mirror of
https://github.com/elastic/kibana.git
synced 2025-06-27 18:51:07 -04:00
Your window into the Elastic Stack
64df229998
Closes https://github.com/elastic/kibana/issues/179173. ## Rule type A dedicated stack rule type was created `datasetQuality.degradedDocs`. <img width="1759" alt="image" src="https://github.com/user-attachments/assets/5004a08d-6f12-4f5e-b27f-5f4db242dcf0" /> <img width="2318" alt="image" src="https://github.com/user-attachments/assets/f8b2664a-f1c6-48c5-a617-c6f1b79bf0f7" /> This new rule is aggregated by default using `_index` and could be further configured by the user (e.g. user can also aggregate by `cloud.provider`). A new rule type was needed to be created since there is no actual way to aggregate all documents in a dataStream if we use a DataView like `logs-*-*`. Inside datasStream documents there is no indication about the dataStream where they belong to, instead we just have `_index` which contains backingIndexName instead of actual index. It's important to note, that this rule type is also visible from `Observability > Alerts`, which is useful specially for serverless. https://github.com/user-attachments/assets/000aee51-4895-4f4c-9484-924ace4325c5 ## Role Based Access-Control (RBAC) RBAC for dataset quality alerts is defined within dataQuality kibana feature. We have three privileges defined: 1. `all`: This privilege now contains a subFeature `manage_rules` that will allow for more granularity on alerting level. It's by default assigned to `all` but can be disabled. 2. `read`: This privilege is only related to serverless (when we don't have yet custom roles). https://github.com/user-attachments/assets/70ed5bde-bf45-4024-b448-228799fcaf71 3. `none`: This privilege is only relevant for stateful (in serverless we don't have custom roles). ## 🎥 Demo ### Serverless #### `all` privileges https://github.com/user-attachments/assets/8dad6e30-a261-4a69-979f-6dfc2a41c888 #### `read` privileges https://github.com/user-attachments/assets/e1cb108d-22a0-4e7f-b252-9cc12d1e9d65 ### Stateful #### `all` privileges https://github.com/user-attachments/assets/d96f3b70-35b2-466b-aa59-a07190d24d93 #### `all` privileges with subFeature disabled https://github.com/user-attachments/assets/808ab811-9320-43e4-b2a6-06d530a78b82 #### `none` privileges (Stateful) https://github.com/user-attachments/assets/18f2a2d6-d825-4713-acea-0d72f451e9ab ## How to test? 1. run synthrace scenario `degraded_logs` in live mode ``` node scripts/synthtrace degraded_logs --live ``` 2. Open dataset quality page (/app/management/data/data_quality) 3. Select `synth.3` dataset (/app/management/data/data_quality/details?pageState=(dataStream:logs-synth.3-default) 4. Click on `Actions` and then select `Create rule` 5. Fill out the alert form 6. Go to `Observability > Alerts` or `Stack management > Alerts` (/app/observability/alerts) ## Release note Adds the Create alert rule action to dataset quality page and dataset quality details. This allows you to generate an alert when the percentage of degraded docs on the chart crosses a certain threshold. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Aleh Zasypkin <aleh.zasypkin@elastic.co> Co-authored-by: Faisal Kanout <faisal.kanout@elastic.co> |
||
|---|---|---|
| .buildkite | ||
| .devcontainer | ||
| .github | ||
| api_docs | ||
| config | ||
| dev_docs | ||
| docs | ||
| examples | ||
| kbn_pm | ||
| legacy_rfcs | ||
| licenses | ||
| oas_docs | ||
| packages | ||
| plugins | ||
| scripts | ||
| src | ||
| typings | ||
| x-pack | ||
| .backportrc.json | ||
| .bazelignore | ||
| .bazeliskversion | ||
| .bazelrc | ||
| .bazelrc.common | ||
| .bazelversion | ||
| .browserslistrc | ||
| .editorconfig | ||
| .eslintignore | ||
| .eslintrc.js | ||
| .gitattributes | ||
| .gitignore | ||
| .i18nrc.json | ||
| .node-version | ||
| .npmrc | ||
| .nvmrc | ||
| .prettierignore | ||
| .prettierrc | ||
| .puppeteerrc | ||
| .stylelintignore | ||
| .stylelintrc | ||
| .telemetryrc.json | ||
| .yarnrc | ||
| BUILD.bazel | ||
| catalog-info.yaml | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| FAQ.md | ||
| fleet_packages.json | ||
| github_checks_reporter.json | ||
| kibana.d.ts | ||
| LICENSE.txt | ||
| NOTICE.txt | ||
| package.json | ||
| preinstall_check.js | ||
| README.md | ||
| renovate.json | ||
| RISK_MATRIX.mdx | ||
| run_fleet_setup_parallel.sh | ||
| SECURITY.md | ||
| sonar-project.properties | ||
| STYLEGUIDE.mdx | ||
| tsconfig.base.json | ||
| tsconfig.browser.json | ||
| tsconfig.browser_bazel.json | ||
| tsconfig.json | ||
| TYPESCRIPT.md | ||
| updatecli-compose.yaml | ||
| versions.json | ||
| WORKSPACE.bazel | ||
| yarn.lock | ||
Kibana
Kibana is your window into the Elastic Stack. Specifically, it's a browser-based analytics and search dashboard for Elasticsearch.
- Getting Started
- Documentation
- Version Compatibility with Elasticsearch
- Questions? Problems? Suggestions?
Getting Started
If you just want to try Kibana out, check out the Elastic Stack Getting Started Page to give it a whirl.
If you're interested in diving a bit deeper and getting a taste of Kibana's capabilities, head over to the Kibana Getting Started Page.
Using a Kibana Release
If you want to use a Kibana release in production, give it a test run, or just play around:
- Download the latest version on the Kibana Download Page.
- Learn more about Kibana's features and capabilities on the Kibana Product Page.
- We also offer a hosted version of Kibana on our Cloud Service.
Building and Running Kibana, and/or Contributing Code
You might want to build Kibana locally to contribute some code, test out the latest features, or try out an open PR:
- CONTRIBUTING.md will help you get Kibana up and running.
- If you would like to contribute code, please follow our STYLEGUIDE.mdx.
- For all other questions, check out the FAQ.md and wiki.
Documentation
Visit Elastic.co for the full Kibana documentation.
For information about building the documentation, see the README in elastic/docs.
Version Compatibility with Elasticsearch
Ideally, you should be running Elasticsearch and Kibana with matching version numbers. If your Elasticsearch has an older version number or a newer major number than Kibana, then Kibana will fail to run. If Elasticsearch has a newer minor or patch number than Kibana, then the Kibana Server will log a warning.
Note: The version numbers below are only examples, meant to illustrate the relationships between different types of version numbers.
| Situation | Example Kibana version | Example ES version | Outcome |
|---|---|---|---|
| Versions are the same. | 7.15.1 | 7.15.1 | 💚 OK |
| ES patch number is newer. | 7.15.0 | 7.15.1 | ⚠️ Logged warning |
| ES minor number is newer. | 7.14.2 | 7.15.0 | ⚠️ Logged warning |
| ES major number is newer. | 7.15.1 | 8.0.0 | 🚫 Fatal error |
| ES patch number is older. | 7.15.1 | 7.15.0 | ⚠️ Logged warning |
| ES minor number is older. | 7.15.1 | 7.14.2 | 🚫 Fatal error |
| ES major number is older. | 8.0.0 | 7.15.1 | 🚫 Fatal error |
Questions? Problems? Suggestions?
- If you've found a bug or want to request a feature, please create a GitHub Issue. Please check to make sure someone else hasn't already created an issue for the same topic.
- Need help using Kibana? Ask away on our Kibana Discuss Forum and a fellow community member or Elastic engineer will be glad to help you out.