mirror of
https://github.com/elastic/kibana.git
synced 2025-04-24 17:59:23 -04:00
7638b23226
# Backport This will backport the following commits from `main` to `8.x`: - [[Synonyms UI] Search synonyms rule flyout (#208564)](https://github.com/elastic/kibana/pull/208564) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Efe Gürkan YALAMAN","email":"efeguerkan.yalaman@elastic.co"},"sourceCommit":{"committedDate":"2025-01-29T21:55:52Z","message":"[Synonyms UI] Search synonyms rule flyout (#208564)\n\n## Summary\r\n\r\nAdds search synonym rule flyout.\r\nAdds endpoints and hooks for synonym rule management.\r\n\r\n\r\nhttps://github.com/user-attachments/assets/e43b4a40-6452-4cfd-921f-2bde1219f219\r\n\r\n\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [x] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"2cb7bea5f3e7686faa5dfbf11b8c7d270fdcdd34","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Search","backport:version","v8.18.0"],"title":"[Synonyms UI] Search synonyms rule flyout","number":208564,"url":"https://github.com/elastic/kibana/pull/208564","mergeCommit":{"message":"[Synonyms UI] Search synonyms rule flyout (#208564)\n\n## Summary\r\n\r\nAdds search synonym rule flyout.\r\nAdds endpoints and hooks for synonym rule management.\r\n\r\n\r\nhttps://github.com/user-attachments/assets/e43b4a40-6452-4cfd-921f-2bde1219f219\r\n\r\n\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [x] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"2cb7bea5f3e7686faa5dfbf11b8c7d270fdcdd34"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/208564","number":208564,"mergeCommit":{"message":"[Synonyms UI] Search synonyms rule flyout (#208564)\n\n## Summary\r\n\r\nAdds search synonym rule flyout.\r\nAdds endpoints and hooks for synonym rule management.\r\n\r\n\r\nhttps://github.com/user-attachments/assets/e43b4a40-6452-4cfd-921f-2bde1219f219\r\n\r\n\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [x] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"2cb7bea5f3e7686faa5dfbf11b8c7d270fdcdd34"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->
160 lines
5.3 KiB
YAML
160 lines
5.3 KiB
YAML
# Security Project config
|
|
|
|
## Disable plugins
|
|
enterpriseSearch.enabled: false
|
|
xpack.apm.enabled: false
|
|
xpack.infra.enabled: false
|
|
xpack.observabilityLogsExplorer.enabled: false
|
|
xpack.observability.enabled: false
|
|
xpack.observabilityAIAssistant.enabled: false
|
|
xpack.search.notebooks.enabled: false
|
|
xpack.searchPlayground.enabled: false
|
|
xpack.searchInferenceEndpoints.enabled: false
|
|
xpack.searchSynonyms.enabled: false
|
|
|
|
## Fine-tune the security solution feature privileges. Also, refer to `serverless.yml` for the project-agnostic overrides.
|
|
xpack.features.overrides:
|
|
### Dashboard feature is hidden in Role management since it's automatically granted by SIEM feature.
|
|
dashboard.hidden: true
|
|
### Discover feature is hidden in Role management since it's automatically granted by SIEM feature.
|
|
discover.hidden: true
|
|
### Machine Learning feature is moved from Analytics category to the Security one as the last item.
|
|
ml:
|
|
category: "security"
|
|
order: 1101
|
|
### Security's feature privileges are fine-tuned to grant access to Discover, Dashboard, Maps, and Visualize apps.
|
|
siemV2:
|
|
privileges:
|
|
### Security's `All` feature privilege should implicitly grant `All` access to Discover, Dashboard, Maps, and
|
|
### Visualize features.
|
|
all.composedOf:
|
|
- feature: "discover"
|
|
privileges: [ "all" ]
|
|
- feature: "dashboard"
|
|
privileges: [ "all" ]
|
|
- feature: "visualize"
|
|
privileges: [ "all" ]
|
|
- feature: "maps"
|
|
privileges: [ "all" ]
|
|
# Security's `Read` feature privilege should implicitly grant `Read` access to Discover, Dashboard, Maps, and
|
|
# Visualize features. Additionally, it should implicitly grant privilege to create short URLs in Discover,
|
|
### Dashboard, and Visualize apps.
|
|
read.composedOf:
|
|
- feature: "discover"
|
|
privileges: [ "read" ]
|
|
- feature: "dashboard"
|
|
privileges: [ "read" ]
|
|
- feature: "visualize"
|
|
privileges: [ "read" ]
|
|
- feature: "maps"
|
|
privileges: [ "read" ]
|
|
|
|
### Security's feature privileges are fine-tuned to grant access to Discover, Dashboard, Maps, and Visualize apps.
|
|
siem:
|
|
privileges:
|
|
### Security's `All` feature privilege should implicitly grant `All` access to Discover, Dashboard, Maps, and
|
|
### Visualize features.
|
|
all.composedOf:
|
|
- feature: "discover"
|
|
privileges: [ "all" ]
|
|
- feature: "dashboard"
|
|
privileges: [ "all" ]
|
|
- feature: "visualize"
|
|
privileges: [ "all" ]
|
|
- feature: "maps"
|
|
privileges: [ "all" ]
|
|
# Security's `Read` feature privilege should implicitly grant `Read` access to Discover, Dashboard, Maps, and
|
|
# Visualize features. Additionally, it should implicitly grant privilege to create short URLs in Discover,
|
|
### Dashboard, and Visualize apps.
|
|
read.composedOf:
|
|
- feature: "discover"
|
|
privileges: [ "read" ]
|
|
- feature: "dashboard"
|
|
privileges: [ "read" ]
|
|
- feature: "visualize"
|
|
privileges: [ "read" ]
|
|
- feature: "maps"
|
|
privileges: [ "read" ]
|
|
|
|
## Cloud settings
|
|
xpack.cloud.serverless.project_type: security
|
|
|
|
## Enable the Security Solution Serverless plugin
|
|
xpack.securitySolutionServerless.enabled: true
|
|
xpack.securitySolutionServerless.productTypes:
|
|
[
|
|
{ product_line: 'security', product_tier: 'complete' },
|
|
{ product_line: 'endpoint', product_tier: 'complete' },
|
|
{ product_line: 'cloud', product_tier: 'complete' },
|
|
]
|
|
|
|
xpack.securitySolution.offeringSettings: {
|
|
ILMEnabled: false, # Index Lifecycle Management (ILM) functionalities disabled, not supported by serverless Elasticsearch
|
|
}
|
|
|
|
newsfeed.enabled: true
|
|
|
|
## Set the home route
|
|
uiSettings.overrides.defaultRoute: /app/security/get_started
|
|
|
|
## Set the dev project switcher current type
|
|
xpack.serverless.plugin.developer.projectSwitcher.currentType: 'security'
|
|
|
|
# Specify in telemetry the project type
|
|
telemetry.labels.serverless: security
|
|
|
|
# Fleet specific configuration
|
|
xpack.fleet.internal.registry.capabilities: ['security']
|
|
xpack.fleet.internal.registry.spec.min: '3.0'
|
|
xpack.fleet.internal.registry.spec.max: '3.3'
|
|
xpack.fleet.internal.registry.kibanaVersionCheckEnabled: false
|
|
xpack.fleet.internal.registry.excludePackages: [
|
|
# Oblt integrations
|
|
'apm',
|
|
'synthetics',
|
|
'synthetics_dashboards',
|
|
|
|
# Removed in 8.11 integrations
|
|
'cisco',
|
|
'microsoft',
|
|
'symantec',
|
|
'cyberark',
|
|
|
|
# ML integrations
|
|
'dga',
|
|
]
|
|
# fleet_server package installed to publish agent metrics
|
|
xpack.fleet.packages:
|
|
- name: fleet_server
|
|
version: latest
|
|
|
|
xpack.ml.ad.enabled: true
|
|
xpack.ml.dfa.enabled: true
|
|
xpack.ml.nlp:
|
|
enabled: true
|
|
modelDeployment:
|
|
allowStaticAllocations: false
|
|
vCPURange:
|
|
low:
|
|
min: 0
|
|
max: 2
|
|
medium:
|
|
min: 1
|
|
max: 32
|
|
high:
|
|
min: 1
|
|
max: 128
|
|
xpack.ml.compatibleModuleType: 'security'
|
|
|
|
# Disable the embedded Dev Console
|
|
console.ui.embeddedEnabled: false
|
|
|
|
# Enable project level rentention checks in DSL form from Index Management UI
|
|
xpack.index_management.enableProjectLevelRetentionChecks: true
|
|
|
|
# Experimental Security Solution features
|
|
|
|
# These features are disabled in Serverless until fully tested
|
|
xpack.securitySolution.enableExperimental:
|
|
- entityStoreDisabled
|
|
- siemMigrationsDisabled
|