* Fix accessibility of the filter bar tags (#82457)
* Fix focus state keeping after removing a filter tag (#82503)
* Fix invalid state in the query bar date picker (#82513)
* wip: create validationStep component
* wip: trainingPercent check, analysisFields check. Step details
* move validation check to server
* handle no training percent in validation
* move callout component to shared dir
* use shared Callout component in AD val and update message headings
* update types
* adds functional tests for validation
* adds api integration test for validate endpoint
* consolidate messages for depvar and fields
* fix accessibility test
* update license
* update validation messages
* update types in validation model
* add jobValidationReturnType
* fix validation on response of find status route when rule has a partial failure status
* replaces warning in rule status service with partial failure to maintain backwards compatibility from an API standpoint, also displays 'warning' on UI if a rule's status is partial failure
* display partial failure as 'warning' on all rules table and update e2e test to check for partial failure not warning
* add util function, show 'warning' on monitoring table, fix e2e tests
* Rename alerts plugin to alerting
* Deprecate old config values
* Few more renames
* Update plugin list
* Rename xpack.alerts -> xpack.alerting
* Fix some ESLint rules
* Fix typecheck
* Fix some test failures
* Some more renames
* Fix ESLint
* Fix some test failures
* Fix failing jest test
* Undo exclusive test
* Fix APM deps
* Fix docs
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* refactor
* Add explicit to/from
* cleanup
* A bit more cleanup
* Fix threshold signal history bug when rule is edited
* Added comments
* more cleanup, fix tests
* Add tests later
* Reverse the tuples array
* Fix getThresholdBucketFilters test
* Fix translations
* Add UI validation for string YAML values in policies.
* Do not quote YAML strings containing special characters.
* Add test case for wildcards in the middle of strings.
* Add multiline test case.
* Polish test case.
* Update API docs
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* moved legacy actions api to legacy folder
* introduced connector create api
* added new delete route
* added new execute and get_all
* introduced all connector APIs
* renamed action to connector in Apis
* comment on camel case type
* fixed va
* updated docs
* legacy title
* corrected APIs
* legacy links
* added linik to deprecatred APIs
* added linik to deprecatred APIs from index
* moved legacy apis down one level
* Apply suggestions from code review
Co-authored-by: ymao1 <ying.mao@elastic.co>
* renamed route file for connectorTypesRoute
* define legacy route
* Update docs/api/actions-and-connectors/legacy/index.asciidoc
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
* api docs
Co-authored-by: ymao1 <ying.mao@elastic.co>
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
resolves https://github.com/elastic/kibana/issues/89998
The README.md for the event log was a bit old, and was more focused on
implementation details and information for plugin developers writing events.
There wasn't much information available that was useful for folks using
the event log for problem diagnosis.
So the docs have been updated a bit in general, and more information has
been added on the event document structure, and the actions and alerts
events specifically.
* Set all keyword and text fields for `index.query.default_field` setting
* Update tests and snapshots
* Fix test
* Add default field limit safeguard
* Add logging when beyond limit
* Update tests to mock app context (because I added logger usage)
* Update api integration test
* Rename consts
## Summary
Enables caching in our application by setting the default date time of our application to be `from: now/d` and `to: now/d`. When users go to the advanced settings they will see this now:
<img width="1243" alt="Screen Shot 2021-03-04 at 11 53 08 AM" src="https://user-images.githubusercontent.com/1151048/110014626-43fb6700-7ce0-11eb-94ee-0c4cc7a8a10f.png">
In their date time bars on page loads they will see today instead of 24 hours:
<img width="556" alt="Screen Shot 2021-03-04 at 11 50 18 AM" src="https://user-images.githubusercontent.com/1151048/110015216-dac82380-7ce0-11eb-935d-2d71078c1170.png">
When before they used to have `from: now-24` and `to: now`. This new date time frame plays well with Elastic caches and no longer "busts" them for users on each page request. Now users will send the same date time frame on each query which will cache the views as the default.
This also fixes a small bug with the URL's where the "to" was not being rounded up when it was a dynamic date time on first load. For example if you went to the URL, `/app/security/hosts/allHosts` with no additional state information but have a default of `from: now/d` and `to: now/d` it would not round up the date time. Now it rounds it up through the date math utilities which only rounds when it sees that it is a dynamic date math.
When requests are being sent, expect to see this where you have `from` rounded down and `to rounded up. This should be a consistent non-sliding date time math for caching to operate:
<img width="608" alt="Screen Shot 2021-03-04 at 11 33 11 AM" src="https://user-images.githubusercontent.com/1151048/110015357-01865a00-7ce1-11eb-8580-efacf791b573.png">
If you change the `to` to be another date math such as `now+1d/d` expect to see it also rounded up. This behavior mirrors that of discover:
<img width="608" alt="Screen Shot 2021-03-04 at 11 33 11 AM" src="https://user-images.githubusercontent.com/1151048/110015440-17941a80-7ce1-11eb-832d-e826962829ed.png">
You can manually verify this behavior by setting the same now dates in discover as well as security solutions and both should work as is even when you remove the URL state from the right side of a `?`
### Checklist
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
* Use ReplaySubject and amend date comparisons
* Assess date range expressions separately
* Only add dataset filter to view in stream links if one exists
* Added data-test-subj for ILM policies row and added a functional UI test to create a new ILM policy.
* Removed .only from test to allow entire test suite to run again.
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* wip
* Moving catchError so observable stream does not complete. Adding retry on failure
* Using retryWhen. Updating unit tests
* PR fixes
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Documentation for scaling Kibana alerting, what configurations can change, what impacts they have, etc.
Scaling Alerting relies heavily on scaling Task Manager, so these docs also document Task manager Health Monitoring and scaling.
Before we removed environment from the UI filters (#89647), the environment query parameter would be undefined if "All" was selected. Now we send ENVIRONMENT_ALL in as the query parameter.
Changes in https://github.com/elastic/kibana/blob/master/x-pack/plugins/apm/server/lib/service_map/get_service_map_from_trace_ids.ts made it so no connections would be returned if ENVIRONMENT_ALL was selected, rather than all connections. Since no connections were being returned, no elements except the selected service would be returned in the API response.
This changes it so if ENVIRONMENT_ALL is selected, the connection will always be returned, just like what used to be the case when environment was undefined.
Add an API test for this case.
Fixes#93385.
* Escape quotes in list ids and quote the id in KQL query
* Remove decodeURIComponent because too many KQL queries don't handle quotes
* Add quotes to user supplied IDs for other KQL queries
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* WIP analytics polish
* Working on tests.
* Finishing up tests.
* Updating the engine overview page.
* eslint fixes
* i18n fixes
* Icons feedback
- Remove unused svg file
- Add TODO comment
- Add test coverage
* linting - unnecessary ternaries
* EnginesOverview feedback
TotalCharts
- adjust chart height
- tests: simplify / convert back to shallow
RecentApiLogs
- switch to DataPanel
* DataPanel feedback
Component
- move CSS table bg override out from being an AnalyticsTable concern to a DataPanel concern
+ bem naming, todo comment
- add responsive={false} for better mobile UX
- add className and data-test-subj prop passing
- change title to pass full heading tags rather than a string
- move subtitle below title for better screen reader order
- add index.ts export
Tests
- capitalization for consistency, ordering/describe
- remove data-test-subjs on source code (simpler to grab & inspect tags directly so we can more easily call .text() on passed content)
- add new tests for props (fliled/className/data-test-subj)
Usage
- update other files using DataPanel to start passing heading tags + use index export
- fix RecentApiLogs tests
- change RecentQueries section to use a DataPanel (per Davey)
* Analytics tags - updates & responsive tweaks
Tags
- Rename to more general tags.tsx file
- Add CSS limiting width of variable length tags
- Break up into two separate components for easier readability & testing
- Split up tags column constants so that the wider tables can use the old tags list component
Tables
- add isSmall flag to AnalyticsTable to use new tag count component
- reduce actions column width
- revert unnecessary table test changes
Analytics
- add custom CSS that switches tables/panels into full-width earlier
* AnalyticsSection fixes
- fix responsive behavior with icon
- add missing AnalyticsSection branch coverage
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Constance Chen <constance.chen.3@gmail.com>
## Problem
Blocks of 10-15 `import`s are common in the plugin and there a few places which have ~50 lines of `import`s. It makes it more difficult to understand the where/why of what's being imported.
We've had instances while files import from the same module in different lines. i.e.
```ts
import { a } from './file';
... 5-10 lines later
import { b } from './file';
```
## Proposed solution
Add a lint rule to enforce a convention on the module `import` order. This can help in the same way Prettier & ESLint help to format type signatures or other code. It makes it easier to understand or notice any changes in the code. It's also able to be fixed automatically (`node scripts/eslint.js --fix` or any existing "format on save" in an editor).
## This PR
replaces #92980 (based on https://github.com/elastic/kibana/pull/92980#pullrequestreview-601070556)
### Lint rule
f9be98d Add eslint rule to enforce/autofix import group order. Use the same rule as a few other plugins. Groups `import` statements by type as shown in the [lint rule docs](https://github.com/benmosher/eslint-plugin-import/blob/master/docs/rules/order.md#importorder-enforce-a-convention-in-module-import-order
). The order is:
1. node "builtin" modules
2. "external" modules
3. "internal" modules
4. modules from a "parent" directory
5. "sibling" modules from the same or a sibling's directory, "index" of the current directory, everything else
e.g.
```typescript
import fs from 'fs';
import path from 'path';
import _ from 'lodash';
import chalk from 'chalk';
import foo from 'src/foo';
import foo from '../foo';
import qux from '../../foo/qux';
import bar from './bar';
import baz from './bar/baz';
import main from './';
```
The [lint rule](https://github.com/benmosher/eslint-plugin-import/blob/master/docs/rules/order.md#importorder-enforce-a-convention-in-module-import-order) is relatively light handed. It only ensures the `imports` are groups together in the given order. It doesn't alphabetize or otherwise sort the order of the files.
e.g. imports aren't rewritten to be in alphabetical order. This is fine
```ts
import from './c';
import from './a';
import from './b';
```
The [docs show other options](https://github.com/benmosher/eslint-plugin-import/blob/master/docs/rules/order.md#options) and 2831f02bc7/.eslintrc.js (L1138-L1168) uses many of them
### Newlines option
The newlines settings means a change from something like
```typescript
import fs from 'fs';
import path from 'path';
import _ from 'lodash';
import chalk from 'chalk';
import foo from 'src/foo';
import foo from '../foo';
import qux from '../../foo/qux';
import bar from './bar';
import baz from './bar/baz';
import main from './';
```
to
```typescript
import fs from 'fs';
import path from 'path';
import _ from 'lodash';
import chalk from 'chalk';
import foo from 'src/foo';
import foo from '../foo';
import qux from '../../foo/qux';
import bar from './bar';
import baz from './bar/baz';
import main from './';
```
Added it as a separate commit 2831f02 in case we want to avoid it, but I believe it's an improvement overall. Especially on the files with 25+ lines of imports. Even the "worst case" of something like this isn't bad (IMO). Especially since it's an automatic reformat like anything else in prettier
```typescript
import fs from 'fs';
import _ from 'lodash';
import foo from '../foo';
import main from './';
```
* Writing failing test for duplicate ids
* Test is correctly failing prior to bug fix
* Working jest tests
* Adding more jest tests
* Fixing jest tests
* Adding await and gzip
* Fixing type errors
* Updating log message
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
The threat intel data that we are loading for these tests was previously
copy/pasted, resulting in all docs having the same @timestamp value.
This resulted in nondeterministic ordering which manifested as test
failures.
This fixes the issue by giving a unique timestamp to each indicator
document, and then unskips/updates tests according to this new ordering.
* add start and stop endpoint tests
* add start and stop within spaces endpoint tests
* move start and start_spaces tests to separate files
* wip: move stop and stop_spaces to separate files
* use slow running job config so job is still running when stop request happens
* check started job state is actually started
* check job is stopped after stopping
* add debug logs
* ensure jobs are created/started before stopping attempt
* remove unnecessary debug logs
* rename ml:fileDataVisualizerMaxFileSize to fileUppload:maxFileSize
* add saved object migration
* file preview
* importing status
* remove console statement
* import complete view
* fix geojson_importer test
* tslint
* i18n fixes
* cleanup
* update documenation for advanced setting rename
* advanced settings usage_collection
* remove ml:fileDataVisualizerMaxFileSize from schemas and types
* add copy buttons for import response and fix geojson upload functional tests
* tslint
* remove clipboard-read check
* return early if env does not support reading from clipboard
* fix reporting tests
* review feedback
* update GeoJsonFileSource to support showing results trimmed icon and tooltip
* add fileUpload to useMlKibana context and replace dependencyCache with useMlKibana
* tslint
* review feedback
* lower case file name
* default to selecting geo_shape when file contains both points and shapes
* fix wizard onError callback to not advance to next step
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [Alerting][Docs] Moved alerting links from hard-coded to documentation link service
* fixed due to comments
* Update x-pack/plugins/triggers_actions_ui/public/application/components/health_check.tsx
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
* fixed jest tests
* fixed due to comments
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
* [Misc cleanup] Move Access type to common
- it was being duplicated in server/check_access and InitialAppData
+ add mock access data to DEFAULT_INITIAL_APP_DATA
+ update server/ tests to account for access in DEFAULT_INITIAL_APP_DATA
* Update AppSearchConfigured to pass props to AppLogic vs calling initializeAppData
+ update tests to rerender a wrapper rather than doing {...DEFAULT_INITIAL_APP_DATA} repeatedly
* Update AppLogic to set values from props rather than a listener
- main goal of this PR is to prevent the flash of state between mount and initializeX being called
- note: I recommend turning off whitespace changes in the test file
* Update AppLogic typing so that app data is always expected
- which it should be in any case in a production environment
- note: I could have changed InitialAppData to remove the ? optional notation, but decided on this route instead since InitialAppData affects more than just App Search (e.g. server, WS), and I didn't want this to have potential far-reaching side effects
* Update type scenarios where AppLogic values were previously thought potentially undefined
- which is mostly just configuredLimits it looks like
* [PR feedback] Type name
* [APM] Fixes duplicate ML job creation for existing environments (#85023)
* Removes commented out test code.
* Adds API integration tests
* clean up code for readability
* Add routes for role mapings
* Initial copy/paste
* Update RoleMappingsRouter
- Update all paths
- Change router to use children instead of render props
- Remove legacy app chrome
* Update RoleMappings
- Update all paths
- Use global flash messages
* Update RoleMapping
- Update all paths
- Use global flash messages
- Add types to fix errors
- Use React Router Hooks instead of legacy withRouter HOC
* Fix path in index and add route helper
* Update paths in RoleMappingsLogic
* Remove history in favor of KibanaLogic.navigateToUrl
* Add Role type
* Remove ID prop
This is not needed because the ID is actually passed in the URL itself and is not a requirement in the body of the request
* Replace contextual flash messages with global
It appeared that the server sometimes sent flash messages with the API response, but I checked the Rails server code and there is no `flashMessages` sent back from the server so I am omitting that from the `RoleMappingsServerDetails` interface as well.
* Replace Rails http with kibana http
* Fix route path
* Add route and update global navigation
* Add breadcrumb/page title
* Update flash messages in RoleMapping
I did this for RoleMappings but forgot this one
* Use explicit AttributeName type instead of string
* Add i18n
* Fix type issue
Because the shared role mapping components work for both App Search and Workplace Search, the more generic string is used here because App Search has different role names.
* Add tests for components and router
* Add optional to interface
In the case of a new role mapping, the server is called at the ‘/new’ route and the server responds without a roleMapping prop, as it has not yet been created.
* Add tests for RoleMappingsLogic
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* New empty MetaEngineCreation component
* Added MetaEngineCreation to AppSearchConfigured router
* Empty MetaEngineCreationLogic
* Add rawName value and setRawName action to MetaEngineCreationLogic
* Add indexedEngineNames value and setIndexedEngineNames action to MEtaEngineCreationLogic
* Add selectedIndexedEngineNames value and setIndexedEngineNames action to MetaEngineCreationLogic
* Add description to MetaEngineCreation
* Add name selector to MetaEngineCreationLogic
* Added MetaEngineCreationNameInput to MetaEngineCreation
* Add fetchIndexedEngineNames listener to MetaEngineCreationLogic
* Call fetchIndexedEngineNames when MetaEngineCreation first renders
* Add EuiComboBox for selectedEngineNames to MetaEngineCreation
* WIP Add meta engine source engine limit warning to MetaEngineCreation
* Add submitEngine listener to MetaEngineCreationLogic
* Add onEngineCreationSuccess to MetaEngineCreationLogic
* Fixing tests for MetaEngineCreationLogic
* Fix tests for MetaEngineCreation
* Add Create a meta engine button to EnginesOverview
* Use DEFAULT_META for fetching indexed engine names in MetaEngineCreationLogic
* Copy fixes
* Updating POST /api/engines tests
* Add noItemsMessage prop to EnginesTable
* Add empty prompt to Meta Engines table in EnginesOverview
* Apply suggestions from code review
Co-authored-by: Constance <constancecchen@users.noreply.github.com>
* Better form functionality in MetaEngineCreation
* Fix errors from github
* More MetaEngineCreation coverage
* Meta MetaEngineCreationLogic coverage
* Update x-pack/plugins/enterprise_search/public/applications/app_search/components/meta_engine_creation/meta_engine_creation_logic.ts
Co-authored-by: Constance <constancecchen@users.noreply.github.com>
* Update x-pack/plugins/enterprise_search/public/applications/app_search/components/meta_engine_creation/meta_engine_creation_logic.ts
Co-authored-by: Constance <constancecchen@users.noreply.github.com>
* Update x-pack/plugins/enterprise_search/public/applications/app_search/components/engines/constants.ts
Co-authored-by: Constance <constancecchen@users.noreply.github.com>
Co-authored-by: Constance <constancecchen@users.noreply.github.com>
* remove logic that disables SS action in cold if no rollover and always show replicas field
* update test coverage to be consistent with new form behaviour and expand hot phase without rollover test
* only licensing can disable searchable snapshot field
* clean up i18n
* remove ss field callout
* update error reporting logic to include causes chain, also update UI to show causes
* updated searchable snapshot field in hot phase callout
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* ui enhancement
* fix actions
* unit test
* update row actions
* add case status all
* update find status
* fix type
* remove all case count from dropdown
* fix type error
* fix unit test
* disable bulk actions on status all
* clean up
* fix types
* fix cypress tests
* review
* review
* update status is only available for individual cases
* update available actions on status all
* fix unit test
* remove lodash get
* rename status all
* omit status if it is set to all
* do not sent status if itis set to all
* Remove all status from the backend
* Hide actions on all status
* fix unit test
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Christos Nasikas <christos.nasikas@elastic.co>
Fixes chart histograms for runtime fields. The runtime field configurations were not passed on to the endpoint to fetch the charts data, so charts ended up being empty with a 0 documents legend.
* bring back case connector to design
* disable connector sir in collection
* missing to only create collection type
* fix fields connector when you need to hide service-now sir
* [Alerting][Docs] Changed alerting documentation to poin to a single source of explaining the configurations.
* fixed due to comments
* fixed due to comments
* Apply suggestions from code review
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
* fixed due to comments
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
* Threshold cardinality validation
* Remove comments
* Fix legacy threshold signal dupe mitigation
* Add find_threshold_signals tests
* remove comment
* bug fixes
* Fix edit form value initialization for cardinality_value
* Fix test
* Type and test fixes
* Tests/types
* Reenable threshold cypress test
* Schema fixes
* Types and tests, normalize threshold field util
* Continue cleaning up types
* Some more pre-7.12 tests
* Limit cardinality_field to length 1 for now
* Cardinality to array
* Cardinality to array
* Tests/types
* cardinality can be null
* Handle empty threshold field in bulk_create_threshold_signals
* Remove cardinality_field, cardinality_value
resolves https://github.com/elastic/kibana/issues/91686
The poor email action has not had great success in setting TLS options
correctly. Prior to 7.11, it was basically always setting `rejectUnauthorized`
to false, so was never validating certificates. Starting in 7.11.0, it
started respecting TLS certificates, but there are some simple/test servers
in use that use self-signed certificates.
The real fix for this will be the resolution of issue
https://github.com/elastic/kibana/issues/80120 , but until then, this PR
does a special-case check if the `secure` option is off (so the email client
connects with a plain socket and then upgrades to TLS via STARTTLS) and both
the user and password for the server are not set, then it will use
`rejectUnauthorized: false`. Otherwise, it uses the global configured value
of this setting.
This also changes some other cases, where `secure: true` often did not
set any `rejectUnauthorized` property at all, and so did not get verified.
Now in all cases, `rejectUnauthorized` will be set, and the value will
correspond to the globally configured value, except for the special case
checked here, and when a proxy is in use (that logic did not change).
So it is possible this would break customers, who were using insecure servers
and email action worked, but with this fix the connections will be rejected.
They should have been rejected all this time though.
The work-around for this problem, if we don't implement a fix like this, is
that customers will need to set the global `rejectUnauthorized` to `false`,
which means NONE of their TLS connections for any actions will be verified.
Which seems extreme.
* Update copy of rule config
* Encode threat index as part of our named query
* Add index to named query, and enrich both id and index
We still need mappings and to fix integration tests, but this generates
the correct data.
* Update integration tests with new enrichment fields
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Removing empty collections when not filtering on status
* Fixing add comment response
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
