## Summary Fixes regression with immutable caused from: https://github.com/elastic/kibana/pull/55004 * Updated types of Prepackaged * Updated unit tests * Fixed unit test for it Testing: ``` ./post_rule.sh { "created_at": "2020-01-17T19:11:31.813Z", "updated_at": "2020-01-17T19:11:31.813Z", "created_by": "elastic_kibana", "description": "Query with a rule_id that acts like an external id", "enabled": true, "false_positives": [], "from": "now-6m", "id": "41ef6309-ef98-4c9f-8d2d-90a070361fb7", "immutable": false, "interval": "5m", "rule_id": "query-rule-id", "language": "kuery", "output_index": ".siem-signals-frank-hassanabad-default", "max_signals": 100, "risk_score": 1, "name": "Query with a rule id", "query": "user.name: root or user.name: admin", "references": [], "severity": "high", "updated_by": "elastic_kibana", "tags": [], "to": "now", "type": "query", "threats": [], "version": 1 } ``` Then get the saved object using whatever the id is comes back from above. In this example it is 41ef6309-ef98-4c9f-8d2d-90a070361fb7, yours will be different ``` ./get_saved_objects.sh alert 41ef6309-ef98-4c9f-8d2d-90a070361fb7 { "id": "41ef6309-ef98-4c9f-8d2d-90a070361fb7", "type": "alert", "updated_at": "2020-01-17T19:11:32.844Z", "version": "WzY5NTQsMV0=", "attributes": { "name": "Query with a rule id", "tags": [ "__internal_rule_id:query-rule-id", "__internal_immutable:false" ], "alertTypeId": "siem.signals", "consumer": "siem", "params": { "createdAt": "2020-01-17T19:11:31.813Z", "description": "Query with a rule_id that acts like an external id", "ruleId": "query-rule-id", "index": null, "falsePositives": [], "from": "now-6m", "immutable": false, "query": "user.name: root or user.name: admin", "language": "kuery", "outputIndex": ".siem-signals-frank-hassanabad-default", "savedId": null, "timelineId": null, "timelineTitle": null, "meta": null, "filters": null, "maxSignals": 100, "riskScore": 1, "severity": "high", "threats": [], "to": "now", "type": "query", "updatedAt": "2020-01-17T19:11:31.813Z", "references": [], "version": 1 }, "schedule": { "interval": "5m" }, "enabled": true, "actions": [], "throttle": null, "apiKeyOwner": "elastic_kibana", "createdBy": "elastic_kibana", "updatedBy": "elastic_kibana", "createdAt": "2020-01-17T19:11:32.245Z", "muteAll": false, "mutedInstanceIds": [], "scheduledTaskId": "2c5cc340-395d-11ea-9276-d3c1c264ca9a" }, "references": [] } ``` Ensure you have the internal immutable of "__internal_immutable:false" In your tags Next test is to do a find filter of non-packaged rules: ``` ./find_rule_by_filter.sh "alert.attributes.tags:%20%22__internal_immutable:false%22" ``` You should get back the above rule any others you created. ### Checklist Use ~~strikethroughs~~ to remove checklist items you don't feel are applicable to this PR. ~~- [ ] This was checked for cross-browser compatibility, [including a check against IE11](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility)~~ ~~- [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)~~ ~~- [ ] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials~~ - [x] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios ~~- [ ] This was checked for [keyboard-only and screenreader accessibility](https://developer.mozilla.org/en-US/docs/Learn/Tools_and_testing/Cross_browser_testing/Accessibility#Accessibility_testing_checklist)~~ ### For maintainers ~~- [ ] This was checked for breaking API changes and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~~ - [x] This includes a feature addition or change that requires a release note and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process) |
||
---|---|---|
.ci | ||
.github | ||
bin | ||
common/graphql | ||
config | ||
data | ||
docs | ||
examples | ||
licenses | ||
packages | ||
rfcs | ||
scripts | ||
src | ||
style_guides | ||
tasks | ||
test | ||
typings | ||
utilities | ||
vars | ||
webpackShims | ||
x-pack | ||
.backportrc.json | ||
.browserslistrc | ||
.editorconfig | ||
.eslintignore | ||
.eslintrc.js | ||
.gitattributes | ||
.gitignore | ||
.i18nrc.json | ||
.node-version | ||
.nvmrc | ||
.prettierrc | ||
.sass-lint.yml | ||
.yarnrc | ||
CONTRIBUTING.md | ||
FAQ.md | ||
github_checks_reporter.json | ||
Gruntfile.js | ||
Jenkinsfile | ||
kibana.d.ts | ||
LICENSE.txt | ||
NOTICE.txt | ||
package.json | ||
preinstall_check.js | ||
README.md | ||
renovate.json5 | ||
STYLEGUIDE.md | ||
tsconfig.browser.json | ||
tsconfig.json | ||
tsconfig.types.json | ||
TYPESCRIPT.md | ||
yarn.lock |
Kibana
Kibana is your window into the Elastic Stack. Specifically, it's a browser-based analytics and search dashboard for Elasticsearch.
- Getting Started
- Documentation
- Version Compatibility with Elasticsearch
- Questions? Problems? Suggestions?
Getting Started
If you just want to try Kibana out, check out the Elastic Stack Getting Started Page to give it a whirl.
If you're interested in diving a bit deeper and getting a taste of Kibana's capabilities, head over to the Kibana Getting Started Page.
Using a Kibana Release
If you want to use a Kibana release in production, give it a test run, or just play around:
- Download the latest version on the Kibana Download Page.
- Learn more about Kibana's features and capabilities on the Kibana Product Page.
- We also offer a hosted version of Kibana on our Cloud Service.
Building and Running Kibana, and/or Contributing Code
You might want to build Kibana locally to contribute some code, test out the latest features, or try out an open PR:
- CONTRIBUTING.md will help you get Kibana up and running.
- If you would like to contribute code, please follow our STYLEGUIDE.md.
- Learn more about our UI code with UI_SYSTEMS.md.
- For all other questions, check out the FAQ.md and wiki.
Documentation
Visit Elastic.co for the full Kibana documentation.
For information about building the documentation, see the README in elastic/docs.
Version Compatibility with Elasticsearch
Ideally, you should be running Elasticsearch and Kibana with matching version numbers. If your Elasticsearch has an older version number or a newer major number than Kibana, then Kibana will fail to run. If Elasticsearch has a newer minor or patch number than Kibana, then the Kibana Server will log a warning.
Note: The version numbers below are only examples, meant to illustrate the relationships between different types of version numbers.
Situation | Example Kibana version | Example ES version | Outcome |
---|---|---|---|
Versions are the same. | 5.1.2 | 5.1.2 | 💚 OK |
ES patch number is newer. | 5.1.2 | 5.1.5 | ⚠️ Logged warning |
ES minor number is newer. | 5.1.2 | 5.5.0 | ⚠️ Logged warning |
ES major number is newer. | 5.1.2 | 6.0.0 | 🚫 Fatal error |
ES patch number is older. | 5.1.2 | 5.1.0 | ⚠️ Logged warning |
ES minor number is older. | 5.1.2 | 5.0.0 | 🚫 Fatal error |
ES major number is older. | 5.1.2 | 4.0.0 | 🚫 Fatal error |
Questions? Problems? Suggestions?
- If you've found a bug or want to request a feature, please create a GitHub Issue. Please check to make sure someone else hasn't already created an issue for the same topic.
- Need help using Kibana? Ask away on our Kibana Discuss Forum and a fellow community member or Elastic engineer will be glad to help you out.