mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00

Your window into the Elastic Stack

dashboards elasticsearch hacktoberfest kibana metrics observability visualizations

Find a file

Kibana Machine fa5276475b [8.16] [Security GenAI][BUG] KB index entry created via pdf upload does not give the right response (#198020 ) (#198075 ) # Backport This will backport the following commits from `main` to `8.16`: - [[Security GenAI][BUG] KB index entry created via pdf upload does not give the right response (#198020)](https://github.com/elastic/kibana/pull/198020) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Ievgen Sorokopud","email":"ievgen.sorokopud@elastic.co"},"sourceCommit":{"committedDate":"2024-10-28T19:12:38Z","message":"[Security GenAI][BUG] KB index entry created via pdf upload does not give the right response (#198020)\n\n## Summary\r\n\r\nThese changes fix the issue with the wrong response of the AI Assistant\r\nusing knowledge base tool and index entry generated from a PDF file.\r\n\r\nThe issue happens because we are using the first chunk of uploaded PDF\r\ndocument as a context that we pass to LLM instead of using inner hits\r\nchunks which are actual parts of the document relevant to the questions.\r\n\r\nHere is [the blog\r\npost](https://www.elastic.co/search-labs/blog/semantic-text-with-amazon-bedrock)\r\nthat talks about the strategy of using inner hits to get the most\r\nrelevant documents. (see `Strategy 1: API Calls` section)\r\n\r\n### Upload + index PDF\r\n\r\n1. Navigate to Integrations page\r\n2. Select \"Upload a file\"\r\n3. Select and upload a PDF file\r\n4. Press Import button\r\n5. Switch to Advanced tab\r\n6. Fill in \"Index name\"\r\n7. Add additional field > Add semantic text field > Fill in form\r\n * Field: `attachment.content`\r\n * Copy to field: `content`\r\n * Inference endpoint: `elser_model_2`\r\n8. Press Add button\r\n9. Press Import button\r\n\r\n### Add KB index entry (with uploaded PDF data)\r\n\r\n1. Navigate to AI Assistant's Knowledge Base page\r\n2. New > Index\r\n3. Fill in \"New index entry\" form (below are main fields)\r\n * Name: `[add entry name]`\r\n * Index: `[select index name created during uploading a PDF file]`\r\n * Field: `content`\r\n4. Press Save button\r\n\r\n### Testing notes\r\n\r\nEnable knowledge base feature via\r\n\r\n```\r\nxpack.securitySolution.enableExperimental:\r\n - 'assistantKnowledgeBaseByDefault'\r\n```\r\n\r\n### Example PDF for testing\r\n\r\nPDF document:\r\n[Elastic Global Threat Report\r\n2024](https://github.com/user-attachments/files/17544720/elastic-global-threat-report-2024.pdf)\r\n\r\nKB Index entry:\r\nData Description: \"Use this tool to answer questions about the Elastic\r\nGlobal Threat Report (GTR) 2024\"\r\nQuery Instruction: \"Key terms to return data relevant to the Elastic\r\nGlobal Threat Report (GTR) 2024\"\r\n\r\nQuestions:\r\n1. Who are the authors of the GTR 2024?\r\n2. What is the forecast for the coming year in GTR 2024?\r\n3. What are top 10 Process Injection by rules in Windows endpoints in\r\nGTR 2024?\r\n4. What is the most widely adopted cloud service provider this year\r\naccording to GTR 2024?\r\n6. Give a brief conclusion of the GTR 2024\r\n\r\nCurrent behaviour:\r\n\r\n<img width=\"656\" alt=\"Screenshot 2024-10-28 at 16 43 48\"\r\nsrc=\"https://github.com/user-attachments/assets/90615356-8807-4786-b58d-ca28c83aaec9\">\r\n\r\nFixed behaviour:\r\n\r\n<img width=\"655\" alt=\"Screenshot 2024-10-28 at 16 44 47\"\r\nsrc=\"https://github.com/user-attachments/assets/9ebefbcc-20c2-4c79-98f3-11fa6acf3da6\">","sha":"af2bff4ca455168a691e17bd26a84b24f2ff8e99","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","v9.0.0","Team: SecuritySolution","Team:Security Generative AI","v8.16.0","backport:version","v8.17.0"],"title":"[Security GenAI][BUG] KB index entry created via pdf upload does not give the right response","number":198020,"url":"https://github.com/elastic/kibana/pull/198020","mergeCommit":{"message":"[Security GenAI][BUG] KB index entry created via pdf upload does not give the right response (#198020)\n\n## Summary\r\n\r\nThese changes fix the issue with the wrong response of the AI Assistant\r\nusing knowledge base tool and index entry generated from a PDF file.\r\n\r\nThe issue happens because we are using the first chunk of uploaded PDF\r\ndocument as a context that we pass to LLM instead of using inner hits\r\nchunks which are actual parts of the document relevant to the questions.\r\n\r\nHere is [the blog\r\npost](https://www.elastic.co/search-labs/blog/semantic-text-with-amazon-bedrock)\r\nthat talks about the strategy of using inner hits to get the most\r\nrelevant documents. (see `Strategy 1: API Calls` section)\r\n\r\n### Upload + index PDF\r\n\r\n1. Navigate to Integrations page\r\n2. Select \"Upload a file\"\r\n3. Select and upload a PDF file\r\n4. Press Import button\r\n5. Switch to Advanced tab\r\n6. Fill in \"Index name\"\r\n7. Add additional field > Add semantic text field > Fill in form\r\n * Field: `attachment.content`\r\n * Copy to field: `content`\r\n * Inference endpoint: `elser_model_2`\r\n8. Press Add button\r\n9. Press Import button\r\n\r\n### Add KB index entry (with uploaded PDF data)\r\n\r\n1. Navigate to AI Assistant's Knowledge Base page\r\n2. New > Index\r\n3. Fill in \"New index entry\" form (below are main fields)\r\n * Name: `[add entry name]`\r\n * Index: `[select index name created during uploading a PDF file]`\r\n * Field: `content`\r\n4. Press Save button\r\n\r\n### Testing notes\r\n\r\nEnable knowledge base feature via\r\n\r\n```\r\nxpack.securitySolution.enableExperimental:\r\n - 'assistantKnowledgeBaseByDefault'\r\n```\r\n\r\n### Example PDF for testing\r\n\r\nPDF document:\r\n[Elastic Global Threat Report\r\n2024](https://github.com/user-attachments/files/17544720/elastic-global-threat-report-2024.pdf)\r\n\r\nKB Index entry:\r\nData Description: \"Use this tool to answer questions about the Elastic\r\nGlobal Threat Report (GTR) 2024\"\r\nQuery Instruction: \"Key terms to return data relevant to the Elastic\r\nGlobal Threat Report (GTR) 2024\"\r\n\r\nQuestions:\r\n1. Who are the authors of the GTR 2024?\r\n2. What is the forecast for the coming year in GTR 2024?\r\n3. What are top 10 Process Injection by rules in Windows endpoints in\r\nGTR 2024?\r\n4. What is the most widely adopted cloud service provider this year\r\naccording to GTR 2024?\r\n6. Give a brief conclusion of the GTR 2024\r\n\r\nCurrent behaviour:\r\n\r\n<img width=\"656\" alt=\"Screenshot 2024-10-28 at 16 43 48\"\r\nsrc=\"https://github.com/user-attachments/assets/90615356-8807-4786-b58d-ca28c83aaec9\">\r\n\r\nFixed behaviour:\r\n\r\n<img width=\"655\" alt=\"Screenshot 2024-10-28 at 16 44 47\"\r\nsrc=\"https://github.com/user-attachments/assets/9ebefbcc-20c2-4c79-98f3-11fa6acf3da6\">","sha":"af2bff4ca455168a691e17bd26a84b24f2ff8e99"}},"sourceBranch":"main","suggestedTargetBranches":["8.16","8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/198020","number":198020,"mergeCommit":{"message":"[Security GenAI][BUG] KB index entry created via pdf upload does not give the right response (#198020)\n\n## Summary\r\n\r\nThese changes fix the issue with the wrong response of the AI Assistant\r\nusing knowledge base tool and index entry generated from a PDF file.\r\n\r\nThe issue happens because we are using the first chunk of uploaded PDF\r\ndocument as a context that we pass to LLM instead of using inner hits\r\nchunks which are actual parts of the document relevant to the questions.\r\n\r\nHere is [the blog\r\npost](https://www.elastic.co/search-labs/blog/semantic-text-with-amazon-bedrock)\r\nthat talks about the strategy of using inner hits to get the most\r\nrelevant documents. (see `Strategy 1: API Calls` section)\r\n\r\n### Upload + index PDF\r\n\r\n1. Navigate to Integrations page\r\n2. Select \"Upload a file\"\r\n3. Select and upload a PDF file\r\n4. Press Import button\r\n5. Switch to Advanced tab\r\n6. Fill in \"Index name\"\r\n7. Add additional field > Add semantic text field > Fill in form\r\n * Field: `attachment.content`\r\n * Copy to field: `content`\r\n * Inference endpoint: `elser_model_2`\r\n8. Press Add button\r\n9. Press Import button\r\n\r\n### Add KB index entry (with uploaded PDF data)\r\n\r\n1. Navigate to AI Assistant's Knowledge Base page\r\n2. New > Index\r\n3. Fill in \"New index entry\" form (below are main fields)\r\n * Name: `[add entry name]`\r\n * Index: `[select index name created during uploading a PDF file]`\r\n * Field: `content`\r\n4. Press Save button\r\n\r\n### Testing notes\r\n\r\nEnable knowledge base feature via\r\n\r\n```\r\nxpack.securitySolution.enableExperimental:\r\n - 'assistantKnowledgeBaseByDefault'\r\n```\r\n\r\n### Example PDF for testing\r\n\r\nPDF document:\r\n[Elastic Global Threat Report\r\n2024](https://github.com/user-attachments/files/17544720/elastic-global-threat-report-2024.pdf)\r\n\r\nKB Index entry:\r\nData Description: \"Use this tool to answer questions about the Elastic\r\nGlobal Threat Report (GTR) 2024\"\r\nQuery Instruction: \"Key terms to return data relevant to the Elastic\r\nGlobal Threat Report (GTR) 2024\"\r\n\r\nQuestions:\r\n1. Who are the authors of the GTR 2024?\r\n2. What is the forecast for the coming year in GTR 2024?\r\n3. What are top 10 Process Injection by rules in Windows endpoints in\r\nGTR 2024?\r\n4. What is the most widely adopted cloud service provider this year\r\naccording to GTR 2024?\r\n6. Give a brief conclusion of the GTR 2024\r\n\r\nCurrent behaviour:\r\n\r\n<img width=\"656\" alt=\"Screenshot 2024-10-28 at 16 43 48\"\r\nsrc=\"https://github.com/user-attachments/assets/90615356-8807-4786-b58d-ca28c83aaec9\">\r\n\r\nFixed behaviour:\r\n\r\n<img width=\"655\" alt=\"Screenshot 2024-10-28 at 16 44 47\"\r\nsrc=\"https://github.com/user-attachments/assets/9ebefbcc-20c2-4c79-98f3-11fa6acf3da6\">","sha":"af2bff4ca455168a691e17bd26a84b24f2ff8e99"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Ievgen Sorokopud <ievgen.sorokopud@elastic.co>		2024-10-28 15:55:02 -05:00
.buildkite	[8.16][ci] Use es snapshot cache on miscellaneous steps, adjust schedule (#197294 ) (#197884 )	2024-10-28 11:34:49 -05:00
.devcontainer	Add Kibana Dev Container (#188887 )	2024-08-26 14:38:45 -07:00
.github	[8.16] github-actions: pull_request in forked PRs cannot change permissions scope (#196550 ) (#196631 )	2024-10-17 07:38:35 +00:00
api_docs	[8.x] Remove kbn-ace, ace and brace dependencies (#195703 ) (#195765 )	2024-10-11 11:17:21 +01:00
config	[8.x] Update max supported package version (#196551 ) (#196581 )	2024-10-16 13:27:11 -05:00
dev_docs	[8.x] [dev docs] Add recently viewed docs (#195001 ) (#195779 )	2024-10-10 14:51:14 +00:00
docs	[8.16] Fix documentation for session lifespan default (#198065 ) (#198069 )	2024-10-28 18:32:23 +00:00
examples	[8.x] [Reporting] fix dashboard "Copy Post URL" action (#192530 ) (#195334 )	2024-10-08 03:44:43 +02:00
kbn_pm	Adds AGPL 3.0 license (#192025 )	2024-09-06 19:02:41 -06:00
legacy_rfcs	rename @elastic/* packages to @kbn/* (#138957 )	2022-08-18 08:54:42 -07:00
licenses	Adds AGPL 3.0 license (#192025 )	2024-09-06 19:02:41 -06:00
oas_docs	[8.16] [OpenAPI][DOCS] Add descriptions, examples, responses for role APIs (#195527 ) (#197890 )	2024-10-28 18:28:37 +01:00
packages	[8.16] [Authz] OAS Descriptions for Route Authz (#197001 ) (#198057 )	2024-10-28 13:48:42 -05:00
plugins
scripts	[8.x] [KB] create `@kbn/product-doc-artifact-builder` package (#193847 ) (#196206 )	2024-10-15 08:02:35 +02:00
src	[8.16] [AI Assistant] Set scope and rename to Observability and Search (#196322 ) (#197608 )	2024-10-28 12:56:52 -05:00
test	[8.16] Fix search session filter functional test (#193812 ) (#197503 )	2024-10-27 23:44:21 -03:00
typings	Adds AGPL 3.0 license (#192025 )	2024-09-06 19:02:41 -06:00
x-pack	[8.16] [Security GenAI][BUG] KB index entry created via pdf upload does not give the right response (#198020 ) (#198075 )	2024-10-28 15:55:02 -05:00
.backportrc.json	chore(NA): adds 8.16 into backportrc (#187530 )	2024-07-04 19:09:25 +01:00
.bazelignore	Remove references to deleted .ci folder (#177168 )	2024-02-20 19:54:21 +01:00
.bazeliskversion	chore(NA): upgrade bazelisk into v1.11.0 (#125070 )	2022-02-09 20:43:57 +00:00
.bazelrc	chore(NA): use new and more performant BuildBuddy servers (#130350 )	2022-04-18 02:01:38 +01:00
.bazelrc.common	Transpile packages on demand, validate all TS projects (#146212 )	2022-12-22 19:00:29 -06:00
.bazelversion	chore(NA): revert bazel upgrade for v5.2.0 (#135096 )	2022-06-24 03:57:21 +01:00
.browserslistrc	Add Firefox ESR to browserlistrc (#184462 )	2024-05-29 17:53:18 -05:00
.editorconfig
.eslintignore	[ES\|QL] New @kbn/esql-services package (#179029 )	2024-03-27 14:39:48 +01:00
.eslintrc.js	[8.x] chore(security, eslint): apply platform security-specific rules to all exclusively owned paths. (#195711 ) (#196010 )	2024-10-12 11:19:03 -04:00
.gitattributes
.gitignore	[ON-WEEK][POC] Playwright (#190803 )	2024-09-06 13:09:18 +02:00
.i18nrc.json	[8.x] [Search][Onboarding] api-key plugin (#191926 ) (#194756 )	2024-10-03 14:02:05 +02:00
.node-version	Upgrade Node.js to 20.15.1 (#187791 )	2024-07-15 12:34:07 -05:00
.npmrc	[npmrc] Fix puppeteer_skip_download configuration (#177673 )	2024-02-22 18:59:01 -07:00
.nvmrc	Upgrade Node.js to 20.15.1 (#187791 )	2024-07-15 12:34:07 -05:00
.prettierignore
.prettierrc
.puppeteerrc	Add .puppeteerrc (#179847 )	2024-04-03 09:14:39 -05:00
.stylelintignore
.stylelintrc	Bump stylelint to ^14 (#136693 )	2022-07-20 10:11:00 -05:00
.telemetryrc.json	[Telemetry] Fix telemetry-tools TS parser for packages (#149819 )	2023-01-31 04:09:09 +03:00
.yarnrc
BUILD.bazel	Transpile packages on demand, validate all TS projects (#146212 )	2022-12-22 19:00:29 -06:00
catalog-info.yaml	[sonarqube] Disable cron (#190611 )	2024-08-15 09:19:09 -05:00
CODE_OF_CONDUCT.md
CONTRIBUTING.md	Update doc slugs to improve analytic tracking, move to appropriate folders (#113630 )	2021-10-04 13:36:45 -04:00
FAQ.md	Fix small typos in the root md files (#134609 )	2022-06-23 09:36:11 -05:00
fleet_packages.json	[8.16] Sync bundled packages with Package Storage (#197242 )	2024-10-24 08:27:15 +00:00
github_checks_reporter.json
kibana.d.ts	Adds AGPL 3.0 license (#192025 )	2024-09-06 19:02:41 -06:00
LICENSE.txt	Adds AGPL 3.0 license (#192025 )	2024-09-06 19:02:41 -06:00
NOTICE.txt	[8.x] Remove kbn-ace, ace and brace dependencies (#195703 ) (#195765 )	2024-10-11 11:17:21 +01:00
package.json	[8.16] Upgrade @elastic/node-crypto 1.2.1 → 1.2.3 (#197629 ) (#197806 )	2024-10-25 08:17:03 -05:00
preinstall_check.js	Adds AGPL 3.0 license (#192025 )	2024-09-06 19:02:41 -06:00
README.md	[README] Update version Compatibility with Elasticsearch (#116040 )	2022-01-10 10:31:21 -05:00
renovate.json	[8.x] [Cloud Security] Graph visualization and API (#195307 ) (#196015 )	2024-10-12 12:41:22 -05:00
RISK_MATRIX.mdx
run_fleet_setup_parallel.sh	[Fleet] Prevent concurrent runs of Fleet setup (#183636 )	2024-05-31 16:38:51 +02:00
SECURITY.md
sonar-project.properties	[sonarqube] update memory, cpu (#190547 )	2024-09-09 16:16:30 -05:00
STYLEGUIDE.mdx	[styleguide] update path to scss theme (#140742 )	2022-09-15 10:41:14 -04:00
tsconfig.base.json	[8.x] [Cloud Security] Refactoring cloud-security-posture packages' folder structure (#196008 ) (#196267 )	2024-10-15 06:51:18 -05:00
tsconfig.browser.json
tsconfig.browser_bazel.json
tsconfig.json	Transpile packages on demand, validate all TS projects (#146212 )	2022-12-22 19:00:29 -06:00
TYPESCRIPT.md	Fix small typos in the root md files (#134609 )	2022-06-23 09:36:11 -05:00
versions.json	[ci] Update version tracking for 7.17.25 (#192477 )	2024-09-10 20:54:04 -05:00
WORKSPACE.bazel	chore(NA): remove usage of re2 and replace it with a non native module (#188134 )	2024-07-15 20:33:28 +01:00
yarn.lock	[8.16] Upgrade @elastic/node-crypto 1.2.1 → 1.2.3 (#197629 ) (#197806 )	2024-10-25 08:17:03 -05:00

README.md

Kibana

Kibana is your window into the Elastic Stack. Specifically, it's a browser-based analytics and search dashboard for Elasticsearch.

Getting Started
- Using a Kibana Release
- Building and Running Kibana, and/or Contributing Code
Documentation
Version Compatibility with Elasticsearch
Questions? Problems? Suggestions?

Getting Started

If you just want to try Kibana out, check out the Elastic Stack Getting Started Page to give it a whirl.

If you're interested in diving a bit deeper and getting a taste of Kibana's capabilities, head over to the Kibana Getting Started Page.

Using a Kibana Release

If you want to use a Kibana release in production, give it a test run, or just play around:

Download the latest version on the Kibana Download Page.
Learn more about Kibana's features and capabilities on the Kibana Product Page.
We also offer a hosted version of Kibana on our Cloud Service.

Building and Running Kibana, and/or Contributing Code

You might want to build Kibana locally to contribute some code, test out the latest features, or try out an open PR:

CONTRIBUTING.md will help you get Kibana up and running.
If you would like to contribute code, please follow our STYLEGUIDE.mdx.
For all other questions, check out the FAQ.md and wiki.

Documentation

Visit Elastic.co for the full Kibana documentation.

For information about building the documentation, see the README in elastic/docs.

Version Compatibility with Elasticsearch

Ideally, you should be running Elasticsearch and Kibana with matching version numbers. If your Elasticsearch has an older version number or a newer major number than Kibana, then Kibana will fail to run. If Elasticsearch has a newer minor or patch number than Kibana, then the Kibana Server will log a warning.

Note: The version numbers below are only examples, meant to illustrate the relationships between different types of version numbers.

Situation	Example Kibana version	Example ES version	Outcome
Versions are the same.	7.15.1	7.15.1	💚 OK
ES patch number is newer.	7.15.0	7.15.1	⚠️ Logged warning
ES minor number is newer.	7.14.2	7.15.0	⚠️ Logged warning
ES major number is newer.	7.15.1	8.0.0	🚫 Fatal error
ES patch number is older.	7.15.1	7.15.0	⚠️ Logged warning
ES minor number is older.	7.15.1	7.14.2	🚫 Fatal error
ES major number is older.	8.0.0	7.15.1	🚫 Fatal error

Questions? Problems? Suggestions?

If you've found a bug or want to request a feature, please create a GitHub Issue. Please check to make sure someone else hasn't already created an issue for the same topic.
Need help using Kibana? Ask away on our Kibana Discuss Forum and a fellow community member or Elastic engineer will be glad to help you out.