* Added styles to make combobox list items wider for alerting flyout
* Fixed width for OF expression popover
* Fixed due to comments
* Fixed due to comments
* Resized
* Addded worker padding to save some CPU
* Updated comments
* Update worker scheduler and add a new util
The worker scheduler should only sleep when it cannot process any
in progress operations. Additionally, logic has been added
for handling of queue operations that have been in the queue for
a long time and may be viewed as still in small window of time
by wokers that do not have the credentials to process those
reindex operations.
* res 👉🏻resolve
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* classification: use index field format in results table
* regression: use index field format in results table
* outlier: use index field format in results table
* update types
* add destIndex specific fields when using sourceIndex for fields
* allow case to work without security
* disable configure button + add call out if license does not match and if kibana config does not allow if
* add skeleton for crud in case
* fix link to timeline + disable action on case on read only + allow read only access to our saved object in siem + manage no x-pack.security + show msg when read-only + fix reporters bug
* add actions required in plugins
* review I
* review II
* review III
* review IV
* fix types
* review V
* Move isMlRule helper to a more general location
And use it during rule execution as well.
* Add error message back to rule error status
This was unintentionally removed in a previous merge commit.
* Expose mlClient as part of ML's Setup contract
This allows dependent plugins to leverage the exposed services without
having to define their own ml paths, e.g. "ml.jobs"
* Move ML Job predicates to common folder
These are pure functions and used on both the client and server.
* WIP: Check ML Job status on ML Rule execution
This works, but unfortunately it pushes this executor function to a
complexity of 25. We're gonna refactor this next.
* Move isMlRule and RuleType to common
These are used on both the frontend and the backend, and can be shared.
* Refactor Signal Rule executor to use RuleStatusService
RuleStatusService holds the logic for updating the current status as
well as adding an error status. It leverages a simple
RuleStatusSavedObjectClient to handle the communication with
SavedObjects.
This removes the need for our specialized 'writeError', 'writeGap', and
'writeSuccess' functions, which duplicated much of the rule status
logic and code. It also fixes a bug with gap failures, with should have
been treated the same as other failures.
NB that an error does not necessarily prevent the rule from running, as
in the case of a gap or an ML Job not running.
This also adds a buildRuleMessage helper to reduce the noise of
generating logs/messages, and to make them more consistent.
* Remove unneeded 'async' keywords
We're not awaiting here, so we can just return the promise.
* Make buildRuleStatusAttributes synchronous
We weren't doing anything async here, and in fact the returning of a
promise was causing a bug when we tried to spread it into our attributes
object.
* Fix incorrectly-named RuleStatus attributes
This mapping could be done within the ruleStatusService, but it
lives outside it for now.
Also renames the object holding these values to the more general
'result,' as creationSuccess implies it always succeeds.
* Move our rule message helpers to a separate file
Adds some tests, as well.
* Refactor how rule status objects interact
Only ruleStatusSavedObjectsClient receives a savedObjectsClient, the
other functions receive the ruleStatusSavedObjectsClient
* pluralizes savedObjects in ruleStatusSavedObjectsClient
* Backfills tests
* Handle adding multiple errors during a single rule execution
We were storing state in our RuleStatusClient, and consequently could
get into a situation where that state did not reflect reality, and we
would incorrectly try to delete a SavedObject that had already been
deleted.
Rather than try to store the _correct_ state in the service, we remove
state entirely and just fetch our statuses on each action.
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* classification results: fetch job state on load
* regression results: fetch job state on load
* outlier results: fetch job state on load
* remove deprecated code adding jobStatus to url
* update outlier result test
* Add `context` to `logEntryRT`
* Query context fields
* Extract value to prevent type assertion
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Add test for the context fields
Co-authored-by: Felix Stürmer <weltenwort@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
resolves https://github.com/elastic/kibana/issues/58518
Changes the object properties in the eventLog mappings to use `dynamic: false`
instead of `dynamic: strict`. This provides a bit of a safety net for cases
where the mappings change during development, or potentially in production
cases. Rather than completely lose entire events and see errors in logs, we'll
silently drop properties from events.
While researching the `dynamic` property, I remember there's also a `meta`
property available, which is a convenient place to drop our meta-data about
a field being an array value, for internal processing. Bonus, it can live in
the generated mappings as well.
references:
- https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-field-meta.html
- https://www.elastic.co/guide/en/elasticsearch/reference/current/dynamic.html
Aligns the loading indicator with the middle of the form and adds some margins from the edges.
This has been done on both the alerts list and the connectors list.
* clean up comments + add update_by/update_at case when comment are added/updated + return all comments
* add refresh button + get a better interaction between user + fix bug with pushed data + fix three dot on detail page
* fix i18m
* review I
* review II
* fix alert and action telemetry reporting to stop sending data that starts or ends with a '.'
* Fixed due to comments
* fixed test
* revert testing data
* create new alert details type
* update integration test
* add await to esarchiver call
* remove unused host stats type
* does the ui types good
* change host.host to host_metadata.host
* fix mock result type
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Davis Plumlee <davis.plumlee@elastic.co>
