[APM][OTel] Span links from _sources #8
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Summary This PR updates the docs page about using the Dev Tools Console. Closes: elastic#191271
…ry (endpoint/third party) (elastic#192685) ## Summary Adds server-side telemetry collection for response action creation and responses. part of elastic/security-team/issues/7466 <details><summary>Events from telemetry staging</summary> <img src="https://github.com/user-attachments/assets/2e9f37f1-c5b5-46e9-be34-c3bdcff4015b" /> <img src="https://github.com/user-attachments/assets/85a5a75d-f9f1-4d76-a782-272d9d7da0cb" /> </details> <details><summary>Dashboard on staging</summary> <img src="https://github.com/user-attachments/assets/9faa96a2-a553-4def-b5da-6b66b5728ca4"> </details> This PR adds Server Side EBTs (event-based telemetry) for: ### Action creation event ```json5 "event_type": [ "endpoint_response_action_sent" ], "properties": [ { "responseActions": { "actionId": "696608a5-1908-457d-9072-5f555c740ffc", "agentType": "sentinel_one", "command": "unisolate", "isAutomated": false } } ], ``` ### Action response event ```json5 { "event_type": [ "endpoint_response_action_status_change_event" ], "properties": [ { "responseActions": { "actionId": "696608a5-1908-457d-9072-5f555c740ffc", "agentType": "sentinel_one", "actionStatus": "successful", "command": "unisolate", } } ], } ``` ### Action creation error event ```json5 "event_type": [ "endpoint_response_action_sent_error" ], "properties": [ { "responseActions": { "command": "execute", "error": "error message", "agentType": "endpoint" } } ], ``` **Note:** This PR does not add response completion telemetry for `endpoint` agent type. There would be follow up PRs to add that and some usage/snapshot telemetry. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - [ ] If a plugin configuration key changed, check if it needs to be allow-listed in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
## Summary * Fix issue with `docVersion` on link (prevent future failure) * Add a package to `actions.test.ts` (some of the actions targeted a pre-existing index). * Addresses elastic#166190 * Addresses elastic#166199 * Fix flakiness in `fail_on_rollback.test.ts` * Addresses elastic#193756
…d 'partition' field values (elastic#193255) ## Summary Enables cross-filtering for 'by', 'over' and 'partition' field values in the Single Metric Viewer. Fixes [elastic#171932](elastic#171932) Before: https://github.com/user-attachments/assets/9a279375-7d0b-4422-b9eb-644ae3c0d291 After: https://github.com/user-attachments/assets/d86d0688-dc69-43f0-aa24-130ff38935e6
…lastic#194196) Fixes elastic#193786 ## Summary Reverts a few changes made when the Roles grid page was moved to a functional component. Fixes regression in table sorting. ### Notes When preparing for the Query Roles API, we had moved the roles grid page to be a functional component. In doing so, we also migrated away from the In Memory table in favor of the basic table. EUIBasicTable does not support sorting out of the box and is meant to be used for server-side sorting, etc (unless we implement custom sorting logic). I've made a few changes: - Bring back the InMemoryTable but keep the Search Bar. - Remove few (now) unused functions which are to be brought back whenever the Query Roles API is ready. - Update tests ### Screen recording https://github.com/user-attachments/assets/4ac4f771-e7d1-4e17-807e-d6262767d100 ### Release notes Fixes UI regression in Roles listing page where users could not sort table by using the headers. --------- Co-authored-by: Elastic Machine <[email protected]>
## Summary Slo form little things !! Will auto add values for APM defaults to all instead of forcing user !! ### Changes Details | Before | After -- | -- | -- Data View component | <img width="1262" alt="image" src="https://github.com/user-attachments/assets/79a5cbcd-04e1-49e6-aa86-036b36c8a6e6"> | <img width="1391" alt="image" src="https://github.com/user-attachments/assets/973db8f5-179d-4f89-b57b-39c7b57eb360"> APM SLI | <img width="1183" alt="image" src="https://github.com/user-attachments/assets/a3e083fa-df13-408b-b02d-e26695398225"> | <img width="1158" alt="image" src="https://github.com/user-attachments/assets/a94cfe07-32b0-4367-95e8-ab10d232e98c">
## Summary * Unskips elastic#193756 * Unskips elastic#166190 Both should be addressed by elastic#194151
…lude secondary information: 0001 (elastic#193961) Closes: elastic/observability-accessibility#61 # Description Observability has a few pages that wrap related information like alert counts in the H1 tag. This presents a challenge to screen readers because all of that information now becomes the heading level one. It clogs up the Headings menu and makes it harder to reason about the page and what's primary information vs. secondary. # What was changed?: - `pageTitle` was renamed to `pageTitleContent`. The title portion was moved out of that component. - `ObservabilityPageTemplate.pageHeader` for the `Alert Detail` page was updated to separate the title from the other content. > [!NOTE] > Related PR: elastic#193958 for `Alerts Detail` # Screen: <img width="1274" alt="image" src="https://github.com/user-attachments/assets/4974a669-67e0-447d-9013-c675299ed75c">
…ic#192627) ## Summary Closes elastic#169741 PKCS12 truststores/keystores are not FIPS compliant and should not be used when running if FIPS mode. Users will be notified when they try to start KB in FIPS mode and are using the flagged settings and KB will exit. ## Testing You will need to generate a PKCS12 container (*.p12) file and have it stored somewhere that your local KB can access. To generate a PKCS12 to use: - `openssl req -x509 -newkey rsa:4096 -keyout myPrivateKey.pem -out myCertificate.crt` - `openssl pkcs12 -export -out keyStore.p12 -inkey myPrivateKey.pem -in myCertificate.crt` - Set password to `test` Put the `.p12` file in your `config` directory (not required, but you can copy and paste these commands easier) Start an ES instance in a method of your choosing, but not using yarn es snapshot. I like to use an 8.16.0-snapshot from the .es/cache directory by running tar -xzvf elasticsearch-8.16.0-SNAPSHOT-darwin-aarch64.tar.gz and cd into the new directory's bin folder to run ./elasticsearch In a new terminal window, navigate to your the top level of your elasticsearch folder and run: `curl -X POST --cacert config/certs/http_ca.crt -u elastic:YOUR_PASSWORD_HERE "https://localhost:9200/_license/start_trial?acknowledge=true&pretty"` This will enable the trial license for ES. Ensure you have Docker running locally. From any command line, run: ``` docker run --rm -it \ -v "$(pwd)"/config/keyStore.p12:/keyStore.p12:ro \ -e XPACK_SECURITY_FIPSMODE_ENABLED='true' \ -e ELASTICSEARCH_SSL_TRUSTSTORE_PATH='/keyStore.p12' \ -e ELASTICSEARCH_SSL_TRUSTSTORE_PASSWORD='test' \ -e ELASTICSEARCH_SSL_KEYSTORE_PATH='/keyStore.p12' \ -e ELASTICSEARCH_SSL_KEYSTORE_PASSWORD='test' \ -e SERVER_SSL_TRUSTSTORE_PATH='/keyStore.p12' \ -e SERVER_SSL_TRUSTSTORE_PASSWORD='test' \ -e SERVER_SSL_KEYSTORE_PATH='/keyStore.p12' \ -e SERVER_SSL_KEYSTORE_PASSWORD='test' \ -p 5601:5601/tcp docker.elastic.co/kibana-ci/kibana-ubi-fips:9.0.0-SNAPSHOT-92aeabf477867dc1768f9048b159f01f2ab1fcc3 ``` This will start Kibana into Interactive Setup mode, copy and paste the token from the ES startup logs. In your logs, you will see an error letting users know that PKCS12 settings are not allowed in FIPS It should look like: <img width="1767" alt="Screenshot 2024-09-11 at 1 57 22 PM" src="https://github.com/user-attachments/assets/c32c03b6-98b9-476d-8624-8cc1a535e23f"> ## Release note When running in FIPS mode, Kibana will forbid usage of PKCS12 configuration options --------- Co-authored-by: Jean-Louis Leysens <[email protected]>
…ut (elastic#194517) ## Summary Part of elastic#187772. Follow up to elastic#193657. The previous PR elastic#193657 moved `FieldStatsFlyout` to a package, the `aiops` plugin didn't make full use of that refactor by still passing in the flyout into the app context. ### Checklist - [x] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
## Summary
* New asset criticality ECS fields in mappings
* Schemas update
* Data client update
* Add check and throw an error if data migration is required
* Create a mappings and data migration
* When kibana starts
* Check if a mappings update is required
* Update mappings
* Check if data migration is required
* Schedule a kibana task that runs the migration
New asset criticality fields: asset, host, user
Ts type definition:
https://github.com/elastic/kibana/pull/194109/files#diff-61d0a28910f5cc972f65e47ff8ba189a0b34bae0d7a0c492b88676d8059bc87dR88-R122
Blocked by: elastic/elasticsearch#113588
### Checklist
[x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <[email protected]>
Fixing `getRowIndicatorProvider should render log.level row indicators on Surrounding documents page` by waiting a bit longer for the table to be rendered.
Co-authored-by: kibanamachine <[email protected]> Co-authored-by: Elastic Machine <[email protected]>
…4384) ## Summary Since the Stack Management landing page [has been dropped](elastic#191735) in the new "Solution navigation" in stateful (ESS) environments, we need to include some of the missing Security Solution links in the left navigation flyout panel. The PR also contains the removal of the "Recent" section from the left navigation, this is a SecuritySolution-specific product/design decision. #### Adding the missing links to the Stack Management left navigation panel flyout - Entity Risk Score (Alerts and Insights) - Asset Criticality (Alerts and Insights) - Graph (Kibana) - Canvas (Kibana) - Map (Kibana) - Visualiztion Library (Kibana)   #### Removing the "Recent" links item from the navigation. Before <img width="277" alt="old" src="https://github.com/user-attachments/assets/0eaccd3c-04e9-4838-bae9-e44e4fa0cec9"> After <img width="277" alt="Captura de pantalla 2024-10-02 a les 13 32 55" src="https://github.com/user-attachments/assets/53266f93-de2b-4d31-9935-5a793b6c99e8"> --------- Co-authored-by: Elastic Machine <[email protected]>
## Summary This got broken during some conflicts resolution or either during addressing feedback !! ### Before <img width="1719" alt="image" src="https://github.com/user-attachments/assets/f0ca27e1-44fb-4332-b455-89ef7f21a7fc"> ### After <img width="1705" alt="image" src="https://github.com/user-attachments/assets/d1b5cbf7-ee36-4b64-accf-66d6985b44aa">
## Summary Fix elastic#189411 - use `getFieldIconType` method to get the proper icon for field and fieldType - add `getCustomFieldType` prop to custom field type (keep consistent with Discover). | field icon | filter type | |------------|----------------| | <img width="609" alt="image" src="https://github.com/user-attachments/assets/4a2c0c2d-c41e-47a0-b8dd-071c043893f6"> | <img width="602" alt="image" src="https://github.com/user-attachments/assets/ef6b8795-5ede-426e-a66c-626f9c608d59"> | --------- Co-authored-by: Elastic Machine <[email protected]>
## Summary This PR is part of EUI's ongoing Emotion migration. We are actively deprecating/removing Sass mixins and variables that are component-specific. In this case, the `@mixin euiPanel` **only** sets `flex-grow: 1;` as its default CSS and creates a bunch of modifier classes, none of which were being used in Kibana - hence various removals (see git commits for more specifics). ### QA - [x] Checked Search Profiler for visual regressions - [x] Checked Visualize Library > TSVB for visual regressions ### Checklist - [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
## Summary This PR removes the `euiFormControlDefaultShadow` mixin from Kibana usage, which is shortly set to be deprecated/removed from EUI. The usages of this mixin primarily wanted the `border` styling of the mixin and not its background effects, so I've opted to simplify the CSS greatly to simply use `border` CSS instead of attempting to mess around with `box-shadow` (which wasn't really benefiting the final visual appearance of the affected use cases). I also incidentally removed some extra CSS specificity added in elastic#156639 (no longer necessary as of elastic#161592) which was causing exclusive borders to not be the correct color. | Before | After | |--------|--------| | <img width="696" alt="" src="https://github.com/user-attachments/assets/00478e77-08e8-490d-90fa-84abd2d3ba99"> | <img width="704" alt="" src="https://github.com/user-attachments/assets/46ef0a5f-5fb0-4d47-82ba-40ed7eb2ff89"> | ### Checklist - [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
## Summary Hey team, here is a small fix for the shadows not to be cropped in integrations grid container, based on this request: [https://github.com/elastic/UX/issues/132](url)
## Summary * * Refactor all risk engine API tests to use the new tear-down risk engine API before and after the test runs. * Updates the `tearDown` API to ignore 404 errors. * Add error logging to the test API client. Now, it also logs the request body.
## Summary This PR removes a Sass mixin usage that is shortly to be deprecated/removed from EUI. I think this somewhat addresses elastic#122594 / elastic#122556 but to be honest I'm not 100% sure what's going on with that meta issue 😅 ### QA | Before | After | |--------|--------| | <img width="231" alt="" src="https://github.com/user-attachments/assets/578ea6d8-1dce-4daa-9e3d-e1aac7079ec3"> | <img width="260" alt="" src="https://github.com/user-attachments/assets/482aa5a1-ed0c-4252-95b0-8b324628cb6c"> | Note that the height of the button has changed from prod, but from what I can tell this is actually correct and was previously broken on production. Hover/focus styles should remain the same compared to production. - `yarn storybook shared_ux` - Go to http://localhost:9001/?path=/story/button-exit-full-screen-button--exit-full-screen-button ### Checklist - [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
…tic#194661) ## 📓 Summary Closes elastic#191602 This work reduces the initial bundle size for the dataset quality plugin by **~55%** and reduces fragmentation in the chunks when the main page loads. | Before | After | |--------|--------| | <img width="525" alt="Screenshot 2024-10-02 at 09 56 35" src="https://github.com/user-attachments/assets/06fec02c-ff2c-4771-981f-a761bda67eae"> | <img width="521" alt="Screenshot 2024-10-02 at 09 59 16" src="https://github.com/user-attachments/assets/a243b09a-9d83-4d0d-b875-20855bb18f5d"> | | <img width="1398" alt="Screenshot 2024-10-02 at 09 56 55" src="https://github.com/user-attachments/assets/66d2c131-b0b7-47e1-9a9a-e1be57e69bbb"> | <img width="678" alt="Screenshot 2024-10-02 at 09 58 59" src="https://github.com/user-attachments/assets/39e6515e-5a83-4d97-97c8-cce01b7c6887"> | Co-authored-by: Marco Antonio Ghiani <[email protected]>
## Summary Updating the cached search notebooks prior to 8.16
fix elastic#163654 This PR enforces internal API restrictions in our standard offering. Internal APIs are subject to rapid change and are intentionally not public. By restricting their access, we protect consumers from these rapid changes. This PR does not change any public APIs and they remain available for external consumption. ## Note to reviewers: I chose the most practical way of resolving the failures (add the header or disable the restriction). ## Details Requests to internal Kibana APIs will be restricted globally. This allows more flexibility in making breaking changes to internal APIs, without a risk to external consumers. ## Why are we doing this? The restriction is there to help mitigate the risk of breaking external integrations consuming APIs. Internal APIs are subject to frequent changes, necessary for feature development. ## What this means to plugin authors : Kibana core applies the restriction when enabled through HTTP config. ## What this means to Kibana consumers: Explicitly restricting access to internal APIs has advantages for external consumers: - Consumers can safely integrate with Kibana's stable, public APIs - Consumers are protected from Internal route development, which may involve breaking changes - Relevant information in Kibana's external documentation that is user-friendly and complete. KB article explaining the change (tracked as part of elastic/kibana-team#1044) ## Release note Starting with this release, requests to internal Kibana APIs are globally restricted by default. This change is designed to provide more flexibility in making breaking changes to internal APIs while protecting external consumers from unexpected disruptions. **Key Changes**: • _Internal API Access_: External consumers no longer have access to Kibana’s internal APIs, which are now strictly reserved for internal development and subject to frequent changes. This helps ensure that external integrations only interact with stable, public APIs. • _Error Handling_: When a request is made to an internal API without the proper internal identifier (header or query parameter), Kibana will respond with a 400 Bad Request error, indicating that the route exists but is not allowed under the current Kibana configuration. ## How to test this ### Running kibana 1. Set `server.restrictInternalApis: true` in `kibana.yml` 2. Start es with any license 3. Start kibana 4. Make an external request to an internal API: <details> <summary>curl request to get the config for 9.0:</summary> ```unset curl --location 'localhost:5601/abc/api/kibana/management/saved_objects/_bulk_get' \ --header 'Content-Type: application/json' \ --header 'kbn-xsrf: kibana' \ --header 'x-elastic-internal-origin: kibana' \ --header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ==' \ --data '[ { "type": "config", "id": "9.0.0" } ]' ``` </details> The request should be successful. 5. Make the same curl request without the internal origin header <details> <summary>curl:</summary> ```unset curl --location 'localhost:5601/abc/api/kibana/management/saved_objects/_bulk_get' \ --header 'Content-Type: application/json' \ --header 'kbn-xsrf: kibana' \ --header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ==' \ --data '[ { "type": "config", "id": "9.0.0" } ]' ``` </details> The response should be an error similar to: `{"statusCode":400,"error":"Bad Request","message":"uri [/api/kibana/management/saved_objects/_bulk_get] with method [post] exists but is not available with the current configuration"}` 6. Remove `server.restrictInternalApis` from `kibana.yml` or set it to `false`. 7. Repeat both curl requests above. Both should respond without an error. ### Checklist Delete any items that are not applicable to this PR. - [X] [Documentation] was added for features that require explanation or tutorials (In PR elastic#191943) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (and PR elastic#192407) - [x] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) (docker list updated in elastic#156935, cloud stack packs for 9.0 kibana to follow) ### Risk Matrix | Risk | Probability | Severity | Mitigation/Notes | |---------------------------|-------------|----------|-------------------------| | The restriction is knowingly bypassed by end-users adding the required header to use `internal` APIs | Low | High | Kibana's internal APIs are not documented in the OAS specifications. External consumption will be prevented unless explicitly bypassed. | | Upstream services don't include the header and requests to `internal` APIs fail | Medium | Medium | The Core team needs to ensure intra-stack components are updated too | ### For maintainers - [x] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Elastic Machine <[email protected]>
…194689) ## Summary Previously we use `canUseEditor` to check if we should disable the `Added to Library` action. It's not ideal as it checks `core.application.capabilities.visualize?.show` under the hood. We should use `application.capabilities.visualize?.save` to make sure `Added to Library` is disabled when they have no rights to save a visualization. Steps to verify: 1. Create a role with read visualization privilege, and assign it to a user: <img width="2556" alt="Screenshot 2024-10-02 at 13 20 44" src="https://github.com/user-attachments/assets/1ab9ddcf-96fd-4fd1-bdad-7382573350fb"> 2. Login with the user and check `Add to Library` should be disabled: <img width="2556" alt="Screenshot 2024-10-02 at 13 20 11" src="https://github.com/user-attachments/assets/9681b121-77e6-47c1-9a99-57d53f5d0b07"> ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <[email protected]>
…source-with-fields
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary