* [eslint] add rule to prevent export* in plugin index files
* deduplicate export names for types/instances with the same name
* attempt to auto-fix duplicate exports too
* capture exported enums too
* enforce no_export_all for core too
* disable rule by default, allow opting-in for help fixing
* update tests
* reduce yarn.lock duplication
* add rule but no fixes
* disable all existing violations
* update api docs with new line numbers
* revert unnecessary changes to yarn.lock which only had drawbacks
* remove unnecessary eslint-disable
* rework codegen to split type exports and use babel to generate valid code
* check for "export types" deeply
* improve test by using fixtures
* add comments to some helper functions
* disable fix for namespace exports including types
* label all eslint-disable comments with related team-specific issue
* ensure that child exports of `export type` are always tracked as types
Co-authored-by: spalger <spalger@users.noreply.github.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* fix o11y privileges when rule created in stack
* fix merge
* fix dsl alerts
* fix privileges on o11y
* after discussion with o11y, we agree to simplify logic of the count of alerts
* remove unused variable
* fix one more type error
Co-authored-by: mgiota <panagiota.mitsopoulou@elastic.co>
* [Observability] Update AlertsSearchBar placeholder (#108179)
* [Observability] Remove default search query from Alerts page (#110242)
This is done to align with other placeholder texts found within the
Observability solution.
* Replace usages of alert.status: open with active
* Update unit tests
* Add back home.disableWelcomeScreen=true
* Only disable welcome screen within APM ftr config
* Add disableWelcomeScreen option to security solution cypress config
* Fix reference to workflow status
* oops
* Remove duplicate disableWelcomeScreen
* Update README.md
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Update T-Grid to use DataGrid pagination
* It also improves the Gtid loading state
* DataGrid pagination makes sure that we display the grid with the proper height.
* Add DataGrid height hack to t-grid
HUGE HACK!!!
DataGrtid height isn't properly calculated when the grid has horizontal scroll.
https://github.com/elastic/eui/issues/5030
In order to get around this bug we are calculating `DataGrid` height here and setting it as a prop.
Please revert this commit and allow DataGrid to calculate its height when the bug is fixed.
* Apply DataGrid laoding and pagination changes to observability
* Fix cypress tests
* Fix t-grid page render bug on Observability
* some pagination fixes
* hide table when analyzer active
* isolate exported function
Co-authored-by: semd <sergi.massaneda@elastic.co>
* popover padding size unified
* remove panels from all context menus
* action items order changed
* cases menu items test fixed
* translations and small changes
* remove components not used anywhere
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Angela Chuang <yi-chun.chuang@elastic.co>
* get back index names in o11y
* testing and integration
* fix types
* Avoid using the rule data client for field list
* Remove left-over index argument
* no needs of alert consumer anymore
Co-authored-by: Felix Stürmer <stuermer@weltenwort.de>
* [RAC][Observability] remove severity fields from mapping keep only ALERT_SEVERITY
* temporarily remove severity value occurences
* remove ALERT_SEVERITY_VALUE occurences, this value is not being read and shown in the Observability alerts table
* remove duplicate ALERT_SEVERITY identifier
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* filter for value
* code clean up
* fix i18n tests
* fix type errors
* revert changes to reason field to make reason field clickable again
* [RAC Observability] fix reason field
* fix type issues
* filter my kibana.alert. status on load (will refactor)
* refactor filter for alert status on load
* remove rest params
* fix eslint errors
* hard code alert status for now, will be fixed in another PR
* move filter_for button in a separate file
* fix errors
* comply with kibana i18n guideines
* simpler implementation for default filtering
* fix syntax error
* fix type errors
* fix eslint errors
* fix eslint errors
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* use rac alerts bulk_update
* cleanup
* adds replace ALERT_STATUS with ALERT_WORKFLOW_STATUS and updates tests and adds logic for switching between signal.status and workflow status when updating alerts in .siem-signals
* allow object and string types in query param, fixed single update api to use WORKFLOW_STATUS instead of ALERT_STATUS
* adds additional integration test for when query is a DSL object in addtion to KQL string
* optionally use fields api in requests if _source does not contain authz properties
* integrate bulk update to all hook calls
* adds fields support, fixes bug where we were writing to 'signals.status' and not { signals: {status }} in alerts client
* clean up and fixes
* fix a bug where we were not waiting for updates to complete when using ids param in alerts bulk update. Adds integration tests for detection engine testing update alerts with new alerts as data client routes
* take index name from ecsData props
* pr suggestions
* some more type fixes
* refactor and type fixes
* snapshot updated
* add status update actions to row context menu
* refactor to use dispatch function in o11y actions
* comment removed
* bring alertConsumer back
* bring indexNames back
* check capabilities to show status update items
Co-authored-by: Devin Hurley <devin.hurley@elastic.co>
* Use correct url to management app for observability cases, use normalized ids in timelines
* Update failing test
* Load alert details data to render flyout in case detail view
* balance solutions
* clean up solution changes
* change footer button size
* update management section
* apply max-width to management items
* remove right side items from page header
* add data content update
* illustration poc
* add data content updates per feedback
* img size and alignment
* moved shared images to shared assets folder
* more solutions clean up
* rm unneeded import
* remove references to subtitle and appDescriptions
* update tests and snapshots
* more test and snapshot updates
* restore solution sort order
* ts and jest fixes; thx catherine!
* i18n fixes
* use new `KibanaPageTemplateSolutionNavAvatar` comp
* change solution imgs from png to svg
* update tests and snapshots
* rm spacer and update snapshots
* account for flex margin changes in img offset
* Change "Kibana" overview page text to "Analytics"
* update overview icon to match hp changes
* update snapshots
* center justify solutions and update snapshots
* update snapshots
* title case dev tools and stack management
* update text and snapshots
* fix merge error
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [RAC][Security Solution][Observability] Add the add to new case and add to existing case actions to observability alerts table
* Remove fake data and make features work with observability data format
* Remove console.log and unused translations
* Remove commented out code
* Remove unneeded copy pasta id, create initializeStore function in timelines
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Remove outdated top_alerts route and related types
* Remove tests for deleted code
* Remove test for deleted API
* Remove reference to deleted type
* Remove unused translations
* Remove unused mock from story
* Remove no-op alerts page story for now
* Remove unsafe type assertions
* Factor out alert field type
* Compile kbn-io-ts-utils for the browser as well
* Avoid deep import which doesn't work cross-platform
* Revert "Avoid deep import which doesn't work cross-platform"
This reverts commit 492378c6b5.
* Revert "Compile kbn-io-ts-utils for the browser as well"
This reverts commit a1267b139d.
* Revert "Factor out alert field type"
This reverts commit def6987498.
* Revert "Remove unsafe type assertions"
This reverts commit c88d4cd005.
* Remove unsafe type assertions (again)
* [RAC] display timestamp value instead of triggered
* remove unused value
* fix imports
* fix imports
* Update x-pack/plugins/observability/public/pages/alerts/alerts_table_t_grid.tsx
Co-authored-by: Tiago Costa <tiagoffcc@hotmail.com>
* add some explanations
* more explanations
* 108035: change relative time for timestamp to absolute
Co-authored-by: Tiago Costa <tiagoffcc@hotmail.com>
### Summary
### Fields used moving forward
`kibana.alert.rule.consumer` will refer to the context in which a rule instance is created. Rules created in:
- stack --> `alerts`
- security solution --> `siem`
- apm --> `apm`
`kibana.alert.rule.producer` will refer to the plugin that registered a rule type. Rules registered in:
- stack --> `alerts`
- security solution --> `siem`
- apm --> `apm`
So an `apm.error_rate` rule created in stack will have:
- consumer: `alerts` and producer: `apm`
An `apm.error_rate` rule created in apm will have:
- consumer: `apm` and producer: `apm`
`kibana.alert.rule.rule_type_id` will refer to a rule's rule type id. Examples:
- `apm.error_rate`
- `siem.signals`
- `siem.threshold`
Also renamed the following because `rule.*` fields are meant to be ecs fields pulled from the source/event document, not refer to our rule fields.
`rule.name` --> `kibana.alert.rule.name` will refer to the rule's name.
`rule.category` --> `kibana.alert.rule.category` will refer to the rule's category.
`rule.id` --> `kibana.alert.rule.uuid` will refer to the rule's uuid.
