## Summary
Fixes#187254
Strict checks on the attribute `legend.steps` was added to the inventory
view API in v8.10 (#160852), but they were not defined in the
saved object type for that data, resulting in older versions migrating
bad data, and being unable to use the API. This PR adds versioning to
the Inventory view saved object type that constrains legend.steps to
between 2 and 18, per the strict typing added in #160852
#### Open questions
Should we add notes to all versions of kibana between v8.10 and oldest
version available for backport describing this bug?
### Checklist
Check the PR satisfies following conditions.
Reviewers should verify this PR satisfies this list as well.
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Fixes: #194208
The test fails because the the task marks the removed task as
unrecognized has run before the test tasks are created.
This PR adds a runSoon request that runs the above task after creating
the test tasks.
## Summary
Removing LogStream component from `enterprise_search` plugin and it is
no longer used with the removal of App Search & Workplace Search.
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Resolves [#207879](https://github.com/elastic/kibana/issues/207879)
This PR separates the different SLO route functions into separate files,
each with a single responsibility. The functions are still exported via
a single function, `getSloRouteRepository`.
---------
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
## Summary
We forgot to update this privilege in
https://github.com/elastic/kibana/pull/201780 . The endpoint only uses
the scoped SO client, so this missing privilege declaration does not
lead to privilege escalation on the endpoint. There are automated tests
that check for the correct privilege access for this and other
endpoints.
Fixes#201269
## Summary
* Extracts the usage of the EMS styles identifiers to always refer to
the constants at `ems_defaults.ts`
* Adds logic in the Vega and Maps plugins to resolve different styles
depending on the theme, bringing the new `road_map_desaturated_v9` and
`dar_kmap_v9` styles when Borealis theme is enabled.
### Checklist
Check the PR satisfies following conditions.
Reviewers should verify this PR satisfies this list as well.
- [x]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- Screenshots will be updated as a larger effort afterwards.
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- Changes were small enough for this to not require new tests.
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
### Identify risks
Does this PR introduce any risks? For example, consider risks like hard
to test bugs, performance regression, potential of data loss.
Describe the risk, its severity, and mitigation for each identified
risk. Invite stakeholders and evaluate how to proceed before merging.
## Release note
Elastic Maps Service basemaps shown in the Custom Visualization
component (Vega) and in the Maps application and components alighn with
the new dark and light theme.
---------
Co-authored-by: Nick Partridge <nick.ryan.partridge@gmail.com>
## Summary
Fixes an issue that caused the body scroll to jump when clicking options
in the Lens inline editor flyout.
Fixes#201544
This issue was created when we added the `autoFocus` option to the
`EuiSelectable` for the dataview picker and the chart type picker.
This appears to be an issue with how eui is handling the `autoFocus`,
see https://github.com/elastic/eui/issues/8287.
In the meantime this is a workaround to prevent this scroll jumping
while also keeping the auto focus behavior.
https://github.com/user-attachments/assets/94256fa7-f6bd-4943-91f6-42201ce4ab74
### Checklist
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
## Release note
Fixes and issue in Dashboards with the Lens inline editor where the
dashboard would scroll to the top when interacting with the Lens editor
flyout.
---------
Co-authored-by: Marta Bondyra <4283304+mbondyra@users.noreply.github.com>
Closes https://github.com/elastic/observability-dev/issues/4236🔒
This change:
* Moves flow progress update telemetry events to the backend (this will
prevent situations when multiple progress updates happened in a short
time interval, but frontend could only see the latest update because it
checks for progress once in a few seconds which might not be enough in
some situations)
* Leaves the data_ingested final event on the FE because it's not
explicitly triggered on the BE
* Deletes a separate event type for auto detect flow in favor of the
generic even used by other flows
* Adds progress updates to the auto-detect script when when it's being
run on unsupported OS or lsof binary is not present
* Adds logging of the OS and architecture used by the host
Events coming from your local Kibana can viewed on the [🔒 Staging
Telemetry cluster](https://telemetry-v2-staging.elastic.dev). Though
keep in mind, there is a ~1 hour delay for events indexing 😔
Example event:
### Summary
For migration purposes, we need to remove complex tables in the docs. If
we ultimately decide that we need complex tables to support certain
documentation use-cases, we can add that functionality to docs-builder
later.
For
https://github.com/elastic/docs-builder/issues/112#issuecomment-2599284112.
Co-authored-by: florent-leborgne <florent.leborgne@elastic.co>
## Summary
Part of https://github.com/elastic/kibana-team/issues/1417
Replaces scss with emotion in the ES|QL editor
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
`get_all` suite
`x-pack/test/spaces_api_integration/security_and_spaces/apis/get_all.ts`
is intented to be run only with `basic` license, since FIPS overrides it
we need to skip that test for FIPS.
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
Add "Install" and "Reinstall" buttons on Entity Store status page
* It also adds an extra loading state for the 'enable' switch in the
header
### How to test it?
**1)**
* Start a Kibana repository with entity data
* Install the entity store
* Delete one engine using Dev Tools `DELETE
kbn:/api/entity_store/engines/user`
* Go to the manage entity store status tab
* Verify that it displays an install button for the uninstalled engine
* Install the engine
**2)**
* Start a Kibana repository with entity data
* Install the entity store
* Go to the manage entity store status tab
* Delete one component of an installed engine (transform)
* Go to the manage entity store status tab
* Verify it displays a reinstall button for the engine you uninstalled
the component
* Reinstall the engine
* Everything should look ok
* Extra step: Verify if there was any data lost after reinstalling the
engine
### Checklist
Reviewers should verify this PR satisfies this list as well.
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
## Summary
Attempt at fixing the following failing serverless test suite:
`src/core/server/integration_tests/saved_objects/serverless/migrations/actions.test.ts`
Resulting in `write EPIPE`
See incident 1077
Closes https://github.com/elastic/kibana/issues/101007
## Summary
**Double-checked with ES that can be removed**
In the policies tab, when two policies had the same schedule, we were
displaying a banner warning that only one snapshot could be taken at a
time, although this is no longer true. This PR removes that banner.
<img width="1068" alt="Screenshot 2025-01-22 at 13 15 55"
src="https://github.com/user-attachments/assets/cdb7d468-5ef1-4acd-8ea6-4ce961453695"
/>
## How to test
Run Elasticsearch adding the file system path you want to use for the
repo:
```
yarn es snapshot --license=trial -E path.repo=/tmp/es-backups
```
From the console, you can add a repository pointing the location you
previously specified:
```
PUT /_snapshot/my_backup
{
"type": "fs",
"settings": {
"location": "/tmp/es-backups",
"chunk_size": "10mb"
}
}
```
Now, create at least two policies with the same schedule:
```
PUT _slm/policy/policy-1
{
"schedule": "0 20 11 * * ?",
"name": "<policy-1-{now/d}>",
"repository": "my_backup",
"config": {
"indices": ["*"],
"ignore_unavailable": false,
"include_global_state": true
}
}
PUT _slm/policy/policy-2
{
"schedule": "0 20 11 * * ?",
"name": "<policy-2-{now/d}>",
"repository": "my_backup",
"config": {
"indices": ["*"],
"ignore_unavailable": false,
"include_global_state": true
}
}
```
Navigate to Snapshot and Restore > Policies > And verify the banner is
not longer displayed despite the policies have the same schedule.
You can also schedule the policies a couple of minutes after their
creation and verify that the snapshots are taken at the same time
without any problem.
This PR contains the following updates:
| Package | Type | Update | Change | Pending |
|---|---|---|---|---|
| [@xyflow/react](https://reactflow.dev)
([source](https://togithub.com/xyflow/xyflow/tree/HEAD/packages/react))
| dependencies | patch | [`^12.4.0` ->
`^12.4.1`](https://renovatebot.com/diffs/npm/@xyflow%2freact/12.4.2/12.4.1)
| `12.4.2` |
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Renovate
Bot](https://togithub.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjUuMSIsInVwZGF0ZWRJblZlciI6IjM3LjQyNS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJUZWFtOkNsb3VkIFNlY3VyaXR5IiwiYmFja3BvcnQ6YWxsLW9wZW4iLCJyZWxlYXNlX25vdGU6c2tpcCJdfQ==-->
Co-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com>
Co-authored-by: Maxim Kholod <maxim.kholod@elastic.co>
## Summary
As K8S Dashboard is currently hidden on main , the code serves no
purpose other than potentially causing Tech debts whenever a refactor or
a migration happens. As such its better to remove it completely. In case
we want to bring it back later we will just pull it from git history
> [!CAUTION]
> **This should only affect Serverless and Main, 8.x.x should still be
able to see and access K8S Dashboard**
## Related Tickets
- https://github.com/elastic/security-team/issues/11418
- https://github.com/elastic/security-team/issues/10735
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Paulo Silva <paulo.henrique@elastic.co>
Co-authored-by: Maxim Kholod <maxim.kholod@elastic.co>
## Summary
In this PR we're updating some API tests to use the OpenAPI-generated
types and we're unksipping a bunch of tests on ESS.
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
## Summary
Closes https://github.com/elastic/kibana/issues/203967
Supports dashboard variables in ES|QL charts.
This PR introduces the first phase of ES|QL controls. In this phase:
- the flow starts from Lens ES|QL editor (and no vice-versa, this will
happen on a later phase after we discuss some technical details with ES)
- it is only available for dashboards (we want to include them in other
apps as Discover but this is the next phase driven by the presentation
team)
- it supports variables for intervals, fields and values. I haven't
added support for functions. I am going to do it after this PR being
merged (there are some business questions I want to answer first)
For more info check this
[deck](https://docs.google.com/presentation/d/1qSbWLSoC5SseXuLix763vpp8sa7ikp3pQTbHImEHBoc)
### Implementation details
- There is a new service, the ESQLVariables service that is responsible
for ES|QL variables. I isolated this to a new plugin owned by the ES|QL
team for cleaner code and for avoiding circular dependencies
- A new ESQL_CONTROL type got created. It follows the exact same logic
as the rest controls. No changes in the architecture here.
- The creation of the controls (the control forms) have been added in
the esql plugin.
- Lens has small changes:
- The support of variables in the textBased datasource
- Two callbacks needed to be called after the creation / cancellation of
an ES|QL control
### Types of ES|QL variables
We have 2 types:
- Static Values (the user gives a list of values with his own
responsibility). As the flow starts from the editor we can identify what
they most possibly want to do and we give the user some options but they
have the freedom to do as they want. A basic validation has been added
too.
- Values from an ES|QL query (the user gives an ES|QL query that
generates the values). As the flow starts from the editor we can suggest
a query for the users but they can always change it as they wish.
<img width="1168" alt="image"
src="https://github.com/user-attachments/assets/cc28beb8-111c-43ad-9f26-865bc62ae512"
/>
### Example of a control creation from the editor
### Release note
ES|QL charts now allow the creation of controls in dashboards. You can
control a part of the query such as a field, an interval or a value.
### Checklist
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] This was checked for breaking HTTP API changes, and any breaking
changes have been approved by the breaking-change committee. The
`release_note:breaking` label should be applied in these situations.
- [x] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Andrea Del Rio <delrio.andre@gmail.com>
Co-authored-by: Devon Thomson <devon.thomson@elastic.co>
## Store gaps in event log
Setting new fields hidden behind feature flag
(`storeGapsInEventLogEnabled`). It should be possible to do intermediate
release, just to update mappings.
In this PR:
- store gaps in event log
- update event log mappings
- add gap range and unfilled_gap_ms mappings into rule `last_run`
metrics for rule schema
### How it works
In this stage we use our current mechanism for gap detection in security
rules. Instead of just report duration in ms, we will also report date
range of the gap. To set this value we use `RuleMonitoringService` from
the security rule execution.
Later in task runner we check if last run from `RuleMonitoringService`
has gap range information. If it there, we use `AlertingEventLogger` to
create Gap document in event log.
New field in event log in `kibana.alert.rule.gap` fields:
`status`: keyword. Gap status
`range`: date_range. Full gap range
`filled_intervals`: date_range. Filled intervals
`unfilled_intervals`: date_range. Unfilled intervals
`in_progress_intervals`: date_range Intervals which currently have
potential rule executions planned (from manual rule run)
`total_gap_duration_ms`: long
`filled_gap_duration_ms`: long
`unfilled_gap_duration_ms`: long
`in_progress_gap_duration_ms`: long
**kibana.alert.rule.execution**: extend execution info with gap_range
`kibana.alert.rule.execution.gap_range`
## Rule schema
Added `unfilled_gap_ms` into rule response schema. We will calculate
total gap duration after each rule execution, and write in to rule
object for 1d,3d,7d. It's allow us to use it in Rule monitoring table,
and be able sort by that field
I plan add integrations tests, in next PR's when we will have API to get
gaps info
### How this schema will be used:
More details
[here](https://docs.google.com/document/d/1pDJZon-OzUwmk1ENNZJo0QUoSD-MCwy_tn9GCCBX_1Y/edit?tab=t.0)
---------
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
This PR updates the function definitions and inline docs based on the
latest metadata from Elasticsearch.
---------
Co-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>
## Summary
Follow-up of https://github.com/elastic/kibana/pull/208144
The inference APIs can now detect if the underlying model / connector
supports native function calling using the `functionCalling: "auto"`
parameter. This PR adapts the calls done from the security assistant to
use that new value
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
## Summary
Apply severity colors for Borealis theme.
https://github.com/elastic/kibana/pull/204007#discussion_r1908519126
Update: ⚠️ As the final decision for severity color is still pending,
the temporary colors are the hard coded color hex:
https://github.com/elastic/kibana/issues/203387
`TODO` Borealis migration - move from hardcoded values to severity
palette https://github.com/elastic/security-team/issues/11606
| Color token | Amsterdam|Borealis|
|-------------|------------|------------|
| Critical | euiThemeVars.euiColorDanger |```#E7664C```|
| High | euiThemeVars.euiColorVis9_behindText |```#DA8B45``` |
| Meduiml |euiThemeVars.euiColorVis5_behindText|```#D6BF57``` |
| Low | euiThemeVars.euiColorVis0| ```#54B399``` |
### Running Kibana with the Borealis theme
In order to run Kibana with Borealis, you'll need to do the following:
Set the following in kibana.dev.yml:
uiSettings.experimental.themeSwitcherEnabled: true
Run Kibana with the following environment variable set:
KBN_OPTIMIZER_THEMES="borealislight,borealisdark,v8light,v8dark" yarn
start
This will expose a toggle under Stack Management > Advanced Settings >
Theme version, which you can use to toggle between Amsterdam and
Borealis.
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
