mirror of
https://github.com/elastic/kibana.git
synced 2025-04-20 07:48:52 -04:00
0a5d490226
# Backport
This will backport the following commits from `main` to `8.x`:
- [AI Assistant] Add assistant to Serverless Search (#196832) (3bc5e2db)
<!--- Backport version: 8.9.8 -->
### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)
<!--BACKPORT [{"author":{"name":"Sander
Philipse","email":"94373878+sphilipse@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-25T10:03:04Z","message":"[AI
Assistant] Add assistant to Serverless Search (#196832)\n\n##
Summary\r\n\r\nThis adds the AI assistant to Serverless Elasticsearch.
It also disables\r\nthe knowledge base, and disables a few config values
we don't want users\r\nto be able to set in that
context.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by:
Elena Shostak
<165678770+elena-shostak@users.noreply.github.com>","sha":"3bc5e2db73799dc9c7831b6f9da4a52063cf112f"},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[]}]
BACKPORT-->
210 lines
8 KiB
YAML
210 lines
8 KiB
YAML
# Observability Project config
|
|
|
|
## Disable plugins
|
|
enterpriseSearch.enabled: false
|
|
xpack.cloudSecurityPosture.enabled: false
|
|
xpack.infra.enabled: true
|
|
xpack.uptime.enabled: true
|
|
xpack.securitySolution.enabled: false
|
|
xpack.search.notebooks.enabled: false
|
|
|
|
## Fine-tune the observability solution feature privileges. Also, refer to `serverless.yml` for the project-agnostic overrides.
|
|
xpack.features.overrides:
|
|
### Applications feature privileges are fine-tuned to grant access to Logs, and Observability apps.
|
|
apm:
|
|
### By default, this feature named as `APM and User Experience`, but should be renamed to `Applications`.
|
|
name: "Applications"
|
|
privileges:
|
|
# Infrastructure's `All` feature privilege should implicitly grant `All` access to Logs and Observability apps.
|
|
all.composedOf:
|
|
- feature: "logs"
|
|
privileges: [ "all" ]
|
|
- feature: "observability"
|
|
privileges: [ "all" ]
|
|
# Infrastructure's `Read` feature privilege should implicitly grant `Read` access to Logs and Observability apps.
|
|
read.composedOf:
|
|
- feature: "logs"
|
|
privileges: [ "read" ]
|
|
- feature: "observability"
|
|
privileges: [ "read" ]
|
|
### Dashboards feature should be moved from Analytics category to the Observability one.
|
|
dashboard.category: "observability"
|
|
### Discover feature should be moved from Analytics category to the Observability one and its privileges are
|
|
### fine-tuned to grant access to Observability app.
|
|
discover:
|
|
category: "observability"
|
|
privileges:
|
|
# Discover `All` feature privilege should implicitly grant `All` access to Observability app.
|
|
all.composedOf:
|
|
- feature: "observability"
|
|
privileges: [ "all" ]
|
|
# Discover `Read` feature privilege should implicitly grant `Read` access to Observability app.
|
|
read.composedOf:
|
|
- feature: "observability"
|
|
privileges: [ "read" ]
|
|
### Fleet feature privileges are fine-tuned to grant access to Logs app.
|
|
fleetv2:
|
|
privileges:
|
|
# Fleet `All` feature privilege should implicitly grant `All` access to Logs app.
|
|
all.composedOf:
|
|
- feature: "logs"
|
|
privileges: [ "all" ]
|
|
# Fleet `Read` feature privilege should implicitly grant `Read` access to Logs app.
|
|
read.composedOf:
|
|
- feature: "logs"
|
|
privileges: [ "read" ]
|
|
### Infrastructure feature privileges are fine-tuned to grant access to Logs, and Observability apps.
|
|
infrastructure:
|
|
### By default, this feature named as `Metrics`, but should be renamed to `Infrastructure`.
|
|
name: "Infrastructure"
|
|
privileges:
|
|
# Infrastructure's `All` feature privilege should implicitly grant `All` access to Logs and Observability apps.
|
|
all.composedOf:
|
|
- feature: "logs"
|
|
privileges: [ "all" ]
|
|
- feature: "observability"
|
|
privileges: [ "all" ]
|
|
# Infrastructure's `Read` feature privilege should implicitly grant `Read` access to Logs and Observability apps.
|
|
read.composedOf:
|
|
- feature: "logs"
|
|
privileges: [ "read" ]
|
|
- feature: "observability"
|
|
privileges: [ "read" ]
|
|
### Logs feature is hidden in Role management since it's automatically granted by either Infrastructure, or Applications features.
|
|
logs.hidden: true
|
|
### Machine Learning feature should be moved from Analytics category to the Observability one and renamed to `AI Ops`.
|
|
ml:
|
|
category: "observability"
|
|
order: 1200
|
|
### Observability feature is hidden in Role management since it's automatically granted by either Discover,
|
|
### Infrastructure, Applications, Synthetics, or SLOs features.
|
|
observability.hidden: true
|
|
### SLOs feature privileges are fine-tuned to grant access to Observability app.
|
|
slo:
|
|
privileges:
|
|
# SLOs `All` feature privilege should implicitly grant `All` access to Observability app.
|
|
all.composedOf:
|
|
- feature: "observability"
|
|
privileges: [ "all" ]
|
|
# SLOs `Read` feature privilege should implicitly grant `Read` access to Observability app.
|
|
read.composedOf:
|
|
- feature: "observability"
|
|
privileges: [ "read" ]
|
|
### Stack alerts is hidden in Role management since it's not needed.
|
|
stackAlerts.hidden: true
|
|
### Synthetics feature privileges are fine-tuned to grant access to Observability app.
|
|
uptime:
|
|
### By default, this feature named as `Synthetics and Uptime`, but should be renamed to `Synthetics` since `Uptime` is not available.
|
|
name: "Synthetics"
|
|
privileges:
|
|
# Synthetics `All` feature privilege should implicitly grant `All` access to Observability app.
|
|
all.composedOf:
|
|
- feature: "observability"
|
|
privileges: [ "all" ]
|
|
# Synthetics `Read` feature privilege should implicitly grant `Read` access to Observability app.
|
|
read.composedOf:
|
|
- feature: "observability"
|
|
privileges: [ "read" ]
|
|
|
|
## Enable the slo plugin
|
|
xpack.slo.enabled: true
|
|
|
|
## Cloud settings
|
|
xpack.cloud.serverless.project_type: observability
|
|
|
|
## Enable the Serverless Observability plugin
|
|
xpack.serverless.observability.enabled: true
|
|
|
|
## Configure plugins
|
|
|
|
## Set the home route
|
|
uiSettings.overrides.defaultRoute: /app/observability/landing
|
|
|
|
# Customize empty page state for analytics apps
|
|
no_data_page.analyticsNoDataPageFlavor: 'serverless_observability'
|
|
|
|
## Set the dev project switch current type
|
|
xpack.serverless.plugin.developer.projectSwitcher.currentType: 'observability'
|
|
|
|
## Disable adding the component template `.fleet_agent_id_verification-1` to every index template for each datastream for each integration
|
|
xpack.fleet.agentIdVerificationEnabled: false
|
|
|
|
## Enable the capability for the observability feature ID in the serverless environment to take ownership of the rules.
|
|
## The value need to be a featureId observability Or stackAlerts Or siem
|
|
xpack.alerting.rules.overwriteProducer: 'observability'
|
|
xpack.observability.createO11yGenericFeatureId: true
|
|
|
|
## APM Serverless Onboarding flow
|
|
xpack.apm.serverlessOnboarding: true
|
|
|
|
# Synthetics mTLS cert locations
|
|
xpack.uptime.service.tls.certificate: /mnt/elastic-internal/http-certs/tls.crt
|
|
xpack.uptime.service.tls.key: /mnt/elastic-internal/http-certs/tls.key
|
|
|
|
# Fleet specific configuration
|
|
xpack.fleet.internal.registry.capabilities: ['apm', 'observability', 'uptime']
|
|
xpack.fleet.internal.registry.spec.min: '3.0'
|
|
xpack.fleet.internal.registry.spec.max: '3.3'
|
|
xpack.fleet.internal.registry.kibanaVersionCheckEnabled: false
|
|
xpack.fleet.internal.registry.excludePackages: [
|
|
# Security integrations
|
|
'endpoint',
|
|
'beaconing',
|
|
'cloud_security_posture',
|
|
'cloud_defend',
|
|
'security_detection_engine',
|
|
|
|
# Removed in 8.11 integrations
|
|
'cisco',
|
|
'microsoft',
|
|
'symantec',
|
|
'cyberark',
|
|
|
|
# ML integrations
|
|
'dga',
|
|
|
|
# Profiling integrations
|
|
'profiler_agent',
|
|
]
|
|
|
|
## Required for force installation of integration packages
|
|
xpack.fleet.packages:
|
|
# fleet_server package installed to publish agent metrics
|
|
- name: fleet_server
|
|
version: latest
|
|
## Disable APM UI components and API calls
|
|
xpack.apm.featureFlags.agentConfigurationAvailable: false
|
|
xpack.apm.featureFlags.configurableIndicesAvailable: false
|
|
xpack.apm.featureFlags.infrastructureTabAvailable: true
|
|
xpack.apm.featureFlags.infraUiAvailable: true
|
|
xpack.apm.featureFlags.migrationToFleetAvailable: false
|
|
xpack.apm.featureFlags.sourcemapApiAvailable: false
|
|
xpack.apm.featureFlags.storageExplorerAvailable: false
|
|
|
|
## Set the AI Assistant type
|
|
aiAssistantManagementSelection.preferredAIAssistantType: "observability"
|
|
xpack.observabilityAIAssistant.scope: "observability"
|
|
|
|
# Specify in telemetry the project type
|
|
telemetry.labels.serverless: observability
|
|
|
|
xpack.ml.ad.enabled: true
|
|
xpack.ml.dfa.enabled: false
|
|
xpack.ml.nlp:
|
|
enabled: true
|
|
modelDeployment:
|
|
allowStaticAllocations: false
|
|
vCPURange:
|
|
low:
|
|
min: 0
|
|
max: 2
|
|
medium:
|
|
min: 1
|
|
max: 32
|
|
high:
|
|
min: 1
|
|
max: 128
|
|
xpack.ml.compatibleModuleType: 'observability'
|
|
|
|
# Disable the embedded Dev Console
|
|
console.ui.embeddedEnabled: false
|