3921edR27\r\n\r\nRelated failure: https://github.com/elastic/kibana/issues/207285\r\n\r\nThe problem happened because MKI tests are using the outdated roles\r\ndefinition with the old `feature_siem` which was lacking the feature\r\noverride in the serverless.security.yml\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"9077414852f86a70aba5259e9f62d12a53a63090","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Threat Hunting","ci:build-serverless-image","backport:version","v8.18.0"],"title":"[Security Solution] Fix old siem feature override","number":207333,"url":"https://github.com/elastic/kibana/pull/207333","mergeCommit":{"message":"[Security Solution] Fix old siem feature override (#207333)\n\n## Summary\r\n\r\nAdds the feature override for the old `siem` feature as well, we changed\r\nthat to the new one here\r\n\r\n\r\nhttps://github.com/elastic/kibana/pull/201780/files#diff-5aba630e58630c087c90368aa97296afb736f62579a23285cef901dc1c3921edR27\r\n\r\nRelated failure: https://github.com/elastic/kibana/issues/207285\r\n\r\nThe problem happened because MKI tests are using the outdated roles\r\ndefinition with the old `feature_siem` which was lacking the feature\r\noverride in the serverless.security.yml\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"9077414852f86a70aba5259e9f62d12a53a63090"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207333","number":207333,"mergeCommit":{"message":"[Security Solution] Fix old siem feature override (#207333)\n\n## Summary\r\n\r\nAdds the feature override for the old `siem` feature as well, we changed\r\nthat to the new one here\r\n\r\n\r\nhttps://github.com/elastic/kibana/pull/201780/files#diff-5aba630e58630c087c90368aa97296afb736f62579a23285cef901dc1c3921edR27\r\n\r\nRelated failure: https://github.com/elastic/kibana/issues/207285\r\n\r\nThe problem happened because MKI tests are using the outdated roles\r\ndefinition with the old `feature_siem` which was lacking the feature\r\noverride in the serverless.security.yml\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"9077414852f86a70aba5259e9f62d12a53a63090"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Sergi Massaneda <sergi.massaneda@elastic.co> |
||
|
Kibana Machine
|
864adea19f
|
[8.x] [Case Observables][Similar Cases] Add value label to similarities in response & the view (#206934) (#207377)
# Backport This will backport the following commits from `main` to `8.x`: - [[Case Observables][Similar Cases] Add value label to similarities in response & the view (#206934)](https://github.com/elastic/kibana/pull/206934) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Luke Gmys","email":"11671118+lgestc@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-01-21T14:53:27Z","message":"[Case Observables][Similar Cases] Add value label to similarities in response & the view (#206934)\n\n## Summary\r\n\r\nThis PR improves similar value rendering by wrapping them in badges and\r\nadding in the observable type label to the api response & the view.\r\n\r\n\r\n\r\n### Testing:\r\n\r\nAdd two observables in distinct cases, with same value and type. They\r\nshould show up in the Similar Cases tab just like on the screenshot\r\nbelow.\r\n\r\n---------\r\n\r\nCo-authored-by: Antonio <antoniodcoelho@gmail.com>","sha":"b44ccfcede6300412b0ec6ddcc95939a40625260","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","v9.0.0","Team:Threat Hunting:Investigations","backport:prev-minor"],"title":"[Case Observables][Similar Cases] Add value label to similarities in response & the view","number":206934,"url":"https://github.com/elastic/kibana/pull/206934","mergeCommit":{"message":"[Case Observables][Similar Cases] Add value label to similarities in response & the view (#206934)\n\n## Summary\r\n\r\nThis PR improves similar value rendering by wrapping them in badges and\r\nadding in the observable type label to the api response & the view.\r\n\r\n\r\n\r\n### Testing:\r\n\r\nAdd two observables in distinct cases, with same value and type. They\r\nshould show up in the Similar Cases tab just like on the screenshot\r\nbelow.\r\n\r\n---------\r\n\r\nCo-authored-by: Antonio <antoniodcoelho@gmail.com>","sha":"b44ccfcede6300412b0ec6ddcc95939a40625260"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206934","number":206934,"mergeCommit":{"message":"[Case Observables][Similar Cases] Add value label to similarities in response & the view (#206934)\n\n## Summary\r\n\r\nThis PR improves similar value rendering by wrapping them in badges and\r\nadding in the observable type label to the api response & the view.\r\n\r\n\r\n\r\n### Testing:\r\n\r\nAdd two observables in distinct cases, with same value and type. They\r\nshould show up in the Similar Cases tab just like on the screenshot\r\nbelow.\r\n\r\n---------\r\n\r\nCo-authored-by: Antonio <antoniodcoelho@gmail.com>","sha":"b44ccfcede6300412b0ec6ddcc95939a40625260"}}]}] BACKPORT--> Co-authored-by: Luke Gmys <11671118+lgestc@users.noreply.github.com> |
||
|
Kibana Machine
|
3abc1783a6
|
[8.x] [Fleet] Fix Jest dev config (#207211) (#207376)
# Backport This will backport the following commits from `main` to `8.x`: - [[Fleet] Fix Jest dev config (#207211)](https://github.com/elastic/kibana/pull/207211) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jill Guyonnet","email":"jill.guyonnet@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T14:53:11Z","message":"[Fleet] Fix Jest dev config (#207211)\n\n## Summary\r\n\r\nFollowup to https://github.com/elastic/kibana/pull/205798.\r\n\r\nThere was a typo in the root Jest config for running unit tests locally.\r\nAlso fixing reference in README.\r\n\r\n### To test\r\n\r\n`yarn jest --config\r\nx-pack/platform/plugins/shared/fleet/jest.config.dev.js` should run\r\nFleet unit tests correctly.","sha":"36332b1bd014c5f09af0cfedcf1f8905f781c9b0","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","backport:prev-minor"],"title":"[Fleet] Fix Jest dev config","number":207211,"url":"https://github.com/elastic/kibana/pull/207211","mergeCommit":{"message":"[Fleet] Fix Jest dev config (#207211)\n\n## Summary\r\n\r\nFollowup to https://github.com/elastic/kibana/pull/205798.\r\n\r\nThere was a typo in the root Jest config for running unit tests locally.\r\nAlso fixing reference in README.\r\n\r\n### To test\r\n\r\n`yarn jest --config\r\nx-pack/platform/plugins/shared/fleet/jest.config.dev.js` should run\r\nFleet unit tests correctly.","sha":"36332b1bd014c5f09af0cfedcf1f8905f781c9b0"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207211","number":207211,"mergeCommit":{"message":"[Fleet] Fix Jest dev config (#207211)\n\n## Summary\r\n\r\nFollowup to https://github.com/elastic/kibana/pull/205798.\r\n\r\nThere was a typo in the root Jest config for running unit tests locally.\r\nAlso fixing reference in README.\r\n\r\n### To test\r\n\r\n`yarn jest --config\r\nx-pack/platform/plugins/shared/fleet/jest.config.dev.js` should run\r\nFleet unit tests correctly.","sha":"36332b1bd014c5f09af0cfedcf1f8905f781c9b0"}}]}] BACKPORT--> Co-authored-by: Jill Guyonnet <jill.guyonnet@elastic.co> |
||
|
Kibana Machine
|
022cc3dbb6
|
[8.x] Use client logger in `ContentInsightsClient` (#207206) (#207371)
# Backport This will backport the following commits from `main` to `8.x`: - [Use client logger in `ContentInsightsClient` (#207206)](https://github.com/elastic/kibana/pull/207206) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Anton Dosov","email":"anton.dosov@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T14:41:10Z","message":"Use client logger in `ContentInsightsClient` (#207206)\n\n## Summary\r\n\r\nfix https://github.com/elastic/kibana-team/issues/1412 (see context,\r\njust for cleanup)","sha":"6b9d90ef5961ffe6446585ce3a9abeabbe617aae","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:SharedUX","backport:prev-minor"],"title":"Use client logger in `ContentInsightsClient`","number":207206,"url":"https://github.com/elastic/kibana/pull/207206","mergeCommit":{"message":"Use client logger in `ContentInsightsClient` (#207206)\n\n## Summary\r\n\r\nfix https://github.com/elastic/kibana-team/issues/1412 (see context,\r\njust for cleanup)","sha":"6b9d90ef5961ffe6446585ce3a9abeabbe617aae"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207206","number":207206,"mergeCommit":{"message":"Use client logger in `ContentInsightsClient` (#207206)\n\n## Summary\r\n\r\nfix https://github.com/elastic/kibana-team/issues/1412 (see context,\r\njust for cleanup)","sha":"6b9d90ef5961ffe6446585ce3a9abeabbe617aae"}}]}] BACKPORT--> Co-authored-by: Anton Dosov <anton.dosov@elastic.co> |
||
Alejandro Fernández Haro
|
38a721d116
|
[8.x] [ES body removal] @elastic/response-ops (#204882) (#207370)
# Backport This will backport the following commits from `main` to `8.x`: - [[ES `body` removal] `@elastic/response-ops` (#204882)](https://github.com/elastic/kibana/pull/204882) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Alejandro Fernández Haro","email":"alejandro.haro@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T14:10:54Z","message":"[ES `body` removal] `@elastic/response-ops` (#204882)","sha":"7bb2dad38f8938569374ce5c99d5e4a2f1ff9b95","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","v9.0.0","backport:prev-minor","Team:obs-ux-management","Team:Entity Analytics"],"title":"[ES `body` removal] `@elastic/response-ops`","number":204882,"url":"https://github.com/elastic/kibana/pull/204882","mergeCommit":{"message":"[ES `body` removal] `@elastic/response-ops` (#204882)","sha":"7bb2dad38f8938569374ce5c99d5e4a2f1ff9b95"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/204882","number":204882,"mergeCommit":{"message":"[ES `body` removal] `@elastic/response-ops` (#204882)","sha":"7bb2dad38f8938569374ce5c99d5e4a2f1ff9b95"}}]}] BACKPORT--> |
||
Nicolas Chaulet
|
113a3cfd15
|
[8.x] [Fleet] Fix APM to support space aware Fleet (#206964) (#207357)
# Backport This will backport the following commits from `main` to `8.x`: - [[Fleet] Fix APM to support space aware Fleet (#206964)](https://github.com/elastic/kibana/pull/206964) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Nicolas Chaulet","email":"nicolas.chaulet@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T13:10:56Z","message":"[Fleet] Fix APM to support space aware Fleet (#206964)","sha":"26f4900bf067378d411d8607e2f93f85b141b295","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:APM","release_note:skip","Team:Fleet","v9.0.0","backport:prev-minor","Team:obs-ux-infra_services"],"title":"[Fleet] Fix APM to support space aware Fleet","number":206964,"url":"https://github.com/elastic/kibana/pull/206964","mergeCommit":{"message":"[Fleet] Fix APM to support space aware Fleet (#206964)","sha":"26f4900bf067378d411d8607e2f93f85b141b295"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206964","number":206964,"mergeCommit":{"message":"[Fleet] Fix APM to support space aware Fleet (#206964)","sha":"26f4900bf067378d411d8607e2f93f85b141b295"}}]}] BACKPORT--> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
jennypavlova
|
7a212212d3
|
[8.x] [APM][Transactions] Test trace summary (#207115) (#207358)
# Backport This will backport the following commits from `main` to `8.x`: - [[APM][Transactions] Test trace summary (#207115)](https://github.com/elastic/kibana/pull/207115) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"jennypavlova","email":"dzheni.pavlova@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T08:49:03Z","message":"[APM][Transactions] Test trace summary (#207115)\n\nCloses #206947\r\n\r\n## Summary\r\n\r\nThis PR adds tests for trace summary (Otel / APM cases) and changes the\r\n`styled-components` to `css`.","sha":"8b97ad0b1332fbef0e0e13ac3a01d842a8f7b8c9","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","ci:project-deploy-observability","Team:obs-ux-infra_services"],"title":"[APM][Transactions] Test trace summary","number":207115,"url":"https://github.com/elastic/kibana/pull/207115","mergeCommit":{"message":"[APM][Transactions] Test trace summary (#207115)\n\nCloses #206947\r\n\r\n## Summary\r\n\r\nThis PR adds tests for trace summary (Otel / APM cases) and changes the\r\n`styled-components` to `css`.","sha":"8b97ad0b1332fbef0e0e13ac3a01d842a8f7b8c9"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207115","number":207115,"mergeCommit":{"message":"[APM][Transactions] Test trace summary (#207115)\n\nCloses #206947\r\n\r\n## Summary\r\n\r\nThis PR adds tests for trace summary (Otel / APM cases) and changes the\r\n`styled-components` to `css`.","sha":"8b97ad0b1332fbef0e0e13ac3a01d842a8f7b8c9"}}]}] BACKPORT--> |
||
|
Kibana Machine
|
ad38e9b0a8
|
[8.x] [Security Solution] Add retrieve results to security solution search strategy (#207307) (#207353)
# Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Add retrieve results to security solution search strategy (#207307)](https://github.com/elastic/kibana/pull/207307) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Angela Chuang","email":"6295984+angorayc@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-01-21T13:19:49Z","message":"[Security Solution] Add retrieve results to security solution search strategy (#207307)\n\n## Summary\r\n\r\nhttps://github.com/elastic/kibana/pull/189031\r\n\r\nhttps://p.elstc.co/paste/pCGQy1nV#B7fBRtGiDq-QN14qT/eE8zPOPWgXP88672NIcbSblaD\r\nWithout `options.retrieveResults = true` parameter,\r\n`response.rawResponse.hits.hits` from search strategy can be undefined\r\n\r\n### Checklist\r\n\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"91eefe437a0ef68de34cd6f50f2a1e9cb93f6fc2","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["backport","release_note:skip","v9.0.0","v8.18.0"],"title":"[Security Solution] Add retrieve results to security solution search strategy","number":207307,"url":"https://github.com/elastic/kibana/pull/207307","mergeCommit":{"message":"[Security Solution] Add retrieve results to security solution search strategy (#207307)\n\n## Summary\r\n\r\nhttps://github.com/elastic/kibana/pull/189031\r\n\r\nhttps://p.elstc.co/paste/pCGQy1nV#B7fBRtGiDq-QN14qT/eE8zPOPWgXP88672NIcbSblaD\r\nWithout `options.retrieveResults = true` parameter,\r\n`response.rawResponse.hits.hits` from search strategy can be undefined\r\n\r\n### Checklist\r\n\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"91eefe437a0ef68de34cd6f50f2a1e9cb93f6fc2"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207307","number":207307,"mergeCommit":{"message":"[Security Solution] Add retrieve results to security solution search strategy (#207307)\n\n## Summary\r\n\r\nhttps://github.com/elastic/kibana/pull/189031\r\n\r\nhttps://p.elstc.co/paste/pCGQy1nV#B7fBRtGiDq-QN14qT/eE8zPOPWgXP88672NIcbSblaD\r\nWithout `options.retrieveResults = true` parameter,\r\n`response.rawResponse.hits.hits` from search strategy can be undefined\r\n\r\n### Checklist\r\n\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"91eefe437a0ef68de34cd6f50f2a1e9cb93f6fc2"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Angela Chuang <6295984+angorayc@users.noreply.github.com> |
||
|
Kibana Machine
|
240ee2e602
|
[8.x] [Streams 🌊] Fix _sample API condition param and missing typing on processor forms (#207213) (#207347)
# Backport This will backport the following commits from `main` to `8.x`: - [[Streams 🌊] Fix _sample API condition param and missing typing on processor forms (#207213)](https://github.com/elastic/kibana/pull/207213) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Marco Antonio Ghiani","email":"marcoantonio.ghiani01@gmail.com"},"sourceCommit":{"committedDate":"2025-01-21T12:55:20Z","message":"[Streams 🌊] Fix _sample API condition param and missing typing on processor forms (#207213)\n\n## 📓 Summary\r\n\r\nAddress a reference error on the optional `condition` parameter for the\r\n`_sample` API and add explicit typing to processor forms' controls.","sha":"671731ce3f596d808c4733d979e62a933327b30c","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","Feature:Streams"],"title":"[Streams 🌊] Fix _sample API condition param and missing typing on processor forms","number":207213,"url":"https://github.com/elastic/kibana/pull/207213","mergeCommit":{"message":"[Streams 🌊] Fix _sample API condition param and missing typing on processor forms (#207213)\n\n## 📓 Summary\r\n\r\nAddress a reference error on the optional `condition` parameter for the\r\n`_sample` API and add explicit typing to processor forms' controls.","sha":"671731ce3f596d808c4733d979e62a933327b30c"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207213","number":207213,"mergeCommit":{"message":"[Streams 🌊] Fix _sample API condition param and missing typing on processor forms (#207213)\n\n## 📓 Summary\r\n\r\nAddress a reference error on the optional `condition` parameter for the\r\n`_sample` API and add explicit typing to processor forms' controls.","sha":"671731ce3f596d808c4733d979e62a933327b30c"}}]}] BACKPORT--> Co-authored-by: Marco Antonio Ghiani <marcoantonio.ghiani01@gmail.com> |
||
|
Kibana Machine
|
662c19b91c
|
[8.x] [Streams 🌊] Update simulator to assert fields & integration testing (#206950) (#207345)
# Backport This will backport the following commits from `main` to `8.x`: - [[Streams 🌊] Update simulator to assert fields & integration testing (#206950)](https://github.com/elastic/kibana/pull/206950) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Marco Antonio Ghiani","email":"marcoantonio.ghiani01@gmail.com"},"sourceCommit":{"committedDate":"2025-01-21T12:50:07Z","message":"[Streams 🌊] Update simulator to assert fields & integration testing (#206950)\n\n## 📓 Summary\r\n\r\nCloses https://github.com/elastic/streams-program/issues/68\r\n\r\nThis work updates the way a simulation for processing is performed,\r\nworking against the `_ingest/_simulate` API.\r\nThis gives less specific feedback on the simulation failure (which\r\nprocessor failed), but allows for a much more realistic simulation\r\nagainst the index configuration.\r\n\r\nThis work also adds integration testing for this API.\r\n\r\n## 📔 Reviewer notes\r\n\r\nThe API is poorly typed due to missing typing in the elasticsearch-js\r\nlibrary. #204175 updates the library with those typings, as soon as it's\r\nmerged I'll update the API.\r\n\r\n## 🎥 Recordings\r\n\r\n\r\nhttps://github.com/user-attachments/assets/36ce0d3c-b7de-44d2-bdc2-84ff67fb4b25","sha":"39bf5e646fcaf31702dfe9fb17942d5aaea528ab","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","Feature:Streams"],"title":"[Streams 🌊] Update simulator to assert fields & integration testing","number":206950,"url":"https://github.com/elastic/kibana/pull/206950","mergeCommit":{"message":"[Streams 🌊] Update simulator to assert fields & integration testing (#206950)\n\n## 📓 Summary\r\n\r\nCloses https://github.com/elastic/streams-program/issues/68\r\n\r\nThis work updates the way a simulation for processing is performed,\r\nworking against the `_ingest/_simulate` API.\r\nThis gives less specific feedback on the simulation failure (which\r\nprocessor failed), but allows for a much more realistic simulation\r\nagainst the index configuration.\r\n\r\nThis work also adds integration testing for this API.\r\n\r\n## 📔 Reviewer notes\r\n\r\nThe API is poorly typed due to missing typing in the elasticsearch-js\r\nlibrary. #204175 updates the library with those typings, as soon as it's\r\nmerged I'll update the API.\r\n\r\n## 🎥 Recordings\r\n\r\n\r\nhttps://github.com/user-attachments/assets/36ce0d3c-b7de-44d2-bdc2-84ff67fb4b25","sha":"39bf5e646fcaf31702dfe9fb17942d5aaea528ab"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206950","number":206950,"mergeCommit":{"message":"[Streams 🌊] Update simulator to assert fields & integration testing (#206950)\n\n## 📓 Summary\r\n\r\nCloses https://github.com/elastic/streams-program/issues/68\r\n\r\nThis work updates the way a simulation for processing is performed,\r\nworking against the `_ingest/_simulate` API.\r\nThis gives less specific feedback on the simulation failure (which\r\nprocessor failed), but allows for a much more realistic simulation\r\nagainst the index configuration.\r\n\r\nThis work also adds integration testing for this API.\r\n\r\n## 📔 Reviewer notes\r\n\r\nThe API is poorly typed due to missing typing in the elasticsearch-js\r\nlibrary. #204175 updates the library with those typings, as soon as it's\r\nmerged I'll update the API.\r\n\r\n## 🎥 Recordings\r\n\r\n\r\nhttps://github.com/user-attachments/assets/36ce0d3c-b7de-44d2-bdc2-84ff67fb4b25","sha":"39bf5e646fcaf31702dfe9fb17942d5aaea528ab"}}]}] BACKPORT--> Co-authored-by: Marco Antonio Ghiani <marcoantonio.ghiani01@gmail.com> |
||
|
Kibana Machine
|
9573c53fba
|
[8.x] [React@18] Fix remaining unit tests (#207195) (#207338)
# Backport This will backport the following commits from `main` to `8.x`: - [[React@18] Fix remaining unit tests (#207195)](https://github.com/elastic/kibana/pull/207195) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Anton Dosov","email":"anton.dosov@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T12:22:16Z","message":"[React@18] Fix remaining unit tests (#207195)","sha":"57664673595086f917a268b273b90bb8af2d2c8d","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:SharedUX","backport:prev-minor","React@18"],"title":"[React@18] Fix remaining unit tests ","number":207195,"url":"https://github.com/elastic/kibana/pull/207195","mergeCommit":{"message":"[React@18] Fix remaining unit tests (#207195)","sha":"57664673595086f917a268b273b90bb8af2d2c8d"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207195","number":207195,"mergeCommit":{"message":"[React@18] Fix remaining unit tests (#207195)","sha":"57664673595086f917a268b273b90bb8af2d2c8d"}}]}] BACKPORT--> Co-authored-by: Anton Dosov <anton.dosov@elastic.co> |
||
Nathan Reese
|
c570a3431f
|
[8.x] [controls] lazy load control actions (#206876) (#207277)
# Backport This will backport the following commits from `main` to `8.x`: - [[controls] lazy load control actions (#206876)](https://github.com/elastic/kibana/pull/206876) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Nathan Reese","email":"reese.nathan@elastic.co"},"sourceCommit":{"committedDate":"2025-01-20T21:00:48Z","message":"[controls] lazy load control actions (#206876)\n\n* register control actions with async method\r\n* move floating actions into controls plugin\r\n* replace `PANEL_HOVER_TRIGGER` => `CONTROL_HOVER_TRIGGER`\r\n* Load controls in single chunk\r\n<img width=\"400\" alt=\"Screenshot 2025-01-16 at 11 40 08 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/3171c9bf-26bc-4c07-950d-c35603cfb65a\"\r\n/>\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"f4df5856f249552f01ccb020a3ffd90c1517b71d","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Embedding","Team:Presentation","release_note:skip","v9.0.0","project:embeddableRebuild","backport:version","v8.18.0"],"title":"[controls] lazy load control actions","number":206876,"url":"https://github.com/elastic/kibana/pull/206876","mergeCommit":{"message":"[controls] lazy load control actions (#206876)\n\n* register control actions with async method\r\n* move floating actions into controls plugin\r\n* replace `PANEL_HOVER_TRIGGER` => `CONTROL_HOVER_TRIGGER`\r\n* Load controls in single chunk\r\n<img width=\"400\" alt=\"Screenshot 2025-01-16 at 11 40 08 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/3171c9bf-26bc-4c07-950d-c35603cfb65a\"\r\n/>\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"f4df5856f249552f01ccb020a3ffd90c1517b71d"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206876","number":206876,"mergeCommit":{"message":"[controls] lazy load control actions (#206876)\n\n* register control actions with async method\r\n* move floating actions into controls plugin\r\n* replace `PANEL_HOVER_TRIGGER` => `CONTROL_HOVER_TRIGGER`\r\n* Load controls in single chunk\r\n<img width=\"400\" alt=\"Screenshot 2025-01-16 at 11 40 08 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/3171c9bf-26bc-4c07-950d-c35603cfb65a\"\r\n/>\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"f4df5856f249552f01ccb020a3ffd90c1517b71d"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> |
||
|
Kibana Machine
|
216d9b58b2
|
[8.x] [Streams 🌊] Fix broken breadcrumbs in project nav mode (#207314) (#207335)
# Backport This will backport the following commits from `main` to `8.x`: - [[Streams 🌊] Fix broken breadcrumbs in project nav mode (#207314)](https://github.com/elastic/kibana/pull/207314) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Marco Antonio Ghiani","email":"marcoantonio.ghiani01@gmail.com"},"sourceCommit":{"committedDate":"2025-01-21T12:01:24Z","message":"[Streams 🌊] Fix broken breadcrumbs in project nav mode (#207314)\n\n## 📓 Summary\r\n\r\nThe shared `useBreadcrumbs` from `@kbn/typed-react-router-config`\r\ncouldn't apply correctly breadcrumbs in project mode for a couple of\r\nreasons:\r\n- the breadcrumbs evaluation was based on the `serverless` plugin\r\nexistence, while it should rely on the chrome view style\r\n- the setter method from `chrome` didn't account for the specific option\r\nto apply the breadcrumbs to a project navigation view.\r\n\r\n| Before | After |\r\n|--------|--------|\r\n| <img width=\"866\" alt=\"before\"\r\nsrc=\"https://github.com/user-attachments/assets/a615405b-e852-4614-b5c2-550780bfd0ba\"\r\n/> | <img width=\"852\" alt=\"after\"\r\nsrc=\"https://github.com/user-attachments/assets/04c6c45e-0b6f-4e6c-af3e-ccb7a144a47d\"\r\n/> |","sha":"939c9fb71ee5c23c0e54b017fdea44ce0c6de5cb","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","Feature:Streams"],"title":"[Streams 🌊] Fix broken breadcrumbs in project nav mode","number":207314,"url":"https://github.com/elastic/kibana/pull/207314","mergeCommit":{"message":"[Streams 🌊] Fix broken breadcrumbs in project nav mode (#207314)\n\n## 📓 Summary\r\n\r\nThe shared `useBreadcrumbs` from `@kbn/typed-react-router-config`\r\ncouldn't apply correctly breadcrumbs in project mode for a couple of\r\nreasons:\r\n- the breadcrumbs evaluation was based on the `serverless` plugin\r\nexistence, while it should rely on the chrome view style\r\n- the setter method from `chrome` didn't account for the specific option\r\nto apply the breadcrumbs to a project navigation view.\r\n\r\n| Before | After |\r\n|--------|--------|\r\n| <img width=\"866\" alt=\"before\"\r\nsrc=\"https://github.com/user-attachments/assets/a615405b-e852-4614-b5c2-550780bfd0ba\"\r\n/> | <img width=\"852\" alt=\"after\"\r\nsrc=\"https://github.com/user-attachments/assets/04c6c45e-0b6f-4e6c-af3e-ccb7a144a47d\"\r\n/> |","sha":"939c9fb71ee5c23c0e54b017fdea44ce0c6de5cb"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207314","number":207314,"mergeCommit":{"message":"[Streams 🌊] Fix broken breadcrumbs in project nav mode (#207314)\n\n## 📓 Summary\r\n\r\nThe shared `useBreadcrumbs` from `@kbn/typed-react-router-config`\r\ncouldn't apply correctly breadcrumbs in project mode for a couple of\r\nreasons:\r\n- the breadcrumbs evaluation was based on the `serverless` plugin\r\nexistence, while it should rely on the chrome view style\r\n- the setter method from `chrome` didn't account for the specific option\r\nto apply the breadcrumbs to a project navigation view.\r\n\r\n| Before | After |\r\n|--------|--------|\r\n| <img width=\"866\" alt=\"before\"\r\nsrc=\"https://github.com/user-attachments/assets/a615405b-e852-4614-b5c2-550780bfd0ba\"\r\n/> | <img width=\"852\" alt=\"after\"\r\nsrc=\"https://github.com/user-attachments/assets/04c6c45e-0b6f-4e6c-af3e-ccb7a144a47d\"\r\n/> |","sha":"939c9fb71ee5c23c0e54b017fdea44ce0c6de5cb"}}]}] BACKPORT--> Co-authored-by: Marco Antonio Ghiani <marcoantonio.ghiani01@gmail.com> |
||
Ying Mao
|
b059522911
|
[8.x] [Response Ops][Alerting] Adding ability to run actions for backfill rule runs (#200784) (#207273)
# Backport This will backport the following commits from `main` to `8.x`: - [[Response Ops][Alerting] Adding ability to run actions for backfill rule runs (#200784)](https://github.com/elastic/kibana/pull/200784) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Ying Mao","email":"ying.mao@elastic.co"},"sourceCommit":{"committedDate":"2025-01-20T15:03:33Z","message":"[Response Ops][Alerting] Adding ability to run actions for backfill rule runs (#200784)\n\nResolves https://github.com/elastic/response-ops-team/issues/251\r\n\r\n\r\n## Note\r\n\r\nThis PR includes some saved object schema changes that I will pull out\r\ninto their own separate PR in order to perform an intermediate release.\r\nI wanted to make sure all the schema changes made sense in the overall\r\ncontext of the PR before opening those separate PRs.\r\n\r\nUpdate: PR for intermediate release here:\r\nhttps://github.com/elastic/kibana/pull/203184 (Merged)\r\n\r\n## Summary\r\n\r\nAdds ability to run actions for backfill rule runs.\r\n\r\n- Updates schedule backfill API to accept `run_actions` parameter to\r\nspecify whether to run actions for backfill.\r\n- Schedule API accepts any action where `frequency.notifyWhen ===\r\n'onActiveAlert'`. If a rule has multiple actions where some are\r\n`onActiveAlert` and some are `onThrottleInterval`, the invalid actions\r\nwill be stripped and a warning returned in the schedule response but\r\nvalid actions will be scheduled.\r\n- Connector IDs are extracted and stored as references in the ad hoc run\r\nparams saved object\r\n- Any actions that result from a backfill task run are scheduled as low\r\npriority tasks\r\n\r\n## To Verify\r\n\r\n1. Create a detection rule. Make sure you have some past data that the\r\nrule can run over in order to generate actions. Make sure you add\r\nactions to the rule. For testing, I added some conditional actions so I\r\ncould see actions running only on backfill runs using\r\n`kibana.alert.rule.execution.type: \"manual\"`. Create actions with and\r\nwithout summaries.\r\n2. Schedule a backfill either directly via the API or using the\r\ndetection UI. Verify that actions are run for the backfill runs that\r\ngenerate alerts.\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"075806bffa78cc4f42e61483dcbd24de3c87d3c8","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Alerting","release_note:skip","Team:ResponseOps","v9.0.0","backport:prev-minor","ci:project-deploy-security","v8.18.0"],"title":"[Response Ops][Alerting] Adding ability to run actions for backfill rule runs","number":200784,"url":"https://github.com/elastic/kibana/pull/200784","mergeCommit":{"message":"[Response Ops][Alerting] Adding ability to run actions for backfill rule runs (#200784)\n\nResolves https://github.com/elastic/response-ops-team/issues/251\r\n\r\n\r\n## Note\r\n\r\nThis PR includes some saved object schema changes that I will pull out\r\ninto their own separate PR in order to perform an intermediate release.\r\nI wanted to make sure all the schema changes made sense in the overall\r\ncontext of the PR before opening those separate PRs.\r\n\r\nUpdate: PR for intermediate release here:\r\nhttps://github.com/elastic/kibana/pull/203184 (Merged)\r\n\r\n## Summary\r\n\r\nAdds ability to run actions for backfill rule runs.\r\n\r\n- Updates schedule backfill API to accept `run_actions` parameter to\r\nspecify whether to run actions for backfill.\r\n- Schedule API accepts any action where `frequency.notifyWhen ===\r\n'onActiveAlert'`. If a rule has multiple actions where some are\r\n`onActiveAlert` and some are `onThrottleInterval`, the invalid actions\r\nwill be stripped and a warning returned in the schedule response but\r\nvalid actions will be scheduled.\r\n- Connector IDs are extracted and stored as references in the ad hoc run\r\nparams saved object\r\n- Any actions that result from a backfill task run are scheduled as low\r\npriority tasks\r\n\r\n## To Verify\r\n\r\n1. Create a detection rule. Make sure you have some past data that the\r\nrule can run over in order to generate actions. Make sure you add\r\nactions to the rule. For testing, I added some conditional actions so I\r\ncould see actions running only on backfill runs using\r\n`kibana.alert.rule.execution.type: \"manual\"`. Create actions with and\r\nwithout summaries.\r\n2. Schedule a backfill either directly via the API or using the\r\ndetection UI. Verify that actions are run for the backfill runs that\r\ngenerate alerts.\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"075806bffa78cc4f42e61483dcbd24de3c87d3c8"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/200784","number":200784,"mergeCommit":{"message":"[Response Ops][Alerting] Adding ability to run actions for backfill rule runs (#200784)\n\nResolves https://github.com/elastic/response-ops-team/issues/251\r\n\r\n\r\n## Note\r\n\r\nThis PR includes some saved object schema changes that I will pull out\r\ninto their own separate PR in order to perform an intermediate release.\r\nI wanted to make sure all the schema changes made sense in the overall\r\ncontext of the PR before opening those separate PRs.\r\n\r\nUpdate: PR for intermediate release here:\r\nhttps://github.com/elastic/kibana/pull/203184 (Merged)\r\n\r\n## Summary\r\n\r\nAdds ability to run actions for backfill rule runs.\r\n\r\n- Updates schedule backfill API to accept `run_actions` parameter to\r\nspecify whether to run actions for backfill.\r\n- Schedule API accepts any action where `frequency.notifyWhen ===\r\n'onActiveAlert'`. If a rule has multiple actions where some are\r\n`onActiveAlert` and some are `onThrottleInterval`, the invalid actions\r\nwill be stripped and a warning returned in the schedule response but\r\nvalid actions will be scheduled.\r\n- Connector IDs are extracted and stored as references in the ad hoc run\r\nparams saved object\r\n- Any actions that result from a backfill task run are scheduled as low\r\npriority tasks\r\n\r\n## To Verify\r\n\r\n1. Create a detection rule. Make sure you have some past data that the\r\nrule can run over in order to generate actions. Make sure you add\r\nactions to the rule. For testing, I added some conditional actions so I\r\ncould see actions running only on backfill runs using\r\n`kibana.alert.rule.execution.type: \"manual\"`. Create actions with and\r\nwithout summaries.\r\n2. Schedule a backfill either directly via the API or using the\r\ndetection UI. Verify that actions are run for the backfill runs that\r\ngenerate alerts.\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"075806bffa78cc4f42e61483dcbd24de3c87d3c8"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
Shahzad
|
3d8c4e84da
|
[8.x] [Synthetics] Increase lightweight monitors project page size !! (#198696) (#207186)
# Backport This will backport the following commits from `main` to `8.x`: - [[Synthetics] Increase lightweight monitors project page size !! (#198696)](https://github.com/elastic/kibana/pull/198696) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Shahzad","email":"shahzad31comp@gmail.com"},"sourceCommit":{"committedDate":"2025-01-16T19:31:42Z","message":"[Synthetics] Increase lightweight monitors project page size !! (#198696)\n\n## Summary\r\n\r\nThis is to support https://github.com/elastic/synthetics/issues/978\r\n\r\nIncrease lightweight monitors project page size, size of light weight\r\nmonitors is minimal, heaving a small size is more of a burden then\r\nadvantage since we do batch operations in kibana !!\r\n\r\n### Why\r\nSince limit is only mostly applicable for browser monitors size, for\r\nlightweight we can safely do bulk operation on large number of monitors\r\nwithout hititng memory or size issues\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Justin Kambic <jk@elastic.co>","sha":"bfcffa1e76d7cdb1050595fc4f3947e92be2227b","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport missing","v9.0.0","backport:prev-minor","Team:obs-ux-management"],"title":"[Synthetics] Increase lightweight monitors project page size !!","number":198696,"url":"https://github.com/elastic/kibana/pull/198696","mergeCommit":{"message":"[Synthetics] Increase lightweight monitors project page size !! (#198696)\n\n## Summary\r\n\r\nThis is to support https://github.com/elastic/synthetics/issues/978\r\n\r\nIncrease lightweight monitors project page size, size of light weight\r\nmonitors is minimal, heaving a small size is more of a burden then\r\nadvantage since we do batch operations in kibana !!\r\n\r\n### Why\r\nSince limit is only mostly applicable for browser monitors size, for\r\nlightweight we can safely do bulk operation on large number of monitors\r\nwithout hititng memory or size issues\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Justin Kambic <jk@elastic.co>","sha":"bfcffa1e76d7cdb1050595fc4f3947e92be2227b"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/198696","number":198696,"mergeCommit":{"message":"[Synthetics] Increase lightweight monitors project page size !! (#198696)\n\n## Summary\r\n\r\nThis is to support https://github.com/elastic/synthetics/issues/978\r\n\r\nIncrease lightweight monitors project page size, size of light weight\r\nmonitors is minimal, heaving a small size is more of a burden then\r\nadvantage since we do batch operations in kibana !!\r\n\r\n### Why\r\nSince limit is only mostly applicable for browser monitors size, for\r\nlightweight we can safely do bulk operation on large number of monitors\r\nwithout hititng memory or size issues\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Justin Kambic <jk@elastic.co>","sha":"bfcffa1e76d7cdb1050595fc4f3947e92be2227b"}}]}] BACKPORT--> |
||
|
Shahzad
|
13bba68b6b
|
[8.x] [SLOs] Added createdBy and updatedBy fields in summary documents !! (#205784) (#207191)
# Backport This will backport the following commits from `main` to `8.x`: - [[SLOs] Added createdBy and updatedBy fields in summary documents !! (#205784)](https://github.com/elastic/kibana/pull/205784) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Shahzad","email":"shahzad31comp@gmail.com"},"sourceCommit":{"committedDate":"2025-01-20T12:38:04Z","message":"[SLOs] Added createdBy and updatedBy fields in summary documents !! (#205784)\n\n## Summary\r\n\r\nAdded createdBy and updatedBy fields in summary documents !!\r\n\r\nThis will make easier to identify which user have added the SLO and\r\nwhich user last updated the SLO. It's especially helpful where there are\r\n100s of SLOs defined.\r\n\r\n\r\n<img width=\"1728\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/ee7bb4d4-a8ea-40c4-8d91-06c32c9b0ba6\"\r\n/>\r\n\r\n---------\r\n\r\nCo-authored-by: Kevin Delemme <kdelemme@gmail.com>\r\nCo-authored-by: Kevin Delemme <kevin.delemme@elastic.co>","sha":"39119b553ef8506184e37dbda83daf3795eb22d4","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["v9.0.0","release_note:feature","backport:prev-minor","Team:obs-ux-management","v8.18.0"],"title":"[SLOs] Added createdBy and updatedBy fields in summary documents !!","number":205784,"url":"https://github.com/elastic/kibana/pull/205784","mergeCommit":{"message":"[SLOs] Added createdBy and updatedBy fields in summary documents !! (#205784)\n\n## Summary\r\n\r\nAdded createdBy and updatedBy fields in summary documents !!\r\n\r\nThis will make easier to identify which user have added the SLO and\r\nwhich user last updated the SLO. It's especially helpful where there are\r\n100s of SLOs defined.\r\n\r\n\r\n<img width=\"1728\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/ee7bb4d4-a8ea-40c4-8d91-06c32c9b0ba6\"\r\n/>\r\n\r\n---------\r\n\r\nCo-authored-by: Kevin Delemme <kdelemme@gmail.com>\r\nCo-authored-by: Kevin Delemme <kevin.delemme@elastic.co>","sha":"39119b553ef8506184e37dbda83daf3795eb22d4"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/205784","number":205784,"mergeCommit":{"message":"[SLOs] Added createdBy and updatedBy fields in summary documents !! (#205784)\n\n## Summary\r\n\r\nAdded createdBy and updatedBy fields in summary documents !!\r\n\r\nThis will make easier to identify which user have added the SLO and\r\nwhich user last updated the SLO. It's especially helpful where there are\r\n100s of SLOs defined.\r\n\r\n\r\n<img width=\"1728\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/ee7bb4d4-a8ea-40c4-8d91-06c32c9b0ba6\"\r\n/>\r\n\r\n---------\r\n\r\nCo-authored-by: Kevin Delemme <kdelemme@gmail.com>\r\nCo-authored-by: Kevin Delemme <kevin.delemme@elastic.co>","sha":"39119b553ef8506184e37dbda83daf3795eb22d4"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
Maxim Palenov
|
e295709efb
|
[8.x] [Security Solution] Handle negative lookback in rule upgrade flyout (#204317) (#207302)
# Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Handle negative lookback in rule upgrade flyout (#204317)](https://github.com/elastic/kibana/pull/204317) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Maxim Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2025-01-20T13:41:23Z","message":"[Security Solution] Handle negative lookback in rule upgrade flyout (#204317)\n\n**Fixes: https://github.com/elastic/kibana/issues/202715**\r\n**Fixes: https://github.com/elastic/kibana/issues/204714**\r\n\r\n## Summary\r\n\r\nThis PR makes inconsistent/wrong rule's look-back duration prominent for\r\na user. It falls back to a default 1 minute value in rule upgrade\r\nworkflow.\r\n\r\n## Details\r\n\r\n### Negative/wrong `lookback` problem\r\n\r\nThere is a difference between rule schedule value in a saved object and\r\nvalue represented to users\r\n\r\n- Saved object (and rule management API) has `interval`, `from` and `to`\r\nfields representing rule schedule. `interval` shows how often a rule\r\nruns in task runner. `from` and `to` stored in date math format like\r\n`now-10m` represent a date time range used to fetch source events. Task\r\nmanager strives to run rules exactly every `interval` but it's not\r\nalways possible due to multiple reasons like system load and various\r\ndelays. To avoid any gaps to appear `from` point in time usually stands\r\nearlier than current time minus `interval`, for example `interval` is\r\n`10 minutes` and `from` is `now-12m` meaning rule will analyze events\r\nstarting from 12 minutes old. `to` represents the latest point in time\r\nsource events will be analyzed.\r\n- Diffable rule and UI represent rule schedule as `interval` and\r\n`lookback`. Where `interval` is the same as above and `lookback` and a\r\ntime duration before current time minus `interval`. For example\r\n`interval` is `10 minutes` and lookback is `2 minutes` it means a rule\r\nwill analyzing events starting with 12 minutes old until the current\r\nmoment in time.\r\n\r\nLiterally `interval`, `from` and `to` mean a rule runs every `interval`\r\nand analyzes events starting from `from` until `to`. Technically `from`\r\nand `to` may not have any correlation with `interval`, for example a\r\nrule may analyze one year old events. While it's reasonable for manual\r\nrule runs and gap remediation the same approach doesn't work well for\r\nusual rule schedule. Transformation between `interval`/`from`/`to` and\r\n`interval`/`lookback` works only when `to` is equal the current moment\r\nin time i.e. `now`.\r\n\r\nRule management APIs allow to set any `from` and `to` values resulting\r\nin inconsistent rule schedule. Transformed `interval`/`lookback` value\r\nwon't represent real time interval used to fetch source events for\r\nanalysis. On top of that negative `lookback` value may puzzle users on\r\nthe meaning of the negative sign.\r\n\r\n### Prebuilt rules with `interval`/`from`/`to` resulting in negative\r\n`lookback`\r\n\r\nSome prebuilt rules have such `interval`, `from` and `to` field values\r\nthatnegative `lookback` is expected, for example `Multiple Okta Sessions\r\nDetected for a Single User`. It runs every `60 minutes` but has `from`\r\nfield set to `now-30m` and `to` equals `now`. In the end we have\r\n`lookback` equals `to` - `from` - `interval` = `30 minutes` - `60\r\nminutes` = `-30 minutes`.\r\n\r\nOur UI doesn't handle negative `lookback` values. It simply discards a\r\nnegative sign and substitutes the rest for editing. In the case above\r\n`30 minutes` will be suggested for editing. Saving the form will result\r\nin changing `from` to `now-90m`\r\n\r\n<img width=\"1712\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/05519743-9562-4874-8a73-5596eeccacf2\"\r\n/>\r\n\r\n### Changes in this PR\r\n\r\nThis PR mitigates rule schedule inconsistencies caused by `to` fields\r\nnot using the current point in time i.e. `now`. The following was done\r\n\r\n- `DiffableRule`'s `rule_schedule` was changed to have `interval`,\r\n`from` and `to` fields instead of `interval` and `lookback`\r\n- `_perform` rule upgrade API endpoint was adapted to the new\r\n`DIffableRule`'s `rule_schedule`\r\n- Rule upgrade flyout calculates and shows `interval` and `lookback` in\r\nDiff View, readonly view and field form when `lookback` is non-negative\r\nand `to` equals `now`\r\n- Rule upgrade flyout shows `interval`, `from` and `to` in Diff View,\r\nreadonly view and field form when `to` isn't equal `now` or calculated\r\n`lookback` is negative\r\n- Rule upgrade flyout shows a warning when `to` isn't equal `now` or\r\ncalculated `lookback` is negative\r\n- Rule upgrade flyout's JSON Diff shows `interval` and `lookback` when\r\n`lookback` is non-negative and `to` equals `now` and shows `interval`,\r\n`from` and `to` in any other case\r\n- Rule details page shows `interval`, `from` and `to` in Diff View,\r\nreadonly view and field form when `to` isn't equal `now` or calculated\r\n`lookback` is negative\r\n- `maxValue` was added to `ScheduleItemField` to have an ability to\r\nrestrict input at reasonable values\r\n\r\n## Screenshots\r\n\r\n- Rule upgrade workflow (negative look-back)\r\n\r\n<img width=\"2558\" alt=\"Screenshot 2025-01-02 at 13 16 59\"\r\nsrc=\"https://github.com/user-attachments/assets/b8bf727f-11ca-424f-892b-b024ba7f847a\"\r\n/>\r\n\r\n<img width=\"2553\" alt=\"Screenshot 2025-01-02 at 13 17 20\"\r\nsrc=\"https://github.com/user-attachments/assets/9f751ea4-0ce0-4a23-a3b7-0a16494d957e\"\r\n/>\r\n\r\n<img width=\"2558\" alt=\"Screenshot 2025-01-02 at 13 18 24\"\r\nsrc=\"https://github.com/user-attachments/assets/6908ab02-4011-4a6e-85ce-e60d5eac7993\"\r\n/>\r\n\r\n- Rule upgrade workflow (positive look-back)\r\n\r\n<img width=\"2555\" alt=\"Screenshot 2025-01-02 at 13 19 12\"\r\nsrc=\"https://github.com/user-attachments/assets/06208210-c6cd-4842-8aef-6ade5d13bd36\"\r\n/>\r\n\r\n<img width=\"2558\" alt=\"Screenshot 2025-01-02 at 13 25 31\"\r\nsrc=\"https://github.com/user-attachments/assets/aed38bb0-ccfb-479a-bb3b-e5442c518e63\"\r\n/>\r\n\r\n- JSON view\r\n\r\n<img width=\"2559\" alt=\"Screenshot 2025-01-02 at 13 31 37\"\r\nsrc=\"https://github.com/user-attachments/assets/07575a81-676f-418e-8b98-48eefe11ab00\"\r\n/>\r\n\r\n- Rule details page\r\n\r\n<img width=\"2555\" alt=\"Screenshot 2025-01-02 at 13 13 16\"\r\nsrc=\"https://github.com/user-attachments/assets/e977b752-9d50-4049-917a-af2e8e3f0dfe\"\r\n/>\r\n\r\n<img width=\"2558\" alt=\"Screenshot 2025-01-02 at 13 14 10\"\r\nsrc=\"https://github.com/user-attachments/assets/06d6f477-5730-48ca-a240-b5e7592bf173\"\r\n/>\r\n\r\n## How to test?\r\n\r\n- Ensure the `prebuiltRulesCustomizationEnabled` feature flag is enabled\r\n- Allow internal APIs via adding `server.restrictInternalApis: false` to\r\n`kibana.dev.yaml`\r\n- Clear Elasticsearch data\r\n- Run Elasticsearch and Kibana locally (do not open Kibana in a web\r\nbrowser)\r\n- Install an outdated version of the `security_detection_engine` Fleet\r\npackage\r\n```bash\r\ncurl -X POST --user elastic:changeme -H 'Content-Type: application/json' -H 'kbn-xsrf: 123' -H \"elastic-api-version: 2023-10-31\" -d '{\"force\":true}' http://localhost:5601/kbn/api/fleet/epm/packages/security_detection_engine/8.14.1\r\n```\r\n\r\n- Install prebuilt rules\r\n```bash\r\ncurl -X POST --user elastic:changeme -H 'Content-Type: application/json' -H 'kbn-xsrf: 123' -H \"elastic-api-version: 1\" -d '{\"mode\":\"ALL_RULES\"}' http://localhost:5601/kbn/internal/detection_engine/prebuilt_rules/installation/_perform\r\n```\r\n\r\n- Set \"inconsistent\" rule schedule for `Suspicious File Creation via\r\nKworker` rule by running a query below\r\n```bash\r\ncurl -X PATCH --user elastic:changeme -H \"Content-Type: application/json\" -H \"elastic-api-version: 2023-10-31\" -H \"kbn-xsrf: 123\" -d '{\"rule_id\":\"ae343298-97bc-47bc-9ea2-5f2ad831c16e\",\"interval\":\"10m\",\"from\":\"now-5m\",\"to\":\"now-2m\"}' http://localhost:5601/kbn/api/detection_engine/rules\r\n```\r\n\r\n- Open rule upgrade flyout for `Suspicious File Creation via Kworker`\r\nrule\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"30bb71a516cf0e8e83caab99f9119057a3b1bc82","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","impact:high","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v8.18.0"],"title":"[Security Solution] Handle negative lookback in rule upgrade flyout","number":204317,"url":"https://github.com/elastic/kibana/pull/204317","mergeCommit":{"message":"[Security Solution] Handle negative lookback in rule upgrade flyout (#204317)\n\n**Fixes: https://github.com/elastic/kibana/issues/202715**\r\n**Fixes: https://github.com/elastic/kibana/issues/204714**\r\n\r\n## Summary\r\n\r\nThis PR makes inconsistent/wrong rule's look-back duration prominent for\r\na user. It falls back to a default 1 minute value in rule upgrade\r\nworkflow.\r\n\r\n## Details\r\n\r\n### Negative/wrong `lookback` problem\r\n\r\nThere is a difference between rule schedule value in a saved object and\r\nvalue represented to users\r\n\r\n- Saved object (and rule management API) has `interval`, `from` and `to`\r\nfields representing rule schedule. `interval` shows how often a rule\r\nruns in task runner. `from` and `to` stored in date math format like\r\n`now-10m` represent a date time range used to fetch source events. Task\r\nmanager strives to run rules exactly every `interval` but it's not\r\nalways possible due to multiple reasons like system load and various\r\ndelays. To avoid any gaps to appear `from` point in time usually stands\r\nearlier than current time minus `interval`, for example `interval` is\r\n`10 minutes` and `from` is `now-12m` meaning rule will analyze events\r\nstarting from 12 minutes old. `to` represents the latest point in time\r\nsource events will be analyzed.\r\n- Diffable rule and UI represent rule schedule as `interval` and\r\n`lookback`. Where `interval` is the same as above and `lookback` and a\r\ntime duration before current time minus `interval`. For example\r\n`interval` is `10 minutes` and lookback is `2 minutes` it means a rule\r\nwill analyzing events starting with 12 minutes old until the current\r\nmoment in time.\r\n\r\nLiterally `interval`, `from` and `to` mean a rule runs every `interval`\r\nand analyzes events starting from `from` until `to`. Technically `from`\r\nand `to` may not have any correlation with `interval`, for example a\r\nrule may analyze one year old events. While it's reasonable for manual\r\nrule runs and gap remediation the same approach doesn't work well for\r\nusual rule schedule. Transformation between `interval`/`from`/`to` and\r\n`interval`/`lookback` works only when `to` is equal the current moment\r\nin time i.e. `now`.\r\n\r\nRule management APIs allow to set any `from` and `to` values resulting\r\nin inconsistent rule schedule. Transformed `interval`/`lookback` value\r\nwon't represent real time interval used to fetch source events for\r\nanalysis. On top of that negative `lookback` value may puzzle users on\r\nthe meaning of the negative sign.\r\n\r\n### Prebuilt rules with `interval`/`from`/`to` resulting in negative\r\n`lookback`\r\n\r\nSome prebuilt rules have such `interval`, `from` and `to` field values\r\nthatnegative `lookback` is expected, for example `Multiple Okta Sessions\r\nDetected for a Single User`. It runs every `60 minutes` but has `from`\r\nfield set to `now-30m` and `to` equals `now`. In the end we have\r\n`lookback` equals `to` - `from` - `interval` = `30 minutes` - `60\r\nminutes` = `-30 minutes`.\r\n\r\nOur UI doesn't handle negative `lookback` values. It simply discards a\r\nnegative sign and substitutes the rest for editing. In the case above\r\n`30 minutes` will be suggested for editing. Saving the form will result\r\nin changing `from` to `now-90m`\r\n\r\n<img width=\"1712\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/05519743-9562-4874-8a73-5596eeccacf2\"\r\n/>\r\n\r\n### Changes in this PR\r\n\r\nThis PR mitigates rule schedule inconsistencies caused by `to` fields\r\nnot using the current point in time i.e. `now`. The following was done\r\n\r\n- `DiffableRule`'s `rule_schedule` was changed to have `interval`,\r\n`from` and `to` fields instead of `interval` and `lookback`\r\n- `_perform` rule upgrade API endpoint was adapted to the new\r\n`DIffableRule`'s `rule_schedule`\r\n- Rule upgrade flyout calculates and shows `interval` and `lookback` in\r\nDiff View, readonly view and field form when `lookback` is non-negative\r\nand `to` equals `now`\r\n- Rule upgrade flyout shows `interval`, `from` and `to` in Diff View,\r\nreadonly view and field form when `to` isn't equal `now` or calculated\r\n`lookback` is negative\r\n- Rule upgrade flyout shows a warning when `to` isn't equal `now` or\r\ncalculated `lookback` is negative\r\n- Rule upgrade flyout's JSON Diff shows `interval` and `lookback` when\r\n`lookback` is non-negative and `to` equals `now` and shows `interval`,\r\n`from` and `to` in any other case\r\n- Rule details page shows `interval`, `from` and `to` in Diff View,\r\nreadonly view and field form when `to` isn't equal `now` or calculated\r\n`lookback` is negative\r\n- `maxValue` was added to `ScheduleItemField` to have an ability to\r\nrestrict input at reasonable values\r\n\r\n## Screenshots\r\n\r\n- Rule upgrade workflow (negative look-back)\r\n\r\n<img width=\"2558\" alt=\"Screenshot 2025-01-02 at 13 16 59\"\r\nsrc=\"https://github.com/user-attachments/assets/b8bf727f-11ca-424f-892b-b024ba7f847a\"\r\n/>\r\n\r\n<img width=\"2553\" alt=\"Screenshot 2025-01-02 at 13 17 20\"\r\nsrc=\"https://github.com/user-attachments/assets/9f751ea4-0ce0-4a23-a3b7-0a16494d957e\"\r\n/>\r\n\r\n<img width=\"2558\" alt=\"Screenshot 2025-01-02 at 13 18 24\"\r\nsrc=\"https://github.com/user-attachments/assets/6908ab02-4011-4a6e-85ce-e60d5eac7993\"\r\n/>\r\n\r\n- Rule upgrade workflow (positive look-back)\r\n\r\n<img width=\"2555\" alt=\"Screenshot 2025-01-02 at 13 19 12\"\r\nsrc=\"https://github.com/user-attachments/assets/06208210-c6cd-4842-8aef-6ade5d13bd36\"\r\n/>\r\n\r\n<img width=\"2558\" alt=\"Screenshot 2025-01-02 at 13 25 31\"\r\nsrc=\"https://github.com/user-attachments/assets/aed38bb0-ccfb-479a-bb3b-e5442c518e63\"\r\n/>\r\n\r\n- JSON view\r\n\r\n<img width=\"2559\" alt=\"Screenshot 2025-01-02 at 13 31 37\"\r\nsrc=\"https://github.com/user-attachments/assets/07575a81-676f-418e-8b98-48eefe11ab00\"\r\n/>\r\n\r\n- Rule details page\r\n\r\n<img width=\"2555\" alt=\"Screenshot 2025-01-02 at 13 13 16\"\r\nsrc=\"https://github.com/user-attachments/assets/e977b752-9d50-4049-917a-af2e8e3f0dfe\"\r\n/>\r\n\r\n<img width=\"2558\" alt=\"Screenshot 2025-01-02 at 13 14 10\"\r\nsrc=\"https://github.com/user-attachments/assets/06d6f477-5730-48ca-a240-b5e7592bf173\"\r\n/>\r\n\r\n## How to test?\r\n\r\n- Ensure the `prebuiltRulesCustomizationEnabled` feature flag is enabled\r\n- Allow internal APIs via adding `server.restrictInternalApis: false` to\r\n`kibana.dev.yaml`\r\n- Clear Elasticsearch data\r\n- Run Elasticsearch and Kibana locally (do not open Kibana in a web\r\nbrowser)\r\n- Install an outdated version of the `security_detection_engine` Fleet\r\npackage\r\n```bash\r\ncurl -X POST --user elastic:changeme -H 'Content-Type: application/json' -H 'kbn-xsrf: 123' -H \"elastic-api-version: 2023-10-31\" -d '{\"force\":true}' http://localhost:5601/kbn/api/fleet/epm/packages/security_detection_engine/8.14.1\r\n```\r\n\r\n- Install prebuilt rules\r\n```bash\r\ncurl -X POST --user elastic:changeme -H 'Content-Type: application/json' -H 'kbn-xsrf: 123' -H \"elastic-api-version: 1\" -d '{\"mode\":\"ALL_RULES\"}' http://localhost:5601/kbn/internal/detection_engine/prebuilt_rules/installation/_perform\r\n```\r\n\r\n- Set \"inconsistent\" rule schedule for `Suspicious File Creation via\r\nKworker` rule by running a query below\r\n```bash\r\ncurl -X PATCH --user elastic:changeme -H \"Content-Type: application/json\" -H \"elastic-api-version: 2023-10-31\" -H \"kbn-xsrf: 123\" -d '{\"rule_id\":\"ae343298-97bc-47bc-9ea2-5f2ad831c16e\",\"interval\":\"10m\",\"from\":\"now-5m\",\"to\":\"now-2m\"}' http://localhost:5601/kbn/api/detection_engine/rules\r\n```\r\n\r\n- Open rule upgrade flyout for `Suspicious File Creation via Kworker`\r\nrule\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"30bb71a516cf0e8e83caab99f9119057a3b1bc82"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/204317","number":204317,"mergeCommit":{"message":"[Security Solution] Handle negative lookback in rule upgrade flyout (#204317)\n\n**Fixes: https://github.com/elastic/kibana/issues/202715**\r\n**Fixes: https://github.com/elastic/kibana/issues/204714**\r\n\r\n## Summary\r\n\r\nThis PR makes inconsistent/wrong rule's look-back duration prominent for\r\na user. It falls back to a default 1 minute value in rule upgrade\r\nworkflow.\r\n\r\n## Details\r\n\r\n### Negative/wrong `lookback` problem\r\n\r\nThere is a difference between rule schedule value in a saved object and\r\nvalue represented to users\r\n\r\n- Saved object (and rule management API) has `interval`, `from` and `to`\r\nfields representing rule schedule. `interval` shows how often a rule\r\nruns in task runner. `from` and `to` stored in date math format like\r\n`now-10m` represent a date time range used to fetch source events. Task\r\nmanager strives to run rules exactly every `interval` but it's not\r\nalways possible due to multiple reasons like system load and various\r\ndelays. To avoid any gaps to appear `from` point in time usually stands\r\nearlier than current time minus `interval`, for example `interval` is\r\n`10 minutes` and `from` is `now-12m` meaning rule will analyze events\r\nstarting from 12 minutes old. `to` represents the latest point in time\r\nsource events will be analyzed.\r\n- Diffable rule and UI represent rule schedule as `interval` and\r\n`lookback`. Where `interval` is the same as above and `lookback` and a\r\ntime duration before current time minus `interval`. For example\r\n`interval` is `10 minutes` and lookback is `2 minutes` it means a rule\r\nwill analyzing events starting with 12 minutes old until the current\r\nmoment in time.\r\n\r\nLiterally `interval`, `from` and `to` mean a rule runs every `interval`\r\nand analyzes events starting from `from` until `to`. Technically `from`\r\nand `to` may not have any correlation with `interval`, for example a\r\nrule may analyze one year old events. While it's reasonable for manual\r\nrule runs and gap remediation the same approach doesn't work well for\r\nusual rule schedule. Transformation between `interval`/`from`/`to` and\r\n`interval`/`lookback` works only when `to` is equal the current moment\r\nin time i.e. `now`.\r\n\r\nRule management APIs allow to set any `from` and `to` values resulting\r\nin inconsistent rule schedule. Transformed `interval`/`lookback` value\r\nwon't represent real time interval used to fetch source events for\r\nanalysis. On top of that negative `lookback` value may puzzle users on\r\nthe meaning of the negative sign.\r\n\r\n### Prebuilt rules with `interval`/`from`/`to` resulting in negative\r\n`lookback`\r\n\r\nSome prebuilt rules have such `interval`, `from` and `to` field values\r\nthatnegative `lookback` is expected, for example `Multiple Okta Sessions\r\nDetected for a Single User`. It runs every `60 minutes` but has `from`\r\nfield set to `now-30m` and `to` equals `now`. In the end we have\r\n`lookback` equals `to` - `from` - `interval` = `30 minutes` - `60\r\nminutes` = `-30 minutes`.\r\n\r\nOur UI doesn't handle negative `lookback` values. It simply discards a\r\nnegative sign and substitutes the rest for editing. In the case above\r\n`30 minutes` will be suggested for editing. Saving the form will result\r\nin changing `from` to `now-90m`\r\n\r\n<img width=\"1712\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/05519743-9562-4874-8a73-5596eeccacf2\"\r\n/>\r\n\r\n### Changes in this PR\r\n\r\nThis PR mitigates rule schedule inconsistencies caused by `to` fields\r\nnot using the current point in time i.e. `now`. The following was done\r\n\r\n- `DiffableRule`'s `rule_schedule` was changed to have `interval`,\r\n`from` and `to` fields instead of `interval` and `lookback`\r\n- `_perform` rule upgrade API endpoint was adapted to the new\r\n`DIffableRule`'s `rule_schedule`\r\n- Rule upgrade flyout calculates and shows `interval` and `lookback` in\r\nDiff View, readonly view and field form when `lookback` is non-negative\r\nand `to` equals `now`\r\n- Rule upgrade flyout shows `interval`, `from` and `to` in Diff View,\r\nreadonly view and field form when `to` isn't equal `now` or calculated\r\n`lookback` is negative\r\n- Rule upgrade flyout shows a warning when `to` isn't equal `now` or\r\ncalculated `lookback` is negative\r\n- Rule upgrade flyout's JSON Diff shows `interval` and `lookback` when\r\n`lookback` is non-negative and `to` equals `now` and shows `interval`,\r\n`from` and `to` in any other case\r\n- Rule details page shows `interval`, `from` and `to` in Diff View,\r\nreadonly view and field form when `to` isn't equal `now` or calculated\r\n`lookback` is negative\r\n- `maxValue` was added to `ScheduleItemField` to have an ability to\r\nrestrict input at reasonable values\r\n\r\n## Screenshots\r\n\r\n- Rule upgrade workflow (negative look-back)\r\n\r\n<img width=\"2558\" alt=\"Screenshot 2025-01-02 at 13 16 59\"\r\nsrc=\"https://github.com/user-attachments/assets/b8bf727f-11ca-424f-892b-b024ba7f847a\"\r\n/>\r\n\r\n<img width=\"2553\" alt=\"Screenshot 2025-01-02 at 13 17 20\"\r\nsrc=\"https://github.com/user-attachments/assets/9f751ea4-0ce0-4a23-a3b7-0a16494d957e\"\r\n/>\r\n\r\n<img width=\"2558\" alt=\"Screenshot 2025-01-02 at 13 18 24\"\r\nsrc=\"https://github.com/user-attachments/assets/6908ab02-4011-4a6e-85ce-e60d5eac7993\"\r\n/>\r\n\r\n- Rule upgrade workflow (positive look-back)\r\n\r\n<img width=\"2555\" alt=\"Screenshot 2025-01-02 at 13 19 12\"\r\nsrc=\"https://github.com/user-attachments/assets/06208210-c6cd-4842-8aef-6ade5d13bd36\"\r\n/>\r\n\r\n<img width=\"2558\" alt=\"Screenshot 2025-01-02 at 13 25 31\"\r\nsrc=\"https://github.com/user-attachments/assets/aed38bb0-ccfb-479a-bb3b-e5442c518e63\"\r\n/>\r\n\r\n- JSON view\r\n\r\n<img width=\"2559\" alt=\"Screenshot 2025-01-02 at 13 31 37\"\r\nsrc=\"https://github.com/user-attachments/assets/07575a81-676f-418e-8b98-48eefe11ab00\"\r\n/>\r\n\r\n- Rule details page\r\n\r\n<img width=\"2555\" alt=\"Screenshot 2025-01-02 at 13 13 16\"\r\nsrc=\"https://github.com/user-attachments/assets/e977b752-9d50-4049-917a-af2e8e3f0dfe\"\r\n/>\r\n\r\n<img width=\"2558\" alt=\"Screenshot 2025-01-02 at 13 14 10\"\r\nsrc=\"https://github.com/user-attachments/assets/06d6f477-5730-48ca-a240-b5e7592bf173\"\r\n/>\r\n\r\n## How to test?\r\n\r\n- Ensure the `prebuiltRulesCustomizationEnabled` feature flag is enabled\r\n- Allow internal APIs via adding `server.restrictInternalApis: false` to\r\n`kibana.dev.yaml`\r\n- Clear Elasticsearch data\r\n- Run Elasticsearch and Kibana locally (do not open Kibana in a web\r\nbrowser)\r\n- Install an outdated version of the `security_detection_engine` Fleet\r\npackage\r\n```bash\r\ncurl -X POST --user elastic:changeme -H 'Content-Type: application/json' -H 'kbn-xsrf: 123' -H \"elastic-api-version: 2023-10-31\" -d '{\"force\":true}' http://localhost:5601/kbn/api/fleet/epm/packages/security_detection_engine/8.14.1\r\n```\r\n\r\n- Install prebuilt rules\r\n```bash\r\ncurl -X POST --user elastic:changeme -H 'Content-Type: application/json' -H 'kbn-xsrf: 123' -H \"elastic-api-version: 1\" -d '{\"mode\":\"ALL_RULES\"}' http://localhost:5601/kbn/internal/detection_engine/prebuilt_rules/installation/_perform\r\n```\r\n\r\n- Set \"inconsistent\" rule schedule for `Suspicious File Creation via\r\nKworker` rule by running a query below\r\n```bash\r\ncurl -X PATCH --user elastic:changeme -H \"Content-Type: application/json\" -H \"elastic-api-version: 2023-10-31\" -H \"kbn-xsrf: 123\" -d '{\"rule_id\":\"ae343298-97bc-47bc-9ea2-5f2ad831c16e\",\"interval\":\"10m\",\"from\":\"now-5m\",\"to\":\"now-2m\"}' http://localhost:5601/kbn/api/detection_engine/rules\r\n```\r\n\r\n- Open rule upgrade flyout for `Suspicious File Creation via Kworker`\r\nrule\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"30bb71a516cf0e8e83caab99f9119057a3b1bc82"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
|
Kibana Machine
|
513286576e
|
[8.x] [Ingest pipelines] Set outsideClickCloses to false if processor is modified (#207173) (#207321)
# Backport This will backport the following commits from `main` to `8.x`: - [[Ingest pipelines] Set outsideClickCloses to false if processor is modified (#207173)](https://github.com/elastic/kibana/pull/207173) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Sonia Sanz Vivas","email":"sonia.sanzvivas@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T10:39:16Z","message":"[Ingest pipelines] Set outsideClickCloses to false if processor is modified (#207173)\n\nCloses https://github.com/elastic/kibana/issues/198469\n## Summary\n\nWhen a user is working on adding a processor and click outside the side\nflyout before saving the changes, their work gets lost. This is\nespecially annoying if the user is working on a complex processor and\nclicks out of the window unintentionally.\n\nTo avoid this, we can take advance of the `outsideClickCloses` prop.\nWhen the form has been modified (is dirty), clicking outside the flyout\nwon't close the flyout, so the work done in the processor won't be lost.\nIf nothing has been changed `outsideClickCloses` is set to true.\n\n\n\nhttps://github.com/user-attachments/assets/0d70e16d-d731-4b01-b39e-3026a9c89002\n\nThis solution has been verified with @jovana-andjelkovic.","sha":"8dd8acc1b64e39a5cc29b0cced48d475725217b0","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Kibana Management","release_note:skip","v9.0.0","Feature:Ingest Node Pipelines","backport:prev-minor"],"title":"[Ingest pipelines] Set outsideClickCloses to false if processor is modified","number":207173,"url":"https://github.com/elastic/kibana/pull/207173","mergeCommit":{"message":"[Ingest pipelines] Set outsideClickCloses to false if processor is modified (#207173)\n\nCloses https://github.com/elastic/kibana/issues/198469\n## Summary\n\nWhen a user is working on adding a processor and click outside the side\nflyout before saving the changes, their work gets lost. This is\nespecially annoying if the user is working on a complex processor and\nclicks out of the window unintentionally.\n\nTo avoid this, we can take advance of the `outsideClickCloses` prop.\nWhen the form has been modified (is dirty), clicking outside the flyout\nwon't close the flyout, so the work done in the processor won't be lost.\nIf nothing has been changed `outsideClickCloses` is set to true.\n\n\n\nhttps://github.com/user-attachments/assets/0d70e16d-d731-4b01-b39e-3026a9c89002\n\nThis solution has been verified with @jovana-andjelkovic.","sha":"8dd8acc1b64e39a5cc29b0cced48d475725217b0"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207173","number":207173,"mergeCommit":{"message":"[Ingest pipelines] Set outsideClickCloses to false if processor is modified (#207173)\n\nCloses https://github.com/elastic/kibana/issues/198469\n## Summary\n\nWhen a user is working on adding a processor and click outside the side\nflyout before saving the changes, their work gets lost. This is\nespecially annoying if the user is working on a complex processor and\nclicks out of the window unintentionally.\n\nTo avoid this, we can take advance of the `outsideClickCloses` prop.\nWhen the form has been modified (is dirty), clicking outside the flyout\nwon't close the flyout, so the work done in the processor won't be lost.\nIf nothing has been changed `outsideClickCloses` is set to true.\n\n\n\nhttps://github.com/user-attachments/assets/0d70e16d-d731-4b01-b39e-3026a9c89002\n\nThis solution has been verified with @jovana-andjelkovic.","sha":"8dd8acc1b64e39a5cc29b0cced48d475725217b0"}}]}] BACKPORT--> Co-authored-by: Sonia Sanz Vivas <sonia.sanzvivas@elastic.co> |
||
|
Kibana Machine
|
9fc380b7d6
|
[8.x] [Rules migration] Allow sorting by `risk_score` field (#207207) (#207311)
# Backport This will backport the following commits from `main` to `8.x`: - [[Rules migration] Allow sorting by `risk_score` field (#207207)](https://github.com/elastic/kibana/pull/207207) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Ievgen Sorokopud","email":"ievgen.sorokopud@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T09:55:56Z","message":"[Rules migration] Allow sorting by `risk_score` field (#207207)\n\n## Summary\r\n\r\n[Internal link](https://github.com/elastic/security-team/issues/10820)\r\nto the feature details\r\n\r\nThis PR adds possibility to sort migration rules by `risk_score` field.\r\n\r\n\r\nhttps://github.com/user-attachments/assets/97a2bb5b-fc19-45db-ab93-c7f9676aa81c\r\n\r\n> [!NOTE] \r\n> This feature needs `siemMigrationsEnabled` experimental flag enabled\r\nto work.","sha":"f21500b251e703834f0759dbdb14fdefdd90d7e5","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Threat Hunting","Team: SecuritySolution","backport:prev-minor"],"title":"[Rules migration] Allow sorting by `risk_score` field","number":207207,"url":"https://github.com/elastic/kibana/pull/207207","mergeCommit":{"message":"[Rules migration] Allow sorting by `risk_score` field (#207207)\n\n## Summary\r\n\r\n[Internal link](https://github.com/elastic/security-team/issues/10820)\r\nto the feature details\r\n\r\nThis PR adds possibility to sort migration rules by `risk_score` field.\r\n\r\n\r\nhttps://github.com/user-attachments/assets/97a2bb5b-fc19-45db-ab93-c7f9676aa81c\r\n\r\n> [!NOTE] \r\n> This feature needs `siemMigrationsEnabled` experimental flag enabled\r\nto work.","sha":"f21500b251e703834f0759dbdb14fdefdd90d7e5"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207207","number":207207,"mergeCommit":{"message":"[Rules migration] Allow sorting by `risk_score` field (#207207)\n\n## Summary\r\n\r\n[Internal link](https://github.com/elastic/security-team/issues/10820)\r\nto the feature details\r\n\r\nThis PR adds possibility to sort migration rules by `risk_score` field.\r\n\r\n\r\nhttps://github.com/user-attachments/assets/97a2bb5b-fc19-45db-ab93-c7f9676aa81c\r\n\r\n> [!NOTE] \r\n> This feature needs `siemMigrationsEnabled` experimental flag enabled\r\nto work.","sha":"f21500b251e703834f0759dbdb14fdefdd90d7e5"}}]}] BACKPORT--> Co-authored-by: Ievgen Sorokopud <ievgen.sorokopud@elastic.co> |
||
|
Kibana Machine
|
a7675f2609
|
[8.x] [ES|QL] Vertical align expand icon in history component (#207042) (#207301)
# Backport This will backport the following commits from `main` to `8.x`: - [[ES|QL] Vertical align expand icon in history component (#207042)](https://github.com/elastic/kibana/pull/207042) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Stratoula Kalafateli","email":"efstratia.kalafateli@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T09:10:47Z","message":"[ES|QL] Vertical align expand icon in history component (#207042)\n\n## Summary\r\n\r\nCloses https://github.com/elastic/kibana/issues/204072\r\n\r\nAligns in top the expandable icon in the history component\r\n\r\n<img width=\"1675\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/0a2a98ae-759f-408e-9a30-dd0c7f884153\"\r\n/>\r\n\r\n\r\nIt also fixes a small bug. When the query was expanded and the user\r\nresized the window, the icon was vanished.","sha":"4a6891ff9f896d49a9eb6816e075cfdb0cfa17e7","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Feature:ES|QL","Team:ESQL","backport:version","v8.18.0"],"title":"[ES|QL] Vertical align expand icon in history component","number":207042,"url":"https://github.com/elastic/kibana/pull/207042","mergeCommit":{"message":"[ES|QL] Vertical align expand icon in history component (#207042)\n\n## Summary\r\n\r\nCloses https://github.com/elastic/kibana/issues/204072\r\n\r\nAligns in top the expandable icon in the history component\r\n\r\n<img width=\"1675\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/0a2a98ae-759f-408e-9a30-dd0c7f884153\"\r\n/>\r\n\r\n\r\nIt also fixes a small bug. When the query was expanded and the user\r\nresized the window, the icon was vanished.","sha":"4a6891ff9f896d49a9eb6816e075cfdb0cfa17e7"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207042","number":207042,"mergeCommit":{"message":"[ES|QL] Vertical align expand icon in history component (#207042)\n\n## Summary\r\n\r\nCloses https://github.com/elastic/kibana/issues/204072\r\n\r\nAligns in top the expandable icon in the history component\r\n\r\n<img width=\"1675\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/0a2a98ae-759f-408e-9a30-dd0c7f884153\"\r\n/>\r\n\r\n\r\nIt also fixes a small bug. When the query was expanded and the user\r\nresized the window, the icon was vanished.","sha":"4a6891ff9f896d49a9eb6816e075cfdb0cfa17e7"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co> |
||
|
Kibana Machine
|
1dfbcdb69a
|
[8.x] [UA] Use new `_create_from` ES API (#207114) (#207304)
# Backport This will backport the following commits from `main` to `8.x`: - [[UA] Use new `_create_from` ES API (#207114)](https://github.com/elastic/kibana/pull/207114) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alejandro Fernández Haro","email":"alejandro.haro@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T09:29:51Z","message":"[UA] Use new `_create_from` ES API (#207114)","sha":"fb8a17ba04f493cd5a0d0ba33c002750150fd0af","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Core","release_note:skip","v9.0.0","backport:prev-minor"],"title":"[UA] Use new `_create_from` ES API","number":207114,"url":"https://github.com/elastic/kibana/pull/207114","mergeCommit":{"message":"[UA] Use new `_create_from` ES API (#207114)","sha":"fb8a17ba04f493cd5a0d0ba33c002750150fd0af"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207114","number":207114,"mergeCommit":{"message":"[UA] Use new `_create_from` ES API (#207114)","sha":"fb8a17ba04f493cd5a0d0ba33c002750150fd0af"}}]}] BACKPORT--> Co-authored-by: Alejandro Fernández Haro <alejandro.haro@elastic.co> |