Adds Navigation APIs to Alerting.
Parts to this PR:
Adds a client side (Public) plugin to Alerting, including two APIs: registerNavigation & registerDefaultNavigation. These allow a plugin to register navigation handlers for any alerts which it is the consumer of- one for specific AlertTypes and one for a default handler for all AlertTypes created by the plugin.
The Alert Details page now uses these navigation handlers for the View In App button. If there's an AlertType specific handler it uses that, otherwise it uses a default one and if the consumer has not registered a handler - it remains disabled.
A generic Alerting Example plugin that demonstrates usage of these APIs including two AlertTypes - one that always fires, and another that checks how many people are in Outer Space and allows you to trigger based on that. 😉 To enable the plugin run yarn start --ssl --run-examples
* Add async search strategy
* Add async search
* Fix async strategy and add tests
* Move types to separate file
* Revert changes to demo search
* Update demo search strategy to use async
* Add async es search strategy
* Return response as rawResponse
* Poll after initial request
* Add cancellation to search strategies
* Add tests
* Simplify async search strategy
* Move loadingCount to search strategy
* Update abort controller library
* Bootstrap
* Abort when the request is aborted
* Add utility and update value suggestions route
* Fix bad merge conflict
* Update tests
* Move to data_enhanced plugin
* Remove bad merge
* Revert switching abort controller libraries
* Revert package.json in lib
* Move to previous abort controller
* Add support for frozen indices
* Fix test to use fake timers to run debounced handlers
* Revert changes to example plugin
* Fix loading bar not going away when cancelling
* Call getSearchStrategy instead of passing directly
* Add async demo search strategy
* Fix error with setting state
* Update how aborting works
* Fix type checks
* Add test for loading count
* Attempt to fix broken example test
* Revert changes to test
* Fix test
* Update name to camelCase
* Fix failing test
* Don't require data_enhanced in example plugin
* Actually send DELETE request
* Use waitForCompletion parameter
* Use default search params
* Add support for rollups
* Only make changes needed for frozen indices/rollups
* Only make changes needed for frozen indices/rollups
* Add back in async functionality
* Fix tests/types
* Fix issue with sending empty body in GET
* Don't include skipped in loaded/total
* Don't wait before polling the next time
* Add search interceptor for bulk managing searches
* Simplify search logic
* Fix merge error
* Review feedback
* Add service for running beyond timeout
* Refactor abort utils
* Remove unneeded changes
* Add tests
* cleanup mocks
* Update src/legacy/core_plugins/kibana/public/dashboard/np_ready/dashboard_app.html
Co-Authored-By: Lukas Olson <olson.lukas@gmail.com>
Co-authored-by: Lukas Olson <olson.lukas@gmail.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
This PR adds basic functional tests for the file data visualizer, covering a file import and error messages for non-log files. It also moves the file input path handling to a common location in order to avoid code duplication.
## Summary
* https://github.com/elastic/kibana/issues/60022
* Adds the feature flag for simple list values
* Adds the boolean filters of "and", "and not" to further filter based on simple values
* Adds unit tests and e2e tests for the values.
* Most tests can include the simple list values but some have to be skipped until we move those to more functions or just enable simple list values as a permanent feature.
* DOES NOT FILTER ON THE VALUES JUST YET (That will be a follow on PR)
## Testing:
To turn on/off the feature flag do this with an env variable (set this in your .bashrc/.zshrc):
```ts
export ELASTIC_XPACK_SIEM_LISTS_FEATURE=true
```
Expect to see this error in the console when the environment variable is set:
```ts
server log [11:41:16.245] [error][plugins][siem] You have activated the lists feature flag which is NOT currently supported for SIEM! You should turn this feature flag off immediately by un-setting the environment variable: ELASTIC_XPACK_SIEM_LISTS_FEATURE and restarting Kibana
```
Expect create and update to work when the environment variable is set and look like this:
```ts
./update_rule.sh ./rules/updates/update_list.json
{
"created_at": "2020-03-15T17:42:37.074Z",
"updated_at": "2020-03-15T17:54:22.427Z",
"created_by": "yo",
"description": "Query with a list",
"enabled": true,
"false_positives": [],
"from": "now-6m",
"id": "c602e3f6-713b-4f43-9bdd-b60fbfead1c5",
"immutable": false,
"interval": "5m",
"rule_id": "query-with-list",
"language": "kuery",
"output_index": ".siem-signals-hassanabad-frank-default",
"max_signals": 100,
"risk_score": 1,
"name": "Query with a list",
"query": "user.name: root or user.name: admin",
"references": [],
"severity": "high",
"updated_by": "yo",
"tags": [],
"to": "now",
"type": "query",
"threat": [],
"version": 6,
"lists": [
{
"field": "source.ip",
"boolean_operator": "and",
"values": [
{
"name": "127.0.0.1",
"type": "value"
}
]
},
{
"field": "host.name",
"boolean_operator": "and not",
"values": [
{
"name": "rock01",
"type": "value"
}
]
}
],
"status": "succeeded",
"status_date": "2020-03-15T17:42:40.718Z",
"last_success_at": "2020-03-15T17:42:40.718Z",
"last_success_message": "succeeded"
}
```
```ts
./post_rule.sh ./rules/queries/query_with_list.json
{
"created_at": "2020-03-15T17:42:37.074Z",
"updated_at": "2020-03-15T17:42:37.116Z",
"created_by": "yo",
"description": "Query with a list",
"enabled": true,
"false_positives": [],
"from": "now-6m",
"id": "c602e3f6-713b-4f43-9bdd-b60fbfead1c5",
"immutable": false,
"interval": "5m",
"rule_id": "query-with-list",
"language": "kuery",
"output_index": ".siem-signals-hassanabad-frank-default",
"max_signals": 100,
"risk_score": 1,
"name": "Query with a list",
"query": "user.name: root or user.name: admin",
"references": [],
"severity": "high",
"updated_by": "yo",
"tags": [],
"to": "now",
"type": "query",
"threat": [],
"version": 1,
"lists": [
{
"field": "source.ip",
"boolean_operator": "and",
"values": [
{
"name": "127.0.0.1",
"type": "value"
}
]
},
{
"field": "host.name",
"boolean_operator": "and not",
"values": [
{
"name": "rock01",
"type": "value"
},
{
"name": "mothra",
"type": "value"
}
]
}
]
}
```
```ts
./patch_rule.sh ./rules/patches/update_list.json
{
"created_at": "2020-03-15T18:02:52.434Z",
"updated_at": "2020-03-15T18:02:57.675Z",
"created_by": "yo",
"description": "Query with a list",
"enabled": true,
"false_positives": [],
"from": "now-6m",
"id": "40b7c2fb-83b4-4820-bf7c-056f3a631126",
"immutable": false,
"interval": "5m",
"rule_id": "query-with-list",
"language": "kuery",
"output_index": ".siem-signals-hassanabad-frank-default",
"max_signals": 100,
"risk_score": 1,
"name": "Query with a list",
"query": "user.name: root or user.name: admin",
"references": [],
"severity": "high",
"updated_by": "yo",
"tags": [],
"to": "now",
"type": "query",
"threat": [],
"version": 1,
"lists": [
{
"field": "source.ip",
"boolean_operator": "and",
"values": [
{
"name": "127.0.0.1",
"type": "value"
}
]
},
{
"field": "host.name",
"boolean_operator": "and not",
"values": [
{
"name": "rock01",
"type": "value"
},
{
"name": "mothra",
"type": "value"
}
]
}
],
"status": "succeeded",
"status_date": "2020-03-15T18:02:56.426Z",
"last_success_at": "2020-03-15T18:02:56.426Z",
"last_success_message": "succeeded"
}
```
```ts
./get_rule_by_rule_id.sh query-with-list
{
"created_at": "2020-03-15T18:10:07.657Z",
"updated_at": "2020-03-15T18:10:08.479Z",
"created_by": "yo",
"description": "Query with a list",
"enabled": true,
"false_positives": [],
"from": "now-6m",
"id": "9854162b-003c-47be-af59-8c3c9545aafa",
"immutable": false,
"interval": "5m",
"rule_id": "query-with-list",
"language": "kuery",
"output_index": ".siem-signals-hassanabad-frank-default",
"max_signals": 100,
"risk_score": 1,
"name": "Query with a list",
"query": "user.name: root or user.name: admin",
"references": [],
"severity": "high",
"updated_by": "yo",
"tags": [],
"to": "now",
"type": "query",
"threat": [],
"version": 1,
"lists": [
{
"field": "source.ip",
"boolean_operator": "and",
"values": [
{
"name": "127.0.0.1",
"type": "value"
}
]
},
{
"field": "host.name",
"boolean_operator": "and not",
"values": [
{
"name": "rock01",
"type": "value"
},
{
"name": "mothra",
"type": "value"
}
]
}
],
"status": "going to run",
"status_date": "2020-03-15T18:10:10.738Z"
}
```
Expect these errors when the environment variable is not set:
```ts
./post_rule.sh ./rules/queries/query_with_list.json
{
"statusCode": 400,
"error": "Bad Request",
"message": "[request body]: child \"lists\" fails because [\"lists\" is not allowed]"
}
```
```ts
./update_rule.sh ./rules/queries/query_with_list.json
{
"statusCode": 400,
"error": "Bad Request",
"message": "[request body]: child \"lists\" fails because [\"lists\" is not allowed]"
}
```
```ts
./patch_rule.sh ./rules/patches/update_list.json
{
"statusCode": 400,
"error": "Bad Request",
"message": "[request body]: child \"lists\" fails because [\"lists\" is not allowed]"
}
```
Expect that this is _backwards_ compatible with the feature flag but not necessarily _forwards_ compatible. This means:
* You can have older data that never had lists and it will show up as an empty list when you query it. (backwards compatible)
* You _might_ have lists and remove the env. variable and get back items as if the list was not there for (forwards compatible)
* You can export without lists, flip on the env flag and import with newer lists feature (backwards compatible)
* You can export lists and it will _not_ work with an older system (not forwards compatible)
### Checklist
Delete any items that are not applicable to this PR.
- [x] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios
* Initial Commit
Update to ESDocs datasource per team feedback
* Updates
Updates per Ryan's mockups
* Updates II
Updates per Poff's review
* Updates III
Update to some of the verbiage and card sizes - working on re-ordering and adding a link to the lucen query syntax
* design tweaks
* Adding lucene hyperlink
update to add hyperlink help for Lucene query syntax
* Consollidating datasources to sort
Consolidating the ESDocs datasource with the rest, so that we can order them
* updates for i18n
updates for i18n
* Updates
Updates from Gail for verbiage and integrating Ryan's change for style
* Update ui.ts
Updates for i18n
* Updates for datasource order
moving the esdocs datasource to live with the rest of the UI datasources, and sorting them accordingly.
* Update datasource_component.js
removing console log, whoops
* Update ui.ts
Update to fix i18n essql issue
* Update ui.ts
Updates to fix i18n references for the esdocs datasource move
* Update to Timelion URL
I noticed that the Timelion datasource showed "Lucene query syntax" which wasn't relevant, so I updated it to "Timelion", along with a tutorial, as the link for current Timelion docs does not provide any syntax tutorial.
* Update ui.ts
update for i18n
* Update ui.ts
update for i18n
* Update ui.ts
Update to removed unused value - the i18n check gave me latent errors, sorry for the repost
* i18n updates
Updating nomenclature to get past i18n errors
* Updates
Code review updates to remove extraneous code
* Update timelion.js
update to remove extraneous comment per code review
* More i18n updates
translation updates to accommodate the esdocs datasource move
* Update datasource_component.js
Update to toggle datasource icon in selected element mode
* Update ui.ts
hopefully last i18n fix
Co-authored-by: Ryan Keairns <contactryank@gmail.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* refactor `use_details_uri` hook and introduce `useAgentConfigLink`
* Refactor structure for datasources view
* Sync up table columns
* Added row actions to Datasources list
* Datasources table filters
* Support deleting datasource action
* Added PackageIcon to datasources list
* Remove unnecessary linter exceptions
Not sure what was causing issues here, but it's gone now.
* WIP: Simple form to test creation of ML rules
This will be integrated into the regular rule creation workflow, but for
now this simple form should allow us to exercise the full ML rule
workflow.
* WIP: Adds POST to backend, and type/payload changes necessary to make that work
* Simplify logic with Math.min
* WIP: Failed spike of making an http call
* WIP: Hacking together an ML client
The rest of this is going to be easier if I have actual data. For now
this is mostly copy/pasted and simplified ML code. I've hardcoded time
ranges to a period I know has data for a particular job.
* Threading through our new ML Rule params
It's a bummer that we normalize our rule alert params across all rule
types currently, but that's the deal.
* Retrieve our anomalies during rule execution
Next step: generate signals
* WIP: Generate ECS-compatible ML Signals
This uses as much of the existing signal-creation code as possible. I
skipped the search_after stuff for now because it would require us
recreating the anomalies query which we really shouldn't own. For now,
here's how it works:
* Adds a separate branch of the rule executor for machine_learning rules
* In that branch, we call our new bulkCreateMlSignal function
* This function first transforms the anomaly document into ECS fields
* We then pass the transformed documents to singleBulkCreate, which
does the rest
* After both branches, we update the rule's status appropriately.
We need to do some more work on the anomaly transformation, but this
works!
* Extract setting of rule failure to helper function
We were doing this identically in three places.
* Remove unused import
* Define a field for our Rule Type selection
This adds most of the markup and logic to allow an ML rule type to be
selected. We still need to add things like license-checking and
showing/hiding of fields based on type.
* Hide Query Fields when ML is selected
These are still getting set on the form. We'll need to filter these
fields before we send off the data, and not show them on the readonly
display either.
ALso, edit is majorly broken.
* Add input field for anomaly threshold
* Display numberic values in the readonly view of a step
TIL that isEmpty returns false for numbers and other non-iterable
values. I don't think it's exactly what we want here, but until I figure
out the intention this gets our anomalyThreshold showing up without a
separate logic branch here. Removes the unnecessary branch that was
redundant with the 'else' clause.
* Add field for selecting an ML job
This is not the same as the mockups and lacks some functionality, but
it'll allow us to select a job for now.
* Format our new ML Fields when sending them to the server
So that we don't get rejected due to snake case vs camelcase.
* Put back code that respects a rule's schedule
It was previously hardcoded to a time period I knew had anomalies.
* ML fields are optional in our creation step
In that we don't initialize them like we do the query (default) fields.
* Only send along type-specific Rule fields from form
This makes any query- or ML-specific fields optional on a Rule, and
performs some logic on the frontend to group and include these fieldsets
conditionally based on the user's selection. The one place we don't
handle this well is on the readonly view of a completed step in the
rules creation, but we'll address that.
* Rename anomalies query
It's no longer tabular data. If we need that, we can use the ML client.
* Remove spike page with simple form
* Remove unneeded ES option
This response isn't going to HTTP, which is where this option would
matter.
* Fix bulk create logic
I made a happy accident and flipped the logic here, which meant we
weren't capping the signals we created.
* Rename argument
Value is a little more ambiguous than data, here: this is our step data.
* Create Rule form stores all values, but filters by type for use
When sending off to the backend, or displaying on the readonly view, we
inspect which rule type we've currently selected, and filter our form
values appropriately.
* Fix editing of ML fields on Rule Create
We need to inherit the field value from our form on initial render, and
everything works as expected.
* Clear form errors when switching between rule types
Validation errors prevent us from moving to the next step, so it was
previously possible to get an error for Query fields, switch to an ML
rule, and be unable to continue because the form had Query errors.
This also adds a helper for checking whether a ruleType is ML, to
prevent having to change all these references if the type string
changes.
* Validate the selection of an ML Job
* Fix type errors on frontend
According to the types, this is essentially the opposite of formatRule,
so we need to reinflate all potential form values from the rule.
* Don't set defaults for query-specific rules
For ML rules these types should not be included.
* Return ML Fields in Rule responses
This adds these fields to our rule serialization, and then adds
conditional validation around those fields if the rule type is ML.
Conversely, we moved the 'language' and 'query' fields to be
conditionally validated if the rule is a query/saved_query rule.
* Fix editing of ML rules by changing who controls the field values
The source of truth for their state is the parent form object; these
inputs should not have local state.
* Fix type errors related to new ML fields
In adding the new ML fields, some other fields (e.g. `query` and
`index`) that were previously required but implicitly part of Query
Rules are now marked as optional.
Consequently, any downstream code that actually required these fields
started to complain. In general, the fix was to verify that those fields
exist, and throw an error otherwise as to appease the linter.
Runtime-wise, the new ML rules/signals follow a separate code path and
both branches should be unaffected by these changes; the issue is simply
that our conditional types don't work well with Typescript.
* Fix failing route tests
Error message changed.
* Fix integration tests
We were not sending required properties when creating a rule(index and
language).
* Fix non-ML Rule creation
I was accidentally dropping this parameter for our POST payload. Whoops.
* More informative logging during ML signal generation
The messaging diverged from the normal path here because we don't have
index patterns to display. However, we have the rest of the rule
context, and should report it appropriately.
* Prefer keyof for string union types
* Tidy up our new form components
* Type them as React.FCs
* Remove unnecessary use of styled-components
* Prefer destructuring to lodash's omit
* Fix mock params for helper functions
These were updated to take simpler parameters.
* Remove any type
This could have been a boolean all along, whoops
* Fix mock types
* Update outdated tests
These were added on master, but behavior has been changed on my branch.
* Add some tests around our helper function
I need to refactor it, so this is as good a time as any to pin down the
behavior.
* Remove uses of any in favor of actual types
Mainly leverages ML typings instead of our placeholder types. This
required handling a null case in our formatting of anomalies.
* Annotate our anomalies with @timestamp field
We were notably lacking this ECS field in our post-conversion anomalies,
and typescript was rightly complaining about it.
* ml_job_id -> machine_learning_job_id
* PR Feedback
* Stricter threshold type
* More robust date parsing
* More informative log/error messages
* Remove redundant runtime checks
* Cleaning up our new ML types
* Fix types on our Rest types
* Use less ambiguous machineLearningJobId over mlJobId
* Declare our ML params as required keys, and ensure we pass them around
everywhere we might need them (creating, importing, updating rules).
* Use implicit type to avoid the need for a ts-ignore
FormSchema has a very generic index signature such that our
filterRuleFieldsForType helper cannot infer that it has our necessary
rule fields (when in fact it does). By removing the FormSchema hint we
get the actual keys of our schema, and things work as expected.
All other uses of schema continue to work because they're expecting
FormSchema, which is effectively { [key: string]: any }.
* New ML params are not nullable
Rather than setting a null and then never using it, let's just make it
truly optional in terms of default values.
* Query and language are conditional based on rule type
For ML Rules, we don't use them.
* Remove defaulted parameter in API test
We don't need to specify this, and we should continue not to for
backwards compatibility.
* Use explicit types over implicit ones
The concern is that not typing our schemae as FormSchema could break our
form if there are upstream changes. For now, we simply use the
intersection of FormSchema and our generic parameter to satisfy our use
within the function.
* Add integration test for creation of ML Rule
* Add ML fields to route schemae
* threshold and job id are conditional on type
* makes query and language mutually exclusive with above
* Fix router test for creating an ML rule
We were sending invalid parameters.
* Remove null check against index for query rules
We support not having an index here, as getInputIndex will return the
current UI setting if none is specified.
* Add regression test for API compatibility
We were previously able to create a rule without an input index; we
should continue to support that, as verified by this test!
* Respect the index pattern determined at runtime when performing search_after
If a rule does not specify an input index pattern on creation, we use
the current UI default when the rule is evaluated. This ensures that any
subsequent searches use that same index.
We're not currently persisting that runtime index to the generated
signal, but we should.
* Fix type errors in our bulk create tests
We added a new argument, but didn't update the tests.
* Fixed default message for index threshold includes both threshold values even if not used
* fixed due to review comments
* Fixed validation errors with ability to clear input
* Support yaml var type:
* Change stream config model to save type and value, instead of just value
* Add code editor for configuring yaml vars
* Adjust tests
* Account for empty yaml value
* Better account for invalid yaml parsing
* Apply action types to fields
* Add information to each field
* Do not create or update comments when actionType is set to nothing
* Improve helpers tests
* Improve tests
* Refactor: Use transformers and pipes
* Better types
* Refactor tests to new changes
* Better error messages
* Improve field formatting and display
* Improve integration tests
* Make username mandatory field
* Translate transformers
* Refactor schema
* Translate appendInformationToField helper
* Improve intergration tests
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* [Maps] Blended layer that switches between documents and clusters
* change layer type when scalingType changes
* getSource
* use cluster source when count exceeds value
* ensure doc source stays in editor
* start creating cluster style
* pass all parts of style descriptor
* get toggling between sources working
* derive cluster style from document style
* remove references to METRIC_TYPE
* fix import
* start typescripting blended_vector_layer
* more typescript work
* last of the TS errors
* add migration to convert useTopTerm to scalingType
* clean up
* remove MapSavedObject work since its in a seperate PR now
* fix EsSearchSource update editor jest test
* fix map_selector jest test
* move mutable state out of BlendedVectorLayer
* one more change for removing mutable BlendedVectorLayer state
* integrate newly merged MapSavedObjectAttributes type
* review feedback
* use data request for fetching feature count
* add functional test
* fix functional test
* review feedback
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Unifying the test index name for resolver and alerts
* Endpoint isn't sending the agent field so check for it
* Update resolver to use either legacy or ecs events
* Use correct format for child events api
* Adding string or array for category and type
* Add return types to process event models
* Create a common/models.ts for common event logic
* Decrease resolver min height
* Update types to match cli tool
* Add a smoke test for resolver rendering nodes, remove unused selector
* Add common/models/event
* Internationalize some strings, address pr comments
Co-authored-by: Jonathan Buttner <jonathan.buttner@elastic.co>
* Add properties needed for index templates to Field
* Add data type handling to template generation
* Adjust tests
* Update fields test snapshots
* Remove duplicate fields from test file
* Add test cases
* Enhance processFields
* move expand stage to expandFields
* fix expandFields
* add deduplication stage dedupFields
* Use processField() to preprocess fields
* Remove alias fields with invalid path
* Remove obsolete code.
* Fix documentation.
* Add unit tests for getField()
* Don't fail on invalid input for now.
* Validate array fields.
* Guard against invalid input.
* Fixes to service map single node banner
* Make the banner 95% width so it takes up the full width
* Check the actual count of cytoscape nodes to determine whether or not to show the banner
* Make the Cytoscape component able to take a function as children so we can access the cytoscape instance directly
* Update the .NET icon
* rework
* Update x-pack/legacy/plugins/apm/public/components/app/ServiceMap/EmptyBanner.tsx
Co-Authored-By: Oliver Gupte <ogupte@users.noreply.github.com>
Co-authored-by: Oliver Gupte <ogupte@users.noreply.github.com>
Kibana uses Node.js v10.19.0. The closest version of @types/node to this
version is currently v10.17.17.
This commit updates the resolutions field in package.json to ensure that
the latest version less than 10.20.0 is always used.
* [ML] Re-enabling file upload telemetry
* small refactor
* removing exported function
* removing commented out code
* removing commented out include
* cleaning up types
* Add settings completion to index create endpoint and clean up.
The cleanup is largely for moving settings data completion to JS
and removing the dynamic logic for loading different ES versions.
This is unused and unnecessary at this point.
* Add new settings JS files and move BOOLEAN to shared file.
* Important fix for loading x-pack console extensions.
After migrating the x-pack console extensions were being loaded
too late and were not being served to the client.
* Reorder imports to convention
* Add async search strategy
* Add async search
* Fix async strategy and add tests
* Move types to separate file
* Revert changes to demo search
* Update demo search strategy to use async
* Add async es search strategy
* Return response as rawResponse
* Poll after initial request
* Add cancellation to search strategies
* Add tests
* Simplify async search strategy
* Move loadingCount to search strategy
* Update abort controller library
* Bootstrap
* Abort when the request is aborted
* Add utility and update value suggestions route
* Fix bad merge conflict
* Update tests
* Move to data_enhanced plugin
* Remove bad merge
* Revert switching abort controller libraries
* Revert package.json in lib
* Move to previous abort controller
* Add support for frozen indices
* Fix test to use fake timers to run debounced handlers
* Revert changes to example plugin
* Fix loading bar not going away when cancelling
* Call getSearchStrategy instead of passing directly
* Add async demo search strategy
* Fix error with setting state
* Update how aborting works
* Fix type checks
* Add test for loading count
* Attempt to fix broken example test
* Revert changes to test
* Fix test
* Update name to camelCase
* Fix failing test
* Don't require data_enhanced in example plugin
* Actually send DELETE request
* Use waitForCompletion parameter
* Use default search params
* Add support for rollups
* Only make changes needed for frozen indices/rollups
* Only make changes needed for frozen indices/rollups
* Add back in async functionality
* Fix tests/types
* Fix issue with sending empty body in GET
* Don't include skipped in loaded/total
* Don't wait before polling the next time
* Simplify search logic
* Fix merge error
* Review feedback
* Fix issue with hits.total
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Moved index params fields to connector config
* Fixed type check issue
* Fixing functional tests
* Fixed due to comments
* Fixed functional tests
* Fixed tests and type check
* Update the ems-client dependency
This PR adds the `appName` and `appVersion` parameters used by ems-client. The `appVersion` parameter replaces the now deprecated `kbnVersion` parameter in ems-client.
* Review feedback
* Fix borked merge
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* initial implementation of configurable test users
* user superuser by default to match master
* referenced the configs in reporting and api integration
* setting the minimum number of default roles
* looking for x-pack tests with users and roles
* add testUserService in dashboard mode tests
* running only ciGroup7
* uncommenting - addign visualization
* re-enabling all CI groups to run on CI
* reinstating Jenkinsfile
* disable Test user for OIDC config
* improved logging and added Roles for OSS tests to get better info on the runs.
* disable test_user for auth tests
* don't fetch enabledPlugins when testuser disabled
* fix es-lint
* running oss tests with x-pack enabled
* [revertme] build default dist for oss tests
* updating NOTICE.txt file as it complained in the kibana intake tests
* changed to pick OSS builds
* trying a license change to trial
* switch back to xpack builds
* created a new sample data role and used it in homepage tests
* revert test/scripts/jenkins_ci_group.sh
* only refresh browser and wait for chrome if we are already on Kibana page
* fix large_string test to use minimum set of roles and privileges
* fix for date nanos custom timestamp with a configured role
* changes to the files with addition of new roles for the test_user
* reverting to OSS changes and few additions to the time_zone test to run as a test_user
* changes to security
* changes to the x-pack test to use elastic superuser
* fix for chart_types test
* fixes to area chart , input control test
* fix for dashboard filtering test and a new config role
* changes to handle the x-pack tests
* additional role for date nanos mixed
* added the logstash role to the accessibility tests
* removed telemetry setting
* docs+few changes to the tests
* removed Page navigation
* removed pageNavigation which was unused
* test/accessibility/apps/management.ts
* update management.ts
* aria label, and other changes
* accidentally checked in a piped file with results.
* accidentally checked in a piped file with results.
* accidentally checked in a piped file with results.
* accidentally checked in a piped file with results.
* accidentally checked in a piped file with results.
* accidentally checked in a piped file with results.
* accidentally checked in a piped file with results.
* accidentally checked in a piped file with results.
* reverted
* unloading of logstash data, fixing aria label
* aria-label
* added the required role
* fix for tsvb chart
* fix for sample data test reverted home_page pageobject file
* changes to sample data test and visualize index file to incorporate OSS changes
* changes to describe() and some more changes to incorporate in settings_page
* re-adding the after()
* removed unwanted roles
* replaced kibana_user with kibana_admin
* added the check of deprecated kibana_user
* testing with kibana_admin role
* fix for discover test
* incorporated the review comments
* incorporated the review comments
* incorporate review comments and added restoreDefaults()
* removed describe.only
* reverted the OSS logic change I had here- pulled into seperate PR
* incorporated the review comments
* incorporated review changes
* adding hidden=true to find hidden kibanaChrome
* change field.test.tsx to be same as that of master branch
Co-authored-by: spalger <spalger@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Move over to new plugin space, working implementation
* Fixing tests for report_listing snapshots
* WIP: Fixing react-component tests
* Fixing report_info_button tests
* Fixing download linksies
* WIP: Final working implementation
* Fixing attachAction API + API URLs
* Let the past die. Kill it if you have to. That’s the only way to become what you were meant to be.
* Fixing stream-client for new platform APIs
* Fixing types and tests
* Fix broken mock
* Adds back in warnings to report info button
* kibana.json line-breaks on required plugins
* Fixing broked snapshots
* Fix license checks in client-side components
* Adding back in warnings to report_listing component
* Fix danglig unused import
* Adds license checks for basic to our csv panel action
* Fixes issues from prior fork
* Move relative pathing to absolute
* Fix POST URL copying as we've moved from static methods
* Fix layoutId props
* Fixes types for layoutId
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Move redirect_when_missing to kibana utils
* Replace redirectWhenMissing in dashboard
* Replace redirectWhenMissing in discover
* Remove redirect in monitoring
* Remove extra import
* Move invalid vistype check into editor.js
* Mock the history folder
* Fix redirect when missing index or saved object
* Move history to discover services
* Use redirect to listing page
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* [ML] Fixes to error handling for analytics jobs and file data viz
* [ML] Fix failing tests and address comments from review
* [ML] Add key prop to error messages map
* [ML] Add errors.ts
The current index threshold alert uses a `size` limit on term aggregation, when used, but does not sort the buckets, so it's just using descending count on the grouped buckets as the sort to determine what to return.
The watcher API for the index threshold notes this as "top N of", implying a sort.
This PR applies sorting when the using `groupBy: top`, and the `aggType != count`. For count, ES is already sorting the way we want.
The sort is calculated as a separate agg beside the date_range aggregation, which is the same metrics agg specified in the query - `aggType(aggField)`. This field is then referenced in a new `order` property in the terms agg, using 'asc' sorting for `min`, and `desc` sorting for `avg`, `max`, and `sum`.
This doesn't change the shape of the output at all, just changes which term buckets will be returned, if there are more term buckets than requested with the `termSize` parameter.
* Added variables button for text fields in Pagerduty component. Fixed bugs mentioned in https://github.com/elastic/kibana/issues/60067
* Fixed due to comments
* fixed language check issue
* Fixed tests
* Fixed due to comments
* Memo'ize some layout and EPM header components
* Split EPM home page into two tabs
* Clean up dead files and import paths
* Add empty state
* Use react routing for rendering tab content
* Fix import paths (again)
* [Maps] move MapSavedObject type out of telemetry
* move SavedObject from server to core/types
* review feedback
* results from check_published_api_changes
* test to verify alerts page header says alerts
* updating test with pr feedback
* updating test with pr feedback and better verbiage
* updating test with pr feedback for better test titling
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Move validated range files to new NP location
* Update refs in code
* Clean up old validated range files
* Change relative paths to 'kibana-react'. Some clean up
* Change to relative paths
* Fix i18n errors
* i18n clean up. Export module explicitly
* Change files over to TS to prevent build issue where validated range was missing
* Clean up TS conversion
* More clean up. Extend EuiRangeProps
* Remove unneeded ts-ignore
* Review feedback and test fixes
* Change double to single quotes
* min and max aren't always passed, make optional
* Type updates
* Review feedback. Set state to empty on init and add ignore comment
* Review feedback
* Add back in last 2 ts-ignores. Build fails without focusable attribute on EuiDualRange & No good alternatives for spread syntax in TS components
* Rollback change to state init. Initializing state to null actually triggers a react browser warning and complicates using 'prevState' in getDerivedStateFromProps
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Refactors signal rule alert type into a smaller executor
## Summary
* Breaks out the schema into its own file and function
* Breaks out the action group into its own file and function
* Moves misc types being added to this into the `./types` file
* Breaks out all the writing of errors and success into their own functions
* Uses destructuring to pull data out of some of the data types
* Tweaks the gap detection to accept a date instead of moment to ease "ergonomics"
* Updates unit tests for the gap detection
### Checklist
Delete any items that are not applicable to this PR.
- [x] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios
* adds signals data
* adds 'closes and opens signals'
* refactors test
* adds extra check to see that the selected number of signals is correct
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
