## [SIEM] Overview page feedback Implements feedback and fixes to the Overview page ### Overview (default theme) ![01-overview-default-theme](https://user-images.githubusercontent.com/4459398/73315509-899c5500-41ed-11ea-9949-82853dd4ba59.png) ### Overview (dark theme) ![02-overview-dark-theme](https://user-images.githubusercontent.com/4459398/73315527-902acc80-41ed-11ea-9701-6a2c5fa40cce.png) ## Highlights * The new order of widgets is Signals, Alerts, Events, Host Events, Network events, per https://github.com/elastic/siem-team/issues/494 * Changed the default `External alerts count` `Stack by` to `event.module` https://github.com/elastic/siem-team/issues/491 * Added `event.module` to the `Events count` histogram https://github.com/elastic/siem-team/issues/491 * Widget titles will no longer include the currently selected `Stack by option`. The widgets will use the same static title text that appears on the other pages (i.e.. `Signals count`, `External alerts count`, and `Events count`) https://github.com/elastic/siem-team/issues/491 * The `Signals count` includes a `Stack by` that defaults to `signal.rule.threat.tatic.name` * Standardized on a 300px widget height for all histograms in the app (thanks @MichaelMarcialis for paring on this!) * The `Open as duplicate timeline` action is `Recent timelines` is now only shown when hovering over a recent timeline ## Loading States * The `Recent timelines` and `Security news` widgets now use the horizontal bar loading indicator * The `Host events` and `Network events` widgets now use the horizontal bar loading indicator * The `Host events` and `Network events` Showing _n_ events subtitles are now hidden on initial load * The counts in the `Host events` and `Network events` Showing _n_ events subtitles are now hidden on initial load * We no longer hide some histogram subtitles after initial load, to prevent shifting of content when a user makes a `Stack by` selection ## News Feed Error State ![news-feed-error-state](https://user-images.githubusercontent.com/4459398/73316060-1e538280-41ef-11ea-83f5-b8d6e9fa3741.png) * Fixed an issue where the `Security news` header was hidden when an invalid URL is configured * Added a space between the word `via` and the `SIEM advanced settings` link * Removed the capital “N” from "News" in the error message ## Misc Visual Changes * Fixed text truncation of the `Severity` column in the `Detections` page's `Signals` table * Added the “showing” subtitle to the `Signals count` histogram on the Detections page * Increased the `Stack by` histogram selector and the `View signals | alerts | events' buttons from 8 to 24px * Tweaked the border rendering in the Overview `Host Events` and `Network events` widget headers * Added 8px of spacing between the Overview `Host Events` and `Network events` widget accordion headers and their contents * Fixed an issue where the `Host events` and `Networ events` widgets didn't render in ie11 https://github.com/elastic/siem-team/issues/499 ## Non-Visual Fixes * Removed an incorrect usage of `usememo` * Removed the placeholder client-side username query from `x-pack/legacy/plugins/siem/public/components/recent_timelines/index.tsx` * Updated the query of the Overview `Host events` widget to filter by "host.name exists" * Updated the query of the Overview `Network events` widget to filter by "source.ip exists or destination.ip : exists" |
||
---|---|---|
.ci | ||
.github | ||
bin | ||
common/graphql | ||
config | ||
data | ||
docs | ||
examples | ||
licenses | ||
packages | ||
rfcs | ||
scripts | ||
src | ||
style_guides | ||
tasks | ||
test | ||
typings | ||
utilities | ||
vars | ||
webpackShims | ||
x-pack | ||
.backportrc.json | ||
.browserslistrc | ||
.editorconfig | ||
.eslintignore | ||
.eslintrc.js | ||
.gitattributes | ||
.gitignore | ||
.i18nrc.json | ||
.node-version | ||
.nvmrc | ||
.prettierrc | ||
.sass-lint.yml | ||
.yarnrc | ||
api-documenter.json | ||
CONTRIBUTING.md | ||
FAQ.md | ||
github_checks_reporter.json | ||
Gruntfile.js | ||
Jenkinsfile | ||
kibana.d.ts | ||
LICENSE.txt | ||
NOTICE.txt | ||
package.json | ||
preinstall_check.js | ||
README.md | ||
renovate.json5 | ||
STYLEGUIDE.md | ||
tsconfig.browser.json | ||
tsconfig.json | ||
tsconfig.types.json | ||
TYPESCRIPT.md | ||
yarn.lock |
Kibana
Kibana is your window into the Elastic Stack. Specifically, it's a browser-based analytics and search dashboard for Elasticsearch.
- Getting Started
- Documentation
- Version Compatibility with Elasticsearch
- Questions? Problems? Suggestions?
Getting Started
If you just want to try Kibana out, check out the Elastic Stack Getting Started Page to give it a whirl.
If you're interested in diving a bit deeper and getting a taste of Kibana's capabilities, head over to the Kibana Getting Started Page.
Using a Kibana Release
If you want to use a Kibana release in production, give it a test run, or just play around:
- Download the latest version on the Kibana Download Page.
- Learn more about Kibana's features and capabilities on the Kibana Product Page.
- We also offer a hosted version of Kibana on our Cloud Service.
Building and Running Kibana, and/or Contributing Code
You might want to build Kibana locally to contribute some code, test out the latest features, or try out an open PR:
- CONTRIBUTING.md will help you get Kibana up and running.
- If you would like to contribute code, please follow our STYLEGUIDE.md.
- Learn more about our UI code with UI_SYSTEMS.md.
- For all other questions, check out the FAQ.md and wiki.
Documentation
Visit Elastic.co for the full Kibana documentation.
For information about building the documentation, see the README in elastic/docs.
Version Compatibility with Elasticsearch
Ideally, you should be running Elasticsearch and Kibana with matching version numbers. If your Elasticsearch has an older version number or a newer major number than Kibana, then Kibana will fail to run. If Elasticsearch has a newer minor or patch number than Kibana, then the Kibana Server will log a warning.
Note: The version numbers below are only examples, meant to illustrate the relationships between different types of version numbers.
Situation | Example Kibana version | Example ES version | Outcome |
---|---|---|---|
Versions are the same. | 5.1.2 | 5.1.2 | 💚 OK |
ES patch number is newer. | 5.1.2 | 5.1.5 | ⚠️ Logged warning |
ES minor number is newer. | 5.1.2 | 5.5.0 | ⚠️ Logged warning |
ES major number is newer. | 5.1.2 | 6.0.0 | 🚫 Fatal error |
ES patch number is older. | 5.1.2 | 5.1.0 | ⚠️ Logged warning |
ES minor number is older. | 5.1.2 | 5.0.0 | 🚫 Fatal error |
ES major number is older. | 5.1.2 | 4.0.0 | 🚫 Fatal error |
Questions? Problems? Suggestions?
- If you've found a bug or want to request a feature, please create a GitHub Issue. Please check to make sure someone else hasn't already created an issue for the same topic.
- Need help using Kibana? Ask away on our Kibana Discuss Forum and a fellow community member or Elastic engineer will be glad to help you out.