github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity
Your window into the Elastic Stack
53173 commits 429 branches 496 tags 23 GiB
Find a file
Garrett Spong 3cacbe7c49
[Security Solution][Detections] Integrates installed integrations into interface (#132847) 
## Summary

Wires up the new Installed Integrations API added in https://github.com/elastic/kibana/pull/132667 to the new Related Integrations UI added in https://github.com/elastic/kibana/pull/131475.

#### Additional changes include (though not all necessary for this specific PR):
- [X] Updates integrations badge icon to `package` on Rules Table
- [ ] Add Kibana Advanced Setting for disabling integrations badge on Rules Table
- [ ] Add loaders where necessary since there can now be API delay
- [ ] Separate description step components to specific files

Please see https://github.com/elastic/kibana/pull/131475 for screenshots and additional details.


#### Steps to test
In this initial implementation these new fields are only visible with Prebuilt Rules, and so there is limited API support and currently no UI for editing them. If a Prebuilt Rule is duplicated, these fields are emptied (set to `''` or `[]`). When a Rule is exported these fields are included (as empty values), and it is possible to edit the `ndjson` and re-import and then see these fields for the Custom Rule (but still not editable in the UI). This is expected behavior, and is actually a nice and easy way to test. 

Here is a sample export you can paste into a `test.ndjson` file and import to test this feature. You can modify the `package`/`version` fields to test corner cases like if a package is installed but it's the wrong version.

```
{"id":"6cc39c80-da3a-11ec-9fce-65c1a0bee904","updated_at":"2022-05-23T01:48:23.422Z","updated_by":"elastic","created_at":"2022-05-23T01:48:20.940Z","created_by":"elastic","name":"Testing #131475, don't mind me...","tags":["Elastic","Endpoint Security"],"interval":"5m","enabled":false,"description":"Generates a detection alert each time an Elastic Endpoint Security alert is received. Enabling this rule allows you to immediately begin investigating your Endpoint alerts.","risk_score":47,"severity":"medium","license":"Elastic License v2","output_index":".siem-signals-default","meta":{"from":"5m"},"rule_name_override":"message","timestamp_override":"event.ingested","author":["Elastic"],"false_positives":[],"from":"now-600s","rule_id":"2c66bf23-6ae9-4eb2-859e-446bea181ae9","max_signals":10000,"risk_score_mapping":[{"field":"event.risk_score","operator":"equals","value":""}],"severity_mapping":[{"field":"event.severity","operator":"equals","severity":"low","value":"21"},{"field":"event.severity","operator":"equals","severity":"medium","value":"47"},{"field":"event.severity","operator":"equals","severity":"high","value":"73"},{"field":"event.severity","operator":"equals","severity":"critical","value":"99"}],"threat":[],"to":"now","references":[],"version":7,"exceptions_list":[{"id":"endpoint_list","list_id":"endpoint_list","namespace_type":"agnostic","type":"endpoint"}],"immutable":false,"related_integrations":[{"package":"system","version":"1.6.4"},{"package":"aws","integration":"cloudtrail","version":"1.11.0"}],"required_fields":[{"ecs":true,"name":"event.code","type":"keyword"},{"ecs":true,"name":"message","type":"match_only_text"},{"ecs":false,"name":"winlog.event_data.AttributeLDAPDisplayName","type":"keyword"},{"ecs":false,"name":"winlog.event_data.AttributeValue","type":"keyword"},{"ecs":false,"name":"winlog.event_data.ShareName","type":"keyword"},{"ecs":false,"name":"winlog.event_data.RelativeTargetName","type":"keyword"},{"ecs":false,"name":"winlog.event_data.AccessList","type":"keyword"}],"setup":"## Config\\n\\nThe 'Audit Detailed File Share' audit policy must be configured (Success Failure).\\nSteps to implement the logging policy with with Advanced Audit Configuration:\\n\\n```\\nComputer Configuration > \\nPolicies > \\nWindows Settings > \\nSecurity Settings > \\nAdvanced Audit Policies Configuration > \\nAudit Policies > \\nObject Access > \\nAudit Detailed File Share (Success,Failure)\\n```\\n\\nThe 'Audit Directory Service Changes' audit policy must be configured (Success Failure).\\nSteps to implement the logging policy with with Advanced Audit Configuration:\\n\\n```\\nComputer Configuration > \\nPolicies > \\nWindows Settings > \\nSecurity Settings > \\nAdvanced Audit Policies Configuration > \\nAudit Policies > \\nDS Access > \\nAudit Directory Service Changes (Success,Failure)\\n```\\n","type":"query","language":"kuery","index":["logs-endpoint.alerts-*"],"query":"event.kind:alert and event.module:(endpoint and not endgame)\\n","filters":[],"throttle":"no_actions","actions":[]}
{"exported_count":1,"exported_rules_count":1,"missing_rules":[],"missing_rules_count":0,"exported_exception_list_count":0,"exported_exception_list_item_count":0,"missing_exception_list_item_count":0,"missing_exception_list_items":[],"missing_exception_lists":[],"missing_exception_lists_count":0}
```
2022-05-25 14:48:21 +02:00
.buildkite Add group 6 to FTR config (#132655) 2022-05-20 13:55:31 -07:00
.ci [CI] Split OSS CI Group 11 (#130927) 2022-04-26 13:07:32 -04:00
.github [ML] Explain log rate spikes: Move API stream demos to Kibana examples. (#132590) 2022-05-24 16:59:31 +02:00
api_docs Update api_docs 2022-05-24 15:50:44 +00:00
config [Unified Search] Move autocomplete logic to unified search plugin (#129977) 2022-04-22 11:02:56 +05:00
dev_docs docs(NA): adds @kbn/ui-shared-deps-src into ops devdocs (#132760) 2022-05-25 03:48:44 +01:00
docs [APM] Remove mentions of apm_user (#132790) 2022-05-25 12:07:00 +02:00
examples [ML] Explain log rate spikes: Move API stream demos to Kibana examples. (#132590) 2022-05-24 16:59:31 +02:00
legacy_rfcs Updates Github link references from master to main (#116789) 2021-10-29 09:53:08 -07:00
licenses Elastic License 2.0 (#90099) 2021-02-03 18:12:39 -08:00
packages Synthtrace: make streamprocessors optional (#132889) 2022-05-25 14:25:12 +02:00
plugins [dev/cli] ensure plugins/ and all watch source dirs exist (#78973) 2020-09-30 10:20:44 -07:00
scripts [docs] Add 'yarn dev-docs' for managing and starting dev docs (#132647) 2022-05-20 13:57:49 -07:00
src [EBT] Call optIn(false) if the telemetry plugin is disabled (#132748) 2022-05-25 13:13:19 +02:00
test [EBT] Call optIn(false) if the telemetry plugin is disabled (#132748) 2022-05-25 13:13:19 +02:00
typings [Osquery] Replace js-sql-parser (#128714) 2022-05-18 12:58:07 +02:00
vars [QA][Code Coverage] Drop dead code (#127057) 2022-03-15 11:57:09 +00:00
x-pack [Security Solution][Detections] Integrates installed integrations into interface (#132847) 2022-05-25 14:48:21 +02:00
.backportrc.json chore(NA): adds backport config for 8.3.0 bump (#128895) 2022-03-30 23:46:04 +01:00
.bazelignore chore(NA): stop grouping bazel out symlink folders (#96066) 2021-04-01 14:16:14 -05:00
.bazeliskversion chore(NA): upgrade bazelisk into v1.11.0 (#125070) 2022-02-09 20:43:57 +00:00
.bazelrc chore(NA): use new and more performant BuildBuddy servers (#130350) 2022-04-18 02:01:38 +01:00
.bazelrc.common chore(NA): upgrade bazel into v5 (#125332) 2022-02-11 20:45:36 +00:00
.bazelversion chore(NA): upgrades bazel to v5.1.1 (#129943) 2022-04-12 02:43:00 +01:00
.browserslistrc [browserslist] remove unnecessary browsers (#89186) 2021-01-25 16:30:18 -07:00
.editorconfig .editorconfig MDX files should follow the same rules as MD (#96942) 2021-04-13 11:40:42 -04:00
.eslintignore chore(NA): rename @elastic/eslint-config-kibana as @kbn/eslint-config (#132278) 2022-05-16 13:02:02 -07:00
.eslintrc.js Add csp.disableUnsafeEval config option to remove the unsafe-eval CSP (#124484) 2022-05-23 11:01:56 -07:00
.fossa.yml Adds FOSSA CLI configuration file (#70137) 2020-07-02 08:37:37 -07:00
.gitattributes [canvas] Color fixes + Storybook 5 (#34075) 2019-04-02 11:21:51 -05:00
.gitignore [jest] automatically determine run order (attempt 2) (#131091) 2022-04-27 11:18:15 -07:00
.i18nrc.json [Shared UX] Adopt multi-package strategy - ExitFullScreenButton (#130355) 2022-04-15 19:12:46 -05:00
.node-version Upgrade Node.js from v16.13.2 to v16.14.2 (#128123) 2022-03-21 07:30:00 -05:00
.npmrc chore(NA): assure puppeteer_skip_chromium_download is applied across every yarn install situation (#88346) 2021-01-14 18:00:23 +00:00
.nvmrc Upgrade Node.js from v16.13.2 to v16.14.2 (#128123) 2022-03-21 07:30:00 -05:00
.prettierignore [dev] Replace sass-lint with stylelint (#86177) 2021-01-15 11:52:29 -06:00
.prettierrc Increase prettier line width to 100 (#20535) 2018-07-09 22:50:37 +02:00
.stylelintignore chore(NA): stop grouping bazel out symlink folders (#96066) 2021-04-01 14:16:14 -05:00
.stylelintrc Amsterdam helpers (#93701) 2021-03-10 10:27:16 -06:00
.telemetryrc.json [Usage collection] Collect non-default kibana configs (#97368) 2021-04-20 11:02:27 -04:00
.yarnrc chore(NA): manage npm dependencies within bazel (#92864) 2021-03-03 12:37:20 -05:00
api-documenter.json Normalize EOL symbol in platform docs (#56021) 2020-01-27 18:42:45 +01:00
BUILD.bazel [build_ts_refs] improve caches, allow building a subset of projects (#107981) 2021-08-10 22:12:45 -07:00
CODE_OF_CONDUCT.md Add CODE_OF_CONDUCT.md (#87439) 2021-02-23 09:01:51 +01:00
CONTRIBUTING.md Update doc slugs to improve analytic tracking, move to appropriate folders (#113630) 2021-10-04 13:36:45 -04:00
FAQ.md propose language changes (#10709) 2017-03-05 12:10:32 -05:00
fleet_packages.json bump endpoint bundled ver to release (#129449) 2022-04-06 12:24:42 -07:00
github_checks_reporter.json implementing github checks - second attempt (#35757) 2019-05-01 16:02:33 -05:00
Jenkinsfile [CI] Disable tracked branch jobs in Jenkins, enable reporting in Buildkite (#112604) 2021-09-21 11:31:15 -04:00
kibana.d.ts fix all violations 2022-04-16 01:37:30 -05:00
LICENSE.txt Elastic License 2.0 (#90099) 2021-02-03 18:12:39 -08:00
nav-kibana-dev.docnav.json docs(NA): adds @kbn/ui-shared-deps-src into ops devdocs (#132760) 2022-05-25 03:48:44 +01:00
NOTICE.txt Update NOTICE.txt 2021-12-31 17:47:12 -08:00
package.json eui to v 55.1.4 (#132832) 2022-05-24 13:01:33 -05:00
preinstall_check.js Elastic License 2.0 (#90099) 2021-02-03 18:12:39 -08:00
README.md [README] Update version Compatibility with Elasticsearch (#116040) 2022-01-10 10:31:21 -05:00
renovate.json Remove broadcast-channel dependency from security plugin (#132427) 2022-05-19 13:48:42 -04:00
RISK_MATRIX.mdx Add "Risk Matrix" section to the PR template (#100649) 2021-06-02 14:43:47 +02:00
SECURITY.md Add security policy to the Kibana repository (#85407) 2020-12-10 09:26:00 -05:00
STYLEGUIDE.mdx remove all references to v7 theme (#113570) 2021-10-29 12:28:42 -05:00
tsconfig.base.json [ML] Explain log rate spikes: Move API stream demos to Kibana examples. (#132590) 2022-05-24 16:59:31 +02:00
tsconfig.bazel.json [build_ts_refs] improve caches, allow building a subset of projects (#107981) 2021-08-10 22:12:45 -07:00
tsconfig.browser.json Introduce TS incremental builds & move src/test_utils to TS project (#76082) 2020-09-03 14:20:04 +02:00
tsconfig.browser_bazel.json [build_ts_refs] improve caches, allow building a subset of projects (#107981) 2021-08-10 22:12:45 -07:00
tsconfig.json Add interactive setup CLI (#114493) 2021-10-20 22:17:45 +01:00
tsconfig.types.json Remove data_enhanced plugin (#122075) 2022-04-29 16:43:59 +02:00
TYPESCRIPT.md Fixed grammar (#74725) 2020-08-11 06:40:22 -04:00
versions.json chore(NA): bump ci versions for 7.17.5 and 8.2.2 (#132842) 2022-05-24 21:03:22 +01:00
WORKSPACE.bazel chore(NA): downgrades rules nodejs into v4.7.0 (#130347) 2022-04-15 04:11:08 +01:00
yarn.lock eui to v 55.1.4 (#132832) 2022-05-24 13:01:33 -05:00

README.md

Kibana

Kibana is your window into the Elastic Stack. Specifically, it's a browser-based analytics and search dashboard for Elasticsearch.

Getting Started

If you just want to try Kibana out, check out the Elastic Stack Getting Started Page to give it a whirl.

If you're interested in diving a bit deeper and getting a taste of Kibana's capabilities, head over to the Kibana Getting Started Page.

Using a Kibana Release

If you want to use a Kibana release in production, give it a test run, or just play around:

Building and Running Kibana, and/or Contributing Code

You might want to build Kibana locally to contribute some code, test out the latest features, or try out an open PR:

Documentation

Visit Elastic.co for the full Kibana documentation.

For information about building the documentation, see the README in elastic/docs.

Version Compatibility with Elasticsearch

Ideally, you should be running Elasticsearch and Kibana with matching version numbers. If your Elasticsearch has an older version number or a newer major number than Kibana, then Kibana will fail to run. If Elasticsearch has a newer minor or patch number than Kibana, then the Kibana Server will log a warning.

Note: The version numbers below are only examples, meant to illustrate the relationships between different types of version numbers.

Situation Example Kibana version Example ES version Outcome
Versions are the same. 7.15.1 7.15.1 💚 OK
ES patch number is newer. 7.15.0 7.15.1 ⚠️ Logged warning
ES minor number is newer. 7.14.2 7.15.0 ⚠️ Logged warning
ES major number is newer. 7.15.1 8.0.0 🚫 Fatal error
ES patch number is older. 7.15.1 7.15.0 ⚠️ Logged warning
ES minor number is older. 7.15.1 7.14.2 🚫 Fatal error
ES major number is older. 8.0.0 7.15.1 🚫 Fatal error

Questions? Problems? Suggestions?

  • If you've found a bug or want to request a feature, please create a GitHub Issue. Please check to make sure someone else hasn't already created an issue for the same topic.
  • Need help using Kibana? Ask away on our Kibana Discuss Forum and a fellow community member or Elastic engineer will be glad to help you out.