* injects bulkCreate and wrapHits to individual rule executors
* WIP create_security_rule_type_factory based on Marshall's work in #d3076ca54526ea0e61a9a99e1c1bce854806977e
* removes ruleStatusService from old rule executors, fixes executor unit tests
* fixes rebase
* Rename reference_rules to rule_types
* Fix type errors
* Fix type errors in base security rule factory
* Additional improvements to types and interfaces
* More type alignment
* Fix remaining type errors in query rule
* Add validation / inject lists plugin
* Formatting
* Improvements to typing
* Static typing on executors
* cleanup
* Hook up params for query/threshold rules... includes exceptionsList and daterange tuple
* Scaffolding for wrapHits and bulkCreate
* Add error handling / status reporting
* Fixup alert type state
* Begin threshold
* Begin work on threshold state
* Organize rule types
* Export base security rule types
* Fixup lifecycle static typing
* WrapHits / bulk changes
* Field mappings (partial)
* whoops
* Remove redundant params
* More flexibile implementation of bulkCreateFactory
* Add mappings
* Finish query rule
* Revert "Remove redundant params"
This reverts commit 87aff9c810.
* Revert "whoops"
This reverts commit a7771bd392.
* Fixup return types
* Use alertWithPersistence
* Fix import
* End-to-end rule mostly working
* Fix bulkCreate
* Bug fixes
* Bug fixes and mapping changes
* Fix indexing
* cleanup
* Fix type errors
* Test fixes
* Fix query tests
* cleanup / rename kibana.rac to kibana
* Remove eql/threshold (for now)
* Move technical fields to package
* Add indexAlias and buildRuleMessageFactory
* imports
* type errors
* Change 'kibana.rac.*' to 'kibana.*'
* Fix lifecycle tests
* Single alert instance
* fix import
* Fix type error
* Fix more type errors
* Fix query rule type test
* revert to previous ts-expect-error
* type errors again
* types / linting
* General readability improvements
* Add invariant function from Dmitrii's branch
* Use invariant and constants
* Improvements to field mappings
* More test failure fixes
* Add refresh param for bulk create
* Update more field refs
* Actually use refresh param
* cleanup
* test fixes
* changes to rule creation script
* Fix created signals count
* Use ruleId
* Updates to bulk indexing
* Mapping updates
* Cannot use 'strict' for dynamic setting
Co-authored-by: Marshall Main <marshall.main@elastic.co>
Co-authored-by: Ece Ozalp <ozale272@newschool.edu>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Improve Index Management ts-expect-error annotations.
* Add steps for testing legacy index template mappings types to Index Management README.
* Rename component template API route handler files to follow pattern used elsewhere.
* New CrawlRequest type
* Add crawlRequests value to CrawlerOverviewLogic
* New CrawlRequestsTable component
* Added CrawlRequestsTable to CrawlerOverview
* Hide the CrawlRequest table when there are no domains or crawl requests for an engine
* Add an empty state for CrawlerOverview when there are no domains
* Remove unused import
* Fix AddDomainLogic tests
* Apply suggestions from code review
Co-authored-by: Constance <constancecchen@users.noreply.github.com>
* Fix capitalization
* Clarify test expectations
* Use noItemsMessage prop for CrawlRequestsTable empty state
* Refactor crawl requests logic
* Fix heading sizes
* Remove unused variable
Co-authored-by: Constance <constancecchen@users.noreply.github.com>
Adds the cloud icon to `xpack.actions.customHostSettings[n].ssl.verificationMode` and removes it from `xpack.actions.customHostSettings[n].ssl.rejectUnauthorized`, in the actions configuration documentation. The doc was written before `verificationMode` was added and `rejectUnauthorized` was deprecated.
Update stack monitoring doc to account for alert notification now being send for each node, index, or cluster based on the rule type, instead of always per cluster (PR# 102544)
* Get rid of all the Jest console warnings
* Make sure none of the observability storybook pages throw errors (whether they all work correctly or are useful is another matter, but they all load now.)
The `event.ingested` field is added to all documents ingested via
Fleet plus Agent. By removing the subseconds we can be better compression
of the values in Elasticsearch.
The primary user of `event.ingested` today is the the Security Detection Engine
as a tie-breaker in search_after, but once it moves to the using the
point-in-time API the need for precision will be lessened because PIT has
an implicit tie-breaker.
Relates #103944
Relates https://github.com/elastic/beats/issues/22388
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Add “Actions” table header to tables
- Also adds missing i18n to SourcesTable
- Replaces bespoke TableHeader component with EUI comonents
- TableHeader is only used in one other place, GroupUsersTable, and that component itself is no longer used. Will delete both in a separate PR
* Refactor ViewContentHeader and ContentSection
Before using EuiTitle for sizing, we used conditional headings. We now only need to know if this is the top-level ViewContentHeader or nested in a ContentSection. ContentSections will use h3 and the top-level ViewContentHeader will use h2. The Personal Dashboard does not have an h1 tag, so we will add an h1 in the sidebar on those pages.
* Add some i18n
* Change headings to be semantically correct
- Removed unnecessary strong tag from heading
- Replaces instances of EuiText wrapping headings with EuiTitle
- For the Content Source Overview, spans were used for chldren of h6’s since h6 has special styling and there is no h7
* Add labels
* Hide Action header from Personal dashboard org sources
* Fix icon label
AXE was complaining because the text (name of the source) was the same as the alt text. Added ‘ logo’ to differentiate
* - Configured Sources list
- Connect instance heading
Also removes unused imports from 16d089acfd (diff-a4761afc86544a299d0129b749e3001625f5b194b95ebc31303824f8f95f4381)
Will create a separate PR to clean up this code more.
* Add roles to Personal Dashboard
* Update Platinum Feature badge for a11y
After discussion, it was determined to remove all custon styles and use the 'accent' built-in color for this badge
* Fix failing tests
* Flip boolean from isPersonal to isOrganization
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* New types
* Add crawlDomainValidationToResult to crawler utils
* Add domainValidationStateToPanelColor and domainValidationFailureResultChange to add domain utils
* New ValidationStateIcon component
* New ValidationStepPanel component
* New AddDomainValidation component
* Add AddDomainValidation to AddDomainForm
* Updates to AddDomainLogic to support multi-step validation
* i18n-itize all text
* Update AddDomainFormSubmitButton to use new allowSubmit selector
* Added displayValidation selector to AddDomainLogic
* Clean up AddDomainLogic tests
* Clean-up crawlDomainValidationToResult tests
* Clean-up AddDomainForm tests
* Clean-up ValidationStepPanel component and tests
* Clean-up AddDomainLogic tests
* Destructure index API request bodies consistently.
* Remove unnecessary calls to encodeURIComponent on the server.
* Migrate routes to handleEsError. Delete wrapEsError helpers. Remove unused isEsError and parseEsError dependencies. Remove isEsError from es_ui_shared.
* Update tests and migrate API integration tests.
* Clarify test details in CCR README. Update Index Management README with steps for testing Cloud-managed index templates and steps for testing indices and data streams that contain special characters.
* add version to csv params
* fix ts
* fix api tests
* use kibana version from packageInfo
* use kibana version from packageInfo
* clean up ide warnings
* utility to log and set a default params version
* fix baseparams ts
* update snapshot
* check version in enqueue job
* add temporary ts-ignore for canvas
* clarify comment
* fix hardcoded version in png_pdf_panel
* clarify the UNVERSIONED_VERSION variable with a comment
* fix canvas jest test
* fix ts in example app
* fix types
* send version param to canvas util for job params
* update jest snapshot
* Update utils.test.ts
* fix snapshot
* remove browserTimezone and version from integration boilerplate
* wip ensure version is always populated in job params inside of the service
* wip2
* wip3
* wip4
* wip5
* wip6
* update note
* update example plugin
* wip7
* improve tests
* fix dynamic job params
* better testing
* improve enqueue_job test
* more tests
* fix types
* fix types
* fix example ts
* simplify props
* fix test
* --wip-- [skip ci]
* consolidate baseparams back into one interface
* fix rison encoding of apiClient param
* clean up
* reorganize imports
* back out functional change
* fix 400 error in download csv
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Stop tracking line numbers
* Updated api docs
* Fix type error and update tests
* wrap label in encodeURIComponent for the links
* Update docs after encodeUriComponent change