* Add telemetry for new protection types and arrays of objects
* Add malware_signature to process.Ext + dll.Ext
* Fix comments for base fields
* Move naming convention disable to a line
* Fix unit test for rule.version
* Don't block standalone agent instructions when not using Fleet server yet
* Add service token instructions - UI only
* Add route for regenerating fleet server service token
* generate tokens instead of regenerate and add error catching and tests
* fix i18n typo
* i18n fix, add sudo, copy edits
* Fix commands
* Add missing test file
Co-authored-by: Nicolas Chaulet <nicolas.chaulet@elastic.co>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* condense waterfall chart visuals
* adjust font size of waterfall chart items to medium
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* adds snapshot test for getSignalsTemplate
* [CTI] Extracts non-ecs, non-signal mappings to separate file
* adds updated ECS mappings
* Normalize/clean up various mappings files
* Adds a wrapping "mappings.properties" around our extra mappings
* Spreads our other mappings similarly to ECS mappings
* Moves dynamic: false out of ECS mappings and into our main template
* Ensures we include 'threat.properties.indicator', since that's where
our 'type: nested' declaration resides
* Update ECS mappings snapshot post-1.9 updates
This updated snapshot reflects the mappings changes that one will receive when
migrating/rolling over to a 7.13 alerts index.
* Update signals template version as per guidelines.
The last released mappings update was #92928, which bumped from 24 ->
25. The few unreleased updates since then have increased this by 1, but
since these changes are going out with 7.13 we are bumping by 10 _since
the last release_, in order to give "room" for minor releases.
* Fix cypress test failure due to updated mappings
This magic number represents "the number of mapped fields that begin
with 'host.geo.c' and, because this PR adds a mapping for
host.geo.continent_code, the test needed to be updated.
Co-authored-by: Ece Ozalp <ozale272@newschool.edu>
* improve validation messages and add checks
* disable form switch if job created
* updated included fields message
* update top classes message
* update top classes success message
* [KQL] Skip slow wildcard checks when query is only *
* Fix case without index pattern
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [Discover] Add runtime fields editor to mobile view
* Add a unit test
* Fix typescript issues
* Fixing layout on mobile
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [Search Source] Fix field filtering
* Add more use-cases for source filtering
* Add more use-cases
* Change filtering to use fieldWildcardFilter
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Now the new EuiDataGrid based document table is the default
* Columns can be sorted by drag and drop
* Column width can be changed by drag and drop
* There's a fullscreen mode
* There's document selection
* There's document navigation in the flyover of a expanded document
* Sorting is much more user friendly, less confusing and sort order can be changed by drag and drop
* Fix flaky SO import tests
* [will be reverted] remove all tests from CI group 8
* Revert "[will be reverted] remove all tests from CI group 8"
This reverts commit ede007ec
* Revert "[will be reverted] remove all tests from CI group 8"
This reverts commit ede007ec
* [Discover] Adds an Options menu for enabling the Legacy table
* Add unit test
* Layout and copy tweaks
* Update UI and fix unit test
* Change description text
* Revert legacy text mode functionality
Co-authored-by: Ryan Keairns <contactryank@gmail.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [Timelion] add colons support in field names for metric
* [Timelion] support percent for metric
* [Timelion] get rid of array indexes
* [Timelion] get rid of lodash methods
* [Timelion] support colons in split. fix expression suggestions
* [Timelion] escape colons for metric
* [Timelion] use metric types common constants
* [Timelion] support one symbol field name
* [Timelion] resolve duplicate imports
* [Timelion] remove console logs
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* adding border to the toolbar buttons
* Weird ranges/filters shadows/borders fixed
* suggestion shadows fixed
* adjusting border radius on workspace
* add new layer button
* adjust styles for filter by just like for filter agg
* don't show outer style for selecting the field item
* fix color button
* add padding to the button
* v8 conditional
* fix v7
* Update toolbar_button.scss
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
This enhances the queries such that they pass runtime fields defined on Kibana index patterns as `runtime_mappings` in the log entry search strategies.
