mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00

Your window into the Elastic Stack

dashboards elasticsearch hacktoberfest kibana metrics observability visualizations

Find a file

Kibana Machine c1818d3454 [8.5] [Security Solution][Bug fix] alerts table over 10k results (#145441 ) (#145481 ) # Backport This will backport the following commits from `main` to `8.5`: - [[Security Solution][Bug fix] alerts table over 10k results (#145441)](https://github.com/elastic/kibana/pull/145441) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"christineweng","email":"18648970+christineweng@users.noreply.github.com"},"sourceCommit":{"committedDate":"2022-11-16T23:38:43Z","message":"[Security Solution][Bug fix] alerts table over 10k results (#145441)\n\nThis PR aims to address:\r\n- https://github.com/elastic/kibana/issues/142965\r\n\r\n### Background\r\nOn Alerts page -> Events table -> Event Rendered view, when there are\r\nover 10,000 alerts, upon clicking the last page, a warning message\r\nappears.\r\n\r\n<img width=\"800\" alt=\"image\"\r\nsrc=\"https://user-images.githubusercontent.com/18648970/202265598-5d9d657c-4918-408e-9f92-bcaafc904757.png\">\r\n\r\nThe pop up is expected behavior according to documentation from:\r\nhttps://www.elastic.co/guide/en/elasticsearch/reference/current/paginate-search-results.html\r\n.\r\n\r\n> By default, you cannot use from and size to page through more than\r\n10,000 hits. This limit is a safeguard set by the\r\n[index.max_result_window](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-modules.html#index-max-result-window)\r\nindex setting.\r\n\r\n\r\n### After\r\nCurrently the Grid view has a safeguard in place, where if there are\r\nmore than 10k results, it will not show the last page, hence preventing\r\nuser from clicking it and seeing the error pop up.\r\n- This PR applies the same approach by wrapping the `EventRenderView`\r\ncomponent with the `EuiDataGridContainer`.\r\n- This PR also renamed `EuiDataGridContainer` to\r\n`EuiEventTableContainer` to indicate broader use.\r\n\r\nWhen there are over 10k records, last page is not available in\r\npagination, and it is the same in Event Rendered View as in Grid view:\r\n\r\n\r\n\r\n\r\nhttps://user-images.githubusercontent.com/18648970/202271379-309cbb3c-5da6-4c46-9814-beeca39d1f36.mov","sha":"3c77ec063387ee1c7545774d069f134d55eabe2b","branchLabelMapping":{"^v8.7.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","v6.8.6","Team:Threat Hunting","Team: SecuritySolution","Team:Threat Hunting:Investigations","v8.7.0"],"number":145441,"url":"https://github.com/elastic/kibana/pull/145441","mergeCommit":{"message":"[Security Solution][Bug fix] alerts table over 10k results (#145441)\n\nThis PR aims to address:\r\n- https://github.com/elastic/kibana/issues/142965\r\n\r\n### Background\r\nOn Alerts page -> Events table -> Event Rendered view, when there are\r\nover 10,000 alerts, upon clicking the last page, a warning message\r\nappears.\r\n\r\n<img width=\"800\" alt=\"image\"\r\nsrc=\"https://user-images.githubusercontent.com/18648970/202265598-5d9d657c-4918-408e-9f92-bcaafc904757.png\">\r\n\r\nThe pop up is expected behavior according to documentation from:\r\nhttps://www.elastic.co/guide/en/elasticsearch/reference/current/paginate-search-results.html\r\n.\r\n\r\n> By default, you cannot use from and size to page through more than\r\n10,000 hits. This limit is a safeguard set by the\r\n[index.max_result_window](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-modules.html#index-max-result-window)\r\nindex setting.\r\n\r\n\r\n### After\r\nCurrently the Grid view has a safeguard in place, where if there are\r\nmore than 10k results, it will not show the last page, hence preventing\r\nuser from clicking it and seeing the error pop up.\r\n- This PR applies the same approach by wrapping the `EventRenderView`\r\ncomponent with the `EuiDataGridContainer`.\r\n- This PR also renamed `EuiDataGridContainer` to\r\n`EuiEventTableContainer` to indicate broader use.\r\n\r\nWhen there are over 10k records, last page is not available in\r\npagination, and it is the same in Event Rendered View as in Grid view:\r\n\r\n\r\n\r\n\r\nhttps://user-images.githubusercontent.com/18648970/202271379-309cbb3c-5da6-4c46-9814-beeca39d1f36.mov","sha":"3c77ec063387ee1c7545774d069f134d55eabe2b"}},"sourceBranch":"main","suggestedTargetBranches":["6.8"],"targetPullRequestStates":[{"branch":"6.8","label":"v6.8.6","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.7.0","labelRegex":"^v8.7.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/145441","number":145441,"mergeCommit":{"message":"[Security Solution][Bug fix] alerts table over 10k results (#145441)\n\nThis PR aims to address:\r\n- https://github.com/elastic/kibana/issues/142965\r\n\r\n### Background\r\nOn Alerts page -> Events table -> Event Rendered view, when there are\r\nover 10,000 alerts, upon clicking the last page, a warning message\r\nappears.\r\n\r\n<img width=\"800\" alt=\"image\"\r\nsrc=\"https://user-images.githubusercontent.com/18648970/202265598-5d9d657c-4918-408e-9f92-bcaafc904757.png\">\r\n\r\nThe pop up is expected behavior according to documentation from:\r\nhttps://www.elastic.co/guide/en/elasticsearch/reference/current/paginate-search-results.html\r\n.\r\n\r\n> By default, you cannot use from and size to page through more than\r\n10,000 hits. This limit is a safeguard set by the\r\n[index.max_result_window](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-modules.html#index-max-result-window)\r\nindex setting.\r\n\r\n\r\n### After\r\nCurrently the Grid view has a safeguard in place, where if there are\r\nmore than 10k results, it will not show the last page, hence preventing\r\nuser from clicking it and seeing the error pop up.\r\n- This PR applies the same approach by wrapping the `EventRenderView`\r\ncomponent with the `EuiDataGridContainer`.\r\n- This PR also renamed `EuiDataGridContainer` to\r\n`EuiEventTableContainer` to indicate broader use.\r\n\r\nWhen there are over 10k records, last page is not available in\r\npagination, and it is the same in Event Rendered View as in Grid view:\r\n\r\n\r\n\r\n\r\nhttps://user-images.githubusercontent.com/18648970/202271379-309cbb3c-5da6-4c46-9814-beeca39d1f36.mov","sha":"3c77ec063387ee1c7545774d069f134d55eabe2b"}}]}] BACKPORT--> Co-authored-by: christineweng <18648970+christineweng@users.noreply.github.com>		2022-11-16 18:50:21 -07:00
.buildkite	[8.5] [ci] Set elasticsearch snapshot build timeout (#144831 ) (#144835 )	2022-11-08 12:41:30 -07:00
.ci	[8.5] Bump node to 16.18.1 (#144751 ) (#144825 )	2022-11-08 10:24:26 -07:00
.github	remove codeowners from 8.5	2022-11-07 05:52:56 -06:00
api_docs	[8.5] [Enterprise Search] Remove unused `crawlerGettingStarted` doclink (#143690 ) (#143737 )	2022-10-20 15:31:37 +02:00
config	[Unified Search] Move autocomplete logic to unified search plugin (#129977 )	2022-04-22 11:02:56 +05:00
dev_docs	remove invalid document ids	2022-09-13 12:16:47 -05:00
docs	[8.5] [DOCS] Fix link in Kibana Add Data (#145480 ) (#145498 )	2022-11-16 20:21:42 -05:00
examples	[ML] Explain Log Rate Spikes: Fix uncompressed streams and backpressure handling. (#142970 ) (#144396 )	2022-11-02 03:50:27 -07:00
kbn_pm	[kbn/pm] add hidden script for migration purposes (#140554 )	2022-09-12 14:01:51 -07:00
legacy_rfcs	rename @elastic/* packages to @kbn/* (#138957 )	2022-08-18 08:54:42 -07:00
licenses	Elastic License 2.0 (#90099 )	2021-02-03 18:12:39 -08:00
packages	[8.5] Upgrade `loader-utils` dependency (`1.1.3` → `2.0.3`). (#144879 ) (#144917 )	2022-11-09 11:17:53 -07:00
plugins	[dev/cli] ensure plugins/ and all watch source dirs exist (#78973 )	2020-09-30 10:20:44 -07:00
scripts	[Archive Migration] xpack example pipelines (#140789 )	2022-09-19 21:10:12 +01:00
src	[8.5] [Discover] Improve performance of getFieldsToShow (#144672 ) (#145424 )	2022-11-16 11:55:47 -07:00
test	skip failing test suite (#132865 )	2022-11-15 13:24:18 -05:00
typings	[Osquery] Replace js-sql-parser (#128714 )	2022-05-18 12:58:07 +02:00
vars	[Synthetics] Fix e2e (#137194 )	2022-07-26 17:40:07 -04:00
x-pack	[8.5] [Security Solution][Bug fix] alerts table over 10k results (#145441 ) (#145481 )	2022-11-16 18:50:21 -07:00
.backportrc.json	chore(NA): adds backport config for 8.5.0 bump (#137298 )	2022-07-27 16:51:23 +01:00
.bazelignore	Bazel config maintenance (#135442 )	2022-07-05 10:20:26 -05:00
.bazeliskversion	chore(NA): upgrade bazelisk into v1.11.0 (#125070 )	2022-02-09 20:43:57 +00:00
.bazelrc	chore(NA): use new and more performant BuildBuddy servers (#130350 )	2022-04-18 02:01:38 +01:00
.bazelrc.common	chore(NA): upgrade bazel into v5 (#125332 )	2022-02-11 20:45:36 +00:00
.bazelversion	chore(NA): revert bazel upgrade for v5.2.0 (#135096 )	2022-06-24 03:57:21 +01:00
.browserslistrc	[browserslist] remove unnecessary browsers (#89186 )	2021-01-25 16:30:18 -07:00
.editorconfig	`.editorconfig` MDX files should follow the same rules as MD (#96942 )	2021-04-13 11:40:42 -04:00
.eslintignore	chore(NA): rename @elastic/eslint-config-kibana as @kbn/eslint-config (#132278 )	2022-05-16 13:02:02 -07:00
.eslintrc.js	[Response Ops] [Connectors] Move connectors to own plugin (#139867 )	2022-09-15 15:50:15 -04:00
.gitattributes
.gitignore	chore(NA): include .ijwb folder into the .gitignore file (#144755 ) (#144758 )	2022-11-07 18:33:18 -07:00
.i18nrc.json	[Table list view] Improve UX (phase 1) (#135892 )	2022-09-19 12:29:23 +02:00
.node-version	[8.5] Bump node to 16.18.1 (#144751 ) (#144825 )	2022-11-08 10:24:26 -07:00
.npmrc	chore(NA): assure puppeteer_skip_chromium_download is applied across every yarn install situation (#88346 )	2021-01-14 18:00:23 +00:00
.nvmrc	[8.5] Bump node to 16.18.1 (#144751 ) (#144825 )	2022-11-08 10:24:26 -07:00
.prettierignore	[dev] Replace sass-lint with stylelint (#86177 )	2021-01-15 11:52:29 -06:00
.prettierrc
.stylelintignore	chore(NA): stop grouping bazel out symlink folders (#96066 )	2021-04-01 14:16:14 -05:00
.stylelintrc	Bump stylelint to ^14 (#136693 )	2022-07-20 10:11:00 -05:00
.telemetryrc.json	[Usage collection] Collect non-default kibana configs (#97368 )	2021-04-20 11:02:27 -04:00
.yarnrc	chore(NA): manage npm dependencies within bazel (#92864 )	2021-03-03 12:37:20 -05:00
BUILD.bazel	[build_ts_refs] improve caches, allow building a subset of projects (#107981 )	2021-08-10 22:12:45 -07:00
CODE_OF_CONDUCT.md	Add CODE_OF_CONDUCT.md (#87439 )	2021-02-23 09:01:51 +01:00
CONTRIBUTING.md	Update doc slugs to improve analytic tracking, move to appropriate folders (#113630 )	2021-10-04 13:36:45 -04:00
FAQ.md	Fix small typos in the root md files (#134609 )	2022-06-23 09:36:11 -05:00
fleet_packages.json	[8.5] Sync bundled packages with Package Storage (#144692 )	2022-11-10 13:05:00 -07:00
github_checks_reporter.json	implementing github checks - second attempt (#35757 )	2019-05-01 16:02:33 -05:00
Jenkinsfile	[CI] Disable tracked branch jobs in Jenkins, enable reporting in Buildkite (#112604 )	2021-09-21 11:31:15 -04:00
kibana.d.ts	fix all violations	2022-04-16 01:37:30 -05:00
LICENSE.txt	Elastic License 2.0 (#90099 )	2021-02-03 18:12:39 -08:00
nav-kibana-dev.docnav.json	Add August newsletter (#140129 )	2022-09-06 16:08:27 -04:00
NOTICE.txt	[build] update notice generation (#138860 )	2022-08-17 06:23:10 -05:00
package.json	chore(NA): bump version to 8.5.2 (#145253 )	2022-11-16 02:34:41 +00:00
preinstall_check.js	Elastic License 2.0 (#90099 )	2021-02-03 18:12:39 -08:00
README.md	[README] Update version Compatibility with Elasticsearch (#116040 )	2022-01-10 10:31:21 -05:00
renovate.json	[Profiling] Move additional flamegraph calculations into UI (#142415 ) (#142747 )	2022-10-05 07:32:39 -07:00
RISK_MATRIX.mdx	Add "Risk Matrix" section to the PR template (#100649 )	2021-06-02 14:43:47 +02:00
SECURITY.md	Add security policy to the Kibana repository (#85407 )	2020-12-10 09:26:00 -05:00
STYLEGUIDE.mdx	[styleguide] update path to scss theme (#140742 )	2022-09-15 10:41:14 -04:00
tsconfig.base.json	A/B Testing via LaunchDarkly (#139212 )	2022-09-20 04:36:17 -07:00
tsconfig.bazel.json	[build_ts_refs] improve caches, allow building a subset of projects (#107981 )	2021-08-10 22:12:45 -07:00
tsconfig.browser.json	Introduce TS incremental builds & move src/test_utils to TS project (#76082 )	2020-09-03 14:20:04 +02:00
tsconfig.browser_bazel.json	[build_ts_refs] improve caches, allow building a subset of projects (#107981 )	2021-08-10 22:12:45 -07:00
tsconfig.json	Add interactive setup CLI (#114493 )	2021-10-20 22:17:45 +01:00
tsconfig.types.json	[type-summarizer] reimplement for broader support (#135163 )	2022-07-06 13:48:45 -05:00
TYPESCRIPT.md	Fix small typos in the root md files (#134609 )	2022-06-23 09:36:11 -05:00
versions.json	Bumps version manifest for 8.4 to 8.4.3 (#141115 )	2022-09-20 09:34:49 -07:00
WORKSPACE.bazel	[8.5] Bump node to 16.18.1 (#144751 ) (#144825 )	2022-11-08 10:24:26 -07:00
yarn.lock	[8.5] Upgrade `loader-utils` dependency (`1.1.3` → `2.0.3`). (#144879 ) (#144917 )	2022-11-09 11:17:53 -07:00

README.md

Kibana

Kibana is your window into the Elastic Stack. Specifically, it's a browser-based analytics and search dashboard for Elasticsearch.

Getting Started
- Using a Kibana Release
- Building and Running Kibana, and/or Contributing Code
Documentation
Version Compatibility with Elasticsearch
Questions? Problems? Suggestions?

Getting Started

If you just want to try Kibana out, check out the Elastic Stack Getting Started Page to give it a whirl.

If you're interested in diving a bit deeper and getting a taste of Kibana's capabilities, head over to the Kibana Getting Started Page.

Using a Kibana Release

If you want to use a Kibana release in production, give it a test run, or just play around:

Download the latest version on the Kibana Download Page.
Learn more about Kibana's features and capabilities on the Kibana Product Page.
We also offer a hosted version of Kibana on our Cloud Service.

Building and Running Kibana, and/or Contributing Code

You might want to build Kibana locally to contribute some code, test out the latest features, or try out an open PR:

CONTRIBUTING.md will help you get Kibana up and running.
If you would like to contribute code, please follow our STYLEGUIDE.mdx.
For all other questions, check out the FAQ.md and wiki.

Documentation

Visit Elastic.co for the full Kibana documentation.

For information about building the documentation, see the README in elastic/docs.

Version Compatibility with Elasticsearch

Ideally, you should be running Elasticsearch and Kibana with matching version numbers. If your Elasticsearch has an older version number or a newer major number than Kibana, then Kibana will fail to run. If Elasticsearch has a newer minor or patch number than Kibana, then the Kibana Server will log a warning.

Note: The version numbers below are only examples, meant to illustrate the relationships between different types of version numbers.

Situation	Example Kibana version	Example ES version	Outcome
Versions are the same.	7.15.1	7.15.1	💚 OK
ES patch number is newer.	7.15.0	7.15.1	⚠️ Logged warning
ES minor number is newer.	7.14.2	7.15.0	⚠️ Logged warning
ES major number is newer.	7.15.1	8.0.0	🚫 Fatal error
ES patch number is older.	7.15.1	7.15.0	⚠️ Logged warning
ES minor number is older.	7.15.1	7.14.2	🚫 Fatal error
ES major number is older.	8.0.0	7.15.1	🚫 Fatal error

Questions? Problems? Suggestions?

If you've found a bug or want to request a feature, please create a GitHub Issue. Please check to make sure someone else hasn't already created an issue for the same topic.
Need help using Kibana? Ask away on our Kibana Discuss Forum and a fellow community member or Elastic engineer will be glad to help you out.