* Expose FatalErrors from the Start contract.
This API is intended to be used for runtime as well.
* update docs
* update data plugin snapshot to fix tests
* address comments
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Fix bug #54887
- Filters are not only fetch once on timefilter change
- Make sure that discover doesn't fetch data when a disabled filter is changed
- Support compareFilters on an array of filters.
- Added tests to compare filters
- Exctracted sortFilters and added tests to it.
* code review + FilterCompareOptions
* Remove sort by
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Fix z-index of logs page toolbar
* Extract `FixedDatePicker` from log setup page, and use it in the stream page
* Clean unused import
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
- Fixes passing on the severity value correctly to anomaly explorer charts. The wrong value of undefined being passed down caused anomaly markers not showing up.
- This bug surfaced that the severity value was never applied to filter multi-bucket anomalies which is now also fixed by this PR.
- Adds a check if topInfluencers is an array.
* display not found page instead of throwing an error when accessible unavailable app
* move types to public folder
* fix types import
* remove updater from start app
* remove unnecessary await
Replaces AppState in edit_index_pattern with state containers and state syncing utils.
In addition makes tab navigation on edit_index_pattern work with browser's undo history
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* adds logic for returning / updating status when a rule is switched from enabled to disabled and vice versa.
* update response for find rules statuses to include current status and failures
* update status on demand and on enable/disable
* adds ternary to allow removal of 'let'
* adds savedObjectsClient to the add and upate prepackaged rules and import rules route.
* fix bug where convertToSnakeCase would throw error 'cannot convert null or undefined to object' if passed null
* genericize snake_case converter and updates isAuthorized to snake_case (different situation)
* renaming to 'going to run' instead of executing because when task manager exits because of api key error it won't write the error status so the actual status is 'going to run' on the next interval. This is more accurate than being stuck on 'executing' because of an error we don't control and can't write a status for.
* fix missed merge conflict
Co-authored-by: Xavier Mouligneau <189600+XavierM@users.noreply.github.com>
* add isCamelCase function
* add a warning if id is not in camelCase
* document pluginId expected in camelCase
* regen docs
* add a test for logging
* update tests. warn can be called several times for different reasons
* pluginPath falls back to plugin id in snake_case
* update tests
* update docs
* add example with id & configPath different formats
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* update extra action on rule detail to match design
* remove experimental label
* allow pre-package to be deleted + do not allow wrong user to create pre-packages rules
* Additional look back minimum value to 1
* fix flow with edit rule
* add success toaster when rule is created or updated
* Fix Timeline selector loading
* review ben doc + change detectin engine to detection even in url
* Succeeded text size consistency in rule details page
* fix description of threats
* fix test
* fix type
* fix internatinalization
* Update x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/create/translations.ts
Co-Authored-By: Garrett Spong <spong@users.noreply.github.com>
* Update x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/edit/translations.ts
Co-Authored-By: Garrett Spong <spong@users.noreply.github.com>
* Update x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_schedule_rule/schema.tsx
Co-Authored-By: Garrett Spong <spong@users.noreply.github.com>
* review I
* fix type
Co-authored-by: Garrett Spong <spong@users.noreply.github.com>
* Revert "Add label and icon to nested fields in the doc table (#54199)"
This reverts commit f77b3620
* Apply label and icon to nested fields in the doc table
* Add nested type to field_icon
* Improve nested test and add comment
* Fix tests
* Always pass the field type
## Summary
Fixes regression with immutable caused from:
https://github.com/elastic/kibana/pull/55004
* Updated types of Prepackaged
* Updated unit tests
* Fixed unit test for it
Testing:
```
./post_rule.sh
{
"created_at": "2020-01-17T19:11:31.813Z",
"updated_at": "2020-01-17T19:11:31.813Z",
"created_by": "elastic_kibana",
"description": "Query with a rule_id that acts like an external id",
"enabled": true,
"false_positives": [],
"from": "now-6m",
"id": "41ef6309-ef98-4c9f-8d2d-90a070361fb7",
"immutable": false,
"interval": "5m",
"rule_id": "query-rule-id",
"language": "kuery",
"output_index": ".siem-signals-frank-hassanabad-default",
"max_signals": 100,
"risk_score": 1,
"name": "Query with a rule id",
"query": "user.name: root or user.name: admin",
"references": [],
"severity": "high",
"updated_by": "elastic_kibana",
"tags": [],
"to": "now",
"type": "query",
"threats": [],
"version": 1
}
```
Then get the saved object using whatever the id is comes back from above. In this example it is 41ef6309-ef98-4c9f-8d2d-90a070361fb7, yours will be different
```
./get_saved_objects.sh alert 41ef6309-ef98-4c9f-8d2d-90a070361fb7
{
"id": "41ef6309-ef98-4c9f-8d2d-90a070361fb7",
"type": "alert",
"updated_at": "2020-01-17T19:11:32.844Z",
"version": "WzY5NTQsMV0=",
"attributes": {
"name": "Query with a rule id",
"tags": [
"__internal_rule_id:query-rule-id",
"__internal_immutable:false"
],
"alertTypeId": "siem.signals",
"consumer": "siem",
"params": {
"createdAt": "2020-01-17T19:11:31.813Z",
"description": "Query with a rule_id that acts like an external id",
"ruleId": "query-rule-id",
"index": null,
"falsePositives": [],
"from": "now-6m",
"immutable": false,
"query": "user.name: root or user.name: admin",
"language": "kuery",
"outputIndex": ".siem-signals-frank-hassanabad-default",
"savedId": null,
"timelineId": null,
"timelineTitle": null,
"meta": null,
"filters": null,
"maxSignals": 100,
"riskScore": 1,
"severity": "high",
"threats": [],
"to": "now",
"type": "query",
"updatedAt": "2020-01-17T19:11:31.813Z",
"references": [],
"version": 1
},
"schedule": {
"interval": "5m"
},
"enabled": true,
"actions": [],
"throttle": null,
"apiKeyOwner": "elastic_kibana",
"createdBy": "elastic_kibana",
"updatedBy": "elastic_kibana",
"createdAt": "2020-01-17T19:11:32.245Z",
"muteAll": false,
"mutedInstanceIds": [],
"scheduledTaskId": "2c5cc340-395d-11ea-9276-d3c1c264ca9a"
},
"references": []
}
```
Ensure you have the internal immutable of "__internal_immutable:false" In your tags
Next test is to do a find filter of non-packaged rules:
```
./find_rule_by_filter.sh "alert.attributes.tags:%20%22__internal_immutable:false%22"
```
You should get back the above rule any others you created.
### Checklist
Use ~~strikethroughs~~ to remove checklist items you don't feel are applicable to this PR.
~~- [ ] This was checked for cross-browser compatibility, [including a check against IE11](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility)~~
~~- [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)~~
~~- [ ] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials~~
- [x] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios
~~- [ ] This was checked for [keyboard-only and screenreader accessibility](https://developer.mozilla.org/en-US/docs/Learn/Tools_and_testing/Cross_browser_testing/Accessibility#Accessibility_testing_checklist)~~
### For maintainers
~~- [ ] This was checked for breaking API changes and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~~
- [x] This includes a feature addition or change that requires a release note and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)
* Use our internal uiSettings mock in all context mocks
We were previously only using our internal uiSettings mock (which
returns real values) in our TestProviders component, as
all tests either needed:
* specific mocks, in which case we'd call jest.mock() ourselves
* broad mocks, for which platform's kibana_react mocks were usually
sufficient
However, a recent addition in the Timeline component added a usage of
uiSettings that could not use the default mock.
With this change, one can either jest.mock('lib/kibana') or use the
TestProviders wrapper to get real values for UI settings in test.
* Remove production code guarding against tests
This coalescence was due to the service not being properly mocked in
test, which is now fixed.
* WIP Fixing map tiles and such
* Small comment and importing map from dolash
* Better destructuring and comments
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* EUIficate the sidebar
* Create a state reducer and a state context
* Create an editor context and actions
* Improve types
* Apply aggs reordering
* Fix functionality
* Improve types
* Fix sub_agg changes
* Remove legacy dependencies
* Watch dirty state
* Fix dirty state changes
* Update actions and reducers
* Handle keyboard submit
* Apply editor form validation
* Remove fancy forms
* Update validation
* Use embeddable instead of visualize loader
* Add auto apply behavior
* Remove legacy styles
* Remove the sidebar
* Restrict responsive to the bottom_bar
* Upgrade @elastic/eui to v14.10.0
* Replace EuiBottomBar with EuiControlBar
* Get rid of mutations in control vis
* Revert "Upgrade @elastic/eui to v14.10.0"
This reverts commit 2cd86c51d2.
* Replace bottom bar with a control panel for sidebar
* Replace selectors
* Use editor resizer
* Apply selectors
* Change selectors
* Fix sub agg change values
* Add collapse button
* Fix tests
* Get rid of editor editor_state_context, simplify the code
* Fix jest tests, update snapshots
* Fix types
* Moving collapse button to right of index pattern
* Tweaks bottom buttons
* Moved Vega buttons so they don’t scroll away
* Fix responsiveness
* Resolve UI comments
* Fix console resizer
* Update dev docs
* Bail out of additional render in metrics and axes
* Apply performance optimizations for metrics and axis panel
* Remove unused translations
* Use debounce when autoapply enabled
Co-authored-by: Caroline Horn <549577+cchaos@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
