diff --git a/src/plugins/kibana_usage_collection/server/collectors/application_usage/schema.ts b/src/plugins/kibana_usage_collection/server/collectors/application_usage/schema.ts
index 693e9132fe53..e033da875080 100644
--- a/src/plugins/kibana_usage_collection/server/collectors/application_usage/schema.ts
+++ b/src/plugins/kibana_usage_collection/server/collectors/application_usage/schema.ts
@@ -148,6 +148,7 @@ export const applicationUsageSchema = {
ml: commonSchema,
monitoring: commonSchema,
'observability-overview': commonSchema,
+ osquery: commonSchema,
security_account: commonSchema,
security_access_agreement: commonSchema,
security_capture_url: commonSchema, // It's a forward app so we'll likely never report it
diff --git a/src/plugins/telemetry/schema/oss_plugins.json b/src/plugins/telemetry/schema/oss_plugins.json
index 6099b3efa803..dc653062931c 100644
--- a/src/plugins/telemetry/schema/oss_plugins.json
+++ b/src/plugins/telemetry/schema/oss_plugins.json
@@ -3954,6 +3954,137 @@
}
}
},
+ "osquery": {
+ "properties": {
+ "appId": {
+ "type": "keyword",
+ "_meta": {
+ "description": "The application being tracked"
+ }
+ },
+ "viewId": {
+ "type": "keyword",
+ "_meta": {
+ "description": "Always `main`"
+ }
+ },
+ "clicks_total": {
+ "type": "long",
+ "_meta": {
+ "description": "General number of clicks in the application since we started counting them"
+ }
+ },
+ "clicks_7_days": {
+ "type": "long",
+ "_meta": {
+ "description": "General number of clicks in the application over the last 7 days"
+ }
+ },
+ "clicks_30_days": {
+ "type": "long",
+ "_meta": {
+ "description": "General number of clicks in the application over the last 30 days"
+ }
+ },
+ "clicks_90_days": {
+ "type": "long",
+ "_meta": {
+ "description": "General number of clicks in the application over the last 90 days"
+ }
+ },
+ "minutes_on_screen_total": {
+ "type": "float",
+ "_meta": {
+ "description": "Minutes the application is active and on-screen since we started counting them."
+ }
+ },
+ "minutes_on_screen_7_days": {
+ "type": "float",
+ "_meta": {
+ "description": "Minutes the application is active and on-screen over the last 7 days"
+ }
+ },
+ "minutes_on_screen_30_days": {
+ "type": "float",
+ "_meta": {
+ "description": "Minutes the application is active and on-screen over the last 30 days"
+ }
+ },
+ "minutes_on_screen_90_days": {
+ "type": "float",
+ "_meta": {
+ "description": "Minutes the application is active and on-screen over the last 90 days"
+ }
+ },
+ "views": {
+ "type": "array",
+ "items": {
+ "properties": {
+ "appId": {
+ "type": "keyword",
+ "_meta": {
+ "description": "The application being tracked"
+ }
+ },
+ "viewId": {
+ "type": "keyword",
+ "_meta": {
+ "description": "The application view being tracked"
+ }
+ },
+ "clicks_total": {
+ "type": "long",
+ "_meta": {
+ "description": "General number of clicks in the application sub view since we started counting them"
+ }
+ },
+ "clicks_7_days": {
+ "type": "long",
+ "_meta": {
+ "description": "General number of clicks in the active application sub view over the last 7 days"
+ }
+ },
+ "clicks_30_days": {
+ "type": "long",
+ "_meta": {
+ "description": "General number of clicks in the active application sub view over the last 30 days"
+ }
+ },
+ "clicks_90_days": {
+ "type": "long",
+ "_meta": {
+ "description": "General number of clicks in the active application sub view over the last 90 days"
+ }
+ },
+ "minutes_on_screen_total": {
+ "type": "float",
+ "_meta": {
+ "description": "Minutes the application sub view is active and on-screen since we started counting them."
+ }
+ },
+ "minutes_on_screen_7_days": {
+ "type": "float",
+ "_meta": {
+ "description": "Minutes the application is active and on-screen active application sub view over the last 7 days"
+ }
+ },
+ "minutes_on_screen_30_days": {
+ "type": "float",
+ "_meta": {
+ "description": "Minutes the application is active and on-screen active application sub view over the last 30 days"
+ }
+ },
+ "minutes_on_screen_90_days": {
+ "type": "float",
+ "_meta": {
+ "description": "Minutes the application is active and on-screen active application sub view over the last 90 days"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
"security_account": {
"properties": {
"appId": {
diff --git a/x-pack/plugins/osquery/public/routes/live_queries/new/index.tsx b/x-pack/plugins/osquery/public/routes/live_queries/new/index.tsx
index 78304d4b2919..9967eb97cddf 100644
--- a/x-pack/plugins/osquery/public/routes/live_queries/new/index.tsx
+++ b/x-pack/plugins/osquery/public/routes/live_queries/new/index.tsx
@@ -57,8 +57,8 @@ const NewLiveQueryPageComponent = () => {
id="xpack.osquery.newLiveQuery.pageTitle"
defaultMessage="New live query"
/>
-
+
diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/form/queries_field.tsx b/x-pack/plugins/osquery/public/scheduled_query_groups/form/queries_field.tsx
index 2074c38e20fe..7d5a2c5ac99c 100644
--- a/x-pack/plugins/osquery/public/scheduled_query_groups/form/queries_field.tsx
+++ b/x-pack/plugins/osquery/public/scheduled_query_groups/form/queries_field.tsx
@@ -39,8 +39,8 @@ const getNewStream = ({ id, interval, query, scheduledQueryGroupId }: GetNewStre
: null,
vars: {
id: { type: 'text', value: id },
- type: 'integer',
interval: {
+ type: 'integer',
value: interval,
},
query: { type: 'text', value: query },
diff --git a/x-pack/plugins/osquery/server/config.ts b/x-pack/plugins/osquery/server/config.ts
index 58b9a8bf910c..56d67400a47d 100644
--- a/x-pack/plugins/osquery/server/config.ts
+++ b/x-pack/plugins/osquery/server/config.ts
@@ -8,7 +8,7 @@
import { TypeOf, schema } from '@kbn/config-schema';
export const ConfigSchema = schema.object({
- enabled: schema.boolean({ defaultValue: false }),
+ enabled: schema.boolean({ defaultValue: true }),
actionEnabled: schema.boolean({ defaultValue: false }),
savedQueries: schema.boolean({ defaultValue: false }),
packs: schema.boolean({ defaultValue: false }),
diff --git a/x-pack/plugins/osquery/server/plugin.ts b/x-pack/plugins/osquery/server/plugin.ts
index 2a6e4dc5b1f4..31f611c5f1d3 100644
--- a/x-pack/plugins/osquery/server/plugin.ts
+++ b/x-pack/plugins/osquery/server/plugin.ts
@@ -5,9 +5,7 @@
* 2.0.
*/
-import { i18n } from '@kbn/i18n';
import {
- DEFAULT_APP_CATEGORIES,
PluginInitializerContext,
CoreSetup,
CoreStart,
@@ -49,40 +47,6 @@ export class OsqueryPlugin implements Plugin config,
};
- plugins.features.registerKibanaFeature({
- id: 'osquery',
- name: i18n.translate('xpack.osquery.featureRegistry.osqueryFeatureName', {
- defaultMessage: 'Osquery',
- }),
- order: 4000,
- category: DEFAULT_APP_CATEGORIES.management,
- app: ['osquery', 'kibana'],
- catalogue: ['osquery'],
- // see x-pack/plugins/features/common/feature_kibana_privileges.ts
- privileges: {
- all: {
- app: ['osquery', 'kibana'],
- api: ['osquery', 'osquery_write'],
- catalogue: ['osquery'],
- savedObject: {
- all: [],
- read: [],
- },
- ui: ['show', 'save'],
- },
- read: {
- app: ['osquery', 'kibana'],
- api: ['osquery'],
- catalogue: ['osquery'],
- savedObject: {
- all: [],
- read: [],
- },
- ui: ['show'],
- },
- },
- });
-
initSavedObjects(core.savedObjects, osqueryContext);
defineRoutes(router, osqueryContext);