* [search] Refactor the way search strategies are registered/retrieved on the server
* Fix types and tests and update docs
* Fix failing test
* Fix build of example plugin
* Fix functional test
* Make server strategies sync
* Move strategy name into options
* docs
* Remove FE strategies
* TypeScript of hell
delete search explorer
* Fix search interceptor OSS tests
* typos
* test cleanup
* Delete search example
fix interceptor async tests to use fake timers
* docs
* fix
* return search wrapper
* Update search interceptor tests and abort utils
* ts
* jest test fix
* code review
* change how logs consume search API
Co-authored-by: Lukas Olson <olson.lukas@gmail.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
## Summary
This PR tries to start to tie together the server and client changes for exceptions lists.
- Updates graphql types to allow UI access to a rule's `exceptions_list` property
- Updates the exception viewer component to now dynamically take the rule `exceptions_list`, up until now we just had an empty array in it's place
- Updates the viewer logic to check if a rule has an endpoint list associated with it. If it does, then it displays both detections and endpoint UIs (in the viewer), if it does not, then it only displays the detections UI
- Updates the viewer UI to better deal with spacing when an exception list item only has one or two entries (before the and badge with the antennas was stretching passed the exception items to fill the space)
- Updates the detections engine exceptions logic to fetch list items using an exception list's `id` as opposed to it's `list_id`, this now aligns with the UI using the same params on its end
- Adds exception list `type` to information kept by the rule for exception lists
- Updates the exception list type from `string` to `endpoint | detection`
- Updates the exception list _item_ type from `string` to `simple`
- Adds unit tests for the detection engine server side util that fetches the exception list items
* add generic audit_trail service in core
* expose auditTraik service to plugins
* add auditTrail x-pack plugin
* fix type errors
* update mocks
* expose asScoped interface via start. auditor via request context
* use type from audit trail service
* wrap getActiveSpace in safeCall only. it throws exception for non-authz
* pass message to log explicitly
* update docs
* create one auditor per request
* wire es client up to auditor
* update docs
* withScope accepts only one scope
* use scoped client in context for callAsInternalUser
* use auditor in scoped cluster client
* adopt auditTrail plugin to new interface. configure log from config
* do not log audit events in console by default
* add audit trail functional tests
* cleanup
* add example
* add mocks for spaces plugin
* add unit tests
* update docs
* test description
* Apply suggestions from code review
apply @jportner suggestions
Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com>
* add unit tests
* more robust tests
* make spaces optional
* address comments
* update docs
* fix WebStorm refactoring
Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com>
* Small styling tweaks to processor items
- Moved the move button to the before the processor name
- Cancel button is still after description if there is one
- Made inline text description a bit taller and changed border
style
* Commit code that moves the cancel move button 🤦🏼♂️
* Do not completely hide the move button, prevent ui from jumping
* Update styling and UX of move button; EuiToggleButton
- Bring the styling of the button more in line with this comment
https://github.com/elastic/kibana/pull/70786#issuecomment-654222298
* use cross icon for cancelling move
* replace hard values with EUI values in SCSS
* Address rerendering triggered by context
- also prevent re-renders basded on contstructing objects on
each render
* Similarly move use of context to settings form container
We are only interested in the es docs path string in the settings
form component so no need to render for other updates.
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Make some changes to how we deal with data telemetry in APM and reduce the number of fields we're storing in Saved Objects in the .kibana index.
Add a telemetry doc in dev_docs explaining how telemetry is collected and how to make updates. (In this PR the docs only cover data telemetry, but there's a space for the behavioral telemetry docs.)
Stop storing the mapping for the data telemetry in the Saved Object but instead use `{ dynamic: false }`.
This reduces the number of fields used by APM in the .kibana index (as requested in #43673.)
Before:
```bash
> curl -s -X GET "admin:changeme@localhost:9200/.kibana/_field_caps?fields=*&pretty=true" | jq '.fields|length'
653
```
After:
```bash
> curl -s -X GET "admin:changeme@localhost:9200/.kibana/_field_caps?fields=*&pretty=true" | jq '.fields|length'
415
```
We don't need the mapping anymore for storing the saved object, but we still do need to update the telemetry repository when the mapping changes, and the `upload-telemetry-data` script uses that mapping when generating data.
For these purposes the mapping in now defined in TypeScript in a function in common/apm_telemetry.ts.
It's broken down into some variables that and put together as the same mapping object that was there before, but having it in this form should make it easier to update.
A new script, `merge-telemetry-mapping`, takes the telemetry repository's xpack-phone-home.json mapping, merges in the result of our mapping and replaces the file. The result can be committed to the telemetry repo, making it easier to make changes to the mapping.
References #61583Fixes#67032
* [APM] Quote trace id to ensure a word is searched (#69500)
Signed-off-by: Mathis Raguin <mathis@cri.epita.fr>
* [APM] Fix TransactionActionMenu tests (one test was not updated)
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* CI Reporter for saved objects field count
* Metrics needs to be an array
* Fix type failures
* Link to field count issue
* Revert "Link to field count issue"
This reverts commit 8c0126b838.
* Break down field count per type
* Don't log total metric as metrics report already calculates this
* Add saved objects field count ci metrics test to codeowners
* Address review comments
* Add field count CI metrics for disabled plugins
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Add extractQueryParams to es_ui_shared/public/url. Update CCR, Remote Clusters, and Rollup to consume this service via shared_imports.
* Fix Data Streams bug in which clicking a data stream would apply a deep-link filter to the table.
* Fix Rollup Job deep-link bug.
* Adds 'Anomaly detection' settings page along with require API endpoints
to list and create the apm anomaly detection jobs per environment.
Some test data is hardcoded while the the required changes in the ML
plugin are in flight.
* Converts the environment name to a compatible ML id string and persist
in groups array. Also adds random token to the job ID to prevent
collisions for job ids where diffferent environment names convert to the
same string
* - Improve job creation with latest updates for the `apm_transaction` ML module
- Implements job list in settings by reading from `custom_settings.job_tags['service.environment']`
- Add ML module method `createModuleItem` for job configuration
- Don't allow user to type in duplicate environments
* Update x-pack/plugins/apm/public/components/app/Settings/anomaly_detection/add_environments.tsx
Co-authored-by: Casper Hübertz <casper@formgeist.com>
* Update x-pack/plugins/apm/public/components/app/Settings/anomaly_detection/index.tsx
Co-authored-by: Casper Hübertz <casper@formgeist.com>
* UX feedback, adds i18n, and handles failed state for ML jobs fetch.
* - Moves get_all_environments from agent_configuration dir to common dir
- makes the 'all' environment name ALL_OPTION_VALUE agent configuration-specific
- replace field literals with constants
* PR feedback
* Adds support to create jobs for environment which are not defined.
* Fixes description copy, rearranges settings links, and makes sure the 'Not defined' option is disabled if it already exists.
* Only show "Not defined" in environment selector if there are actually
documents without service.environment set
* get the indexPatternName for the ML job from the set of user-definned indices
* updated job_tags type definition
Co-authored-by: Casper Hübertz <casper@formgeist.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Added UI validation when creating a Webhook connector with invalid URL
* fixed tests
* Fixed due to comments
* fixed type check and extended error message for invalid URL
* Fixed whitelisting of URL
* fixed failing tests
* fixed str
* [Security Solution] Change default index pattern
Add `logs-*` to the Security Solution default index pattern. This should
allow the app to recognize events from the Elastic Endpoint.
* Draft ServiceNow generic implementation
* simple working servicenow incident per alert
* fixed running times
* rely on externalId for update incident on the next execution
* Added consumer to the action type to be able to split ServiceNow for Cases and Alerts
* Added subActions support for ServiceNow action form
* Basic version for Alerts part for ServiceNow
* Keep Case ServiceNow functionality working
* Revert changes on app_router
* Fixed type checks
* Fixed language check issues
* Fixed actions unit tests
* Fixed functional tests
* Fixed jest tests
* fixed tests
* Copied case mappings to alerting plugin
* made consumer optional
* Cleanup tests
* more cleanup
* Fixed jest tests and type checks
* fixed tests
* fixed servicenow validation tests
* Added ServiceNow unit tests
* Removed consumer for actions
* fixed client side isCaseOwned support
* fixed failing tests
* fixed jest tests
* Fixed URL validation
* fixed due to comments
* fixed tests
* fixed jest tests
* Fixed due to comments. Moved ServiceNow filtering in case plugin to server side
* fixed mock for ServiceNow
* fixed consumer config
* fixed test
* fixed type check
* Fixed jest test
* fixed type check
* Add API endpoint and hook for retrieving restricted packages
* Filter out restricted packages already in use from list of integrations available for an agent config
* Allow list agent configs to optionally return expanded package configs, re
* Filter out agent configs which already use the restricted package already from list of agent configs available for an integration
* Allow more than 20 agent configs to be shown
* Rename restricted to limited; add some common methods to DRY
* Add limited package check on server side
* Adjust copy wording
* Fix typings
* Add some package config api integration tests, update es archive mappings
* Move test to dockerized integation tests directory; move existing epm tests to their own directory
* Remove extra assignPackageConfigs() - already handled in packageConfigService.create()
* Review fixes
* Fix type, reenabled skipped test
* Move new EPM integration test file
The last thing we were using from it was configuring a static assets directory (which is only use for the EPM Integrations header graphic).
This is now provided by platform and is not configurable da28df5b15/src/core/MIGRATION.md (L1344)
Moved the header assets to the new directory & updated the `toAssets` helper
* wip: add edit action to dfanalytics table
* add update endpoint and edit flyout
* show success and error toasts. close flyout and refresh on success
* show permission message in edit action
* update types
* disable update button if mml not valid
* show error in toast, init values are config values
* fix undefined check for allow lazy start
* prevent update if mml is empty
* Implementing dataset component templates
* Fixing test
* Temporary fix to include timestamp with any component template created
* Update package registry docker image for CI.
* Adapt to new registry filesystem layout.
* Adjust tests to changed registry behavior.
* Adding a test for mappings and settings overrides
* Wrap all the tests in the docker check
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Sonja Krause-Harder <sonja.krause-harder@elastic.co>
