### Summary
Addresses #92732
7.11+ versions of threshold preview histogram were aggregating by "event.category". This PR updates the preview histogram to take into account threshold field groups and cardinality.
It may need to be called out in documentation or updated to remind users that preview is not an exact guarantee of what signals will be produced as it does not take into account interval and any timestamp_override. Threshold gets a tad bit more confusing because of the multiple aggregations occurring (threshold --> group by field --> histogram).
* [Metrics UI] Use memory limit for K8S when available
* removing duplicate key
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Problem
There's a circular dependency https://github.com/elastic/kibana/issues/91111 between the `fleet` and `security_solution` plugins
* `security_solution` depends on `fleet`, but
* `fleet` has (_had_ with this PR) an `import` from `security_solution` (migrations for the 7.11 and 7.12 package policy objects)
## Proposed solution
### (A) This PR
Move the two imported functions from `security` into `fleet`.
### (B) Follow up issue
Putting integration-specific code into `fleet` doesn't scale (technically or cognitively). Discuss if this use case (specifying saved object migrations, etc) applies to other plugins. e.g. can `apm` do this? `nginx`? If so, should we find a way to move this out of `fleet`?
### Checklist
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
closes https://github.com/elastic/kibana/issues/91111
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Add server side API routes & update types expected from server
* Create CurationLogic with GET and PUT listeners
- PUT is mostly placeholder for now, we'll actually use it later in future Curation PRs
* Create Curation view component & page load effect
* Update CurationsRouter to use new view + remove add_result route
- Per design discussion w/ Davey, we'll be removing the standalone add result route in favor of an in-page flyout
* Fleet: adds new service for Artifact storage management
* Fleet: Expose new `createArtifactsClient()` from Fleet `Plugin#start` interface
* Endpoint: Change Endpoint to use FleetArtifactClient and initial implementation of EndpointArtifactClient
* Endpoint: Add `fleetServerEnabled` feature flag to security solution plugin (will be used in next PR)
* Endpoint: Artifact download api adjusted to get artifact from fleet index
* Endpoint: Added new esArchive for artifacts stored in .fleet-artifacts index for API integration tests
* Add custom actions prop to Result component
- will be used by upcoming Curations work to promote and hide documents
* Add Result custom actions to library
+ [misc] export main Result component from index
This PR addresses a potential problem that we have *not yet* encountered in the wild, but could in theory happen.
When choosing the sort value to use as the value of the `latestTimestamp` in the ES Query Rule Type, we assumed that the sort value would be parsable as a Date.
In this PR we ensure we only try to use a sort value *if* it can be parsed into a date.
* Update text and icons to align with Cloud
* Update test to reflect new page title prefix
* Change links conditionally
* Simplify profile link logic
* Add setAsProfile prop for overriding default link
* Address feedback
* remove translations since message has changed
* Tidying up
* Add unit tests.
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Aleh Zasypkin <aleh.zasypkin@gmail.com>
* [ML] Adding support for saved object based ml modules
* updating icon mapping
* cleaning up code
* missed private variable
* removing mappings json file
* renaming module id
* updating test
* removing unrelated file
* type clean up
* changing logo type
* changes based on review
* removing fleet changes
* updating type guards
* fixing list module return type
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Remove request facade and update search strategies
* Use typescript
* Type files
* Update structure
* Update tests
* Type annotations
* Fix type for infra
* Type editor_controller
* Type vis_editor
* Type vis_picker
* Fix types
* Type panel_config
* Fix vis data type
* Enhance types
* Remove generics
* Use constant
* Update docs
* Use empty object as default data
* Fix merge conflict
* Fix test suite name
https://github.com/elastic/kibana/pull/94038/files#r590545670
* Move types out of AttributeSelector component to shared types
* Fix random typo
* Add routes and path generator util
* Move constants to shared
* Fix types in mock
* Fix routes
* Fix failing tests
* Make indicator enrichment tests order-independent
Due to the fact that we use named queries to determine matches, and the
fact that the order in which named queries are returned is undefined, we
cannot guarantee a consistent ordering of enrichments if a given event
matches multiple named queries.
Because the ordering is not in itself important to enrichment, in order
to assert the multi-match functionality we must make the assertions
order independent.
* PR feedback
* Since we're only looping for side effects, prefer forEach to map for
more idiomatic FP.
* Remove redundant "_" from icon names
* Move all icons from sources_full_bleed to source_icons
Overwrite existing icons in case of conflicts
* Remove fullbleed prop from source_icon
* Minimize the only unminimized icon
* Remove unused icons