github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-27 18:51:07 -04:00
Code Issues Projects Releases Packages Wiki Activity
60248 commits 499 branches 518 tags 21 GiB
Commit graph

60248 commits

This branch
This branch
All branches
Author SHA1 Message Date
Gergő Ábrahám
7eaa352c6c
[Security Solution] Add new default policy 'Data Collection' to endpoint onboarding (#149588) 
## Summary

Added new configuration option for Elastic Defend integration's
Traditional Endpoint environment:
- Data Collection only configuration option
- uses the already available config policy (added here #144087)
- the default option is NGAV (as before)

Test:
- go to Management / Integrations
- select Elastic Defend
- press the 'Add Elastic Defend' button

<img width="1321" alt="image"
src="https://user-images.githubusercontent.com/39014407/214846703-9632f6e7-18a8-4312-a61d-8ee9255833e0.png">


### Checklist

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
 2023-01-30 13:11:52 +01:00
Yulia Čech
68cb20d66d
[Guided onboarding] Readme updates (#149604) 
## Summary
This PR adds more information to the plugin's README.md file. As
suggested by @alisonelizabeth , I added the text from the handover
document here so that it can easily be found close to the code.
 2023-01-30 05:10:48 -07:00
Tomasz Ciecierski
1e90bcdb22
[Osquery] Fix styling of Ecs Field and url slash issue (#148719) 2023-01-30 13:02:24 +01:00
Maryam Saeidi
1a1cfc65e6
[AO] Add alert summary widget to overview page (#149581) 
Closes #138887

## 📝 Summary

This PR adds the Alert Summary Widget to the overview page.


![image](https://user-images.githubusercontent.com/12370520/215071851-5d48d80a-401e-49fa-8c6e-7a4ca33850a6.png)


## 🧪 How to test
Generate alerts and check the Alert Summary Widget component on the
overview page.

## 🐞 Kown issues
- The loading state will be covered in a separate ticket:
https://github.com/elastic/kibana/issues/149237
- At start, when there is no rule, the Alert Summary Widget shows an
error that will be fixed in this ticket:
https://github.com/elastic/kibana/issues/148653

---------

Co-authored-by: Katrin Freihofner <katrin.freihofner@elastic.co>
 2023-01-30 11:54:28 +01:00
Dario Gieselaar
c224972f47
[APM] Ensure rolled up data is excluded by default (#148510) 
Closes https://github.com/elastic/kibana/issues/148507
 2023-01-30 11:10:42 +01:00
Julia Rechkunova
85023d1618
[UnifiedFieldList] Support more field type icons and descriptions (#149416) 
Closes https://github.com/elastic/kibana/issues/132688

This PR extends the icons and descriptions with other field types which
are supported by ES but Kibana was showing "unknown".
Descriptions are pulled from docs
https://www.elastic.co/guide/en/elasticsearch/reference/master/mapping-types.html

<img width="652" alt="Screenshot 2023-01-26 at 13 41 01"
src="https://user-images.githubusercontent.com/1415710/214838214-6bc6185a-ac8c-4892-946b-d37bb1f4c41f.png">


<details>
<summary>Sample data</summary>
<p>

```
PUT sample

PUT sample/_mapping
{
  "properties": {
    "keyword_key": {
      "type": "keyword"
    },
    "text_message": {
      "type": "text"
    },
    "number_amount": {
      "type": "long"
    },
    "number_price": {
      "type": "float"
    },
    "bool_enabled": {
      "type": "boolean"
    },
    "binary_blob": {
      "type": "binary"
    },
    "date": {
      "type": "date"
    },
    "date_nanos": {
      "type": "date_nanos"
    },
    "object_user": {
      "properties": {
        "first": { "type": "text" },
        "last": { "type": "text" }
      }
    },
    "nested_user": {
      "type": "nested"
    },
    "flattened_labels": {
      "type": "flattened"
    },
    "range_time_frame": {
      "type": "date_range", 
      "format": "yyyy-MM-dd HH:mm:ss||yyyy-MM-dd||epoch_millis"
    },
    "ip_addr": {
      "type": "ip"
    },
    "version": {
      "type": "version"
    },
    "vector": {
      "type": "dense_vector",
      "dims": 3
    },
    "geo_point": {
      "type": "geo_point"
    },
    "histogram" : {
      "type" : "histogram"
    },
    "rank_features": {
      "type": "rank_features" 
    },
    "geometry": {
      "type": "shape"
    },
    "integer_range": {
      "type": "integer_range"
    },
    "long_range": {
      "type": "long_range"
    },
    "float_range": {
      "type": "float_range"
    },
    "double_range": {
      "type": "double_range"
    },
    "point_location": {
      "type": "point"
    },
    "object_manager": { 
      "properties": {
        "age":  { "type": "integer" },
        "name": { 
          "properties": {
            "first": { "type": "text" },
            "last":  { "type": "text" }
          }
        }
      }
    }
  }
}

DELETE sample/_doc/1
PUT sample/_doc/1
{
    "keyword_key": "abcd1",
    "text_message": "Hi there! I am a sample string.",
    "number_amount": 50,
    "number_price": 10.99,
    "bool_enabled": false,
    "binary_blob": "U29tZSBiaW5hcnkgYmxvYg==",
    "date": "2022-05-22T12:10:30Z",
    "date_nanos": "2022-01-01T12:10:30.123456789Z",
    "object_user": {
      "first": "John",
      "last": "Smith"
    },
    "nested_user" : [
      {
        "first": "John",
        "last": "Smith"
      },
      {
        "first": "Alice",
        "last": "White"
      }
    ],
    "flattened_labels": {
      "priority": "urgent",
      "release": ["v1.2.5", "v1.3.0"]
    },
    "range_time_frame" : {
      "gte" : "2015-10-31 12:00:00",
      "lte" : "2015-11-01"
    },
    "ip_addr": "192.168.1.1",
    "version": "1.2.3",
    "vector": [0.5, 10, 6],
    "geo_point" : "POINT (-71.34 41.12)",
    "array_tags": [ "elasticsearch", "wow" ],
    "array_objects": [
      {
        "name": "prog_list",
        "description": "programming list"
      },
      {
        "name": "cool_list",
        "description": "cool stuff list"
      }
    ],
    "histogram": {
      "values": [0.1, 0.2, 0.3, 0.4, 0.5], 
      "counts": [3, 7, 23, 12, 6] 
    },
    "rank_features": {
      "1star": 10,
      "2star": 100
    },
    "geometry": {
      "type" : "polygon",
      "coordinates" : [
        [ [1000.0, -1001.0], [1001.0, -1001.0], [1001.0, -1000.0], [1000.0, -1000.0], [1000.0, -1001.0] ]
      ]
    },
    "integer_range": {
      "gte" : 10,
      "lt" : 20
    },
    "long_range": {
      "gte" : 100,
      "lt" : 200
    },
    "float_range": {
      "gte" : 10.5,
      "lt" : 20.5
    },
    "double_range": {
      "gte" : 100.5,
      "lt" : 200.5
    },
    "point_location": { 
      "x": -71.34,
      "y": 41.12
    },
    "object_manager": { 
      "age": 30,
      "name": { 
        "first": "John",
        "last":  "Smith"
      }
    }
  }
  
DELETE sample/_doc/2
PUT sample/_doc/2
{
    "keyword_key": "=1+2\";=1+2",
    "text_message": "I'm multiline\n*&%$#@",
    "number_amount": 10,
    "number_price": 105.99,
    "bool_enabled": true,
    "binary_blob": "U29tZSBiaW5hcnkgYmxvYg==",
    "date": "2022-05-20",
    "date_nanos": "2022-01-02T11:10:30.123456789Z",
    "object_user": {
      "first": "Jane",
      "last": "Smith"
    },
    "nested_user": [
      {
        "first": "Jane",
        "last": "Smith"
      }
    ],
    "flattened_labels": {
      "priority": "minor",
      "release": ["v1.4.5"]
    },
    "range_time_frame": {
      "gte": "2015-10-31 12:00:00",
      "lte": "2016-11-01"
    },
    "ip_addr": "192.168.1.0",
    "version": "1.3.3",
    "vector": [0.5, 12, 6],
    "geo_point": {
      "lat": 41.12,
      "lon": -71.34
    },
    "array_tags": [ "=1+2'\" ;,=1+2" ],
    "array_objects": [
      {
        "name": "elastic_list",
        "description": "elastic list"
      }
    ],
    "histogram": {
      "values": [0.1, 0.25, 0.35, 0.4, 0.45, 0.5], 
      "counts": [8, 17, 8, 7, 6, 2] 
   },
   "rank_features": {
      "1star": 20,
      "2star": 350
    },
    "geometry": {
      "type": "geometrycollection",
      "geometries": [
        {
          "type": "point",
          "coordinates": [1000.0, 100.0]
        },
        {
          "type": "linestring",
          "coordinates": [ [1001.0, 100.0], [1002.0, 100.0] ]
        }
      ]
    },
    "integer_range": {
      "gte" : 30,
      "lt" : 40
    },
    "long_range": {
      "gte" : 300,
      "lt" : 400
    },
    "float_range": {
      "gte" : 30.5,
      "lt" : 40.5
    },
    "double_range": {
      "gte" : 300.5,
      "lt" : 400.5
    },
    "point_location": [ -71.34, 41.12 ],
    "object_manager": { 
      "age": 25,
      "name": { 
        "first": "Katy",
        "last":  "Smith"
      }
    }
  }
```

</p>
</details>
 2023-01-30 03:07:17 -07:00
Dima Arnautov
fe5cd3f0d9
[ML] Remove Technical Preview label from the Trained Models UI. (#149715) 
## Summary

Removes Technical Preview badges from the Trained Models UI. 

<img width="1234" alt="image"
src="https://user-images.githubusercontent.com/5236598/215152415-30f579b6-72a6-4e6f-afe3-d7613c232f4d.png">

<img width="1234" alt="image"
src="https://user-images.githubusercontent.com/5236598/215152456-4371c042-50f6-40b3-9239-7047a492d9be.png">
 2023-01-30 10:46:58 +01:00
Janki Salvi
89dac164f2
[Cases] Update UI to use find user actions API (#149523) 
## Summary

This PR updates UI to use `findUserActions` API introduced in #148861


### Checklist

Delete any items that are not applicable to this PR.

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

### How to test
Verify User action behaviour is same as before in Case View page

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
 2023-01-30 10:27:49 +01:00
Kibana Machine
c3993536e9
[api-docs] 2023-01-30 Daily api_docs build (#149799) 
Generated by
https://buildkite.com/elastic/kibana-api-docs-daily/builds/233
 2023-01-30 00:55:21 -05:00
Jordan
c47013b8af
[Cloud Posture] Rule template schema - 870 (#149409) 2023-01-29 07:28:24 -07:00
Ido Cohen
d9f4039ed6
[cloud security] support telemetry for cis_aws (#148964) 2023-01-29 13:13:29 +02:00
Kibana Machine
c21df7a1cb
[api-docs] 2023-01-29 Daily api_docs build (#149792) 
Generated by
https://buildkite.com/elastic/kibana-api-docs-daily/builds/232
 2023-01-29 00:56:29 -05:00
Stratoula Kalafateli
457aeb8750
[Lens] Fixes problem with query based annotations on the embeddable (#149684) 
## Summary
Fixes #149667 

This is a quick fix for #149667 where the `initialize` method was used
on SO visualization state before hydrating it with the
`fromPersistableState`.

It would be even better to refactor the `initialize` method to detect if
the state has been hydrated and call it internally rather than have two
distinct methods, where the most appropriate one does not do what's
expected.

Before the fix

![image](https://user-images.githubusercontent.com/17003240/215092349-fda7d98c-07c7-48b8-b816-4c4ab1f15007.png)


After
<img width="817" alt="image"
src="https://user-images.githubusercontent.com/17003240/215092411-369548fb-35b3-4fd2-9bdf-fcddca1c7b5f.png">
 2023-01-28 13:19:46 +02:00
Katerina Patticha
83293c945f
[APM] Fix statement to match function name (#149743) 
## Summary

this time I did make sure I pushed it 🐒 

related to:
https://github.com/elastic/kibana/pull/149610#discussion_r1089366395
 2023-01-28 12:09:41 +01:00
Kibana Machine
8e7d21fa2b
[api-docs] 2023-01-28 Daily api_docs build (#149788) 
Generated by
https://buildkite.com/elastic/kibana-api-docs-daily/builds/231
 2023-01-28 01:01:11 -05:00
GitStart
afde6c2529
[Field editor] Field custom label description mentions Visualize (#149404) 
[Field editor] Field custom label description mentions Visualize 

Resolves https://github.com/elastic/kibana/issues/148629

### Loom/Screenshot Demo

---------

Co-authored-by: Davis McPhee <davis.mcphee@elastic.co>
 2023-01-27 21:17:49 -04:00
Karl Godard
1749dce65f
[Anduril] (D4C) added cloud_defend as a logs destination for fleet/elastic-agent (#149739) 
## Summary

Adds to the appropriate mappings to ensure elastic-agent can write logs
for the new "Defend for containers" service coming in 8.8

### Checklist

Delete any items that are not applicable to this PR.

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
 2023-01-27 13:32:32 -08:00
Kathleen DeRusso
f53c30e2cb
[Enterprise Search] Engines passthrough search routes (#149461) 
## Summary

Added endpoint to support _search in search passthrough API from enterprise search.

---------

Co-authored-by: saarikabhasi <nairsaarika.bhasi@elastic.co>
Co-authored-by: Saarika Bhasi <55930906+saarikabhasi@users.noreply.github.com>
 2023-01-27 14:22:12 -07:00
Kaarina Tungseth
1f9eca02a0
[DOCS] Removes legacy plugins (#149545) 
## Summary

Removes the outdated legacy plugin docs from the Kibana Developer Guide.

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
 2023-01-27 14:47:01 -06:00
Zacqary Adam Xeper
39a37d3ecb
[RAM] Update Rule Action Form to add Summary UX (#149367) 
## Summary

Closes #143679 
Closes #143381

- Updates the action form UI to use `EuiSplitPanel` and other visual
changes specified in #143679
- For rule types with a summary available, enables the Summary/For each
dropdown and defaults it to summary
- Updates `rule_types` API to send `hasGetSummarizedAlerts` property

### Collapsed actions

<img width="600" alt="Screen Shot 2023-01-23 at 5 06 00 PM"
src="https://user-images.githubusercontent.com/1445834/214172700-f4d44c48-f771-42f9-ba1b-8db18f64b72b.png">

### Open actions (for rule type with summary available)
<img width="601" alt="Screen Shot 2023-01-23 at 2 06 11 PM"
src="https://user-images.githubusercontent.com/1445834/214172729-dd591815-4f9d-4bfa-9677-7ff537e37505.png">


### Open actions (for rule type without summary available)
<img width="592" alt="Screen Shot 2023-01-23 at 5 01 34 PM"
src="https://user-images.githubusercontent.com/1445834/214172770-988b81ff-617f-4351-a38d-f33e9a61d7bb.png">

### Checklist

Delete any items that are not applicable to this PR.

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
 2023-01-27 14:14:23 -06:00
Cee Chen
8a2ecc3b4f
Upgrade EUI to v74.0.1 (#149457) 
## Summary

`eui@73.0.0`  `eui@74.0.1`

---

## [`74.0.1`](https://github.com/elastic/eui/tree/v74.0.1)

**Bug fixes**

- Fixed `EuiModalHeaderTitle` type errors when passed `EuiTitle` props
([#6547](https://github.com/elastic/eui/pull/6547))

## [`74.0.0`](https://github.com/elastic/eui/tree/v74.0.0)

- Added the `component` prop to `EuiModalHeaderTitle`, which allows
overriding the default `h1` tag
([#6530](https://github.com/elastic/eui/pull/6530))
- Added the `titleProps` prop to `EuiConfirmModal`, which allows
overriding the default `h1` tag
([#6530](https://github.com/elastic/eui/pull/6530))

**Bug fixes**

- Fixed slight row height jumping in `EuiBasicTable`s when actions with
tooltips became disabled
([#6538](https://github.com/elastic/eui/pull/6538))

**Breaking changes**

- `EuiModalHeaderTitle` now **always** wraps its children in a `h1` tag
(previously attempted to conditionally detect whether its children were
raw strings or not). To change this tag type to, e.g. a more generic
`div`, use the new `component` prop.
([#6530](https://github.com/elastic/eui/pull/6530))
- `EuiLink` now applies `rel="noreferrer"` to all domains, including
`elastic.co` ([#6535](https://github.com/elastic/eui/pull/6535))
- `EuiBasicTable` no longer blocks mouse/keyboard interactions while
`loading` ([#6543](https://github.com/elastic/eui/pull/6543))

**CSS-in-JS conversions**

- Converted `EuiBasicTable` to Emotion
([#6539](https://github.com/elastic/eui/pull/6539))
- Added a new `RenderWithEuiTheme` render prop utility
([#6539](https://github.com/elastic/eui/pull/6539))

---------

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
 2023-01-27 13:03:56 -06:00
Kaarina Tungseth
d7c62f3d7a
[DOCS] Removes data share statement in Advanced Settings (#149730) 
## Summary

Removes `This data will not be shared outside of Elastic.` from Advanced
Settings.
 2023-01-27 13:49:52 -05:00
Pete Hampton
0133fdc3f8
Add package version to prebuilt rule alert telemetry (#148954) 
## Summary

This pull request adds the users installed detection rules package to
the alert telemetry.
This enables Threat Researchers / Detection Engineers to develop these
rules for more fine-grained filtering and tuning.

### Checklist

Delete any items that are not applicable to this PR.

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

### For maintainers

- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
 2023-01-27 18:49:15 +00:00
Joseph McElroy
d1e0c27d5b
[Enterprise Search] Engines view api page (#149690) 
https://user-images.githubusercontent.com/49480/215104280-fb9903b1-cbd9-40d6-8f56-9a2edfa544ad.mov

---------

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
 2023-01-27 18:27:25 +00:00
Shahzad
b18e8682a9
[Synthetics] Timings breakdown indicators (#149402) 
Fixes https://github.com/elastic/kibana/issues/145387
 2023-01-27 19:17:14 +01:00
Kevin Logan
c486aeff2c
[Security Solution] Add quarantined path row for Malware alerts (#149454) 
## Summary

This adds a new highlighted field to alert details for Malware alerts
which come from Endpoints to show the `quarantined_path` of a file, if
there is one.

This change is meant to assist with users who use the new Get File
response action to retrieve files that the Endpoint has quarantined,
which is a common use case for analysts exploring a potential attack.

This field isn't mapped, so the actions are purposefully removed since
we can't search by it.

<img width="1728" alt="image"
src="https://user-images.githubusercontent.com/56395104/214412096-99e9915a-300a-415d-a0dc-d1368eb7897b.png">

### Checklist

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
 2023-01-27 12:48:50 -05:00
Marshall Main
613b25ab13
Store error in RuleDataClient when initialization fails (#149652) 
## Summary

We receive a number of SDHs each month around Rule Data Client
initialization failures causing rule failures later on. Often these are
due to `.partial` indices preventing the mapping update process during
initialization, but we've also seen transient failures due to ES being
overloaded during startup, as well as mapping issues from customers
adding additional component templates.

This PR stores any error encountered during initialization and throws
the same error message again each time `getWriter` is called instead of
throwing a generic error message. This should help triage the issues
faster, as we won't have to spend as much time asking for support to
track down the error message from the first attempt at initializing the
RDC.

### Before

![image](https://user-images.githubusercontent.com/55718608/214979913-4b570a0b-a047-45b2-ada7-637b70c405ef.png)

### After

![image](https://user-images.githubusercontent.com/55718608/214979736-715dce87-f7e1-46b1-a120-08b2c56f3185.png)
 2023-01-27 09:36:56 -08:00
Kevin Logan
a0c689a8a0
[Security Solution] Set the Get File feature flag to true by default (#149612) 
## Summary

Sets the Get File feature flag to true by default in preparation for the
release of the feature.

### Checklist

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
 2023-01-27 10:35:03 -07:00
James Gowdy
ce0ad6e42d
[ML] Removing string literal paths in router (#149590) 
Replaces duplicated string literal paths in the router for our
`ML_PAGES` constants.
E.g.
```ts
path: '/aiops/change_point_detection',
```
is now
```ts
path: createPath(ML_PAGES.AIOPS_CHANGE_POINT_DETECTION),
```
 2023-01-27 17:05:26 +00:00
James Gowdy
706cf27461
[ML] Adding anomaly explanation help link (#149674) 
Adds link to docs.


![image](https://user-images.githubusercontent.com/22172091/215071538-9e474468-6e7b-4c9a-9be9-60c12d0dca7d.png)


Even though the help page in question has specific anchor tags for items
such as `Single bucket impact`, I decided it would look too noisy with
links next to each item in the UI.
The help page isn't too large so it will be easy to find any specific
items.
 2023-01-27 17:04:30 +00:00
Shahzad
9d4a8cde68
[Synthetics] Add error popover to monitor card (#149571) 
Fixes https://github.com/elastic/kibana/issues/135162
 2023-01-27 17:16:24 +01:00
Katerina Patticha
5476c93a64
[APM] Integrate Alert Search bar in alert tab (#149610) 
## Summary

Closes: https://github.com/elastic/kibana/issues/146290

- Integrate Alert search bar
- Delete alerts status filters as it comes for free with the search bar
- Respect time range when fetching alert counts on service inventory and
service overview page
- as the search bar now supports time ranges, it's required to display
consistent data.

### Before 


![image](https://user-images.githubusercontent.com/3369346/214894397-6850274f-f701-481a-a12c-688c144f4c32.png)



### After


https://user-images.githubusercontent.com/3369346/214894788-5fcd42e2-b48f-434f-b38d-18579bfc280e.mov


TODO
- [x]
[getServiceAlerts](https://github.com/elastic/kibana/pull/149610/files#diff-82ef341af674bd7f203551b4d75b73d221a49e6ae4169e0c396e96abb04902bcR59-R67
) query doesn't include environment while the table respects that
filter. Check what's the correct way.

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
 2023-01-27 08:37:29 -07:00
Juan Pablo Djeredjian
6cc9855495
[Security Solution] Write and read Rule Execution Logs from rule instead of saved object (#147035) 
**Addresses:** https://github.com/elastic/kibana/issues/130966
**Based on:** https://github.com/elastic/kibana/issues/135127

## Summary

This PR deprecates the Sidecar SO of type `siem-detection-engine-rule-execution-info` in favour of storing Rule Execution Logging data within the rule itself, making use of the work previously done in the Alerting Framework:
- https://github.com/elastic/kibana/pull/140882
- https://github.com/elastic/kibana/pull/147278

Work done:
- **Pass execution statuses and metrics from rule executors to the Framework:** through the use of `RuleMonitoringService` and `RuleResultService` from within the rule execution log client for executor. `x-pack/plugins/security_solution/server/lib/detection_engine/rule_monitoring/logic/rule_execution_log/client_for_executors/client.ts`
- **Fetch execution statuses and metrics from rules themselves instead of the sidecar `siem-detection-engine-rule-execution-info` saved objects**: through the use of the new function `createRuleExecutionSummary` in `x-pack/plugins/security_solution/server/lib/detection_engine/rule_monitoring/logic/rule_execution_log/create_rule_execution_summary.ts`, which extracts last execution information from the rule itself.
- **Remove the siem-detection-engine-rule-execution-info saved objects type from the codebase. Mark it as deleted in Kibana Core:** added `siem-detection-engine-rule-execution-info` to `packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/unused_types.ts`; and got rid of the related Saved Object client.
- **Make sure to keep backward compatibility in the Detection API endpoints and rule execution events we write into the Event Log**: API compatibility is maintained. No breaking changes.


### Checklist

- [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
 2023-01-27 16:35:47 +01:00
Maxim Palenov
4afc97709a
[Security Solution] Migrate rules table tags filter to EuiSelectable (#149508) 
**Relates to**: https://github.com/elastic/kibana/issues/140263

## Summary

This PR migrates custom tags selector implementation on the rules page which mimics EuiSelectable to **EuiSelectable**. Besides simplification it brings keyboard and accessibility support as well as simplifies accessing the component in e2e tests.

*Before:*

https://user-images.githubusercontent.com/3775283/214831542-737aa9cf-8f76-4777-a23f-cbbfe0a01825.mov

*After:*

https://user-images.githubusercontent.com/3775283/214831568-e0809fd7-3c17-4789-8d3a-9ecbe379fb56.mov

### Checklist

- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
- [x] Any UI touched in this PR is usable by keyboard only (learn more about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [x] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
 2023-01-27 16:35:10 +01:00
gchaps
803c8df070
[DOCS] Updates telemetry settings (#149651) 
## Summary

This docs updates the content for the telemetry settings.
 2023-01-27 07:06:16 -08:00
Christiane (Tina) Heiligers
04affacf80
[uiSettings] improves browser-side public types (#149645) 
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
fix https://github.com/elastic/kibana/issues/137609
 2023-01-27 08:02:22 -07:00
Julia Bardi
2e740c50e2
[Fleet] fix check deleted files task (#149689) 
## Summary

Fixed a bug where the hourly task was incorrectly setting all uploaded
files to DELETED state.
This is because the file doc `_index` property was expected to be in the
form of e.g. `.fleet-file-data-agent`, but actually it contains a
backing index name e.g. `.fleet-files-agent-000001`

How I tested:
- Enroll an agent and request a few diagnostics (requires latest changes
from agent pr)
- Wait for files to be uploaded, the files should be visible here in
READY state: `GET .fleet-files-agent/_search`
- Wait some time (up to 1h) for the task to run
- Expect that the files are still in READY state after the task has run.
- Previously all diagnostics files were set to DELETED in 1 hour

<img width="1394" alt="image"
src="https://user-images.githubusercontent.com/90178898/215104906-94e0364c-1e54-4287-87f7-7c560bf0e41e.png">

Example hit from metadata index:

```
      {
        "_index": ".fleet-files-agent-000001",
        "_id": "2023-01-27T10-25-16Z-00.0c99a40e-5eec-42a4-bbeb-8c92e61f9e42",
        "_score": null,
        "_source": {
          "transithash": {
            "sha256": "d8187866600a3783490f93ffb0920b35180095c1b5392c3c561da516b7b17c82"
          },
          "upload_id": "7695aeac-5837-44a3-8597-8d64aeed3aa2",
          "file": {
            "Status": "READY",
            "ext": "zip",
            "ChunkSize": 4194304,
            "size": 445046,
            "mime_type": "application/zip",
            "name": "elastic-agent-diagnostics-2023-01-27T10-25-16Z-00.zip",
            "hash": {
              "sha256": "",
              "md5": ""
            }
          },
          "agent_id": "0c99a40e-5eec-42a4-bbeb-8c92e61f9e42",
          "action_id": "2023-01-27T10-25-16Z-00",
          "contents": null,
          "src": "agent",
          "upload_start": 1674815116965
        },
        "sort": [
          1674815116965
        ]
      },
```

### Checklist

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
 2023-01-27 07:57:16 -07:00
Stratoula Kalafateli
a3cbb4e75b
[Lens] Display the metric title on the dashboard panel (#149662) 
## Summary

Closes https://github.com/elastic/kibana/issues/148563

After this [PR](
https://github.com/elastic/kibana/pull/148301) being merged, it will be
easier to add the description info icon and the custom data range to the
new metric. For this reason we decided to also allow the panel title for
now.

On the next minors we are going to hide it from the panel and display
all the aforementioned info on the viz title.
<img width="988" alt="image"
src="https://user-images.githubusercontent.com/17003240/215037834-0f556673-8628-484e-aa32-c34188fc7064.png">

### Checklist

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
 2023-01-27 16:50:18 +02:00
Angela Chuang
d1b7db4917
[SecuritySolution] Query risk score without time range (#149682) 
## Summary
Issue:
https://github.com/elastic/security-team/issues/5817
Steps to verify:
1. visit app/security/entity_analytics
2. Inspect host risk score donut chart and user risk score donut chart
3. There should be no time range in their requests.
<img width="2543" alt="Screenshot 2023-01-27 at 12 21 01"
src="https://user-images.githubusercontent.com/6295984/215087615-0b54a86e-b65f-4140-bebd-78f251693ba7.png">


### Checklist

Delete any items that are not applicable to this PR.


- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
 2023-01-27 14:30:12 +00:00
Kibana Machine
5f73936937 skip failing test suite (#147186) 2023-01-27 09:28:54 -05:00
Pablo Machado
272b591ce6
[SecuritySolutions] Friendly job name improvements (#149677) 
## Summary

**1. Delete find notable anomaly job with prefix**
The notable anomalies table displays a hard-coded list of jobs.
Previously we used to show jobs even if the job id had a prefix. But
after this change, we will only show jobs that exactly match the
hard-coded job id list.
 


**2. Fix ML job settings external** 
External job links were broken.

**3. Update ML job settings search placeholder**
[issue](https://github.com/elastic/kibana/issues/149478)
The placeholder was displaying a job id but now we are displaying job
names

<img width="718" alt="Screenshot 2023-01-27 at 12 06 51"
src="https://user-images.githubusercontent.com/1490444/215076743-f8f77474-12fb-4764-9c1f-3726475c823a.png">


### Checklist

Delete any items that are not applicable to this PR.

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
 2023-01-27 06:57:33 -07:00
Elena Stoeva
b6627e5ca1
Add override field to Dot expander processor form (#149599) 
Closes https://github.com/elastic/kibana/issues/108895

## Summary

This PR adds an `Override` toggle field to the Dot expander processor
form under Ingest Pipelines.

<img width="600" alt="Screenshot 2023-01-26 at 14 50 20"
src="https://user-images.githubusercontent.com/59341489/214870560-ce6d9f43-da69-4996-b8a9-04e041f58a36.png">


### Checklist

Delete any items that are not applicable to this PR.

- [X] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [X] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [X] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [X] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [X] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
 2023-01-27 13:55:35 +00:00
Julia Bardi
2dda5b8439
[Fleet] added debug statements to track down stalling bug (#149601) 
## Summary

Related to https://github.com/elastic/kibana/issues/149257

Added a few debug statements and added a condition not to return early
from update tags batch processing.

Couldn't reproduce the bug yet, so I'm not 100% sure this is the root
cause.


### Checklist

- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
 2023-01-27 14:46:40 +01:00
Marco Vettorello
5a2f51c347
[Lens] gracefully handle JS Object method names as field names (#148118) 
The commit fixed the bits of code where we were using directly an index field name as an object key. This can cause errors if the field name is a reserved JS keyword.
The fix reconfigured that part of the code by replacing plain Objects with `Map` that doesn't suffer from this issue.
 2023-01-27 14:40:51 +01:00
Nicolas Chaulet
22c693d17f
[Fleet] Fix Lock icon aligment for managed agent policies (#149636) 2023-01-27 08:34:24 -04:00
Sergi Massaneda
09de0d4531
[CellActions] Support for empty value in addToTimeline action (#149527) 
part of: https://github.com/elastic/kibana/issues/145666

## Summary

This PR contains changes in the `dataProvider` function for the
addToTimeline action:

- add support for empty values excluding the field, to make it
consistent with the legacy implementation.
- id changes removing the "draggable" word.
- extracted `getIdForField` function to reduce the main function
complexity (linter warning appeared)

This PR also introduces the `CellAction` type for action creation:

- `isCompatible` method parameters uses the new
`CellActionCompatibilityContext` type instead of
`CellActionExecutionContext`, it omits the `field.value` and the
references values, they are not needed to check the compatibility and,
in some situations, it is not possible to pass them.
- use CellAction type in all SecuritySolution action creators
- action creators now return plain objects instead of using
`createAction` (deprecated) function.
- all actions now check `fieldHasCellActions(field.name)` in the
`inCompatible` function, to keep the consistency with legacy code.
- `useLoadAction` hooks now integrate the error control, components
don't need to check the `error` anymore.

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
 2023-01-27 05:14:32 -07:00
Marco Liberati
475908fe93
[Graph] Enable allowJS flag in TS config (#149671) 
## Summary

Fixes #144286


### Checklist

Delete any items that are not applicable to this PR.

- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [ ] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [ ] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)


### Risk Matrix

Delete this section if it is not applicable to this PR.

Before closing this PR, invite QA, stakeholders, and other developers to
identify risks that should be tested prior to the change/feature
release.

When forming the risk matrix, consider some of the following examples
and how they may potentially impact the change:

| Risk | Probability | Severity | Mitigation/Notes |

|---------------------------|-------------|----------|-------------------------|
| Multiple Spaces&mdash;unexpected behavior in non-default Kibana Space.
| Low | High | Integration tests will verify that all features are still
supported in non-default Kibana Space and when user switches between
spaces. |
| Multiple nodes&mdash;Elasticsearch polling might have race conditions
when multiple Kibana nodes are polling for the same tasks. | High | Low
| Tasks are idempotent, so executing them multiple times will not result
in logical error, but will degrade performance. To test for this case we
add plenty of unit tests around this logic and document manual testing
procedure. |
| Code should gracefully handle cases when feature X or plugin Y are
disabled. | Medium | High | Unit tests will verify that any feature flag
or plugin combination still results in our service operational. |
| [See more potential risk
examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |


### For maintainers

- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
 2023-01-27 12:21:26 +01:00
Walter Rafelsberger
b87d754e9e
[ML] AIOps: Fixes timefilter subscriptions. (#149576) 
The `useEffect` hooks that set up subscriptions related to the
`timefilter` were missing `[]` to be only called when the code is
mounted, without it they were called on every render. This PR adds the
missing `[]` and also combines the two hooks into one.
 2023-01-27 12:01:22 +01:00
claracruz
db7bc1423b
Add background image to flyout panel dark (#149668) 
Rel #147383

### Screenshots

<img width="518" alt="Screenshot 2023-01-27 at 09 48 47"
src="https://user-images.githubusercontent.com/91763/215057006-94dde903-e40a-4126-889b-957bcff0175c.png">
 2023-01-27 10:59:10 +00:00
jennypavlova
616630e2ab
[Infrastructure UI] Fix: Metrics explorer padding issue (#149609) 
Closes #149537

## Summary

This PR will fix the padding issue in metrics explorer. I tried to
investigate what caused the issue and couldn't find any lead in the
`toolbar` component history (nothing changed there). I opened our
monitoring cluster and there the only difference I saw was the
`gutterSize` defined in the flex groups and then all flex items inside
have the correct margins.
<img width="1808" alt="image"
src="https://user-images.githubusercontent.com/14139027/214890355-d5d682b9-4716-4ead-858c-0cf3718122bb.png">
I tried to add `gutterSize` to both flex groups but unfortunately, it
didn't work - the flex items didn't get the margins. Probably the way
the `eu` component passes them is changed. I don't see this issue on any
of the other pages inside Infrastructure so it's maybe an edge case.

I got the "inspiration" for this fix from the [euiFlex
docs](https://elastic.github.io/eui/#/layout/flex#flex-grids-and-flex-groups-can-nest)
and by adding the existing 2 groups in another flex group with defined
`gutterSize` and `direction` to get the correct spacing between the
groups. I am also open to other ideas: I decided to still add this fix
and invest more time to investigate the cause of the bug only if this
fix is not a possible solution to the issue.
 2023-01-27 11:48:52 +01:00