c77c7fbedb
An MVP of the RBAC work required for the "alerts as data" effort. An example of the existing implementation for alerts would be that of the security solution. The security solution stores its alerts generated from rules in a single data index - .siem-signals. In order to gain or restrict access to alerts, users do so by following the Elasticsearch privilege architecture. A user would need to go into the Kibana role access UI and give explicit read/write/manage permissions for the index itself. Kibana as a whole is moving away from this model and instead having all user interactions run through the Kibana privilege model. When solutions use saved objects, this authentication layer is abstracted away for them. Because we have chosen to use data indices for alerts, we cannot rely on this abstracted out layer that saved objects provide - we need to provide our own RBAC! Instead of giving users explicit permission to an alerts index, users are instead given access to features. They don't need to know anything about indices, that work we do under the covers now. Co-authored-by: Yara Tercero <yctercero@users.noreply.github.com> Co-authored-by: Yara Tercero <yara.tercero@elastic.co> |
||
|---|---|---|
| .. | ||
| .storybook | ||
| common | ||
| public | ||
| scripts | ||
| server | ||
| typings | ||
| jest.config.js | ||
| kibana.json | ||
| README.md | ||
| tsconfig.json | ||
Observability plugin
This plugin provides shared components and services for use across observability solutions, as well as the observability landing page UI.
Rules, Alerts, and Cases
The Observability plugin contains experimental support for improved alerting and case management.
If you have:
xpack.observability.unsafe.cases.enabled: true
In your Kibana configuration, the Cases page will be available.
If you have:
xpack.observability.unsafe.alertingExperience.enabled: true
In your Kibana configuration, the Alerts page will be available.
This will only enable the UI for this page when. In order to have alert data indexed you'll need to enable writing in the Rule Registry plugin:
xpack.ruleRegistry.write.enabled: true
When both of the these are set to true, your alerts should show on the alerts page.
Shared navigation
The Observability plugin maintains a navigation registry for Observability solutions, and exposes a shared page template component. Please refer to the docs in the component directory for more information on registering your solution's navigation structure, and rendering the navigation via the shared component.
Unit testing
Note: Run the following commands from kibana/x-pack/plugins/observability.
Run unit tests
npx jest --watch
Update snapshots
npx jest --updateSnapshot
Coverage
HTML coverage report can be found in target/coverage/jest after tests have run.
open target/coverage/jest/index.html
API integration testing
API tests are separated in two suites:
- a basic license test suite
- a trial license test suite (the equivalent of gold+)
This requires separate test servers and test runners.
Basic
# Start server
node scripts/functional_tests_server --config x-pack/test/observability_api_integration/basic/config.ts
# Run tests
node scripts/functional_test_runner --config x-pack/test/observability_api_integration/basic/config.ts
The API tests for "basic" are located in x-pack/test/observability_api_integration/basic/tests.
Trial
# Start server
node scripts/functional_tests_server --config x-pack/test/observability_api_integration/trial/config.ts
# Run tests
node scripts/functional_test_runner --config x-pack/test/observability_api_integration/trial/config.ts
The API tests for "trial" are located in x-pack/test/observability_api_integration/trial/tests.
API test tips
- For debugging access Elasticsearch on http://localhost:9220` (elastic/changeme)
- To update snapshots append
--updateSnapshotsto the functional_test_runner command