* [ML] add mappings for the new rule type
* [ML] add telemetry for enabled health checks
* [ML] update xpack_plugins.json
Co-authored-by: Dima Arnautov <dmitrii.arnautov@elastic.co>
* move activity log paging method close to call api method
refs 417d093a29
* add middleware additional activity log tests
* add a more specific server side test for activity log actions and responses
refs elastic/kibana/pull/101032
* remove obsolete server side audit log index mock method
refs elastic/kibana/pull/101032
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Ashokaditya <am.struktr@gmail.com>
* Extracting saved object references before saving action_task_params saved object
* Injecting saved object ids from references when reading action_task_param
* Adding migration
* Adding unit test for migrations
* Not differentiating between preconfigured or not
* Adding functional test for migration
* Skip extracting action id if action is preconfigured
* Only migrating action task params for non preconfigured connectors
* Simplifying related saved objects
* Fixing functional test
* Fixing migration
* Javascript is sometimes magical
* Updating functional test
* PR feedback
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: ymao1 <ying.mao@elastic.co>
* [ML] Fixing missing final new line character issue
* adding tests
* tiny refactor
* test fixes based on review
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: James Gowdy <jgowdy@elastic.co>
* Chore(TSVB): Replace aggregations lookup with map
* Fix types, update test expected data and remove unused translations
* Correct typo and refactor condition in std_metric
* Fix metric type
* Fix CI and label for Bucket Script
* Update agg_utils.test expected data
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* remove any in trigger registry
* improve comments
* remove all anys from ui_actions plugin
* fix formatting suggestions
Co-authored-by: Vadim Kibana <82822460+vadimkibana@users.noreply.github.com>
* add alert permission in o11y
* review I
* review II
* fix selection all when checkbox disabled
* fix selected on bulk actions
Co-authored-by: Xavier Mouligneau <189600+XavierM@users.noreply.github.com>
## Summary
Updates the `TGrid` to use `EuiDataGrid` [schemas](https://eui.elastic.co/#/tabular-content/data-grid-schemas-and-popovers/) as suggested by @snide in the following issue: <https://github.com/elastic/kibana/issues/108894>
## Desk testing
1) In the `Security Solution`, navigate to `Security > Rules` and enable multiple detection rules that have different `Risk Score`s
**Expected result**
- The Detection Engine generates alerts (when the rule's criteria is met) that have different risk scores
2) Navigate to the `Security > Alerts` page
**Expected results**
As shown in the screenshot below:
- The alerts table is sorted by `@timestamp` in descending (Z-A) order, "newest first"
- The `@timestamp` field in every row is newer than, or the same time as the row below it
- The alerts table shows a non-zero count of alerts, e.g. `20,600 alerts`
_Above: At page load, the alerts table is sorted by `@timestamp` in descending (Z-A) order, "newest first"_
3) Observe the count of alerts shown in the header of the alerts table, e.g. `20,600 alerts`, and then change the global date picker in the KQL bar from `Today` to `Last 1 year`
**Expected results**
- The golbal date picker now reads `Last 1 year`
- The count of the alerts displayed in the alerts table has increased, e.g. from `20,600 alerts` to `118,709 alerts`
- The `@timestamp` field in every row is (still) newer than, or the same time as the row below it
4) Click on the `@timestamp` column, and choose `Sort A-Z` from the popover, to change the sorting to ascending, "oldest first", as shown in the screenshot below:
_Above: Click `Sort A-Z` to sort ascending, "oldest first"_
**Expected results**
As shown in the screenshot below:
- The alerts table is sorted by `@timestamp` in ascending (A-Z) order, "oldest first"
- The `@timestamp` field in every row is older than, or the same time as the row below it
- `@timestamp` is older than the previously shown value, e.g. `Aug 3` instead of `Aug 24`
_Above: The alerts table is now sorted by `@timestamp` in ascending (A-Z) order, "oldest first"_
5) Click on the `Risk Score` column, and choose `Sort A-Z` from the popover, to add `Risk Score` as a secondary sort in descending (Z-A) "highest first" order, as shown in the screenshot below:
_Above: Click `Sort A-Z` to add `Risk Score` as a secondary sort in descending (Z-A) "highest first" order_
**Expected results**
- The alerts table re-fetches data
- The alerts table shows `2 fields sorted`
6) Hover over the alerts table and click the `Inspect` magnifiing glass icon
**Expected result**
- The `Inspect` modal appaers, as shown in the screenshot below:
_Above: the `Inspect` modal_
7) Click the `Request` tab, and scroll to the `sort` section of the request
**Expected result**
Per the JSON shown below:
- The request is sorted first by `@timestamp` in ascending (A-Z) order, "oldest first"
- The request is sorted second by `signal.rule.risk_score` descending (Z-A) "highest first" order
```json
"sort": [
{
"@timestamp": {
"order": "asc",
"unmapped_type": "date"
}
},
{
"signal.rule.risk_score": {
"order": "desc",
"unmapped_type": "number"
}
}
],
```
8) Click `Close` to close the `Inspect` modal
9) Click `2 fields sorted` to display the sort popover
10) Use the drag handles to, via drag-and-drop, update the sorting such that `Risk Score` is sorted **before** `@timestamp`, as shown in the screenshot below:
_Above: Use the drag handles to, via drag-and-drop, update the sorting such that `Risk Score` is sorted **before** `@timestamp`_
**Expected results**
As shown in the screenshot below:
- The table is updated to be sorted first by the higest risk score, e.g. previously `47`, now `73`
- The alerts table is sorted second by `@timestamp` in ascending (A-Z) order, "oldest first", and *may* have changed, e.g. from `Aug 3` to `Aug 12`, depending on the sample data in your environment
_Above: The alerts table is now sorted first by highest risk score_
11) Once again, hover over the alerts table and click the `Inspect` magnifiing glass icon
12) Once again, click the `Request` tab, and scroll to the `sort` section of the request
**Expected result**
Per the JSON shown below:
- The request is sorted first by `signal.rule.risk_score` in descending (Z-A) "highest first" order
- The request is sorted second by `@timestamp` in ascending (A-Z) order, "oldest first"
```json
"sort": [
{
"signal.rule.risk_score": {
"order": "desc",
"unmapped_type": "number"
}
},
{
"@timestamp": {
"order": "asc",
"unmapped_type": "date"
}
}
],
```
Co-authored-by: Andrew Goldstein <andrew-goldstein@users.noreply.github.com>
* Adds owner to presentation team plugin kibana.json. Updated CODEOWNERS
* Adds a few more owners for presentation
# Conflicts:
# .github/CODEOWNERS
# src/plugins/dashboard/kibana.json
* Set up cypress-axe
@see https://github.com/component-driven/cypress-axe
* DRY out Kibana axe rules into constants that Cypress can use
* Create shared & configured checkA11y command
+ fix string union type error
+ remove unnecessary tsconfig exclude
* Add Overview plugin a11y tests
* Add AS & WS placeholder a11y checks
- Mostly just re-exporting the shared command and checking for failures, I only ran this after the shared axe config settings and found no failures
* Configure our axe settings further to catch best practices
- notably heading level issues (thanks Byron for catching this!)
- however I now also need to set an ignore on a duplicate landmark violation caused by the global header (not sure why it's showing up - shouldn't it be out of context? bah)
- remove option to pass args into checkA11y - I figure it's not super likely we'll need to override axe settings per-page (vs not running it), but we can pass it custom configs or args later if needed
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Constance <constancecchen@users.noreply.github.com>
* [Maps] fix choropleth map with applyGlobalQuery set to false still creates filter for source.
* cleanup functional test
* eslint
* fix functional test
* add inidication in tooltip when field is join key
* copy updates
* update jest test
* eslint
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Nathan Reese <reese.nathan@gmail.com>
* Add backup step with static content and link to Snapshot and Restore.
* Add snapshot_restore locator.
* Remove unnecessary describe block from Upgrade Step tests.
* Remove unused render_app.tsx.
* Make "Add more sources" button take users to Add Sources instead of Sources
* Remove several redundant variables in codebase
`canCreateInvitations` and `canCreateContentSources` are always true for admin.
If someone can access admin dashboard, we can safely assume that they are admin.
`isCurated` is outdated variable and backend always returns it as false.
* Add redirect from workplace_search/p/ to workplace_search/p/sources/
Before workplace_search/p/ was returning 404
* Fix redirect always being fired on `workplace_search/p/sources/add` page load
When opening `workplace_search/p/sources/add` as a bookmark or reloading this page,
Sources router first get rendered *before* it receives the canCreatePersonalSources value.
This results in canCreatePersonalSources always being undefined on the first render,
and user always getting redirected to `workplace_search/p/sources`.
Here we check for this value being present before we render any routes.
Co-authored-by: Vadim Yakhin <yakhin.v@gmail.com>
