* Changed actions API endpoints urls to follow Kibana STYLEGUIDE
* Fixed tests
* fixed test
* fixed test
* resolved conflicts
* Fixed siem tests
* Fixed failing test
* fixed readme and test
* Changed actions api urls to follow the template 'api/{plugin}/{type}/{id}
* Fixed type checks
* Fixed tests and API
* fixed tests
* Fixed type checks
* fixed type check
* make alert saved object type hidden
* fix support for hidden alert type in alerting tests
* updated api docs
* fixed some missing types and unused imports
* fixed test broken by field rename
* added support for including hidden types in saved objects client
* fixed merge conflict
* cleaned up some test descriptions
* adds a getClient api to Encrypted Saved Objects
* fixed alerts fixture
* added missing plugin type in alerting
* removed unused field
* chaged ESO api to an options object as per Security teams request
* fixed usage of eso client
* fixed typos and oversights
* split alerts file into two - for actions and alerts
* Allow registered alert types to be non-editable
* Fixed isUiEditEnabled values
* Fixed due to comments
* fixed failing tests
* Enable alert type selection per alert consumer, only 'alerting' consumer can display other consumers alert types, but in case if it isEditable
* fixed tests
* Removed consumer property from the client side alert type registry and added server side property producer which purpose is to manage a feature logic
* fixed type check
* Fixed tests and type checks
* Removed error message for non registered plugins
* Fixed failing tests
* Fixed due to comments
* fixed test
* -
* revert logic for requiresAppContext
* Added close toast after saving alert
This PR migrates the vast majority of Alerting legacy code to the Kibana Platform.
This includes:
1. Removed legacy Task Manager
2. Migrates Fixture plugins in Alerting, Triggers UI and Task Manager Perf
This does not includes:
1. The PagerDuty simulator due to a lack of support for custom responses in the platform. issue opened. https://github.com/elastic/kibana/issues/65045
2. The Webhooks simulator due to a lack of support for custom authorisation. Requires investigation.
Completes the migration of all Alerting Services plugins onto the Kibana Platform
It includes:
1. Actions plugin
2. Alerting plugin
3. Task Manager plugin
4. Triggers UI plugin
And touches the Uptime and Siem plugins as their use of the Task Manager relied on some of the legacy lifecycle to work (registering AlertTypes and Telemetry tasks after the Start stage has already began). The fix was simply to moves these registrations to the Setup stage.
resolves https://github.com/elastic/kibana/issues/63162
Most of the support for pre-configured actions has already been added
to Kibana, except for one small piece. The ability for them to be
executed. This PR adds that support.
* Implemented actions server API for supporting preconfigured connectors defined in kibana.yaml
* Fixed type check
* Fixed due to comments and extended functional tests
* Fixed tests and renamed connectors
* fixed jest tests
* Fixed type checks
* Fixed failing alert save
* Fixed alert client tests
* fixed type checks
* Fixed language check error
* Fixed jest tests
* Added missing comments and docs
* fixed due to comments
* Fixed json config for preconfigured
* fixed type check, reverted config
* config experiment with json stringify
* revert experiment
* Removed the spaces from connector names in config
resolves https://github.com/elastic/kibana/issues/61056
When the index action params moved into config, the `schema.maybe()` on the
`executionTimeField` should have been changed to `schema.nullable()`, otherwise
you can never "unset" the field, once it's set.
Changes rippled down to the UI as well.
To be extra safe, we also check that the `executionTimeField` isn't an empty
string when trimmed, as ES will not accept a document with a property that is
the empty string.
resolves https://github.com/elastic/kibana/issues/57143
Currently, the built-in email action requires user/password properties to be
set in it's secrets parameters. This PR changes that requirement, so they
are no longer required.
* Define minimum license required for each action type (#58668)
* Add minimum required license
* Require at least gold license as a minimum license required on third party action types
* Use strings for license references
* Ensure license type is valid
* Fix some tests
* Add servicenow to gold
* Add tests
* Set license requirements on other built in action types
* Use jest.Mocked<ActionType> instead
* Change servicenow to platinum
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Make actions config mock and license state mock use factory pattern and jest mocks (#59370)
* Add license checks to action HTTP APIs (#59153)
* Initial work
* Handle errors in update action API
* Add unit tests for APIs
* Make action executor throw when action type isn't enabled
* Add test suite for basic license
* Fix ESLint errors
* Fix failing tests
* Attempt 1 to fix CI
* ESLint fixes
* Create sendResponse function on ActionTypeDisabledError
* Make disabled action types by config return 403
* Remove switch case
* Fix ESLint
* Add license checks within alerting / actions framework (#59699)
* Initial work
* Handle errors in update action API
* Add unit tests for APIs
* Verify action type before scheduling action task
* Make actions plugin.execute throw error if action type is disabled
* Bug fixes
* Make action executor throw when action type isn't enabled
* Add test suite for basic license
* Fix ESLint errors
* Stop action task from re-running when license check fails
* Fix failing tests
* Attempt 1 to fix CI
* ESLint fixes
* Create sendResponse function on ActionTypeDisabledError
* Make disabled action types by config return 403
* Remove switch case
* Fix ESLint
* Fix confusing assertion
* Add comment explaining double mock
* Log warning when alert action isn't scheduled
* Disable action types in UI when license doesn't support it (#59819)
* Initial work
* Handle errors in update action API
* Add unit tests for APIs
* Verify action type before scheduling action task
* Make actions plugin.execute throw error if action type is disabled
* Bug fixes
* Make action executor throw when action type isn't enabled
* Add test suite for basic license
* Fix ESLint errors
* Stop action task from re-running when license check fails
* Fix failing tests
* Attempt 1 to fix CI
* ESLint fixes
* Return enabledInConfig and enabledInLicense from actions get types API
* Disable cards that have invalid license in create connector flyout
* Create sendResponse function on ActionTypeDisabledError
* Make disabled action types by config return 403
* Remove switch case
* Fix ESLint
* Disable when creating alert action
* Return minimumLicenseRequired in /types API
* Disable row in connectors when action type is disabled
* Fix failing jest test
* Some refactoring
* Card in edit alert flyout
* Sort action types by name
* Add tooltips to create connector action type selector
* Add tooltips to alert flyout action type selector
* Add get more actions link in alert flyout
* Add callout when creating a connector
* Typos
* remove float right and use flexgroup
* replace pixels with eui variables
* turn on sass lint for triggers_actions_ui dir
* trying to add padding around cards
* Add callout in edit alert screen when some actions are disabled
* improve card selection for Add Connector flyout
* Fix cards for create connector
* Add tests
* ESLint issue
* Cleanup
* Cleanup pt2
* Fix type check errors
* moving to 3-columns cards for connector selection
* Change re-enable to enable terminology
* Revert "Change re-enable to enable terminology"
This reverts commit b497dfd6b6.
* Add re-enable comment
* Remove unecessary fragment
* Add type to actionTypeNodes
* Fix EuiLink to not have opacity of 0.7 when not hovered
* design cleanup in progress
* updating classNames
* using EuiIconTip
* Remove label on icon tip
* Fix failing jest test
Co-authored-by: Andrea Del Rio <delrio.andre@gmail.com>
* Add index to .index action type test
* PR feedback
* Add isErrorThatHandlesItsOwnResponse
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Andrea Del Rio <delrio.andre@gmail.com>
* Apply action types to fields
* Add information to each field
* Do not create or update comments when actionType is set to nothing
* Improve helpers tests
* Improve tests
* Refactor: Use transformers and pipes
* Better types
* Refactor tests to new changes
* Better error messages
* Improve field formatting and display
* Improve integration tests
* Make username mandatory field
* Translate transformers
* Refactor schema
* Translate appendInformationToField helper
* Improve intergration tests
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Moved index params fields to connector config
* Fixed type check issue
* Fixing functional tests
* Fixed due to comments
* Fixed functional tests
* Fixed tests and type check
resolves https://github.com/elastic/kibana/issues/58529
This PR extends alertType with an `actionVariables` property, which
describes the properties of the context object passed when scheduling
actions, and the current state. These property descriptions are used
by the web ui for the alert create and edit forms, to allow the properties
to be added to action parameters as mustache template variables.
This is a pre-cursor to https://github.com/elastic/kibana/issues/58529
I realized a bit ago that we weren't making quite enough info available
in the action parameter templating that happens when alerts schedule
actions to execute. Missing were alert name, tags, and spaceId.
For the index threshold alert, I had added them to it's context, but
then every other action would have to do the same if they also
wanted those values.
So I added these as additional top-level variables that can be
used in templates, along with the alert id, alert instance id,
context, and state. The other bits in RawAlert didn't seem
that interesting, to be used as an action parameter.
* use inline snapshots instead of snapshots
* hide input value from error messages
* update core snapshots
* update xpack snapshots
* fix ftr assertions
* fix new snapshots
* hide values for byte_size and duration
* update new snapshots
* remove another byte_size value reference
* fix yet another value references in error messages
* update xpack snapshots
* update xpack ftr assertions
* Add custom action to registry and show actions list in siem
* Exposed action form as reusable component
* Fixed few small bugs
* Fixed red ci
* Fixed type checks
* Fixed failed tests
* Fixed due to comments
* Fixed type check errors
* Fixed plugin check
* Rebalancing CI groups according to #58930
* Fixed merge issues
* Added UI support for the default action group for Alert Type Model
* Fixed set default on alert type select
* Fixed type check
* Moved setting of default alert type to the server api
* Added default value for actionGroups if it is empty in register alert type functions
* Fixed type check
* Fixed due to comments aed89377b9 Yuliia Naumenko <yuliia.naumenko@elastic.com> Feb 20, 2020 at 12:40 PM
* Renamed defaultActionGroup to defaultActionGroupId
* Fixed failing tests
Previously, when using the slack action with a url which was not whitelisted, the entire URL was reported in the error. With this change, only the hostname is reported in the error.
We want to make the Action Group i18n-able for display in the AlertDetails page, so instead of just a list of ids, the AlertType now registers an object where key is the id and value is the human readable, and translatable, value.
* Ensure update API still works when AAD is broken
* Add API integration test
* Fix ESLint errors
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Make the update API key API work when AAD is out of sync
* Make updateAPIKey only load SOC where possible
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Fix enable and disable API to still work when AAD is broken
* Load SO once before fallback
* Fix comment
* Invalidate API key if any in enable API
* Add missing integration test
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Enables access to the Alert State, which allows us to see which current Alert Instances are active.
This includes:
1. Addition of a `get` api on Task Manager
2. Typing and validation on Serialisation & Deserialisation of the State of an Alert's underlying Task
3. Addition of the `getAlertState` api on AlertsClient
* Cleanup action task params saved objects after use
* Fix jest tests
* Add integration test to ensure object gets cleaned up
* Add unit tests
* Fix comment
* Re-use updated_at instead of creating createdAt
* Consider null/undefined returned from executor as success as well
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
resolves https://github.com/elastic/kibana/issues/50522
The alert executor function is now passed these additional alert-specific
properties as parameters:
- spaceId
- namespace
- name
- tags
- createdBy
- updatedBy
When users are writing UI's they need to see when an alert was created and when it was last updated, to this end we've added these two fields on the alert type.
