* [Alerting] Active alerts do not recover after re-enabling a rule
* created reusable lib file for generating event log object
* comment fix
* fixed tests
* fixed tests
* fixed typecheck
* fixed due to comments
* Apply suggestions from code review
Co-authored-by: ymao1 <ying.mao@elastic.co>
* fixed due to comments
* fixed due to comments
* fixed due to comments
* fixed tests
* Update disable.ts
* Update disable.ts
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: ymao1 <ying.mao@elastic.co>
## [Security Solution] Restores Alerts table local storage persistence and the Remove Column action
This PR implements the following changes summarized below to address <https://github.com/elastic/kibana/issues/113090>, as proposed [here](https://github.com/elastic/kibana/issues/113090#issuecomment-935143690):
- Configures the `Columns` popover to be consistent with `Discover`
- Changes the `Hide column` action to `Remove column`, to be consistent with `Discover`
- Persists updates to the `Columns` popover order in `local storage`
- Restores the feature to persist column widths in `local storage`
### Configures the `Columns` popover to be consistent with `Discover`
- We now pass `false` to the `allowHide` [EuiDataGrid API](https://elastic.github.io/eui/#/tabular-content/data-grid):
This makes all `EuiDataGrid`-based views in the Security Solution consistent with `Discover`'s use of the `EuiDataGrid` `Columns` popover.
In `7.15`, the `Columns` popover includes the _hide column_ toggle, as shown in the screenshot below:
_Above: The `Columns` popover in the `7.15` `Alerts` table_
The `Columns` popover in `Discover`'s `EuiDataGrid`-based table does not display the hide column toggle, as shown the screenshot below:
_Above: The `EuiDataGrid` `Columns` popover in `Discover`, in `master`_
Passing `false` to the `allowHide` [EuiDataGrid API](https://elastic.github.io/eui/#/tabular-content/data-grid) API makes the `Columns` popover in all `EuiDataGrid`-based views in the Security Solution consistent with `Discover`, as illustrated by the screenshot below:
_Above: The `Columns` popover is now consistent with `Discover`_
## Changes the `Hide column` action to `Remove column`, to be consistent with `Discover`
- The `Hide column` action shown in the `7.15` alerts table is changed to `Remove column`, making it consistent with `Discover`'s use of `EuiDataGrid`
In `7.15`, the `Alerts` table has a `Hide column` action, as shown in the screenshot below:
_Above: The `Hide Column` action in the `7.15` `Alerts` table_
In `7.15`, clicking the `Hide Column` action shown in the screenshot above hides the column, but does not remove it.
In `7.15`, columns may only be removed by un-checking them in the `Fields` browser, or by un-toggling them in the Alerts / Events details popover. Both of those methods require multiple clicks, and require uses to re-find the field in the modal or popover before it may be toggled for removal.
In `Discover`, users don't hide columns.
In `Discover`, users directly remove columns by clicking the `Remove column` action, shown in the screenshot below:
_Above: The `Remove column` action in `Discover`'s use of `EuiDataGrid` in `master`_
All `EuiDataGrid`-based views in the Security Solution were made consistent with `Discover` by replacing the `Hide column` action with `Remove column`, per the screenshot below:
_Above: The `Remove column` action in the Alerts table_
Note: the `Remove column` action shown above appears as the last item in the popover because it's specified via the `EuiDataGrid` `EuiDataGridColumnActions` > `additonal` API, which appends additonal actions to the end of popover, after the built-in actions:
## Persists updates to the `Columns` popover order in `local storage`
- Persist column order updates to `local storage` when users update the order of columns via the `Columns` popover
The following PR <https://github.com/elastic/kibana/pull/110685> restored partial support for persisting columns across page refreshes via `local storage`, but the Redux store was not updated when users sort columns via the `Columns` popover, an shown in the animated gif below:
_Above: Ordering via the `Columns` popover is not persisted to `local storage` in `7.15`_
This PR utilizes the `setVisibleColumns` [EuiDataGrid API](https://elastic.github.io/eui/#/tabular-content/data-grid) API as a callback to update Redux when the columns are sorted, which will in-turn update `local storage` to persist the new order across page refreshes:
## Restores the feature to persist column widths in `local storage`
In previous releases, resized column widths were peristed in `local storage` to persist across page refreshes, as documented in <https://github.com/elastic/kibana/issues/110524> :
```
{
"detections-page":{
"id":"detections-page",
"activeTab":"query",
"prevActiveTab":"query",
"columns":[
{
"category":"base",
"columnHeaderType":"not-filtered",
"description":"Date/time when the event originated. This is the date/time extracted from the event, typically representing when the event was generated by the source. If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline. Required field for all events.",
"example":"2016-05-23T08:05:34.853Z",
"id":"@timestamp",
"type":"date",
"aggregatable":true,
"width":190
},
{
"category":"cloud",
"columnHeaderType":"not-filtered",
"description":"The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.",
"example":"666777888999",
"id":"cloud.account.id",
"type":"string",
"aggregatable":true,
"width":180
},
{
"category":"cloud",
"columnHeaderType":"not-filtered",
"description":"Availability zone in which this host is running.",
"example":"us-east-1c",
"id":"cloud.availability_zone",
"type":"string",
"aggregatable":true,
"width":180
},
// ...
}
],
// ...
}
}
```
_Above: column widths were persisted to `local storage` in previous release, (going at least back to `7.12`)_
In this PR, we utilize the `onColumnResize` [EuiDataGrid API](https://elastic.github.io/eui/#/tabular-content/data-grid) API as a callback to update Redux when the columns are sorted via the `Columns` popover. Updating Redux will in-turn update `local storage`, so resized columns widths will persist across page refreshes:
### Other changes
The Alerts page `Trend` chart and table were updated to include the following additional `Stack by` fields (CC @paulewing):
```
process.name
file.name
hash.sha256
```
per the before / after screenshots below:
_Above: The Alerts `Trend` Stack by fields in `7.15` (before)_
_Above: The Alerts `Trend` `Stack by` fields (after the addition of the `process.name`, `file.name`, and `hash.sha256` fields)_
CC: @monina-n @paulewing
## Summary
Removes one liner non-null-assert.
Instead of this line:
```ts
if (rule != null && spacesApi && outcome === 'conflict') {
```
We just check using the `?` operator and type narrowing to remove the possibility of an error
```ts
if (rule?.alias_target_id != null && spacesApi && rule.outcome === 'conflict') {
```
The `rule?.alias_target_id != null` ensures that both `rule` and `alias_target_id` are not `null/undefined`
## Summary
During the work here: https://github.com/elastic/kibana/pull/113577
I accidentally have introduced a bug where on migration I was deleting the attributes of `ruleThrottle` and `alertThrottle` because I was not using splat correctly.
Added unit and e2e tests to fix this.
### Checklist
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
## Summary
Fixes:
* Resets happening by adding the throttle to the else switches and error catching. We have to call throttle on every rule execution or we will cause a reset.
* Fixes a case where we were not firing the signal immediately by pushing down the alerts detected. This can cause a reset or a delay of MTTD.
* Adds unit tests for the conditions
* Changes some of the logic to clean things up.
### Checklist
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
* Re-enable previously disabled APM E2E tests.
* Round to the nearest second in `getComparisonTypes` to avoid cases where a millisecond difference can change which results get shown.
* Simplify error count alert tests to test the "happy path" (#79284 exists in order to expand to more tests for rule editing and creation.)
* Wait for alert list API request to complete before clicking "Create rule" button when running the test to create a rule from the Stack Management UI.
I ran the e2e tests 100 times locally with no failures so I'm confident the flakiness has been addressed.
Fixes#114419.
Fixes#109205.
* Aded some data test subjects for the test.
* Added flush indices test.
* Fixed linting issue.
* Merged test subject PR in and updated tests.
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* adds support for saved object based ml models
* adds es asset type and ml model install handler
* wip: handle top level pipeline install
* remove unnecessary mlModel savedObject type
* add package manifest license check
* get modelid from model path
* add fleet api test for ml model
* replace test mlModel for api test with smaller test model
* cleanup install/remove and ensure pipelines are retained when upgrading
* fix types - update test model id
* fix types
* remove hard coded ml category and check top level pipeline on upgrade
* update ml model test file
* ensure deduplicated asset refs are saved
* Fix api integration update test
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Nicolas Chaulet <nicolas.chaulet@elastic.co>
* 🐛 Add padding to the tick label to fit threshold markers
* 🐛 Better icon detection
* 🐛 Fix edge cases with no title or labels
* 📸 Update snapshots
* ✨ Make threshold fit into view automatically
* 🐛 do not compute axis threshold extends if no threshold is present
* ✅ One more fix for 0-based extends and tests
* ✨ Add icon placement flag
* ✨ Sync padding computation with marker positioning
* ✨ compute the default threshold based on data bounds
* 🐛 fix duplicate suggestion issue + missing over time
* 👌 Make disabled when no icon is selected
* ✨ First text on marker implementation
* 🐛 Fix some edge cases with auto positioning
* Update x-pack/plugins/lens/public/xy_visualization/xy_config_panel/threshold_panel.tsx
Co-authored-by: Michael Marcialis <michael@marcial.is>
* 🐛 Fix minor details
* 💄 Small tweak
* ✨ Reduce the padding if no icon is shown on the axis
* 🐛 Fix color fallback for different type of layers
* ✅ Fix broken unit tests
* 🐛 Fix multi layer types issue
* ✅ Fix test
* ✅ Fix other test
* 💄 Fix vertical text centering
* ✨ Rename to reference lines + few fixes
* 🚨 Fix linting issue
* 🐛 Fix issue
* 🐛 Fix computation bug for the initial static value
* ✅ Add new suite of test for static value computation
* 💄 Reorder panel inputs
* 💄 Move styling to sass
* 📝 Keeping up with the renaming
* ✅ Fix functional tests after renaming
* 🐛 Fix duplicate arg from conflict resolution
* 👌 Integrate some follow up feedback
* 📝 Fix typo
* 👌 Integrate feedback
* 🐛 Fix the quick functions transition bug
* 🐛 Fix label issue when updating value
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Michael Marcialis <michael@marcial.is>
* Switch Dashboard to use savedobjects.resolve when loading
* Don't use LegacyURI Redirect if in screenshot mode
* Pass query string on redirects
* Remove unused import
* Fix carrying query params through redirect
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* show loading animation while retrieving policy data based on id
* Move the Not Found logic from the policy details form layout to the policy details page
* Fix unit test error caused by providing empty array to `rightSideItems` of `<AdministrationListPage>`
* Move tests to policy details from policy form layout
* Move angular related parts from kibana_legacy to monitoring
Closes: #114977
* remove private
* move format angular http error into monitoring
* fix translations
