* Add tutorial for ILM with filebeat
* Change screenshots and add additional steps
* Update screenshots, add numbered steps, and other minor edits
* Incorporate feedback: update links, formatting, and minor edits
* Move tip inline with list
* Apply suggestions from code review
Co-Authored-By: James Rodewig <james.rodewig@elastic.co>
* Move TIP inline . . . again
* Put TIP inline
Co-authored-by: James Rodewig <james.rodewig@elastic.co>
## [SIEM] Overview Page "1.5"
A redesigned SIEM Overview page that includes `Recent timelines`, a `Security news` feed, visualizations, and rolled-up event counts
### Overview enhancements
- Added the global Search bar and Date picker to the Overview page
- New `Recent timelines` widget affords quick access to favorite and recently modified timelines
- New `Security news` widget
- New Kibana advanced settings (toggle switch) for enabling or disabling the news widget and configuring the news URL
- New `Events count by dataset` widget
- Updated the `Host Events` and `Network Events` widgets to integrate with the Search bar and date picker input
- Enhanced the `Host Events` and `Network Events` widgets to use an accordion paradigm that summarizes stats by source (e.g. `Auditbeat`, `Endgame`)
- Enhanced the `Host Events` and `Network Events` widgets to visualize relative percentages of events collected as progress bars
- New `Alerts count by category` widget
- New `Signals count by MITRE ATT&CK™ category` widget
- New `View events`, `View alerts`, and `View signals` navigation buttons for their respective visualizations
### FTUE enhancements
- FTUE "no data" view design refresh
- When the FTUE "no data" page is displayed, hide all global navigation links (i.e. `Hosts`, `Network`, `Detection engine`), such that only `Overview` appears in the global nav
- App Help popover design refresh
- Removed the `Beta` badge and `Security Information & Event Management with the Elastic Stack` from the Overview header
- Tested in Chrome `79.0.3945.117`, Firefox `72.0.1`, and Safari `13.0.4`
## Known issues
- The `siem:newsFeedUrl` advanced setting is defaulted to `https://feeds.elastic.co/kibana`
- The `Signals count by MITRE ATT&CK™ category` visualization does not display all categories
- The `Signals count by MITRE ATT&CK™ category` visualization may require a different index pattern
- `EuiButtonGroup` throwing a `Can't perform a React state update on an unmounted component` warning when switching from the Overview tab
https://github.com/elastic/siem-team/issues/484
* [DOCS] Moves index pattern doc to Discover
* [DOCS] Improves intro to index patterns doc
* [DOCS] Edits index patterns doc
* [DOCS] Incorporates comments into index patterns doc
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Asciidoctor sees `,` as the edge of parameters and chokes on one of our
deprecation warnings, rendering funny looking garbage. This wraps the
whole parameter in `"` which makes it look good. It *does* add `"`s
around the result in AsciiDoc, but we plan to migrate from AsciiDoc
"real soon now".
* [DOCS] Updates Index Management doc to include index templates
* [DOCS] Added example of creating a template
* [DOCS] Incorporates review comments
* [DOCS] Fixes typo
* Added an inclusion of, "This setting is off by default..."
* Update docs/management/advanced-options.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
