* Do not display threshold field for an ML Rule
* Give 'read' privileges to 'all' users
We have several lists routes that require lists-read access. If the user
was given the 'all' privilege for securitySolution, they would
previously be locked out of those routes.
Add validation to reject when value list and other exception type are entries in the same exception item. Also adds tests for this situation on the schema validation
This PR removes the alerting and actions ui privileges (alerting:show, actions:show, etc...) and instead relies on the standard Kibana feature control model to decide whether management displays the Alerts Management section under management.
## Full screen fixes for Timeline based views
- Fixes an issue where sometimes, Global navigation is hidden until the page is scrolled when exiting full screen mode
- Improves performance by adding an intent delay before showing the draggable wrapper hover menu
- Removes an unnecessary CSS transition
### Sometimes, Global navigation is hidden until the page is scrolled when exiting full screen mode
Sometimes, after exiting `Full screen` mode in a page, for example, the `Detections` page, the global navigation, e.g. `Overview Detections Hosts...` is hidden until the page is scrolled.
To reproduce:
1) Navigate to the `Detections` page
2) Click the `Full screen` button in the table
3) Without scrolling the full screen view, click the `Exit full screen` button
**Expected result**
- [x] The global navigation e.g. `Overview Detections Hosts...` is visible above the search bar, per the screenshot below:
![correct-global-navigation](https://user-images.githubusercontent.com/4459398/87717870-571bef80-c76e-11ea-8b7b-1850094326b3.png)
4) Once again, click the `Full screen` button in the table
5) This time, expand an event, which will scroll the view
6) Once again, click the `Exit full screen` button
**Expected result**
- [x] The global navigation e.g. `Overview Detections Hosts...` is visible above the search bar
**Actual result**
- [ ] Sometimes, the global navigation e.g. `Overview Detections Hosts...` is **not** visible until the page is scrolled
This PR removes the use of ESO migration from alerting as we do not actually need this until the RBAC work lands, which should be 7.10.
This allows us to concentrate the challenges of introducing RBAC into one single release which hopefully will help us better mitigate potential regressions.
* removes not needed configuration
* fixes events columnts tests
* unksips persisten timeline test
* fixes failing test
* skips events test since need more time for investigation
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* add unit test for failure cases
* add unit tests
* update wording
* fix error when update template without ttid or ttversion
* fix unit test
* add comment
* review
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Add test for logs and metrics telemetry
* wait before you go
* Remove kubenetes
* Fix type check
* Add back kubernetes test
* Remove kubernetes
* Don't allow deleting default default view.
* Fix bug with duplicate loads of data.
Because the load data function takes options.source and the source of options can change, we need to remove it from deps
* Remove unused variable
* Reload when loadData function is changed
* Don't send the request immediately
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
## Summary
This PR is somewhat of an intermediary step. Comments on exception list items are denormalized. We initially decided that we would not add `uuid` to comments, but found that it is in fact necessary. This is intermediary in the sense that what we ideally want to have is a dedicated `comments` CRUD route.
Also just note that I added a callout for when a version conflict occurs (ie: exception item was updated by someone else while a user is editing the same item).
With this PR users are able to:
- Create comments when creating exception list items
- Add new comments on exception item update
Users will currently be blocked from:
- Deleting comments
- Updating comments
- Updating exception item if version conflict is found
* Do not disable the Launch App Search button on the error page
- so users always have access to App Search
* Add troubleshooting steps that mention user authentication
- more info can be found in setup guide
* Tweak styling/spacing on troubleshooting steps
* Copyedits (thanks Chris!)
The link was including `serviceName` from the `urlParams` so it was linking to the wrong service. Overwrite the service name so the link is correct.
Fixes#72911.