## Summary
See https://github.com/elastic/kibana/issues/100433 for details and test instructions.
This is considered critical and a small fix for 7.14.0 has been requested.
* Wrote Cypress test that exercises the bug
* Fixed mutation in one part of the Cypress Test
* Decided to remove the "missing" that we were telling users was "others" since missing is not the same as others. It no longer errors, but some users might be asking why we don't show "others" anymore. The reality is that we only showed "missing" which isn't adding value to the preview of what detections will end up looking like.
* Later if we want a true "others" we should implement it as a larger feature request and not a bug fix IMHO
Before you would get errors in your network panel:
After you now get the `source.ip` without errors:
<img width="1074" alt="Screen Shot 2021-07-09 at 1 28 24 PM" src="https://user-images.githubusercontent.com/1151048/125127326-94813780-e0b9-11eb-9367-bb3b406ff55a.png">
### Checklist
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
Co-authored-by: Frank Hassanabad <frank.hassanabad@elastic.co>
* Remove the "view threat intel data" button from the alert summary
This can be accomplished by clicking the tab itself; there's no real
need for this button.
* Remove section title from alert summary view
This made sense when we had both alert and threat sections, but we no
longer do.
Removes the corresponding translation, and the analogously unused title
from the defunct threat summary view.
* Smaller spacer on alert summary tab
This is distractingly large as compared to other tabs.
* Move "no enrichments" panel below our threat details table
* Remove old import
* Move inspect button inline with rest of header
* Add HR separator to top of NoEnrichmentsPanel
This should arguably be added a level above so as to keep this panel
context-agnostic, but it's currently only used in one place and will
always require the HR, so YAGNI for now.
* Adds more space between title and description on "no data" panel
It has been suggested that the NoEnrichmentsPanel should be following
the guidelines of the EuiEmptyPrompt. If we end up needing e.g. centered
text, we're better off rewriting NoEnrichmentsPanelView in terms of an
EuiEmptyPrompt.
* StyledEuiInMemoryTable has no header row height
We have never provided column names to this component. However, there is
default padding on the thead tds such that even without content they
take up vertical height.
This has resulted in some extra top-margin on historical uses of this
table (which are just the Alert Details views). However, the addition of
a sibling table (ThreatSummaryView) made the extra margin noticable,
since it made the two tables appear disjointed even though they're right
up against each other.
This fixes the issue by removing the padding, allowing the thead to take
no height.
And now that that space isn't taken up by the table header, we need to
add a little bit of space between the header and table on the Threat
Details view.
* Move test to appropriate location
The ThreatDetailsView is no longer responsible for displaying the "no
data" components, that's now a level above in EventDetails.
* Prune unused translations
These have been changed in the latest designs.
* Only add HR if panel is preceded by enrichments
We do not want an HR if there's nothing above the panel.
Co-authored-by: Ryland Herrick <ryalnd@gmail.com>
* [APM] Support for data streams index patterns for cloud migration (#101095)
* [APM] Update apm package version to 0.3.0 (elastic/apm-server/#5579)
Co-authored-by: Oliver Gupte <ogupte@users.noreply.github.com>
* Fix ent-search authentication to show the error connecting screen
Missed this in #103555
* [Misc] updoot handleConnectionError order/spacing to match
- why? because i've lost control of my life, probably
Co-authored-by: Constance <constancecchen@users.noreply.github.com>
* [RAC] [RBAC] MVP RBAC for alerts as data (#100705)
An MVP of the RBAC work required for the "alerts as data" effort. An example of the existing implementation for alerts would be that of the security solution. The security solution stores its alerts generated from rules in a single data index - .siem-signals. In order to gain or restrict access to alerts, users do so by following the Elasticsearch privilege architecture. A user would need to go into the Kibana role access UI and give explicit read/write/manage permissions for the index itself.
Kibana as a whole is moving away from this model and instead having all user interactions run through the Kibana privilege model. When solutions use saved objects, this authentication layer is abstracted away for them. Because we have chosen to use data indices for alerts, we cannot rely on this abstracted out layer that saved objects provide - we need to provide our own RBAC! Instead of giving users explicit permission to an alerts index, users are instead given access to features. They don't need to know anything about indices, that work we do under the covers now.
Co-authored-by: Yara Tercero <yctercero@users.noreply.github.com>
Co-authored-by: Yara Tercero <yara.tercero@elastic.co>
* fixes failed integration test
Co-authored-by: Yara Tercero <yctercero@users.noreply.github.com>
Co-authored-by: Yara Tercero <yara.tercero@elastic.co>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* use date range in search query
fixes elastic/security-team/issues/1137
* make any date selection fetch matching log
fixes elastic/security-team/issues/1137
* use a single action for updating paging info and fetching data
fixes elastic/security-team/issues/1137
* use consistent types
for some reason TS was complaining earlier with `undefined`
* reset date picker on tab load
fixes elastic/security-team/issues/1137
* refactor date pickers into a component
refs elastic/security-team/issues/1137
* clear dates on change of endpoint
fixes elastic/security-team/issues/1137
* do not show empty state if date filtering results return empty data
fixes elastic/security-team/issues/1137
* add tests
fixes elastic/security-team/issues/1137
* review changes
* update comment
refs f551b67d66
* store invalidDateRange on redux store and decouple logic from the component
review changes
* fix test
* fix lint
* review changes
* expand date picker to use the full width of the flyout
review changes
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Ashokaditya <am.struktr@gmail.com>
* Fix unsavedChanges false positive when MultiInputRows is present
- The fix for this is to change MultiInputRows from useEffect to useUpdateEffect, which prevents onChange from firing on initial mount/render (triggering updateBoostValue->unsavedChanges)
@see https://github.com/streamich/react-use/blob/master/docs/useUpdateEffect.md
* Fix precision tuner not triggering unsavedChanges
Co-authored-by: Constance <constancecchen@users.noreply.github.com>
* [TSVB] Include/exclude fields appear to migrated TSVB visualization when using Group by Terms
Closes: #104829
* add functional test
* fix JEST
# Conflicts:
# test/functional/page_objects/visual_builder_page.ts
* Fixed `i18nrc not found ja-JP.json file` at expression_reveal_image.
* Fixed `i18nrc not found ja-JP.json file` at `screenshotMode`.
* Fixed `i18nrc not found ja-JP.json file` at `x-pack/plugins/timelines`.
Co-authored-by: Yaroslav Kuznietsov <kuznetsov.yaroslav.yk@gmail.com>
* [DOCS] Creates separate doc for security in production
* Use Kibana attribute
* Update CSP section
* Move SSL section to the top
This is the highest priority item for securing a production installation
of Kibana.
* Add section on using secure HTTP headers
* Write intro
* [DOCS] Fixes broken link and other minor edits
* [DOCS] Changes man to manipulator
Co-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com>
Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com>
* makeAllReportingPoliciesUnmanaged -> makeAllReportingIndicesUnmanaged
* expose the reporting services on the functional services object shared with a11y
* added data-test-subjs for a11y test
* added reporting a11y test
* updated jest test
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Jean-Louis Leysens <jloleysens@gmail.com>
* Enrich events with ES data before rendering event filters modal
* Add unmounted component control check
* Fix error when closing and opening modal/flyout twice
Co-authored-by: David Sánchez <davidsansol92@gmail.com>
* refactor: move `UserPrivilegesContext` to `public/common`
* Add endpointPrivileges to the UserPrivileges context
* refactor `useUpgradeSecurityPackages` to use `useUserPrivileges()`
* Refactor to use `useUserPrivileges()` instead of `useIngestEnabledCheck()`
* Refactor Overview page to use `useUserPrivileges()` instead of `useIngestEnabledCheck()`
* Delete `ingest_enabled` hook and refactor tests
Co-authored-by: Paul Tavares <56442535+paul-tavares@users.noreply.github.com>
* [Fleet] Fix blank page when uninstalling outdated integration
* Make redirect conditional on version mismatch
Co-authored-by: Zacqary Adam Xeper <Zacqary@users.noreply.github.com>
