mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00

Your window into the Elastic Stack

dashboards elasticsearch hacktoberfest kibana metrics observability visualizations

Find a file

Konrad Szwarc 8166d18a37 [EDR Workflows][API] Gate Agent Tamper Protection setting on Agent Policy Settings (#174400 ) This PR is part of an effort to limit EDR Workflow features to the Endpoint Complete tier on serverless and focuses on server skde part of gating Agent Tamper Protection. Related PRs: https://github.com/elastic/kibana/pull/174278 https://github.com/elastic/kibana/pull/175129 We decided to stick with the existing Fleet privileges for this component, and no extra changes are needed RBAC wise (confirmed with @roxana-gheorghe). Plugin/Policy Watcher Changes: To monitor agent policies for a downgrade in tier (from complete to essentials) and disable agent protections if enabled, the following steps have been taken: 1. A new app feature, `endpoint_agent_tamper_protection`, has been introduced and linked to the `endpoint:complete` tier. 2. An additional method, `bumpRevision`, has been exposed in the fleet's agent policy service. This method utilizes the service's internal update function and includes a `disable_protection` flag, allowing it to be used without further modifications. 3. The security solution side calls this method upon successful fleet plugin setup. If the `endpoint_agent_tamper_protection` app feature is not enabled, it retrieves all agent policies with `is_protected: true` and updates these policies with `is_protected: false`. API Changes: To respond to attempts to activate agent protection via the API by users on the Essentials tier, the following steps have been taken: 1. External callback functionality has been added to the agentPolicy service, following the implementation in packagePolicy. 2. Update and create agent policy callbacks have been registered in the security solution. These callbacks check for the enabled status of the `endpoint_agent_tamper_protection` app feature. If disabled, the callback throws an error. 3. External callback execution has been added to the update and create methods in agent policy route handlers. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>		2024-02-01 14:35:40 -07:00
.buildkite	Fix typo in referenced variable (#176039 )	2024-02-01 09:47:06 +01:00
.github	[ML] Add support for ES\|QL in Data visualizer (#174188 )	2024-01-31 12:52:31 -06:00
api_docs	[api-docs] 2024-01-31 Daily api_docs build (#175951 )	2024-01-31 01:03:55 -05:00
config	console: introduce config to enable/disable embedded console (#175736 )	2024-01-30 14:58:08 -06:00
dev_docs
docs	[Response Ops][Actions] Adding configuration to override default MS Graph API Scope and Exchange URL values (#175812 )	2024-02-01 12:41:52 -05:00
examples	Upgrade EUI to v92.2.1 (#175849 )	2024-01-30 08:54:10 -08:00
kbn_pm
legacy_rfcs
licenses
packages	[Security Solution][Flyout] Use kbn url storage provider, housekeeping (#175882 )	2024-02-01 12:58:14 -07:00
plugins
scripts	[Ops] Create CLI for rewriting buildkite agent targeting rules (#174688 )	2024-01-18 10:29:08 +01:00
src	[Discover] Fix overwriting data view id when loading a saved search with ES\|QL (#175769 )	2024-02-01 12:48:43 -07:00
test	skip failing es promotion suite (#176109 )	2024-02-01 21:07:14 +00:00
typings
x-pack	[EDR Workflows][API] Gate Agent Tamper Protection setting on Agent Policy Settings (#174400 )	2024-02-01 14:35:40 -07:00
.backportrc.json
.bazelignore
.bazeliskversion
.bazelrc
.bazelrc.common
.bazelversion
.browserslistrc
.editorconfig
.eslintignore	Remove Gainsight from cloud plugin (#172318 )	2024-01-09 10:21:56 +00:00
.eslintrc.js	[Security Solution] Data quality dashboard persistence (#173185 )	2024-01-24 10:20:49 -07:00
.gitattributes
.gitignore
.i18nrc.json	[Lens] Prevent overwriting managed content from editor (#175062 )	2024-01-24 09:06:05 -06:00
.node-version
.npmrc
.nvmrc
.prettierignore
.prettierrc
.stylelintignore
.stylelintrc
.telemetryrc.json
.yarnrc
BUILD.bazel
catalog-info.yaml
CODE_OF_CONDUCT.md
CONTRIBUTING.md
FAQ.md
fleet_packages.json	[main] Sync bundled packages with Package Storage (#175557 )	2024-01-25 12:16:51 -05:00
github_checks_reporter.json
kibana.d.ts
LICENSE.txt
nav-kibana-dev.docnav.json
NOTICE.txt	Remove Gainsight from cloud plugin (#172318 )	2024-01-09 10:21:56 +00:00
package.json	Update cypress (main) (#173228 )	2024-02-01 12:23:24 +01:00
preinstall_check.js
README.md
renovate.json	Remove Infra Monitoring UI team (#175745 )	2024-01-30 13:33:57 -06:00
RISK_MATRIX.mdx
SECURITY.md
sonar-project.properties
STYLEGUIDE.mdx
tsconfig.base.json	[ML] Add support for ES\|QL in Data visualizer (#174188 )	2024-01-31 12:52:31 -06:00
tsconfig.browser.json
tsconfig.browser_bazel.json
tsconfig.json
TYPESCRIPT.md
versions.json	chore(NA): update versions after v7.17.18 bump (#175303 )	2024-01-24 06:45:23 +00:00
WORKSPACE.bazel	Upgrade yarn to 1.22.21 in WORKSPACE.bazel (#175632 )	2024-01-25 14:39:36 -06:00
yarn.lock	Update cypress (main) (#173228 )	2024-02-01 12:23:24 +01:00

README.md

Kibana

Kibana is your window into the Elastic Stack. Specifically, it's a browser-based analytics and search dashboard for Elasticsearch.

Getting Started
- Using a Kibana Release
- Building and Running Kibana, and/or Contributing Code
Documentation
Version Compatibility with Elasticsearch
Questions? Problems? Suggestions?

Getting Started

If you just want to try Kibana out, check out the Elastic Stack Getting Started Page to give it a whirl.

If you're interested in diving a bit deeper and getting a taste of Kibana's capabilities, head over to the Kibana Getting Started Page.

Using a Kibana Release

If you want to use a Kibana release in production, give it a test run, or just play around:

Download the latest version on the Kibana Download Page.
Learn more about Kibana's features and capabilities on the Kibana Product Page.
We also offer a hosted version of Kibana on our Cloud Service.

Building and Running Kibana, and/or Contributing Code

You might want to build Kibana locally to contribute some code, test out the latest features, or try out an open PR:

CONTRIBUTING.md will help you get Kibana up and running.
If you would like to contribute code, please follow our STYLEGUIDE.mdx.
For all other questions, check out the FAQ.md and wiki.

Documentation

Visit Elastic.co for the full Kibana documentation.

For information about building the documentation, see the README in elastic/docs.

Version Compatibility with Elasticsearch

Ideally, you should be running Elasticsearch and Kibana with matching version numbers. If your Elasticsearch has an older version number or a newer major number than Kibana, then Kibana will fail to run. If Elasticsearch has a newer minor or patch number than Kibana, then the Kibana Server will log a warning.

Note: The version numbers below are only examples, meant to illustrate the relationships between different types of version numbers.

Situation	Example Kibana version	Example ES version	Outcome
Versions are the same.	7.15.1	7.15.1	💚 OK
ES patch number is newer.	7.15.0	7.15.1	⚠️ Logged warning
ES minor number is newer.	7.14.2	7.15.0	⚠️ Logged warning
ES major number is newer.	7.15.1	8.0.0	🚫 Fatal error
ES patch number is older.	7.15.1	7.15.0	⚠️ Logged warning
ES minor number is older.	7.15.1	7.14.2	🚫 Fatal error
ES major number is older.	8.0.0	7.15.1	🚫 Fatal error

Questions? Problems? Suggestions?

If you've found a bug or want to request a feature, please create a GitHub Issue. Please check to make sure someone else hasn't already created an issue for the same topic.
Need help using Kibana? Ask away on our Kibana Discuss Forum and a fellow community member or Elastic engineer will be glad to help you out.