* fix(kibana-uuid): await kibana uuid management before enabaling routes and plugins
* feat(kibana-uuid): use Kibana uuid to identify the Task Manager instance
* fix(task-manager): Fixed unused import
* feat(kibana-uuid): fail Task Manager startup if no uuid is available
- Fixes the missing starting state for analytics jobs.
- Fixes checks if a analytics job is running, for example fixes an issue where the Delete-button was available for a running job in the analytics job list.
* add tests for logWithMetadata in LP
* allow passing metadata to log in NP & LP
* move ui_settings_client to NP
* add ui_settings config
* add ui_settings_service
* switch to NP logging
* export types
* bootstrap uiSettings service in NP
* pass NP uiSettings to LP
* move ui_settings mock to NP
* add test for mixin and switch to NP logger
* make UiSettingsClient.getDefaults sync as it is
* ui_settings_client uses private fields
* ui_settings_client uses private methods
* keep uiSettings config validation in NP only
* update mocks
* core context should know it is mocked
* add tests for ui_settings_service
* remove unused code from ui_settings_mixin test
* improve types in ui_settings_mixin test
* gen docs
* test moved to NP
* set pkg version in tests explicitly
* update mocks in tests
* UiSettingsServiceSetup --> InternalUiSettingsServiceSetup
* add links to types
* address eli comment
* regen docs
* remove unused types
* Expose Saved Objects client in request context
* API Integration test for savedobjects in req context
* SavedObjectsClient docs
* SavedObjectsClient#find remove dependency on indexPatterns
And use the saved objects mappings instead
* Review comments
* Review comments, fixes and tests
* Use correct type for KQL syntax check
## [SIEM] Endgame Row Renderers: DNS, File (FIM), Network, Security (Authentication), Process
This PR renders Endgame events via _row renderers_ in the Timeline, per the following screenshot:
The following Endgame event types / subtypes will be rendered via row renderers in the Timeline:
* DNS (`dns_event`)
- [X] `request_event`
* File (FIM) (`file_event`)
- [X] `file_create_event`
- [X] `file_delete_event`
* Network (`network_event`)
- [X] `ipv4_connection_accept_event`
- [X] `ipv6_connection_accept_event`
- [X] `ipv4_disconnect_received_event`
- [X] `ipv6_disconnect_received_event`
* Security (Authentication) (`security_event`)
- [X] `user_logon`
- [X] `admin_logon`
- [X] `explicit_user_logon`
- [X] `user_logoff`
* Process (`process_event`)
- [X] `creation_event`
- [X] `termination_event`
This PR also adds row rendering support for some non-Endgame events that conform to the [Elastic Common Schema](https://www.elastic.co/guide/en/ecs/current/index.html) (ECS):
* DNS requests
* FIM file creation events
* FIM file deletion events
RELEASE NOTE: To view Endgame events in existing SIEM deployments, you must manually add `endgame-*` to the SIEM index pattern in `Kibana Management > Advanced Settings > SIEM > Elasticsearch indices`.
## DNS Request events
Endgame DNS events with the following event type and subtype will be rendered in the Timeline via row renderers:
```
endgame.event_type_full: dns_event and endgame.event_subtype_full: request_event
```
_To view these Endgame DNS events in a timeline, add `endgame-*` to the `SIEM` > `Elasticsearch indices` setting in Kibana `Advanced Settings`, then paste the query above into a timeline to view events._
### Runtime matching criteria
All DNS events, including Endgame and non-Endgame DNS events matching the following criteria will be rendered:
```
dns.question.type: * and dns.question.name: *
```
_The query above can be executed in a timeline to view all data that will be rendered via the (new) DNS event row renderer._
### Sample rendered DNS event
Each field with `this formatting` will be draggable (to pivot a search) in the row-rendered event:
`Arun` \ `Anvi-Acer` @ `HD-obe-8bf77f54` asked for `clients4.google.com` with question type `A`, which resolved to `10.58.197.78` (response code: `NOERROR`) via `chrome.exe` `(11620)` [ `3008`]
### Fields in a DNS event
The following fields will be used to render a DNS event:
`user.name` \ `user.domain` @ `host.name` asked for `dns.question.name` with question type `dns.question.type`, which resolved to `dns.resolved_ip` (resp code: `dns.response_code`) via `process.name` `(process.pid)` [ `event.code | winlog.event_id`]
Note: At the time of this writing, Endgame DNS events do not populate `dns.response_code`. Row renderers are designed to still render partial results when fields are missing. In this case the following text:
> (resp code: `dns.response_code`)
will NOT be rendered, but the other (populated) fields in the DNS event will be rendered.
### Additional Rendering of DNS events by the Netflow row renderer
In addition to being rendered by the new DNS renderer described above, DNS events will also be rendered by the Netflow row renderer.
The Neflow row renderer shows the directionality, protocol, and flow of data between a source and destination
### Non-Endgame DNS events
The following screenshot shows a DNS event from `packetbeat` rendered by the new DNS row renderer:
_A non-Endgame DNS event that conforms to ECS_
## File (FIM) Creation events
Endgame File (FIM) Creation events with the following event type and subtype will be rendered in the Timeline via row renderers:
```
endgame.event_type_full: file_event and endgame.event_subtype_full: file_create_event
```
### Runtime matching criteria
All file creation events, including Endgame and non-Endgame events matching the following criteria will be rendered:
```
(event.category: file and event.action: file_create_event) or (event.dataset: file and event.action: created)
```
### Sample rendered File (FIM) Creation event
`Arun` \ `Anvi-Acer` @ `HD-obe-8bf77f54` created file `the-real-index~RFa99cd75.TMP` in `C:\Users\Arun\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\d81a98b1-59b9-43b2-a228-b3daf7da56df\index-dir\the-real-index~RFa99cd75.TMP` via `chrome.exe` `(11620)`
### Fields in a File (FIM) Creation event
`user.name` \ `user.domain` @ `host.name` created file `file.name | endgame.file_name` in `file.path | endgame.file_path` via `process.name | endgame.process_name` `(process.pid | endgame.pid)`
## File (FIM) Deletion events
Endgame File (FIM) Deletion events with the following event type and subtype will be rendered in the Timeline via row renderers:
```
endgame.event_type_full: file_event and endgame.event_subtype_full: file_delete_event
```
### Runtime matching criteria
All file deletion events, including Endgame and non-Endgame events matching the following criteria will be rendered:
```
(event.category: file and event.action: file_delete_event) or (event.dataset: file and event.action: deleted)
```
### Sample rendered File (FIM) Deletion event
`SYSTEM` \ `NT AUTHORITY` @ `HD-v1s-d2118419` deleted file `tmp0000031a` in `C:\Windows\TEMP\tmp00000404\tmp0000031a` via `AmSvc.exe` `(1084)`
### Fields in a File (FIM) Deletion event
`user.name` \ `user.domain` @ `host.name` deleted file `file.name | endgame.file_name` in `file.path | endgame.file_path` via `process.name | endgame.process_name` `(process.pid | endgame.pid)`
## Network Connection Accepted events
Endgame Network Connection Accepted events with the following event type and subtype will be rendered in the Timeline via row renderers:
```
(endgame.event_type_full: network_event and endgame.event_subtype_full: ipv4_connection_accept_event) or (endgame.event_type_full: network_event and endgame.event_subtype_full: ipv6_connection_accept_event)
````
### Runtime matching criteria
All Endgame Connection Accepted events, and existing "socket opened" events matching the following criteria will be rendered:
```
event.action: ipv4_connection_accept_event or event.action: ipv6_connection_accept_event or event.action: socket_opened
```
### Sample rendered Network Connection Accepted event
`SYSTEM` \ `NT AUTHORITY` @ `HD-gqf-0af7b4fe` accepted a connection via `AmSvc.exe` `(1084)`
Network Connection Accepted events are also be rendered with the Netflow row renderer, like the `event.action: socket_opened` events are rendered today. The Network Connection Accepted row renderer displays information about the principal actors in the event (i.e. `user.name`, `host.name`, `process.name`), and the Netflow row renderer displays information about the directionality, source / destination, protocol, etc.
### Fields in a Network Connection Accepted event
`user.name` \ `user.domain` @ `host.name` accepted a connection via `process.name` `(process.pid)`
## Network Disconnect Received events
Endgame Network Disconnect Received events with the following event type and subtype will be rendered in the Timeline via row renderers:
```
(endgame.event_type_full: network_event and endgame.event_subtype_full: ipv4_disconnect_received_event) or (endgame.event_type_full: network_event and endgame.event_subtype_full: ipv6_disconnect_received_event)
````
### Runtime matching criteria
All Endgame Network Disconnect Received events, and existing "socket closed" events matching the following criteria will be rendered:
```
event.action: ipv4_disconnect_received_event or event.action: ipv6_disconnect_received_event or event.action: socket_closed
```
### Sample rendered Network Disconnect Received event
`SYSTEM` \ `NT AUTHORITY` @ `HD-gqf-0af7b4fe` disconnected via `AmSvc.exe` `(1084)`
The existing row renderer for `event.action: socket_closed` will be enhanced to display additional fields:
- `user.domain`
- `process.pid`
Network Disconnect Received events will also be rendered with the Netflow row renderer, like the `event.action: socket_closed` events are rendered today. The Network Connection Accepted row renderer displays information about the principal actors in the event (i.e. `user.name`, `host.name`, `process.name`), and the Netflow row renderer displays information about the directionality, source / destination, protocol, etc.
### Fields in a Network Disconnect Received event
`user.name` \ `user.domain` @ `host.name` disconnected via `process.name` `(process.pid)`
## Security (Authentication) User Logon events
Endgame Security (Authentication) User Logon events with the following event type and subtype will be rendered in the Timeline via row renderers:
```
endgame.event_type_full: security_event and endgame.event_subtype_full: user_logon
```
### Runtime matching criteria
Security (Authentication) User Logon events matching the following criteria will be rendered:
```
event.category: authentication and event.action: user_logon
```
### Sample rendered Security (Authentication) User Logon event
`SYSTEM` \ `NT AUTHORITY` @ `HD-v1s-d2118419` successfully logged in using logon type `5 - Service` (target logon ID `0x3e7`) via `C:\Windows\System32\services.exe` (`432`) as requested by subject `WIN-Q3DOP1UKA81$` \ `WORKGROUP` (source logon ID `0x3e7`) [ `4624`]
### Fields in an Security (Authentication) User Logon event
`user.name` \ `user.domain` @ `host.name` successfully logged in using logon type `endgame.logon_type` (target logon ID `endgame.target_logon_id`) via `process.name | process.executable` (`process.pid`) as requested by subject `endgame.subject_user_name` \ `endgame.subject_domain_name` (subject logon ID `endgame.subject_logon_id`) [ `event.code | winlog.event_id`]
### Reference: LogonType Enumerations
The following enumerated values will humanize the numeric `endgame.logon_type` field:
```
2 - Interactive
3 - Network
4 - Batch
5 - Service
7 - Unlock
8 - Network Cleartext
9 - New Credentials
10 - Remote Interactive
11 - Cached Interactive
```
## Security (Authentication) Admin Logon events
Endgame Security (Authentication) Admin Logon events with the following event type and subtype will be rendered in the Timeline via row renderers:
```
endgame.event_type_full: security_event and endgame.event_subtype_full: admin_logon
```
### Runtime matching criteria
Security (Authentication) Admin Logon events matching the following criteria will be rendered:
```
event.category: authentication and event.action: admin_logon
```
### Sample rendered Security (Authentication) Admin Logon event
With special privileges, `SYSTEM` \ `NT AUTHORITY` @ `HD-v1s-d2118419` successfully logged in via `C:\Windows\System32\services.exe` (`964`) as requested by subject `SYSTEM` \ `NT AUTHORITY` (subject logon ID `0x3e7`) [ `4672`]
### Fields in a Security (Authentication) Admin Logon event
With special privileges, `user.name` \ `user.domain` @ `host.name` successfully logged in via `process.name | process.executable` (`process.pid`) as requested by subject `endgame.subject_user_name` \ `endgame.subject_domain_name` (subject logon ID `endgame.subject_logon_id`) [ `event.code | winlog.event_id`]
## Security (Authentication) Explicit User Logon events
Endgame Security (Authentication) Explicit User Logon events with the following event type and subtype will be rendered in the Timeline via row renderers:
```
endgame.event_type_full: security_event and endgame.event_subtype_full: explicit_user_logon
```
### Runtime matching criteria
Security (Authentication) Explicit User Logon events matching the following criteria will be rendered:
```
event.category: authentication and event.action: explicit_user_logon
```
### Sample rendered Security (Authentication) Explicit User Logon event
A login was attempted using explicit credentials `Arun` \ `Anvi-Acer` to `HD-v1s-d2118419` via `C:\Windows\System32\services.exe` (`1736`) as requested by subject `ANVI-ACER$` \ `WORKGROUP` (subject logon ID `0x3e7`) [ `4648`]
### Fields in an Security (Authentication) Explicit User Logon event
A login was attempted using explicit credentials `endgame.target_user_name` \ `endgame.target_domain_name` to `host.name` via `process.name | process.executable` (`process.pid`) as requested by subject `endgame.subject_user_name` \ `endgame.subject_domain_name` (subject logon ID `endgame.subject_logon_id`) [ `event.code | winlog.event_id`]
## Security (Authentication) User Logoff events
Endgame Security (Authentication) User Logoff events with the following event type and subtype will be rendered in the Timeline via row renderers:
```
endgame.event_type_full: security_event and endgame.event_subtype_full: user_logoff
```
### Runtime matching criteria
Security (Authentication) User Logoff events matching the following criteria will be rendered:
```
event.category: authentication and event.action: user_logoff
```
### Sample rendered Security (Authentication) User Logoff event
`Arun` \ `Anvi-Acer` @ `HD-55b-3ec87f66` logged off using logon type `2 - Interactive` (target logon ID `0x16db41e`) via `C:\Windows\System32\services.exe` (`964`) [ `4634` ]
### Fields in Security (Authentication) User Logoff event
`endgame.target_user_name` \ `endgame.target_domain_name` @ `host.name` logged off using logon type `endgame.logon_type` (target logon ID `endgame.target_logon_id`) via `process.name | process.executable` (`process.pid`) [ `event.code | winlog.event_id`]
## Process Creation events
Endgame Process Creation events with the following event type and subtype will be rendered in the Timeline via row renderers:
```
endgame.event_type_full: process_event and endgame.event_subtype_full: creation_event
```
### Runtime matching criteria
Process Creation events matching the following criteria will be rendered:
```
event.category: process and event.action: creation_event
```
### Sample rendered Process Creation event
`Arun` \ `Anvi-Acer` @ `HD-obe-8bf77f54` started process `Microsoft.Photos.exe` (`441684`) `-ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca` via parent process `svchost.exe` (`8`)
`sha256 d4c97ed46046893141652e2ec0056a698f6445109949d7fcabbce331146889ee`
`sha1 12563599116157778a22600d2a163d8112aed845`
`md5 62d06d7235b37895b68de56687895743`
### Fields in a Process Creation event
The following fields will be used to render a Process Creation event:
`user.name` \ `user.domain` @ `host.name` started process `process.name` (`process.pid`) `process.args` via parent process `endgame.parent_process_name` (`process.ppid`)
`process.hash.sha256`
`process.hash.sha1`
`process.hash.md5`
## Process Termination events
Endgame Process Termination events with the following event type and subtype will be rendered in the Timeline via row renderers:
```
endgame.event_type_full: process_event and endgame.event_subtype_full: termination_event
```
### Runtime matching criteria
Process Termination events matching the following criteria will be rendered:
```
event.category: process and event.action: termination_event
```
### Sample rendered Process Termination event
`Arun` \ `Anvi-Acer` @ `HD-obe-8bf77f54` terminated process `RuntimeBroker.exe` (`442384`) with exit code `0`
`sha256 87976f3430cc99bc939e0694247c0759961a49832b87218f4313d6fc0bc3a776`
`sha1 797255e72d5ed5c058d4785950eba7abaa057653`
`md5 bd4401441a21bf1abce6404f4231db4d`
### Fields in a Process Termination event
The following fields will be used to render a Process Termination event:
`user.name` \ `user.domain` @ `host.name` terminated process `process.name` (`process.pid`) with exit code `endgame.exit_code`
`process.hash.sha256`
`process.hash.sha1`
`process.hash.md5`
## Testing
Desk tested in:
* Dark / light mode
* Chrome `77.0.3865.90`
* Firefox `69.0.3`
* Safari `13.0.1`
* NOT tested in IE11 (due to current blocker)
https://github.com/elastic/ecs-dev/issues/178
* [Lens] Track actions in the UI by time
* Switch collector to use task data
* Report summarized version of task data when requested
* Track a more complete set of metrics
* Collect suggestion events separately
* Pre-aggregate by date in localStorage
* Add integration tests
* Fix test linter
* Fix telemetry naming and run at midnight instead of every minute
* Improve cleanup at app level
* Fix lint errors
* Remove unused mock
* Fix tests
* Fix types
* Update event names and fix local tracking
* Respond to review comments
* Fix task time
* Fix test
* move loadEvalData functionality to shared file for re-use
* load MSE and rSquared in analytics expanded row
* disable regression results link in analytics list
* update text for flyout button and error message
* fix translation
* fix generalization spelling
* only fetch eval if job is complete
* fix tests
* CodeBlock accepts an array of strings, rather than a single string
Rather than do the splitting up of lines (for highlighting, numbering)
internally, it makes a bit more sense to have the consumer provide an
array of strings to be rendered.
The biggest win here is the disambiguation of our upcoming
`highlightLine` prop: were we to accept an array of line indices,
it's unclear whether those should correspond to the monaco index
(1-based), internal index (0-based), or formatted (passed through
`lineNumber)`. Better to standardize on the lineIndex argument parameter
already used for lineNumber, and simply ask the consumer to return a
boolean for any given line.
* Add highlightLine prop to CodeBlock
Allows consumers to declare which lines should be highlighted with the
more subtle, full-width coloring.
* Refactors decoration generation into private methods
* Simplifies both lineNumber and highlightLine to be invoked with _just_
the lineIndex, as consumers will now have the array to index into
themselves, if necessary.
* Simplify CSS related to line highlighting
Because of the way we're currently using Monaco, we need to apply all
three of these options to our line decorations. However, all we really
need to do is set the background-color.
As such, we can remove these redundant/unused css classes and reduce the
noise around this functionality. Also, BEM.
* Remove errant CSS rule
This selector is meant to move the folding button over to account for
the extra width taken by the Blame sidebar.
However, `.code-line-decoration` is the only class that is applied to
the blame view, and the selector in question was in fact incorrectly
moving the folding button off the screen on any foldable line that was
also highlighted.
The bug was fixed in the previous commit that removed this class, but
this was the last mention of it.
* Update mock data to depend on Typescript-Node-Starter repo
So that we don't have to import a non-standard repo to view the full
functionality of this page.
* Amend outer page / panel structure
* Remove unused imports
* Add anomalies section and overall chart
* Add legend
* Rename dataSet to partition
* Add max bucket anomaly score
* Move job and setup status types to common
* Move initial job status fetching into page content
* Poll for job status on results page
* Add table / expanded row charts
* Add bucket span text
* Add stat section to expanded rows
* Amend annotations on overall graph
* Add rule to account for EuiFlexItem edge case
* Move functions that handle derivations of data to a new file
* Tweak data points fetched
* Style bars in grey for anomalies charts
* Add severity scoring to annotations
* Fix default
* Remove decimal places from anomaly score representations
* Show all partitions and overall anomaly score in annotation tooltip for overall chart
* Handle 'unknown' to workaround lack of '' suuport in tables
* Add stats section to overall anomalies section
* Base x-domain off the series so that certain buckets aren't omitted
* Tweak colours and DRY up annotation rendering
* Add sorting to table
* Add "number of logs" to API results and render in UI stats
* Track and render out-of-sync job configurations
* Adjust translation labels
* Add stopped state callout
* Add more callout icons
* Fix api integration tests
* Use "pretty" numbers for "Number of logs" stats
* Improve status message wording
* Change recreate job button color back to default
* Add toolbar text
* Format all y axis values to 3 digits
* Remove "Overall anomaly score" and change all wording / calculations to "Max anomaly scores"
* Sort anomaly maximum scores for the overall chart tooltip
* Remove unused translations
* Use white text with badge in toolbar
* Factor out a job recreation callout
* Replace `filter()[0]` with `find()` call
* Amend key
* Use Math.round and introduce a formatAnomalyScore helper function
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/anomalies/index.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/log_rate/index.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Format y-axis of log entry rate chart the same as anomalies charts
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/anomalies/expanded_row.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Remove grow prop
* Update x-pack/legacy/plugins/infra/common/http_api/log_analysis/results/log_entry_rate.ts
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/common/http_api/log_analysis/results/log_entry_rate.ts
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/server/routes/log_analysis/results/log_entry_rate.ts
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/page_results_content.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/anomalies/expanded_row.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/anomalies/expanded_row.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/server/routes/log_analysis/results/log_entry_rate.ts
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/helpers/data_formatters.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/anomalies/expanded_row.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/anomalies/expanded_row.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/anomalies/expanded_row.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/anomalies/index.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/anomalies/index.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/helpers/data_formatters.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/helpers/data_formatters.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/helpers/data_formatters.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/public/pages/logs/analysis/sections/helpers/data_formatters.tsx
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/server/lib/log_analysis/log_analysis.ts
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/server/lib/log_analysis/log_analysis.ts
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/server/routes/log_analysis/results/log_entry_rate.ts
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Update x-pack/legacy/plugins/infra/server/routes/log_analysis/results/log_entry_rate.ts
Co-Authored-By: Felix Stürmer <weltenwort@users.noreply.github.com>
* Change path
* Amend property name
* Use proper default value argument
* Use Kibana dateFormat setting for toolbar formatting
* Change logic for calculating severity score categories
* Add missing translations
* Add interface to top of file
* Add no-wrap to tooltip
* Use more idomatic code
* Use static value for series styles
* Move the callouts into the right location
* Fix linter warning
* Add non-functional ML link button
* Fix merge mistake
* Add file parse chunking, update component on progress
* Clean up clean and validate and redo to process single features
* Add oboe dependency
* Prevent state updates on cancel
* Handle new files added mid-way through parsing another file
* Fix issue where subsequent index name is wiped out when previous file cancelled
* Remove unneeded oboe abort logic
* Dice parsing logic up further for testing
* Clean up
* Revert "Fix issue where subsequent index name is wiped out when previous file cancelled" (covered in separate PR)
This reverts commit 0688e73ffc.
* Update file parse test to focus on different stream states
* Update clean and validate tests to reflect function input/output changes
* Bump up file buffer. Simplify ui update logic, not neceesary to throttle with less frequent callbacks
* Show features parsed on UI rather than percentage
* Remove extra mock reset
* Review feedback. Add localized feature tracking callback
* Review feedback. Add comment explaining progress update throttling. Also, use debounce to throttle
* Remove console log
* Consolidate feature handling into one function passed to oboeStream node
* Abstract oboe logic to separate class and import for use in file parser
* Update file parser test to mock PatternReader import
* Prevent file parse active flag from resetting if another file is in progress
* Don't pass back result if no features found on complete, throw error with feedback. Add clean-up for prev PatternReader
* Use singleton version of jsts reader & writer. Pass back unmodified feature if clean returns nothing
* Make fileHandler function async
* Return null if no geometry
* Handle single features differently. Fixes functional test error
* Update jest test to use unique instances & counts of readers
* Review feedback
* Review feedback
* Review feedback. Add error-handling for null geom
* Fix i18n error
* Clean up handling of cancelled/replaced files to account for changed fileHandler return type
