## [SIEM] Overview Page "1.5"
A redesigned SIEM Overview page that includes `Recent timelines`, a `Security news` feed, visualizations, and rolled-up event counts
### Overview enhancements
- Added the global Search bar and Date picker to the Overview page
- New `Recent timelines` widget affords quick access to favorite and recently modified timelines
- New `Security news` widget
- New Kibana advanced settings (toggle switch) for enabling or disabling the news widget and configuring the news URL
- New `Events count by dataset` widget
- Updated the `Host Events` and `Network Events` widgets to integrate with the Search bar and date picker input
- Enhanced the `Host Events` and `Network Events` widgets to use an accordion paradigm that summarizes stats by source (e.g. `Auditbeat`, `Endgame`)
- Enhanced the `Host Events` and `Network Events` widgets to visualize relative percentages of events collected as progress bars
- New `Alerts count by category` widget
- New `Signals count by MITRE ATT&CK™ category` widget
- New `View events`, `View alerts`, and `View signals` navigation buttons for their respective visualizations
### FTUE enhancements
- FTUE "no data" view design refresh
- When the FTUE "no data" page is displayed, hide all global navigation links (i.e. `Hosts`, `Network`, `Detection engine`), such that only `Overview` appears in the global nav
- App Help popover design refresh
- Removed the `Beta` badge and `Security Information & Event Management with the Elastic Stack` from the Overview header
- Tested in Chrome `79.0.3945.117`, Firefox `72.0.1`, and Safari `13.0.4`
## Known issues
- The `siem:newsFeedUrl` advanced setting is defaulted to `https://feeds.elastic.co/kibana`
- The `Signals count by MITRE ATT&CK™ category` visualization does not display all categories
- The `Signals count by MITRE ATT&CK™ category` visualization may require a different index pattern
- `EuiButtonGroup` throwing a `Can't perform a React state update on an unmounted component` warning when switching from the Overview tab
https://github.com/elastic/siem-team/issues/484
* Support deprecating label in advanced settings
mark courier:batchSearches as deprecated
* jest update
* Add deprecation to UiSettingsParams type
Translate click aria label
Use docLinks service
* Rename doc link
* Remove url option from DeprecationSettings
* Simplify code
* Updated docs
* Revert "Updated docs"
This reverts commit c9512ced1f.
* snapshots
* docs
* add unimplemented registerAppStatusUpdater & remove observers for apps and legacyApps
* adapt NavLinksService to use new application observables
* merge availableApps$ and availableLegacyApps$
* updating core docs
* adapt the navLink updating methods
* filters the inaccessible apps from availableApps$
* restrict access to navigateToApp depending on app status
* fixes due to merge
* add statusUpdater$ to AppBase
* export new types
* disable navlink depending on app status
* update generated doc
* update snapshots for disabled prop
* Address josh review
* Address review comments
* fix merge conflicts
* adapt changes due to merge
* update generated doc
* add comment and fix navlink url for custom url apps
* add AppNavLinkStatus type to split app/navlink states
* fix typo
* review comments and improvements
* add functional tests
* update generated docs and migration guide
* fix wrong type cast on AppsMenuProvider.readLinks
* properly type return of navigateToApp
* Initial role mappings UI
* apply design edits
* address PR feedback
* fix type cast for number field
* Update x-pack/legacy/plugins/security/public/views/management/role_mappings/edit_role_mapping/components/mapping_info_panel/mapping_info_panel.tsx
Co-Authored-By: Joe Portner <5295965+jportner@users.noreply.github.com>
* Cleanup FTR configuration, and handle role mapping 404 errors properly
* align naming of role mappings feature check
* Apply suggestions from code review
Co-Authored-By: Brandon Kobel <brandon.kobel@gmail.com>
* add missing test assertions
* inlining feature check logic
* switch to using snapshot
* use href instead of onClick
* adding delete unit test
* consolidate href building
* unify page load error handling
* simplify initial loading state
* documenting unconditional catch blocks
* use nodes.info instead of transport.request
* Apply suggestions from code review
Co-Authored-By: Brandon Kobel <brandon.kobel@gmail.com>
* move model out of LP into NP
* convert except_field_rule to except_any_rule
* docs, take 1
* update gif
Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com>
Co-authored-by: Brandon Kobel <brandon.kobel@gmail.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* add onAppLeave to AppMountParameters
* adapt legacy shims of app mount
* update generated doc
* returns properly typed AppLeaveAction from leave handler instead of raw strings
* add openConfirm to modal service and use it instead of window.confirm
* fix unit test
* update querystringinput snapshots
* add integration tests
* nits and review comments
* add functional tests
* [Reporting] Update some runtime validations
* fix unit test
* i18n
* make warning logging of encryptionKey possible
* update snapshot
* revert unrelated config change
* docs: consolidate telemetry settings to core
Telemetry is no longer part of monitoring.
* docs: revise telemetry settings text
* docs: tweak telemetry setting text
* expose ES clients without observables
* expose observable-less api to plugins
* update core api and mocks
* update plugins
* NP SO & legacy use updated API
* update SO tests
* update TSDocs
* update types
* update docs
* document createCluster analog in np
* typo
* [DOCS] Moves index pattern doc to Discover
* [DOCS] Improves intro to index patterns doc
* [DOCS] Edits index patterns doc
* [DOCS] Incorporates comments into index patterns doc
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* [Reporting/Docs] Various Documentation Additions
- Add ECONNREFUSED to troubleshooting page:
- System Requirements for Reporting
- Layout and Sizing
* [DOCS][Reporting] Updates index and troubleshooting pages
Co-authored-by: Tim Sullivan <tsullivan@users.noreply.github.com>
* [Maps] pull ES_SIZE_LIMIT and top hits limit from index settings
* get fetch working
* get min values from indicies response
* use indexSettings.maxResultWindow in documents request size
* use max_inner_result_window to define top hits max
* update jest test
* update docs
* more docs changes for top hits
* fix line spacing
* Update docs/maps/maps-aggregations.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
* Update docs/maps/vector-layer.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
* add api integration test for indexSettings route
* eslint fixes
* review feedback
* display toast on first index settings fetch failure
* clean up
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* [NP] Allow custom validations in HTTP Routes apart from @kbn/config-schema
* API docs
* Allow validate function in the route handler (run-code validation)
* Prefix RouteXXX + Params and Body Validation Aliases
* Fix test broken by lodash
* Update API docs
* Add default types for simpler manual declaration
* Add run-time validation of the RouteValidateSpec
* Expose RouteValidationError instead of SchemaTypeError
* RouteValidator as a class to match config-schema interface
* Test for not-inline handler (need to check IRouter for #47047)
* Add preValidation of the input for a safer custom validation
* Better types for RouteHandlers
* [NP] Move route validation to RouteValidator wrapper
* Use the class only internally but maintain the same API
* Fix types
* Ensure RouteValidator instance in KibanaRequest.from
* Fix validator.tests (Buffer.from instead of new Buffer)
* Default precheck should allow null values
* Also allow undefined in preChecks
* MR feedback fixes
* Provide RouteValidationResolver to the validation function
* Add functional tests
* Fix new functional tests
* Fix validator additional test
* Fix test with new resolver
* Remove unused import
* Rename ValidationResolver to ValidationResultFactory and change the interface to look more like the KibanaResponseFactory
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* text styling
* label style editor UI
* wire up styles to mb
* allow string values
* remove console.log
* default getFields to provide ordinal fields for vector source
* fix vector_style jest test
* add label styles to docs
* fix prettier errors
* use index-pattern field formatter to format label
* rename LABEL to LABEL_TEXT
* review feedback
* fix problem with icons not displaying with labels
* fix functional tests
* fix canno read name of null error
* update jest expect
* fix eslint errors
* do not display label text in legend
* always show all label styling properties in editor
* review feedback
* mention uiSettingsClient in the context docs
* autogenerated docs for logger method
* describe what's available via request context handler. how to extend it
* make type optional
