## [SIEM] Overview Page "1.5"
A redesigned SIEM Overview page that includes `Recent timelines`, a `Security news` feed, visualizations, and rolled-up event counts
### Overview enhancements
- Added the global Search bar and Date picker to the Overview page
- New `Recent timelines` widget affords quick access to favorite and recently modified timelines
- New `Security news` widget
- New Kibana advanced settings (toggle switch) for enabling or disabling the news widget and configuring the news URL
- New `Events count by dataset` widget
- Updated the `Host Events` and `Network Events` widgets to integrate with the Search bar and date picker input
- Enhanced the `Host Events` and `Network Events` widgets to use an accordion paradigm that summarizes stats by source (e.g. `Auditbeat`, `Endgame`)
- Enhanced the `Host Events` and `Network Events` widgets to visualize relative percentages of events collected as progress bars
- New `Alerts count by category` widget
- New `Signals count by MITRE ATT&CK™ category` widget
- New `View events`, `View alerts`, and `View signals` navigation buttons for their respective visualizations
### FTUE enhancements
- FTUE "no data" view design refresh
- When the FTUE "no data" page is displayed, hide all global navigation links (i.e. `Hosts`, `Network`, `Detection engine`), such that only `Overview` appears in the global nav
- App Help popover design refresh
- Removed the `Beta` badge and `Security Information & Event Management with the Elastic Stack` from the Overview header
- Tested in Chrome `79.0.3945.117`, Firefox `72.0.1`, and Safari `13.0.4`
## Known issues
- The `siem:newsFeedUrl` advanced setting is defaulted to `https://feeds.elastic.co/kibana`
- The `Signals count by MITRE ATT&CK™ category` visualization does not display all categories
- The `Signals count by MITRE ATT&CK™ category` visualization may require a different index pattern
- `EuiButtonGroup` throwing a `Can't perform a React state update on an unmounted component` warning when switching from the Overview tab
https://github.com/elastic/siem-team/issues/484
* [DOCS] Moves index pattern doc to Discover
* [DOCS] Improves intro to index patterns doc
* [DOCS] Edits index patterns doc
* [DOCS] Incorporates comments into index patterns doc
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Asciidoctor sees `,` as the edge of parameters and chokes on one of our
deprecation warnings, rendering funny looking garbage. This wraps the
whole parameter in `"` which makes it look good. It *does* add `"`s
around the result in AsciiDoc, but we plan to migrate from AsciiDoc
"real soon now".
* [DOCS] Updates Index Management doc to include index templates
* [DOCS] Added example of creating a template
* [DOCS] Incorporates review comments
* [DOCS] Fixes typo
* Added an inclusion of, "This setting is off by default..."
* Update docs/management/advanced-options.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
Discover currently executes a search as soon as it loads. For some users this is useful. But for others it may return worthless results at the expense of extra load on their ES cluster and increased page load times, making it harder to get to the data they actually want. This PR adds an advanced setting allowing users to turn off the "search on page load" functionality in Discover.
