## Summary
Phase 1 of a multi-phase cautious approach for adding an experimental application cache for Kibana solutions called `metric_entities` and integrates it within Security Solutions.
Phase 1 is putting experimental support into the application without breaking existing features. Lots of TODO's, conversations and a possible RFC from phase 1 to phase 2 approach. Some features are missing, but for phase 1 the general idea and code is all there.
To enable this first phase after checking out the branch add this to your `kibana.dev.yml`
```yml
xpack.metricsEntities.enabled: true
xpack.securitySolution.enableExperimental: ['metricsEntitiesEnabled']
```
Then go into Stack Management -> Advanced Settings (Under Security Solutions) and set the enabled to true like so:
<img width="1229" alt="Screen Shot 2021-04-08 at 2 21 02 PM" src="https://user-images.githubusercontent.com/1151048/114091276-b3cbb700-9875-11eb-9083-5c1d91dd20ed.png">
Next go to the security_solutions page and you will see it being activated and you will have these transforms running if you look under stack management:
<img width="1710" alt="Screen Shot 2021-04-29 at 2 00 27 PM" src="https://user-images.githubusercontent.com/1151048/116611174-4a2e4e00-a8f3-11eb-9e15-55cb504dfb2a.png">
On the hosts page, network, page, etc... You can see them being activated when you have no query/filter and you click on request:
<img width="1405" alt="Screen Shot 2021-04-29 at 2 01 28 PM" src="https://user-images.githubusercontent.com/1151048/116611274-6a5e0d00-a8f3-11eb-9998-9f5b3d1c5c63.png">
You will see in the request the index patterns all starting with `estc_xyz*`
### Checklist
Delete any items that are not applicable to this PR.
- [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)
We have lots of TODO's but no concrete docs with this just yet.
- [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials
Behind a feature flag and this isn't there yet.
- [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
* show operator dropdown for path field
refs elastic/security-team/issues/543
* update translation to use consistent values
refs elastic/security-team/issues/543
* update schema to validate path values
refs elastic/security-team/issues/543
* add tests for field and operator values
refs elastic/security-team/issues/543
* review changes
refs elastic/security-team/issues/543
* update schema to enforce dropdown validation for PATH field
refs elastic/security-team/issues/543
* add tests for schema updates
refs 1deab39453
refs elastic/security-team/issues/543
* optimise dropdown list for re-renders
refs elastic/security-team/issues/543
* align input fields and keep alignments when resized
refs elastic/security-team/issues/543
* correctly enter operator data on trusted app CRUD
refs elastic/security-team/issues/543
* update tests
refs 2ac56ee839
refs elastic/security-team/issues/543
* remove redundant code
review changes
* better type assertion
review changes
* move operator options out of component
- these do not depend on component props and thus no need to have it within a useMemo callback.
- review changes
* derive keys from operator entry field
review changes
* update type
* use custom styles for aligning input fields
review changes
* add a custom type for trusted_apps operator
undo changes from list plugin and server/lib/detection_engine
refs 2ac56ee839
refs elastic/security-team/issues/543
* add wildcard entry type
refs elastic/security-team/issues/543
refs https://github.com/elastic/kibana/pull/97623#pullrequestreview-642618462
* use the new entry type
refs elastic/security-team/issues/543
refs https://github.com/elastic/kibana/pull/97623#pullrequestreview-642618462
* update tests
refs elastic/security-team/issues/543
refs https://github.com/elastic/kibana/pull/97623#pullrequestreview-642618462
* update name for wildcard type so that it can be used also for cased inputs
refs elastic/security-team/issues/543
refs f9cb7eddda
* update artifacts to support wildcard entries
refs elastic/security-team/issues/543
* add tests for list schemas
refs f9cb7eddda
refs elastic/security-team/issues/543
* add placeholders for path values
review changes
elastic/kibana/pull/97623#discussion_r620617999
* ignore type check for now
* add type assertion
refs 284352ec9a
* remove unnecessary test
refs 2ac56ee839
* fix types
refs f9cb7eddda
refs b3f5dc4553
* add a note to entries
review changes
refs dbd3532149
* remove redundant type assertions
review changes
refs bcf615ac98
refs b3f5dc4553
* move placeholder text logic to utils
review changes elastic/kibana/pull/97623#discussion_r621673881
refs 6f2d0d7810
* pass the style as prop
review changes
* update api doc
CI check suggestion
* make placeholderText a function expression
review suggestion
elastic/kibana/pull/97623/commits/2dc4fd390cf5ea0e4fa67b3f5fc2561cbb29555e
* use semantic names for functions
refs 330731ebfc
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Track stats and add extra output information
* Update api docs output
* Clean up id names
* update api docs
* Consolidate error messages and fix a bug
* Update docs
* Update get_declaration_nodes_for_plugin.ts
* Fix bug with removeBrokenLinks not being recursive
* Update docs
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Move current alert HTTP APIs to legacy folder (#93943)
* Move current HTTP APIs to legacy folder
* Rename BASE_ALERT_API_PATH to LEGACY_BASE_ALERT_API_PATH
* Fix failing tests and extra files
* Create new rule HTTP APIs (#93980)
* Move current HTTP APIs to legacy folder
* Rename BASE_ALERT_API_PATH to LEGACY_BASE_ALERT_API_PATH
* Fix failing tests and extra files
* Move current alert HTTP APIs to legacy folder (#93943)
* Move current HTTP APIs to legacy folder
* Rename BASE_ALERT_API_PATH to LEGACY_BASE_ALERT_API_PATH
* Fix failing tests and extra files
* Add necessary files
* Create rule route
* Get rule API
* Update rule API
* Delete rule route
* Aggregate rules API
* Disable rule API
* Enable rule API
* Find rules API
* Fix Update API
* Get rule alert summary API
* Get rule state API
* Health API
* Rule types API
* Mute all API
* Mute alert API
* Unmute all API
* Unmute alert route
* Update API key API
* corrected tpye by making it much more complicated
* removed unneeded cocde
* Fixes
* Add back health route
* mutedInstanceIds -> mutedAlertIds
* lastRun -> last_run
* alert_type_state -> rule_type_state & alert_instances -> alerts
Co-authored-by: Gidi Meir Morris <github@gidi.io>
* Create docs for new rule HTTP APIs, deprecate old docs (#94745)
* Create docs for new APIs, deprecate old docs
* Remove connector_type_id
* Update docs
* Add link to legacy APIs from rules API docs
* Remove connector_type_id references
* [DOCS] Add legacy APIs to index.asciidoc
* Fix camel case
Co-authored-by: lcawl <lcawley@elastic.co>
* Make alerting tests use new rules APIs (#95159)
* Make API integration tests use new HTTP APIs
* Fix end to end tests
* Fix test failures
* Fix more test failures
* Rename some files
* Add tests for legacy APIs (#95333)
* Initial commit (#95457)
* Move some new alerting APIs to /internal (#95461)
* Initial commit
* Update README.md
* Use internal API
* Merge deprecated warning w/ alternative solution
* Update API docs
Co-authored-by: Gidi Meir Morris <github@gidi.io>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: lcawl <lcawley@elastic.co>
* [Reporting-CSV Export] Re-write CSV Export using SearchSource
* replace PIT solution with scan-and-scroll
* update tests
* cleanup
* simplify pr
* update docs
* update docs
* update telemetry schema
* use getSearchRequestBody instead of flatten
* Revert "update docs"
This reverts commit ab9f4d9642.
* optimize some async calls
* cleanup
* --wip-- [skip ci]
* fix telemetry schema
* fix telemetry tests
* fix snapshot
* api docs
* api doc updates
* use import type
* format the data through chains of maps
* add another saved search to reporting/ecommerce_kibana
* add a failing test
* add error logging to query failures
* put clear scroll in a finally so the ES error can be captured
* log dat error
* set dat fieldsFromSource
* --wip-- [skip ci]
* Revert "add another saved search to reporting/ecommerce_kibana"
This reverts commit 6edf26eff2.
* functional test fixes
* clean up ecommerce test archive
* add test for new search with fieldsFromSource set
* add tests and refactor tests
* cleanup redundant conditionals
* add GenerateCsv.getFields
* fix some tests
* fix double-escaping
* fix test snapshots and refactoring
* fix other tests
* fix test
* fix default index pattern in functional tests
* fix ts and sort fields when they come from API response
* --wip-- [skip ci]
* fix formatting and increase maxSizeBytes for testing
* remove client-side logic for sanitizing fields
* do not prepend timefield name if it already is a column
* test the logic to prepend timeField
* test the logic to sort the fields
* fix functional test
* preserve the error from data.search
* add functional test for ES returning an error
* fix snapshot
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* XY Axis, integrate legend color picker with the eui palette
* Fix functional test to work with the eui palette
* Order eui colors by group
* Add unit test for use color picker
* Add useMemo to getColorPicker
* Remove the grey background from the first focused circle
* Fix bug caused by comparing lowercase with uppercase characters
* Fix bug on complimentary palette
* Fix CI
* fix linter
* Use uppercase for hex color
* Use eui variable instead
* Changes on charts.json
* Make the color picker accessible
* Fix ci and tests
* Allow keyboard navigation
* Close the popover on mouse click event
* Fix ci
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* move bootstrap endpoint to core
* some initial cleanup
* hack around the 'try' auth status
* some UT
* more UT
* add try/catch around uISettings access
* add 'auth.isEnabled'
* remove dead files
* use `try` authent mode
* adapt UT
* revert themeTag movearound
* migrate apps route to core
* some cleanup
* nit
* add integration tests
* update generated doc
* add UT for /app route
* add etag IT
* nits
* remove auth.isEnabled API
* add tests on get_apm_config
* use string template instead of handlebars for bootstrap template
* improve plugin bundle tests
* update generated doc
* remove response.etag API
* update generated doc
* update generated doc
* update generated doc again
* extract getThemeTag
* add more unit tests
* Make package validation be based on types
* Add package info to cache after it is generated from ES storage
* Add logging around package info retrieval and when cache is set
* Add snapshot api integration test for uploaded package info
* Use the apache package for snapshot test instead
* Remove date field from snapshot
* Update docs
* Fix streams getting overridden
* Add back package field to data streams
* PR fixes
* Removing duplicate ActionVariable interface. Updating common action variables in UI
* Passing in alert values as rule variables in transform_action_params
* Fixing unit tests
* Fixing functional test
* Adding functiional test
* Updating paths
* Fixing i18n
* Fixing i18n
* Fixing api docs
* Plugin api build
* Moving spaceId and tags under rule prefix
* Using top level alert prefix
* Fixing i18n
* build api docs
* Fixing functional test
* Fixing functional test
* Support for number, date and IP ranges
* Update tests
* Ranges don't work with range agg
* Fix test case
* Allow Discover to create range filters
* Supports ranges in Visualize, KQL, remove Lens support
* Fix test mappings
* Bring back field cache to work around bug
* Fix some tests
* Fix test expectation
* Respond to review comments
* Fix type error
* Remove added sample data
* Fix api_docs
* Fix test
* [Maps] chunk geojson upload to keep import requests under 1MB
* fix geojson_importer tests
* update failure.item to reflect location in file
* remove console statement
* clean up
* return instead of break if upload is no longer active
* add unit test for createChunks
* update file_upload API
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Fix links to github
* Fix links to github
* Update docs to latest
* Sort, remove unneccessary path info, reduce tags
* Go back to having DocDef create the link to avoid backport conflicts
* update api docs
* Rename alerts plugin to alerting
* Deprecate old config values
* Few more renames
* Update plugin list
* Rename xpack.alerts -> xpack.alerting
* Fix some ESLint rules
* Fix typecheck
* Fix some test failures
* Some more renames
* Fix ESLint
* Fix some test failures
* Fix failing jest test
* Undo exclusive test
* Fix APM deps
* Fix docs
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Add UI validation for string YAML values in policies.
* Do not quote YAML strings containing special characters.
* Add test case for wildcards in the middle of strings.
* Add multiline test case.
* Polish test case.
* Update API docs
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* moved legacy actions api to legacy folder
* introduced connector create api
* added new delete route
* added new execute and get_all
* introduced all connector APIs
* renamed action to connector in Apis
* comment on camel case type
* fixed va
* updated docs
* legacy title
* corrected APIs
* legacy links
* added linik to deprecatred APIs
* added linik to deprecatred APIs from index
* moved legacy apis down one level
* Apply suggestions from code review
Co-authored-by: ymao1 <ying.mao@elastic.co>
* renamed route file for connectorTypesRoute
* define legacy route
* Update docs/api/actions-and-connectors/legacy/index.asciidoc
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
* api docs
Co-authored-by: ymao1 <ying.mao@elastic.co>
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* compile core files as isolated modules
* fix export problems for isolated modules
* apply changes to kbn-test as core imports from it
* fix some exports
* fix lint errors
* update new exports
* fix eslint error
* expand export * where it is possible
* update docs
* update docs
* fix eslint error
* update api_docs from gitignore
* api doc files
* Update api_welcome.mdx
* Pretty print json
* Add new lines and extra frontmatter to warn github viewers
* update api_docs with new lines and frontmatter
* Remove all apis tagged @internal and add tests
* Update docs with all internal APIs removed
* fix typescript error in test fixtures
* Update core.json
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>