github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity
Your window into the Elastic Stack
75204 commits 429 branches 496 tags 23 GiB
Find a file
Pablo Machado b4561e7c3e
[Security Solution] Change risk scoring sum max and simplify risk score calculations (#184638) 
## Summary

* Update the `RISK_SCORING_SUM_MAX` to the appropriate value based
10.000 alerts (read more on the original issue)
* The following risk scoring engine lines can be simplified by no longer
multiplying by 100, and instead using the value above directly. I also
renamed the constants to improve reliability,


I rounded `2.592375848672986` up to `2.5924` so the calculated score
won't go above `100`.

For `10.000` alerts with a risk score of `100` each the calculated risk
score is `99.99906837960884`

Risk score calculation for 10_00 alerts with 100 risk score
![Screenshot 2024-06-03 at 11 56
48](00c876ea-388b-4322-b8f8-19fc65f9f833)

Risk score calculation for 1_000 alerts with 100 risk score
![Screenshot 2024-06-03 at 11 57
29](929746c2-19e9-4da1-b4b1-c6e56edfc77c)



### User Impact
The entity's calculated risk score will slightly increase because we
update the normalisation divisor from 261.2 to 2.5924.




### Checklist

Delete any items that are not applicable to this PR.

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
2024-06-06 14:30:38 +02:00
.buildkite [CI] Fix inverted DRY_RUN behaviour (#184841) 2024-06-05 17:10:00 +02:00
.github [ES|QL] Render a Discover-like table in the assistant instead of a Lens chart (#184106) 2024-06-05 20:20:20 +02:00
api_docs [api-docs] 2024-06-06 Daily api_docs build (#184891) 2024-06-06 05:08:00 +00:00
config Disable bfetch in serverless (#183096) 2024-05-30 16:19:12 -07:00
dev_docs Add documentation for kibana:plugin_render_time (#184206) 2024-05-29 10:09:52 +03:00
docs [DOCS] Stack Management Alerts app (#184384) 2024-06-05 16:12:54 -07:00
examples [Embeddable Rebuild] [Controls] Add control registry + example React control (#182842) 2024-06-05 08:51:37 -06:00
kbn_pm Replace deprecated node-sass with sass #2 (#173942) 2023-12-28 10:35:17 -06:00
legacy_rfcs
licenses build: remove requirement to clone open-source repo (#180715) 2024-04-15 15:10:46 -05:00
oas_docs [OAS] Support tags (#184320) 2024-06-04 17:45:12 +02:00
packages [ObsUX] [Infra] Add missing metrics to Docker container view (#184245) 2024-06-06 12:59:29 +01:00
plugins
scripts [HTTP/OAS] Commit OAS snapshot (#183338) 2024-05-30 06:02:19 -07:00
src [Data grid] Allow consumer to set initial columns (#184880) 2024-06-06 08:08:24 +02:00
test skip flaky suite (#181884) 2024-06-03 21:29:53 +01:00
typings Remove legacy kibana react code editor (#171047) 2024-01-05 14:35:09 +01:00
x-pack [Security Solution] Change risk scoring sum max and simplify risk score calculations (#184638) 2024-06-06 14:30:38 +02:00
.backportrc.json chore(NA): adds 8.15 into backportrc (#181082) 2024-04-17 21:28:21 +01:00
.bazelignore Remove references to deleted .ci folder (#177168) 2024-02-20 19:54:21 +01:00
.bazeliskversion
.bazelrc
.bazelrc.common
.bazelversion
.browserslistrc Add Firefox ESR to browserlistrc (#184462) 2024-05-29 17:53:18 -05:00
.editorconfig
.eslintignore [ES|QL] New @kbn/esql-services package (#179029) 2024-03-27 14:39:48 +01:00
.eslintrc.js [i18n][system upgrade] Upgrade Intl Packages from v2 to v6 (#179506) 2024-06-02 16:50:33 +03:00
.gitattributes
.gitignore [Moving] Move APM and APM_Data_Access folders into /x-pack/observability_solution/ (#177433) 2024-02-23 09:56:21 -07:00
.i18nrc.json [ES|QL] Render a Discover-like table in the assistant instead of a Lens chart (#184106) 2024-06-05 20:20:20 +02:00
.node-version Upgrade Node.js to v20.13.1 (#183345) 2024-05-14 12:11:56 -07:00
.npmrc [npmrc] Fix puppeteer_skip_download configuration (#177673) 2024-02-22 18:59:01 -07:00
.nvmrc Upgrade Node.js to v20.13.1 (#183345) 2024-05-14 12:11:56 -07:00
.prettierignore
.prettierrc
.puppeteerrc Add .puppeteerrc (#179847) 2024-04-03 09:14:39 -05:00
.stylelintignore
.stylelintrc
.telemetryrc.json [Telemetry] Fix telemetry-tools TS parser for packages (#149819) 2023-01-31 04:09:09 +03:00
.yarnrc
BUILD.bazel
catalog-info.yaml [BK] Add template for pipeline defs (#180189) 2024-04-08 11:21:28 +02:00
CODE_OF_CONDUCT.md
CONTRIBUTING.md
FAQ.md
fleet_packages.json [main] Sync bundled packages with Package Storage (#184748) 2024-06-04 09:17:30 -07:00
github_checks_reporter.json
kibana.d.ts
LICENSE.txt
nav-kibana-dev.docnav.json [dev docs] How to set up cross cluster search locally (#182025) 2024-04-30 12:46:21 -05:00
NOTICE.txt Copy assets from appropriate directory for kbn-monaco (#178669) 2024-03-21 16:29:20 +01:00
package.json Update dependency @elastic/charts to v65.2.0 (main) (#184771) 2024-06-05 16:44:08 -07:00
preinstall_check.js Always throw error objects - never strings (#171498) 2023-11-20 09:23:16 -05:00
README.md
renovate.json Update renovate config (#184785) 2024-06-05 10:57:53 -07:00
RISK_MATRIX.mdx
run_fleet_setup_parallel.sh [Fleet] Prevent concurrent runs of Fleet setup (#183636) 2024-05-31 16:38:51 +02:00
SECURITY.md
sonar-project.properties [ci] Run sonarqube daily (#173961) 2024-01-03 15:43:29 -06:00
STYLEGUIDE.mdx
tsconfig.base.json [ES|QL] Render a Discover-like table in the assistant instead of a Lens chart (#184106) 2024-06-05 20:20:20 +02:00
tsconfig.browser.json
tsconfig.browser_bazel.json
tsconfig.json
TYPESCRIPT.md
versions.json chore(NA): update versions after v8.14.1 bump (#184848) 2024-06-05 20:05:17 +01:00
WORKSPACE.bazel Upgrade Node.js to v20.13.1 (#183345) 2024-05-14 12:11:56 -07:00
yarn.lock Update dependency @elastic/charts to v65.2.0 (main) (#184771) 2024-06-05 16:44:08 -07:00

README.md

Kibana

Kibana is your window into the Elastic Stack. Specifically, it's a browser-based analytics and search dashboard for Elasticsearch.

Getting Started

If you just want to try Kibana out, check out the Elastic Stack Getting Started Page to give it a whirl.

If you're interested in diving a bit deeper and getting a taste of Kibana's capabilities, head over to the Kibana Getting Started Page.

Using a Kibana Release

If you want to use a Kibana release in production, give it a test run, or just play around:

Building and Running Kibana, and/or Contributing Code

You might want to build Kibana locally to contribute some code, test out the latest features, or try out an open PR:

Documentation

Visit Elastic.co for the full Kibana documentation.

For information about building the documentation, see the README in elastic/docs.

Version Compatibility with Elasticsearch

Ideally, you should be running Elasticsearch and Kibana with matching version numbers. If your Elasticsearch has an older version number or a newer major number than Kibana, then Kibana will fail to run. If Elasticsearch has a newer minor or patch number than Kibana, then the Kibana Server will log a warning.

Note: The version numbers below are only examples, meant to illustrate the relationships between different types of version numbers.

Situation Example Kibana version Example ES version Outcome
Versions are the same. 7.15.1 7.15.1 💚 OK
ES patch number is newer. 7.15.0 7.15.1 ⚠️ Logged warning
ES minor number is newer. 7.14.2 7.15.0 ⚠️ Logged warning
ES major number is newer. 7.15.1 8.0.0 🚫 Fatal error
ES patch number is older. 7.15.1 7.15.0 ⚠️ Logged warning
ES minor number is older. 7.15.1 7.14.2 🚫 Fatal error
ES major number is older. 8.0.0 7.15.1 🚫 Fatal error

Questions? Problems? Suggestions?

  • If you've found a bug or want to request a feature, please create a GitHub Issue. Please check to make sure someone else hasn't already created an issue for the same topic.
  • Need help using Kibana? Ask away on our Kibana Discuss Forum and a fellow community member or Elastic engineer will be glad to help you out.