64743b3a82
# Purpose This change introduces new validations that ensure no loss of data is possible if a user accidentally sets the Security Entity Store enrich policy execution interval to a value that “doesn’t play nicely” with the lookback period value. The specific logic (greater than or equal to half the value) was chosen to not only ensure no loss of data, but also provide extra resiliency in case of a failed enrich policy execution. (Note that this is not considered a breaking change, as the parameters are not yet available on any version of Elastic, including Serverless.) # How to test 1. Load appropriate entity log data to your Kibana instance (for example, using the [security-documents-generator](https://github.com/elastic/security-documents-generator)) 2. Navigate to the Developer console 3. Attempt to enable the Entity Store via the /enable or /init routes (examples below), and pass in values that are expected to error. For example, “lookbackPeriod”: “24h” and “enrichPolicyExecutionInterval”: “24h” should fail, because of the validation logic 4. Expect results similar to those shown below, specifically a 400 error, or else a success message <img width="1902" alt="Screenshot 2025-02-27 at 12 57 45 AM" src="https://github.com/user-attachments/assets/a7f4b0fb-9899-4e00-a0ae-d172245bd506" /> <img width="1909" alt="Screenshot 2025-02-27 at 12 58 06 AM" src="https://github.com/user-attachments/assets/372acde2-9d7b-4c75-8596-af8374088f79" /> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| examples | ||
| linters | ||
| output | ||
| overlays | ||
| scripts | ||
| bundle.json | ||
| bundle.serverless.json | ||
| kibana.info.serverless.yaml | ||
| kibana.info.yaml | ||
| makefile | ||
| package-lock.json | ||
| package.json | ||
| README.md | ||
Kibana API reference documentation
Documentation about our OpenAPI bundling workflow and configuration. See Kibana's hosted stateful and serverless docs.
Workflow
The final goal of this workflow is to produce an OpenAPI bundle containing all Kibana's public APIs.
Step 0
OAS from Kibana's APIs are continuously extracted and captured in bundle.json and bundle.serverless.json as fully formed OAS documentation. See node scripts/capture_oas_snapshot --help for more info.
These bundles form the basis of our OpenAPI bundles to which we append and layer extra information before publishing.
Step 1
Append pre-existing bundles not extracted from code using kbn-openapi-bundler to produce the final resulting bundles.
To add more files into the final bundle, edit the appropriate oas_docs/scripts/merge*.js files.
Step 2
Apply any final overalys to the document that might include examples or final tweaks (see the "Scripts" section for more details).
Scripts
The oas_docs/scripts folder contains scripts that point to the source domain-specific OpenAPI bundles and specify additional parameters for producing the final output bundle. Currently, there are the following scripts:
-
merge_ess_oas.jsscript produces production an output bundle for ESS -
merge_serverless_oas.jsscript produces production an output bundle for Serverless
Output Kibana OpenAPI bundles
The oas_docs/output folder contains the final resulting Kibana OpenAPI bundles
kibana.yamlproduction ready ESS OpenAPI bundlekibana.serverless.yamlproduction ready Serverless OpenAPI bundle
Bundling commands
Besides the scripts in the oas_docs/scripts folder, there is an oas_docs/makefile to simplify the workflow. Use make help to see available commands.