diff --git a/docs/apm/api.asciidoc b/docs/apm/api.asciidoc index 93733f5990a46..b26c7446b91d1 100644 --- a/docs/apm/api.asciidoc +++ b/docs/apm/api.asciidoc @@ -60,7 +60,7 @@ The following Agent configuration APIs are available: ====== `settings`:: -(required) Key/value object with settings and their corresponding value. +(required) Key/value object with option name and option value. `agent_name`:: (optional) The agent name is used by the UI to determine which settings to display. @@ -73,14 +73,14 @@ The following Agent configuration APIs are available: -------------------------------------------------- PUT /api/apm/settings/agent-configuration { - "service" : { - "name" : "frontend", - "environment" : "production" + "service": { + "name": "frontend", + "environment": "production" }, - "settings" : { - "transaction_sample_rate" : 0.4, - "capture_body" : "off", - "transaction_max_spans" : 500 + "settings": { + "transaction_sample_rate": "0.4", + "capture_body": "off", + "transaction_max_spans": "500" }, "agent_name": "nodejs" } @@ -124,7 +124,7 @@ PUT /api/apm/settings/agent-configuration DELETE /api/apm/settings/agent-configuration { "service" : { - "name" : "frontend", + "name": "frontend", "environment": "production" } } @@ -157,9 +157,9 @@ DELETE /api/apm/settings/agent-configuration "environment": "production" }, "settings": { - "transaction_sample_rate": 1, + "transaction_sample_rate": "1", "capture_body": "off", - "transaction_max_spans": 200 + "transaction_max_spans": "200" }, "@timestamp": 1581934104843, "applied_by_agent": false, @@ -171,9 +171,9 @@ DELETE /api/apm/settings/agent-configuration "name": "opbeans-go" }, "settings": { - "transaction_sample_rate": 1, + "transaction_sample_rate": "1", "capture_body": "off", - "transaction_max_spans": 300 + "transaction_max_spans": "300" }, "@timestamp": 1581934111727, "applied_by_agent": false, @@ -185,7 +185,7 @@ DELETE /api/apm/settings/agent-configuration "name": "frontend" }, "settings": { - "transaction_sample_rate": 1, + "transaction_sample_rate": "1", }, "@timestamp": 1582031336265, "applied_by_agent": false, @@ -250,7 +250,7 @@ GET /api/apm/settings/agent-configuration "name": "frontend" }, "settings": { - "transaction_sample_rate": 1, + "transaction_sample_rate": "1", }, "@timestamp": 1582031336265, "applied_by_agent": false, @@ -266,9 +266,9 @@ GET /api/apm/settings/agent-configuration -------------------------------------------------- POST /api/apm/settings/agent-configuration/search { - "etag" : "1e58c178efeebae15c25c539da740d21dee422fc", + "etag": "1e58c178efeebae15c25c539da740d21dee422fc", "service" : { - "name" : "frontend", + "name": "frontend", "environment": "production" } } diff --git a/docs/apm/spans.asciidoc b/docs/apm/spans.asciidoc index 2eed339160fc4..c35fb115d2db4 100644 --- a/docs/apm/spans.asciidoc +++ b/docs/apm/spans.asciidoc @@ -1,38 +1,53 @@ [role="xpack"] [[spans]] -=== Span timeline +=== Trace sample timeline -TIP: A {apm-overview-ref-v}/transaction-spans.html[span] is the duration of a single event. -Spans are automatically captured by APM agents, and you can also define custom spans. -Each span has a type and is defined by a different color in the timeline/waterfall visualization. - -The span timeline visualization is a bird's-eye view of what your application was doing while it was trying to respond to the request that came in. +The trace sample timeline visualization is a bird's-eye view of what your application was doing while it was trying to respond to a request. This makes it useful for visualizing where the selected transaction spent most of its time. [role="screenshot"] image::apm/images/apm-transaction-sample.png[Example of distributed trace colors in the APM app in Kibana] View a span in detail by clicking on it in the timeline waterfall. -When you click on an SQL Select database query, +For example, when you click on an SQL Select database query, the information displayed includes the actual SQL that was executed, how long it took, and the percentage of the trace's total time. You also get a stack trace, which shows the SQL query in your code. Finally, APM knows which files are your code and which are just modules or libraries that you've installed. These library frames will be minimized by default in order to show you the most relevant stack trace. +TIP: A {apm-overview-ref-v}/transaction-spans.html[span] is the duration of a single event. +Spans are automatically captured by APM agents, and you can also define custom spans. +Each span has a type and is defined by a different color in the timeline/waterfall visualization. + [role="screenshot"] image::apm/images/apm-span-detail.png[Example view of a span detail in the APM app in Kibana] -If your span timeline is colorful, it's indicative of a <>. +[float] +[[distributed-tracing]] +==== Distributed tracing + +If your trace sample timeline is colorful, it's indicative of a distributed trace. Services in a distributed trace are separated by color and listed in the order they occur. [role="screenshot"] image::apm/images/apm-services-trace.png[Example of distributed trace colors in the APM app in Kibana] -Don't forget; a distributed trace includes more than one transaction. +As application architectures are shifting from monolithic to more distributed, service-based architectures, +distributed tracing has become a crucial feature of modern application performance monitoring. +It allows you to trace requests through your service architecture automatically, and visualize those traces in one single view in the APM app. +From initial web requests to your front-end service, to queries made to your back-end services, +this makes finding possible bottlenecks throughout your application much easier and faster. + +[role="screenshot"] +image::apm/images/apm-distributed-tracing.png[Example view of the distributed tracing in APM app in Kibana] + +Don't forget; by definition, a distributed trace includes more than one transaction. When viewing these distributed traces in the timeline waterfall, you'll see this image:apm/images/transaction-icon.png[APM icon] icon, which indicates the next transaction in the trace. These transactions can be expanded and viewed in detail by clicking on them. After exploring these traces, you can return to the full trace by clicking *View full trace*. + +TIP: Distributed tracing is supported by all APM agents, and there's no additional configuration needed. diff --git a/docs/apm/traces.asciidoc b/docs/apm/traces.asciidoc index 8eef3d9bed4db..52b4b618de466 100644 --- a/docs/apm/traces.asciidoc +++ b/docs/apm/traces.asciidoc @@ -4,7 +4,7 @@ TIP: Traces link together related transactions to show an end-to-end performance of how a request was served and which services were part of it. -In addition to the Traces overview, you can view your application traces in the <>. +In addition to the Traces overview, you can view your application traces in the <>. The *Traces* overview displays the entry transaction for all traces in your application. If you're using <>, this view is key to finding the critical paths within your application. @@ -17,25 +17,3 @@ If there's a particular endpoint you're worried about, you can click on it to vi [role="screenshot"] image::apm/images/apm-traces.png[Example view of the Traces overview in APM app in Kibana] - -[float] -[[distributed-tracing]] -==== Distributed tracing - -Elastic APM supports distributed tracing. -Distributed tracing is a key feature of modern application performance monitoring as application architectures are shifting from monolithic to more distributed, -service-based architectures. - -Distributed tracing allows APM users to automatically trace requests all the way through the service architecture, -and visualize those traces in one single view in the APM app. -This is accomplished by tracing all of the requests, from the initial web request to your front-end service, -to queries made to your back-end services. -This makes finding possible bottlenecks throughout your application much easier and faster. - -By definition, a distributed trace includes more than one transaction. -You can use the <> to view a waterfall display of all of the transactions from individual services that are connected in a trace. - -[role="screenshot"] -image::apm/images/apm-distributed-tracing.png[Example view of the distributed tracing in APM app in Kibana] - -TIP: Distributed tracing is supported by all APM agents, and there's no additional configuration needed. \ No newline at end of file diff --git a/docs/apm/transactions.asciidoc b/docs/apm/transactions.asciidoc index 2e1022e6d684c..8012c9108ca5e 100644 --- a/docs/apm/transactions.asciidoc +++ b/docs/apm/transactions.asciidoc @@ -95,7 +95,7 @@ It's the requests on the right, the ones taking longer than average, that we pro When you select one of these buckets, you're presented with up to ten trace samples. -Each sample has a span timeline waterfall that shows what a typical request in that bucket was doing. +Each sample has a trace timeline waterfall that shows what a typical request in that bucket was doing. By investigating this timeline waterfall, we can hopefully determine _why_ this request was slow and then implement a fix. [role="screenshot"] diff --git a/docs/canvas/canvas-elements.asciidoc b/docs/canvas/canvas-elements.asciidoc index a25460a20eb50..4149039a3f87b 100644 --- a/docs/canvas/canvas-elements.asciidoc +++ b/docs/canvas/canvas-elements.asciidoc @@ -31,7 +31,7 @@ By default, most of the elements you create use demo data until you change the d [[canvas-add-object]] ==== Add a saved object -Add a <>, such as a map or Lens visualization, then customize it to fit your display needs. +Add a <>, then customize it to fit your display needs. . Click *Embed object*. diff --git a/docs/migration/migrate_7_2.asciidoc b/docs/migration/migrate_7_2.asciidoc index acb2275afabd3..ac877f8514e64 100644 --- a/docs/migration/migrate_7_2.asciidoc +++ b/docs/migration/migrate_7_2.asciidoc @@ -9,6 +9,13 @@ your application to Kibana 7.2. See also <> and <>. +//NOTE: The notable-breaking-changes tagged regions are re-used in the +//Installation and Upgrade Guide + +//tag::notable-breaking-changes[] + +// end::notable-breaking-changes[] + [float] [[breaking_72_index_pattern_changes]] diff --git a/docs/migration/migrate_7_5.asciidoc b/docs/migration/migrate_7_5.asciidoc index f01c352c69ee5..04e8de26297c5 100644 --- a/docs/migration/migrate_7_5.asciidoc +++ b/docs/migration/migrate_7_5.asciidoc @@ -45,3 +45,4 @@ Any installs that previously enabled the Code app will now log a warning when Kibana starts up. It's safe to remove all configurations starting with `xpack.code.`. Starting in 8.0, these warnings will become errors that prevent Kibana from starting up. +// end::notable-breaking-changes[] \ No newline at end of file diff --git a/docs/migration/migrate_7_6.asciidoc b/docs/migration/migrate_7_6.asciidoc index a44a3ca5418a3..00fb4074274ca 100644 --- a/docs/migration/migrate_7_6.asciidoc +++ b/docs/migration/migrate_7_6.asciidoc @@ -10,6 +10,11 @@ your application to Kibana 7.6. * <> * <> +// The following section is re-used in the Installation and Upgrade Guide +//tag::notable-breaking-changes[] + +// end::notable-breaking-changes[] + [float] [[user-facing-changes]] === Breaking changes for users diff --git a/docs/migration/migrate_7_7.asciidoc b/docs/migration/migrate_7_7.asciidoc index 0098e07e29a59..4cf52b3535c0b 100644 --- a/docs/migration/migrate_7_7.asciidoc +++ b/docs/migration/migrate_7_7.asciidoc @@ -7,14 +7,10 @@ This page discusses the breaking changes that you need to be aware of when migrating your application to Kibana 7.7. -//NOTE: The notable-breaking-changes tagged regions are re-used in the -//Installation and Upgrade Guide - -//// -The following section is re-used in the Installation and Upgrade Guide -[[breaking_70_notable]] -=== Notable breaking changes -//// +// The following section is re-used in the Installation and Upgrade Guide +// tag::notable-breaking-changes[] + +// end::notable-breaking-changes[] [float] === Breaking changes for users diff --git a/docs/redirects.asciidoc b/docs/redirects.asciidoc index 1bdba6f1ae058..d81298c1007b3 100644 --- a/docs/redirects.asciidoc +++ b/docs/redirects.asciidoc @@ -86,3 +86,13 @@ This page has moved. Please see <>. == Maps This page has moved. Please see <>. + +[role="exclude",id="development-embedding-visualizations"] +== Embedding Visualizations + +This page was deleted. See <>. + +[role="exclude",id="development-create-visualization"] +== Developing Visualizations + +This page was deleted. See <>. diff --git a/docs/setup/settings.asciidoc b/docs/setup/settings.asciidoc index 69a3f72bc795c..cc662af08b8f1 100644 --- a/docs/setup/settings.asciidoc +++ b/docs/setup/settings.asciidoc @@ -641,3 +641,4 @@ include::{docdir}/settings/reporting-settings.asciidoc[] include::secure-settings.asciidoc[] include::{docdir}/settings/security-settings.asciidoc[] include::{docdir}/settings/spaces-settings.asciidoc[] +include::{docdir}/settings/telemetry-settings.asciidoc[] diff --git a/docs/user/plugins.asciidoc b/docs/user/plugins.asciidoc index 83c1ab1a842bb..a96fe811dc84f 100644 --- a/docs/user/plugins.asciidoc +++ b/docs/user/plugins.asciidoc @@ -33,12 +33,17 @@ $ bin/kibana-plugin install x-pack === Install plugins from an arbitrary URL You can download official Elastic plugins simply by specifying their name. You -can alternatively specify a URL to a specific plugin, as in the following -example: +can alternatively specify a URL or file path to a specific plugin, as in the following +examples: ["source","shell",subs="attributes"] $ bin/kibana-plugin install https://artifacts.elastic.co/downloads/packs/x-pack/x-pack-{version}.zip +or + +["source","shell",subs="attributes"] +$ bin/kibana-plugin install file:///local/path/to/custom_plugin.zip + You can specify URLs that use the HTTP, HTTPS, or `file` protocols. [float] diff --git a/docs/visualize/timelion.asciidoc b/docs/visualize/timelion.asciidoc index 852c3e1ecdeca..9e41cce561454 100644 --- a/docs/visualize/timelion.asciidoc +++ b/docs/visualize/timelion.asciidoc @@ -32,7 +32,9 @@ To start tracking the real-time percentage of CPU, enter the following in the *T [source,text] ---------------------------------- -.es(index=metricbeat-*, timefield='@timestamp', metric='avg:system.cpu.user.pct') +.es(index=metricbeat-*, + timefield='@timestamp', + metric='avg:system.cpu.user.pct') ---------------------------------- [role="screenshot"] @@ -70,7 +72,12 @@ To easily distinguish between the two data sets, add the label names: [source,text] ---------------------------------- -.es(offset=-1h,index=metricbeat-*, timefield='@timestamp', metric='avg:system.cpu.user.pct').label('last hour'), .es(index=metricbeat-*, timefield='@timestamp', metric='avg:system.cpu.user.pct').label('current hour') <1> +.es(offset=-1h,index=metricbeat-*, + timefield='@timestamp', + metric='avg:system.cpu.user.pct').label('last hour'), +.es(index=metricbeat-*, + timefield='@timestamp', + metric='avg:system.cpu.user.pct').label('current hour') <1> ---------------------------------- <1> `.label()` adds custom labels to the visualization. diff --git a/packages/kbn-es/src/utils/native_realm.js b/packages/kbn-es/src/utils/native_realm.js index 247ddc461910f..086898abb6b67 100644 --- a/packages/kbn-es/src/utils/native_realm.js +++ b/packages/kbn-es/src/utils/native_realm.js @@ -76,6 +76,10 @@ exports.NativeRealm = class NativeRealm { } const reservedUsers = await this.getReservedUsers(); + if (!reservedUsers || reservedUsers.length < 1) { + throw new Error('no reserved users found, unable to set native realm passwords'); + } + await Promise.all( reservedUsers.map(async user => { await this.setPassword(user, options[`password.${user}`]); diff --git a/packages/kbn-plugin-helpers/cli.js b/packages/kbn-plugin-helpers/cli.js index c6fc48bc5be9a..48b70535272fe 100644 --- a/packages/kbn-plugin-helpers/cli.js +++ b/packages/kbn-plugin-helpers/cli.js @@ -88,6 +88,4 @@ program })) ); -program.command('postinstall').action(createCommanderAction('postinstall')); - program.parse(process.argv); diff --git a/packages/kbn-plugin-helpers/lib/tasks.js b/packages/kbn-plugin-helpers/lib/tasks.js index 0e33e2086d9c4..afc9c056d51d7 100644 --- a/packages/kbn-plugin-helpers/lib/tasks.js +++ b/packages/kbn-plugin-helpers/lib/tasks.js @@ -22,7 +22,6 @@ const startTask = require('../tasks/start'); const testAllTask = require('../tasks/test/all'); const testKarmaTask = require('../tasks/test/karma'); const testMochaTask = require('../tasks/test/mocha'); -const postinstallTask = require('../tasks/postinstall'); module.exports = { build: buildTask, @@ -30,5 +29,4 @@ module.exports = { testAll: testAllTask, testKarma: testKarmaTask, testMocha: testMochaTask, - postinstall: postinstallTask, }; diff --git a/packages/kbn-plugin-helpers/tasks/postinstall/index.js b/packages/kbn-plugin-helpers/tasks/postinstall/index.js deleted file mode 100644 index 9522e1e0e8998..0000000000000 --- a/packages/kbn-plugin-helpers/tasks/postinstall/index.js +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -const resolve = require('path').resolve; -const statSync = require('fs').statSync; - -module.exports = function(plugin) { - if ( - fileExists(resolve(plugin.root, '../kibana/package.json')) && - !fileExists(resolve(plugin.root, '../../kibana/package.json')) - ) { - process.stdout.write( - '\nWARNING: Kibana now requires that plugins must be located in ' + - '`../kibana-extra/{pluginName}` relative to the Kibana folder ' + - 'during development. We found a Kibana in `../kibana`, but not in ' + - '`../../kibana`.\n' - ); - } -}; - -function fileExists(path) { - try { - const stat = statSync(path); - return stat.isFile(); - } catch (e) { - return false; - } -} diff --git a/src/dev/ci_setup/setup_env.sh b/src/dev/ci_setup/setup_env.sh index 05840926d35de..d9d0528748dc0 100644 --- a/src/dev/ci_setup/setup_env.sh +++ b/src/dev/ci_setup/setup_env.sh @@ -126,6 +126,7 @@ export PATH="$PATH:$yarnGlobalDir" # use a proxy to fetch chromedriver/geckodriver asset export GECKODRIVER_CDNURL="https://us-central1-elastic-kibana-184716.cloudfunctions.net/kibana-ci-proxy-cache" export CHROMEDRIVER_CDNURL="https://us-central1-elastic-kibana-184716.cloudfunctions.net/kibana-ci-proxy-cache" +export CYPRESS_DOWNLOAD_MIRROR="https://us-central1-elastic-kibana-184716.cloudfunctions.net/kibana-ci-proxy-cache/cypress" export CHECKS_REPORTER_ACTIVE=false diff --git a/src/plugins/vis_type_timeseries/server/lib/vis_data/table/process_bucket.js b/src/plugins/vis_type_timeseries/server/lib/vis_data/table/process_bucket.js index 98890f7462917..87e9734ea1054 100644 --- a/src/plugins/vis_type_timeseries/server/lib/vis_data/table/process_bucket.js +++ b/src/plugins/vis_type_timeseries/server/lib/vis_data/table/process_bucket.js @@ -21,7 +21,8 @@ import { buildProcessorFunction } from '../build_processor_function'; import { processors } from '../response_processors/table'; import { getLastValue } from '../../../../common/get_last_value'; import regression from 'regression'; -import { first, get, set } from 'lodash'; +import { first, get } from 'lodash'; +import { overwrite } from '../helpers'; import { getActiveSeries } from '../helpers/get_active_series'; export function processBucket(panel) { @@ -35,7 +36,7 @@ export function processBucket(panel) { const timeseries = { buckets: get(bucket, `${series.id}.buckets`), }; - set(bucket, series.id, { meta, timeseries }); + overwrite(bucket, series.id, { meta, timeseries }); } const processor = buildProcessorFunction(processors, bucket, panel, series); diff --git a/test/functional/services/remote/webdriver.ts b/test/functional/services/remote/webdriver.ts index a3955fa7eacaf..f2aa57eeddea8 100644 --- a/test/functional/services/remote/webdriver.ts +++ b/test/functional/services/remote/webdriver.ts @@ -17,7 +17,8 @@ * under the License. */ -import { delimiter } from 'path'; +import { delimiter, resolve } from 'path'; +import Fs from 'fs'; import * as Rx from 'rxjs'; import { mergeMap, map, takeUntil } from 'rxjs/operators'; @@ -37,6 +38,7 @@ import { Executor } from 'selenium-webdriver/lib/http'; import { getLogger } from 'selenium-webdriver/lib/logging'; import { installDriver } from 'ms-chromium-edge-driver'; +import { REPO_ROOT } from '@kbn/dev-utils'; import { pollForLogEntry$ } from './poll_for_log_entry'; import { createStdoutSocket } from './create_stdout_stream'; import { preventParallelCalls } from './prevent_parallel_calls'; @@ -50,6 +52,13 @@ const certValidation: string = process.env.NODE_TLS_REJECT_UNAUTHORIZED as strin const SECOND = 1000; const MINUTE = 60 * SECOND; const NO_QUEUE_COMMANDS = ['getLog', 'getStatus', 'newSession', 'quit']; +const downloadDir = resolve(REPO_ROOT, 'target/functional-tests/downloads'); +const chromiumDownloadPrefs = { + prefs: { + 'download.default_directory': downloadDir, + 'download.prompt_for_download': false, + }, +}; /** * Best we can tell WebDriver locks up sometimes when we send too many @@ -112,6 +121,7 @@ async function attemptToCreateCommand( chromeCapabilities.set('goog:chromeOptions', { w3c: true, args: chromeOptions, + ...chromiumDownloadPrefs, }); chromeCapabilities.set('unexpectedAlertBehaviour', 'accept'); chromeCapabilities.set('goog:loggingPrefs', { browser: 'ALL' }); @@ -145,6 +155,10 @@ async function attemptToCreateCommand( edgeOptions.setEdgeChromium(true); // @ts-ignore internal modules are not typed edgeOptions.setBinaryPath(edgePaths.browserPath); + const options = edgeOptions.get('ms:edgeOptions'); + // overriding options to include preferences + Object.assign(options, chromiumDownloadPrefs); + edgeOptions.set('ms:edgeOptions', options); const session = await new Builder() .forBrowser('MicrosoftEdge') .setEdgeOptions(edgeOptions) @@ -175,6 +189,14 @@ async function attemptToCreateCommand( firefoxOptions.set('moz:firefoxOptions', { prefs: { 'devtools.console.stdout.content': true }, }); + firefoxOptions.setPreference('browser.download.folderList', 2); + firefoxOptions.setPreference('browser.download.manager.showWhenStarting', false); + firefoxOptions.setPreference('browser.download.dir', downloadDir); + firefoxOptions.setPreference( + 'browser.helperApps.neverAsk.saveToDisk', + 'application/comma-separated-values, text/csv, text/plain' + ); + if (headlessBrowser === '1') { // See: https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Headless_mode firefoxOptions.headless(); @@ -298,6 +320,9 @@ export async function initWebDriver( log.verbose(entry.message); }); + // create browser download folder + Fs.mkdirSync(downloadDir, { recursive: true }); + // download Edge driver only in case of usage if (browserType === Browsers.ChromiumEdge) { edgePaths = await installDriver(); diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/actions_description.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/actions_description.tsx new file mode 100644 index 0000000000000..f98062a561040 --- /dev/null +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/actions_description.tsx @@ -0,0 +1,35 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import { startCase } from 'lodash/fp'; +import { AlertAction } from '../../../../../../../../../plugins/alerting/common'; + +const ActionsDescription = ({ actions }: { actions: AlertAction[] }) => { + if (!actions.length) return null; + + return ( +
    + {actions.map((action, index) => ( +
  • {getActionTypeName(action.actionTypeId)}
    • + ))} +
+ ); +}; + +export const buildActionsDescription = (actions: AlertAction[], title: string) => ({ + title: actions.length ? title : '', + description: , +}); + +const getActionTypeName = (actionTypeId: AlertAction['actionTypeId']) => { + if (!actionTypeId) return ''; + const actionType = actionTypeId.split('.')[1]; + + if (!actionType) return ''; + + return startCase(actionType); +}; diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.tsx index 05e47225c8f4b..70d936fe26f63 100644 --- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.tsx @@ -34,6 +34,8 @@ import { } from './helpers'; import { useSiemJobs } from '../../../../../components/ml_popover/hooks/use_siem_jobs'; import { buildMlJobDescription } from './ml_job_description'; +import { buildActionsDescription } from './actions_description'; +import { buildThrottleDescription } from './throttle_description'; const DescriptionListContainer = styled(EuiDescriptionList)` &.euiDescriptionList--column .euiDescriptionList__title { @@ -73,6 +75,15 @@ export const StepRuleDescriptionComponent: React.FC = ), ]; } + + if (key === 'throttle') { + return [...acc, buildThrottleDescription(get(key, data), get([key, 'label'], schema))]; + } + + if (key === 'actions') { + return [...acc, buildActionsDescription(get(key, data), get([key, 'label'], schema))]; + } + return [...acc, ...buildListItems(data, pick(key, schema), filterManager, indexPatterns)]; }, []); diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/throttle_description.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/throttle_description.tsx new file mode 100644 index 0000000000000..b3cdbabab36e2 --- /dev/null +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/throttle_description.tsx @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { find } from 'lodash/fp'; +import { THROTTLE_OPTIONS, DEFAULT_THROTTLE_OPTION } from '../throttle_select_field'; + +export const buildThrottleDescription = (value = DEFAULT_THROTTLE_OPTION.value, title: string) => { + const throttleOption = find(['value', value], THROTTLE_OPTIONS); + + return { + title, + description: throttleOption ? throttleOption.text : value, + }; +}; diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_rule_actions/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_rule_actions/index.tsx index aec315938b6ae..7ffb49840eeb5 100644 --- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_rule_actions/index.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_rule_actions/index.tsx @@ -13,7 +13,11 @@ import { RuleStep, RuleStepProps, ActionsStepRule } from '../../types'; import { StepRuleDescription } from '../description_step'; import { Form, UseField, useForm } from '../../../../../shared_imports'; import { StepContentWrapper } from '../step_content_wrapper'; -import { ThrottleSelectField, THROTTLE_OPTIONS } from '../throttle_select_field'; +import { + ThrottleSelectField, + THROTTLE_OPTIONS, + DEFAULT_THROTTLE_OPTION, +} from '../throttle_select_field'; import { RuleActionsField } from '../rule_actions_field'; import { useKibana } from '../../../../../lib/kibana'; import { schema } from './schema'; @@ -29,7 +33,7 @@ const stepActionsDefaultValue = { isNew: true, actions: [], kibanaSiemAppUrl: '', - throttle: THROTTLE_OPTIONS[0].value, + throttle: DEFAULT_THROTTLE_OPTION.value, }; const GhostFormField = () => <>; @@ -112,7 +116,7 @@ const StepRuleActionsComponent: FC = ({ return isReadOnlyView && myStepData != null ? ( - + ) : ( <> diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_rule_actions/schema.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_rule_actions/schema.tsx index bc3b0dfe720bc..18606975cb640 100644 --- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_rule_actions/schema.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_rule_actions/schema.tsx @@ -9,9 +9,6 @@ import { i18n } from '@kbn/i18n'; import { FormSchema } from '../../../../../shared_imports'; export const schema: FormSchema = { - actions: {}, - enabled: {}, - kibanaSiemAppUrl: {}, throttle: { label: i18n.translate( 'xpack.siem.detectionEngine.createRule.stepRuleActions.fieldThrottleLabel', @@ -27,4 +24,14 @@ export const schema: FormSchema = { } ), }, + actions: { + label: i18n.translate( + 'xpack.siem.detectionEngine.createRule.stepRuleActions.fieldActionsLabel', + { + defaultMessage: 'Actions', + } + ), + }, + enabled: {}, + kibanaSiemAppUrl: {}, }; diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/throttle_select_field/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/throttle_select_field/index.tsx index 0cf15c41a0f91..9628ab7525404 100644 --- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/throttle_select_field/index.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/throttle_select_field/index.tsx @@ -20,6 +20,8 @@ export const THROTTLE_OPTIONS = [ { value: '7d', text: 'Weekly' }, ]; +export const DEFAULT_THROTTLE_OPTION = THROTTLE_OPTIONS[0]; + type ThrottleSelectField = typeof SelectField; export const ThrottleSelectField: ThrottleSelectField = props => { diff --git a/x-pack/plugins/infra/common/inventory_models/container/metrics/snapshot/rx.ts b/x-pack/plugins/infra/common/inventory_models/container/metrics/snapshot/rx.ts index 6843f6149c711..76d61e3b94441 100644 --- a/x-pack/plugins/infra/common/inventory_models/container/metrics/snapshot/rx.ts +++ b/x-pack/plugins/infra/common/inventory_models/container/metrics/snapshot/rx.ts @@ -7,6 +7,6 @@ import { networkTrafficWithInterfaces } from '../../../shared/metrics/snapshot/network_traffic_with_interfaces'; export const rx = networkTrafficWithInterfaces( 'rx', - 'docker.network.in.bytes', + 'docker.network.inbound.bytes', 'docker.network.interface' ); diff --git a/x-pack/plugins/infra/common/inventory_models/container/metrics/snapshot/tx.ts b/x-pack/plugins/infra/common/inventory_models/container/metrics/snapshot/tx.ts index bccb4e60e9d19..4f413ed350f40 100644 --- a/x-pack/plugins/infra/common/inventory_models/container/metrics/snapshot/tx.ts +++ b/x-pack/plugins/infra/common/inventory_models/container/metrics/snapshot/tx.ts @@ -7,6 +7,6 @@ import { networkTrafficWithInterfaces } from '../../../shared/metrics/snapshot/network_traffic_with_interfaces'; export const tx = networkTrafficWithInterfaces( 'tx', - 'docker.network.out.bytes', + 'docker.network.outbound.bytes', 'docker.network.interface' ); diff --git a/x-pack/plugins/infra/common/inventory_models/container/metrics/tsvb/container_network_traffic.ts b/x-pack/plugins/infra/common/inventory_models/container/metrics/tsvb/container_network_traffic.ts index 18daac446bdcd..0300b9deee115 100644 --- a/x-pack/plugins/infra/common/inventory_models/container/metrics/tsvb/container_network_traffic.ts +++ b/x-pack/plugins/infra/common/inventory_models/container/metrics/tsvb/container_network_traffic.ts @@ -20,37 +20,73 @@ export const containerNetworkTraffic: TSVBMetricModelCreator = ( series: [ { id: 'tx', - split_mode: 'everything', metrics: [ { - field: 'docker.network.out.bytes', - id: 'avg-network-out', - type: 'avg', + field: 'docker.network.outbound.bytes', + id: 'max-net-out', + type: 'max', + }, + { + field: 'max-net-out', + id: 'deriv-max-net-out', + type: 'derivative', + unit: '1s', + }, + { + id: 'posonly-deriv-max-net-out', + type: 'calculation', + variables: [{ id: 'var-rate', name: 'rate', field: 'deriv-max-net-out' }], + script: 'params.rate > 0.0 ? params.rate : 0.0', + }, + { + function: 'sum', + id: 'seriesagg-sum', + type: 'series_agg', }, ], + split_mode: 'terms', + terms_field: 'docker.network.interface', }, { id: 'rx', - split_mode: 'everything', metrics: [ { - field: 'docker.network.in.bytes', - id: 'avg-network-in', - type: 'avg', + field: 'docker.network.inbound.bytes', + id: 'max-net-in', + type: 'max', }, { - id: 'invert-posonly-deriv-max-network-in', + field: 'max-net-in', + id: 'deriv-max-net-in', + type: 'derivative', + unit: '1s', + }, + { + id: 'posonly-deriv-max-net-in', + type: 'calculation', + variables: [{ id: 'var-rate', name: 'rate', field: 'deriv-max-net-in' }], + script: 'params.rate > 0.0 ? params.rate : 0.0', + }, + { + id: 'calc-invert-rate', script: 'params.rate * -1', type: 'calculation', variables: [ { - field: 'avg-network-in', + field: 'posonly-deriv-max-net-in', id: 'var-rate', name: 'rate', }, ], }, + { + function: 'sum', + id: 'seriesagg-sum', + type: 'series_agg', + }, ], + split_mode: 'terms', + terms_field: 'docker.network.interface', }, ], }); diff --git a/x-pack/plugins/infra/kibana.json b/x-pack/plugins/infra/kibana.json index b8796ad7a358e..27805f6a26081 100644 --- a/x-pack/plugins/infra/kibana.json +++ b/x-pack/plugins/infra/kibana.json @@ -4,7 +4,6 @@ "kibanaVersion": "kibana", "requiredPlugins": [ "features", - "apm", "usageCollection", "spaces", "home", diff --git a/x-pack/plugins/infra/server/routes/metadata/index.ts b/x-pack/plugins/infra/server/routes/metadata/index.ts index 03d28110d612a..de38739ef94e6 100644 --- a/x-pack/plugins/infra/server/routes/metadata/index.ts +++ b/x-pack/plugins/infra/server/routes/metadata/index.ts @@ -18,7 +18,6 @@ import { import { InfraBackendLibs } from '../../lib/infra_types'; import { getMetricMetadata } from './lib/get_metric_metadata'; import { pickFeatureName } from './lib/pick_feature_name'; -import { hasAPMData } from './lib/has_apm_data'; import { getCloudMetricsMetadata } from './lib/get_cloud_metric_metadata'; import { getNodeInfo } from './lib/get_node_info'; import { throwErrors } from '../../../common/runtime_types'; @@ -67,16 +66,13 @@ export const initMetadataRoute = (libs: InfraBackendLibs) => { const cloudMetricsFeatures = pickFeatureName(cloudMetricsMetadata.buckets).map( nameToFeature('metrics') ); - const hasAPM = await hasAPMData(framework, requestContext, configuration, nodeId, nodeType); - const apmMetricFeatures = hasAPM ? [{ name: 'apm.transaction', source: 'apm' }] : []; - const id = metricsMetadata.id; const name = metricsMetadata.name || id; return response.ok({ body: InfraMetadataRT.encode({ id, name, - features: [...metricFeatures, ...cloudMetricsFeatures, ...apmMetricFeatures], + features: [...metricFeatures, ...cloudMetricsFeatures], info, }), }); diff --git a/x-pack/plugins/infra/server/routes/metadata/lib/has_apm_data.ts b/x-pack/plugins/infra/server/routes/metadata/lib/has_apm_data.ts deleted file mode 100644 index 1f8029db80d86..0000000000000 --- a/x-pack/plugins/infra/server/routes/metadata/lib/has_apm_data.ts +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { RequestHandlerContext } from 'src/core/server'; - -import { KibanaFramework } from '../../../lib/adapters/framework/kibana_framework_adapter'; -import { InfraSourceConfiguration } from '../../../lib/sources'; -import { findInventoryFields } from '../../../../common/inventory_models'; -import { InventoryItemType } from '../../../../common/inventory_models/types'; - -export const hasAPMData = async ( - framework: KibanaFramework, - requestContext: RequestHandlerContext, - sourceConfiguration: InfraSourceConfiguration, - nodeId: string, - nodeType: InventoryItemType -) => { - const apmIndices = await framework.plugins.apm.getApmIndices(); - const apmIndex = apmIndices['apm_oss.transactionIndices'] || 'apm-*'; - const fields = findInventoryFields(nodeType, sourceConfiguration.fields); - - // There is a bug in APM ECS data where host.name is not set. - // This will fixed with: https://github.com/elastic/apm-server/issues/2502 - const nodeFieldName = nodeType === 'host' ? 'host.hostname' : fields.id; - const params = { - allowNoIndices: true, - ignoreUnavailable: true, - terminateAfter: 1, - index: apmIndex, - body: { - size: 0, - query: { - bool: { - filter: [ - { - match: { [nodeFieldName]: nodeId }, - }, - { - exists: { field: 'service.name' }, - }, - { - exists: { field: 'transaction.type' }, - }, - ], - }, - }, - }, - }; - const response = await framework.callWithRequest<{}, {}>(requestContext, 'search', params); - return response.hits.total.value !== 0; -}; diff --git a/x-pack/test/api_integration/apis/infra/metadata.ts b/x-pack/test/api_integration/apis/infra/metadata.ts index b693881abcdf7..59e5a850bb04c 100644 --- a/x-pack/test/api_integration/apis/infra/metadata.ts +++ b/x-pack/test/api_integration/apis/infra/metadata.ts @@ -241,40 +241,6 @@ export default function({ getService }: FtrProviderContext) { } }); }); - describe('APM metrics', () => { - const archiveName = 'infra/8.0.0/metrics_and_apm'; - before(() => esArchiver.load(archiveName)); - after(() => esArchiver.unload(archiveName)); - - it('host without APM data', async () => { - const metadata = await fetchMetadata({ - sourceId: 'default', - nodeId: 'gke-observability-8--observability-8--bc1afd95-f0zc', - nodeType: 'host', - }); - if (metadata) { - expect( - metadata.features.some(f => f.name === 'apm.transaction' && f.source === 'apm') - ).to.be(false); - } else { - throw new Error('Metadata should never be empty'); - } - }); - it('pod with APM data', async () => { - const metadata = await fetchMetadata({ - sourceId: 'default', - nodeId: 'c1031331-9ae0-11e9-9a96-42010a84004d', - nodeType: 'pod', - }); - if (metadata) { - expect( - metadata.features.some(f => f.name === 'apm.transaction' && f.source === 'apm') - ).to.be(true); - } else { - throw new Error('Metadata should never be empty'); - } - }); - }); }); }); }