-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ObsAIAssistant] Persist settings in ES instead of local storage #19
Conversation
… must not be nested (elastic#178023) Closes: elastic/security-team#8611 ## Description The [axe browser plugin](https://deque.com/axe) is reporting a nested button (interactive control)in the shared exception list accordion(s). The accordion has a button to open/close and a link to the list detail view. Screenshot attached below. ### Steps to recreate 1. Open the Security Dashboards, then click Rules > Shared Exception Lists 2. Run an axe browser scan in Chrome, Edge, or Firefox 3. Verify the nested control error ### What was done? 1. Solution proposed by EUI team was applied. See elastic/eui#7545 2. The component `ExceptionsListCard` has been slightly changed to make it more responsive. Before: After: https://github.com/elastic/kibana/assets/20072247/dd6c6681-980c-40ed-98cf-29a71f896bc2 ### Screen #### AXE Report ![image](https://github.com/elastic/kibana/assets/20072247/43313005-b7ec-49d1-9eed-30bfacbb5ecc)
closes elastic#177313 ## 📝 Summary This PR adds a namespace filter above the dataset quality table to allow filtering the table using namespaces. The selected filters are synced with the URL as well. ## 🎥 Demo https://github.com/elastic/kibana/assets/11225826/c7bce62d-6e0c-4039-9a30-78c7978ae3c6
## Summary Skipping e2e tests consistently failing on MKI elastic#178733 --------- Co-authored-by: Robert Oskamp <traeluki@gmail.com>
closes elastic#178614 ## 📝 Summary This PR aligns the size column units format to match the format of the one in the summary panel. <img width="1472" alt="Screenshot 2024-03-14 at 15 52 41" src="https://github.com/elastic/kibana/assets/11225826/3e54d54d-5c8e-41af-afaa-5d63bfd5b1cf">
…d of custom query. (elastic#178699) ## Summary Part of elastic#178606. As of elastic/elasticsearch#103651 there is a new field caps option `include_empty_fields`. This PR updates AIOps Log Rate Analysis to make use of this option instead of a custom query and code that identified populated fields. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5482 - [x] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
…rless from read privileges route (elastic#178580) ## Summary Serverless environments do not have as many privileges available as ESS. As such, the hasPrivileges API on serverless rejects requests that include privileges that exist on ESS but not serverless. We request a large number of privileges in our hasPrivileges request, but many of the results are never actually used. This PR removes the ESS-only privileges from our hasPrivileges call so it will work without errors in both ESS and serverless. None of the removed privileges are necessary for either environment. ## Related Info https://docs.google.com/document/d/1IAPLqldS0xEZ_JHHE_Si5VA7xHnXpRAxkH_5FFTrtIo/edit#heading=h.pjo9lsbolpjv
…UnifiedSearch (elastic#178638) Part of elastic#178630 PR cleans up PublishesUnifiedSearch, removing reference to `local`. PR removes `getFallbackTimeRange` from interface. To get this value use `api.parentApi.timeRange.value` --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
…ing/unmounting (elastic#178770) ## Summary Related issue: elastic#178697 Clearing the state of analyzer completely when this hook dismounts is not actually needed, as analyzer will refetch data with any new parameters are passed from the security solution code, and doing so also caused the related bug. Removing this line fixes the problem. ![fullscreen_back](https://github.com/elastic/kibana/assets/56408403/e1e53e02-c402-4560-b4bc-a021c21093bb) ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
…formance to correctly classify journey e2e files (elastic#178340) The source code classifier we currently have was incorrectly classifying e2e journey files as `non-package` instead of `tests or mocks` as it was not using the name standards we used for FTR files. We could have created a `functional-tests` package for the performance folder (which is what we want to do in the future) but because we don't have the feature to create ownerless packages it would not be easy to find a given owner for that folder. As such I'm just opting for a second solution which is applying the same name standards to this journeys folder as we have for FTR and changing a little the classifier to recognise it. This should fix the problem found at elastic#178017. Co-authored-by: Alex Szabo <alex.szabo@elastic.co>
Fixes elastic#178579 ## Before ![Screenshot 2024-03-12 at 21 59 09](https://github.com/elastic/kibana/assets/2852703/a10d7a39-de03-455f-86a2-df7c36619d23) ## After <img width="1444" alt="Screenshot 2024-03-12 at 22 55 57" src="https://github.com/elastic/kibana/assets/2852703/39891b69-4812-4ca3-b706-268f4762e6f3"> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
- Followup for elastic#174585 ## Summary This PR hides only `null`, `undefined` values and keeps `false`, `0`, `(empty)`. Before: <img width="500" alt="Screenshot 2024-03-14 at 10 07 13" src="https://github.com/elastic/kibana/assets/1415710/c5d49362-09e3-48f2-9ecc-247560950d68"> After: <img width="500" alt="Screenshot 2024-03-14 at 10 06 25" src="https://github.com/elastic/kibana/assets/1415710/3c1adcfd-bec9-4b4a-b94f-78b1d916e9dd">
…178724) ## Summary Per @rylnd requirement, we are extending our es_archiver cypress task in order to be capable to use archives placed in `x-pack/test/functional/es_archives/security_solution` in Cypress. ## Archives living in our Cypress directory Use the following commands to load and unload the archive in your test. ```typescript cy.task('esArchiverLoad', { archiveName: 'timeline' }); cy.task('esArchiverUnload', { archiveName: 'timeline' }); ``` ## Archives living in `x-pack/test/functional/es_archives/security_solution` Use the following commands to load and unload the archive in your test. ```typescript cy.task('esArchiverLoad', { archiveName: 'alias', type: 'ftr' }); cy.task('esArchiverUnload', { archiveName: 'alias', type: 'ftr' }); ``` In this PR we are also adding the `/^x-pack/test/functional/es_archives/security_solution` route as a dependency when executing tests in buildkite to make sure that changes there are not breaking the Security Solution Cypress tests. --------- Co-authored-by: Ryland Herrick <ryalnd@gmail.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
…block install or uninstall of package (elastic#177380) ## Summary This PR fixes so that certain exceptions from Transforms will no longer cause error when installing or uninstalling a package. ``` Error installing fleet package: Error installing endpoint 8.11.0: resource_not_found_exception Root causes: resource_not_found_exception: Transform with id [endpoint.metadata_united-default-8.11.0] could not be found endpoint_security_test.go:371: ``` ``` Error installing fleet package: Error installing endpoint 8.11.0: runtime_exception Caused by: version_conflict_engine_exception: [data_frame_transform_state_and_stats-endpoint.metadata_current-default-8.11.0]: version conflict, document already exists (current version [1]) Root causes: runtime_exception: Failed to persist transform statistics for transform [endpoint.metadata_current-default-8.11.0] ``` These errors might happen when the policies and packages are installed or uninstalled in rapid succession. ### Checklist Delete any items that are not applicable to this PR. - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - [ ] Any UI touched in this PR is usable by keyboard only (learn more about [keyboard accessibility](https://webaim.org/techniques/keyboard/)) - [ ] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US)) - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) - [ ] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [ ] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers) ### Risk Matrix Delete this section if it is not applicable to this PR. Before closing this PR, invite QA, stakeholders, and other developers to identify risks that should be tested prior to the change/feature release. When forming the risk matrix, consider some of the following examples and how they may potentially impact the change: | Risk | Probability | Severity | Mitigation/Notes | |---------------------------|-------------|----------|-------------------------| | Multiple Spaces—unexpected behavior in non-default Kibana Space. | Low | High | Integration tests will verify that all features are still supported in non-default Kibana Space and when user switches between spaces. | | Multiple nodes—Elasticsearch polling might have race conditions when multiple Kibana nodes are polling for the same tasks. | High | Low | Tasks are idempotent, so executing them multiple times will not result in logical error, but will degrade performance. To test for this case we add plenty of unit tests around this logic and document manual testing procedure. | | Code should gracefully handle cases when feature X or plugin Y are disabled. | Medium | High | Unit tests will verify that any feature flag or plugin combination still results in our service operational. | | [See more potential risk examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) | ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) Closes elastic/elastic-agent#4158 --------- Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Implements contextual actions. With this change, consumers of the Observability AI Assistant can add contextual actions to screen context, which are functions that are executed on the client. Its results are then pushed back to the API and the LLM to continue the conversation. This allows consumers to do things like: - have the LLM navigate the app - push component/browser state to the LLM - provide functions that make the most sense in a specific UI context Additionally, this also opens up the possibility for consumers of the complete API to implement their own functions. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
…c#178825) ## Summary This PR fixes test failures that came up when the serverless observability functional tests for dataset quality and ingest pipelines were run against the same project. ### Details The problem that we saw: * The dataset quality tests are calling `PageObjects.observabilityLogsExplorer.setupInitialIntegrations()`, which sets up a list of integrations, including many ingest pipelines. However, there was no cleanup of these installed integrations so the test suite left all the integrations and ingest pipelines behind. * The ingest pipelines tests were looking for a newly created pipeline in the list, but only checking the first page of 50 items in the UI, assuming that there are less than 50 pipelines existing. With the many pipelines left behind by the dataset quality tests, this suite failed as it couldn't find the created pipeline. How this PR fixes it: * The ingest pipeline tests have been stabilized so they can deal with more existing pipelines by adding an optional `searchFor` parameter to `getPipelinesList`. If this parameter is provided, the pipeline list will be searched for the provided search term before returning the list items. That way long lists can be filtered down to the items relevant to the test. * The dataset quality tests (stateful and serverless version) have been updated to include `PageObjects.observabilityLogsExplorer.removeInstalledPackages()` in the `after` method of the suite so they don't leave integrations behind. Flaky test runner for the three impacted configurations: https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5492 - passed ✔️
…lastic#178605) ## Summary Closes elastic/ingest-dev#2522 Added `unhealthy_reason` aggregation when querying agent metrics. The [mapping change](elastic/elasticsearch#106246) and [fleet-server change](elastic/fleet-server#3338) is needed to be merged first to verify end to end. Steps to verify: - enroll an agent with docker - add endpoint integration, expect an input and output unit error status on the agent doc - wait a few seconds so that the agent metrics are published - verify that the agent metrics include `unhealthy_reason`, using the query below ``` GET metrics-fleet_server.agent_status-default/_search { "_source": ["fleet.agents"] } "hits": [ { "_index": ".ds-metrics-fleet_server.agent_status-default-2024.03.11-000001", "_id": "3JdPioUh-9j8DxQrAAABjjclRhU", "_score": 1, "_source": { "fleet": { "agents": { "enrolled": 12, "healthy": 0, "inactive": 0, "offline": 11, "total": 13, "unenrolled": 1, "unhealthy": 1, "updating": 0, "upgrading_step": { "downloading": 0, "extracting": 0, "failed": 0, "replacing": 0, "requested": 0, "restarting": 0, "rollback": 0, "scheduled": 0, "watching": 0 }, "unhealthy_reason": { "input": 1, "output": 1 } } } } }, ``` ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
…ient (elastic#179253) ## Summary Allows rule executors to determine whether an alert is tracked from a previous execution. Co-authored-by: Maryam Saeidi <maryam.saeidi@elastic.co>
…ic#179235) This PR moves the AI Assistant Management plugin into x-pack to co-locate it with the other assistant plugins and to make it possible to statically import from the other assistant plugins. This is not currently possible because the Management plugin is in OSS and the other plugins are in xpack.
); | ||
})} | ||
{!isEmpty(unsavedChanges) && ( | ||
<BottomBarActions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You could use https://github.com/elastic/kibana/blob/main/packages/kbn-management/settings/components/form/bottom_bar/bottom_bar.tsx if we were to expose it.
|
||
const FieldRow = withSuspense(LazyFieldRow); | ||
|
||
export function PersistedSettings() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should make https://github.com/elastic/kibana/blob/main/packages/kbn-management/settings/components/form/form.tsx more generic, so we don't reinvent the wheel. I could do that for you in this PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That would be much appreciated! Let me know what I can do. Feel free to push to this pr.
## Summary For ES|QL charts the formula api should be redundant. This is going to make the api lighter as there is no need to import the lens plugin if you want to use the builder to create ES|QL charts.
…s on MKI (elastic#179249) ## Summary In this PR we are introducing several changes to make sure we have a green execution of Cypress tests on MKI environments. - Split `entity_analytics.cy.ts` between different spec files - Skipped managed data section test on MKI - Refactor of `installRiskScoreModule` method #### Split `entity_analytics.cy.ts` between different spec files The original spec file has a big execution time, what makes from time to time in MKI environment to perform a log off. To try to avoid that, we have splited the spec file in 3 new ones inside the `entity_analytics` folder. * anomalies.cy.ts * legacy_risk_score.cy.ts * new_risk_score.cy.ts #### Skipped managed data section test on MKI It has been skipped just on MKI (the test will be executed in PRs for both serverless and ESS) since I don't know how to fix it. A [ticket](elastic#179248) has been created to track it. It is now responsability of the team to investigate what is happening (I can give support with that). #### Refactor of `installRiskScoreModule` method That method is returning a `401` on MKI, to fix it, we refactored to use `rootRequest` instead since it uses the basic API authentication by default.
…stic#176803) ## Summary Address elastic#169734 . We're currently storing information about _Saved Object_ types in the `<index>.mapping._meta`. More specifically, we're storing hashes of the mappings of each type, under the `migrationMappingPropertyHashes` property. This allows us to detect which types' mappings have changed, in order to _update and pick up_ changes only for those types. **The problem is that `md5` cannot be used if we want to be FIPS compliant.** Thus, the idea is to stop using hashes to track changes in the SO mappings. Instead, we're going to use the same `modelVersions` introduced by ZDT: Whenever mappings change for a given SO type, the corresponding `modelVersion` will change too, so `modelVersions` can be used to determine if mappings have changed. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
…ic#178354) ## Summary This PR adds heartbeat-like data for MongoDB in the `fake_stack` dataset so users can express an SLO for that service. This also changes some of the details in the Nginx data to allow for group-by on the same domain names to be used in testing SLO alert dependencies.
If the call to `ObservabilityAIAssistantAppService.start` fails, show an error toast to notify the user. <img width="354" alt="Screenshot 2024-03-25 at 12 23 46" src="https://github.com/elastic/kibana/assets/2564140/021d442c-ec34-4acf-b441-6005acde1666">
## Summary Close elastic#179001 Close elastic#178924 The logs from the failures indicate that jobs were still in "processing" status at the end of their timeout. The expectation was that processing would be finished at that the result would be "failed." This change adds more time to the timeout limit so the jobs can progress beyond "processing" and hit the "failed" state. Flaky test runner job: https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5546
…78961) ## Summary Part of: - elastic/security-team#8040 With the introduction of Agentless when a user enters smth in the JSON credentials field in Agentless and then switches to Agent-based with the Cloud Shell option selected by default, the JSON credentials value was not reset. This was causing incorrect credentials data saved in the policy. This PR introduces the logic similar to what we already have for AWS and Azure to make sure the default credentials types match the setup method selected GCP is different though in a way that the credentials type is a combination of two vars: `setup_access` (values are `google_cloud_shell` and `manual`) and `gcp.credentials.type` (values are `credentials-json` and `credentials-file`) which is relevant only for `manual` setup access. I introduce a new value `credentials-none` for `gcp.credentials.type` which is set when `setup_access = google_cloud_shell`. This allows to safely clean up credentials in the fleet callback
…lastic#178761) ## Summary In elastic#170234, we added user input validations in the settings fields. The validation functionality uses the `schema` object from the settings definition. This PR adds more detailed documentation of the `schema` property to make people more aware of the validation functionality when registering a new setting.
…lastic#179179) ## Summary We're adding a new performance optimization in 8.14.0 that will make malware on-write and file event processing completely asynchronous. This PR adds an Advanced Policy option so users can out out, reverting to the old behavior. ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
… Cypress test on MKI (elastic#179347) ## Summary The current way we are using in our Cypress tests to saved queries, is not working on MKI environments. This is because we are trying to modify internal indexes directly, something that is completely forbidden in real Serverless projects. To solve the issue, we are using our APIs to perform the deletion actions.
## Summary Fix an issue with committing too much into the ES|QL grammar PR job. Now it targets only grammar files without anything else.
## Summary This PR enables notifications about failures of the https://buildkite.com/elastic/kibana-serverless-release job.
Towards: elastic#169867 This PR onboards Log Threshold rule type with FAAD. ### To verify Create a log threshold rule. Example: ``` POST kbn:/api/alerting/rule { "params": { "logView": { "logViewId": "Default", "type": "log-view-reference" }, "timeSize": 5, "timeUnit": "m", "count": { "value": -1, "comparator": "more than" }, "criteria": [ { "field": "log.level", "comparator": "equals", "value": "error" } ] }, "consumer": "alerts", "schedule": { "interval": "1m" }, "tags": [], "name": "test", "rule_type_id": "logs.alert.document.count", "notify_when": "onActionGroupChange", "actions": [] } ``` Your rule should create an alert and should saved it in `.internal.alerts-observability.metrics.alerts-default-000001` Example: ``` GET .internal.alerts-*/_search ``` Then set `count.value: 75` The alert should be recovered and the AAD in the above index should be updated `kibana.alert.status: recovered`.
Refactor
7643d77
to
c973800
Compare
Replaced by elastic#179380 |
Depends on elastic#179235