-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ILM] Add warnings for managed system policies #132269
[ILM] Add warnings for managed system policies #132269
Conversation
Pinging @elastic/ml-ui (:ml) |
Pinging @elastic/platform-deployment-management (Team:Deployment Management) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👏 👏 Didn't test locally, but the code and screenshots LGTM! Thanks for doing this!
Would you please add some tests to policy_table.test.tsx to cover the new behavior?
You could push a managed policy into the array of policies on line 69 and then add some tests for these cases:
- The
Managed
badge is rendered in the table for managed policies - It's not rendered for non-managed policies
- The special confirmation modal is rendered for managed policies
You could also add a test to edit_warning.test.tsx to cover the case of the special warning callout for managed policies.
Not a change for this PR, but just looking at the screenshots makes me wonder if more ILM policies ought to have |
I think all these policies by default should be "managed" and warnings placed if deleted. However, I don't think we should be so aggressive in the warnings about editing to these...I don't think any edits will generally break things (unless the user just misconfigured it), the bigger issue is that newer versions can override changes by the user (we are not consistent in behavior here). Also, can you tweak the wording from "can break Kibana" to "can break functionality" (or the like) since Kibana itself likely won't break even with the worst configured ILM policy possible. |
Mostly recommending a yellow warning window instead of red (or whatever the proper UX is for that) and toning down the wording slightly. ... also big ++ to this change ! |
It's possible to break ML by adding cold or frozen phase to |
Yes. While some edits to this policy are fine, similar to ML, adding cold or frozen phases will potentially break features.
@elastic/security-detections-response, specially the alerts area team. |
@jakelandis I think we should preserve the existing strong language and the red callout. This is consistent with how we warn users away from tinkering with internal entities in other Stack Management UIs. My rationale is that we as maintainers aren't familiar with how the owners of these policies and other entities have implemented them or designed dependencies around them, as evidenced by David's and Brandon's points. So IMO the UI should assume the worst and discourage the user appropriately. |
@cjcenizal - that makes sense. We do have this other category of managed, but OK (and often recommended) to update. The monitoring policy fall in this category since users use this to control retention (which used to be a setting). Until we can represent that concern in the UI, probably best to leave the .monitoring-ilm-policy-8 as-is (not managed). |
This policy should also be labeled as |
@marshallmain making that happen is independent of this PR. At the point where the policy is created you need to add a |
@cjcenizal Thanks for the hint! Added tests for both the policy table and the edit policy page here and here. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested locally and overall looks good. Just left one suggestion.
box: { incremental: true, 'data-test-subj': 'ilmSearchBar' }, | ||
toolsRight: ( | ||
<EuiFlexItem grow={false}> | ||
<EuiSwitch |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As discussed, would be nice to remember the setting of this switch, so that it doesn't revert to 'off' after viewing or editing a managed policy.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These tests look fantastic @qn895! Thanks for adding them. I had a couple small readability and maintainability suggestions. Once they've been addressed please feel free to merge.
rendered.update(); | ||
|
||
const visiblePolicies = getPolicies(rendered); | ||
expect(visiblePolicies.filter((p) => p.isManagedPolicy).length).toBeGreaterThan(0); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice!
rendered.update(); | ||
|
||
const visiblePolicies = getPolicies(rendered); | ||
const managedPolicy = visiblePolicies.find((p) => p.isManagedPolicy && !p.isLinkedWithIndices); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we add a comment above this line:
// The UI blocks users from deleting ILM policies that are being used by an index,
// so let's not try to delete it in this test.
I had forgotten about this behavior and had to rediscover it in the UI 😅 Leaving a hint here will help folks like me in the future, I think.
@@ -190,8 +288,8 @@ describe('policy table', () => { | |||
test('displays policy properties', () => { | |||
const rendered = mountWithIntl(component); | |||
const firstRow = findTestSubject(rendered, 'policyTableRow-testy0'); | |||
const policyName = findTestSubject(firstRow, 'policy-name').text(); | |||
expect(policyName).toBe(`Name${testPolicy.name}`); | |||
const policyName = findTestSubject(firstRow, 'policyTablePolicyNameLink').text(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 I like how this enhancement was a forcing function for us to be more specific in our assertions, too.
@@ -52,6 +52,8 @@ const testPolicy = { | |||
}, | |||
}; | |||
|
|||
const isLinkedWithIndices = (i: number) => i > 0 && i % 2 === 0; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we change this to isUsedByAnIndex
? Just to draw a clearer connection with how this state is surfaced in the UI.
And then we can we also update line 62 to consume this helper, to draw a clearer connection between the two?
- indices: i % 2 === 0 ? [`index${i}`] : [],
+ indices: isUsedByAnIndex(i) ? [`index${i}`] : [],
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also, how about adjusting the test for this behavior on line 236, so that it consumes the helper?
test('delete policy button is enabled when there are no linked indices', () => { |
test('delete policy button is enabled when there are no linked indices', () => {
const rendered = mountWithIntl(component);
const visiblePolicies = getPolicies(rendered);
const usedPolicy = visiblePolicies.find((p) => p. isUsedByAnIndex);
expect(usedPolicy).toBeDefined();
const policyRow = findTestSubject(rendered, `policyTableRow-${usedPolicy!.name}`);
const deleteButton = findTestSubject(policyRow, 'deletePolicy');
expect(deleteButton.props().disabled).toBeFalsy();
});
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated here e36d273
@cjcenizal @peteharverson Along with the updated tests I have also added a small change here to remember the toggle setting in the localStorage 7ba9009. I think this makes sense as it would improve user's experience and it's a relatively small setting that doesn't need to live in Kibana's Advanced Setting for example but would appreciate any feedback or concern about this change 🙏 |
@@ -235,7 +237,11 @@ describe('policy table', () => { | |||
}); | |||
test('delete policy button is enabled when there are no linked indices', () => { | |||
const rendered = mountWithIntl(component); | |||
const policyRow = findTestSubject(rendered, `policyTableRow-testy1`); | |||
const visiblePolicies = getPolicies(rendered); | |||
const usedPolicy = visiblePolicies.find((p) => !p.isUsedByAnIndex); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Whoops, I forgot that we're looking for an unused policy here. So I guess unusedPolicy
makes more sense here. Sorry!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated here ed6149d
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One small nit, but otherwise this code LGTM! Thank you for making this change! Didn't test locally.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested latest changes and LGTM
@elasticmachine merge upstream |
💚 Build SucceededMetrics [docs]Module Count
Async chunks
History
To update your PR or re-run it, just comment with: cc @qn895 |
commit bdb4966 Author: Angela Chuang <6295984+angorayc@users.noreply.github.com> Date: Mon May 23 13:13:23 2022 +0100 styling (elastic#132539) Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit a807c90 Author: Esteban Beltran <academo@users.noreply.github.com> Date: Mon May 23 13:36:00 2022 +0200 [Cases] Add a key to userActionMarkdown to prevent stale state (elastic#132681) commit ba84602 Author: Tomasz Ciecierski <ciecierskitomek@gmail.com> Date: Mon May 23 13:33:20 2022 +0200 [Osquery] Change prebuilt saved queries to include prebuilt flag (elastic#132651) commit 6b846af Author: Faisal Kanout <faisal.kanout@elastic.co> Date: Mon May 23 14:11:04 2022 +0300 [Actionable Observability] Update the Rule details design and clean up (elastic#132616) * Add rule status in the rule summary * Match design * Remove unused imports * code review commit c993ff2 Author: Byron Hulcher <byron.hulcher@elastic.co> Date: Mon May 23 06:25:17 2022 -0400 [Workplace Search] Add categories to source data for internal connectors (elastic#132671) commit b59fb97 Author: Pablo Machado <pablo.nevesmachado@elastic.co> Date: Mon May 23 12:02:43 2022 +0200 [Security Solution] Update use_url_state to work with new side nav (elastic#132518) * Fix landing pages browser tab title * Fix new navigation url state * Fix unit tests Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit 693b3e8 Author: Tomasz Ciecierski <ciecierskitomek@gmail.com> Date: Mon May 23 11:54:29 2022 +0200 [Osquery] Add Osquery to Alert context menu (elastic#131790) commit 2cddced Author: Jordan <51442161+JordanSh@users.noreply.github.com> Date: Mon May 23 12:50:55 2022 +0300 [Cloud Posture] Trendline query changes (elastic#132680) commit 7591fb6 Author: Giorgos Bamparopoulos <georgios.bamparopoulos@elastic.co> Date: Mon May 23 10:37:03 2022 +0100 Fix agent config indicator when applied through fleet integration (elastic#131820) * Fix agent config indicator when applied through fleet integration * Add synthrace scenario Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit 37d40d7 Author: Dominique Clarke <dominique.clarke@elastic.co> Date: Mon May 23 04:56:34 2022 -0400 [Synthetics] fix browser type as default in monitor management (elastic#132572) Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit ae8b6c8 Author: Lucas F. da Costa <lucas.costa@elastic.co> Date: Mon May 23 09:29:11 2022 +0100 [Uptime] Fix bug causing all monitors to be saved to all locations [solves elastic#132314] (elastic#132325) Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit e0944d1 Author: Nodir Latipov <nodir.latypov@gmail.com> Date: Mon May 23 13:27:24 2022 +0500 [Unified search] Use the DataViews service (elastic#130008) * feat: cleanup deprecated service and type * fix: rollback test * refact: replace deprecated type * refact: changed deprecation type * feat: added comments to deprecated imports that can't be cleaned up in this PR * refact: rollback query_string_input.test file commit a3646eb Author: Pablo Machado <machadoum@gmail.com> Date: Mon May 23 10:17:12 2022 +0200 [Security Solutions] Refactor breadcrumbs to support new menu structure (elastic#131624) * Refactor breadcrumbs to support new structure * Fix code style * Fix more code style * Fix unit test Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit 9649307 Author: István Zoltán Szabó <istvan.szabo@elastic.co> Date: Mon May 23 10:12:54 2022 +0200 [DOCS] Updates alerting authorization docs with info on retaining API keys (elastic#132402) Co-authored-by: Lisa Cawley <lcawley@elastic.co> commit 40df1f3 Author: Tomasz Ciecierski <ciecierskitomek@gmail.com> Date: Mon May 23 08:45:50 2022 +0200 [Osquery] Add labels, move osquery schema link (elastic#132584) commit fbaf058 Author: Jiawei Wu <74562234+JiaweiWu@users.noreply.github.com> Date: Sun May 22 17:14:23 2022 -0700 [RAM] Add shareable rules list (elastic#132437) * Shareable rules list * Hide snooze panel in rules list * Address comments and added tests * Fix tests * Fix tests * Fix lint * Address design comments and fix tests Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit 383239e Author: Kfir Peled <61654899+kfirpeled@users.noreply.github.com> Date: Sun May 22 13:18:42 2022 +0300 [Cloud Posture] Findings - Group by resource - Fixed bug not showing results (elastic#132529) commit fb1eeb0 Author: Georgii Gorbachev <georgii.gorbachev@elastic.co> Date: Sat May 21 00:21:53 2022 +0200 [Security Solution][Detections] Add new fields to the rule model: Related Integrations, Required Fields, and Setup (elastic#132409) **Addresses partially:** elastic/security-team#2083, elastic/security-team#558, elastic/security-team#2856, elastic/security-team#1801 (internal tickets) ## Summary **TL;DR:** With this PR, it's now possible to specify `related_integrations`, `required_fields`, and `setup` fields in prebuilt rules in https://github.com/elastic/detection-rules. They are returned within rules in the API responses. This PR: - Adds 3 new fields to the model of Security detection rules. These fields are common to all of the rule types we have. - **Related Integrations**. It's a list of Fleet integrations associated with a given rule. It's assumed that if the user installs them, the rule might start to work properly because it will start receiving source events potentially matching the rule's query. - **Required Fields**. It's a list of event fields that must be present in the source indices of a given rule. - **Setup Guide**. It's any instructions for the user for setting up their environment in order to start receiving source events for a given rule. It's a text. Markdown is supported. It's similar to the Investigation Guide that we show on the Details page. - Adjusts API endpoints accordingly: - These fields are for prebuilt rules only and are supposed to be read-only in the UI. - Specifying these fields in the request parameters of the create/update/patch rule API endpoints is not supported. - These fields are returned in all responses that contain rules. If they are missing in a rule, default values are returned (empty array, empty string). - When duplicating a prebuilt rule, these fields are being reset to their default value (empty array, empty string). - Export/Import is supported. Edge case / supported hack: it's possible to specify these fields manually in a ndjson doc and import with a rule. - The fields are being copied to `kibana.alert.rule.parameters` field of an alert document, which is mapped as a flattened field type. No special handling for the new fields was needed there. - Adjusts tests accordingly. ## Related Integrations Example (part of a rule returned from the API): ```json { "related_integrations": [ { "package": "windows", "version": "1.5.x" }, { "package": "azure", "integration": "activitylogs", "version": "~1.1.6" } ], } ``` Schema: ```ts /** * Related integration is a potential dependency of a rule. It's assumed that if the user installs * one of the related integrations of a rule, the rule might start to work properly because it will * have source events (generated by this integration) potentially matching the rule's query. * * NOTE: Proper work is not guaranteed, because a related integration, if installed, can be * configured differently or generate data that is not necessarily relevant for this rule. * * Related integration is a combination of a Fleet package and (optionally) one of the * package's "integrations" that this package contains. It is represented by 3 properties: * * - `package`: name of the package (required, unique id) * - `version`: version of the package (required, semver-compatible) * - `integration`: name of the integration of this package (optional, id within the package) * * There are Fleet packages like `windows` that contain only one integration; in this case, * `integration` should be unspecified. There are also packages like `aws` and `azure` that contain * several integrations; in this case, `integration` should be specified. * * @example * const x: RelatedIntegration = { * package: 'windows', * version: '1.5.x', * }; * * @example * const x: RelatedIntegration = { * package: 'azure', * version: '~1.1.6', * integration: 'activitylogs', * }; */ export type RelatedIntegration = t.TypeOf<typeof RelatedIntegration>; export const RelatedIntegration = t.exact( t.intersection([ t.type({ package: NonEmptyString, version: NonEmptyString, }), t.partial({ integration: NonEmptyString, }), ]) ); ``` ## Required Fields Example (part of a rule returned from the API): ```json { "required_fields": [ { "name": "event.action", "type": "keyword", "ecs": true }, { "name": "event.code", "type": "keyword", "ecs": true }, { "name": "winlog.event_data.AttributeLDAPDisplayName", "type": "keyword", "ecs": false } ], } ``` Schema: ```ts /** * Almost all types of Security rules check source event documents for a match to some kind of * query or filter. If a document has certain field with certain values, then it's a match and * the rule will generate an alert. * * Required field is an event field that must be present in the source indices of a given rule. * * @example * const standardEcsField: RequiredField = { * name: 'event.action', * type: 'keyword', * ecs: true, * }; * * @example * const nonEcsField: RequiredField = { * name: 'winlog.event_data.AttributeLDAPDisplayName', * type: 'keyword', * ecs: false, * }; */ export type RequiredField = t.TypeOf<typeof RequiredField>; export const RequiredField = t.exact( t.type({ name: NonEmptyString, type: NonEmptyString, ecs: t.boolean, }) ); ``` ## Setup Guide Example (part of a rule returned from the API): ```json { "setup": "## Config\n\nThe 'PowerShell Script Block Logging' logging policy must be enabled.\nSteps to implement the logging policy with with Advanced Audit Configuration:\n\n```\nComputer Configuration > \nAdministrative Templates > \nWindows PowerShell > \nTurn on PowerShell Script Block Logging (Enable)\n```\n\nSteps to implement the logging policy via registry:\n\n```\nreg add \"hklm\\SOFTWARE\\Policies\\Microsoft\\Windows\\PowerShell\\ScriptBlockLogging\" /v EnableScriptBlockLogging /t REG_DWORD /d 1\n```\n", } ``` Schema: ```ts /** * Any instructions for the user for setting up their environment in order to start receiving * source events for a given rule. * * It's a multiline text. Markdown is supported. */ export type SetupGuide = t.TypeOf<typeof SetupGuide>; export const SetupGuide = t.string; ``` ## Details on the schema This PR adjusts all the 6 rule schemas we have: 1. Alerting Framework rule `params` schema: - `security_solution/server/lib/detection_engine/schemas/rule_schemas.ts` - `security_solution/server/lib/detection_engine/schemas/rule_converters.ts` 2. HTTP API main old schema: - `security_solution/common/detection_engine/schemas/response/rules_schema.ts` 3. HTTP API main new schema: - `security_solution/common/detection_engine/schemas/request/rule_schemas.ts` 4. Prebuilt rule schema: - `security_solution/common/detection_engine/schemas/request/add_prepackaged_rules_schema.ts` 5. Import rule schema: - `security_solution/common/detection_engine/schemas/request/import_rules_schema.ts` 6. Rule schema used on the frontend side: - `security_solution/public/detections/containers/detection_engine/rules/types.ts` Names of the fields on the HTTP API level: - `related_integrations` - `required_fields` - `setup` Names of the fields on the Alerting Framework level: - `params.relatedIntegrations` - `params.requiredFields` - `params.setup` ## Next steps - Create a new endpoint for returning installed Fleet integrations (gonna be a separate PR). - Rebase elastic#131475 on top of this PR after merge. - Cover the new fields with dedicated tests (gonna be a separate PR). - Update API docs (gonna be a separate PR). - Address the tech debt of having 6 different schemas (gonna create a ticket for that). ### Checklist - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios commit 788dd2e Author: Andrew Goldstein <andrew-goldstein@users.noreply.github.com> Date: Fri May 20 16:02:05 2022 -0600 [Security Solution] Fixes sorting and tooltips on columns for non-ECS fields that are only one level deep (elastic#132570) ## [Security Solution] Fixes sorting and tooltips on columns for non-ECS fields that are only one level deep This PR fixes <elastic#132490>, an issue where Timeline columns for non-ECS fields that are only one level deep couldn't be sorted, and displayed incomplete metadata in the column's tooltip. ### Before ![test_field_1_actual_tooltip](https://user-images.githubusercontent.com/4459398/169208299-51d9296a-15e1-4eb0-bc31-a0df6a63f0c5.png) _Before: The column is **not** sortable, and the tooltip displays incomplete metadata_ ### After ![after](https://user-images.githubusercontent.com/4459398/169414767-7274a795-015f-4805-8c3f-b233ead994ea.png) _After: The column is sortable, and the tooltip displays the expected metadata_ ### Desk testing See the _Steps to reproduce_ section of <elastic#132490> for testing details. commit 51ae020 Author: Constance <constancecchen@users.noreply.github.com> Date: Fri May 20 14:30:36 2022 -0700 Upgrade EUI to v55.1.3 (elastic#132451) * Upgrade EUI to 55.1.3 backport * [Deprecation] Remove `watchedItemProps` from EuiContextMenu usage - should no longer be necessary * Update snapshots with new data-popover attr * Fix failing FTR test - Now that EuiContextMenu focus is restored correctly, there is a tooltip around the popover toggle that's blocking an above item that the test wants to click - swapping the order so that the tooltip does not block the clicked item should work * Fix 2nd maps FTR test with blocking tooltip Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit 642290b Author: Nathan Reese <reese.nathan@elastic.co> Date: Fri May 20 15:11:15 2022 -0600 [maps] convert ESPewPewSource to typescript (elastic#132656) * [maps] convert ESPewPewSource to typescript * move @ts-expect-error moved by fix commit eb6a061 Author: Brian Seeders <brian.seeders@elastic.co> Date: Fri May 20 16:57:49 2022 -0400 [docs] Add 'yarn dev-docs' for managing and starting dev docs (elastic#132647) commit e0ea600 Author: Hannah Mudge <Heenawter@users.noreply.github.com> Date: Fri May 20 14:55:31 2022 -0600 Add group 6 to FTR config (elastic#132655) commit 41635e2 Author: Karl Godard <karl.godard@elastic.co> Date: Fri May 20 13:35:30 2022 -0700 fixed search highlighting. was only showing highlighted text w/o context (elastic#132650) Co-authored-by: mitodrummer <karlgodard@elastic.co> commit 791ebfa Author: debadair <debadair@elastic.co> Date: Fri May 20 13:34:04 2022 -0700 [DOCS] Remove obsolete license expiration info (elastic#131474) * [DOCS] Remove obsolete license expiration info As of elastic/elasticsearch#79671, Elasticsearch does a more stringent license check rather than operating in a semi-degraded mode. Closes elastic#127845 Closes elastic#125702 * Update docs/management/managing-licenses.asciidoc Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit e55bf40 Author: Nathan Reese <reese.nathan@elastic.co> Date: Fri May 20 14:15:00 2022 -0600 [Maps] create MVT_VECTOR when using choropleth wizard (elastic#132648) commit 46cd729 Author: Jan Monschke <jan.monschke@elastic.co> Date: Fri May 20 22:02:00 2022 +0200 [SecuritySolution] Disable agent status filters and timeline interaction (elastic#132586) * fix: disable drag-ability and hover actions for agent statuses The agent fields cannot be queried with ECS and therefore should not provide Filter In/Out functionality nor should users be able to add their representative fields to timeline investigations. Therefore users should not be able to add them to a timeline query by dragging them. * chore: make code more readable commit e857b30 Author: Vadim Kibana <82822460+vadimkibana@users.noreply.github.com> Date: Fri May 20 20:36:59 2022 +0200 remove human-readable automatic slug generation (elastic#132593) * remove human-readable automatic slug generation * make change non-breaking * [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' * remove test Co-authored-by: streamich <streamich@gmail.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> commit 6fc2fff Author: Lisa Cawley <lcawley@elastic.co> Date: Fri May 20 10:48:15 2022 -0700 [ML] Minor edits in prebuilt job descriptions (elastic#132633) commit ecca231 Author: Felix Stürmer <weltenwort@users.noreply.github.com> Date: Fri May 20 19:37:03 2022 +0200 [Stack Monitoring] Convert setup routes to TypeScript (elastic#131265) commit 065ea3e Author: Byron Hulcher <byron.hulcher@elastic.co> Date: Fri May 20 13:12:49 2022 -0400 [Workplace Search] Remove Custom API Source Integration tile (elastic#132538) commit 583d2b7 Author: Byron Hulcher <byron.hulcher@elastic.co> Date: Fri May 20 13:12:32 2022 -0400 [Workplace Search] Add documentation links for v8.3.0 connectors (elastic#132547) commit c244883 Author: Nathan Reese <reese.nathan@elastic.co> Date: Fri May 20 10:35:00 2022 -0600 [maps] show marker size in legend (elastic#132549) * [Maps] size legend * clean-up * refine spacing * clean up * more cleanup * use euiTheme for colors * fix jest test * do not show marker sizes for icons * remove lodash Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit d70ae0f Author: Quynh Nguyen <43350163+qn895@users.noreply.github.com> Date: Fri May 20 11:34:35 2022 -0500 [ILM] Add warnings for managed system policies (elastic#132269) * Add warnings to system/managed policies * Fix translations, policies * Add jest tests * Add jest tests to assert new toggle behavior * Add jest tests for edit policy callout * Fix snapshot * [ML] Update jest tests with helper, rename helper for clarity * [ML] Add hook for local storage to remember toggle setting * [ML] Fix naming Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit f70b4af Author: Nicolas Chaulet <nicolas.chaulet@elastic.co> Date: Fri May 20 12:22:08 2022 -0400 [Fleet] Fix rolling upgrade CANCEL and UI fixes (elastic#132625) commit d9f141a Author: Kevin Logan <56395104+kevinlog@users.noreply.github.com> Date: Fri May 20 11:37:35 2022 -0400 [Security Solution] Telemetry for Event Filters counts on both user and global entries (elastic#132542) commit 1b4ac7d Author: Yaroslav Kuznietsov <kuznetsov.yaroslav.yk@gmail.com> Date: Fri May 20 17:54:13 2022 +0300 [XY] Reference lines overlay fix. (elastic#132607) commit 759f13f Author: Nicolas Chaulet <nicolas.chaulet@elastic.co> Date: Fri May 20 10:39:09 2022 -0400 [Fleet] Remove reference to non removable package feature (elastic#132458) commit 7e15097 Author: Lisa Cawley <lcawley@elastic.co> Date: Fri May 20 07:32:27 2022 -0700 [ML] Adds placeholder text for testing NLP models (elastic#132486) commit bc31053 Author: Dmitry Tomashevich <39378793+Dmitriynj@users.noreply.github.com> Date: Fri May 20 17:09:20 2022 +0300 [Discover][Alerting] Implement editing of dataView, query & filters (elastic#131688) * [Discover] introduce params editing using unified search * [Discover] fix unit tests * [Discover] fix functional tests * [Discover] fix unit tests * [Discover] return test subject name * [Discover] fix alert functional test * Update x-pack/plugins/stack_alerts/public/alert_types/es_query/expression/search_source_expression_form.tsx Co-authored-by: Julia Rechkunova <julia.rechkunova@gmail.com> * Update x-pack/plugins/stack_alerts/public/alert_types/es_query/expression/search_source_expression_form.tsx Co-authored-by: Matthias Wilhelm <ankertal@gmail.com> * [Discover] hide filter panel options * [Discover] improve functional test * [Discover] apply suggestions * [Discover] change data view selector * [Discover] fix tests * [Discover] apply suggestions, fix lang mode toggler * [Discover] mote interface to types file, clean up diff * [Discover] fix saved query issue * Update x-pack/plugins/stack_alerts/server/alert_types/es_query/alert_type.ts Co-authored-by: Matthias Wilhelm <ankertal@gmail.com> * [Discover] remove zIndex * [Discover] omit null searchType from esQuery completely, add isEsQueryAlert check for useSavedObjectReferences hook * [Discover] set searchType to esQuery when needed * [Discover] fix unit tests * Update x-pack/plugins/stack_alerts/server/alert_types/es_query/alert_type_params.ts Co-authored-by: Matthias Wilhelm <ankertal@gmail.com> * Update x-pack/plugins/stack_alerts/server/alert_types/es_query/alert_type.ts Co-authored-by: Matthias Wilhelm <ankertal@gmail.com> Co-authored-by: Julia Rechkunova <julia.rechkunova@gmail.com> Co-authored-by: Matthias Wilhelm <ankertal@gmail.com> commit d344088 Author: Nathan Reese <reese.nathan@elastic.co> Date: Fri May 20 08:06:25 2022 -0600 [maps] Use label features from ES vector tile search API to fix multiple labels (elastic#132080) * [maps] mvt labels * eslint * only request labels when needed * update vector tile integration tests for hasLabels parameter * [CI] Auto-commit changed files from 'node scripts/precommit_hook.js --ref HEAD~1..HEAD --fix' * fix tests * fix test * only add _mvt_label_position filter when vector tiles are from ES vector tile search API * review feedback * include hasLabels in source data * fix jest test Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit 1d8bc7e Author: Shivindera Singh <shivindera@gmail.com> Date: Fri May 20 15:53:00 2022 +0200 hasData service - hit search api in case of an error with resolve api (elastic#132618) commit 7c37eda Author: Tomasz Ciecierski <ciecierskitomek@gmail.com> Date: Fri May 20 15:42:28 2022 +0200 [Osquery] Fix pagination issue on Alert's Osquery Flyout (elastic#132611) commit 2e51140 Author: Katerina Patticha <aikaterini.patticha@elastic.co> Date: Fri May 20 15:34:29 2022 +0200 Show service group icon only when there are service groups (elastic#131138) * Show service group icon when there are service groups * Fix fix errors * Remove additional request and display icon only for the service groups * Revert "Remove additional request and display icon only for the service groups" This reverts commit 7ff2bc9. * Add dependencies Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit 24cbb32 Author: Yaroslav Kuznietsov <kuznetsov.yaroslav.yk@gmail.com> Date: Fri May 20 16:27:14 2022 +0300 [XY] `pointsRadius`, `showPoints` and `lineWidth`. (elastic#130391) * Added pointsRadius, showPoints and lineWidth. * Added tests. Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> commit 1c2eb9f Author: Sergi Massaneda <sergi.massaneda@elastic.co> Date: Fri May 20 13:59:56 2022 +0100 [Security Solution] New Side nav integrating links config (elastic#132210) * Update navigation landing pages to use appLinks config * align app links changes * link configs refactor to use updater$ * navigation panel categories * test and type fixes * [CI] Auto-commit changed files from 'node scripts/precommit_hook.js --ref HEAD~1..HEAD --fix' * types changes * shared style change moved to a separate PR * use old deep links * minor changes after ux meeting * add links filtering * remove duplicated categories * temporary increase of plugin size limit * swap management links order * improve performance closing nav panel * test updated * host isolation page filterd and some improvements * remove async from plugin start * move links register from start to mount * restore size limits * Fix use_show_timeline unit tests Co-authored-by: Pablo Neves Machado <pablo.nevesmachado@elastic.co> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> commit 92ac7f9 Author: Katrin Freihofner <katrin.freihofner@elastic.co> Date: Fri May 20 13:51:51 2022 +0200 adds small styling updates to header panels (elastic#132596)
* Add warnings to system/managed policies * Fix translations, policies * Add jest tests * Add jest tests to assert new toggle behavior * Add jest tests for edit policy callout * Fix snapshot * [ML] Update jest tests with helper, rename helper for clarity * [ML] Add hook for local storage to remember toggle setting * [ML] Fix naming Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Summary
This PR addresses #101438 and adds badges as well as modal warnings to policies that are managed by ES.
Managed
badge for policies that managed by Elasticsearch (wherepolicy._meta.managed = true
). A toggle to include or exclude managed policies are so introduced, which defaults to not showing managed policies.Checklist
Delete any items that are not applicable to this PR.
Risk Matrix
Delete this section if it is not applicable to this PR.
Before closing this PR, invite QA, stakeholders, and other developers to identify risks that should be tested prior to the change/feature release.
When forming the risk matrix, consider some of the following examples and how they may potentially impact the change:
For maintainers