diff --git a/docs/developer/plugin-list.asciidoc b/docs/developer/plugin-list.asciidoc
index 8be3c0317312b..0575460676297 100644
--- a/docs/developer/plugin-list.asciidoc
+++ b/docs/developer/plugin-list.asciidoc
@@ -156,7 +156,7 @@ It also provides a stateful version of it on the start contract.
|{kib-repo}blob/{branch}/src/plugins/telemetry_management_section/README.md[telemetryManagementSection]
-|This plugin adds the Advanced Settings section for the Usage Data collection (aka Telemetry).
+|This plugin adds the Advanced Settings section for the Usage and Security Data collection (aka Telemetry).
|{kib-repo}blob/{branch}/src/plugins/tile_map[tileMap]
diff --git a/src/plugins/telemetry_management_section/README.md b/src/plugins/telemetry_management_section/README.md
index 0f795786720c9..c23a8591f6794 100644
--- a/src/plugins/telemetry_management_section/README.md
+++ b/src/plugins/telemetry_management_section/README.md
@@ -1,5 +1,5 @@
# Telemetry Management Section
-This plugin adds the Advanced Settings section for the Usage Data collection (aka Telemetry).
+This plugin adds the Advanced Settings section for the Usage and Security Data collection (aka Telemetry).
The reason for having it separated from the `telemetry` plugin is to avoid circular dependencies. The plugin `advancedSettings` depends on the `home` app that depends on the `telemetry` plugin because of the telemetry banner in the welcome screen.
diff --git a/src/plugins/telemetry_management_section/public/components/__snapshots__/opt_in_security_example_flyout.test.tsx.snap b/src/plugins/telemetry_management_section/public/components/__snapshots__/opt_in_security_example_flyout.test.tsx.snap
new file mode 100644
index 0000000000000..0b9d426008ca4
--- /dev/null
+++ b/src/plugins/telemetry_management_section/public/components/__snapshots__/opt_in_security_example_flyout.test.tsx.snap
@@ -0,0 +1,134 @@
+// Jest Snapshot v1, https://goo.gl/fbAQLP
+
+exports[`security flyout renders as expected renders as expected 1`] = `
+
+
+
+
+
+ Endpoint security data
+
+
+
+
+ This is a representative sample of the endpoint security alert event that we collect. Endpoint security data is collected only when the Elastic Endpoint is enabled. It includes information about the endpoint configuration and detection events.
+
+
+
+
+
+ {
+ "@timestamp": "2020-09-22T14:34:56.82202300Z",
+ "agent": {
+ "build": {
+ "original": "version: 7.9.1, compiled: Thu Aug 27 14:50:21 2020, branch: 7.9, commit: b594beb958817dee9b9d908191ed766d483df3ea"
+ },
+ "id": "22dd8544-bcac-46cb-b970-5e681bb99e0b",
+ "type": "endpoint",
+ "version": "7.9.1"
+ },
+ "Endpoint": {
+ "policy": {
+ "applied": {
+ "artifacts": {
+ "global": {
+ "identifiers": [
+ {
+ "sha256": "6a546aade5563d3e8dffc1fe2d93d33edda8f9ca3e17ac3cc9ac707620cb9ecd",
+ "name": "endpointpe-v4-blocklist"
+ },
+ {
+ "sha256": "04f9f87accc5d5aea433427bd1bd4ec6908f8528c78ceed26f70df7875a99385",
+ "name": "endpointpe-v4-exceptionlist"
+ },
+ {
+ "sha256": "1471838597fcd79a54ea4a3ec9a9beee1a86feaedab6c98e61102559ced822a8",
+ "name": "endpointpe-v4-model"
+ },
+ {
+ "sha256": "824859b0c6749cc31951d92a73bbdddfcfe9f38abfe432087934d4dab9766ce8",
+ "name": "global-exceptionlist-windows"
+ }
+ ],
+ "version": "1.0.0"
+ },
+ "user": {
+ "identifiers": [
+ {
+ "sha256": "d801aa1fb7ddcc330a5e3173372ea6af4a3d08ec58074478e85aa5603e926658",
+ "name": "endpoint-exceptionlist-windows-v1"
+ }
+ ],
+ "version": "1.0.0"
+ }
+ }
+ }
+ }
+ },
+ "ecs": {
+ "version": "1.5.0"
+ },
+ "elastic": {
+ "agent": {
+ "id": "b2e88aea-2671-402a-828a-957526bac315"
+ }
+ },
+ "file": {
+ "path": "C:\\\\Windows\\\\Temp\\\\mimikatz.exe",
+ "size": 1263880,
+ "created": "2020-05-19T07:50:06.0Z",
+ "accessed": "2020-09-22T14:29:19.93531400Z",
+ "mtime": "2020-09-22T14:29:03.6040000Z",
+ "directory": "C:\\\\Windows\\\\Temp",
+ "hash": {
+ "sha1": "c9fb7f8a4c6b7b12b493a99a8dc6901d17867388",
+ "sha256": "cb1553a3c88817e4cc774a5a93f9158f6785bd3815447d04b6c3f4c2c4b21ed7",
+ "md5": "465d5d850f54d9cde767bda90743df30"
+ },
+ "Ext": {
+ "code_signature": {
+ "trusted": true,
+ "subject_name": "Open Source Developer, Benjamin Delpy",
+ "exists": true,
+ "status": "trusted"
+ },
+ "malware_classification": {
+ "identifier": "endpointpe-v4-model",
+ "score": 0.99956864118576,
+ "threshold": 0.71,
+ "version": "0.0.0"
+ }
+ }
+ },
+ "host": {
+ "os": {
+ "Ext": {
+ "variant": "Windows 10 Enterprise Evaluation"
+ },
+ "kernel": "2004 (10.0.19041.388)",
+ "name": "Windows",
+ "family": "windows",
+ "version": "2004 (10.0.19041.388)",
+ "platform": "windows",
+ "full": "Windows 10 Enterprise Evaluation 2004 (10.0.19041.388)"
+ }
+ },
+ "event": {
+ "kind": "alert"
+ },
+ "cluster_uuid": "kLbKvSMcRiiFAR0t8LebDA",
+ "cluster_name": "elasticsearch"
+}
+
+
+
+
+`;
diff --git a/src/plugins/telemetry_management_section/public/components/__snapshots__/telemetry_management_section.test.tsx.snap b/src/plugins/telemetry_management_section/public/components/__snapshots__/telemetry_management_section.test.tsx.snap
index bed1bbeabb044..7357598c8495f 100644
--- a/src/plugins/telemetry_management_section/public/components/__snapshots__/telemetry_management_section.test.tsx.snap
+++ b/src/plugins/telemetry_management_section/public/components/__snapshots__/telemetry_management_section.test.tsx.snap
@@ -80,15 +80,32 @@ exports[`TelemetryManagementSectionComponent renders as expected 1`] = `
/>
-
-
-
+
+
+ ,
+ "endpointSecurityData":
+
+ ,
+ }
+ }
+ />
,
"displayName": "Provide usage statistics",
diff --git a/src/plugins/telemetry_management_section/public/components/opt_in_security_example_flyout.test.tsx b/src/plugins/telemetry_management_section/public/components/opt_in_security_example_flyout.test.tsx
new file mode 100644
index 0000000000000..c80d0daf5a695
--- /dev/null
+++ b/src/plugins/telemetry_management_section/public/components/opt_in_security_example_flyout.test.tsx
@@ -0,0 +1,27 @@
+/*
+ * Licensed to Elasticsearch B.V. under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch B.V. licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import React from 'react';
+import { shallowWithIntl } from 'test_utils/enzyme_helpers';
+import { OptInSecurityExampleFlyout } from './opt_in_security_example_flyout';
+
+describe('security flyout renders as expected', () => {
+ it('renders as expected', () => {
+ expect(shallowWithIntl()).toMatchSnapshot();
+ });
+});
diff --git a/src/plugins/telemetry_management_section/public/components/opt_in_security_example_flyout.tsx b/src/plugins/telemetry_management_section/public/components/opt_in_security_example_flyout.tsx
new file mode 100644
index 0000000000000..af0de5b268ddc
--- /dev/null
+++ b/src/plugins/telemetry_management_section/public/components/opt_in_security_example_flyout.tsx
@@ -0,0 +1,235 @@
+/*
+ * Licensed to Elasticsearch B.V. under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch B.V. licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import * as React from 'react';
+
+import {
+ EuiCallOut,
+ EuiCodeBlock,
+ EuiFlexGroup,
+ EuiFlexItem,
+ EuiFlyout,
+ EuiFlyoutHeader,
+ EuiFlyoutBody,
+ EuiLoadingSpinner,
+ EuiPortal, // EuiPortal is a temporary requirement to use EuiFlyout with "ownFocus"
+ EuiText,
+ EuiTextColor,
+ EuiTitle,
+} from '@elastic/eui';
+
+import { FormattedMessage } from '@kbn/i18n/react';
+
+interface Props {
+ onClose: () => void;
+}
+
+interface State {
+ isLoading: boolean;
+ hasPrivilegeToRead: boolean;
+}
+
+/**
+ * React component for displaying the example data associated with the Telemetry opt-in banner.
+ */
+export class OptInSecurityExampleFlyout extends React.PureComponent {
+ public readonly state: State = {
+ isLoading: true,
+ hasPrivilegeToRead: false,
+ };
+
+ async componentDidMount() {
+ try {
+ this.setState({
+ isLoading: false,
+ hasPrivilegeToRead: true,
+ });
+ } catch (err) {
+ this.setState({
+ isLoading: false,
+ hasPrivilegeToRead: err.status !== 403,
+ });
+ }
+ }
+
+ renderBody({ isLoading, hasPrivilegeToRead }: State) {
+ if (isLoading) {
+ return (
+
+
+
+
+
+ );
+ }
+
+ if (!hasPrivilegeToRead) {
+ return (
+
+ }
+ color="danger"
+ iconType="cross"
+ >
+
+
+ );
+ }
+
+ return (
+
+ {JSON.stringify(this.exampleSecurityPayload, null, 2)}
+
+ );
+ }
+
+ render() {
+ return (
+
+
+
+
+ Endpoint security data
+
+
+
+ This is a representative sample of the endpoint security alert event that we
+ collect. Endpoint security data is collected only when the Elastic Endpoint is
+ enabled. It includes information about the endpoint configuration and detection
+ events.
+
+
+
+ {this.renderBody(this.state)}
+
+
+ );
+ }
+
+ exampleSecurityPayload = {
+ '@timestamp': '2020-09-22T14:34:56.82202300Z',
+ agent: {
+ build: {
+ original:
+ 'version: 7.9.1, compiled: Thu Aug 27 14:50:21 2020, branch: 7.9, commit: b594beb958817dee9b9d908191ed766d483df3ea',
+ },
+ id: '22dd8544-bcac-46cb-b970-5e681bb99e0b',
+ type: 'endpoint',
+ version: '7.9.1',
+ },
+ Endpoint: {
+ policy: {
+ applied: {
+ artifacts: {
+ global: {
+ identifiers: [
+ {
+ sha256: '6a546aade5563d3e8dffc1fe2d93d33edda8f9ca3e17ac3cc9ac707620cb9ecd',
+ name: 'endpointpe-v4-blocklist',
+ },
+ {
+ sha256: '04f9f87accc5d5aea433427bd1bd4ec6908f8528c78ceed26f70df7875a99385',
+ name: 'endpointpe-v4-exceptionlist',
+ },
+ {
+ sha256: '1471838597fcd79a54ea4a3ec9a9beee1a86feaedab6c98e61102559ced822a8',
+ name: 'endpointpe-v4-model',
+ },
+ {
+ sha256: '824859b0c6749cc31951d92a73bbdddfcfe9f38abfe432087934d4dab9766ce8',
+ name: 'global-exceptionlist-windows',
+ },
+ ],
+ version: '1.0.0',
+ },
+ user: {
+ identifiers: [
+ {
+ sha256: 'd801aa1fb7ddcc330a5e3173372ea6af4a3d08ec58074478e85aa5603e926658',
+ name: 'endpoint-exceptionlist-windows-v1',
+ },
+ ],
+ version: '1.0.0',
+ },
+ },
+ },
+ },
+ },
+ ecs: {
+ version: '1.5.0',
+ },
+ elastic: {
+ agent: {
+ id: 'b2e88aea-2671-402a-828a-957526bac315',
+ },
+ },
+ file: {
+ path: 'C:\\Windows\\Temp\\mimikatz.exe',
+ size: 1263880,
+ created: '2020-05-19T07:50:06.0Z',
+ accessed: '2020-09-22T14:29:19.93531400Z',
+ mtime: '2020-09-22T14:29:03.6040000Z',
+ directory: 'C:\\Windows\\Temp',
+ hash: {
+ sha1: 'c9fb7f8a4c6b7b12b493a99a8dc6901d17867388',
+ sha256: 'cb1553a3c88817e4cc774a5a93f9158f6785bd3815447d04b6c3f4c2c4b21ed7',
+ md5: '465d5d850f54d9cde767bda90743df30',
+ },
+ Ext: {
+ code_signature: {
+ trusted: true,
+ subject_name: 'Open Source Developer, Benjamin Delpy',
+ exists: true,
+ status: 'trusted',
+ },
+ malware_classification: {
+ identifier: 'endpointpe-v4-model',
+ score: 0.99956864118576,
+ threshold: 0.71,
+ version: '0.0.0',
+ },
+ },
+ },
+ host: {
+ os: {
+ Ext: {
+ variant: 'Windows 10 Enterprise Evaluation',
+ },
+ kernel: '2004 (10.0.19041.388)',
+ name: 'Windows',
+ family: 'windows',
+ version: '2004 (10.0.19041.388)',
+ platform: 'windows',
+ full: 'Windows 10 Enterprise Evaluation 2004 (10.0.19041.388)',
+ },
+ },
+ event: {
+ kind: 'alert',
+ },
+ cluster_uuid: 'kLbKvSMcRiiFAR0t8LebDA',
+ cluster_name: 'elasticsearch',
+ };
+}
diff --git a/src/plugins/telemetry_management_section/public/components/telemetry_management_section.test.tsx b/src/plugins/telemetry_management_section/public/components/telemetry_management_section.test.tsx
index 0e2855f055540..993295746ea5b 100644
--- a/src/plugins/telemetry_management_section/public/components/telemetry_management_section.test.tsx
+++ b/src/plugins/telemetry_management_section/public/components/telemetry_management_section.test.tsx
@@ -212,7 +212,7 @@ describe('TelemetryManagementSectionComponent', () => {
/>
);
try {
- const toggleExampleComponent = component.find('p > EuiLink[onClick]');
+ const toggleExampleComponent = component.find('FormattedMessage > EuiLink[onClick]').at(0);
const updatedView = toggleExampleComponent.simulate('click');
updatedView.find('OptInExampleFlyout');
updatedView.simulate('close');
@@ -221,6 +221,42 @@ describe('TelemetryManagementSectionComponent', () => {
}
});
+ it('shows the OptInSecurityExampleFlyout', () => {
+ const onQueryMatchChange = jest.fn();
+ const telemetryService = new TelemetryService({
+ config: {
+ enabled: true,
+ url: '',
+ banner: true,
+ allowChangingOptInStatus: true,
+ optIn: false,
+ optInStatusUrl: '',
+ sendUsageFrom: 'browser',
+ },
+ reportOptInStatusChange: false,
+ notifications: coreStart.notifications,
+ http: coreSetup.http,
+ });
+
+ const component = mountWithIntl(
+
+ );
+ try {
+ const toggleExampleComponent = component.find('FormattedMessage > EuiLink[onClick]').at(1);
+ const updatedView = toggleExampleComponent.simulate('click');
+ updatedView.find('OptInSecurityExampleFlyout');
+ updatedView.simulate('close');
+ } finally {
+ component.unmount();
+ }
+ });
+
it('toggles the OptIn button', async () => {
const onQueryMatchChange = jest.fn();
const telemetryService = new TelemetryService({
diff --git a/src/plugins/telemetry_management_section/public/components/telemetry_management_section.tsx b/src/plugins/telemetry_management_section/public/components/telemetry_management_section.tsx
index 9ae0a3d12fbb5..822d8b49661c1 100644
--- a/src/plugins/telemetry_management_section/public/components/telemetry_management_section.tsx
+++ b/src/plugins/telemetry_management_section/public/components/telemetry_management_section.tsx
@@ -34,6 +34,7 @@ import { i18n } from '@kbn/i18n';
import { TelemetryPluginSetup } from 'src/plugins/telemetry/public';
import { PRIVACY_STATEMENT_URL } from '../../../telemetry/common/constants';
import { OptInExampleFlyout } from './opt_in_example_flyout';
+import { OptInSecurityExampleFlyout } from './opt_in_security_example_flyout';
import { LazyField } from '../../../advanced_settings/public';
import { ToastsStart } from '../../../../core/public';
@@ -53,6 +54,7 @@ interface Props {
interface State {
processing: boolean;
showExample: boolean;
+ showSecurityExample: boolean;
queryMatches: boolean | null;
enabled: boolean;
}
@@ -61,6 +63,7 @@ export class TelemetryManagementSection extends Component {
state: State = {
processing: false,
showExample: false,
+ showSecurityExample: false,
queryMatches: null,
enabled: this.props.telemetryService.getIsOptedIn() || false,
};
@@ -87,7 +90,7 @@ export class TelemetryManagementSection extends Component {
render() {
const { telemetryService } = this.props;
- const { showExample, queryMatches, enabled, processing } = this.state;
+ const { showExample, showSecurityExample, queryMatches, enabled, processing } = this.state;
if (!telemetryService.getCanChangeOptInStatus()) {
return null;
@@ -105,6 +108,7 @@ export class TelemetryManagementSection extends Component {
onClose={this.toggleExample}
/>
)}
+ {showSecurityExample && }
@@ -197,12 +201,25 @@ export class TelemetryManagementSection extends Component {
/>
-
-
-
+
+
+
+ ),
+ endpointSecurityData: (
+
+
+
+ ),
+ }}
+ />
);
@@ -245,6 +262,12 @@ export class TelemetryManagementSection extends Component {
showExample: !this.state.showExample,
});
};
+
+ toggleSecurityExample = () => {
+ this.setState({
+ showSecurityExample: !this.state.showSecurityExample,
+ });
+ };
}
// required for lazy loading
diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json
index 6bf3c72811aed..9b25c58f0621b 100644
--- a/x-pack/plugins/translations/translations/ja-JP.json
+++ b/x-pack/plugins/translations/translations/ja-JP.json
@@ -2967,7 +2967,6 @@
"telemetry.provideUsageStatisticsAriaName": "使用統計を提供",
"telemetry.provideUsageStatisticsTitle": "使用統計を提供",
"telemetry.readOurUsageDataPrivacyStatementLinkText": "プライバシーポリシー",
- "telemetry.seeExampleOfWhatWeCollectLinkText": "収集されるデータの例を見る",
"telemetry.telemetryBannerDescription": "Elastic Stackの改善にご協力ください使用状況データの収集は現在無効です。使用状況データの収集を有効にすると、製品とサービスを管理して改善することができます。詳細については、{privacyStatementLink}をご覧ください。",
"telemetry.telemetryConfigAndLinkDescription": "使用状況データの収集を有効にすると、製品とサービスを管理して改善することができます。詳細については、{privacyStatementLink}をご覧ください。",
"telemetry.telemetryConfigDescription": "基本的な機能の利用状況に関する統計情報を提供して、Elastic Stack の改善にご協力ください。このデータは Elastic 社外と共有されません。",
diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json
index 501357b1571ce..5d2df1807ab11 100644
--- a/x-pack/plugins/translations/translations/zh-CN.json
+++ b/x-pack/plugins/translations/translations/zh-CN.json
@@ -2968,7 +2968,6 @@
"telemetry.provideUsageStatisticsAriaName": "提供使用情况统计",
"telemetry.provideUsageStatisticsTitle": "提供使用情况统计",
"telemetry.readOurUsageDataPrivacyStatementLinkText": "隐私声明",
- "telemetry.seeExampleOfWhatWeCollectLinkText": "查看我们收集的内容示例",
"telemetry.telemetryBannerDescription": "想帮助我们改进 Elastic Stack?数据使用情况收集当前已禁用。启用数据使用情况收集可帮助我们管理并改善产品和服务。有关详情,请参阅我们的{privacyStatementLink}。",
"telemetry.telemetryConfigAndLinkDescription": "启用使用情况数据收集可帮助我们管理并改善产品和服务。有关更多详情,请参阅我们的{privacyStatementLink}。",
"telemetry.telemetryConfigDescription": "通过提供基本功能的使用情况统计信息,来帮助我们改进 Elastic Stack。我们不会在 Elastic 之外共享此数据。",