* add babel support for export type
* bump ts version to 3.9.3
* rebuild kbn-pm
* bump typescript-eslint
* fix error in security plugin UI
* check export as works
* fix app migration type
* use correct test subj attribute
* fix errors from the old PR
* embeddable is already passed in props
* explicitly define type of fetch
* add some types for viz
* fix fetch type p.2
* add null to allow spreading without type errors due to override
* add type guard to fix type error
* cast to any, since cannot assign unknown
* add timestamp to known types
* fix type error in fetch
* fix type error. id is always defined in attibutes
* declare a type
* move ts-ignore to the lines with errors
* declare tuple type explicitly
* mute type error. cannot assign unknown
* fix errors. id is always defined
* fix error type
* fix override errors. id is always defined
* fix error. extends any doesn't work anymore
* fix type error. type is always defined
* env doesn't always contain values
* fix type error
* cast to string
* add: logs is already declared in getNodeLogsUrl
* state is already passed in props
* fix some errors in timelion
* number of fragments is always defined
* 'absolute' is not just string, but value
* TEMP: option is always defined
* always true if cast to promise manually
* both props are always defined
* explicitly define returned SO type
* workaround type
* bump tslib to be compatible with ts v3.9
* test private property
* rebuild kbn-pm
* Fix ts errors for beats management
* Fix type inference broken by the TS 3.9 upgrade
* Fix ingest manager saved object attributes typings
* Fix TS errors in cross_cluster_replication and index_management.
* Fix TS error in Watcher.
* roll back colorRange wrong type
* fix security plugin types
* TypeScript 3.9 fixes for APM
* Fix ColorRange types.
* fix actions & alerts errors. ByGidi
* fix lists error
* More APM fixes
* Remove paramaterization from `removeEmpty in agent config SettingsPage component (it's only used there and doesn't need to be parameterized.)
* Add option chain for case in registerTransactionDurationAlertType
* Cast `overallValue` in transform_metrics_chart
* Use more specific type for custom link filters
* Add more option chaining for local UI filters buckets response
* Remove unused parameters from routes
* Fix getProjection type parameter
* Use destructuring in serviceNodesLocalFiltersRoute to hide `never` error
* Revert `UnionToIntersection` change in `AggregationResponseMap`
Fixes#67804.
* fix platform type error
* Fix visualizations types.
* Fix data plugin types.
* bump TS version to 3.9.5
* Fix telemetry TS errors
* Fix dashboard code
* Adding Canvas Fixes for TS 3.9
* Fix case and security_solution types
* roll back to the old export syntax. new one might cause problems in api-extractor
* update docs
* Fix timelion code
* Fix meta
* Fix types
* fix type errors om ingest_manager
* bump babel deps
* enable private props & methods syntax
* update kbn-pm dist
* whitelist 0BSD license
* use @babel/plugin-proposal-private-methods in default set as well
* disable new babel plugins
* Revert "disable new babel plugins"
This reverts commit 04d959431d.
* cleanup security_solution types
* Fixes type error for newer TypeScript
* update docs
Co-authored-by: Nicolas Chaulet <nicolas.chaulet@elastic.co>
Co-authored-by: Felix Stürmer <stuermer@weltenwort.de>
Co-authored-by: CJ Cenizal <cj@cenizal.com>
Co-authored-by: Larry Gregory <larry.gregory@elastic.co>
Co-authored-by: Nathan L Smith <smith@nlsmith.com>
Co-authored-by: Walter Rafelsberger <walter@elastic.co>
Co-authored-by: Luke Elmers <luke.elmers@elastic.co>
Co-authored-by: Alejandro Fernández Haro <alejandro.haro@elastic.co>
Co-authored-by: Tim Roes <tim.roes@elastic.co>
Co-authored-by: Clint Andrew Hall <clint.hall@elastic.co>
Co-authored-by: Patryk Kopycinski <contact@patrykkopycinski.com>
Co-authored-by: FrankHassanabad <frank.hassanabad@elastic.co>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Changed actions API endpoints urls to follow Kibana STYLEGUIDE
* Fixed tests
* fixed test
* fixed test
* resolved conflicts
* Fixed siem tests
* Fixed failing test
* fixed readme and test
* Changed actions api urls to follow the template 'api/{plugin}/{type}/{id}
* Fixed type checks
* Fixed tests and API
* fixed tests
* Fixed type checks
* fixed type check
As part of the work towards adding RBAC & Feature Controls support in Alerting (https://github.com/elastic/kibana/issues/43994), we've decided that the ActionsClient will handle authorisation against Actions instead of relying on the SavedObjectsClient on its own.
To prevent (or at least, minimise the chances of) bypassing this auth model by using the SavedObjects client this PR makes the `action` and `action_task_params` SavedObject types _hidden_ types and given the ActionsClient permission to interact with it.
* make alert saved object type hidden
* fix support for hidden alert type in alerting tests
* updated api docs
* fixed some missing types and unused imports
* fixed test broken by field rename
* added support for including hidden types in saved objects client
* fixed merge conflict
* cleaned up some test descriptions
* adds a getClient api to Encrypted Saved Objects
* fixed alerts fixture
* added missing plugin type in alerting
* removed unused field
* chaged ESO api to an options object as per Security teams request
* fixed usage of eso client
* fixed typos and oversights
* split alerts file into two - for actions and alerts
As part of the work needed for RBAC & Feature Controls support in Alerting (https://github.com/elastic/kibana/issues/43994) we've identified a need to make the Alert Saved Object type a _hidden_ type.
As we still need support for Security and Spaces, we wish to use the standard SavedObjectsClient and its middleware, but currently this isn't possible with _hidden_ types.
To address that, this PR adds support for creating a client which includes hidden types.
* Allow registered alert types to be non-editable
* Fixed isUiEditEnabled values
* Fixed due to comments
* fixed failing tests
* Enable alert type selection per alert consumer, only 'alerting' consumer can display other consumers alert types, but in case if it isEditable
* fixed tests
* Removed consumer property from the client side alert type registry and added server side property producer which purpose is to manage a feature logic
* fixed type check
* Fixed tests and type checks
* Removed error message for non registered plugins
* Fixed failing tests
* Fixed due to comments
* fixed test
* -
* revert logic for requiresAppContext
* Added close toast after saving alert
resolves https://github.com/elastic/kibana/issues/63171
Previously, preconfigured actions were specified as an array of action
properties. This ended up being problematic when using the kibana keystore
for secrets, as you'd have to reference specific actions via index.
This changes preconfigured actions to be specified as an object, where the
property key is the id, and the body is the remainder of the action properties.
As access to preconfigured actions has leaked across the code base, it's
probably time to consider changing the internal representation from an array
to a Map, to provide easier access by action id. For a future PR.
This PR migrates the vast majority of Alerting legacy code to the Kibana Platform.
This includes:
1. Removed legacy Task Manager
2. Migrates Fixture plugins in Alerting, Triggers UI and Task Manager Perf
This does not includes:
1. The PagerDuty simulator due to a lack of support for custom responses in the platform. issue opened. https://github.com/elastic/kibana/issues/65045
2. The Webhooks simulator due to a lack of support for custom authorisation. Requires investigation.
Completes the migration of all Alerting Services plugins onto the Kibana Platform
It includes:
1. Actions plugin
2. Alerting plugin
3. Task Manager plugin
4. Triggers UI plugin
And touches the Uptime and Siem plugins as their use of the Task Manager relied on some of the legacy lifecycle to work (registering AlertTypes and Telemetry tasks after the Start stage has already began). The fix was simply to moves these registrations to the Setup stage.
resolves https://github.com/elastic/kibana/issues/63162
Most of the support for pre-configured actions has already been added
to Kibana, except for one small piece. The ability for them to be
executed. This PR adds that support.
* Implemented actions server API for supporting preconfigured connectors defined in kibana.yaml
* Fixed type check
* Fixed due to comments and extended functional tests
* Fixed tests and renamed connectors
* fixed jest tests
* Fixed type checks
* Fixed failing alert save
* Fixed alert client tests
* fixed type checks
* Fixed language check error
* Fixed jest tests
* Added missing comments and docs
* fixed due to comments
* Fixed json config for preconfigured
* fixed type check, reverted config
* config experiment with json stringify
* revert experiment
* Removed the spaces from connector names in config
resolves https://github.com/elastic/kibana/issues/61056
When the index action params moved into config, the `schema.maybe()` on the
`executionTimeField` should have been changed to `schema.nullable()`, otherwise
you can never "unset" the field, once it's set.
Changes rippled down to the UI as well.
To be extra safe, we also check that the `executionTimeField` isn't an empty
string when trimmed, as ES will not accept a document with a property that is
the empty string.
resolves https://github.com/elastic/kibana/issues/57143
Currently, the built-in email action requires user/password properties to be
set in it's secrets parameters. This PR changes that requirement, so they
are no longer required.
resolves https://github.com/elastic/kibana/issues/60744
This is a fairly complex test, with alerts that run actions that write to
an index which we then do queries over. The tests didn't account for some
slop in all that async activity, but now should be about as flake-free as they
can be.
resolves https://github.com/elastic/kibana/issues/59889
The index threshold APIs - used by both the index threshold UI and the
alert executor - were returning errors (500's from http endpoints) when
getting errors from ES.
These have been changed so that the error is logged as a warning, and the
relevant API returns an "empty" result.
Another 500 response was found while experimenting with this. Apparently
the date_range agg requires a date format to be passed in if the date format
in ES is not an ISO date. The repro on this was to select the `.security`
alias (or it's index) within the index threshold alert UI, and then select
one of it's date fields.
* Define minimum license required for each action type (#58668)
* Add minimum required license
* Require at least gold license as a minimum license required on third party action types
* Use strings for license references
* Ensure license type is valid
* Fix some tests
* Add servicenow to gold
* Add tests
* Set license requirements on other built in action types
* Use jest.Mocked<ActionType> instead
* Change servicenow to platinum
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Make actions config mock and license state mock use factory pattern and jest mocks (#59370)
* Add license checks to action HTTP APIs (#59153)
* Initial work
* Handle errors in update action API
* Add unit tests for APIs
* Make action executor throw when action type isn't enabled
* Add test suite for basic license
* Fix ESLint errors
* Fix failing tests
* Attempt 1 to fix CI
* ESLint fixes
* Create sendResponse function on ActionTypeDisabledError
* Make disabled action types by config return 403
* Remove switch case
* Fix ESLint
* Add license checks within alerting / actions framework (#59699)
* Initial work
* Handle errors in update action API
* Add unit tests for APIs
* Verify action type before scheduling action task
* Make actions plugin.execute throw error if action type is disabled
* Bug fixes
* Make action executor throw when action type isn't enabled
* Add test suite for basic license
* Fix ESLint errors
* Stop action task from re-running when license check fails
* Fix failing tests
* Attempt 1 to fix CI
* ESLint fixes
* Create sendResponse function on ActionTypeDisabledError
* Make disabled action types by config return 403
* Remove switch case
* Fix ESLint
* Fix confusing assertion
* Add comment explaining double mock
* Log warning when alert action isn't scheduled
* Disable action types in UI when license doesn't support it (#59819)
* Initial work
* Handle errors in update action API
* Add unit tests for APIs
* Verify action type before scheduling action task
* Make actions plugin.execute throw error if action type is disabled
* Bug fixes
* Make action executor throw when action type isn't enabled
* Add test suite for basic license
* Fix ESLint errors
* Stop action task from re-running when license check fails
* Fix failing tests
* Attempt 1 to fix CI
* ESLint fixes
* Return enabledInConfig and enabledInLicense from actions get types API
* Disable cards that have invalid license in create connector flyout
* Create sendResponse function on ActionTypeDisabledError
* Make disabled action types by config return 403
* Remove switch case
* Fix ESLint
* Disable when creating alert action
* Return minimumLicenseRequired in /types API
* Disable row in connectors when action type is disabled
* Fix failing jest test
* Some refactoring
* Card in edit alert flyout
* Sort action types by name
* Add tooltips to create connector action type selector
* Add tooltips to alert flyout action type selector
* Add get more actions link in alert flyout
* Add callout when creating a connector
* Typos
* remove float right and use flexgroup
* replace pixels with eui variables
* turn on sass lint for triggers_actions_ui dir
* trying to add padding around cards
* Add callout in edit alert screen when some actions are disabled
* improve card selection for Add Connector flyout
* Fix cards for create connector
* Add tests
* ESLint issue
* Cleanup
* Cleanup pt2
* Fix type check errors
* moving to 3-columns cards for connector selection
* Change re-enable to enable terminology
* Revert "Change re-enable to enable terminology"
This reverts commit b497dfd6b6.
* Add re-enable comment
* Remove unecessary fragment
* Add type to actionTypeNodes
* Fix EuiLink to not have opacity of 0.7 when not hovered
* design cleanup in progress
* updating classNames
* using EuiIconTip
* Remove label on icon tip
* Fix failing jest test
Co-authored-by: Andrea Del Rio <delrio.andre@gmail.com>
* Add index to .index action type test
* PR feedback
* Add isErrorThatHandlesItsOwnResponse
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Andrea Del Rio <delrio.andre@gmail.com>
* Apply action types to fields
* Add information to each field
* Do not create or update comments when actionType is set to nothing
* Improve helpers tests
* Improve tests
* Refactor: Use transformers and pipes
* Better types
* Refactor tests to new changes
* Better error messages
* Improve field formatting and display
* Improve integration tests
* Make username mandatory field
* Translate transformers
* Refactor schema
* Translate appendInformationToField helper
* Improve intergration tests
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Moved index params fields to connector config
* Fixed type check issue
* Fixing functional tests
* Fixed due to comments
* Fixed functional tests
* Fixed tests and type check
The current index threshold alert uses a `size` limit on term aggregation, when used, but does not sort the buckets, so it's just using descending count on the grouped buckets as the sort to determine what to return.
The watcher API for the index threshold notes this as "top N of", implying a sort.
This PR applies sorting when the using `groupBy: top`, and the `aggType != count`. For count, ES is already sorting the way we want.
The sort is calculated as a separate agg beside the date_range aggregation, which is the same metrics agg specified in the query - `aggType(aggField)`. This field is then referenced in a new `order` property in the terms agg, using 'asc' sorting for `min`, and `desc` sorting for `avg`, `max`, and `sum`.
This doesn't change the shape of the output at all, just changes which term buckets will be returned, if there are more term buckets than requested with the `termSize` parameter.
resolves https://github.com/elastic/kibana/issues/58529
This PR extends alertType with an `actionVariables` property, which
describes the properties of the context object passed when scheduling
actions, and the current state. These property descriptions are used
by the web ui for the alert create and edit forms, to allow the properties
to be added to action parameters as mustache template variables.
This is a pre-cursor to https://github.com/elastic/kibana/issues/58529
I realized a bit ago that we weren't making quite enough info available
in the action parameter templating that happens when alerts schedule
actions to execute. Missing were alert name, tags, and spaceId.
For the index threshold alert, I had added them to it's context, but
then every other action would have to do the same if they also
wanted those values.
So I added these as additional top-level variables that can be
used in templates, along with the alert id, alert instance id,
context, and state. The other bits in RawAlert didn't seem
that interesting, to be used as an action parameter.
Prior to this PR, the alerting UI used two HTTP endpoints provided by the
Kibana watcher plugin, to list index and field names. There are now two HTTP
endpoints in the alerting_builtins plugin which will be used instead.
The code for the new endpoints was largely copied from the existing watcher
endpoints, and the HTTP request/response bodies kept pretty much the same.
resolves https://github.com/elastic/kibana/issues/53041
* use inline snapshots instead of snapshots
* hide input value from error messages
* update core snapshots
* update xpack snapshots
* fix ftr assertions
* fix new snapshots
* hide values for byte_size and duration
* update new snapshots
* remove another byte_size value reference
* fix yet another value references in error messages
* update xpack snapshots
* update xpack ftr assertions
* Add custom action to registry and show actions list in siem
* Exposed action form as reusable component
* Fixed few small bugs
* Fixed red ci
* Fixed type checks
* Fixed failed tests
* Fixed due to comments
* Fixed type check errors
* Fixed plugin check
* Rebalancing CI groups according to #58930
* Fixed merge issues
This is a follow-on to https://github.com/elastic/kibana/pull/57030 ,
"[alerting] initial index threshold alertType and supporting APIs",
to get it working with the existing alerting UI. The parameter shape
was different between the two, so the alertType was changed to fix
the existing UI shapes expected.
Adds the first built-in alertType for Kibana alerting, an index threshold alert, and associated HTTP endpoint to generate preview data for it.
addresses the server-side requirements for issue https://github.com/elastic/kibana/issues/53041
* Added UI support for the default action group for Alert Type Model
* Fixed set default on alert type select
* Fixed type check
* Moved setting of default alert type to the server api
* Added default value for actionGroups if it is empty in register alert type functions
* Fixed type check
* Fixed due to comments aed89377b9 Yuliia Naumenko <yuliia.naumenko@elastic.com> Feb 20, 2020 at 12:40 PM
* Renamed defaultActionGroup to defaultActionGroupId
* Fixed failing tests
Previously, when using the slack action with a url which was not whitelisted, the entire URL was reported in the error. With this change, only the hostname is reported in the error.
We want to make the Action Group i18n-able for display in the AlertDetails page, so instead of just a list of ids, the AlertType now registers an object where key is the id and value is the human readable, and translatable, value.
* Ensure update API still works when AAD is broken
* Add API integration test
* Fix ESLint errors
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Make the update API key API work when AAD is out of sync
* Make updateAPIKey only load SOC where possible
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
