* [Metrics UI] Add integration tests for Metric Threshold and refactor to fire correctly
* Removing unused variables
* Fixing tests for metric_threshold_executor
* Fixing test for metric_query
* fixing test
* Changing type guard
* [eslint] add rule to prevent export* in plugin index files
* deduplicate export names for types/instances with the same name
* attempt to auto-fix duplicate exports too
* capture exported enums too
* enforce no_export_all for core too
* disable rule by default, allow opting-in for help fixing
* update tests
* reduce yarn.lock duplication
* add rule but no fixes
* disable all existing violations
* update api docs with new line numbers
* revert unnecessary changes to yarn.lock which only had drawbacks
* remove unnecessary eslint-disable
* rework codegen to split type exports and use babel to generate valid code
* check for "export types" deeply
* improve test by using fixtures
* add comments to some helper functions
* disable fix for namespace exports including types
* label all eslint-disable comments with related team-specific issue
* ensure that child exports of `export type` are always tracked as types
Co-authored-by: spalger <spalger@users.noreply.github.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [@pjhampton/@donaherc] Move sec telem tasks into own package.
* Split filter out into its own module, started abstracting ES interaction into a queries module
* Implemented querier and fixed some types
* Updated tests, moved receiver to plugin from sender to decouple them.
* fixed integration in detection engine, misc fixes
* [@pjhampton] Fix type ref problems. Update test defs.
* Make url transformer a member func of the sender class.
* [@pjhampton] clean up receiver commentary.
* [@pjhampton] add null check consistency.
* Fix bad formatting.
Co-authored-by: cdonaher <cdonaher@endgame.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
resolves#109095resolves#106854
Changes the way task manager and alerting perform their health / status
checks:
- no longer sets an `unavailable` status; now uses `degraded` instead
- change task manager "hot stats freshness" calculation to allow for
staler data before signalling a problem
- Changed the "Detected potential performance issue" message to sound
less scary, include a doc link to task manager health monitoring, and
log a debug instead of warning level
- add additional debug logging when task manager sets a status that's
not `available`, indicating why it's setting that status (in the code,
it's when task manager uses HealthStatus.Warning or Error)
* Upgrade EUI to v37.3.1
* Update i18n token mappings
* Skip i18n_eui_mapping defString checks for functions
* Update snapshots
* Update failing Security tests with extra nodes
* Remove hook cleanup now that elastic/eui#5068 is merged
* [i18n PR feedback] Prefer specific token skipping over all functions skipping
* Revert "Remove hook cleanup now that elastic/eui#5068 is merged"
This reverts commit e40ebfa929.
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* wip to remove rbac
* Revert "[Cases] Include rule registry client for updating alert statuses (#108588)"
This reverts commit 1fd7038b34.
This leaves the rule registry mock changes
* remove rbac on Trend/Count alert
* update detection api for status
* remove @kbn-alerts packages
* fix leftover
* Switching cases to leverage update by query for alert status
* Adding missed files
* fix bad logic
* updating tests for use_alerts_privileges
* remove index alias/fields
* fix types
* fix plugin to get the right index names
* left over of alis on template
* forget to use current user for create/read route index
* updated alerts page to not show table when no privileges and updates to tests
* fix bug when switching between o11y and security solution
* updates tests and move to use privileges page when user tries to access alerts without proper access
* updating jest tests
* pairing with yara
* bring back kbn-alerts after discussion with the team
* fix types
* fix index field for o11y
* fix bug with updating index priv state
* fix i18n issue and update api docs
* fix refresh on alerts
* fix render view on alerts
* updating tests and checking for null in alerts page to not show no privileges page before load
* fix details rules
Co-authored-by: Jonathan Buttner <jonathan.buttner@elastic.co>
Co-authored-by: Yara Tercero <yara.tercero@elastic.co>
* Fix bug when upgrading Windows package policies
Ensure package policy merge logics accounts for cases in which an
input/stream which previously had no variables declared but has
variables in a later package version.
Fixes#110202
* Refactor original var set into deepMergeVars
* [ML] Add index pattern info & select control for date time
* [ML] Update translations
* [ML] Gracefully handle when index pattern is not available
* [ML] Fix import
* [ML] Handle when unmounted
* [ML] Remove load index patterns because we don't really need it
* [ML] Add error obj to error toasts
* [ML] Update tests
* [ML] Update hook
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
When the observability:enableInspectEsQueries advanced setting is enabled, show an inspector that includes all queries through useFetcher.
Remove the callout.
## Summary
Ports over the existing Security Solution ML Rule to the RuleRegistry.
How to test this implementation
1. Enable the following in your `kibana.dev.yml`
```
xpack.ruleRegistry.enabled: true
xpack.ruleRegistry.write.enabled: true
xpack.securitySolution.enableExperimental: ['ruleRegistryEnabled']
```
2. Create a rule by running:
```
./x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/scripts/create_rule_ml.sh
```
3. Push document to anomalies index (or trigger anomaly for job id from `create_rule_ml.sh` script)
### Checklist
Delete any items that are not applicable to this PR.
- [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
* Add header to page template
* add external config provider and overview content
* REmove unnecessary todos
* Remove non working section from header
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
**Ticket:** https://github.com/elastic/kibana/issues/110594
## Summary
This PR adds a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place.
**IMPORTANT:**
- **The feature flag is switched off by default**. This is intentional, because we need to **disable the upgrade logic in 7.15.0**.
- **This is a temporary measure**. We're going to work on fixing the index upgrade logic asap and ship it before the next release that makes any mapping changes, possibly as soon as 7.15.1.
- Developers will need to enable it in their local kibana configs this way:
```yaml
xpack.ruleRegistry.unsafe.indexUpgrade.enabled: true
```
Please check the ticket for the background of this fix.
### Checklist
Delete any items that are not applicable to this PR.
- [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials
- [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
- [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
* [APM] Fix for no-data state for fallback from aggregated transactions (#109609)
* PR feedback and unit tests
* fixes lint error
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Fix policy upgrade from APM 0.3.0 to 0.4.0
Add debug log + logic to skip over any package variables that have been
removed from the base policy object. Issue was initially surfaced
testing upgrade from APM integration v0.3.0 to v0.4.0.
Ref #109907
* Fix type error in test
* Remove translation for validation debug log
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Adds distinct breadcrumbs for both "upgrade package policy" paths:
1. From the fleet agent policies list page
2. From the integrations package policie slist page
Closes#110434
* fix o11y privileges when rule created in stack
* fix merge
* fix dsl alerts
* fix privileges on o11y
* after discussion with o11y, we agree to simplify logic of the count of alerts
* remove unused variable
* fix one more type error
Co-authored-by: mgiota <panagiota.mitsopoulou@elastic.co>
* [Observability] Update AlertsSearchBar placeholder (#108179)
* [Observability] Remove default search query from Alerts page (#110242)
This is done to align with other placeholder texts found within the
Observability solution.
* first pass at renaming exports
* type fixes
* fix jest test
* look for correct error type
* remove transitional error
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* account for API errors and uninitialized state before fetching data
fixes elastic/kibana/issues/107129
* better name
refs elastic/kibana/pull/102261
* don't show date picker when loading data initially
fixes elastic/kibana/issues/107129
* use a readable selector instead
review changes
* remove redundant data fetch using paging action on tab switch.
refs elastic/kibana/pull/102261
* remove redundant validation
review comments
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [Maps] replace IFieldType with IndexPatternField
* clean up imports
* import from public
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
- Correctly renders the empty chart state when no data is available.
- Hides the "Click drag to select" and trace samples message when the chart shows an empty state to avoid redundant info.
- Adds jest unit tests that would fail with the previously visible loading indicators.
- Fix a bug with cancelling search strategies.
* Replace usages of alert.status: open with active
* Update unit tests
* Add back home.disableWelcomeScreen=true
* Only disable welcome screen within APM ftr config
* Add disableWelcomeScreen option to security solution cypress config
* Fix reference to workflow status
* oops
* Remove duplicate disableWelcomeScreen
* Update README.md
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Removes ElasticSearch deprecation and makes it harder to import it from the wrong package. I accidentally exposed a deprecated `ElasticSearch` from a package we do not want to expose and everyone's IDE is suggesting it rather than the correct one from Kibana core.
* Removes the type from the exports within the package
* Fixes the instance that is trying to import it in favor of the correct one.
* Exposing preconfigured connectors through actions setup contract
* Adding stub for migration using preconfigured connectors
* Adding isPreconfigured fn to actions client
* Updating rules client logic to not extract predefined connector ids
* Functional tests
* Adding migration
* Adding functional test for migration
* Adding functional test for migration
* Adding note to docs about referenced_by_count if is_preconfigured
* Fixing functional test
* Changing to isPreconfiguredConnector fn in actions plugin setup contract
* Update docs/api/actions-and-connectors/get_all.asciidoc
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
* Update T-Grid to use DataGrid pagination
* It also improves the Gtid loading state
* DataGrid pagination makes sure that we display the grid with the proper height.
* Add DataGrid height hack to t-grid
HUGE HACK!!!
DataGrtid height isn't properly calculated when the grid has horizontal scroll.
https://github.com/elastic/eui/issues/5030
In order to get around this bug we are calculating `DataGrid` height here and setting it as a prop.
Please revert this commit and allow DataGrid to calculate its height when the bug is fixed.
* Apply DataGrid laoding and pagination changes to observability
* Fix cypress tests
* Fix t-grid page render bug on Observability
* some pagination fixes
* hide table when analyzer active
* isolate exported function
Co-authored-by: semd <sergi.massaneda@elastic.co>
## Summary
Removes the "side car" actions object and side car notification (Part 1). Part 1 makes it so that newly created rules and editing existing rules will update them to using the new side car notifications. Part 2 in a follow up PR will be the migrations to move the existing data.
The saved object side we are removing usages of is:
```
siem-detection-engine-rule-actions
```
The alerting side car notification system we are removing is:
```
siem.notifications
```
* Removes the notification files and types
* Adds transform to and from alerting concepts of `notityWhen` and our `throttle`
* Adds unit tests for utilities and pure functions created
* Updates unit tests to have more needed jest mock
* Adds business rules and logic for the different states of `notifyWhen`, and `throttle` on each of the REST routes to determine when we should `muteAll` vs. not muting using secondary API call from client alerting
* Adds e2e tests for the throttle conditions and how they are to interact with the kibana-alerting `throttle` and `notifyWhen`
A behavioral change under the hood is that we now support the state changes of `muteAll` from the UI/UX of [stack management](https://www.elastic.co/guide/en/kibana/master/create-and-manage-rules.html#controlling-rules). Whenever the `security_solution` ["Perform no actions"](https://www.elastic.co/guide/en/security/current/rules-api-create.html
) is selected we do a `muteAll`. However, we do not change the state if all individual actions are muted within the rule. Instead we only maintain the state of `muteAll`:
<img width="2299" alt="ui_state_change" src="https://user-images.githubusercontent.com/1151048/130823045-48a9f34b-db23-44e3-b9ed-cbbb57edc3d6.png">
<img width="1163" alt="no_actions_state_change" src="https://user-images.githubusercontent.com/1151048/130823056-3f8953fa-9433-4973-a2d3-6e11263b9619.png">
Ref:
* Issue and PR where notifyWhen was added to kibna-alerting
* https://github.com/elastic/kibana/pull/82969
* https://github.com/elastic/kibana/issues/50077
### Checklist
Delete any items that are not applicable to this PR.
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
* [Lens] Inspect flyout should be available in editor mode.
* fix typo
* add test
* add functional tests for inspector
* toMatchInlineSnapshot -> toMatchSnapshot
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [APM] Show hostname in JVM view
* [APM] delete no needed param
* [APM] fix linting
* [APM] changes after review
* [APM] changes after review part deux
* [APM] fix snapshot
* [APM] improve guard on api response
* Add global state to stack monitoring react app
* Add type for state
* Add some todos
* Add route_init migration
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* very wip, updating dashboard integration to use v2 reports. at the moment time filters are not working correctly
* added missing dependency to hook
* added tests and refined ForwadedAppState interface
* remove unused import
* updated test because generating a report from an unsaved report is possible
* migrated locator to forward state on history only, reordered methods on react component
* remove unused import
* update locator test and use panel index number if panelIndex does not exist
* ensure locator params are serializable
* - moved getSerializableRecord to locator.ts to ensure that the
values we get from it will never contain something that cannot
be passed to history.push
- updated types to remove some `& SerializableRecord` instances
- fixed embeddable drilldown Jest tests given that we no longer
expect state to be in the URL
* update generated api docs
* remove unused variable
* - removed SerializedRecord extension from dashboard locator params
interface
- factored out state conversion logic from the locator getLocation
* updated locator jest tests and SerializableRecord types
* explicitly map values to dashboardlocatorparams and export serializable params type
* use serializable params type in embeddable
* factored out logic for converting panels to dashboard panels map
* use "type =" instead of "interface"
* big update to locator params: type fixes and added options key
* added comment about why we are using "type" alias instead of "interface" declaration
* simplify is v2 job param check
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* use include frozen setting in csv export
* add api integration test
* add fixes
* Update x-pack/test/reporting_api_integration/reporting_and_security/search_frozen_indices.ts
* test polish
* update per feedback
* Fix upgrades for packages with restructured inputs
Addresses errors surfaced when testing upgrades from AWS 0.6.1 to 0.10.4.
Namely, when inputs are removed from a package between versions,we were
initially throwing errors for each input in the new package that didn't
exist on the outdated package version. Now, we instead simply skip over
cases like this in which an input no longer exists on the new package version.
* Add basic test cases for restructured packages
**Ticket:** https://github.com/elastic/kibana/issues/109293🚨 **This PR is critical for Observability 7.15** 🚨
## Summary
This PR fixes the indexing implementation in `rule_registry`. It implements the suggestions for backwards compatibility described in the ticket:
- changes the naming scheme and introduces the concept of "backing indices", so that names of the concrete ("backing") indices != names of their aliases
- adds versioning based on the current Kibana version
TODO:
- [x] Change index naming (implement the concept of backing indices)
- [x] Include Kibana version into the index template metadata
- [x] Include Kibana version into the document fields
- [x] Remove `version` from `IndexOptions` (parameters provided by solutions/plugins when initializing alerts-as-data indices)
- [x] Fix CI
### Checklist
- [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials
- [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
Add a "Open in Dev Tools" link to the request inspector.
Allow the dev tools to open data uris that are lz-string encoded (the same method used by TypeScript Playground, which are a lot shorter than a base64 encoded string.)
* fix: use package policy ID when checking hasUpgrade
* fix: latest package version broken link
* refactor: use set for collecting unique namespace values
