* Fix error appearing if user leaves Sources page very quickly
The issue was that the response from /sources endpoint could came after the user has left the page.
Since the user has already left the page, the Sources logic is unmounted,
and any code that was using the response couldn't update the value in that logic file and caused an error.
Fortunately Kea provides a `breakpoint` API exactly for such cases:
https://kea.js.org/docs/guide/additional#breakpoints
This commit uses that API to fix the issue.
* Fix error appearing after leaving Sources page less quickly
This commit solves the same problem, but for the /status endpoint:
1) for the first status call that saves server values to the sources_logic
2) for the subsequent status calls that poll the server for the status updates
* Increase test coverage
The new test duplicates the test below it, but it doesn't set up
initial source statuses. For some reason this case was considered to be covered before,
but after seemingly unrelated changes in this PR, the coverage started to show that this
code branch was missed.
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* WIP - need to figure out how to delete old siem-detection action SO's after each test
* WIP - adds some fixes for the update rules utility that differ from patch rules utility
* fix type checks
* cleanup
* remove commented out code
* rename const to use capital snake case
* naming integration tests, adds expect for disabled rules that get migrated, adds expect for pre-migrated rules
## Summary
Removes isUuid and tests as they're not used anymore
### Checklist
Delete any items that are not applicable to this PR.
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
* Use useEndpointPrivileges instead of checking the license directly
* Use the correct privilege key
* rename variable
* Skips flaky test
* Remove skip
* Remove extra dependency
* Add back entries check
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Adds e2e tests for the legacy notification system for:
* Exporting rules
* Reading rules
* Finding rules
Also adds missing e2e tests for the non-legacy actions where they previously did not have e2e tests.
These tests ensure that the legacy notifications system will run for a while.
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
* Send Endpoint Alert _id field up as insights docs track that on status changes
* Added test to make sure top-level underscore-prefixed fields are allowed
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* clean up IField API
* disable switch when using MVTs for es docs
* clean up interface comment style
* implement supportsFieldMetaFromEs and supportsFieldMetaFromLocalData in all Field classes
* fix dynamic_color_property test
* fix jest tests
* mock getRangeFieldMeta instead of passing in VectorLayerMock with MockStyle
* review feedback
* clean up supportsFieldMetaFromLocalData test
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* ensure included fields not overwritten + reduce unnecessary renders.
* ensure editor validation works
* ensure depVar always in includes
* ensure selected runtimeField depVar option is shown
## Summary
Changes detections log level from info to debug within the detection engine. Users have been complaining about their log files filling up in excessive size from when they have noisy rules or if they have a large amount of rules enabled.
* [Maps] do not allow label overlap
* split symbol labels into seperate layer
* clean up comments
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Add support for actions on kibana.* fields and legacy signal.* fields
* Improve types and add scheduleNotificationActions test
* Unnecessary cast
* Was accidentally returning all alerts in map, instead of single alert
* Cleanup
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Only apply field aliases to legacy .siem-signals indices
* Fix unit test mocks
* Add new function for special index existence check
* Actually add new function for special index existence check
* Undo getIndexVersion change
* Add basic integration tests for field alias logic
* Add back create_index to test list
* Add missing markdown to readme
* Revert change to delete_index_route
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [Logs UI][Metrics UI] Remove deprecated config fields from APIs
* Fix typecheck
* Fix typecheck
* Fix typecheck
* Fix jest
* Fix functional test
* Remove extraneous timeField args
* Typecheck fix
* Consolidate log file changes to ResolvedLogSourceConfiguration
* Fix merge
* Revert additional logs files
* Revert inventory models
* Revert log_analysis api
* Fix timefield reference in process list
* Restore logs page files, fix typecheck on mock
* Fix functional test
* Restore inventory models index
* Fix typecheck on getFilteredMetrics
* Look CI if you don't tell me all the type errors at once I can't fix them all
* Maybe this is the last typecheck fix who knows
* Add compatibility aliases to alerts as data indices
* Fix dupe mitigation, allow more fields in mapping
* Remove legacy signals fields from new RAC alerts
* Fix cypress test
* Remove outdated comment
* Reduce flakiness in time based test
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Add `.catch()` statement to ES calls in order to get better stacktraces
* Improve efficiency of getHostEndpoint() search strategy method
* Refactor `getHostEndpoint()` to use new Metadata service as well as the internal kibana ES client
* unskip test suite
* Fix functional tests and some refactoring
* Refactor Policy Details test and centralize getting of Agent Policy combined input for endpoint
* Change approach for checking policy data in fleet pages
* Change Policy Settings displayed in Fleet to a) show a loader while retrieving settings and b) show loading errors if any
* Close any visible toasts before clicking on the save button
## Summary
Adds console logging and relaxes a few 200 checks in the end to end tests in two areas of:
* createExceptionListItem
* importFile
As recently the tests are failing around these parts and possibly we can get information on the next failures if it is from these two areas or if it's from somewhere else we are not expecting.
Also outputs the body message so if it fails in these areas we can see the message with the conflict that might help us see where the issue is arising.
### Checklist
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
* remove use of boom from info response handler; also changed unauthd response to forbidden to avoid client logging user out
* rather return 500 with err.message
* added jest tests for common cases on the info route
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
This PR removes the `monitor` cluster privilege from the `ft_ml_ui_extras` test role as it's no longer required by the categorization wizard and we want to stay close to the minimum set of required privileges for our test users.
* [ILM] Fixed ILM a11y test by creating a snapshot repo that is now required in the ILM API
* [ILM] Fixed functional test by creating a snapshot repository
* [ILM] Updated the params after es client update
* [ILM] Added filtering by policy name to the a11y test to find the correct ILM policy in the list
* [ILM] Added filtering by policy name to the a11y test to find the correct ILM policy in the list
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [ML] Retain _meta on clone
* [ML] Fix validation on schema to only check it it's defined/not null
* [ML] Remove validation because es should handle the validation already
* Change type to unknown
## Summary
* For the test of `create_endpoint_exceptions.ts` code was changed to try to reduce/remove flake. I put the code back to where it was and with the sorting introduced it all should pass
* Added `await waitForSignalsToBePresent(supertest, 1, [id]);` to areas of code that were missing.
* The `.flat` should be an added layer of protection for flakes.
### Checklist
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
## Summary
Fixes flake tests of:
https://github.com/elastic/kibana/issues/115918https://github.com/elastic/kibana/issues/103273https://github.com/elastic/kibana/issues/108640https://github.com/elastic/kibana/issues/109447https://github.com/elastic/kibana/issues/100630https://github.com/elastic/kibana/issues/94535https://github.com/elastic/kibana/issues/104260
Security solution has been using `bsearch` and has encountered flake in various forms. Different developers have been fixing the flake in a few odd ways (myself included) which aren't 100%. This PR introduces a once-in-for-all REST API retry service called `bsearch` which will query `bsearch` and if `bsearch` is not completed because of async occurring due to slower CI runtimes it will continuously call into the `bsearch` with the correct API to ensure it gets a complete response before returning.
## Usage
Anyone can use this service like so:
```ts
const bsearch = getService('bsearch');
const response = await bsearch.send<MyType>({
supertest,
options: {
defaultIndex: ['large_volume_dns_data'],
}
strategy: 'securitySolutionSearchStrategy',
});
```
If you're using a custom auth then you can set that beforehand like so:
```ts
const bsearch = getService('bsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const supertest supertestWithoutAuth.auth(username, password);
const response = await bsearch.send<MyType>({
supertest,
options: {
defaultIndex: ['large_volume_dns_data'],
}
strategy: 'securitySolutionSearchStrategy',
});
```
## Misconceptions in the tests leading to flake
* Can you just call the bsearch REST API and it will always return data first time? Not always true, as when CI slows down or data increases `bsearch` will give you back an async reference and then your test will blow up.
* Can we wrap the REST API in `retry` to fix the flake? Not always but mostly true, as when CI slows down or data increases `bsearch` could return the async version continuously which could then fail your test. It's also tedious to tell everyone in code reviews to wrap everything in `retry` instead of just fixing it with a service as well as inform new people why we are constantly wrapping these tests in `retry`.
* Can we manually parse the `bsearch` if it has `async` for each test? This is true but is error prone and I did this for one test and it's ugly and I had issues as I have to wrap 2 things in `retry` and test several conditions. Also it's harder for people to read the tests rather than just reading there is a service call. Also people in code reviews missed where I had bugs with it. Also lots of boiler plate.
* Can we just increase the timeout with `wait_for_completion_timeout` and the tests will pass for sure then? Not true today but maybe true later, as this hasn't been added as plumbing yet. See this [open ticket](https://github.com/elastic/kibana/issues/107241). Even if it is and we increase the timeout to a very large number bsearch might return with an `async` or you might want to test the `async` path. Either way, if/when we add the ability we can increase it within 1 spot which is this service for everyone rather than going to each individual test to add it. If/when it's added if people don't use the bsearch service we can remove it later if we find this is deterministic enough and no one wants to test bsearch features with their strategies down the road.
## Manual test of bsearch service
If you want to manually watch the bsearch operate as if the CI system is running slow or to cause an `async` manually you manually modify this setting here:
https://github.com/elastic/kibana/blob/master/src/plugins/data/server/search/strategies/ese_search/request_utils.ts#L61
To be of a lower number such as `1ms` and then you will see it enter the `async` code within `bsearch` consistently
## Reference PRs
We cannot set the wait_for_complete just yet
https://github.com/elastic/kibana/issues/107241 so we decided this was the best way to reduce flake for testing for now.
### Checklist
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
This commit introduces the multi-layer time axis in Discover, Lens, Visualize, TSVB.
It adds visualization:useLegacyTimeAxis advanced settings under charts plugin to toggle legacy time axis.
The new multi-layer time axis is introduced in @elastic/charts https://elastic.github.io/elastic-charts/?path=/story/area-chart--timeslip and was demoed as part of the Kibana Demo Days.
It is the outcome of the research done in elastic/elastic-charts#1310 related to improving the time axis solving the following problems:
- sparse time labels that can be far apart
- unclear where time point is on the label (the middle)
- difficult / tedious to read due to redundant information and small fonts
- resolution is not explicit (is it hours of days or days themselves)
* [Canvas] Generic embeddable function (#104499)
* Created generic embeddable function
Fixed telemetry
Updates expression on input change
Fixed ts errors
Store embeddable input to expression
Added lib functions
Added comments
Fixed type errors
Fixed ts errors
Clean up
Removed extraneous import
Added context type to embeddable function def
Fix import
Update encode/decode fns
Moved embeddable data url lib file
Added embeddable test
Updated comment
* Fix reference extract/inject in embeddable fn
* Simplify embeddable toExpression
* Moved labsService to flyout.tsx
* Added comment
* [Canvas] Adds Save and Return Workflow (#111411)
* [Canvas] Adds editor menu to Canvas (#113194)
* Merge existing embeddable input with incoming embeddable input (#116026)
* [Canvas] Extract and inject references for by-value embeddables (#115124)
* Extract/inject references for by-value embeddables in embeddable function
Fixed server interpreter setup
Register external functions in canvas_plugin_src plugin def
* Fixed ref name in embeddable.inject
* Fixed ts errors
* Fix missing type error
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>