This makes the "Log rate" and "Categories" tab visible on clusters with a suitable license for users which don't have the the `machine_learning_admin` role.
* Shim the default_editor
* Update paths in vis_default_editor
* Update paths in dependent plugins
* Update the dependent plugins
* Create an entry point
* Wrap the editor with kibana context
* Fix circular re-renders
* Update sub aggs mapping
* Move schemas and agg_groups to agg_types, update jest tests
* Use services from kibana context, other fixes
* Fix useEffect maximum update depth
* Create i18n namesapce for visDefaultEditor, rename translations
* Fix tests
* Resolve paths
* Remove ui/vis/vis_types
* Fix vis import
* Move editor_config_provider to ui/vis
## [SIEM] Overview page feedback
Implements feedback and fixes to the Overview page
### Overview (default theme)
### Overview (dark theme)
## Highlights
* The new order of widgets is Signals, Alerts, Events, Host Events, Network events, per https://github.com/elastic/siem-team/issues/494
* Changed the default `External alerts count` `Stack by` to `event.module` https://github.com/elastic/siem-team/issues/491
* Added `event.module` to the `Events count` histogram https://github.com/elastic/siem-team/issues/491
* Widget titles will no longer include the currently selected `Stack by option`. The widgets will use the same static title text that appears on the other pages (i.e.. `Signals count`, `External alerts count`, and `Events count`) https://github.com/elastic/siem-team/issues/491
* The `Signals count` includes a `Stack by` that defaults to `signal.rule.threat.tatic.name`
* Standardized on a 300px widget height for all histograms in the app (thanks @MichaelMarcialis for paring on this!)
* The `Open as duplicate timeline` action is `Recent timelines` is now only shown when hovering over a recent timeline
## Loading States
* The `Recent timelines` and `Security news` widgets now use the horizontal bar loading indicator
* The `Host events` and `Network events` widgets now use the horizontal bar loading indicator
* The `Host events` and `Network events` Showing _n_ events subtitles are now hidden on initial load
* The counts in the `Host events` and `Network events` Showing _n_ events subtitles are now hidden on initial load
* We no longer hide some histogram subtitles after initial load, to prevent shifting of content when a user makes a `Stack by` selection
## News Feed Error State
* Fixed an issue where the `Security news` header was hidden when an invalid URL is configured
* Added a space between the word `via` and the `SIEM advanced settings` link
* Removed the capital “N” from "News" in the error message
## Misc Visual Changes
* Fixed text truncation of the `Severity` column in the `Detections` page's `Signals` table
* Added the “showing” subtitle to the `Signals count` histogram on the Detections page
* Increased the `Stack by` histogram selector and the `View signals | alerts | events' buttons from 8 to 24px
* Tweaked the border rendering in the Overview `Host Events` and `Network events` widget headers
* Added 8px of spacing between the Overview `Host Events` and `Network events` widget accordion headers and their contents
* Fixed an issue where the `Host events` and `Networ events` widgets didn't render in ie11 https://github.com/elastic/siem-team/issues/499
## Non-Visual Fixes
* Removed an incorrect usage of `usememo`
* Removed the placeholder client-side username query from `x-pack/legacy/plugins/siem/public/components/recent_timelines/index.tsx`
* Updated the query of the Overview `Host events` widget to filter by "host.name exists"
* Updated the query of the Overview `Network events` widget to filter by "source.ip exists or destination.ip : exists"
* Use src/plugins/inspector instead of ui/inspector
* Remove unused ui/inspector
* Use `inspector` plugin directly to register view
* Fix path
* Use inspector from NP
* Revert view registration to a separate file
* Always return a contract from the newsfeed plugin
Without a contract, dependent plugins have no way of knowing whether the
plugin is enabled or not as the contract will always be undefined.
* Export newsfeed contract types from public index
So that dependent plugins can use them.
* Declare newsfeed as an optional dependency of SIEM
We're going to use the availability of the newsfeed plugin as part of our
determination for whether or not to show the security newsfeed. If users
set `newsfeed.enabled: false`, the plugin will be unavailable and the
security feed will not be shown.
* Respect global newsfeed.enabled config in Security newsfeed
The presence of the newsfeed plugin means that newsfeed.enabled is true.
If both that and our local setting are true, we will show the Security
feed.
* Prefer object type over empty interface
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Put the notice for rules in comment block
This comment block marked by `@notice` is picked up by automation and included
in the Kibana NOTICE.txt that we ship with the tar.gz.
Follow up for #56090.
* utilize createdAt and updatedAt from the alerting saved object
* revert accidental change to test rule
* updatedAt is not a part of savedObject attributes passed back from alerting, it's at the top level
* Prefer units if they are defined when rendering cells
* Jest snapshot update
* Lint recommendations
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Initial config renaming - not working
* Tweak config key names and move to core_deprecations
* Remove new ones from this PR
* Fix mocha tests
* Update more configs
* Update config in test
* Add note to move these
* Missed one
* Fix mocha tests
* Fix tests
* Change how we fetch pipeline listing metrics to match what other charts show
* Fix tests
* Fix tests
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
When creating/editing/deleting an annotation, the Single Metric Viewer page wouldn't update with the applied changes. This fixes it by tracking the change in the outer component with lastRefresh/previousRefresh and making it a condition in contextChartSelected() to trigger an update after a refresh.
Changes the file upload functionality to process delimited
files by splitting them into to messages, then sending
these to the ingest pipeline as a single field for further
processing in Elasticsearch.
The csv_importer has been removed and the old sst_importer
replaced with a similar message_importer that has been
enhanced to cover the edge cases required by delimited
file processing.
Previously the file upload functionality parsed CSV in the
browser, but by parsing CSV in the ingest pipeline it
makes the Kibana file upload functionality more easily
interchangable with Filebeat such that the configurations
it creates can more easily be used to import data with the
same structure repeatedly in production.
Companion to elastic/elasticsearch#51492
* Combine ui/color_maps and EuiUtils into new Charts plugin
* EuiUtils is now the theme service
* ui/color_maps is now the colorMaps service
* Fix all imports of each to pull from new Charts plugin
* Add theme methods to both setup and start contracts
* Move and jestify heatMapColors tests
* Convert remaining js files to ts
* Move vis/color to Charts plugin
* Update missed visTypeVislib naming
Fixes an issue where the context chart brush would render incorrectly for short recent time spans (e.g. 'now-15min`). Adds a check whether to display the brush and hide it if context and focus chart have the same timespan.
* Create a new menu for observability links. Use it on inentory page.
* Change the order of props for clarity
* Fix default message
* Composition over configuration
* Show ids and ips. PR feedback.
* Don't wrap subtitle. Use fields in inventory model for name
* Tooltip was becoming hacky. Keep it simple and wrap the id.
* Create observability plugin. Add action menu to it.
* Fix path
* Satisfy linter and fix test
* Please the linter
* Update translastions
* Update test for disabled links
* Update more tests
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
We had previously deleted the animation because the method we were using for adding nodes to the map would wipe the whole map out before redrawing it and make for very awkward animation.
The way it works now is the Cytoscape component calls `add` on the cytoscape instance when new elements are added, so the animation looks ok.
Fixes#54796.
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Fixes https://github.com/elastic/uptime/issues/119
Rather than relying on a contant for the max number of monitors, it's
easier to just use infinity. This is simpler than making the iterator
more complex with an 'infinite' mode.
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
