From 7df3f964ce31285162dd8bc7d3850691872d01d5 Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau Date: Wed, 18 Oct 2023 14:03:47 -0400 Subject: [PATCH 01/50] [RAM] fix Slack API proxy (#169171) ## Summary FIX -> https://github.com/elastic/kibana/issues/168701 ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --- .../actions/server/lib/axios_utils.test.ts | 21 +++++++++++++++- .../plugins/actions/server/lib/axios_utils.ts | 5 ++++ .../connector_types/slack_api/index.test.ts | 10 ++++++-- .../connector_types/slack_api/service.test.ts | 24 +++++++++++++++---- .../connector_types/slack_api/service.ts | 18 +++++++------- .../server/routes/valid_slack_api_channels.ts | 14 +++++------ 6 files changed, 68 insertions(+), 24 deletions(-) diff --git a/x-pack/plugins/actions/server/lib/axios_utils.test.ts b/x-pack/plugins/actions/server/lib/axios_utils.test.ts index 0cbc3cdde0046..43f16b4863e9a 100644 --- a/x-pack/plugins/actions/server/lib/axios_utils.test.ts +++ b/x-pack/plugins/actions/server/lib/axios_utils.test.ts @@ -5,7 +5,7 @@ * 2.0. */ -import axios from 'axios'; +import axios, { AxiosInstance } from 'axios'; import { Agent as HttpsAgent } from 'https'; import HttpProxyAgent from 'http-proxy-agent'; import { HttpsProxyAgent } from 'https-proxy-agent'; @@ -320,6 +320,25 @@ describe('request', () => { expect(axiosMock.mock.calls[0][1].timeout).toBe(360000); expect(axiosMock.mock.calls[1][1].timeout).toBe(360001); }); + + test('throw an error if you use baseUrl in your axios instance', async () => { + await expect(async () => { + await request({ + axios: { + ...axios, + defaults: { + ...axios.defaults, + baseURL: 'https://here-we-go.com', + }, + } as unknown as AxiosInstance, + url: '/test', + logger, + configurationUtilities, + }); + }).rejects.toThrowErrorMatchingInlineSnapshot( + `"Do not use \\"baseURL\\" in the creation of your axios instance because you will mostly break proxy"` + ); + }); }); describe('patch', () => { diff --git a/x-pack/plugins/actions/server/lib/axios_utils.ts b/x-pack/plugins/actions/server/lib/axios_utils.ts index bed2e512761a0..b623f427be681 100644 --- a/x-pack/plugins/actions/server/lib/axios_utils.ts +++ b/x-pack/plugins/actions/server/lib/axios_utils.ts @@ -41,6 +41,11 @@ export const request = async ({ timeout?: number; sslOverrides?: SSLSettings; } & AxiosRequestConfig): Promise => { + if (!isEmpty(axios?.defaults?.baseURL ?? '')) { + throw new Error( + `Do not use "baseURL" in the creation of your axios instance because you will mostly break proxy` + ); + } const { httpAgent, httpsAgent } = getCustomAgents( configurationUtilities, logger, diff --git a/x-pack/plugins/stack_connectors/server/connector_types/slack_api/index.test.ts b/x-pack/plugins/stack_connectors/server/connector_types/slack_api/index.test.ts index 62e7cf771d3cb..37f0209e6f393 100644 --- a/x-pack/plugins/stack_connectors/server/connector_types/slack_api/index.test.ts +++ b/x-pack/plugins/stack_connectors/server/connector_types/slack_api/index.test.ts @@ -32,6 +32,10 @@ const requestMock = utils.request as jest.Mock; const services: Services = actionsMock.createServices(); const mockedLogger: jest.Mocked = loggerMock.create(); +const headers = { + Authorization: 'Bearer some token', + 'Content-type': 'application/json; charset=UTF-8', +}; let connectorType: SlackApiConnectorType; let configurationUtilities: jest.Mocked; @@ -266,9 +270,10 @@ describe('execute', () => { expect(requestMock).toHaveBeenCalledWith({ axios, configurationUtilities, + headers, logger: mockedLogger, method: 'post', - url: 'chat.postMessage', + url: 'https://slack.com/api/chat.postMessage', data: { channel: 'general', text: 'some text' }, }); @@ -317,9 +322,10 @@ describe('execute', () => { expect(requestMock).toHaveBeenCalledWith({ axios, configurationUtilities, + headers, logger: mockedLogger, method: 'get', - url: 'conversations.info?channel=ZXCVBNM567', + url: 'https://slack.com/api/conversations.info?channel=ZXCVBNM567', }); expect(response).toEqual({ diff --git a/x-pack/plugins/stack_connectors/server/connector_types/slack_api/service.test.ts b/x-pack/plugins/stack_connectors/server/connector_types/slack_api/service.test.ts index 068bd8d5d923e..fa3e5d01b79d8 100644 --- a/x-pack/plugins/stack_connectors/server/connector_types/slack_api/service.test.ts +++ b/x-pack/plugins/stack_connectors/server/connector_types/slack_api/service.test.ts @@ -116,10 +116,14 @@ describe('Slack API service', () => { await service.validChannelId('channel_id_1'); expect(requestMock).toHaveBeenCalledWith({ axios, + headers: { + Authorization: 'Bearer token', + 'Content-type': 'application/json; charset=UTF-8', + }, logger, configurationUtilities, method: 'get', - url: 'conversations.info?channel=channel_id_1', + url: 'https://slack.com/api/conversations.info?channel=channel_id_1', }); }); @@ -146,10 +150,14 @@ describe('Slack API service', () => { expect(requestMock).toHaveBeenCalledTimes(1); expect(requestMock).toHaveBeenNthCalledWith(1, { axios, + headers: { + Authorization: 'Bearer token', + 'Content-type': 'application/json; charset=UTF-8', + }, logger, configurationUtilities, method: 'post', - url: 'chat.postMessage', + url: 'https://slack.com/api/chat.postMessage', data: { channel: 'general', text: 'a message' }, }); }); @@ -166,10 +174,14 @@ describe('Slack API service', () => { expect(requestMock).toHaveBeenCalledTimes(1); expect(requestMock).toHaveBeenNthCalledWith(1, { axios, + headers: { + Authorization: 'Bearer token', + 'Content-type': 'application/json; charset=UTF-8', + }, logger, configurationUtilities, method: 'post', - url: 'chat.postMessage', + url: 'https://slack.com/api/chat.postMessage', data: { channel: 'QWEERTYU987', text: 'a message' }, }); }); @@ -183,9 +195,13 @@ describe('Slack API service', () => { expect(requestMock).toHaveBeenNthCalledWith(1, { axios, logger, + headers: { + Authorization: 'Bearer token', + 'Content-type': 'application/json; charset=UTF-8', + }, configurationUtilities, method: 'post', - url: 'chat.postMessage', + url: 'https://slack.com/api/chat.postMessage', data: { channel: 'QWEERTYU987', text: 'a message' }, }); }); diff --git a/x-pack/plugins/stack_connectors/server/connector_types/slack_api/service.ts b/x-pack/plugins/stack_connectors/server/connector_types/slack_api/service.ts index f4ecb95571257..63746cc85dc78 100644 --- a/x-pack/plugins/stack_connectors/server/connector_types/slack_api/service.ts +++ b/x-pack/plugins/stack_connectors/server/connector_types/slack_api/service.ts @@ -120,13 +120,11 @@ export const createExternalService = ( throw Error(`[Action][${SLACK_CONNECTOR_NAME}]: Wrong configuration.`); } - const axiosInstance = axios.create({ - baseURL: SLACK_URL, - headers: { - Authorization: `Bearer ${token}`, - 'Content-type': 'application/json; charset=UTF-8', - }, - }); + const axiosInstance = axios.create(); + const headers = { + Authorization: `Bearer ${token}`, + 'Content-type': 'application/json; charset=UTF-8', + }; const validChannelId = async ( channelId: string @@ -138,7 +136,8 @@ export const createExternalService = ( configurationUtilities, logger, method: 'get', - url: `conversations.info?channel=${channelId}`, + headers, + url: `${SLACK_URL}conversations.info?channel=${channelId}`, }); }; if (channelId.length === 0) { @@ -198,9 +197,10 @@ export const createExternalService = ( const result: AxiosResponse = await request({ axios: axiosInstance, method: 'post', - url: 'chat.postMessage', + url: `${SLACK_URL}chat.postMessage`, logger, data: { channel: channelToUse, text }, + headers, configurationUtilities, }); diff --git a/x-pack/plugins/stack_connectors/server/routes/valid_slack_api_channels.ts b/x-pack/plugins/stack_connectors/server/routes/valid_slack_api_channels.ts index 434f989f56e92..cd2cb113a6750 100644 --- a/x-pack/plugins/stack_connectors/server/routes/valid_slack_api_channels.ts +++ b/x-pack/plugins/stack_connectors/server/routes/valid_slack_api_channels.ts @@ -48,13 +48,7 @@ export const validSlackApiChannelsRoute = ( ): Promise { const { authToken, channelIds } = req.body; - const axiosInstance = axios.create({ - baseURL: SLACK_URL, - headers: { - Authorization: `Bearer ${authToken}`, - 'Content-type': 'application/json; charset=UTF-8', - }, - }); + const axiosInstance = axios.create(); const validChannelId = ( channelId: string = '' @@ -62,9 +56,13 @@ export const validSlackApiChannelsRoute = ( return request({ axios: axiosInstance, configurationUtilities, + headers: { + Authorization: `Bearer ${authToken}`, + 'Content-type': 'application/json; charset=UTF-8', + }, logger, method: 'get', - url: `conversations.info?channel=${channelId}`, + url: `${SLACK_URL}conversations.info?channel=${channelId}`, }); }; From 8284398023648e850a8ca038bce8be6cc85cc51f Mon Sep 17 00:00:00 2001 From: Steph Milovic Date: Wed, 18 Oct 2023 12:06:03 -0600 Subject: [PATCH 02/50] [Security solution] Fix OpenAI token reporting (#169156) --- .../impl/assistant/api.test.tsx | 17 +++++--- .../impl/assistant/api.tsx | 7 +-- .../server/__mocks__/action_result_data.ts | 5 ++- .../elastic_assistant/server/lib/executor.ts | 43 +++++++++++++++++++ .../langchain/llm/actions_client_llm.test.ts | 5 ++- .../lib/langchain/llm/actions_client_llm.ts | 3 +- .../server/routes/evaluate/post_evaluate.ts | 1 + .../post_actions_connector_execute.test.ts | 41 +++++++++++++++++- .../routes/post_actions_connector_execute.ts | 9 ++++ .../schemas/post_actions_connector_execute.ts | 1 + .../stack_connectors/common/bedrock/schema.ts | 4 +- .../stack_connectors/common/openai/schema.ts | 12 +++++- .../connector_types/bedrock/bedrock.test.ts | 4 +- .../server/connector_types/bedrock/bedrock.ts | 2 +- .../connector_types/openai/openai.test.ts | 8 +++- .../server/connector_types/openai/openai.ts | 10 ++++- .../tests/actions/connector_types/bedrock.ts | 2 +- 17 files changed, 147 insertions(+), 27 deletions(-) create mode 100644 x-pack/plugins/elastic_assistant/server/lib/executor.ts diff --git a/x-pack/packages/kbn-elastic-assistant/impl/assistant/api.test.tsx b/x-pack/packages/kbn-elastic-assistant/impl/assistant/api.test.tsx index 33dc820f449fa..e8feefbfd2533 100644 --- a/x-pack/packages/kbn-elastic-assistant/impl/assistant/api.test.tsx +++ b/x-pack/packages/kbn-elastic-assistant/impl/assistant/api.test.tsx @@ -54,7 +54,7 @@ describe('API tests', () => { expect(mockHttp.fetch).toHaveBeenCalledWith( '/internal/elastic_assistant/actions/connector/foo/_execute', { - body: '{"params":{"subActionParams":{"model":"gpt-4","messages":[{"role":"user","content":"This is a test"}],"n":1,"stop":null,"temperature":0.2},"subAction":"invokeAI"}}', + body: '{"params":{"subActionParams":{"model":"gpt-4","messages":[{"role":"user","content":"This is a test"}],"n":1,"stop":null,"temperature":0.2},"subAction":"invokeAI"},"assistantLangChain":true}', headers: { 'Content-Type': 'application/json' }, method: 'POST', signal: undefined, @@ -72,12 +72,15 @@ describe('API tests', () => { await fetchConnectorExecuteAction(testProps); - expect(mockHttp.fetch).toHaveBeenCalledWith('/api/actions/connector/foo/_execute', { - body: '{"params":{"subActionParams":{"model":"gpt-4","messages":[{"role":"user","content":"This is a test"}],"n":1,"stop":null,"temperature":0.2},"subAction":"invokeAI"}}', - headers: { 'Content-Type': 'application/json' }, - method: 'POST', - signal: undefined, - }); + expect(mockHttp.fetch).toHaveBeenCalledWith( + '/internal/elastic_assistant/actions/connector/foo/_execute', + { + body: '{"params":{"subActionParams":{"model":"gpt-4","messages":[{"role":"user","content":"This is a test"}],"n":1,"stop":null,"temperature":0.2},"subAction":"invokeAI"},"assistantLangChain":false}', + headers: { 'Content-Type': 'application/json' }, + method: 'POST', + signal: undefined, + } + ); }); it('returns API_ERROR when the response status is not ok', async () => { diff --git a/x-pack/packages/kbn-elastic-assistant/impl/assistant/api.tsx b/x-pack/packages/kbn-elastic-assistant/impl/assistant/api.tsx index c7c1254656d61..8ccb2e72cfee9 100644 --- a/x-pack/packages/kbn-elastic-assistant/impl/assistant/api.tsx +++ b/x-pack/packages/kbn-elastic-assistant/impl/assistant/api.tsx @@ -59,19 +59,16 @@ export const fetchConnectorExecuteAction = async ({ subActionParams: body, subAction: 'invokeAI', }, + assistantLangChain, }; try { - const path = assistantLangChain - ? `/internal/elastic_assistant/actions/connector/${apiConfig?.connectorId}/_execute` - : `/api/actions/connector/${apiConfig?.connectorId}/_execute`; - const response = await http.fetch<{ connector_id: string; status: string; data: string; service_message?: string; - }>(path, { + }>(`/internal/elastic_assistant/actions/connector/${apiConfig?.connectorId}/_execute`, { method: 'POST', headers: { 'Content-Type': 'application/json', diff --git a/x-pack/plugins/elastic_assistant/server/__mocks__/action_result_data.ts b/x-pack/plugins/elastic_assistant/server/__mocks__/action_result_data.ts index 17aa4b83ca67b..dbc095a334cea 100644 --- a/x-pack/plugins/elastic_assistant/server/__mocks__/action_result_data.ts +++ b/x-pack/plugins/elastic_assistant/server/__mocks__/action_result_data.ts @@ -5,4 +5,7 @@ * 2.0. */ -export const mockActionResponse = 'Yes, your name is Andrew. How can I assist you further, Andrew?'; +export const mockActionResponse = { + message: 'Yes, your name is Andrew. How can I assist you further, Andrew?', + usage: { prompt_tokens: 4, completion_tokens: 10, total_tokens: 14 }, +}; diff --git a/x-pack/plugins/elastic_assistant/server/lib/executor.ts b/x-pack/plugins/elastic_assistant/server/lib/executor.ts new file mode 100644 index 0000000000000..936e3781731d8 --- /dev/null +++ b/x-pack/plugins/elastic_assistant/server/lib/executor.ts @@ -0,0 +1,43 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { get } from 'lodash/fp'; +import { PluginStartContract as ActionsPluginStart } from '@kbn/actions-plugin/server'; +import { KibanaRequest } from '@kbn/core-http-server'; +import { RequestBody } from './langchain/types'; + +interface Props { + actions: ActionsPluginStart; + connectorId: string; + request: KibanaRequest; +} +interface StaticResponse { + connector_id: string; + data: string; + status: string; +} + +export const executeAction = async ({ + actions, + request, + connectorId, +}: Props): Promise => { + const actionsClient = await actions.getActionsClientWithRequest(request); + const actionResult = await actionsClient.execute({ + actionId: connectorId, + params: request.body.params, + }); + const content = get('data.message', actionResult); + if (typeof content === 'string') { + return { + connector_id: connectorId, + data: content, // the response from the actions framework + status: 'ok', + }; + } + throw new Error('Unexpected action result'); +}; diff --git a/x-pack/plugins/elastic_assistant/server/lib/langchain/llm/actions_client_llm.test.ts b/x-pack/plugins/elastic_assistant/server/lib/langchain/llm/actions_client_llm.test.ts index b5f8fa7e88c74..5c27cdef4d3e1 100644 --- a/x-pack/plugins/elastic_assistant/server/lib/langchain/llm/actions_client_llm.test.ts +++ b/x-pack/plugins/elastic_assistant/server/lib/langchain/llm/actions_client_llm.test.ts @@ -51,6 +51,7 @@ const mockRequest: KibanaRequest = { }, subAction: 'invokeAI', }, + assistantLangChain: true, }, } as KibanaRequest; @@ -72,7 +73,7 @@ describe('ActionsClientLlm', () => { await actionsClientLlm._call(prompt); // ignore the result - expect(actionsClientLlm.getActionResultData()).toEqual(mockActionResponse); + expect(actionsClientLlm.getActionResultData()).toEqual(mockActionResponse.message); }); }); @@ -141,7 +142,7 @@ describe('ActionsClientLlm', () => { }); it('rejects with the expected error the message has invalid content', async () => { - const invalidContent = 1234; + const invalidContent = { message: 1234 }; mockExecute.mockImplementation(() => ({ data: invalidContent, diff --git a/x-pack/plugins/elastic_assistant/server/lib/langchain/llm/actions_client_llm.ts b/x-pack/plugins/elastic_assistant/server/lib/langchain/llm/actions_client_llm.ts index e4403b64d6e0d..f499452e1d764 100644 --- a/x-pack/plugins/elastic_assistant/server/lib/langchain/llm/actions_client_llm.ts +++ b/x-pack/plugins/elastic_assistant/server/lib/langchain/llm/actions_client_llm.ts @@ -92,9 +92,8 @@ export class ActionsClientLlm extends LLM { `${LLM_TYPE}: action result status is error: ${actionResult?.message} - ${actionResult?.serviceMessage}` ); } - // TODO: handle errors from the connector - const content = get('data', actionResult); + const content = get('data.message', actionResult); if (typeof content !== 'string') { throw new Error( diff --git a/x-pack/plugins/elastic_assistant/server/routes/evaluate/post_evaluate.ts b/x-pack/plugins/elastic_assistant/server/routes/evaluate/post_evaluate.ts index b65822524f1cd..1b533e49c4cfe 100644 --- a/x-pack/plugins/elastic_assistant/server/routes/evaluate/post_evaluate.ts +++ b/x-pack/plugins/elastic_assistant/server/routes/evaluate/post_evaluate.ts @@ -105,6 +105,7 @@ export const postEvaluateRoute = ( messages: [], }, }, + assistantLangChain: true, }, }; diff --git a/x-pack/plugins/elastic_assistant/server/routes/post_actions_connector_execute.test.ts b/x-pack/plugins/elastic_assistant/server/routes/post_actions_connector_execute.test.ts index fa0afb540dc30..507246670833c 100644 --- a/x-pack/plugins/elastic_assistant/server/routes/post_actions_connector_execute.test.ts +++ b/x-pack/plugins/elastic_assistant/server/routes/post_actions_connector_execute.test.ts @@ -19,6 +19,13 @@ import { coreMock } from '@kbn/core/server/mocks'; jest.mock('../lib/build_response', () => ({ buildResponse: jest.fn().mockImplementation((x) => x), })); +jest.mock('../lib/executor', () => ({ + executeAction: jest.fn().mockImplementation((x) => ({ + connector_id: 'mock-connector-id', + data: mockActionResponse, + status: 'ok', + })), +})); jest.mock('../lib/langchain/execute_custom_llm_chain', () => ({ callAgentExecutor: jest.fn().mockImplementation( @@ -82,6 +89,7 @@ const mockRequest = { }, subAction: 'invokeAI', }, + assistantLangChain: true, }, }; @@ -97,7 +105,38 @@ describe('postActionsConnectorExecuteRoute', () => { jest.clearAllMocks(); }); - it('returns the expected response', async () => { + it('returns the expected response when assistantLangChain=false', async () => { + const mockRouter = { + post: jest.fn().mockImplementation(async (_, handler) => { + const result = await handler( + mockContext, + { + ...mockRequest, + body: { + ...mockRequest.body, + assistantLangChain: false, + }, + }, + mockResponse + ); + + expect(result).toEqual({ + body: { + connector_id: 'mock-connector-id', + data: mockActionResponse, + status: 'ok', + }, + }); + }), + }; + + await postActionsConnectorExecuteRoute( + mockRouter as unknown as IRouter, + mockGetElser + ); + }); + + it('returns the expected response when assistantLangChain=true', async () => { const mockRouter = { post: jest.fn().mockImplementation(async (_, handler) => { const result = await handler(mockContext, mockRequest, mockResponse); diff --git a/x-pack/plugins/elastic_assistant/server/routes/post_actions_connector_execute.ts b/x-pack/plugins/elastic_assistant/server/routes/post_actions_connector_execute.ts index 5303796d1c983..8da820288ae1b 100644 --- a/x-pack/plugins/elastic_assistant/server/routes/post_actions_connector_execute.ts +++ b/x-pack/plugins/elastic_assistant/server/routes/post_actions_connector_execute.ts @@ -7,6 +7,7 @@ import { IRouter, Logger } from '@kbn/core/server'; import { transformError } from '@kbn/securitysolution-es-utils'; +import { executeAction } from '../lib/executor'; import { POST_ACTIONS_CONNECTOR_EXECUTE } from '../../common/constants'; import { getLangChainMessages } from '../lib/langchain/helpers'; import { buildResponse } from '../lib/build_response'; @@ -41,6 +42,14 @@ export const postActionsConnectorExecuteRoute = ( // get the actions plugin start contract from the request context: const actions = (await context.elasticAssistant).actions; + // if not langchain, call execute action directly and return the response: + if (!request.body.assistantLangChain) { + const result = await executeAction({ actions, request, connectorId }); + return response.ok({ + body: result, + }); + } + // get a scoped esClient for assistant memory const esClient = (await context.core).elasticsearch.client.asCurrentUser; diff --git a/x-pack/plugins/elastic_assistant/server/schemas/post_actions_connector_execute.ts b/x-pack/plugins/elastic_assistant/server/schemas/post_actions_connector_execute.ts index b30ccd94e105b..7a8d52e725722 100644 --- a/x-pack/plugins/elastic_assistant/server/schemas/post_actions_connector_execute.ts +++ b/x-pack/plugins/elastic_assistant/server/schemas/post_actions_connector_execute.ts @@ -34,6 +34,7 @@ export const PostActionsConnectorExecuteBody = t.type({ ]), subAction: t.string, }), + assistantLangChain: t.boolean, }); export type PostActionsConnectorExecuteBodyInputs = t.TypeOf< diff --git a/x-pack/plugins/stack_connectors/common/bedrock/schema.ts b/x-pack/plugins/stack_connectors/common/bedrock/schema.ts index ac23ed9667ada..64699253c709f 100644 --- a/x-pack/plugins/stack_connectors/common/bedrock/schema.ts +++ b/x-pack/plugins/stack_connectors/common/bedrock/schema.ts @@ -34,7 +34,9 @@ export const InvokeAIActionParamsSchema = schema.object({ model: schema.maybe(schema.string()), }); -export const InvokeAIActionResponseSchema = schema.string(); +export const InvokeAIActionResponseSchema = schema.object({ + message: schema.string(), +}); export const RunActionResponseSchema = schema.object( { diff --git a/x-pack/plugins/stack_connectors/common/openai/schema.ts b/x-pack/plugins/stack_connectors/common/openai/schema.ts index fa14aa61fa5b3..fd0b872ab9f36 100644 --- a/x-pack/plugins/stack_connectors/common/openai/schema.ts +++ b/x-pack/plugins/stack_connectors/common/openai/schema.ts @@ -44,7 +44,17 @@ export const InvokeAIActionParamsSchema = schema.object({ temperature: schema.maybe(schema.number()), }); -export const InvokeAIActionResponseSchema = schema.string(); +export const InvokeAIActionResponseSchema = schema.object({ + message: schema.string(), + usage: schema.object( + { + prompt_tokens: schema.number(), + completion_tokens: schema.number(), + total_tokens: schema.number(), + }, + { unknowns: 'ignore' } + ), +}); // Execute action schema export const StreamActionParamsSchema = schema.object({ diff --git a/x-pack/plugins/stack_connectors/server/connector_types/bedrock/bedrock.test.ts b/x-pack/plugins/stack_connectors/server/connector_types/bedrock/bedrock.test.ts index 7ee8fd54833c7..dcd3d70f9b4ff 100644 --- a/x-pack/plugins/stack_connectors/server/connector_types/bedrock/bedrock.test.ts +++ b/x-pack/plugins/stack_connectors/server/connector_types/bedrock/bedrock.test.ts @@ -109,7 +109,7 @@ describe('BedrockConnector', () => { stop_sequences: ['\n\nHuman:'], }), }); - expect(response).toEqual(mockResponseString); + expect(response.message).toEqual(mockResponseString); }); it('Properly formats messages from user, assistant, and system', async () => { @@ -148,7 +148,7 @@ describe('BedrockConnector', () => { stop_sequences: ['\n\nHuman:'], }), }); - expect(response).toEqual(mockResponseString); + expect(response.message).toEqual(mockResponseString); }); it('errors during API calls are properly handled', async () => { diff --git a/x-pack/plugins/stack_connectors/server/connector_types/bedrock/bedrock.ts b/x-pack/plugins/stack_connectors/server/connector_types/bedrock/bedrock.ts index 6510731f8ad7e..0e1235312a52c 100644 --- a/x-pack/plugins/stack_connectors/server/connector_types/bedrock/bedrock.ts +++ b/x-pack/plugins/stack_connectors/server/connector_types/bedrock/bedrock.ts @@ -150,6 +150,6 @@ export class BedrockConnector extends SubActionConnector { }; const res = await this.runApi({ body: JSON.stringify(req), model }); - return res.completion.trim(); + return { message: res.completion.trim() }; } } diff --git a/x-pack/plugins/stack_connectors/server/connector_types/openai/openai.test.ts b/x-pack/plugins/stack_connectors/server/connector_types/openai/openai.test.ts index 00f3b67aafb97..0a4a6a2931d8d 100644 --- a/x-pack/plugins/stack_connectors/server/connector_types/openai/openai.test.ts +++ b/x-pack/plugins/stack_connectors/server/connector_types/openai/openai.test.ts @@ -37,6 +37,11 @@ describe('OpenAIConnector', () => { index: 0, }, ], + usage: { + prompt_tokens: 4, + completion_tokens: 5, + total_tokens: 9, + }, }, }; beforeEach(() => { @@ -273,7 +278,8 @@ describe('OpenAIConnector', () => { 'content-type': 'application/json', }, }); - expect(response).toEqual(mockResponseString); + expect(response.message).toEqual(mockResponseString); + expect(response.usage.total_tokens).toEqual(9); }); it('errors during API calls are properly handled', async () => { diff --git a/x-pack/plugins/stack_connectors/server/connector_types/openai/openai.ts b/x-pack/plugins/stack_connectors/server/connector_types/openai/openai.ts index 21c7bc4abdcc0..7413ba56090a1 100644 --- a/x-pack/plugins/stack_connectors/server/connector_types/openai/openai.ts +++ b/x-pack/plugins/stack_connectors/server/connector_types/openai/openai.ts @@ -192,9 +192,15 @@ export class OpenAIConnector extends SubActionConnector { if (res.choices && res.choices.length > 0 && res.choices[0].message?.content) { const result = res.choices[0].message.content.trim(); - return result; + return { message: result, usage: res.usage }; } - return 'An error occurred sending your message. \n\nAPI Error: The response from OpenAI was in an unrecognized format.'; + return { + message: + 'An error occurred sending your message. \n\nAPI Error: The response from OpenAI was in an unrecognized format.', + ...(res.usage + ? { usage: res.usage } + : { usage: { prompt_tokens: 0, completion_tokens: 0, total_tokens: 0 } }), + }; } } diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/group2/tests/actions/connector_types/bedrock.ts b/x-pack/test/alerting_api_integration/security_and_spaces/group2/tests/actions/connector_types/bedrock.ts index 4983d19d36b69..67053bef7801b 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/group2/tests/actions/connector_types/bedrock.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/group2/tests/actions/connector_types/bedrock.ts @@ -404,7 +404,7 @@ export default function bedrockTest({ getService }: FtrProviderContext) { expect(body).to.eql({ status: 'ok', connector_id: bedrockActionId, - data: bedrockSuccessResponse.completion, + data: { message: bedrockSuccessResponse.completion }, }); }); }); From 726558959f8ab584628047992113f392adf95a54 Mon Sep 17 00:00:00 2001 From: Alexi Doak <109488926+doakalexi@users.noreply.github.com> Date: Wed, 18 Oct 2023 11:18:20 -0700 Subject: [PATCH 03/50] [ResponseOps][Alerting] Implement and onboard query delay mechanism for Alerting rules (#168735) Resolves https://github.com/elastic/kibana/issues/167061 ## Summary This PR will merge the query delay feature branch in to main, and includes the following PRs: [[ResponseOps][Alerting] Onboard query delay mechanism for Alerting rules](https://github.com/elastic/kibana/pull/167363) [[ResponseOps][Alerting] Implement a query delay mechanism for Alerting rules](https://github.com/elastic/kibana/pull/167433) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Ying Mao --- .../routes/rules_settings/apis/get/index.ts | 10 + .../rules_settings/apis/get/types/latest.ts | 8 + .../rules_settings/apis/get/types/v1.ts | 11 + .../rules_settings/apis/update/index.ts | 18 + .../apis/update/schemas/latest.ts | 8 + .../rules_settings/apis/update/schemas/v1.ts | 12 + .../apis/update/types/latest.ts | 8 + .../rules_settings/apis/update/types/v1.ts | 16 + .../routes/rules_settings/response/index.ts | 12 + .../rules_settings/response/schemas/latest.ts | 8 + .../rules_settings/response/schemas/v1.ts | 20 + .../rules_settings/response/types/latest.ts | 8 + .../rules_settings/response/types/v1.ts | 11 + .../plugins/alerting/common/rules_settings.ts | 33 +- .../server/lib/get_time_range.test.ts | 61 +++ .../alerting/server/lib/get_time_range.ts | 40 ++ x-pack/plugins/alerting/server/plugin.ts | 2 + .../plugins/alerting/server/routes/index.ts | 4 + .../apis/get/get_query_delay_settings.test.ts | 72 ++++ .../apis/get/get_query_delay_settings.ts | 39 ++ .../update_query_delay_settings.test.ts | 88 ++++ .../update/update_query_delay_settings.ts | 49 +++ .../routes/rules_settings/transforms/index.ts | 10 + .../latest.ts | 8 + .../v1.ts | 23 ++ .../server/rules_settings_client.mock.ts | 14 +- .../rules_settings_flapping_client.test.ts | 269 +++++++++++- .../rules_settings_flapping_client.ts | 89 +++- .../server/rules_settings_client/index.ts | 1 + .../rules_settings_query_delay_client.test.ts | 385 ++++++++++++++++++ .../rules_settings_query_delay_client.ts | 179 ++++++++ .../rules_settings_client.test.ts | 256 +----------- .../rules_settings_client.ts | 82 +--- .../schemas/flapping_schema.ts | 14 + .../rules_settings_client/schemas/index.ts | 9 + .../schemas/query_delay_schema.ts | 12 + .../rules_settings_client_factory.test.ts | 4 + .../server/rules_settings_client_factory.ts | 4 + .../alerting/server/rules_settings_feature.ts | 39 ++ .../server/task_runner/task_runner.ts | 4 + x-pack/plugins/alerting/server/types.ts | 8 +- .../register_anomaly_rule_type.test.ts | 6 +- .../anomaly/register_anomaly_rule_type.ts | 22 +- .../register_error_count_rule_type.ts | 7 +- ...register_transaction_duration_rule_type.ts | 13 +- ...gister_transaction_error_rate_rule_type.ts | 7 +- .../server/routes/alerts/test_utils/index.ts | 4 + ...nventory_metric_threshold_executor.test.ts | 4 + .../metric_threshold_executor.test.ts | 4 + .../custom_threshold_executor.test.ts | 4 + .../custom_threshold_executor.ts | 5 +- .../lib/create_timerange.test.ts | 170 +++----- .../custom_threshold/lib/create_timerange.ts | 19 +- .../custom_threshold/lib/evaluate_rule.ts | 2 +- .../lib/rules/slo_burn_rate/executor.test.ts | 11 + .../lib/rules/slo_burn_rate/executor.ts | 33 +- .../slo_burn_rate/lib/build_query.test.ts | 17 +- .../rules/slo_burn_rate/lib/build_query.ts | 43 +- .../lib/rules/slo_burn_rate/lib/evaluate.ts | 19 +- .../utils/create_lifecycle_rule_type.test.ts | 4 + .../utils/rule_executor.test_helpers.ts | 4 + ...gacy_rules_notification_alert_type.test.ts | 4 + .../rule_preview/api/preview_rules/route.ts | 4 + .../rule_types/es_query/executor.test.ts | 69 +--- .../server/rule_types/es_query/executor.ts | 60 +-- .../es_query/lib/fetch_es_query.test.ts | 37 +- .../rule_types/es_query/lib/fetch_es_query.ts | 17 +- .../es_query/lib/fetch_esql_query.test.ts | 32 +- .../es_query/lib/fetch_esql_query.ts | 34 +- .../lib/fetch_search_source_query.test.ts | 45 +- .../es_query/lib/fetch_search_source_query.ts | 36 +- .../es_query/lib/get_search_params.ts | 56 --- .../rule_types/es_query/rule_type.test.ts | 107 ++--- .../server/rule_types/es_query/util.test.ts | 51 +++ .../server/rule_types/es_query/util.ts | 28 ++ .../index_threshold/rule_type.test.ts | 9 + .../rule_types/index_threshold/rule_type.ts | 13 +- .../translations/translations/fr-FR.json | 2 - .../translations/translations/ja-JP.json | 2 - .../translations/translations/zh-CN.json | 2 - .../rules_settings_flapping_form_section.tsx | 73 +--- .../rules_settings_flapping_section.tsx | 185 +++++++++ .../rules_settings_query_delay_section.tsx | 123 ++++++ .../rules_settings_link.stories.tsx | 6 + .../rules_settings_link.test.tsx | 79 +++- .../rules_setting/rules_settings_link.tsx | 4 +- .../rules_settings_modal.test.tsx | 164 +++++++- .../rules_setting/rules_settings_modal.tsx | 249 +++++------ .../rules_setting/rules_settings_range.tsx | 51 +++ .../hooks/use_get_flapping_settings.ts | 15 +- .../use_get_query_delay_setting.test.tsx | 57 +++ .../hooks/use_get_query_delay_settings.ts | 40 ++ .../hooks/use_update_rules_settings.test.tsx | 109 +++++ ...ttings.ts => use_update_rules_settings.ts} | 20 +- .../rule_api/get_query_delay_settings.test.ts | 30 ++ .../lib/rule_api/get_query_delay_settings.ts | 22 + .../update_query_delay_settings.test.ts | 33 ++ .../rule_api/update_query_delay_settings.ts | 44 ++ .../server/data/lib/time_series_query.test.ts | 22 + .../server/data/lib/time_series_query.ts | 13 +- .../common/lib/reset_rules_settings.ts | 17 +- .../alerting/get_query_delay_settings.ts | 65 +++ .../group3/tests/alerting/index.ts | 2 + .../alerting/update_query_delay_settings.ts | 103 +++++ .../apis/security/privileges.ts | 2 + .../apis/security/privileges_basic.ts | 2 + .../triggers_actions_ui/rules_settings.ts | 30 +- 107 files changed, 3394 insertions(+), 1120 deletions(-) create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/apis/get/index.ts create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/apis/get/types/latest.ts create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/apis/get/types/v1.ts create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/apis/update/index.ts create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/apis/update/schemas/latest.ts create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/apis/update/schemas/v1.ts create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/apis/update/types/latest.ts create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/apis/update/types/v1.ts create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/response/index.ts create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/response/schemas/latest.ts create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/response/schemas/v1.ts create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/response/types/latest.ts create mode 100644 x-pack/plugins/alerting/common/routes/rules_settings/response/types/v1.ts create mode 100644 x-pack/plugins/alerting/server/lib/get_time_range.test.ts create mode 100644 x-pack/plugins/alerting/server/lib/get_time_range.ts create mode 100644 x-pack/plugins/alerting/server/routes/rules_settings/apis/get/get_query_delay_settings.test.ts create mode 100644 x-pack/plugins/alerting/server/routes/rules_settings/apis/get/get_query_delay_settings.ts create mode 100644 x-pack/plugins/alerting/server/routes/rules_settings/apis/update/update_query_delay_settings.test.ts create mode 100644 x-pack/plugins/alerting/server/routes/rules_settings/apis/update/update_query_delay_settings.ts create mode 100644 x-pack/plugins/alerting/server/routes/rules_settings/transforms/index.ts create mode 100644 x-pack/plugins/alerting/server/routes/rules_settings/transforms/transform_query_delay_settings_to_response/latest.ts create mode 100644 x-pack/plugins/alerting/server/routes/rules_settings/transforms/transform_query_delay_settings_to_response/v1.ts create mode 100644 x-pack/plugins/alerting/server/rules_settings_client/query_delay/rules_settings_query_delay_client.test.ts create mode 100644 x-pack/plugins/alerting/server/rules_settings_client/query_delay/rules_settings_query_delay_client.ts create mode 100644 x-pack/plugins/alerting/server/rules_settings_client/schemas/flapping_schema.ts create mode 100644 x-pack/plugins/alerting/server/rules_settings_client/schemas/index.ts create mode 100644 x-pack/plugins/alerting/server/rules_settings_client/schemas/query_delay_schema.ts delete mode 100644 x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/get_search_params.ts create mode 100644 x-pack/plugins/stack_alerts/server/rule_types/es_query/util.test.ts rename x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/{ => flapping}/rules_settings_flapping_form_section.tsx (77%) create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/flapping/rules_settings_flapping_section.tsx create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/query_delay/rules_settings_query_delay_section.tsx create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_range.tsx create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/hooks/use_get_query_delay_setting.test.tsx create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/hooks/use_get_query_delay_settings.ts create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/hooks/use_update_rules_settings.test.tsx rename x-pack/plugins/triggers_actions_ui/public/application/hooks/{use_update_flapping_settings.ts => use_update_rules_settings.ts} (68%) create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/get_query_delay_settings.test.ts create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/get_query_delay_settings.ts create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/update_query_delay_settings.test.ts create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/update_query_delay_settings.ts create mode 100644 x-pack/test/alerting_api_integration/security_and_spaces/group3/tests/alerting/get_query_delay_settings.ts create mode 100644 x-pack/test/alerting_api_integration/security_and_spaces/group3/tests/alerting/update_query_delay_settings.ts diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/apis/get/index.ts b/x-pack/plugins/alerting/common/routes/rules_settings/apis/get/index.ts new file mode 100644 index 0000000000000..677bf4c52d5ec --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/apis/get/index.ts @@ -0,0 +1,10 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export type { GetQueryDelaySettingsResponse } from './types/latest'; + +export type { GetQueryDelaySettingsResponse as GetQueryDelaySettingsResponseV1 } from './types/v1'; diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/apis/get/types/latest.ts b/x-pack/plugins/alerting/common/routes/rules_settings/apis/get/types/latest.ts new file mode 100644 index 0000000000000..4cf7e8676c7a7 --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/apis/get/types/latest.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export type { GetQueryDelaySettingsResponse } from './v1'; diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/apis/get/types/v1.ts b/x-pack/plugins/alerting/common/routes/rules_settings/apis/get/types/v1.ts new file mode 100644 index 0000000000000..040f3c4813478 --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/apis/get/types/v1.ts @@ -0,0 +1,11 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { TypeOf } from '@kbn/config-schema'; +import { queryDelaySettingsResponseSchemaV1 } from '../../../response'; + +export type GetQueryDelaySettingsResponse = TypeOf; diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/index.ts b/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/index.ts new file mode 100644 index 0000000000000..274f279dcd981 --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/index.ts @@ -0,0 +1,18 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { updateQueryDelaySettingsBodySchema } from './schemas/latest'; +export type { + UpdateQueryDelaySettingsRequestBody, + UpdateQueryDelaySettingsResponse, +} from './types/latest'; + +export { updateQueryDelaySettingsBodySchema as updateQueryDelaySettingsBodySchemaV1 } from './schemas/v1'; +export type { + UpdateQueryDelaySettingsRequestBody as UpdateQueryDelaySettingsRequestBodyV1, + UpdateQueryDelaySettingsResponse as UpdateQueryDelaySettingsResponseV1, +} from './types/v1'; diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/schemas/latest.ts b/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/schemas/latest.ts new file mode 100644 index 0000000000000..25300c97a6d2e --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/schemas/latest.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export * from './v1'; diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/schemas/v1.ts b/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/schemas/v1.ts new file mode 100644 index 0000000000000..8e1865b77c273 --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/schemas/v1.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { schema } from '@kbn/config-schema'; + +export const updateQueryDelaySettingsBodySchema = schema.object({ + delay: schema.number(), +}); diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/types/latest.ts b/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/types/latest.ts new file mode 100644 index 0000000000000..25300c97a6d2e --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/types/latest.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export * from './v1'; diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/types/v1.ts b/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/types/v1.ts new file mode 100644 index 0000000000000..0b421e73150f5 --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/apis/update/types/v1.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { TypeOf } from '@kbn/config-schema'; +import { queryDelaySettingsResponseSchemaV1 } from '../../../response'; +import { updateQueryDelaySettingsBodySchemaV1 } from '..'; + +export type UpdateQueryDelaySettingsRequestBody = TypeOf< + typeof updateQueryDelaySettingsBodySchemaV1 +>; + +export type UpdateQueryDelaySettingsResponse = TypeOf; diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/response/index.ts b/x-pack/plugins/alerting/common/routes/rules_settings/response/index.ts new file mode 100644 index 0000000000000..f0a0070f37e74 --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/response/index.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { queryDelaySettingsResponseSchema } from './schemas/latest'; +export type { QueryDelaySettingsResponse } from './types/latest'; + +export { queryDelaySettingsResponseSchema as queryDelaySettingsResponseSchemaV1 } from './schemas/v1'; +export type { QueryDelaySettingsResponse as QueryDelaySettingsResponseV1 } from './types/v1'; diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/response/schemas/latest.ts b/x-pack/plugins/alerting/common/routes/rules_settings/response/schemas/latest.ts new file mode 100644 index 0000000000000..25300c97a6d2e --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/response/schemas/latest.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export * from './v1'; diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/response/schemas/v1.ts b/x-pack/plugins/alerting/common/routes/rules_settings/response/schemas/v1.ts new file mode 100644 index 0000000000000..59676b865c601 --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/response/schemas/v1.ts @@ -0,0 +1,20 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { schema } from '@kbn/config-schema'; + +export const queryDelaySettingsResponseBodySchema = schema.object({ + delay: schema.number(), + created_by: schema.nullable(schema.string()), + updated_by: schema.nullable(schema.string()), + created_at: schema.string(), + updated_at: schema.string(), +}); + +export const queryDelaySettingsResponseSchema = schema.object({ + body: queryDelaySettingsResponseBodySchema, +}); diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/response/types/latest.ts b/x-pack/plugins/alerting/common/routes/rules_settings/response/types/latest.ts new file mode 100644 index 0000000000000..25300c97a6d2e --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/response/types/latest.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export * from './v1'; diff --git a/x-pack/plugins/alerting/common/routes/rules_settings/response/types/v1.ts b/x-pack/plugins/alerting/common/routes/rules_settings/response/types/v1.ts new file mode 100644 index 0000000000000..b5671b2d54628 --- /dev/null +++ b/x-pack/plugins/alerting/common/routes/rules_settings/response/types/v1.ts @@ -0,0 +1,11 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { TypeOf } from '@kbn/config-schema'; +import { queryDelaySettingsResponseSchemaV1 } from '..'; + +export type QueryDelaySettingsResponse = TypeOf; diff --git a/x-pack/plugins/alerting/common/rules_settings.ts b/x-pack/plugins/alerting/common/rules_settings.ts index 743d5f4236aaa..953f29144a100 100644 --- a/x-pack/plugins/alerting/common/rules_settings.ts +++ b/x-pack/plugins/alerting/common/rules_settings.ts @@ -20,29 +20,51 @@ export interface RulesSettingsFlappingProperties { export type RulesSettingsFlapping = RulesSettingsFlappingProperties & RulesSettingsModificationMetadata; +export interface RulesSettingsQueryDelayProperties { + delay: number; +} + +export type RulesSettingsQueryDelay = RulesSettingsQueryDelayProperties & + RulesSettingsModificationMetadata; + +export interface RulesSettingsProperties { + flapping?: RulesSettingsFlappingProperties; + queryDelay?: RulesSettingsQueryDelayProperties; +} + export interface RulesSettings { - flapping: RulesSettingsFlapping; + flapping?: RulesSettingsFlapping; + queryDelay?: RulesSettingsQueryDelay; } export const MIN_LOOK_BACK_WINDOW = 2; export const MAX_LOOK_BACK_WINDOW = 20; export const MIN_STATUS_CHANGE_THRESHOLD = 2; export const MAX_STATUS_CHANGE_THRESHOLD = 20; +export const MIN_QUERY_DELAY = 0; +export const MAX_QUERY_DELAY = 60; export const RULES_SETTINGS_FEATURE_ID = 'rulesSettings'; export const ALL_FLAPPING_SETTINGS_SUB_FEATURE_ID = 'allFlappingSettings'; export const READ_FLAPPING_SETTINGS_SUB_FEATURE_ID = 'readFlappingSettings'; +export const ALL_QUERY_DELAY_SETTINGS_SUB_FEATURE_ID = 'allQueryDelaySettings'; +export const READ_QUERY_DELAY_SETTINGS_SUB_FEATURE_ID = 'readQueryDelaySettings'; export const API_PRIVILEGES = { READ_FLAPPING_SETTINGS: 'read-flapping-settings', WRITE_FLAPPING_SETTINGS: 'write-flapping-settings', + READ_QUERY_DELAY_SETTINGS: 'read-query-delay-settings', + WRITE_QUERY_DELAY_SETTINGS: 'write-query-delay-settings', }; export const RULES_SETTINGS_SAVED_OBJECT_TYPE = 'rules-settings'; -export const RULES_SETTINGS_SAVED_OBJECT_ID = 'rules-settings'; +export const RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID = 'rules-settings'; +export const RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID = 'query-delay-settings'; export const DEFAULT_LOOK_BACK_WINDOW = 20; export const DEFAULT_STATUS_CHANGE_THRESHOLD = 4; +export const DEFAULT_QUERY_DELAY = 0; +export const DEFAULT_SERVERLESS_QUERY_DELAY = 15; export const DEFAULT_FLAPPING_SETTINGS: RulesSettingsFlappingProperties = { enabled: true, @@ -54,3 +76,10 @@ export const DISABLE_FLAPPING_SETTINGS: RulesSettingsFlappingProperties = { ...DEFAULT_FLAPPING_SETTINGS, enabled: false, }; + +export const DEFAULT_QUERY_DELAY_SETTINGS: RulesSettingsQueryDelayProperties = { + delay: DEFAULT_QUERY_DELAY, +}; +export const DEFAULT_SERVERLESS_QUERY_DELAY_SETTINGS: RulesSettingsQueryDelayProperties = { + delay: DEFAULT_SERVERLESS_QUERY_DELAY, +}; diff --git a/x-pack/plugins/alerting/server/lib/get_time_range.test.ts b/x-pack/plugins/alerting/server/lib/get_time_range.test.ts new file mode 100644 index 0000000000000..684aea523e3ba --- /dev/null +++ b/x-pack/plugins/alerting/server/lib/get_time_range.test.ts @@ -0,0 +1,61 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { loggingSystemMock } from '@kbn/core/server/mocks'; +import { getTimeRange } from './get_time_range'; + +describe('getTimeRange', () => { + const logger = loggingSystemMock.create().get(); + + beforeAll(() => { + jest.useFakeTimers(); + jest.setSystemTime(new Date('2023-10-04T00:00:00.000Z')); + }); + + afterAll(() => { + jest.useRealTimers(); + }); + + beforeEach(() => { + jest.resetAllMocks(); + }); + + test('returns time range with no query delay', () => { + const { dateStart, dateEnd } = getTimeRange(logger, { delay: 0 }, '5m'); + expect(dateStart).toBe('2023-10-03T23:55:00.000Z'); + expect(dateEnd).toBe('2023-10-04T00:00:00.000Z'); + expect(logger.debug).toHaveBeenCalledWith('Adjusting rule query time range by 0 seconds'); + }); + + test('returns time range with a query delay', () => { + const { dateStart, dateEnd } = getTimeRange(logger, { delay: 45 }, '5m'); + expect(dateStart).toBe('2023-10-03T23:54:15.000Z'); + expect(dateEnd).toBe('2023-10-03T23:59:15.000Z'); + expect(logger.debug).toHaveBeenCalledWith('Adjusting rule query time range by 45 seconds'); + }); + + test('returns time range with no query delay and no time range', () => { + const { dateStart, dateEnd } = getTimeRange(logger, { delay: 0 }); + expect(dateStart).toBe('2023-10-04T00:00:00.000Z'); + expect(dateEnd).toBe('2023-10-04T00:00:00.000Z'); + expect(logger.debug).toHaveBeenCalledWith('Adjusting rule query time range by 0 seconds'); + }); + + test('returns time range with a query delay and no time range', () => { + const { dateStart, dateEnd } = getTimeRange(logger, { delay: 45 }); + expect(dateStart).toBe('2023-10-03T23:59:15.000Z'); + expect(dateEnd).toBe('2023-10-03T23:59:15.000Z'); + expect(logger.debug).toHaveBeenCalledWith('Adjusting rule query time range by 45 seconds'); + }); + + test('throws an error when the time window is invalid', () => { + expect(() => getTimeRange(logger, { delay: 45 }, '5k')).toThrowErrorMatchingInlineSnapshot( + `"Invalid format for windowSize: \\"5k\\""` + ); + expect(logger.debug).not.toHaveBeenCalled(); + }); +}); diff --git a/x-pack/plugins/alerting/server/lib/get_time_range.ts b/x-pack/plugins/alerting/server/lib/get_time_range.ts new file mode 100644 index 0000000000000..001b5df614ddd --- /dev/null +++ b/x-pack/plugins/alerting/server/lib/get_time_range.ts @@ -0,0 +1,40 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { i18n } from '@kbn/i18n'; +import { Logger } from '@kbn/logging'; +import { parseDuration, RulesSettingsQueryDelayProperties } from '../../common'; + +export function getTimeRange( + logger: Logger, + queryDelaySettings: RulesSettingsQueryDelayProperties, + window?: string +) { + let timeWindow: number = 0; + if (window) { + try { + timeWindow = parseDuration(window); + } catch (err) { + throw new Error( + i18n.translate('xpack.alerting.invalidWindowSizeErrorMessage', { + defaultMessage: 'Invalid format for windowSize: "{window}"', + values: { + window, + }, + }) + ); + } + } + logger.debug(`Adjusting rule query time range by ${queryDelaySettings.delay} seconds`); + + const queryDelay = queryDelaySettings.delay * 1000; + const date = Date.now(); + const dateStart = new Date(date - (timeWindow + queryDelay)).toISOString(); + const dateEnd = new Date(date - queryDelay).toISOString(); + + return { dateStart, dateEnd }; +} diff --git a/x-pack/plugins/alerting/server/plugin.ts b/x-pack/plugins/alerting/server/plugin.ts index e9590f883cc53..bb950973afae7 100644 --- a/x-pack/plugins/alerting/server/plugin.ts +++ b/x-pack/plugins/alerting/server/plugin.ts @@ -190,6 +190,7 @@ export interface AlertingPluginsStart { data: DataPluginStart; dataViews: DataViewsPluginStart; share: SharePluginStart; + serverless?: ServerlessPluginSetup; } export class AlertingPlugin { @@ -503,6 +504,7 @@ export class AlertingPlugin { logger: this.logger, savedObjectsService: core.savedObjects, securityPluginStart: plugins.security, + isServerless: !!plugins.serverless, }); maintenanceWindowClientFactory.initialize({ diff --git a/x-pack/plugins/alerting/server/routes/index.ts b/x-pack/plugins/alerting/server/routes/index.ts index a90ad5feba4da..93c66c45ce2af 100644 --- a/x-pack/plugins/alerting/server/routes/index.ts +++ b/x-pack/plugins/alerting/server/routes/index.ts @@ -62,6 +62,8 @@ import { registerRulesValueSuggestionsRoute } from './suggestions/values_suggest import { registerFieldsRoute } from './suggestions/fields_rules'; import { bulkGetMaintenanceWindowRoute } from './maintenance_window/apis/bulk_get/bulk_get_maintenance_windows_route'; import { registerAlertsValueSuggestionsRoute } from './suggestions/values_suggestion_alerts'; +import { getQueryDelaySettingsRoute } from './rules_settings/apis/get/get_query_delay_settings'; +import { updateQueryDelaySettingsRoute } from './rules_settings/apis/update/update_query_delay_settings'; export interface RouteOptions { router: IRouter; @@ -133,4 +135,6 @@ export function defineRoutes(opts: RouteOptions) { bulkGetMaintenanceWindowRoute(router, licenseState); getScheduleFrequencyRoute(router, licenseState); bulkUntrackAlertRoute(router, licenseState); + getQueryDelaySettingsRoute(router, licenseState); + updateQueryDelaySettingsRoute(router, licenseState); } diff --git a/x-pack/plugins/alerting/server/routes/rules_settings/apis/get/get_query_delay_settings.test.ts b/x-pack/plugins/alerting/server/routes/rules_settings/apis/get/get_query_delay_settings.test.ts new file mode 100644 index 0000000000000..4102aa80b29af --- /dev/null +++ b/x-pack/plugins/alerting/server/routes/rules_settings/apis/get/get_query_delay_settings.test.ts @@ -0,0 +1,72 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { httpServiceMock } from '@kbn/core/server/mocks'; +import { licenseStateMock } from '../../../../lib/license_state.mock'; +import { mockHandlerArguments } from '../../../_mock_handler_arguments'; +import { + rulesSettingsClientMock, + RulesSettingsClientMock, +} from '../../../../rules_settings_client.mock'; +import { getQueryDelaySettingsRoute } from './get_query_delay_settings'; + +let rulesSettingsClient: RulesSettingsClientMock; + +jest.mock('../../../../lib/license_api_access', () => ({ + verifyApiAccess: jest.fn(), +})); + +beforeEach(() => { + jest.resetAllMocks(); + rulesSettingsClient = rulesSettingsClientMock.create(); +}); + +describe('getQueryDelaySettingsRoute', () => { + test('gets query delay settings', async () => { + const licenseState = licenseStateMock.create(); + const router = httpServiceMock.createRouter(); + + getQueryDelaySettingsRoute(router, licenseState); + + const [config, handler] = router.get.mock.calls[0]; + + expect(config).toMatchInlineSnapshot(` + Object { + "options": Object { + "tags": Array [ + "access:read-query-delay-settings", + ], + }, + "path": "/internal/alerting/rules/settings/_query_delay", + "validate": Object {}, + } + `); + + (rulesSettingsClient.queryDelay().get as jest.Mock).mockResolvedValue({ + delay: 10, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: new Date().toISOString(), + updatedAt: new Date().toISOString(), + }); + + const [context, req, res] = mockHandlerArguments({ rulesSettingsClient }, {}, ['ok']); + + await handler(context, req, res); + + expect(rulesSettingsClient.queryDelay().get).toHaveBeenCalledTimes(1); + expect(res.ok).toHaveBeenCalledWith({ + body: expect.objectContaining({ + delay: 10, + created_by: 'test name', + updated_by: 'test name', + created_at: expect.any(String), + updated_at: expect.any(String), + }), + }); + }); +}); diff --git a/x-pack/plugins/alerting/server/routes/rules_settings/apis/get/get_query_delay_settings.ts b/x-pack/plugins/alerting/server/routes/rules_settings/apis/get/get_query_delay_settings.ts new file mode 100644 index 0000000000000..ee16be9642977 --- /dev/null +++ b/x-pack/plugins/alerting/server/routes/rules_settings/apis/get/get_query_delay_settings.ts @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { IRouter } from '@kbn/core/server'; +import { ILicenseState } from '../../../../lib'; +import { AlertingRequestHandlerContext, INTERNAL_BASE_ALERTING_API_PATH } from '../../../../types'; +import { verifyAccessAndContext } from '../../../lib'; +import { API_PRIVILEGES } from '../../../../../common'; +import { transformQueryDelaySettingsToResponseV1 } from '../../transforms'; +import { GetQueryDelaySettingsResponseV1 } from '../../../../../common/routes/rules_settings/apis/get'; + +export const getQueryDelaySettingsRoute = ( + router: IRouter, + licenseState: ILicenseState +) => { + router.get( + { + path: `${INTERNAL_BASE_ALERTING_API_PATH}/rules/settings/_query_delay`, + validate: {}, + options: { + tags: [`access:${API_PRIVILEGES.READ_QUERY_DELAY_SETTINGS}`], + }, + }, + router.handleLegacyErrors( + verifyAccessAndContext(licenseState, async function (context, req, res) { + const rulesSettingsClient = (await context.alerting).getRulesSettingsClient(); + const queryDelaySettings = await rulesSettingsClient.queryDelay().get(); + const response: GetQueryDelaySettingsResponseV1 = + transformQueryDelaySettingsToResponseV1(queryDelaySettings); + + return res.ok(response); + }) + ) + ); +}; diff --git a/x-pack/plugins/alerting/server/routes/rules_settings/apis/update/update_query_delay_settings.test.ts b/x-pack/plugins/alerting/server/routes/rules_settings/apis/update/update_query_delay_settings.test.ts new file mode 100644 index 0000000000000..8a506809131ab --- /dev/null +++ b/x-pack/plugins/alerting/server/routes/rules_settings/apis/update/update_query_delay_settings.test.ts @@ -0,0 +1,88 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { httpServiceMock } from '@kbn/core/server/mocks'; +import { licenseStateMock } from '../../../../lib/license_state.mock'; +import { mockHandlerArguments } from '../../../_mock_handler_arguments'; +import { + rulesSettingsClientMock, + RulesSettingsClientMock, +} from '../../../../rules_settings_client.mock'; +import { updateQueryDelaySettingsRoute } from './update_query_delay_settings'; + +let rulesSettingsClient: RulesSettingsClientMock; + +jest.mock('../../../../lib/license_api_access', () => ({ + verifyApiAccess: jest.fn(), +})); + +beforeEach(() => { + jest.resetAllMocks(); + rulesSettingsClient = rulesSettingsClientMock.create(); +}); + +const mockQueryDelaySettings = { + delay: 10, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: new Date().toISOString(), + updatedAt: new Date().toISOString(), +}; + +describe('updateQueryDelaySettingsRoute', () => { + test('updates query delay settings', async () => { + const licenseState = licenseStateMock.create(); + const router = httpServiceMock.createRouter(); + + updateQueryDelaySettingsRoute(router, licenseState); + + const [config, handler] = router.post.mock.calls[0]; + + expect(config.path).toMatchInlineSnapshot(`"/internal/alerting/rules/settings/_query_delay"`); + expect(config.options).toMatchInlineSnapshot(` + Object { + "tags": Array [ + "access:write-query-delay-settings", + ], + } + `); + + (rulesSettingsClient.queryDelay().get as jest.Mock).mockResolvedValue(mockQueryDelaySettings); + (rulesSettingsClient.queryDelay().update as jest.Mock).mockResolvedValue( + mockQueryDelaySettings + ); + + const updateResult = { + delay: 6, + }; + + const [context, req, res] = mockHandlerArguments( + { rulesSettingsClient }, + { + body: updateResult, + }, + ['ok'] + ); + + await handler(context, req, res); + + expect(rulesSettingsClient.queryDelay().update).toHaveBeenCalledTimes(1); + expect((rulesSettingsClient.queryDelay().update as jest.Mock).mock.calls[0]) + .toMatchInlineSnapshot(` + Array [ + Object { + "delay": 6, + }, + ] + `); + expect(res.ok).toHaveBeenCalledWith({ + body: expect.objectContaining({ + delay: 10, + }), + }); + }); +}); diff --git a/x-pack/plugins/alerting/server/routes/rules_settings/apis/update/update_query_delay_settings.ts b/x-pack/plugins/alerting/server/routes/rules_settings/apis/update/update_query_delay_settings.ts new file mode 100644 index 0000000000000..050f28942fda7 --- /dev/null +++ b/x-pack/plugins/alerting/server/routes/rules_settings/apis/update/update_query_delay_settings.ts @@ -0,0 +1,49 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { IRouter } from '@kbn/core/server'; +import { ILicenseState } from '../../../../lib'; +import { verifyAccessAndContext } from '../../../lib'; +import { AlertingRequestHandlerContext, INTERNAL_BASE_ALERTING_API_PATH } from '../../../../types'; +import { API_PRIVILEGES } from '../../../../../common'; +import { + updateQueryDelaySettingsBodySchemaV1, + UpdateQueryDelaySettingsRequestBodyV1, + UpdateQueryDelaySettingsResponseV1, +} from '../../../../../common/routes/rules_settings/apis/update'; +import { transformQueryDelaySettingsToResponseV1 } from '../../transforms'; + +export const updateQueryDelaySettingsRoute = ( + router: IRouter, + licenseState: ILicenseState +) => { + router.post( + { + path: `${INTERNAL_BASE_ALERTING_API_PATH}/rules/settings/_query_delay`, + validate: { + body: updateQueryDelaySettingsBodySchemaV1, + }, + options: { + tags: [`access:${API_PRIVILEGES.WRITE_QUERY_DELAY_SETTINGS}`], + }, + }, + router.handleLegacyErrors( + verifyAccessAndContext(licenseState, async function (context, req, res) { + const rulesSettingsClient = (await context.alerting).getRulesSettingsClient(); + + const body: UpdateQueryDelaySettingsRequestBodyV1 = req.body; + + const updatedQueryDelaySettings = await rulesSettingsClient.queryDelay().update(body); + + const response: UpdateQueryDelaySettingsResponseV1 = + transformQueryDelaySettingsToResponseV1(updatedQueryDelaySettings); + + return res.ok(response); + }) + ) + ); +}; diff --git a/x-pack/plugins/alerting/server/routes/rules_settings/transforms/index.ts b/x-pack/plugins/alerting/server/routes/rules_settings/transforms/index.ts new file mode 100644 index 0000000000000..5a7438d7f3ad9 --- /dev/null +++ b/x-pack/plugins/alerting/server/routes/rules_settings/transforms/index.ts @@ -0,0 +1,10 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { transformQueryDelaySettingsToResponse } from './transform_query_delay_settings_to_response/latest'; + +export { transformQueryDelaySettingsToResponse as transformQueryDelaySettingsToResponseV1 } from './transform_query_delay_settings_to_response/v1'; diff --git a/x-pack/plugins/alerting/server/routes/rules_settings/transforms/transform_query_delay_settings_to_response/latest.ts b/x-pack/plugins/alerting/server/routes/rules_settings/transforms/transform_query_delay_settings_to_response/latest.ts new file mode 100644 index 0000000000000..25300c97a6d2e --- /dev/null +++ b/x-pack/plugins/alerting/server/routes/rules_settings/transforms/transform_query_delay_settings_to_response/latest.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export * from './v1'; diff --git a/x-pack/plugins/alerting/server/routes/rules_settings/transforms/transform_query_delay_settings_to_response/v1.ts b/x-pack/plugins/alerting/server/routes/rules_settings/transforms/transform_query_delay_settings_to_response/v1.ts new file mode 100644 index 0000000000000..926b702bdbf9c --- /dev/null +++ b/x-pack/plugins/alerting/server/routes/rules_settings/transforms/transform_query_delay_settings_to_response/v1.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { RulesSettingsQueryDelay } from '../../../../../common'; +import { QueryDelaySettingsResponseV1 } from '../../../../../common/routes/rules_settings/response'; + +export const transformQueryDelaySettingsToResponse = ( + settings: RulesSettingsQueryDelay +): QueryDelaySettingsResponseV1 => { + return { + body: { + delay: settings.delay, + created_by: settings.createdBy, + updated_by: settings.updatedBy, + created_at: settings.createdAt, + updated_at: settings.updatedAt, + }, + }; +}; diff --git a/x-pack/plugins/alerting/server/rules_settings_client.mock.ts b/x-pack/plugins/alerting/server/rules_settings_client.mock.ts index 99dcfc388ca23..12703161fdb46 100644 --- a/x-pack/plugins/alerting/server/rules_settings_client.mock.ts +++ b/x-pack/plugins/alerting/server/rules_settings_client.mock.ts @@ -8,11 +8,14 @@ import { RulesSettingsClientApi, RulesSettingsFlappingClientApi, + RulesSettingsQueryDelayClientApi, DEFAULT_FLAPPING_SETTINGS, + DEFAULT_QUERY_DELAY_SETTINGS, } from './types'; export type RulesSettingsClientMock = jest.Mocked; export type RulesSettingsFlappingClientMock = jest.Mocked; +export type RulesSettingsQueryDelayClientMock = jest.Mocked; // Warning: Becareful when resetting all mocks in tests as it would clear // the mock return value on the flapping @@ -20,11 +23,18 @@ const createRulesSettingsClientMock = () => { const flappingMocked: RulesSettingsFlappingClientMock = { get: jest.fn().mockReturnValue(DEFAULT_FLAPPING_SETTINGS), update: jest.fn(), + getSettings: jest.fn(), + createSettings: jest.fn(), + }; + const queryDelayMocked: RulesSettingsQueryDelayClientMock = { + get: jest.fn().mockReturnValue(DEFAULT_QUERY_DELAY_SETTINGS), + update: jest.fn(), + getSettings: jest.fn(), + createSettings: jest.fn(), }; const mocked: RulesSettingsClientMock = { - get: jest.fn(), - create: jest.fn(), flapping: jest.fn().mockReturnValue(flappingMocked), + queryDelay: jest.fn().mockReturnValue(queryDelayMocked), }; return mocked; }; diff --git a/x-pack/plugins/alerting/server/rules_settings_client/flapping/rules_settings_flapping_client.test.ts b/x-pack/plugins/alerting/server/rules_settings_client/flapping/rules_settings_flapping_client.test.ts index 2b02af1327eea..19f978a8985f1 100644 --- a/x-pack/plugins/alerting/server/rules_settings_client/flapping/rules_settings_flapping_client.test.ts +++ b/x-pack/plugins/alerting/server/rules_settings_client/flapping/rules_settings_flapping_client.test.ts @@ -13,10 +13,11 @@ import { savedObjectsClientMock, loggingSystemMock } from '@kbn/core/server/mock import { RULES_SETTINGS_FEATURE_ID, RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID, + RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID, DEFAULT_FLAPPING_SETTINGS, RulesSettings, } from '../../../common'; +import { SavedObjectsErrorHelpers } from '@kbn/core-saved-objects-server'; const mockDateString = '2019-02-12T21:01:22.479Z'; @@ -39,13 +40,6 @@ const getMockRulesSettings = (): RulesSettings => { const rulesSettingsFlappingClientParams: jest.Mocked = { logger: loggingSystemMock.create().get(), - getOrCreate: jest.fn().mockReturnValue({ - id: RULES_SETTINGS_FEATURE_ID, - type: RULES_SETTINGS_SAVED_OBJECT_TYPE, - attributes: getMockRulesSettings(), - references: [], - version: '123', - }), getModificationMetadata: jest.fn(), savedObjectsClient, }; @@ -58,9 +52,21 @@ const updatedMetadata = { }; describe('RulesSettingsFlappingClient', () => { - beforeEach(() => - rulesSettingsFlappingClientParams.getModificationMetadata.mockResolvedValue(updatedMetadata) - ); + beforeEach(() => { + rulesSettingsFlappingClientParams.getModificationMetadata.mockResolvedValue(updatedMetadata); + savedObjectsClient.get.mockResolvedValue({ + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: getMockRulesSettings(), + references: [], + version: '123', + }); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + beforeAll(() => { jest.useFakeTimers(); jest.setSystemTime(new Date(mockDateString)); @@ -119,7 +125,7 @@ describe('RulesSettingsFlappingClient', () => { expect(savedObjectsClient.update).toHaveBeenCalledWith( RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID, + RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID, { flapping: expect.objectContaining({ enabled: false, @@ -192,4 +198,243 @@ describe('RulesSettingsFlappingClient', () => { 'Invalid values,lookBackWindow (10) must be equal to or greater than statusChangeThreshold (20).' ); }); + + test('can create a new flapping settings saved object', async () => { + rulesSettingsFlappingClientParams.getModificationMetadata.mockResolvedValueOnce({ + ...updatedMetadata, + createdBy: 'test name', + updatedBy: 'test name', + }); + const client = new RulesSettingsFlappingClient(rulesSettingsFlappingClientParams); + const mockAttributes = getMockRulesSettings(); + + savedObjectsClient.create.mockResolvedValueOnce({ + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: mockAttributes, + references: [], + }); + + const result = await client.createSettings(); + + expect(savedObjectsClient.create).toHaveBeenCalledTimes(1); + expect(savedObjectsClient.create).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + { + flapping: expect.objectContaining({ + enabled: mockAttributes.flapping?.enabled, + lookBackWindow: mockAttributes.flapping?.lookBackWindow, + statusChangeThreshold: mockAttributes.flapping?.statusChangeThreshold, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: expect.any(String), + updatedAt: expect.any(String), + }), + }, + { + id: RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID, + overwrite: true, + } + ); + expect(result.attributes).toEqual(mockAttributes); + }); + + test('can get existing flapping settings saved object', async () => { + const client = new RulesSettingsFlappingClient(rulesSettingsFlappingClientParams); + const mockAttributes = getMockRulesSettings(); + + savedObjectsClient.get.mockResolvedValueOnce({ + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: mockAttributes, + references: [], + }); + const result = await client.getSettings(); + expect(result.attributes).toEqual(mockAttributes); + }); + + test('throws if there is no existing saved object to get', async () => { + const client = new RulesSettingsFlappingClient(rulesSettingsFlappingClientParams); + + savedObjectsClient.get.mockRejectedValueOnce( + SavedObjectsErrorHelpers.createGenericNotFoundError( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID + ) + ); + await expect(client.getSettings()).rejects.toThrowError(); + }); + + test('can persist flapping settings when saved object does not exist', async () => { + rulesSettingsFlappingClientParams.getModificationMetadata.mockResolvedValueOnce({ + ...updatedMetadata, + createdBy: 'test name', + updatedBy: 'test name', + }); + const client = new RulesSettingsFlappingClient(rulesSettingsFlappingClientParams); + const mockAttributes = getMockRulesSettings(); + savedObjectsClient.get.mockRejectedValueOnce( + SavedObjectsErrorHelpers.createGenericNotFoundError( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID + ) + ); + + savedObjectsClient.create.mockResolvedValueOnce({ + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: mockAttributes, + references: [], + }); + + const result = await client.get(); + + expect(savedObjectsClient.get).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID + ); + + expect(savedObjectsClient.create).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + { + flapping: expect.objectContaining({ + enabled: mockAttributes.flapping?.enabled, + lookBackWindow: mockAttributes.flapping?.lookBackWindow, + statusChangeThreshold: mockAttributes.flapping?.statusChangeThreshold, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: expect.any(String), + updatedAt: expect.any(String), + }), + }, + { + id: RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID, + overwrite: true, + } + ); + expect(result).toEqual(mockAttributes.flapping); + }); + + test('can persist flapping settings when saved object already exists', async () => { + rulesSettingsFlappingClientParams.getModificationMetadata.mockResolvedValueOnce({ + ...updatedMetadata, + createdBy: 'test name', + updatedBy: 'test name', + }); + const client = new RulesSettingsFlappingClient(rulesSettingsFlappingClientParams); + const mockAttributes = getMockRulesSettings(); + + savedObjectsClient.get.mockResolvedValueOnce({ + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: mockAttributes, + references: [], + }); + + const result = await client.get(); + + expect(savedObjectsClient.get).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID + ); + expect(savedObjectsClient.create).not.toHaveBeenCalled(); + expect(result).toEqual(mockAttributes.flapping); + }); + + test('can update flapping settings when saved object does not exist', async () => { + rulesSettingsFlappingClientParams.getModificationMetadata.mockResolvedValueOnce({ + ...updatedMetadata, + createdBy: 'test name', + updatedBy: 'test name', + }); + const client = new RulesSettingsFlappingClient(rulesSettingsFlappingClientParams); + const mockAttributes = getMockRulesSettings(); + + savedObjectsClient.get.mockRejectedValueOnce( + SavedObjectsErrorHelpers.createGenericNotFoundError( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID + ) + ); + + const mockResolve = { + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: mockAttributes, + references: [], + version: '123', + }; + + savedObjectsClient.create.mockResolvedValueOnce(mockResolve); + savedObjectsClient.update.mockResolvedValueOnce({ + ...mockResolve, + attributes: { + flapping: { + ...mockResolve.attributes.flapping, + enabled: false, + lookBackWindow: 5, + statusChangeThreshold: 5, + }, + }, + }); + + // Try to update with new values + const result = await client.update({ + enabled: false, + lookBackWindow: 5, + statusChangeThreshold: 5, + }); + + // Tried to get first, but no results + expect(savedObjectsClient.get).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID + ); + + // So create a new entry + expect(savedObjectsClient.create).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + { + flapping: expect.objectContaining({ + enabled: mockAttributes.flapping?.enabled, + lookBackWindow: mockAttributes.flapping?.lookBackWindow, + statusChangeThreshold: mockAttributes.flapping?.statusChangeThreshold, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: expect.any(String), + updatedAt: expect.any(String), + }), + }, + { + id: RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID, + overwrite: true, + } + ); + + // Try to update with version + expect(savedObjectsClient.update).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID, + { + flapping: expect.objectContaining({ + enabled: false, + lookBackWindow: 5, + statusChangeThreshold: 5, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: expect.any(String), + updatedAt: expect.any(String), + }), + }, + { version: '123' } + ); + + expect(result).toEqual( + expect.objectContaining({ + enabled: false, + lookBackWindow: 5, + statusChangeThreshold: 5, + }) + ); + }); }); diff --git a/x-pack/plugins/alerting/server/rules_settings_client/flapping/rules_settings_flapping_client.ts b/x-pack/plugins/alerting/server/rules_settings_client/flapping/rules_settings_flapping_client.ts index 88052ea8cfb6e..0bf6f2af025fe 100644 --- a/x-pack/plugins/alerting/server/rules_settings_client/flapping/rules_settings_flapping_client.ts +++ b/x-pack/plugins/alerting/server/rules_settings_client/flapping/rules_settings_flapping_client.ts @@ -6,7 +6,12 @@ */ import Boom from '@hapi/boom'; -import { Logger, SavedObjectsClientContract, SavedObject } from '@kbn/core/server'; +import { + Logger, + SavedObjectsClientContract, + SavedObject, + SavedObjectsErrorHelpers, +} from '@kbn/core/server'; import { RulesSettings, RulesSettingsFlapping, @@ -17,8 +22,11 @@ import { MIN_STATUS_CHANGE_THRESHOLD, MAX_STATUS_CHANGE_THRESHOLD, RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID, + RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID, + DEFAULT_FLAPPING_SETTINGS, } from '../../../common'; +import { retryIfConflicts } from '../../lib/retry_if_conflicts'; +import { flappingSchema } from '../schemas'; const verifyFlappingSettings = (flappingSettings: RulesSettingsFlappingProperties) => { const { lookBackWindow, statusChangeThreshold } = flappingSettings; @@ -48,30 +56,42 @@ const verifyFlappingSettings = (flappingSettings: RulesSettingsFlappingPropertie export interface RulesSettingsFlappingClientConstructorOptions { readonly logger: Logger; readonly savedObjectsClient: SavedObjectsClientContract; - readonly getOrCreate: () => Promise>; readonly getModificationMetadata: () => Promise; } export class RulesSettingsFlappingClient { private readonly logger: Logger; private readonly savedObjectsClient: SavedObjectsClientContract; - private readonly getOrCreate: () => Promise>; private readonly getModificationMetadata: () => Promise; constructor(options: RulesSettingsFlappingClientConstructorOptions) { this.logger = options.logger; this.savedObjectsClient = options.savedObjectsClient; - this.getOrCreate = options.getOrCreate; this.getModificationMetadata = options.getModificationMetadata; } public async get(): Promise { const rulesSettings = await this.getOrCreate(); + if (!rulesSettings.attributes.flapping) { + this.logger.error('Failed to get flapping rules setting for current space.'); + throw new Error( + 'Failed to get flapping rules setting for current space. Flapping settings are undefined' + ); + } return rulesSettings.attributes.flapping; } public async update(newFlappingProperties: RulesSettingsFlappingProperties) { + return await retryIfConflicts( + this.logger, + 'ruleSettingsClient.flapping.update()', + async () => await this.updateWithOCC(newFlappingProperties) + ); + } + + private async updateWithOCC(newFlappingProperties: RulesSettingsFlappingProperties) { try { + flappingSchema.validate(newFlappingProperties); verifyFlappingSettings(newFlappingProperties); } catch (e) { this.logger.error( @@ -81,14 +101,16 @@ export class RulesSettingsFlappingClient { } const { attributes, version } = await this.getOrCreate(); - const modificationMetadata = await this.getModificationMetadata(); + if (!attributes.flapping) { + throw new Error('Flapping settings are undefined'); + } + const modificationMetadata = await this.getModificationMetadata(); try { const result = await this.savedObjectsClient.update( RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID, + RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID, { - ...attributes, flapping: { ...attributes.flapping, ...newFlappingProperties, @@ -107,4 +129,55 @@ export class RulesSettingsFlappingClient { throw Boom.boomify(e, { message: errorMessage }); } } + + public async getSettings(): Promise> { + try { + return await this.savedObjectsClient.get( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID + ); + } catch (e) { + this.logger.error(`Failed to get flapping rules setting for current space. Error: ${e}`); + throw e; + } + } + + public async createSettings(): Promise> { + const modificationMetadata = await this.getModificationMetadata(); + try { + return await this.savedObjectsClient.create( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + { + flapping: { + ...DEFAULT_FLAPPING_SETTINGS, + ...modificationMetadata, + }, + }, + { + id: RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID, + overwrite: true, + } + ); + } catch (e) { + this.logger.error(`Failed to create flapping rules setting for current space. Error: ${e}`); + throw e; + } + } + + /** + * Helper function to ensure that a rules-settings saved object always exists. + * Ensures the creation of the saved object is done lazily during retrieval. + */ + private async getOrCreate(): Promise> { + try { + return await this.getSettings(); + } catch (e) { + if (SavedObjectsErrorHelpers.isNotFoundError(e)) { + this.logger.info('Creating new default flapping rules settings for current space.'); + return await this.createSettings(); + } + this.logger.error(`Failed to get flapping rules setting for current space. Error: ${e}`); + throw e; + } + } } diff --git a/x-pack/plugins/alerting/server/rules_settings_client/index.ts b/x-pack/plugins/alerting/server/rules_settings_client/index.ts index efbb3f0b3ccfe..fcbf30b0bcb6c 100644 --- a/x-pack/plugins/alerting/server/rules_settings_client/index.ts +++ b/x-pack/plugins/alerting/server/rules_settings_client/index.ts @@ -7,3 +7,4 @@ export * from './rules_settings_client'; export * from './flapping/rules_settings_flapping_client'; +export * from './query_delay/rules_settings_query_delay_client'; diff --git a/x-pack/plugins/alerting/server/rules_settings_client/query_delay/rules_settings_query_delay_client.test.ts b/x-pack/plugins/alerting/server/rules_settings_client/query_delay/rules_settings_query_delay_client.test.ts new file mode 100644 index 0000000000000..213ece8cd6fe4 --- /dev/null +++ b/x-pack/plugins/alerting/server/rules_settings_client/query_delay/rules_settings_query_delay_client.test.ts @@ -0,0 +1,385 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { SavedObjectsErrorHelpers } from '@kbn/core-saved-objects-server'; +import { savedObjectsClientMock, loggingSystemMock } from '@kbn/core/server/mocks'; +import { + RULES_SETTINGS_FEATURE_ID, + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID, + RulesSettings, + DEFAULT_QUERY_DELAY_SETTINGS, +} from '../../../common'; +import { + RulesSettingsQueryDelayClient, + RulesSettingsQueryDelayClientConstructorOptions, +} from './rules_settings_query_delay_client'; + +const mockDateString = '2019-02-12T21:01:22.479Z'; + +const savedObjectsClient = savedObjectsClientMock.create(); + +const getMockRulesSettings = (): RulesSettings => { + return { + queryDelay: { + delay: DEFAULT_QUERY_DELAY_SETTINGS.delay, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: '2023-03-24T00:00:00.000Z', + updatedAt: '2023-03-24T00:00:00.000Z', + }, + }; +}; + +const rulesSettingsQueryDelayClientParams: jest.Mocked = + { + logger: loggingSystemMock.create().get(), + isServerless: false, + getModificationMetadata: jest.fn(), + savedObjectsClient, + }; + +const updatedMetadata = { + createdAt: '2023-03-26T00:00:00.000Z', + updatedAt: '2023-03-26T00:00:00.000Z', + createdBy: 'updated-user', + updatedBy: 'updated-user', +}; + +describe('RulesSettingsQueryDelayClient', () => { + beforeEach(() => { + rulesSettingsQueryDelayClientParams.getModificationMetadata.mockResolvedValue(updatedMetadata); + savedObjectsClient.get.mockResolvedValue({ + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: getMockRulesSettings(), + references: [], + version: '123', + }); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + beforeAll(() => { + jest.useFakeTimers(); + jest.setSystemTime(new Date(mockDateString)); + }); + + afterAll(() => { + jest.clearAllMocks(); + jest.useRealTimers(); + }); + + test('can get query delay settings', async () => { + const client = new RulesSettingsQueryDelayClient(rulesSettingsQueryDelayClientParams); + const result = await client.get(); + + expect(result).toEqual( + expect.objectContaining({ + delay: DEFAULT_QUERY_DELAY_SETTINGS.delay, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: expect.any(String), + updatedAt: expect.any(String), + }) + ); + }); + + test('can update query delay settings', async () => { + const client = new RulesSettingsQueryDelayClient(rulesSettingsQueryDelayClientParams); + + const mockResolve = { + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: getMockRulesSettings(), + references: [], + version: '123', + }; + + savedObjectsClient.update.mockResolvedValueOnce({ + ...mockResolve, + attributes: { + queryDelay: { + ...mockResolve.attributes.queryDelay, + delay: 19, + }, + }, + }); + + const result = await client.update({ + delay: 19, + }); + + expect(savedObjectsClient.update).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID, + { + queryDelay: expect.objectContaining({ + delay: 19, + updatedAt: '2023-03-26T00:00:00.000Z', + updatedBy: 'updated-user', + createdBy: 'test name', + createdAt: '2023-03-24T00:00:00.000Z', + }), + }, + { version: '123' } + ); + + expect(result).toEqual( + expect.objectContaining({ + delay: 19, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: expect.any(String), + updatedAt: expect.any(String), + }) + ); + }); + + test('throws if savedObjectsClient failed to update', async () => { + const client = new RulesSettingsQueryDelayClient(rulesSettingsQueryDelayClientParams); + savedObjectsClient.update.mockRejectedValueOnce(new Error('failed!!')); + + await expect( + client.update({ + delay: 19, + }) + ).rejects.toThrowError( + 'savedObjectsClient errored trying to update query delay settings: failed!!' + ); + }); + + test('throws if new query delay setting fails verification', async () => { + const client = new RulesSettingsQueryDelayClient(rulesSettingsQueryDelayClientParams); + await expect( + client.update({ + delay: 200, + }) + ).rejects.toThrowError('Invalid query delay value, must be between 0 and 60, but got: 200.'); + }); + + test('can create a new query delay settings saved object', async () => { + rulesSettingsQueryDelayClientParams.getModificationMetadata.mockResolvedValueOnce({ + ...updatedMetadata, + createdBy: 'test name', + updatedBy: 'test name', + }); + const client = new RulesSettingsQueryDelayClient(rulesSettingsQueryDelayClientParams); + const mockAttributes = getMockRulesSettings(); + + savedObjectsClient.create.mockResolvedValueOnce({ + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: mockAttributes, + references: [], + }); + + const result = await client.createSettings(); + + expect(savedObjectsClient.create).toHaveBeenCalledTimes(1); + expect(savedObjectsClient.create).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + { + queryDelay: expect.objectContaining({ + delay: 0, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: expect.any(String), + updatedAt: expect.any(String), + }), + }, + { + id: RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID, + overwrite: true, + } + ); + expect(result.attributes).toEqual(mockAttributes); + }); + + test('can create a new query delay settings saved object with default serverless value', async () => { + rulesSettingsQueryDelayClientParams.getModificationMetadata.mockResolvedValueOnce({ + ...updatedMetadata, + createdBy: 'test name', + updatedBy: 'test name', + }); + const client = new RulesSettingsQueryDelayClient({ + ...rulesSettingsQueryDelayClientParams, + isServerless: true, + }); + + const mockAttributes = getMockRulesSettings(); + + savedObjectsClient.create.mockResolvedValueOnce({ + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: mockAttributes, + references: [], + }); + + const result = await client.createSettings(); + + expect(savedObjectsClient.create).toHaveBeenCalledTimes(1); + expect(savedObjectsClient.create).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + { + queryDelay: expect.objectContaining({ + delay: 15, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: expect.any(String), + updatedAt: expect.any(String), + }), + }, + { + id: RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID, + overwrite: true, + } + ); + expect(result.attributes).toEqual(mockAttributes); + }); + + test('can get existing query delay settings saved object', async () => { + const client = new RulesSettingsQueryDelayClient(rulesSettingsQueryDelayClientParams); + const mockAttributes = getMockRulesSettings(); + + savedObjectsClient.get.mockResolvedValueOnce({ + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: mockAttributes, + references: [], + }); + const result = await client.getSettings(); + expect(result.attributes).toEqual(mockAttributes); + }); + + test('throws if there is no existing saved object to get', async () => { + const client = new RulesSettingsQueryDelayClient(rulesSettingsQueryDelayClientParams); + + savedObjectsClient.get.mockRejectedValueOnce( + SavedObjectsErrorHelpers.createGenericNotFoundError( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID + ) + ); + await expect(client.get()).rejects.toThrowError(); + }); + + test('can persist query delay settings when saved object already exists', async () => { + rulesSettingsQueryDelayClientParams.getModificationMetadata.mockResolvedValueOnce({ + ...updatedMetadata, + createdBy: 'test name', + updatedBy: 'test name', + }); + const client = new RulesSettingsQueryDelayClient(rulesSettingsQueryDelayClientParams); + const mockAttributes = getMockRulesSettings(); + + savedObjectsClient.get.mockResolvedValueOnce({ + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: mockAttributes, + references: [], + }); + + const result = await client.get(); + + expect(savedObjectsClient.get).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID + ); + expect(savedObjectsClient.create).not.toHaveBeenCalled(); + expect(result).toEqual(mockAttributes.queryDelay); + }); + + test('can update query delay settings when saved object does not exist', async () => { + rulesSettingsQueryDelayClientParams.getModificationMetadata.mockResolvedValueOnce({ + ...updatedMetadata, + createdBy: 'test name', + updatedBy: 'test name', + }); + const client = new RulesSettingsQueryDelayClient(rulesSettingsQueryDelayClientParams); + const mockAttributes = getMockRulesSettings(); + + savedObjectsClient.get.mockRejectedValueOnce( + SavedObjectsErrorHelpers.createGenericNotFoundError( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID + ) + ); + + const mockResolve = { + id: RULES_SETTINGS_FEATURE_ID, + type: RULES_SETTINGS_SAVED_OBJECT_TYPE, + attributes: mockAttributes, + references: [], + version: '123', + }; + + savedObjectsClient.create.mockResolvedValueOnce(mockResolve); + savedObjectsClient.update.mockResolvedValueOnce({ + ...mockResolve, + attributes: { + queryDelay: { + ...mockResolve.attributes.queryDelay, + delay: 5, + }, + }, + }); + + // Try to update with new values + const result = await client.update({ + delay: 5, + }); + + // Tried to get first, but no results + expect(savedObjectsClient.get).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID + ); + + // So create a new entry + expect(savedObjectsClient.create).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + { + queryDelay: expect.objectContaining({ + delay: mockAttributes.queryDelay?.delay, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: expect.any(String), + updatedAt: expect.any(String), + }), + }, + { + id: RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID, + overwrite: true, + } + ); + + // Try to update with version + expect(savedObjectsClient.update).toHaveBeenCalledWith( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID, + { + queryDelay: expect.objectContaining({ + delay: 5, + createdBy: 'test name', + updatedBy: 'test name', + createdAt: expect.any(String), + updatedAt: expect.any(String), + }), + }, + { version: '123' } + ); + + expect(result).toEqual( + expect.objectContaining({ + delay: 5, + }) + ); + }); +}); diff --git a/x-pack/plugins/alerting/server/rules_settings_client/query_delay/rules_settings_query_delay_client.ts b/x-pack/plugins/alerting/server/rules_settings_client/query_delay/rules_settings_query_delay_client.ts new file mode 100644 index 0000000000000..ac394dca17180 --- /dev/null +++ b/x-pack/plugins/alerting/server/rules_settings_client/query_delay/rules_settings_query_delay_client.ts @@ -0,0 +1,179 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import Boom from '@hapi/boom'; +import { + Logger, + SavedObjectsClientContract, + SavedObject, + SavedObjectsErrorHelpers, +} from '@kbn/core/server'; +import { + RulesSettings, + RulesSettingsModificationMetadata, + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID, + RulesSettingsQueryDelayProperties, + MIN_QUERY_DELAY, + MAX_QUERY_DELAY, + RulesSettingsQueryDelay, + DEFAULT_SERVERLESS_QUERY_DELAY_SETTINGS, + DEFAULT_QUERY_DELAY_SETTINGS, +} from '../../../common'; +import { retryIfConflicts } from '../../lib/retry_if_conflicts'; +import { queryDelaySchema } from '../schemas'; + +const verifyQueryDelaySettings = (settings: RulesSettingsQueryDelayProperties) => { + const { delay } = settings; + + if (delay < MIN_QUERY_DELAY || delay > MAX_QUERY_DELAY) { + throw Boom.badRequest( + `Invalid query delay value, must be between ${MIN_QUERY_DELAY} and ${MAX_QUERY_DELAY}, but got: ${delay}.` + ); + } +}; + +export interface RulesSettingsQueryDelayClientConstructorOptions { + readonly logger: Logger; + readonly savedObjectsClient: SavedObjectsClientContract; + readonly isServerless: boolean; + readonly getModificationMetadata: () => Promise; +} + +export class RulesSettingsQueryDelayClient { + private readonly logger: Logger; + private readonly savedObjectsClient: SavedObjectsClientContract; + private readonly isServerless: boolean; + private readonly getModificationMetadata: () => Promise; + + constructor(options: RulesSettingsQueryDelayClientConstructorOptions) { + this.logger = options.logger; + this.savedObjectsClient = options.savedObjectsClient; + this.isServerless = options.isServerless; + this.getModificationMetadata = options.getModificationMetadata; + } + + public async get(): Promise { + const rulesSettings = await this.getOrCreate(); + if (!rulesSettings.attributes.queryDelay) { + this.logger.error('Failed to get query delay rules setting for current space.'); + throw new Error( + 'Failed to get query delay rules setting for current space. Query delay settings are undefined' + ); + } + return rulesSettings.attributes.queryDelay; + } + + public async update(newQueryDelayProperties: RulesSettingsQueryDelayProperties) { + return await retryIfConflicts( + this.logger, + 'ruleSettingsClient.queryDelay.update()', + async () => await this.updateWithOCC(newQueryDelayProperties) + ); + } + + private async updateWithOCC(newQueryDelayProperties: RulesSettingsQueryDelayProperties) { + try { + queryDelaySchema.validate(newQueryDelayProperties); + verifyQueryDelaySettings(newQueryDelayProperties); + } catch (e) { + this.logger.error( + `Failed to verify new query delay settings properties when updating. Error: ${e}` + ); + throw e; + } + + const { attributes, version } = await this.getOrCreate(); + if (!attributes.queryDelay) { + throw new Error('Query delay settings are undefined'); + } + + const modificationMetadata = await this.getModificationMetadata(); + try { + const result = await this.savedObjectsClient.update( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID, + { + queryDelay: { + ...attributes.queryDelay, + ...newQueryDelayProperties, + updatedAt: modificationMetadata.updatedAt, + updatedBy: modificationMetadata.updatedBy, + }, + }, + { + version, + } + ); + + if (!result.attributes.queryDelay) { + throw new Error('Query delay settings are undefined'); + } + return result.attributes.queryDelay; + } catch (e) { + const errorMessage = 'savedObjectsClient errored trying to update query delay settings'; + this.logger.error(`${errorMessage}: ${e}`); + throw Boom.boomify(e, { message: errorMessage }); + } + } + + public async getSettings(): Promise> { + try { + return await this.savedObjectsClient.get( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID + ); + } catch (e) { + this.logger.error(`Failed to get query delay rules setting for current space. Error: ${e}`); + throw e; + } + } + + public async createSettings(): Promise> { + const modificationMetadata = await this.getModificationMetadata(); + const defaultQueryDelaySettings = this.isServerless + ? DEFAULT_SERVERLESS_QUERY_DELAY_SETTINGS + : DEFAULT_QUERY_DELAY_SETTINGS; + try { + return await this.savedObjectsClient.create( + RULES_SETTINGS_SAVED_OBJECT_TYPE, + { + queryDelay: { + ...defaultQueryDelaySettings, + ...modificationMetadata, + }, + }, + { + id: RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID, + overwrite: true, + } + ); + } catch (e) { + this.logger.error( + `Failed to create query delay rules setting for current space. Error: ${e}` + ); + throw e; + } + } + + /** + * Helper function to ensure that a rules-settings saved object always exists. + * Ensures the creation of the saved object is done lazily during retrieval. + */ + private async getOrCreate(): Promise> { + try { + return await this.getSettings(); + } catch (e) { + if (SavedObjectsErrorHelpers.isNotFoundError(e)) { + this.logger.info('Creating new default query delay rules settings for current space.'); + return await this.createSettings(); + } + this.logger.error(`Failed to get query delay rules setting for current space. Error: ${e}`); + throw e; + } + } +} diff --git a/x-pack/plugins/alerting/server/rules_settings_client/rules_settings_client.test.ts b/x-pack/plugins/alerting/server/rules_settings_client/rules_settings_client.test.ts index a40c491b9117e..314e28cd6f245 100644 --- a/x-pack/plugins/alerting/server/rules_settings_client/rules_settings_client.test.ts +++ b/x-pack/plugins/alerting/server/rules_settings_client/rules_settings_client.test.ts @@ -11,16 +11,7 @@ import { } from './rules_settings_client'; import { RulesSettingsFlappingClient } from './flapping/rules_settings_flapping_client'; import { savedObjectsClientMock, loggingSystemMock } from '@kbn/core/server/mocks'; -import { SavedObjectsErrorHelpers } from '@kbn/core/server'; -import { - RULES_SETTINGS_FEATURE_ID, - RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID, - DEFAULT_FLAPPING_SETTINGS, - RulesSettings, -} from '../../common'; - -const mockDateString = '2019-02-12T21:01:22.479Z'; +import { RulesSettingsQueryDelayClient } from './query_delay/rules_settings_query_delay_client'; const savedObjectsClient = savedObjectsClientMock.create(); @@ -28,258 +19,17 @@ const rulesSettingsClientParams: jest.Mocked { - return { - flapping: { - enabled: DEFAULT_FLAPPING_SETTINGS.enabled, - lookBackWindow: DEFAULT_FLAPPING_SETTINGS.lookBackWindow, - statusChangeThreshold: DEFAULT_FLAPPING_SETTINGS.statusChangeThreshold, - createdBy: 'test name', - updatedBy: 'test name', - createdAt: new Date().toISOString(), - updatedAt: new Date().toISOString(), - }, - }; + isServerless: false, }; describe('RulesSettingsClient', () => { - beforeAll(() => { - jest.useFakeTimers(); - jest.setSystemTime(new Date(mockDateString)); - }); - afterAll(() => { - jest.useRealTimers(); - }); - - beforeEach(() => { jest.resetAllMocks(); - rulesSettingsClientParams.getUserName.mockResolvedValue('test name'); }); test('can initialize correctly', async () => { const client = new RulesSettingsClient(rulesSettingsClientParams); expect(client.flapping()).toEqual(expect.any(RulesSettingsFlappingClient)); - }); - - test('can create a new rules settings saved object', async () => { - const client = new RulesSettingsClient(rulesSettingsClientParams); - const mockAttributes = getMockRulesSettings(); - - savedObjectsClient.create.mockResolvedValueOnce({ - id: RULES_SETTINGS_FEATURE_ID, - type: RULES_SETTINGS_SAVED_OBJECT_TYPE, - attributes: mockAttributes, - references: [], - }); - - const result = await client.create(); - - expect(savedObjectsClient.create).toHaveBeenCalledTimes(1); - expect(savedObjectsClient.create).toHaveBeenCalledWith( - RULES_SETTINGS_SAVED_OBJECT_TYPE, - { - flapping: expect.objectContaining({ - enabled: mockAttributes.flapping.enabled, - lookBackWindow: mockAttributes.flapping.lookBackWindow, - statusChangeThreshold: mockAttributes.flapping.statusChangeThreshold, - createdBy: 'test name', - updatedBy: 'test name', - createdAt: expect.any(String), - updatedAt: expect.any(String), - }), - }, - { - id: RULES_SETTINGS_SAVED_OBJECT_ID, - overwrite: true, - } - ); - expect(result.attributes).toEqual(mockAttributes); - }); - - test('can get existing rules settings saved object', async () => { - const client = new RulesSettingsClient(rulesSettingsClientParams); - const mockAttributes = getMockRulesSettings(); - - savedObjectsClient.get.mockResolvedValueOnce({ - id: RULES_SETTINGS_FEATURE_ID, - type: RULES_SETTINGS_SAVED_OBJECT_TYPE, - attributes: mockAttributes, - references: [], - }); - const result = await client.get(); - expect(result.attributes).toEqual(mockAttributes); - }); - - test('throws if there is no existing saved object to get', async () => { - const client = new RulesSettingsClient(rulesSettingsClientParams); - - savedObjectsClient.get.mockRejectedValueOnce( - SavedObjectsErrorHelpers.createGenericNotFoundError( - RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID - ) - ); - await expect(client.get()).rejects.toThrowError(); - }); - - test('can persist flapping settings when saved object does not exist', async () => { - const client = new RulesSettingsClient(rulesSettingsClientParams); - const mockAttributes = getMockRulesSettings(); - savedObjectsClient.get.mockRejectedValueOnce( - SavedObjectsErrorHelpers.createGenericNotFoundError( - RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID - ) - ); - - savedObjectsClient.create.mockResolvedValueOnce({ - id: RULES_SETTINGS_FEATURE_ID, - type: RULES_SETTINGS_SAVED_OBJECT_TYPE, - attributes: mockAttributes, - references: [], - }); - - const result = await client.flapping().get(); - - expect(savedObjectsClient.get).toHaveBeenCalledWith( - RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID - ); - - expect(savedObjectsClient.create).toHaveBeenCalledWith( - RULES_SETTINGS_SAVED_OBJECT_TYPE, - { - flapping: expect.objectContaining({ - enabled: mockAttributes.flapping.enabled, - lookBackWindow: mockAttributes.flapping.lookBackWindow, - statusChangeThreshold: mockAttributes.flapping.statusChangeThreshold, - createdBy: 'test name', - updatedBy: 'test name', - createdAt: expect.any(String), - updatedAt: expect.any(String), - }), - }, - { - id: RULES_SETTINGS_SAVED_OBJECT_ID, - overwrite: true, - } - ); - expect(result).toEqual(mockAttributes.flapping); - }); - - test('can persist flapping settings when saved object already exists', async () => { - const client = new RulesSettingsClient(rulesSettingsClientParams); - const mockAttributes = getMockRulesSettings(); - - savedObjectsClient.get.mockResolvedValueOnce({ - id: RULES_SETTINGS_FEATURE_ID, - type: RULES_SETTINGS_SAVED_OBJECT_TYPE, - attributes: mockAttributes, - references: [], - }); - - const result = await client.flapping().get(); - - expect(savedObjectsClient.get).toHaveBeenCalledWith( - RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID - ); - expect(savedObjectsClient.create).not.toHaveBeenCalled(); - expect(result).toEqual(mockAttributes.flapping); - }); - - test('can update flapping settings when saved object does not exist', async () => { - const client = new RulesSettingsClient(rulesSettingsClientParams); - const mockAttributes = getMockRulesSettings(); - - savedObjectsClient.get.mockRejectedValueOnce( - SavedObjectsErrorHelpers.createGenericNotFoundError( - RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID - ) - ); - - const mockResolve = { - id: RULES_SETTINGS_FEATURE_ID, - type: RULES_SETTINGS_SAVED_OBJECT_TYPE, - attributes: mockAttributes, - references: [], - version: '123', - }; - - savedObjectsClient.create.mockResolvedValueOnce(mockResolve); - savedObjectsClient.update.mockResolvedValueOnce({ - ...mockResolve, - attributes: { - flapping: { - ...mockResolve.attributes.flapping, - enabled: false, - lookBackWindow: 5, - statusChangeThreshold: 5, - }, - }, - }); - - // Try to update with new values - const result = await client.flapping().update({ - enabled: false, - lookBackWindow: 5, - statusChangeThreshold: 5, - }); - - // Tried to get first, but no results - expect(savedObjectsClient.get).toHaveBeenCalledWith( - RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID - ); - - // So create a new entry - expect(savedObjectsClient.create).toHaveBeenCalledWith( - RULES_SETTINGS_SAVED_OBJECT_TYPE, - { - flapping: expect.objectContaining({ - enabled: mockAttributes.flapping.enabled, - lookBackWindow: mockAttributes.flapping.lookBackWindow, - statusChangeThreshold: mockAttributes.flapping.statusChangeThreshold, - createdBy: 'test name', - updatedBy: 'test name', - createdAt: expect.any(String), - updatedAt: expect.any(String), - }), - }, - { - id: RULES_SETTINGS_SAVED_OBJECT_ID, - overwrite: true, - } - ); - - // Try to update with version - expect(savedObjectsClient.update).toHaveBeenCalledWith( - RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID, - { - flapping: expect.objectContaining({ - enabled: false, - lookBackWindow: 5, - statusChangeThreshold: 5, - createdBy: 'test name', - updatedBy: 'test name', - createdAt: expect.any(String), - updatedAt: expect.any(String), - }), - }, - { version: '123' } - ); - - expect(result).toEqual( - expect.objectContaining({ - enabled: false, - lookBackWindow: 5, - statusChangeThreshold: 5, - }) - ); + expect(client.queryDelay()).toEqual(expect.any(RulesSettingsQueryDelayClient)); }); }); diff --git a/x-pack/plugins/alerting/server/rules_settings_client/rules_settings_client.ts b/x-pack/plugins/alerting/server/rules_settings_client/rules_settings_client.ts index f723119d2de80..50e7650f42ff5 100644 --- a/x-pack/plugins/alerting/server/rules_settings_client/rules_settings_client.ts +++ b/x-pack/plugins/alerting/server/rules_settings_client/rules_settings_client.ts @@ -5,24 +5,15 @@ * 2.0. */ -import { - Logger, - SavedObjectsClientContract, - SavedObject, - SavedObjectsErrorHelpers, -} from '@kbn/core/server'; +import { Logger, SavedObjectsClientContract } from '@kbn/core/server'; import { RulesSettingsFlappingClient } from './flapping/rules_settings_flapping_client'; -import { - RulesSettings, - DEFAULT_FLAPPING_SETTINGS, - RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID, -} from '../../common'; +import { RulesSettingsQueryDelayClient } from './query_delay/rules_settings_query_delay_client'; export interface RulesSettingsClientConstructorOptions { readonly logger: Logger; readonly savedObjectsClient: SavedObjectsClientContract; readonly getUserName: () => Promise; + readonly isServerless: boolean; } export class RulesSettingsClient { @@ -30,16 +21,25 @@ export class RulesSettingsClient { private readonly savedObjectsClient: SavedObjectsClientContract; private readonly getUserName: () => Promise; private readonly _flapping: RulesSettingsFlappingClient; + private readonly _queryDelay: RulesSettingsQueryDelayClient; + private readonly isServerless: boolean; constructor(options: RulesSettingsClientConstructorOptions) { this.logger = options.logger; this.savedObjectsClient = options.savedObjectsClient; this.getUserName = options.getUserName; + this.isServerless = options.isServerless; this._flapping = new RulesSettingsFlappingClient({ logger: this.logger, savedObjectsClient: this.savedObjectsClient, - getOrCreate: this.getOrCreate.bind(this), + getModificationMetadata: this.getModificationMetadata.bind(this), + }); + + this._queryDelay = new RulesSettingsQueryDelayClient({ + logger: this.logger, + savedObjectsClient: this.savedObjectsClient, + isServerless: this.isServerless, getModificationMetadata: this.getModificationMetadata.bind(this), }); } @@ -56,59 +56,11 @@ export class RulesSettingsClient { }; } - public async get(): Promise> { - try { - return await this.savedObjectsClient.get( - RULES_SETTINGS_SAVED_OBJECT_TYPE, - RULES_SETTINGS_SAVED_OBJECT_ID - ); - } catch (e) { - this.logger.error(`Failed to get rules setting for current space. Error: ${e}`); - throw e; - } - } - - public async create(): Promise> { - const modificationMetadata = await this.getModificationMetadata(); - - try { - return await this.savedObjectsClient.create( - RULES_SETTINGS_SAVED_OBJECT_TYPE, - { - flapping: { - ...DEFAULT_FLAPPING_SETTINGS, - ...modificationMetadata, - }, - }, - { - id: RULES_SETTINGS_SAVED_OBJECT_ID, - overwrite: true, - } - ); - } catch (e) { - this.logger.error(`Failed to create rules setting for current space. Error: ${e}`); - throw e; - } - } - - /** - * Helper function to ensure that a rules-settings saved object always exists. - * Ensures the creation of the saved object is done lazily during retrieval. - */ - private async getOrCreate(): Promise> { - try { - return await this.get(); - } catch (e) { - if (SavedObjectsErrorHelpers.isNotFoundError(e)) { - this.logger.info('Creating new default rules settings for current space.'); - return await this.create(); - } - this.logger.error(`Failed to persist rules setting for current space. Error: ${e}`); - throw e; - } - } - public flapping(): RulesSettingsFlappingClient { return this._flapping; } + + public queryDelay(): RulesSettingsQueryDelayClient { + return this._queryDelay; + } } diff --git a/x-pack/plugins/alerting/server/rules_settings_client/schemas/flapping_schema.ts b/x-pack/plugins/alerting/server/rules_settings_client/schemas/flapping_schema.ts new file mode 100644 index 0000000000000..a9765fe826bef --- /dev/null +++ b/x-pack/plugins/alerting/server/rules_settings_client/schemas/flapping_schema.ts @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { schema } from '@kbn/config-schema'; + +export const flappingSchema = schema.object({ + enabled: schema.boolean(), + lookBackWindow: schema.number(), + statusChangeThreshold: schema.number(), +}); diff --git a/x-pack/plugins/alerting/server/rules_settings_client/schemas/index.ts b/x-pack/plugins/alerting/server/rules_settings_client/schemas/index.ts new file mode 100644 index 0000000000000..03ee6f939a233 --- /dev/null +++ b/x-pack/plugins/alerting/server/rules_settings_client/schemas/index.ts @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { flappingSchema } from './flapping_schema'; +export { queryDelaySchema } from './query_delay_schema'; diff --git a/x-pack/plugins/alerting/server/rules_settings_client/schemas/query_delay_schema.ts b/x-pack/plugins/alerting/server/rules_settings_client/schemas/query_delay_schema.ts new file mode 100644 index 0000000000000..613dd9646846f --- /dev/null +++ b/x-pack/plugins/alerting/server/rules_settings_client/schemas/query_delay_schema.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { schema } from '@kbn/config-schema'; + +export const queryDelaySchema = schema.object({ + delay: schema.number(), +}); diff --git a/x-pack/plugins/alerting/server/rules_settings_client_factory.test.ts b/x-pack/plugins/alerting/server/rules_settings_client_factory.test.ts index a91e6697a4d8c..bb278dbf50cdd 100644 --- a/x-pack/plugins/alerting/server/rules_settings_client_factory.test.ts +++ b/x-pack/plugins/alerting/server/rules_settings_client_factory.test.ts @@ -30,6 +30,7 @@ const securityPluginStart = securityMock.createStart(); const rulesSettingsClientFactoryParams: jest.Mocked = { logger: loggingSystemMock.create().get(), savedObjectsService, + isServerless: false, }; beforeEach(() => { @@ -58,6 +59,7 @@ test('creates a rules settings client with proper constructor arguments when sec logger: rulesSettingsClientFactoryParams.logger, savedObjectsClient, getUserName: expect.any(Function), + isServerless: false, }); }); @@ -80,6 +82,7 @@ test('creates a rules settings client with proper constructor arguments', async logger: rulesSettingsClientFactoryParams.logger, savedObjectsClient, getUserName: expect.any(Function), + isServerless: false, }); }); @@ -106,6 +109,7 @@ test('creates an unauthorized rules settings client', async () => { logger: rulesSettingsClientFactoryParams.logger, savedObjectsClient, getUserName: expect.any(Function), + isServerless: false, }); }); diff --git a/x-pack/plugins/alerting/server/rules_settings_client_factory.ts b/x-pack/plugins/alerting/server/rules_settings_client_factory.ts index 619e498c6b988..f69068ee3cb65 100644 --- a/x-pack/plugins/alerting/server/rules_settings_client_factory.ts +++ b/x-pack/plugins/alerting/server/rules_settings_client_factory.ts @@ -18,6 +18,7 @@ import { RULES_SETTINGS_SAVED_OBJECT_TYPE } from '../common'; export interface RulesSettingsClientFactoryOpts { logger: Logger; savedObjectsService: SavedObjectsServiceStart; + isServerless: boolean; securityPluginStart?: SecurityPluginStart; } @@ -26,6 +27,7 @@ export class RulesSettingsClientFactory { private logger!: Logger; private savedObjectsService!: SavedObjectsServiceStart; private securityPluginStart?: SecurityPluginStart; + private isServerless = false; public initialize(options: RulesSettingsClientFactoryOpts) { if (this.isInitialized) { @@ -35,6 +37,7 @@ export class RulesSettingsClientFactory { this.logger = options.logger; this.savedObjectsService = options.savedObjectsService; this.securityPluginStart = options.securityPluginStart; + this.isServerless = options.isServerless; } private createRulesSettingsClient(request: KibanaRequest, withAuth: boolean) { @@ -54,6 +57,7 @@ export class RulesSettingsClientFactory { const user = securityPluginStart.authc.getCurrentUser(request); return user ? user.username : null; }, + isServerless: this.isServerless, }); } diff --git a/x-pack/plugins/alerting/server/rules_settings_feature.ts b/x-pack/plugins/alerting/server/rules_settings_feature.ts index 5c420fd32bd3c..2d39b9290a0cd 100644 --- a/x-pack/plugins/alerting/server/rules_settings_feature.ts +++ b/x-pack/plugins/alerting/server/rules_settings_feature.ts @@ -14,6 +14,8 @@ import { ALL_FLAPPING_SETTINGS_SUB_FEATURE_ID, API_PRIVILEGES, RULES_SETTINGS_SAVED_OBJECT_TYPE, + ALL_QUERY_DELAY_SETTINGS_SUB_FEATURE_ID, + READ_QUERY_DELAY_SETTINGS_SUB_FEATURE_ID, } from '../common'; export const rulesSettingsFeature: KibanaFeatureConfig = { @@ -87,5 +89,42 @@ export const rulesSettingsFeature: KibanaFeatureConfig = { }, ], }, + { + name: i18n.translate('xpack.alerting.feature.queryDelaySettingsSubFeatureName', { + defaultMessage: 'Query delay', + }), + privilegeGroups: [ + { + groupType: 'mutually_exclusive', + privileges: [ + { + api: [ + API_PRIVILEGES.READ_QUERY_DELAY_SETTINGS, + API_PRIVILEGES.WRITE_QUERY_DELAY_SETTINGS, + ], + name: 'All', + id: ALL_QUERY_DELAY_SETTINGS_SUB_FEATURE_ID, + includeIn: 'all', + savedObject: { + all: [RULES_SETTINGS_SAVED_OBJECT_TYPE], + read: [], + }, + ui: ['writeQueryDelaySettingsUI', 'readQueryDelaySettingsUI'], + }, + { + api: [API_PRIVILEGES.READ_QUERY_DELAY_SETTINGS], + name: 'Read', + id: READ_QUERY_DELAY_SETTINGS_SUB_FEATURE_ID, + includeIn: 'read', + savedObject: { + all: [], + read: [RULES_SETTINGS_SAVED_OBJECT_TYPE], + }, + ui: ['readQueryDelaySettingsUI'], + }, + ], + }, + ], + }, ], }; diff --git a/x-pack/plugins/alerting/server/task_runner/task_runner.ts b/x-pack/plugins/alerting/server/task_runner/task_runner.ts index 4dd391cc4f801..3cc9c2359c272 100644 --- a/x-pack/plugins/alerting/server/task_runner/task_runner.ts +++ b/x-pack/plugins/alerting/server/task_runner/task_runner.ts @@ -80,6 +80,7 @@ import { RuleResultService } from '../monitoring/rule_result_service'; import { LegacyAlertsClient } from '../alerts_client'; import { IAlertsClient } from '../alerts_client/types'; import { MaintenanceWindow } from '../application/maintenance_window/types'; +import { getTimeRange } from '../lib/get_time_range'; const FALLBACK_RETRY_INTERVAL = '5m'; const CONNECTIVITY_RETRY_INTERVAL = '5m'; @@ -324,6 +325,7 @@ export class TaskRunner< const rulesSettingsClient = this.context.getRulesSettingsClientWithRequest(fakeRequest); const flappingSettings = await rulesSettingsClient.flapping().get(); + const queryDelaySettings = await rulesSettingsClient.queryDelay().get(); const alertsClientParams = { logger: this.logger, @@ -514,6 +516,8 @@ export class TaskRunner< logger: this.logger, flappingSettings, ...(maintenanceWindowIds.length ? { maintenanceWindowIds } : {}), + getTimeRange: (timeWindow) => + getTimeRange(this.logger, queryDelaySettings, timeWindow), }) ); diff --git a/x-pack/plugins/alerting/server/types.ts b/x-pack/plugins/alerting/server/types.ts index 66e2c3bfa6069..26eed5f254bc9 100644 --- a/x-pack/plugins/alerting/server/types.ts +++ b/x-pack/plugins/alerting/server/types.ts @@ -28,7 +28,11 @@ import { Filter } from '@kbn/es-query'; import { RuleTypeRegistry as OrigruleTypeRegistry } from './rule_type_registry'; import { PluginSetupContract, PluginStartContract } from './plugin'; import { RulesClient } from './rules_client'; -import { RulesSettingsClient, RulesSettingsFlappingClient } from './rules_settings_client'; +import { + RulesSettingsClient, + RulesSettingsFlappingClient, + RulesSettingsQueryDelayClient, +} from './rules_settings_client'; import { MaintenanceWindowClient } from './maintenance_window_client'; export * from '../common'; import { @@ -135,6 +139,7 @@ export interface RuleExecutorOptions< namespace?: string; flappingSettings: RulesSettingsFlappingProperties; maintenanceWindowIds?: string[]; + getTimeRange: (timeWindow?: string) => { dateStart: string; dateEnd: string }; } export interface RuleParamsAndRefs { @@ -372,6 +377,7 @@ export type RulesClientApi = PublicMethodsOf; export type RulesSettingsClientApi = PublicMethodsOf; export type RulesSettingsFlappingClientApi = PublicMethodsOf; +export type RulesSettingsQueryDelayClientApi = PublicMethodsOf; export type MaintenanceWindowClientApi = PublicMethodsOf; diff --git a/x-pack/plugins/apm/server/routes/alerts/rule_types/anomaly/register_anomaly_rule_type.test.ts b/x-pack/plugins/apm/server/routes/alerts/rule_types/anomaly/register_anomaly_rule_type.test.ts index 611ca43499c6a..28f08cdc72811 100644 --- a/x-pack/plugins/apm/server/routes/alerts/rule_types/anomaly/register_anomaly_rule_type.test.ts +++ b/x-pack/plugins/apm/server/routes/alerts/rule_types/anomaly/register_anomaly_rule_type.test.ts @@ -103,7 +103,11 @@ describe('Transaction duration anomaly alert', () => { ml, }); - const params = { anomalySeverityType: ML_ANOMALY_SEVERITY.MINOR }; + const params = { + anomalySeverityType: ML_ANOMALY_SEVERITY.MINOR, + windowSize: 5, + windowUnit: 'm', + }; await executor({ params }); diff --git a/x-pack/plugins/apm/server/routes/alerts/rule_types/anomaly/register_anomaly_rule_type.ts b/x-pack/plugins/apm/server/routes/alerts/rule_types/anomaly/register_anomaly_rule_type.ts index d318f6ec4a44d..b74db63061306 100644 --- a/x-pack/plugins/apm/server/routes/alerts/rule_types/anomaly/register_anomaly_rule_type.ts +++ b/x-pack/plugins/apm/server/routes/alerts/rule_types/anomaly/register_anomaly_rule_type.ts @@ -97,7 +97,13 @@ export function registerAnomalyRuleType({ producer: 'apm', minimumLicenseRequired: 'basic', isExportable: true, - executor: async ({ params, services, spaceId, startedAt }) => { + executor: async ({ + params, + services, + spaceId, + startedAt, + getTimeRange, + }) => { if (!ml) { return { state: {} }; } @@ -144,12 +150,14 @@ export function registerAnomalyRuleType({ } // start time must be at least 30, does like this to support rules created before this change where default was 15 - const startTime = Math.min( - datemath.parse('now-30m')!.valueOf(), + const window = + datemath.parse('now-30m')!.valueOf() > datemath - .parse(`now-${ruleParams.windowSize}${ruleParams.windowUnit}`) - ?.valueOf() || 0 - ); + .parse(`now-${ruleParams.windowSize}${ruleParams.windowUnit}`)! + .valueOf() + ? '30m' + : `${ruleParams.windowSize}${ruleParams.windowUnit}`; + const { dateStart } = getTimeRange(window); const jobIds = mlJobs.map((job) => job.jobId); const anomalySearchParams = { @@ -165,7 +173,7 @@ export function registerAnomalyRuleType({ { range: { timestamp: { - gte: startTime, + gte: dateStart, format: 'epoch_millis', }, }, diff --git a/x-pack/plugins/apm/server/routes/alerts/rule_types/error_count/register_error_count_rule_type.ts b/x-pack/plugins/apm/server/routes/alerts/rule_types/error_count/register_error_count_rule_type.ts index 4ecade37780d9..6a0a5b8fdbbe6 100644 --- a/x-pack/plugins/apm/server/routes/alerts/rule_types/error_count/register_error_count_rule_type.ts +++ b/x-pack/plugins/apm/server/routes/alerts/rule_types/error_count/register_error_count_rule_type.ts @@ -104,6 +104,7 @@ export function registerErrorCountRuleType({ services, spaceId, startedAt, + getTimeRange, }) => { const allGroupByFields = getAllGroupByFields( ApmRuleType.ErrorCount, @@ -131,6 +132,10 @@ export function registerErrorCountRuleType({ ] : []; + const { dateStart } = getTimeRange( + `${ruleParams.windowSize}${ruleParams.windowUnit}` + ); + const searchParams = { index: indices.error, body: { @@ -142,7 +147,7 @@ export function registerErrorCountRuleType({ { range: { '@timestamp': { - gte: `now-${ruleParams.windowSize}${ruleParams.windowUnit}`, + gte: dateStart, }, }, }, diff --git a/x-pack/plugins/apm/server/routes/alerts/rule_types/transaction_duration/register_transaction_duration_rule_type.ts b/x-pack/plugins/apm/server/routes/alerts/rule_types/transaction_duration/register_transaction_duration_rule_type.ts index cbfb5db627100..3789a55e6e4e0 100644 --- a/x-pack/plugins/apm/server/routes/alerts/rule_types/transaction_duration/register_transaction_duration_rule_type.ts +++ b/x-pack/plugins/apm/server/routes/alerts/rule_types/transaction_duration/register_transaction_duration_rule_type.ts @@ -111,7 +111,12 @@ export function registerTransactionDurationRuleType({ producer: APM_SERVER_FEATURE_ID, minimumLicenseRequired: 'basic', isExportable: true, - executor: async ({ params: ruleParams, services, spaceId }) => { + executor: async ({ + params: ruleParams, + services, + spaceId, + getTimeRange, + }) => { const allGroupByFields = getAllGroupByFields( ApmRuleType.TransactionDuration, ruleParams.groupBy @@ -152,6 +157,10 @@ export function registerTransactionDurationRuleType({ ] : []; + const { dateStart } = getTimeRange( + `${ruleParams.windowSize}${ruleParams.windowUnit}` + ); + const searchParams = { index, body: { @@ -163,7 +172,7 @@ export function registerTransactionDurationRuleType({ { range: { '@timestamp': { - gte: `now-${ruleParams.windowSize}${ruleParams.windowUnit}`, + gte: dateStart, }, }, }, diff --git a/x-pack/plugins/apm/server/routes/alerts/rule_types/transaction_error_rate/register_transaction_error_rate_rule_type.ts b/x-pack/plugins/apm/server/routes/alerts/rule_types/transaction_error_rate/register_transaction_error_rate_rule_type.ts index d7c700c42071c..7e3c7bce8baf3 100644 --- a/x-pack/plugins/apm/server/routes/alerts/rule_types/transaction_error_rate/register_transaction_error_rate_rule_type.ts +++ b/x-pack/plugins/apm/server/routes/alerts/rule_types/transaction_error_rate/register_transaction_error_rate_rule_type.ts @@ -113,6 +113,7 @@ export function registerTransactionErrorRateRuleType({ spaceId, params: ruleParams, startedAt, + getTimeRange, }) => { const allGroupByFields = getAllGroupByFields( ApmRuleType.TransactionErrorRate, @@ -154,6 +155,10 @@ export function registerTransactionErrorRateRuleType({ ] : []; + const { dateStart } = getTimeRange( + `${ruleParams.windowSize}${ruleParams.windowUnit}` + ); + const searchParams = { index, body: { @@ -165,7 +170,7 @@ export function registerTransactionErrorRateRuleType({ { range: { '@timestamp': { - gte: `now-${ruleParams.windowSize}${ruleParams.windowUnit}`, + gte: dateStart, }, }, }, diff --git a/x-pack/plugins/apm/server/routes/alerts/test_utils/index.ts b/x-pack/plugins/apm/server/routes/alerts/test_utils/index.ts index 185af5a5496e7..b4b5692708456 100644 --- a/x-pack/plugins/apm/server/routes/alerts/test_utils/index.ts +++ b/x-pack/plugins/apm/server/routes/alerts/test_utils/index.ts @@ -95,6 +95,10 @@ export const createRuleTypeMocks = () => { }, startedAt: new Date(), flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange: () => { + const date = new Date(Date.now()).toISOString(); + return { dateStart: date, dateEnd: date }; + }, }); }, }; diff --git a/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/inventory_metric_threshold_executor.test.ts b/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/inventory_metric_threshold_executor.test.ts index a47008a0fbaf1..29c4bfe0a159a 100644 --- a/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/inventory_metric_threshold_executor.test.ts +++ b/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/inventory_metric_threshold_executor.test.ts @@ -83,6 +83,10 @@ const mockOptions = { }, logger, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange: () => { + const date = new Date().toISOString(); + return { dateStart: date, dateEnd: date }; + }, }; const setEvaluationResults = (response: Record) => { diff --git a/x-pack/plugins/infra/server/lib/alerting/metric_threshold/metric_threshold_executor.test.ts b/x-pack/plugins/infra/server/lib/alerting/metric_threshold/metric_threshold_executor.test.ts index b5b0c1973307b..f3bd6972eeea6 100644 --- a/x-pack/plugins/infra/server/lib/alerting/metric_threshold/metric_threshold_executor.test.ts +++ b/x-pack/plugins/infra/server/lib/alerting/metric_threshold/metric_threshold_executor.test.ts @@ -73,6 +73,10 @@ const mockOptions = { }, logger, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange: () => { + const date = STARTED_AT_MOCK_DATE.toISOString(); + return { dateStart: date, dateEnd: date }; + }, }; const setEvaluationResults = (response: Array>) => { diff --git a/x-pack/plugins/observability/server/lib/rules/custom_threshold/custom_threshold_executor.test.ts b/x-pack/plugins/observability/server/lib/rules/custom_threshold/custom_threshold_executor.test.ts index 2803fcefcb6ee..46a39f397957e 100644 --- a/x-pack/plugins/observability/server/lib/rules/custom_threshold/custom_threshold_executor.test.ts +++ b/x-pack/plugins/observability/server/lib/rules/custom_threshold/custom_threshold_executor.test.ts @@ -127,6 +127,10 @@ const mockOptions = { }, logger, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange: () => { + const date = STARTED_AT_MOCK_DATE.toISOString(); + return { dateStart: date, dateEnd: date }; + }, }; const setEvaluationResults = (response: Array>) => { diff --git a/x-pack/plugins/observability/server/lib/rules/custom_threshold/custom_threshold_executor.ts b/x-pack/plugins/observability/server/lib/rules/custom_threshold/custom_threshold_executor.ts index 1f57c215e51a7..972fcaec08892 100644 --- a/x-pack/plugins/observability/server/lib/rules/custom_threshold/custom_threshold_executor.ts +++ b/x-pack/plugins/observability/server/lib/rules/custom_threshold/custom_threshold_executor.ts @@ -127,6 +127,7 @@ export const createMetricThresholdExecutor = ({ executionId, spaceId, rule: { id: ruleId }, + getTimeRange, } = options; const { criteria } = params; @@ -191,6 +192,8 @@ export const createMetricThresholdExecutor = ({ throw new Error('The selected data view does not have a timestamp field'); } + // Calculate initial start and end date with no time window, as each criteria has it's own time window + const { dateStart, dateEnd } = getTimeRange(); const alertResults = await evaluateRule( services.scopedClusterClient.asCurrentUser, params as EvaluatedRuleParams, @@ -199,8 +202,8 @@ export const createMetricThresholdExecutor = ({ compositeSize, alertOnGroupDisappear, logger, + { end: dateEnd, start: dateStart }, state.lastRunTimestamp, - { end: startedAt.valueOf() }, convertStringsToMissingGroupsRecord(previousMissingGroups) ); diff --git a/x-pack/plugins/observability/server/lib/rules/custom_threshold/lib/create_timerange.test.ts b/x-pack/plugins/observability/server/lib/rules/custom_threshold/lib/create_timerange.test.ts index c48ce1d9ab50d..41109fbeae912 100644 --- a/x-pack/plugins/observability/server/lib/rules/custom_threshold/lib/create_timerange.test.ts +++ b/x-pack/plugins/observability/server/lib/rules/custom_threshold/lib/create_timerange.test.ts @@ -11,123 +11,73 @@ import moment from 'moment'; import { createTimerange } from './create_timerange'; describe('createTimerange(interval, aggType, timeframe)', () => { - describe('without timeframe', () => { - describe('Basic Metric Aggs', () => { - it('should return a second range for last 1 second', () => { - const subject = createTimerange(1000, Aggregators.COUNT); - expect(subject.end - subject.start).toEqual(1000); - }); - it('should return a minute range for last 1 minute', () => { - const subject = createTimerange(60000, Aggregators.COUNT); - expect(subject.end - subject.start).toEqual(60000); - }); - it('should return 5 minute range for last 5 minutes', () => { - const subject = createTimerange(300000, Aggregators.COUNT); - expect(subject.end - subject.start).toEqual(300000); - }); - it('should return a hour range for last 1 hour', () => { - const subject = createTimerange(3600000, Aggregators.COUNT); - expect(subject.end - subject.start).toEqual(3600000); - }); - it('should return a day range for last 1 day', () => { - const subject = createTimerange(86400000, Aggregators.COUNT); - expect(subject.end - subject.start).toEqual(86400000); - }); + const end = moment(); + const timeframe = { + start: end.clone().toISOString(), + end: end.toISOString(), + }; + describe('Basic Metric Aggs', () => { + it('should return a second range for last 1 second', () => { + const subject = createTimerange(1000, Aggregators.COUNT, timeframe); + expect(subject.end - subject.start).toEqual(1000); }); - describe('Rate Aggs', () => { - it('should return a 20 second range for last 1 second', () => { - const subject = createTimerange(1000, Aggregators.RATE); - expect(subject.end - subject.start).toEqual(1000 * 2); - }); - it('should return a 5 minute range for last 1 minute', () => { - const subject = createTimerange(60000, Aggregators.RATE); - expect(subject.end - subject.start).toEqual(60000 * 2); - }); - it('should return 25 minute range for last 5 minutes', () => { - const subject = createTimerange(300000, Aggregators.RATE); - expect(subject.end - subject.start).toEqual(300000 * 2); - }); - it('should return 5 hour range for last hour', () => { - const subject = createTimerange(3600000, Aggregators.RATE); - expect(subject.end - subject.start).toEqual(3600000 * 2); - }); - it('should return a 5 day range for last day', () => { - const subject = createTimerange(86400000, Aggregators.RATE); - expect(subject.end - subject.start).toEqual(86400000 * 2); - }); + it('should return a minute range for last 1 minute', () => { + const subject = createTimerange(60000, Aggregators.COUNT, timeframe); + expect(subject.end - subject.start).toEqual(60000); + }); + it('should return 5 minute range for last 5 minutes', () => { + const subject = createTimerange(300000, Aggregators.COUNT, timeframe); + expect(subject.end - subject.start).toEqual(300000); + }); + it('should return a hour range for last 1 hour', () => { + const subject = createTimerange(3600000, Aggregators.COUNT, timeframe); + expect(subject.end - subject.start).toEqual(3600000); + }); + it('should return a day range for last 1 day', () => { + const subject = createTimerange(86400000, Aggregators.COUNT, timeframe); + expect(subject.end - subject.start).toEqual(86400000); }); }); - describe('with full timeframe', () => { - describe('Basic Metric Aggs', () => { - it('should return 5 minute range when given 4 minute timeframe', () => { - const end = moment(); - const timeframe = { - start: end.clone().subtract(4, 'minutes').valueOf(), - end: end.valueOf(), - }; - const subject = createTimerange(300000, Aggregators.COUNT, timeframe); - expect(subject.end - subject.start).toEqual(300000); - }); - it('should return 6 minute range when given 6 minute timeframe', () => { - const end = moment(); - const timeframe = { - start: end.clone().subtract(6, 'minutes').valueOf(), - end: end.valueOf(), - }; - const subject = createTimerange(300000, Aggregators.COUNT, timeframe); - expect(subject.end - subject.start).toEqual(360000); - }); + describe('Rate Aggs', () => { + it('should return a 20 second range for last 1 second', () => { + const subject = createTimerange(1000, Aggregators.RATE, timeframe); + expect(subject.end - subject.start).toEqual(1000 * 2); + }); + it('should return a 5 minute range for last 1 minute', () => { + const subject = createTimerange(60000, Aggregators.RATE, timeframe); + expect(subject.end - subject.start).toEqual(60000 * 2); + }); + it('should return 25 minute range for last 5 minutes', () => { + const subject = createTimerange(300000, Aggregators.RATE, timeframe); + expect(subject.end - subject.start).toEqual(300000 * 2); + }); + it('should return 5 hour range for last hour', () => { + const subject = createTimerange(3600000, Aggregators.RATE, timeframe); + expect(subject.end - subject.start).toEqual(3600000 * 2); }); - describe('Rate Aggs', () => { - it('should return 8 minute range when given 4 minute timeframe', () => { - const end = moment(); - const timeframe = { - start: end.clone().subtract(4, 'minutes').valueOf(), - end: end.valueOf(), - }; - const subject = createTimerange(300000, Aggregators.RATE, timeframe); - expect(subject.end - subject.start).toEqual(300000 * 2); - }); - it('should return 12 minute range when given 6 minute timeframe', () => { - const end = moment(); - const timeframe = { - start: end.clone().subtract(6, 'minutes').valueOf(), - end: end.valueOf(), - }; - const subject = createTimerange(300000, Aggregators.RATE, timeframe); - expect(subject.end - subject.start).toEqual(300000 * 2); - }); + it('should return a 5 day range for last day', () => { + const subject = createTimerange(86400000, Aggregators.RATE, timeframe); + expect(subject.end - subject.start).toEqual(86400000 * 2); }); }); - describe('with partial timeframe', () => { - describe('Basic Metric Aggs', () => { - it('should return 5 minute range for last 5 minutes', () => { - const end = moment(); - const timeframe = { - end: end.valueOf(), - }; - const subject = createTimerange(300000, Aggregators.AVERAGE, timeframe); - expect(subject).toEqual({ - start: end.clone().subtract(5, 'minutes').valueOf(), - end: end.valueOf(), - }); - }); + describe('With lastPeriodEnd', () => { + it('should return a minute and 1 second range for last 1 second when the lastPeriodEnd is less than the timeframe start', () => { + const subject = createTimerange( + 1000, + Aggregators.COUNT, + timeframe, + end.clone().subtract(1, 'minutes').valueOf() + ); + expect(subject.end - subject.start).toEqual(61000); }); - describe('Rate Aggs', () => { - it('should return 10 minute range for last 5 minutes', () => { - const end = moment(); - const timeframe = { - end: end.valueOf(), - }; - const subject = createTimerange(300000, Aggregators.RATE, timeframe); - expect(subject).toEqual({ - start: end - .clone() - .subtract(300 * 2, 'seconds') - .valueOf(), - end: end.valueOf(), - }); - }); + it('should return a second range for last 1 second when the lastPeriodEnd is not less than the timeframe start', () => { + const subject = createTimerange( + 1000, + Aggregators.COUNT, + timeframe, + end.clone().add(2, 'seconds').valueOf() + ); + expect(subject.end - subject.start).toEqual(1000); }); }); }); diff --git a/x-pack/plugins/observability/server/lib/rules/custom_threshold/lib/create_timerange.ts b/x-pack/plugins/observability/server/lib/rules/custom_threshold/lib/create_timerange.ts index 75f4dda7ff8d6..257318a0bd109 100644 --- a/x-pack/plugins/observability/server/lib/rules/custom_threshold/lib/create_timerange.ts +++ b/x-pack/plugins/observability/server/lib/rules/custom_threshold/lib/create_timerange.ts @@ -11,21 +11,20 @@ import { Aggregators } from '../../../../../common/custom_threshold_rule/types'; export const createTimerange = ( interval: number, aggType: Aggregators, - timeframe?: { end: number; start?: number }, + timeframe: { end: string; start: string }, lastPeriodEnd?: number ) => { - const to = moment(timeframe ? timeframe.end : Date.now()).valueOf(); + const end = moment(timeframe.end).valueOf(); + let start = moment(timeframe.start).valueOf(); // Rate aggregations need 5 buckets worth of data const minimumBuckets = aggType === Aggregators.RATE ? 2 : 1; - const calculatedFrom = lastPeriodEnd ? lastPeriodEnd - interval : to - interval * minimumBuckets; + start = start - interval * minimumBuckets; - // Use either the timeframe.start when the start is less then calculatedFrom - // OR use the calculatedFrom - const from = - timeframe && timeframe.start && timeframe.start <= calculatedFrom - ? timeframe.start - : calculatedFrom; + // Use lastPeriodEnd - interval when it's less than start + if (lastPeriodEnd && lastPeriodEnd - interval < start) { + start = lastPeriodEnd - interval; + } - return { start: from, end: to }; + return { start, end }; }; diff --git a/x-pack/plugins/observability/server/lib/rules/custom_threshold/lib/evaluate_rule.ts b/x-pack/plugins/observability/server/lib/rules/custom_threshold/lib/evaluate_rule.ts index 33410cbfb9742..97523fc102c1a 100644 --- a/x-pack/plugins/observability/server/lib/rules/custom_threshold/lib/evaluate_rule.ts +++ b/x-pack/plugins/observability/server/lib/rules/custom_threshold/lib/evaluate_rule.ts @@ -41,8 +41,8 @@ export const evaluateRule = async >> => { const { criteria, groupBy, searchConfiguration } = params; diff --git a/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/executor.test.ts b/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/executor.test.ts index 0837973ec7ee2..6be334dc62f2b 100644 --- a/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/executor.test.ts +++ b/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/executor.test.ts @@ -97,6 +97,11 @@ function createFindResponse(sloList: SLO[]): SavedObjectsFindResponse }; } +function getTimeRange() { + const date = new Date(Date.now()).toISOString(); + return { dateStart: date, dateEnd: date }; +} + describe('BurnRateRuleExecutor', () => { let esClientMock: ElasticsearchClientMock; let soClientMock: jest.Mocked; @@ -178,6 +183,7 @@ describe('BurnRateRuleExecutor', () => { spaceId: 'irrelevant', state: {}, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange, }) ).rejects.toThrowError(); }); @@ -198,6 +204,7 @@ describe('BurnRateRuleExecutor', () => { spaceId: 'irrelevant', state: {}, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange, }); expect(esClientMock.search).not.toHaveBeenCalled(); @@ -246,6 +253,7 @@ describe('BurnRateRuleExecutor', () => { spaceId: 'irrelevant', state: {}, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange, }); expect(alertWithLifecycleMock).not.toBeCalled(); @@ -291,6 +299,7 @@ describe('BurnRateRuleExecutor', () => { spaceId: 'irrelevant', state: {}, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange, }); expect(alertWithLifecycleMock).not.toBeCalled(); @@ -339,6 +348,7 @@ describe('BurnRateRuleExecutor', () => { spaceId: 'irrelevant', state: {}, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange, }); expect(alertWithLifecycleMock).toBeCalledWith({ @@ -436,6 +446,7 @@ describe('BurnRateRuleExecutor', () => { spaceId: 'irrelevant', state: {}, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange, }); expect(alertWithLifecycleMock).toBeCalledWith({ diff --git a/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/executor.ts b/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/executor.ts index 63c5ede6d7d6c..41ff9b53a97e2 100644 --- a/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/executor.ts +++ b/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/executor.ts @@ -19,7 +19,7 @@ import { LocatorPublic } from '@kbn/share-plugin/common'; import { upperCase } from 'lodash'; import { addSpaceIdToPath } from '@kbn/spaces-plugin/server'; -import { ALL_VALUE } from '@kbn/slo-schema'; +import { ALL_VALUE, toDurationUnit } from '@kbn/slo-schema'; import { AlertsLocatorParams, getAlertUrl } from '../../../../common'; import { SLO_ID_FIELD, @@ -63,6 +63,7 @@ export const getRuleExecutor = ({ params, startedAt, spaceId, + getTimeRange, }): ReturnType< ExecutorType< BurnRateRuleParams, @@ -88,7 +89,22 @@ export const getRuleExecutor = ({ return { state: {} }; } - const results = await evaluate(esClient.asCurrentUser, slo, params, startedAt); + const burnRateWindows = getBurnRateWindows(params.windows); + const longestLookbackWindow = burnRateWindows.reduce((acc, winDef) => { + return winDef.longDuration.isShorterThan(acc.longDuration) ? acc : winDef; + }, burnRateWindows[0]); + const { dateStart, dateEnd } = getTimeRange( + `${longestLookbackWindow.longDuration.value}${longestLookbackWindow.longDuration.unit}` + ); + + const results = await evaluate( + esClient.asCurrentUser, + slo, + params, + dateStart, + dateEnd, + burnRateWindows + ); if (results.length > 0) { for (const result of results) { @@ -196,6 +212,19 @@ export const getRuleExecutor = ({ return { state: {} }; }; +export function getBurnRateWindows(windows: WindowSchema[]) { + return windows.map((winDef) => { + return { + ...winDef, + longDuration: new Duration(winDef.longWindow.value, toDurationUnit(winDef.longWindow.unit)), + shortDuration: new Duration( + winDef.shortWindow.value, + toDurationUnit(winDef.shortWindow.unit) + ), + }; + }); +} + function getActionGroupName(id: string) { switch (id) { case HIGH_PRIORITY_ACTION.id: diff --git a/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/lib/build_query.test.ts b/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/lib/build_query.test.ts index 730fe8ae66e46..6a10733b13690 100644 --- a/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/lib/build_query.test.ts +++ b/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/lib/build_query.test.ts @@ -8,8 +8,10 @@ import { createBurnRateRule } from '../fixtures/rule'; import { buildQuery } from './build_query'; import { createKQLCustomIndicator, createSLO } from '../../../../services/slo/fixtures/slo'; +import { getBurnRateWindows } from '../executor'; -const STARTED_AT = new Date('2023-01-01T00:00:00.000Z'); +const DATE_START = '2022-12-29T00:00:00.000Z'; +const DATE_END = '2023-01-01T00:00:00.000Z'; describe('buildQuery()', () => { it('should return a valid query for occurrences', () => { @@ -18,7 +20,8 @@ describe('buildQuery()', () => { indicator: createKQLCustomIndicator(), }); const rule = createBurnRateRule(slo); - expect(buildQuery(STARTED_AT, slo, rule)).toMatchSnapshot(); + const burnRateWindows = getBurnRateWindows(rule.windows); + expect(buildQuery(slo, DATE_START, DATE_END, burnRateWindows)).toMatchSnapshot(); }); it('should return a valid query with afterKey', () => { const slo = createSLO({ @@ -26,7 +29,12 @@ describe('buildQuery()', () => { indicator: createKQLCustomIndicator(), }); const rule = createBurnRateRule(slo); - expect(buildQuery(STARTED_AT, slo, rule, { instanceId: 'example' })).toMatchSnapshot(); + const burnRateWindows = getBurnRateWindows(rule.windows); + expect( + buildQuery(slo, DATE_START, DATE_END, burnRateWindows, { + instanceId: 'example', + }) + ).toMatchSnapshot(); }); it('should return a valid query for timeslices', () => { const slo = createSLO({ @@ -35,6 +43,7 @@ describe('buildQuery()', () => { budgetingMethod: 'timeslices', }); const rule = createBurnRateRule(slo); - expect(buildQuery(STARTED_AT, slo, rule)).toMatchSnapshot(); + const burnRateWindows = getBurnRateWindows(rule.windows); + expect(buildQuery(slo, DATE_START, DATE_END, burnRateWindows)).toMatchSnapshot(); }); }); diff --git a/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/lib/build_query.ts b/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/lib/build_query.ts index 8d5bfe795aa08..fad8c1ef5d1d7 100644 --- a/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/lib/build_query.ts +++ b/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/lib/build_query.ts @@ -7,10 +7,10 @@ import moment from 'moment'; import { timeslicesBudgetingMethodSchema } from '@kbn/slo-schema'; -import { Duration, SLO, toDurationUnit, toMomentUnitOfTime } from '../../../../domain/models'; -import { BurnRateRuleParams, WindowSchema } from '../types'; +import { Duration, SLO, toMomentUnitOfTime } from '../../../../domain/models'; +import { WindowSchema } from '../types'; -type BurnRateWindowWithDuration = WindowSchema & { +export type BurnRateWindowWithDuration = WindowSchema & { longDuration: Duration; shortDuration: Duration; }; @@ -99,7 +99,11 @@ function buildWindowAgg( }; } -function buildWindowAggs(startedAt: Date, slo: SLO, burnRateWindows: BurnRateWindowWithDuration[]) { +function buildWindowAggs( + startedAt: string, + slo: SLO, + burnRateWindows: BurnRateWindowWithDuration[] +) { return burnRateWindows.reduce((acc, winDef, index) => { const shortDateRange = getLookbackDateRange(startedAt, winDef.shortDuration); const longDateRange = getLookbackDateRange(startedAt, winDef.longDuration); @@ -150,27 +154,12 @@ function buildEvaluation(burnRateWindows: BurnRateWindowWithDuration[]) { } export function buildQuery( - startedAt: Date, slo: SLO, - params: BurnRateRuleParams, + dateStart: string, + dateEnd: string, + burnRateWindows: BurnRateWindowWithDuration[], afterKey?: EvaluationAfterKey ) { - const burnRateWindows = params.windows.map((winDef) => { - return { - ...winDef, - longDuration: new Duration(winDef.longWindow.value, toDurationUnit(winDef.longWindow.unit)), - shortDuration: new Duration( - winDef.shortWindow.value, - toDurationUnit(winDef.shortWindow.unit) - ), - }; - }); - - const longestLookbackWindow = burnRateWindows.reduce((acc, winDef) => { - return winDef.longDuration.isShorterThan(acc.longDuration) ? acc : winDef; - }, burnRateWindows[0]); - const longestDateRange = getLookbackDateRange(startedAt, longestLookbackWindow.longDuration); - return { size: 0, query: { @@ -181,8 +170,8 @@ export function buildQuery( { range: { '@timestamp': { - gte: longestDateRange.from.toISOString(), - lt: longestDateRange.to.toISOString(), + gte: dateStart, + lt: dateEnd, }, }, }, @@ -197,7 +186,7 @@ export function buildQuery( sources: [{ instanceId: { terms: { field: 'slo.instanceId' } } }], }, aggs: { - ...buildWindowAggs(startedAt, slo, burnRateWindows), + ...buildWindowAggs(dateEnd, slo, burnRateWindows), ...buildEvaluation(burnRateWindows), }, }, @@ -205,9 +194,9 @@ export function buildQuery( }; } -function getLookbackDateRange(startedAt: Date, duration: Duration): { from: Date; to: Date } { +function getLookbackDateRange(startedAt: string, duration: Duration): { from: Date; to: Date } { const unit = toMomentUnitOfTime(duration.unit); - const now = moment(startedAt).startOf('minute'); + const now = moment(startedAt); const from = now.clone().subtract(duration.value, unit); const to = now.clone(); diff --git a/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/lib/evaluate.ts b/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/lib/evaluate.ts index 8461382fc1564..cdd408297f137 100644 --- a/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/lib/evaluate.ts +++ b/x-pack/plugins/observability/server/lib/rules/slo_burn_rate/lib/evaluate.ts @@ -12,6 +12,7 @@ import { BurnRateRuleParams } from '../types'; import { SLO_DESTINATION_INDEX_PATTERN } from '../../../../assets/constants'; import { buildQuery, + BurnRateWindowWithDuration, EvaluationAfterKey, generateAboveThresholdKey, generateBurnRateKey, @@ -65,12 +66,13 @@ export interface EvalutionAggResults { async function queryAllResults( esClient: ElasticsearchClient, slo: SLO, - params: BurnRateRuleParams, - startedAt: Date, + dateStart: string, + dateEnd: string, + burnRateWindows: BurnRateWindowWithDuration[], buckets: EvaluationBucket[] = [], lastAfterKey?: { instanceId: string } ): Promise { - const queryAndAggs = buildQuery(startedAt, slo, params, lastAfterKey); + const queryAndAggs = buildQuery(slo, dateStart, dateEnd, burnRateWindows, lastAfterKey); const results = await esClient.search({ index: SLO_DESTINATION_INDEX_PATTERN, ...queryAndAggs, @@ -84,8 +86,9 @@ async function queryAllResults( return queryAllResults( esClient, slo, - params, - startedAt, + dateStart, + dateEnd, + burnRateWindows, [...buckets, ...results.aggregations.instances.buckets], results.aggregations.instances.after_key ); @@ -95,9 +98,11 @@ export async function evaluate( esClient: ElasticsearchClient, slo: SLO, params: BurnRateRuleParams, - startedAt: Date + dateStart: string, + dateEnd: string, + burnRateWindows: BurnRateWindowWithDuration[] ) { - const buckets = await queryAllResults(esClient, slo, params, startedAt); + const buckets = await queryAllResults(esClient, slo, dateStart, dateEnd, burnRateWindows); return transformBucketToResults(buckets, params); } diff --git a/x-pack/plugins/rule_registry/server/utils/create_lifecycle_rule_type.test.ts b/x-pack/plugins/rule_registry/server/utils/create_lifecycle_rule_type.test.ts index 30d17ea1bfe06..58aa875cf2344 100644 --- a/x-pack/plugins/rule_registry/server/utils/create_lifecycle_rule_type.test.ts +++ b/x-pack/plugins/rule_registry/server/utils/create_lifecycle_rule_type.test.ts @@ -148,6 +148,10 @@ function createRule(shouldWriteAlerts: boolean = true) { startedAt, state, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange: () => { + const date = new Date(Date.now()).toISOString(); + return { dateStart: date, dateEnd: date }; + }, })) ?? {}) as Record); previousStartedAt = startedAt; diff --git a/x-pack/plugins/rule_registry/server/utils/rule_executor.test_helpers.ts b/x-pack/plugins/rule_registry/server/utils/rule_executor.test_helpers.ts index 56002fa2d22bd..4ef589edadacb 100644 --- a/x-pack/plugins/rule_registry/server/utils/rule_executor.test_helpers.ts +++ b/x-pack/plugins/rule_registry/server/utils/rule_executor.test_helpers.ts @@ -96,4 +96,8 @@ export const createDefaultAlertExecutorOptions = < logger, flappingSettings: DEFAULT_FLAPPING_SETTINGS, ...(maintenanceWindowIds ? { maintenanceWindowIds } : {}), + getTimeRange: () => { + const date = new Date(Date.now()).toISOString(); + return { dateStart: date, dateEnd: date }; + }, }); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_actions_legacy/logic/notifications/legacy_rules_notification_alert_type.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_actions_legacy/logic/notifications/legacy_rules_notification_alert_type.test.ts index a73561b7a34ff..0f0eeece6f8f6 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_actions_legacy/logic/notifications/legacy_rules_notification_alert_type.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_actions_legacy/logic/notifications/legacy_rules_notification_alert_type.test.ts @@ -72,6 +72,10 @@ describe('legacyRules_notification_alert_type', () => { }, logger, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange: () => { + const date = new Date('2019-12-14T16:40:33.400Z').toISOString(); + return { dateStart: date, dateEnd: date }; + }, }; alert = legacyRulesNotificationAlertType({ diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_preview/api/preview_rules/route.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_preview/api/preview_rules/route.ts index 6591ebdc5200f..bbefafb102423 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_preview/api/preview_rules/route.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_preview/api/preview_rules/route.ts @@ -284,6 +284,10 @@ export const previewRulesRoute = async ( state: statePreview, logger, flappingSettings: DISABLE_FLAPPING_SETTINGS, + getTimeRange: () => { + const date = startedAt.toISOString(); + return { dateStart: date, dateEnd: date }; + }, })) as { state: TState }); const errors = loggedStatusChanges diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/executor.test.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/executor.test.ts index 63f5024067cea..88f7049dcd261 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/executor.test.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/executor.test.ts @@ -7,8 +7,8 @@ import { of } from 'rxjs'; import { CoreSetup } from '@kbn/core/server'; -import { executor, getSearchParams, getValidTimefieldSort, tryToParseAsDate } from './executor'; -import { ExecutorOptions, OnlyEsQueryRuleParams } from './types'; +import { executor, getValidTimefieldSort, tryToParseAsDate } from './executor'; +import { ExecutorOptions } from './types'; import { Comparator } from '../../../common/comparator_types'; import { elasticsearchServiceMock } from '@kbn/core-elasticsearch-server-mocks'; import { loggerMock } from '@kbn/logging-mocks'; @@ -117,6 +117,10 @@ describe('es_query executor', () => { state: { latestTimestamp: undefined }, spaceId: 'default', logger, + getTimeRange: () => { + const date = new Date(Date.now()).toISOString(); + return { dateStart: date, dateEnd: date }; + }, } as unknown as ExecutorOptions; it('should throw error for invalid comparator', async () => { @@ -141,8 +145,6 @@ describe('es_query executor', () => { ], truncated: false, }, - dateStart: new Date().toISOString(), - dateEnd: new Date().toISOString(), }); await executor(coreMock, defaultExecutorOptions); expect(mockFetchEsQuery).toHaveBeenCalledWith({ @@ -157,6 +159,8 @@ describe('es_query executor', () => { scopedClusterClient: scopedClusterClientMock, logger, }, + dateStart: new Date().toISOString(), + dateEnd: new Date().toISOString(), }); expect(mockFetchSearchSourceQuery).not.toHaveBeenCalled(); }); @@ -173,8 +177,6 @@ describe('es_query executor', () => { ], truncated: false, }, - dateStart: new Date().toISOString(), - dateEnd: new Date().toISOString(), }); await executor(coreMock, { ...defaultExecutorOptions, @@ -191,6 +193,8 @@ describe('es_query executor', () => { share: undefined, }, spacePrefix: '', + dateStart: new Date().toISOString(), + dateEnd: new Date().toISOString(), }); expect(mockFetchEsQuery).not.toHaveBeenCalled(); }); @@ -207,8 +211,6 @@ describe('es_query executor', () => { ], truncated: false, }, - dateStart: new Date().toISOString(), - dateEnd: new Date().toISOString(), }); await executor(coreMock, { ...defaultExecutorOptions, @@ -222,10 +224,11 @@ describe('es_query executor', () => { scopedClusterClient: scopedClusterClientMock, logger, share: undefined, - dataViews: undefined, }, spacePrefix: '', publicBaseUrl: 'https://localhost:5601', + dateStart: new Date().toISOString(), + dateEnd: new Date().toISOString(), }); expect(mockFetchEsQuery).not.toHaveBeenCalled(); expect(mockFetchSearchSourceQuery).not.toHaveBeenCalled(); @@ -243,8 +246,6 @@ describe('es_query executor', () => { ], truncated: false, }, - dateStart: new Date().toISOString(), - dateEnd: new Date().toISOString(), }); await executor(coreMock, { ...defaultExecutorOptions, @@ -269,8 +270,6 @@ describe('es_query executor', () => { ], truncated: false, }, - dateStart: new Date().toISOString(), - dateEnd: new Date().toISOString(), link: 'https://localhost:5601/app/management/insightsAndAlerting/triggersActions/rule/test-rule-id', }); await executor(coreMock, { @@ -343,8 +342,6 @@ describe('es_query executor', () => { ], truncated: false, }, - dateStart: new Date().toISOString(), - dateEnd: new Date().toISOString(), link: 'https://localhost:5601/app/management/insightsAndAlerting/triggersActions/rule/test-rule-id', }); await executor(coreMock, { @@ -491,8 +488,6 @@ describe('es_query executor', () => { ], truncated: false, }, - dateStart: new Date().toISOString(), - dateEnd: new Date().toISOString(), link: 'https://localhost:5601/app/management/insightsAndAlerting/triggersActions/rule/test-rule-id', }); await executor(coreMock, { @@ -568,8 +563,6 @@ describe('es_query executor', () => { ], truncated: true, }, - dateStart: new Date().toISOString(), - dateEnd: new Date().toISOString(), }); await executor(coreMock, { ...defaultExecutorOptions, @@ -611,8 +604,6 @@ describe('es_query executor', () => { ], truncated: false, }, - dateStart: new Date().toISOString(), - dateEnd: new Date().toISOString(), link: 'https://localhost:5601/app/management/insightsAndAlerting/triggersActions/rule/test-rule-id', }); await executor(coreMock, { @@ -673,8 +664,6 @@ describe('es_query executor', () => { ]); mockFetchEsQuery.mockResolvedValueOnce({ parsedResults: { results: [], truncated: false }, - dateStart: new Date().toISOString(), - dateEnd: new Date().toISOString(), link: 'https://localhost:5601/app/management/insightsAndAlerting/triggersActions/rule/test-rule-id', }); await executor(coreMock, { @@ -771,8 +760,6 @@ describe('es_query executor', () => { results: [], truncated: false, }, - dateStart: new Date().toISOString(), - dateEnd: new Date().toISOString(), link: 'https://localhost:5601/app/management/insightsAndAlerting/triggersActions/rule/test-rule-id', }); await executor(coreMock, { @@ -848,36 +835,4 @@ describe('es_query executor', () => { expect(result).toEqual('2018-12-31T19:00:00.000Z'); }); }); - - describe('getSearchParams', () => { - it('should return search params correctly', () => { - const result = getSearchParams(defaultProps as OnlyEsQueryRuleParams); - expect(result.parsedQuery.query).toBe('test-query'); - }); - - it('should throw invalid query error', () => { - expect(() => - getSearchParams({ ...defaultProps, esQuery: '' } as OnlyEsQueryRuleParams) - ).toThrow('invalid query specified: "" - query must be JSON'); - }); - - it('should throw invalid query error due to missing query property', () => { - expect(() => - getSearchParams({ - ...defaultProps, - esQuery: '{ "someProperty": "test-query" }', - } as OnlyEsQueryRuleParams) - ).toThrow('invalid query specified: "{ "someProperty": "test-query" }" - query must be JSON'); - }); - - it('should throw invalid window size error', () => { - expect(() => - getSearchParams({ - ...defaultProps, - timeWindowSize: 5, - timeWindowUnit: 'r', - } as OnlyEsQueryRuleParams) - ).toThrow('invalid format for windowSize: "5r"'); - }); - }); }); diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/executor.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/executor.ts index e6366caf53130..468872be4cd78 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/executor.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/executor.ts @@ -7,7 +7,6 @@ import { sha256 } from 'js-sha256'; import { i18n } from '@kbn/i18n'; import { CoreSetup } from '@kbn/core/server'; -import { parseDuration } from '@kbn/alerting-plugin/server'; import { isGroupAggregation, UngroupedGroupId } from '@kbn/triggers-actions-ui-plugin/common'; import { ALERT_EVALUATION_VALUE, ALERT_REASON, ALERT_URL } from '@kbn/rule-data-utils'; @@ -41,6 +40,7 @@ export async function executor(core: CoreSetup, options: ExecutorOptions = {}; for (const result of parsedResults.results) { @@ -208,53 +215,6 @@ export async function executor(core: CoreSetup, options: ExecutorOptions = [] ): undefined | string { diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_es_query.test.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_es_query.test.ts index 193f559ce2d62..46b3bb2ff495f 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_es_query.test.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_es_query.test.ts @@ -10,7 +10,6 @@ import { Comparator } from '../../../../common/comparator_types'; import { fetchEsQuery } from './fetch_es_query'; import { elasticsearchServiceMock } from '@kbn/core-elasticsearch-server-mocks'; import { loggerMock } from '@kbn/logging-mocks'; -import { getSearchParams } from './get_search_params'; jest.mock('@kbn/triggers-actions-ui-plugin/common', () => { const actual = jest.requireActual('@kbn/triggers-actions-ui-plugin/common'); @@ -56,7 +55,8 @@ describe('fetchEsQuery', () => { }; it('should add time filter if timestamp if defined and excludeHitsFromPreviousRun is true', async () => { const params = defaultParams; - const { dateStart, dateEnd } = getSearchParams(params); + const date = new Date().toISOString(); + await fetchEsQuery({ ruleId: 'abc', name: 'test-rule', @@ -65,6 +65,8 @@ describe('fetchEsQuery', () => { services, spacePrefix: '', publicBaseUrl: '', + dateStart: date, + dateEnd: date, }); expect(scopedClusterClientMock.asCurrentUser.search).toHaveBeenCalledWith( { @@ -116,8 +118,8 @@ describe('fetchEsQuery', () => { range: { '@timestamp': { format: 'strict_date_optional_time', - gte: dateStart, - lte: dateEnd, + gte: date, + lte: date, }, }, }, @@ -147,7 +149,8 @@ describe('fetchEsQuery', () => { it('should not add time filter if timestamp is undefined', async () => { const params = defaultParams; - const { dateStart, dateEnd } = getSearchParams(params); + const date = new Date().toISOString(); + await fetchEsQuery({ ruleId: 'abc', name: 'test-rule', @@ -156,6 +159,8 @@ describe('fetchEsQuery', () => { services, spacePrefix: '', publicBaseUrl: '', + dateStart: date, + dateEnd: date, }); expect(scopedClusterClientMock.asCurrentUser.search).toHaveBeenCalledWith( { @@ -181,8 +186,8 @@ describe('fetchEsQuery', () => { range: { '@timestamp': { format: 'strict_date_optional_time', - gte: dateStart, - lte: dateEnd, + gte: date, + lte: date, }, }, }, @@ -212,7 +217,8 @@ describe('fetchEsQuery', () => { it('should not add time filter if excludeHitsFromPreviousRun is false', async () => { const params = { ...defaultParams, excludeHitsFromPreviousRun: false }; - const { dateStart, dateEnd } = getSearchParams(params); + const date = new Date().toISOString(); + await fetchEsQuery({ ruleId: 'abc', name: 'test-rule', @@ -221,6 +227,8 @@ describe('fetchEsQuery', () => { services, spacePrefix: '', publicBaseUrl: '', + dateStart: date, + dateEnd: date, }); expect(scopedClusterClientMock.asCurrentUser.search).toHaveBeenCalledWith( { @@ -246,8 +254,8 @@ describe('fetchEsQuery', () => { range: { '@timestamp': { format: 'strict_date_optional_time', - gte: dateStart, - lte: dateEnd, + gte: date, + lte: date, }, }, }, @@ -277,7 +285,8 @@ describe('fetchEsQuery', () => { it('should set size: 0 and top hits size to size parameter if grouping alerts', async () => { const params = { ...defaultParams, groupBy: 'top', termField: 'host.name', termSize: 10 }; - const { dateStart, dateEnd } = getSearchParams(params); + const date = new Date().toISOString(); + await fetchEsQuery({ ruleId: 'abc', name: 'test-rule', @@ -286,6 +295,8 @@ describe('fetchEsQuery', () => { services, spacePrefix: '', publicBaseUrl: '', + dateStart: date, + dateEnd: date, }); expect(scopedClusterClientMock.asCurrentUser.search).toHaveBeenCalledWith( { @@ -338,8 +349,8 @@ describe('fetchEsQuery', () => { range: { '@timestamp': { format: 'strict_date_optional_time', - gte: dateStart, - lte: dateEnd, + gte: date, + lte: date, }, }, }, diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_es_query.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_es_query.ts index f44ad3f470106..3d4f47575966c 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_es_query.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_es_query.ts @@ -16,7 +16,7 @@ import { ES_QUERY_ID } from '@kbn/rule-data-utils'; import { getComparatorScript } from '../../../../common'; import { OnlyEsQueryRuleParams } from '../types'; import { buildSortedEventsQuery } from '../../../../common/build_sorted_events_query'; -import { getSearchParams } from './get_search_params'; +import { getParsedQuery } from '../util'; export interface FetchEsQueryOpts { ruleId: string; @@ -30,6 +30,8 @@ export interface FetchEsQueryOpts { logger: Logger; }; alertLimit?: number; + dateStart: string; + dateEnd: string; } /** @@ -44,17 +46,20 @@ export async function fetchEsQuery({ timestamp, services, alertLimit, + dateStart, + dateEnd, }: FetchEsQueryOpts) { const { scopedClusterClient, logger } = services; const esClient = scopedClusterClient.asCurrentUser; const isGroupAgg = isGroupAggregation(params.termField); const isCountAgg = isCountAggregation(params.aggType); const { + query, + fields, // eslint-disable-next-line @typescript-eslint/naming-convention - parsedQuery: { query, fields, runtime_mappings, _source }, - dateStart, - dateEnd, - } = getSearchParams(params); + runtime_mappings, + _source, + } = getParsedQuery(params); const filter = timestamp && params.excludeHitsFromPreviousRun @@ -136,8 +141,6 @@ export async function fetchEsQuery({ esResult: searchResult, resultLimit: alertLimit, }), - dateStart, - dateEnd, link, }; } diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_esql_query.test.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_esql_query.test.ts index 5a2e8d4d761c2..1d7096d20140e 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_esql_query.test.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_esql_query.test.ts @@ -6,26 +6,15 @@ */ import { OnlyEsqlQueryRuleParams } from '../types'; -import { stubbedSavedObjectIndexPattern } from '@kbn/data-views-plugin/common/data_view.stub'; -import { DataView } from '@kbn/data-views-plugin/common'; -import { fieldFormatsMock } from '@kbn/field-formats-plugin/common/mocks'; import { Comparator } from '../../../../common/comparator_types'; import { getEsqlQuery } from './fetch_esql_query'; -const createDataView = () => { - const id = 'test-id'; - const { - type, - version, - attributes: { timeFieldName, fields, title }, - } = stubbedSavedObjectIndexPattern(id); +const getTimeRange = () => { + const date = Date.now(); + const dateStart = new Date(date - 300000).toISOString(); + const dateEnd = new Date(date).toISOString(); - return new DataView({ - spec: { id, type, version, timeFieldName, fields: JSON.parse(fields), title }, - fieldFormats: fieldFormatsMock, - shortDotsEnable: false, - metaFields: ['_id', '_type', '_score'], - }); + return { dateStart, dateEnd }; }; const defaultParams: OnlyEsqlQueryRuleParams = { @@ -44,7 +33,6 @@ const defaultParams: OnlyEsqlQueryRuleParams = { describe('fetchEsqlQuery', () => { describe('getEsqlQuery', () => { - const dataViewMock = createDataView(); afterAll(() => { jest.resetAllMocks(); }); @@ -58,7 +46,8 @@ describe('fetchEsqlQuery', () => { it('should generate the correct query', async () => { const params = defaultParams; - const { query, dateStart, dateEnd } = getEsqlQuery(dataViewMock, params, undefined); + const { dateStart, dateEnd } = getTimeRange(); + const query = getEsqlQuery(params, undefined, dateStart, dateEnd); expect(query).toMatchInlineSnapshot(` Object { @@ -80,13 +69,12 @@ describe('fetchEsqlQuery', () => { "query": "from test", } `); - expect(dateStart).toMatch('2020-02-09T23:10:41.941Z'); - expect(dateEnd).toMatch('2020-02-09T23:15:41.941Z'); }); it('should generate the correct query with the alertLimit', async () => { const params = defaultParams; - const { query, dateStart, dateEnd } = getEsqlQuery(dataViewMock, params, 100); + const { dateStart, dateEnd } = getTimeRange(); + const query = getEsqlQuery(params, 100, dateStart, dateEnd); expect(query).toMatchInlineSnapshot(` Object { @@ -108,8 +96,6 @@ describe('fetchEsqlQuery', () => { "query": "from test | limit 100", } `); - expect(dateStart).toMatch('2020-02-09T23:10:41.941Z'); - expect(dateEnd).toMatch('2020-02-09T23:15:41.941Z'); }); }); }); diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_esql_query.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_esql_query.ts index ae729e51703d4..ad806401a8fd1 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_esql_query.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_esql_query.ts @@ -5,7 +5,6 @@ * 2.0. */ -import { DataView, DataViewsContract, getTime } from '@kbn/data-plugin/common'; import { parseAggregationResults } from '@kbn/triggers-actions-ui-plugin/common'; import { SharePluginStart } from '@kbn/share-plugin/server'; import { IScopedClusterClient, Logger } from '@kbn/core/server'; @@ -22,8 +21,9 @@ export interface FetchEsqlQueryOpts { logger: Logger; scopedClusterClient: IScopedClusterClient; share: SharePluginStart; - dataViews: DataViewsContract; }; + dateStart: string; + dateEnd: string; } export async function fetchEsqlQuery({ @@ -33,14 +33,12 @@ export async function fetchEsqlQuery({ services, spacePrefix, publicBaseUrl, + dateStart, + dateEnd, }: FetchEsqlQueryOpts) { - const { logger, scopedClusterClient, dataViews } = services; + const { logger, scopedClusterClient } = services; const esClient = scopedClusterClient.asCurrentUser; - const dataView = await dataViews.create({ - timeFieldName: params.timeField, - }); - - const { query, dateStart, dateEnd } = getEsqlQuery(dataView, params, alertLimit); + const query = getEsqlQuery(params, alertLimit, dateStart, dateEnd); logger.debug(`ES|QL query rule (${ruleId}) query: ${JSON.stringify(query)}`); @@ -66,23 +64,15 @@ export async function fetchEsqlQuery({ }, resultLimit: alertLimit, }), - dateStart, - dateEnd, }; } export const getEsqlQuery = ( - dataView: DataView, params: OnlyEsqlQueryRuleParams, - alertLimit: number | undefined + alertLimit: number | undefined, + dateStart: string, + dateEnd: string ) => { - const timeRange = { - from: `now-${params.timeWindowSize}${params.timeWindowUnit}`, - to: 'now', - }; - const timerangeFilter = getTime(dataView, timeRange); - const dateStart = timerangeFilter?.query.range[params.timeField].gte; - const dateEnd = timerangeFilter?.query.range[params.timeField].lte; const rangeFilter: unknown[] = [ { range: { @@ -103,9 +93,5 @@ export const getEsqlQuery = ( }, }, }; - return { - query, - dateStart, - dateEnd, - }; + return query; }; diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_search_source_query.test.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_search_source_query.test.ts index 94a8ea648c1e9..a753c34908a20 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_search_source_query.test.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_search_source_query.test.ts @@ -32,6 +32,14 @@ const createDataView = () => { }); }; +const getTimeRange = () => { + const date = Date.now(); + const dateStart = new Date(date - 300000).toISOString(); + const dateEnd = new Date(date).toISOString(); + + return { dateStart, dateEnd }; +}; + const defaultParams: OnlySearchSourceRuleParams = { size: 100, timeWindowSize: 5, @@ -65,11 +73,14 @@ describe('fetchSearchSourceQuery', () => { const searchSourceInstance = createSearchSourceMock({ index: dataViewMock }); - const { searchSource, dateStart, dateEnd } = updateSearchSource( + const { dateStart, dateEnd } = getTimeRange(); + const searchSource = updateSearchSource( searchSourceInstance, dataViewMock, params, - undefined + undefined, + dateStart, + dateEnd ); const searchRequest = searchSource.getSearchRequestBody(); expect(searchRequest.size).toMatchInlineSnapshot(`100`); @@ -94,8 +105,6 @@ describe('fetchSearchSourceQuery', () => { } `); expect(searchRequest.aggs).toMatchInlineSnapshot(`Object {}`); - expect(dateStart).toMatch('2020-02-09T23:10:41.941Z'); - expect(dateEnd).toMatch('2020-02-09T23:15:41.941Z'); }); it('with latest timestamp in between the given time range ', async () => { @@ -103,11 +112,14 @@ describe('fetchSearchSourceQuery', () => { const searchSourceInstance = createSearchSourceMock({ index: dataViewMock }); - const { searchSource } = updateSearchSource( + const { dateStart, dateEnd } = getTimeRange(); + const searchSource = updateSearchSource( searchSourceInstance, dataViewMock, params, - '2020-02-09T23:12:41.941Z' + '2020-02-09T23:12:41.941Z', + dateStart, + dateEnd ); const searchRequest = searchSource.getSearchRequestBody(); expect(searchRequest.size).toMatchInlineSnapshot(`100`); @@ -147,11 +159,14 @@ describe('fetchSearchSourceQuery', () => { const searchSourceInstance = createSearchSourceMock({ index: dataViewMock }); - const { searchSource } = updateSearchSource( + const { dateStart, dateEnd } = getTimeRange(); + const searchSource = updateSearchSource( searchSourceInstance, dataViewMock, params, - '2020-01-09T22:12:41.941Z' + '2020-01-09T22:12:41.941Z', + dateStart, + dateEnd ); const searchRequest = searchSource.getSearchRequestBody(); expect(searchRequest.size).toMatchInlineSnapshot(`100`); @@ -183,11 +198,14 @@ describe('fetchSearchSourceQuery', () => { const searchSourceInstance = createSearchSourceMock({ index: dataViewMock }); - const { searchSource } = updateSearchSource( + const { dateStart, dateEnd } = getTimeRange(); + const searchSource = updateSearchSource( searchSourceInstance, dataViewMock, params, - '2020-02-09T23:12:41.941Z' + '2020-02-09T23:12:41.941Z', + dateStart, + dateEnd ); const searchRequest = searchSource.getSearchRequestBody(); expect(searchRequest.size).toMatchInlineSnapshot(`100`); @@ -225,11 +243,14 @@ describe('fetchSearchSourceQuery', () => { const searchSourceInstance = createSearchSourceMock({ index: dataViewMock }); - const { searchSource } = updateSearchSource( + const { dateStart, dateEnd } = getTimeRange(); + const searchSource = updateSearchSource( searchSourceInstance, dataViewMock, params, - '2020-02-09T23:12:41.941Z' + '2020-02-09T23:12:41.941Z', + dateStart, + dateEnd ); const searchRequest = searchSource.getSearchRequestBody(); expect(searchRequest.size).toMatchInlineSnapshot(`0`); diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_search_source_query.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_search_source_query.ts index dc8a4db2610d7..b0e8474d33b5b 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_search_source_query.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_search_source_query.ts @@ -9,7 +9,6 @@ import { buildRangeFilter, Filter } from '@kbn/es-query'; import { DataView, DataViewsContract, - getTime, ISearchSource, ISearchStartSearchSource, SortDirection, @@ -40,6 +39,8 @@ export interface FetchSearchSourceQueryOpts { share: SharePluginStart; dataViews: DataViewsContract; }; + dateStart: string; + dateEnd: string; } export async function fetchSearchSourceQuery({ @@ -49,6 +50,8 @@ export async function fetchSearchSourceQuery({ latestTimestamp, spacePrefix, services, + dateStart, + dateEnd, }: FetchSearchSourceQueryOpts) { const { logger, searchSourceClient } = services; const isGroupAgg = isGroupAggregation(params.termField); @@ -57,11 +60,13 @@ export async function fetchSearchSourceQuery({ const initialSearchSource = await searchSourceClient.create(params.searchConfiguration); const index = initialSearchSource.getField('index') as DataView; - const { searchSource, dateStart, dateEnd } = updateSearchSource( + const searchSource = updateSearchSource( initialSearchSource, index, params, latestTimestamp, + dateStart, + dateEnd, alertLimit ); @@ -87,8 +92,6 @@ export async function fetchSearchSourceQuery({ numMatches: Number(searchResult.hits.total), searchResult, parsedResults: parseAggregationResults({ isCountAgg, isGroupAgg, esResult: searchResult }), - dateStart, - dateEnd, }; } @@ -97,6 +100,8 @@ export function updateSearchSource( index: DataView, params: OnlySearchSourceRuleParams, latestTimestamp: string | undefined, + dateStart: string, + dateEnd: string, alertLimit?: number ) { const isGroupAgg = isGroupAggregation(params.termField); @@ -108,20 +113,19 @@ export function updateSearchSource( searchSource.setField('size', isGroupAgg ? 0 : params.size); - const timeRange = { - from: `now-${params.timeWindowSize}${params.timeWindowUnit}`, - to: 'now', - }; - const timerangeFilter = getTime(index, timeRange); - const dateStart = timerangeFilter?.query.range[timeFieldName].gte; - const dateEnd = timerangeFilter?.query.range[timeFieldName].lte; - const filters = [timerangeFilter]; + const field = index.fields.find((f) => f.name === timeFieldName); + const filters = [ + buildRangeFilter( + field!, + { lte: dateEnd, gte: dateStart, format: 'strict_date_optional_time' }, + index + ), + ]; if (params.excludeHitsFromPreviousRun) { if (latestTimestamp && latestTimestamp > dateStart) { // add additional filter for documents with a timestamp greater then // the timestamp of the previous run, so that those documents are not counted twice - const field = index.fields.find((f) => f.name === timeFieldName); const addTimeRangeField = buildRangeFilter( field!, { gt: latestTimestamp, format: 'strict_date_optional_time' }, @@ -159,11 +163,7 @@ export function updateSearchSource( ...(isGroupAgg ? { topHitsSize: params.size } : {}), }) ); - return { - searchSource: searchSourceChild, - dateStart, - dateEnd, - }; + return searchSourceChild; } async function generateLink( diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/get_search_params.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/get_search_params.ts deleted file mode 100644 index 126ddb3009287..0000000000000 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/get_search_params.ts +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ -import { i18n } from '@kbn/i18n'; -import { parseDuration } from '@kbn/alerting-plugin/common'; -import { OnlyEsQueryRuleParams } from '../types'; - -export function getSearchParams(queryParams: OnlyEsQueryRuleParams) { - const date = Date.now(); - const { esQuery, timeWindowSize, timeWindowUnit } = queryParams; - - let parsedQuery; - try { - parsedQuery = JSON.parse(esQuery); - } catch (err) { - throw new Error(getInvalidQueryError(esQuery)); - } - - if (parsedQuery && !parsedQuery.query) { - throw new Error(getInvalidQueryError(esQuery)); - } - - const window = `${timeWindowSize}${timeWindowUnit}`; - let timeWindow: number; - try { - timeWindow = parseDuration(window); - } catch (err) { - throw new Error(getInvalidWindowSizeError(window)); - } - - const dateStart = new Date(date - timeWindow).toISOString(); - const dateEnd = new Date(date).toISOString(); - - return { parsedQuery, dateStart, dateEnd }; -} - -function getInvalidWindowSizeError(windowValue: string) { - return i18n.translate('xpack.stackAlerts.esQuery.invalidWindowSizeErrorMessage', { - defaultMessage: 'invalid format for windowSize: "{windowValue}"', - values: { - windowValue, - }, - }); -} - -function getInvalidQueryError(query: string) { - return i18n.translate('xpack.stackAlerts.esQuery.invalidQueryErrorMessage', { - defaultMessage: 'invalid query specified: "{query}" - query must be JSON', - values: { - query, - }, - }); -} diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/rule_type.test.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/rule_type.test.ts index 374f932177995..440ed0a21c266 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/rule_type.test.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/rule_type.test.ts @@ -10,8 +10,6 @@ import type { Writable } from '@kbn/utility-types'; import { RuleExecutorServices } from '@kbn/alerting-plugin/server'; import { RuleExecutorServicesMock, alertsMock } from '@kbn/alerting-plugin/server/mocks'; import { loggingSystemMock } from '@kbn/core/server/mocks'; -import type { DataViewSpec } from '@kbn/data-views-plugin/common'; -import { createStubDataView } from '@kbn/data-views-plugin/common/data_view.stub'; import { getRuleType } from './rule_type'; import { EsQueryRuleParams, EsQueryRuleState } from './rule_type_params'; import { ActionContext } from './action_context'; @@ -566,31 +564,32 @@ describe('ruleType', () => { }); describe('search source query', () => { - const dataViewMock = createStubDataView({ - spec: { - id: 'test-id', - title: 'test-title', - timeFieldName: 'time-field', - fields: { - message: { - name: 'message', - type: 'string', - scripted: false, - searchable: false, - aggregatable: false, - readFromDocValues: false, - }, - timestamp: { - name: 'timestamp', - type: 'date', - scripted: false, - searchable: true, - aggregatable: false, - readFromDocValues: false, - }, + const dataViewMock = { + id: 'test-id', + title: 'test-title', + timeFieldName: 'timestamp', + fields: [ + { + name: 'message', + type: 'string', + displayName: 'message', + scripted: false, + filterable: false, + aggregatable: false, }, + { + name: 'timestamp', + type: 'date', + displayName: 'timestamp', + scripted: false, + filterable: false, + aggregatable: false, + }, + ], + toSpec: () => { + return { id: 'test-id', title: 'test-title', timeFieldName: 'timestamp', fields: [] }; }, - }); + }; const defaultParams: OnlySearchSourceRuleParams = { size: 100, timeWindowSize: 5, @@ -632,9 +631,11 @@ describe('ruleType', () => { const searchResult: ESSearchResponse = generateResults([]); const ruleServices: RuleExecutorServicesMock = alertsMock.createRuleExecutorServices(); - (ruleServices.dataViews.create as jest.Mock).mockImplementationOnce((spec: DataViewSpec) => - createStubDataView({ spec }) - ); + (ruleServices.dataViews.create as jest.Mock).mockResolvedValueOnce({ + ...dataViewMock.toSpec(), + toSpec: () => dataViewMock.toSpec(), + toMinimalSpec: () => dataViewMock.toSpec(), + }); (searchSourceInstanceMock.getField as jest.Mock).mockImplementation((name: string) => { if (name === 'index') { return dataViewMock; @@ -669,9 +670,11 @@ describe('ruleType', () => { const params = { ...defaultParams, thresholdComparator: Comparator.GT_OR_EQ, threshold: [3] }; const ruleServices: RuleExecutorServicesMock = alertsMock.createRuleExecutorServices(); - (ruleServices.dataViews.create as jest.Mock).mockImplementationOnce((spec: DataViewSpec) => - createStubDataView({ spec }) - ); + (ruleServices.dataViews.create as jest.Mock).mockResolvedValueOnce({ + ...dataViewMock.toSpec(), + toSpec: () => dataViewMock.toSpec(), + toMinimalSpec: () => dataViewMock.toSpec(), + }); (searchSourceInstanceMock.getField as jest.Mock).mockImplementation((name: string) => { if (name === 'index') { return dataViewMock; @@ -711,32 +714,6 @@ describe('ruleType', () => { }); describe('ESQL query', () => { - const dataViewMock = { - id: 'test-id', - title: 'test-title', - timeFieldName: 'time-field', - fields: [ - { - name: 'message', - type: 'string', - displayName: 'message', - scripted: false, - filterable: false, - aggregatable: false, - }, - { - name: 'timestamp', - type: 'date', - displayName: 'timestamp', - scripted: false, - filterable: false, - aggregatable: false, - }, - ], - toSpec: () => { - return { id: 'test-id', title: 'test-title', timeFieldName: 'timestamp', fields: [] }; - }, - }; const defaultParams: OnlyEsqlQueryRuleParams = { size: 100, timeWindowSize: 5, @@ -777,12 +754,6 @@ describe('ruleType', () => { it('rule executor handles no documents returned by ES', async () => { const params = defaultParams; const ruleServices: RuleExecutorServicesMock = alertsMock.createRuleExecutorServices(); - - (ruleServices.dataViews.create as jest.Mock).mockResolvedValueOnce({ - ...dataViewMock.toSpec(), - toSpec: () => dataViewMock.toSpec(), - }); - const searchResult = { columns: [ { name: 'timestamp', type: 'date' }, @@ -801,12 +772,6 @@ describe('ruleType', () => { it('rule executor schedule actions when condition met', async () => { const params = defaultParams; const ruleServices: RuleExecutorServicesMock = alertsMock.createRuleExecutorServices(); - - (ruleServices.dataViews.create as jest.Mock).mockResolvedValueOnce({ - ...dataViewMock.toSpec(), - toSpec: () => dataViewMock.toSpec(), - }); - const searchResult = { columns: [ { name: 'timestamp', type: 'date' }, @@ -932,5 +897,9 @@ async function invokeExecutor({ }, logger, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange: () => { + const date = new Date(Date.now()).toISOString(); + return { dateStart: date, dateEnd: date }; + }, }); } diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/util.test.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/util.test.ts new file mode 100644 index 0000000000000..33277947abaab --- /dev/null +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/util.test.ts @@ -0,0 +1,51 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { OnlyEsQueryRuleParams } from './types'; +import { Comparator } from '../../../common/comparator_types'; +import { getParsedQuery } from './util'; + +describe('es_query utils', () => { + const defaultProps = { + size: 3, + timeWindowSize: 5, + timeWindowUnit: 'm', + threshold: [], + thresholdComparator: '>=' as Comparator, + esQuery: '{ "query": "test-query" }', + index: ['test-index'], + timeField: '', + searchType: 'esQuery', + excludeHitsFromPreviousRun: true, + aggType: 'count', + groupBy: 'all', + searchConfiguration: {}, + esqlQuery: { esql: 'test-query' }, + }; + + describe('getParsedQuery', () => { + it('should return search params correctly', () => { + const parsedQuery = getParsedQuery(defaultProps as OnlyEsQueryRuleParams); + expect(parsedQuery.query).toBe('test-query'); + }); + + it('should throw invalid query error', () => { + expect(() => + getParsedQuery({ ...defaultProps, esQuery: '' } as OnlyEsQueryRuleParams) + ).toThrow('invalid query specified: "" - query must be JSON'); + }); + + it('should throw invalid query error due to missing query property', () => { + expect(() => + getParsedQuery({ + ...defaultProps, + esQuery: '{ "someProperty": "test-query" }', + } as OnlyEsQueryRuleParams) + ).toThrow('invalid query specified: "{ "someProperty": "test-query" }" - query must be JSON'); + }); + }); +}); diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/util.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/util.ts index d10218fea7d4f..7dd3c23a0715c 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/util.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/util.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { i18n } from '@kbn/i18n'; +import { OnlyEsQueryRuleParams } from './types'; import { EsQueryRuleParams } from './rule_type_params'; export function isEsQueryRule(searchType: EsQueryRuleParams['searchType']) { @@ -18,3 +20,29 @@ export function isSearchSourceRule(searchType: EsQueryRuleParams['searchType']) export function isEsqlQueryRule(searchType: EsQueryRuleParams['searchType']) { return searchType === 'esqlQuery'; } + +export function getParsedQuery(queryParams: OnlyEsQueryRuleParams) { + const { esQuery } = queryParams; + + let parsedQuery; + try { + parsedQuery = JSON.parse(esQuery); + } catch (err) { + throw new Error(getInvalidQueryError(esQuery)); + } + + if (parsedQuery && !parsedQuery.query) { + throw new Error(getInvalidQueryError(esQuery)); + } + + return parsedQuery; +} + +function getInvalidQueryError(query: string) { + return i18n.translate('xpack.stackAlerts.esQuery.invalidQueryErrorMessage', { + defaultMessage: 'invalid query specified: "{query}" - query must be JSON', + values: { + query, + }, + }); +} diff --git a/x-pack/plugins/stack_alerts/server/rule_types/index_threshold/rule_type.test.ts b/x-pack/plugins/stack_alerts/server/rule_types/index_threshold/rule_type.test.ts index 0d0c7a9f49b33..def4f2eadd8da 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/index_threshold/rule_type.test.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/index_threshold/rule_type.test.ts @@ -20,6 +20,11 @@ import { DEFAULT_FLAPPING_SETTINGS } from '@kbn/alerting-plugin/common/rules_set let fakeTimer: sinon.SinonFakeTimers; +function getTimeRange() { + const date = new Date(Date.now()).toISOString(); + return { dateStart: date, dateEnd: date }; +} + describe('ruleType', () => { const logger = loggingSystemMock.create().get(); const data = { @@ -224,6 +229,7 @@ describe('ruleType', () => { }, logger, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange, }); expect(alertServices.alertsClient.report).toHaveBeenCalledWith({ @@ -318,6 +324,7 @@ describe('ruleType', () => { }, logger, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange, }); expect(customAlertServices.alertFactory.create).not.toHaveBeenCalled(); @@ -386,6 +393,7 @@ describe('ruleType', () => { }, logger, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange, }); expect(customAlertServices.alertFactory.create).not.toHaveBeenCalled(); @@ -453,6 +461,7 @@ describe('ruleType', () => { }, logger, flappingSettings: DEFAULT_FLAPPING_SETTINGS, + getTimeRange, }); expect(data.timeSeriesQuery).toHaveBeenCalledWith( diff --git a/x-pack/plugins/stack_alerts/server/rule_types/index_threshold/rule_type.ts b/x-pack/plugins/stack_alerts/server/rule_types/index_threshold/rule_type.ts index e4411ad50638a..4bf1a2e2accd3 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/index_threshold/rule_type.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/index_threshold/rule_type.ts @@ -219,6 +219,7 @@ export function getRuleType( services, params, logger, + getTimeRange, } = options; const { alertsClient, scopedClusterClient } = services; @@ -237,7 +238,8 @@ export function getRuleType( } const esClient = scopedClusterClient.asCurrentUser; - const date = new Date().toISOString(); + const { dateStart, dateEnd } = getTimeRange(`${params.timeWindowSize}${params.timeWindowUnit}`); + // the undefined values below are for config-schema optional types const queryParams: TimeSeriesQuery = { index: params.index, @@ -247,8 +249,8 @@ export function getRuleType( groupBy: params.groupBy, termField: params.termField, termSize: params.termSize, - dateStart: date, - dateEnd: date, + dateStart, + dateEnd, timeWindowSize: params.timeWindowSize, timeWindowUnit: params.timeWindowUnit, interval: undefined, @@ -269,6 +271,7 @@ export function getRuleType( TIME_SERIES_BUCKET_SELECTOR_FIELD ), }, + useCalculatedDateRange: false, }); logger.debug(`rule ${ID}:${ruleId} "${name}" query result: ${JSON.stringify(result)}`); @@ -309,7 +312,7 @@ export function getRuleType( )} ${params.threshold.join(' and ')}`; const baseContext: BaseActionContext = { - date, + date: dateEnd, group: alertId, value, conditions: humanFn, @@ -338,7 +341,7 @@ export function getRuleType( const alertId = recoveredAlert.getId(); logger.debug(`setting context for recovered alert ${alertId}`); const baseContext: BaseActionContext = { - date, + date: dateEnd, value: unmetGroupValues[alertId] ?? 'unknown', group: alertId, conditions: `${agg} is NOT ${getHumanReadableComparator( diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json index ec61fc696fd77..3f6db08f7b178 100644 --- a/x-pack/plugins/translations/translations/fr-FR.json +++ b/x-pack/plugins/translations/translations/fr-FR.json @@ -35063,7 +35063,6 @@ "xpack.stackAlerts.esQuery.invalidQueryErrorMessage": "recherche spécifiée non valide : \"{query}\" - la recherche doit être au format JSON", "xpack.stackAlerts.esQuery.invalidTermSizeMaximumErrorMessage": "[termSize] : doit être inférieure ou égale à {maxGroups}", "xpack.stackAlerts.esQuery.invalidThreshold2ErrorMessage": "[threshold] : requiert deux éléments pour le comparateur \"{thresholdComparator}\"", - "xpack.stackAlerts.esQuery.invalidWindowSizeErrorMessage": "format non valide pour windowSize : \"{windowValue}\"", "xpack.stackAlerts.esQuery.ui.numQueryMatchesText": "La recherche correspondait à {count} documents dans le/la/les dernier(s)/dernière(s) {window}.", "xpack.stackAlerts.esQuery.ui.queryError": "Erreur lors du test de la recherche : {message}", "xpack.stackAlerts.esQuery.ui.testQueryGroupedResponse": "La recherche groupée correspondait à {groups} groupes dans le/la/les dernier(s)/dernière(s) {window}.", @@ -37791,7 +37790,6 @@ "xpack.triggersActionsUI.rulesSettings.modal.flappingDetectionDescription": "Détectez les alertes qui passent rapidement de l'état actif à l'état récupéré et réduisez le bruit non souhaité de ces alertes bagotantes.", "xpack.triggersActionsUI.rulesSettings.modal.flappingOffLabel": "Désactivé", "xpack.triggersActionsUI.rulesSettings.modal.flappingOnLabel": "Activé (recommandé)", - "xpack.triggersActionsUI.rulesSettings.modal.getRulesSettingsError": "Impossible de récupérer les paramètres des règles.", "xpack.triggersActionsUI.rulesSettings.modal.saveButton": "Enregistrer", "xpack.triggersActionsUI.rulesSettings.modal.title": "Paramètres de règle", "xpack.triggersActionsUI.rulesSettings.modal.updateRulesSettingsFailure": "Impossible de mettre à jour les paramètres des règles.", diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index ecf2b3716ddec..3e2165795ded9 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -35062,7 +35062,6 @@ "xpack.stackAlerts.esQuery.invalidQueryErrorMessage": "無効なクエリが指定されました: \"{query}\" - クエリはJSONでなければなりません", "xpack.stackAlerts.esQuery.invalidTermSizeMaximumErrorMessage": "[termSize]:{maxGroups}以下でなければなりません", "xpack.stackAlerts.esQuery.invalidThreshold2ErrorMessage": "[threshold]:「{thresholdComparator}」比較子の場合には2つの要素が必要です", - "xpack.stackAlerts.esQuery.invalidWindowSizeErrorMessage": "windowSizeの無効な形式:\"{windowValue}\"", "xpack.stackAlerts.esQuery.ui.numQueryMatchesText": "前回の{window}でクエリが{count}個のドキュメントと一致しました。", "xpack.stackAlerts.esQuery.ui.queryError": "クエリのテストエラー:{message}", "xpack.stackAlerts.esQuery.ui.testQueryGroupedResponse": "グループ化されたクエリは、直近の{window}件に{groups}グループと一致しました。", @@ -37782,7 +37781,6 @@ "xpack.triggersActionsUI.rulesSettings.modal.flappingDetectionDescription": "アクティブと回復済みの状態がすばやく切り替わるアラートを検出し、これらのフラップアラートに対する不要なノイズを低減します。", "xpack.triggersActionsUI.rulesSettings.modal.flappingOffLabel": "オフ", "xpack.triggersActionsUI.rulesSettings.modal.flappingOnLabel": "オン(推奨)", - "xpack.triggersActionsUI.rulesSettings.modal.getRulesSettingsError": "ルール設定を取得できませんでした。", "xpack.triggersActionsUI.rulesSettings.modal.saveButton": "保存", "xpack.triggersActionsUI.rulesSettings.modal.title": "ルール設定", "xpack.triggersActionsUI.rulesSettings.modal.updateRulesSettingsFailure": "ルール設定を更新できませんでした。", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 65c962b7db7f1..6172231f9a2d1 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -35056,7 +35056,6 @@ "xpack.stackAlerts.esQuery.invalidQueryErrorMessage": "指定的查询无效:“{query}”- 查询必须为 JSON", "xpack.stackAlerts.esQuery.invalidTermSizeMaximumErrorMessage": "[termSize]:必须小于或等于 {maxGroups}", "xpack.stackAlerts.esQuery.invalidThreshold2ErrorMessage": "[threshold]:对于“{thresholdComparator}”比较运算符,必须包含两个元素", - "xpack.stackAlerts.esQuery.invalidWindowSizeErrorMessage": "windowSize 的格式无效:“{windowValue}”", "xpack.stackAlerts.esQuery.ui.numQueryMatchesText": "查询在过去 {window} 匹配 {count} 个文档。", "xpack.stackAlerts.esQuery.ui.queryError": "测试查询时出错:{message}", "xpack.stackAlerts.esQuery.ui.testQueryGroupedResponse": "过去 {window} 与 {groups} 个组匹配的分组查询。", @@ -37776,7 +37775,6 @@ "xpack.triggersActionsUI.rulesSettings.modal.flappingDetectionDescription": "检测在“活动”和“已恢复”状态之间快速切换的告警,并为这些摆动告警减少不必要噪音。", "xpack.triggersActionsUI.rulesSettings.modal.flappingOffLabel": "关闭", "xpack.triggersActionsUI.rulesSettings.modal.flappingOnLabel": "开(建议)", - "xpack.triggersActionsUI.rulesSettings.modal.getRulesSettingsError": "无法获取规则设置。", "xpack.triggersActionsUI.rulesSettings.modal.saveButton": "保存", "xpack.triggersActionsUI.rulesSettings.modal.title": "规则设置", "xpack.triggersActionsUI.rulesSettings.modal.updateRulesSettingsFailure": "无法更新规则设置。", diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_flapping_form_section.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/flapping/rules_settings_flapping_form_section.tsx similarity index 77% rename from x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_flapping_form_section.tsx rename to x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/flapping/rules_settings_flapping_form_section.tsx index ef915eae6869b..cc7ef6c629fc2 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_flapping_form_section.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/flapping/rules_settings_flapping_form_section.tsx @@ -8,19 +8,7 @@ import React, { memo } from 'react'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n-react'; -import { - EuiFlexGroup, - EuiFlexItem, - EuiFormRow, - EuiFormRowProps, - EuiIconTip, - EuiRange, - EuiRangeProps, - EuiSpacer, - EuiTitle, - EuiText, - EuiPanel, -} from '@elastic/eui'; +import { EuiFlexGroup, EuiFlexItem, EuiSpacer, EuiTitle, EuiText, EuiPanel } from '@elastic/eui'; import { RulesSettingsFlappingProperties, MIN_LOOK_BACK_WINDOW, @@ -28,7 +16,7 @@ import { MAX_LOOK_BACK_WINDOW, MAX_STATUS_CHANGE_THRESHOLD, } from '@kbn/alerting-plugin/common'; -import { useKibana } from '../../../common/lib/kibana'; +import { RulesSettingsRange } from '../rules_settings_range'; type OnChangeKey = keyof Omit; @@ -81,16 +69,6 @@ const getStatusChangeThresholdRuleRuns = (amount: number) => { ); }; -export interface RulesSettingsRangeProps { - label: EuiFormRowProps['label']; - labelPopoverText?: string; - min: number; - max: number; - value: number; - disabled?: EuiRangeProps['disabled']; - onChange?: EuiRangeProps['onChange']; -} - export const RulesSettingsFlappingTitle = () => { return ( @@ -115,58 +93,19 @@ export const RulesSettingsFlappingDescription = () => { ); }; -export const RulesSettingsRange = memo((props: RulesSettingsRangeProps) => { - const { label, labelPopoverText, min, max, value, disabled, onChange, ...rest } = props; - - const renderLabel = () => { - return ( -
- {label} -   - -
- ); - }; - - return ( - - - - ); -}); - export interface RulesSettingsFlappingFormSectionProps { flappingSettings: RulesSettingsFlappingProperties; compressed?: boolean; onChange: (key: OnChangeKey, value: number) => void; + canWrite: boolean; } export const RulesSettingsFlappingFormSection = memo( (props: RulesSettingsFlappingFormSectionProps) => { - const { flappingSettings, compressed = false, onChange } = props; + const { flappingSettings, compressed = false, onChange, canWrite } = props; const { lookBackWindow, statusChangeThreshold } = flappingSettings; - const { - application: { capabilities }, - } = useKibana().services; - - const { - rulesSettings: { writeFlappingSettingsUI }, - } = capabilities; - - const canWriteFlappingSettings = writeFlappingSettingsUI; - return ( {compressed && ( @@ -193,7 +132,7 @@ export const RulesSettingsFlappingFormSection = memo( onChange={(e) => onChange('lookBackWindow', parseInt(e.currentTarget.value, 10))} label={lookBackWindowLabel} labelPopoverText={lookBackWindowHelp} - disabled={!canWriteFlappingSettings} + disabled={!canWrite} /> @@ -205,7 +144,7 @@ export const RulesSettingsFlappingFormSection = memo( onChange={(e) => onChange('statusChangeThreshold', parseInt(e.currentTarget.value, 10))} label={statusChangeThresholdLabel} labelPopoverText={statusChangeThresholdHelp} - disabled={!canWriteFlappingSettings} + disabled={!canWrite} /> diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/flapping/rules_settings_flapping_section.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/flapping/rules_settings_flapping_section.tsx new file mode 100644 index 0000000000000..a6e2f282d8894 --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/flapping/rules_settings_flapping_section.tsx @@ -0,0 +1,185 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { memo } from 'react'; +import { RulesSettingsFlappingProperties } from '@kbn/alerting-plugin/common'; +import { i18n } from '@kbn/i18n'; +import { FormattedMessage } from '@kbn/i18n-react'; +import { + EuiFlexGroup, + EuiFlexItem, + EuiForm, + EuiSpacer, + EuiSwitch, + EuiSwitchProps, + EuiPanel, + EuiText, + EuiEmptyPrompt, +} from '@elastic/eui'; +import { + RulesSettingsFlappingFormSection, + RulesSettingsFlappingFormSectionProps, + RulesSettingsFlappingTitle, +} from './rules_settings_flapping_form_section'; + +const flappingDescription = i18n.translate( + 'xpack.triggersActionsUI.rulesSettings.modal.flappingDetectionDescription', + { + defaultMessage: + 'Detect alerts that switch quickly between active and recovered states and reduce unwanted noise for these flapping alerts.', + } +); + +const flappingOnLabel = i18n.translate( + 'xpack.triggersActionsUI.rulesSettings.modal.flappingOnLabel', + { + defaultMessage: 'On (recommended)', + } +); + +const flappingOffLabel = i18n.translate( + 'xpack.triggersActionsUI.rulesSettings.modal.flappingOffLabel', + { + defaultMessage: 'Off', + } +); + +export const RulesSettingsFlappingErrorPrompt = memo(() => { + return ( + + + + } + body={ +

+ +

+ } + /> + ); +}); + +interface RulesSettingsFlappingFormLeftProps { + settings: RulesSettingsFlappingProperties; + onChange: EuiSwitchProps['onChange']; + isSwitchDisabled: boolean; +} + +export const RulesSettingsFlappingFormLeft = memo((props: RulesSettingsFlappingFormLeftProps) => { + const { settings, onChange, isSwitchDisabled } = props; + + return ( + + + + +

{flappingDescription}

+
+
+ + + +
+
+ ); +}); + +interface RulesSettingsFlappingFormRightProps { + settings: RulesSettingsFlappingProperties; + onChange: RulesSettingsFlappingFormSectionProps['onChange']; + canWrite: boolean; +} + +export const RulesSettingsFlappingFormRight = memo((props: RulesSettingsFlappingFormRightProps) => { + const { settings, onChange, canWrite } = props; + + if (!settings) { + return null; + } + if (!settings.enabled) { + return ( + + + + + + + + ); + } + + return ( + + + + ); +}); + +export interface RulesSettingsFlappingSectionProps { + onChange: (key: keyof RulesSettingsFlappingProperties, value: number | boolean) => void; + settings: RulesSettingsFlappingProperties; + canShow: boolean | Readonly<{ [x: string]: boolean }>; + canWrite: boolean; + hasError: boolean; +} + +export const RulesSettingsFlappingSection = memo((props: RulesSettingsFlappingSectionProps) => { + const { onChange, settings, hasError, canShow, canWrite } = props; + + if (!canShow) { + return null; + } + if (hasError) { + return ; + } + return ( + + + + + + + + + onChange('enabled', e.target.checked)} + /> + onChange(key, value)} + canWrite={canWrite} + /> + + + ); +}); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/query_delay/rules_settings_query_delay_section.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/query_delay/rules_settings_query_delay_section.tsx new file mode 100644 index 0000000000000..468774fed6a29 --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/query_delay/rules_settings_query_delay_section.tsx @@ -0,0 +1,123 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { memo } from 'react'; +import { + MAX_QUERY_DELAY, + MIN_QUERY_DELAY, + RulesSettingsQueryDelayProperties, +} from '@kbn/alerting-plugin/common'; +import { i18n } from '@kbn/i18n'; +import { FormattedMessage } from '@kbn/i18n-react'; +import { + EuiFlexGroup, + EuiFlexItem, + EuiForm, + EuiSpacer, + EuiText, + EuiEmptyPrompt, + EuiTitle, +} from '@elastic/eui'; +import { RulesSettingsRange } from '../rules_settings_range'; + +const queryDelayDescription = i18n.translate( + 'xpack.triggersActionsUI.rulesSettings.modal.queryDelayDescription', + { + defaultMessage: + 'Delay all rule queries to mitigate the impact of index refresh intervals on data availability.', + } +); + +const queryDelayLabel = i18n.translate('xpack.triggersActionsUI.rulesSettings.queryDelayLabel', { + defaultMessage: 'Query delay length (seconds)', +}); + +export const RulesSettingsQueryDelayErrorPrompt = memo(() => { + return ( + + + + } + body={ +

+ +

+ } + /> + ); +}); + +export const RulesSettingsQueryDelayTitle = () => { + return ( + +
+ +
+
+ ); +}; + +export interface RulesSettingsQueryDelaySectionProps { + onChange: (key: keyof RulesSettingsQueryDelayProperties, value: number | boolean) => void; + settings: RulesSettingsQueryDelayProperties; + canShow: boolean | Readonly<{ [x: string]: boolean }>; + canWrite: boolean; + hasError: boolean; +} + +export const RulesSettingsQueryDelaySection = memo((props: RulesSettingsQueryDelaySectionProps) => { + const { onChange, settings, hasError, canShow, canWrite } = props; + + if (!canShow) { + return null; + } + if (hasError) { + return ; + } + return ( + + + + + + + + + + +

{queryDelayDescription}

+
+
+ + onChange('delay', parseInt(e.currentTarget.value, 10))} + label={queryDelayLabel} + disabled={!canWrite} + /> + +
+
+ ); +}); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_link.stories.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_link.stories.tsx index 9bfe33e1ef887..f5da133df373e 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_link.stories.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_link.stories.tsx @@ -36,6 +36,8 @@ withAllPermission.decorators = [ save: true, readFlappingSettingsUI: true, writeFlappingSettingsUI: true, + readQueryDelaySettingsUI: true, + writeQueryDelaySettingsUI: true, }, }), }} @@ -58,6 +60,8 @@ withReadPermission.decorators = [ save: false, readFlappingSettingsUI: true, writeFlappingSettingsUI: false, + readQueryDelaySettingsUI: true, + writeQueryDelaySettingsUI: false, }, }), }} @@ -80,6 +84,8 @@ withNoPermission.decorators = [ save: false, readFlappingSettingsUI: false, writeFlappingSettingsUI: false, + readQueryDelaySettingsUI: false, + writeQueryDelaySettingsUI: false, }, }), }} diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_link.test.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_link.test.tsx index 17cc4ea8bca8f..77c779318696e 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_link.test.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_link.test.tsx @@ -11,18 +11,18 @@ import { __IntlProvider as IntlProvider } from '@kbn/i18n-react'; import { render, cleanup, waitFor } from '@testing-library/react'; import userEvent from '@testing-library/user-event'; import { coreMock } from '@kbn/core/public/mocks'; -import { RulesSettingsFlapping } from '@kbn/alerting-plugin/common'; +import { RulesSettingsFlapping, RulesSettingsQueryDelay } from '@kbn/alerting-plugin/common'; import { RulesSettingsLink } from './rules_settings_link'; import { useKibana } from '../../../common/lib/kibana'; import { getFlappingSettings } from '../../lib/rule_api/get_flapping_settings'; -import { updateFlappingSettings } from '../../lib/rule_api/update_flapping_settings'; +import { getQueryDelaySettings } from '../../lib/rule_api/get_query_delay_settings'; jest.mock('../../../common/lib/kibana'); jest.mock('../../lib/rule_api/get_flapping_settings', () => ({ getFlappingSettings: jest.fn(), })); -jest.mock('../../lib/rule_api/update_flapping_settings', () => ({ - updateFlappingSettings: jest.fn(), +jest.mock('../../lib/rule_api/get_query_delay_settings', () => ({ + getQueryDelaySettings: jest.fn(), })); const queryClient = new QueryClient({ @@ -41,8 +41,8 @@ const mocks = coreMock.createSetup(); const getFlappingSettingsMock = getFlappingSettings as unknown as jest.MockedFunction< typeof getFlappingSettings >; -const updateFlappingSettingsMock = updateFlappingSettings as unknown as jest.MockedFunction< - typeof updateFlappingSettings +const getQueryDelaySettingsMock = getQueryDelaySettings as unknown as jest.MockedFunction< + typeof getQueryDelaySettings >; const mockFlappingSetting: RulesSettingsFlapping = { @@ -54,6 +54,13 @@ const mockFlappingSetting: RulesSettingsFlapping = { createdAt: new Date().toISOString(), updatedAt: new Date().toISOString(), }; +const mockQueryDelaySetting: RulesSettingsQueryDelay = { + delay: 10, + createdBy: 'test user', + updatedBy: 'test user', + createdAt: new Date().toISOString(), + updatedAt: new Date().toISOString(), +}; const RulesSettingsLinkWithProviders: React.FunctionComponent<{}> = () => ( @@ -77,10 +84,12 @@ describe('rules_settings_link', () => { show: true, writeFlappingSettingsUI: true, readFlappingSettingsUI: true, + writeQueryDelaySettingsUI: true, + readQueryDelaySettingsUI: true, }, }; getFlappingSettingsMock.mockResolvedValue(mockFlappingSetting); - updateFlappingSettingsMock.mockResolvedValue(mockFlappingSetting); + getQueryDelaySettingsMock.mockResolvedValue(mockQueryDelaySetting); }); afterEach(() => { @@ -98,6 +107,58 @@ describe('rules_settings_link', () => { expect(result.queryByTestId('rulesSettingsModal')).toBe(null); }); + test('renders the rules setting link correctly (readFlappingSettingsUI = true)', async () => { + const [ + { + application: { capabilities }, + }, + ] = await mocks.getStartServices(); + useKibanaMock().services.application.capabilities = { + ...capabilities, + rulesSettings: { + save: true, + show: true, + writeFlappingSettingsUI: true, + readFlappingSettingsUI: true, + writeQueryDelaySettingsUI: true, + readQueryDelaySettingsUI: false, + }, + }; + + const result = render(); + await waitFor(() => { + expect(result.getByText('Settings')).toBeInTheDocument(); + }); + expect(result.getByText('Settings')).not.toBeDisabled(); + expect(result.queryByTestId('rulesSettingsModal')).toBe(null); + }); + + test('renders the rules setting link correctly (readQueryDelaySettingsUI = true)', async () => { + const [ + { + application: { capabilities }, + }, + ] = await mocks.getStartServices(); + useKibanaMock().services.application.capabilities = { + ...capabilities, + rulesSettings: { + save: true, + show: true, + writeFlappingSettingsUI: true, + readFlappingSettingsUI: false, + writeQueryDelaySettingsUI: true, + readQueryDelaySettingsUI: true, + }, + }; + + const result = render(); + await waitFor(() => { + expect(result.getByText('Settings')).toBeInTheDocument(); + }); + expect(result.getByText('Settings')).not.toBeDisabled(); + expect(result.queryByTestId('rulesSettingsModal')).toBe(null); + }); + test('clicking the settings link opens the rules settings modal', async () => { const result = render(); await waitFor(() => { @@ -124,6 +185,8 @@ describe('rules_settings_link', () => { show: false, writeFlappingSettingsUI: true, readFlappingSettingsUI: true, + writeQueryDelaySettingsUI: true, + readQueryDelaySettingsUI: true, }, }; @@ -139,6 +202,8 @@ describe('rules_settings_link', () => { show: true, writeFlappingSettingsUI: true, readFlappingSettingsUI: false, + writeQueryDelaySettingsUI: true, + readQueryDelaySettingsUI: false, }, }; diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_link.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_link.tsx index be3752dfc6fe6..06f00f392d68d 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_link.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_link.tsx @@ -17,9 +17,9 @@ export const RulesSettingsLink = () => { application: { capabilities }, } = useKibana().services; - const { show, readFlappingSettingsUI } = capabilities.rulesSettings; + const { show, readFlappingSettingsUI, readQueryDelaySettingsUI } = capabilities.rulesSettings; - if (!show || !readFlappingSettingsUI) { + if (!show || (!readFlappingSettingsUI && !readQueryDelaySettingsUI)) { return null; } diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_modal.test.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_modal.test.tsx index 6915a46123a40..54de45d909beb 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_modal.test.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_modal.test.tsx @@ -12,11 +12,13 @@ import { render, fireEvent, cleanup, waitFor } from '@testing-library/react'; import userEvent from '@testing-library/user-event'; import { coreMock } from '@kbn/core/public/mocks'; import { IToasts } from '@kbn/core/public'; -import { RulesSettingsFlapping } from '@kbn/alerting-plugin/common'; +import { RulesSettingsFlapping, RulesSettingsQueryDelay } from '@kbn/alerting-plugin/common'; import { RulesSettingsModal, RulesSettingsModalProps } from './rules_settings_modal'; import { useKibana } from '../../../common/lib/kibana'; import { getFlappingSettings } from '../../lib/rule_api/get_flapping_settings'; import { updateFlappingSettings } from '../../lib/rule_api/update_flapping_settings'; +import { getQueryDelaySettings } from '../../lib/rule_api/get_query_delay_settings'; +import { updateQueryDelaySettings } from '../../lib/rule_api/update_query_delay_settings'; jest.mock('../../../common/lib/kibana'); jest.mock('../../lib/rule_api/get_flapping_settings', () => ({ @@ -25,6 +27,12 @@ jest.mock('../../lib/rule_api/get_flapping_settings', () => ({ jest.mock('../../lib/rule_api/update_flapping_settings', () => ({ updateFlappingSettings: jest.fn(), })); +jest.mock('../../lib/rule_api/get_query_delay_settings', () => ({ + getQueryDelaySettings: jest.fn(), +})); +jest.mock('../../lib/rule_api/update_query_delay_settings', () => ({ + updateQueryDelaySettings: jest.fn(), +})); const queryClient = new QueryClient({ defaultOptions: { @@ -45,6 +53,12 @@ const getFlappingSettingsMock = getFlappingSettings as unknown as jest.MockedFun const updateFlappingSettingsMock = updateFlappingSettings as unknown as jest.MockedFunction< typeof updateFlappingSettings >; +const getQueryDelaySettingsMock = getQueryDelaySettings as unknown as jest.MockedFunction< + typeof getQueryDelaySettings +>; +const updateQueryDelaySettingsMock = updateQueryDelaySettings as unknown as jest.MockedFunction< + typeof updateQueryDelaySettings +>; const mockFlappingSetting: RulesSettingsFlapping = { enabled: true, @@ -55,6 +69,13 @@ const mockFlappingSetting: RulesSettingsFlapping = { createdAt: new Date().toISOString(), updatedAt: new Date().toISOString(), }; +const mockQueryDelaySetting: RulesSettingsQueryDelay = { + delay: 10, + createdBy: 'test user', + updatedBy: 'test user', + createdAt: new Date().toISOString(), + updatedAt: new Date().toISOString(), +}; const modalProps: RulesSettingsModalProps = { isVisible: true, @@ -87,6 +108,8 @@ describe('rules_settings_modal', () => { show: true, writeFlappingSettingsUI: true, readFlappingSettingsUI: true, + writeQueryDelaySettingsUI: true, + readQueryDelaySettingsUI: true, }, }; @@ -99,6 +122,8 @@ describe('rules_settings_modal', () => { getFlappingSettingsMock.mockResolvedValue(mockFlappingSetting); updateFlappingSettingsMock.mockResolvedValue(mockFlappingSetting); + getQueryDelaySettingsMock.mockResolvedValue(mockQueryDelaySetting); + updateQueryDelaySettingsMock.mockResolvedValue(mockQueryDelaySetting); }); afterEach(() => { @@ -113,9 +138,9 @@ describe('rules_settings_modal', () => { await waitFor(() => { expect(result.queryByTestId('centerJustifiedSpinner')).toBe(null); }); - expect(result.getByTestId('rulesSettingsModalEnableSwitch').getAttribute('aria-checked')).toBe( - 'true' - ); + expect( + result.getByTestId('rulesSettingsFlappingEnableSwitch').getAttribute('aria-checked') + ).toBe('true'); expect(result.getByTestId('lookBackWindowRangeInput').getAttribute('value')).toBe('10'); expect(result.getByTestId('statusChangeThresholdRangeInput').getAttribute('value')).toBe('10'); @@ -190,6 +215,15 @@ describe('rules_settings_modal', () => { expect(result.queryByTestId('centerJustifiedSpinner')).toBe(null); }); + const lookBackWindowInput = result.getByTestId('lookBackWindowRangeInput'); + const statusChangeThresholdInput = result.getByTestId('statusChangeThresholdRangeInput'); + + fireEvent.change(lookBackWindowInput, { target: { value: 20 } }); + fireEvent.change(statusChangeThresholdInput, { target: { value: 5 } }); + + expect(lookBackWindowInput.getAttribute('value')).toBe('20'); + expect(statusChangeThresholdInput.getAttribute('value')).toBe('5'); + // Try saving userEvent.click(result.getByTestId('rulesSettingsModalSaveButton')); await waitFor(() => { @@ -207,9 +241,9 @@ describe('rules_settings_modal', () => { expect(result.queryByTestId('centerJustifiedSpinner')).toBe(null); }); - expect(result.queryByTestId('rulesSettingsModalFlappingOffPrompt')).toBe(null); - userEvent.click(result.getByTestId('rulesSettingsModalEnableSwitch')); - expect(result.queryByTestId('rulesSettingsModalFlappingOffPrompt')).not.toBe(null); + expect(result.queryByTestId('rulesSettingsFlappingOffPrompt')).toBe(null); + userEvent.click(result.getByTestId('rulesSettingsFlappingEnableSwitch')); + expect(result.queryByTestId('rulesSettingsFlappingOffPrompt')).not.toBe(null); }); test('form elements are disabled when provided with insufficient write permissions', async () => { @@ -232,7 +266,7 @@ describe('rules_settings_modal', () => { expect(result.queryByTestId('centerJustifiedSpinner')).toBe(null); }); - expect(result.getByTestId('rulesSettingsModalEnableSwitch')).toBeDisabled(); + expect(result.getByTestId('rulesSettingsFlappingEnableSwitch')).toBeDisabled(); expect(result.getByTestId('lookBackWindowRangeInput')).toBeDisabled(); expect(result.getByTestId('statusChangeThresholdRangeInput')).toBeDisabled(); expect(result.getByTestId('rulesSettingsModalSaveButton')).toBeDisabled(); @@ -259,6 +293,118 @@ describe('rules_settings_modal', () => { expect(result.queryByTestId('centerJustifiedSpinner')).toBe(null); }); - expect(result.getByTestId('rulesSettingsErrorPrompt')).toBeInTheDocument(); + expect(result.queryByTestId('rulesSettingsFlappingSection')).toBe(null); + }); + + test('renders query delay settings correctly', async () => { + const result = render(); + expect(getQueryDelaySettingsMock).toHaveBeenCalledTimes(1); + await waitFor(() => { + expect(result.queryByTestId('centerJustifiedSpinner')).toBe(null); + }); + expect(result.getByTestId('queryDelayRangeInput').getAttribute('value')).toBe('10'); + + expect(result.getByTestId('rulesSettingsModalCancelButton')).toBeInTheDocument(); + expect(result.getByTestId('rulesSettingsModalSaveButton').getAttribute('disabled')).toBeFalsy(); + }); + + test('can save query delay settings', async () => { + const result = render(); + await waitFor(() => { + expect(result.queryByTestId('centerJustifiedSpinner')).toBe(null); + }); + + const queryDelayRangeInput = result.getByTestId('queryDelayRangeInput'); + fireEvent.change(queryDelayRangeInput, { target: { value: 20 } }); + expect(queryDelayRangeInput.getAttribute('value')).toBe('20'); + + // Try saving + userEvent.click(result.getByTestId('rulesSettingsModalSaveButton')); + + await waitFor(() => { + expect(modalProps.setUpdatingRulesSettings).toHaveBeenCalledWith(true); + }); + expect(modalProps.onClose).toHaveBeenCalledTimes(1); + expect(updateQueryDelaySettingsMock).toHaveBeenCalledWith( + expect.objectContaining({ + queryDelaySettings: { + delay: 20, + }, + }) + ); + expect(useKibanaMock().services.notifications.toasts.addSuccess).toHaveBeenCalledTimes(1); + expect(modalProps.setUpdatingRulesSettings).toHaveBeenCalledWith(true); + expect(modalProps.onSave).toHaveBeenCalledTimes(1); + }); + + test('handles errors when saving query delay settings', async () => { + updateQueryDelaySettingsMock.mockRejectedValue('failed!'); + + const result = render(); + await waitFor(() => { + expect(result.queryByTestId('centerJustifiedSpinner')).toBe(null); + }); + + const queryDelayRangeInput = result.getByTestId('queryDelayRangeInput'); + fireEvent.change(queryDelayRangeInput, { target: { value: 20 } }); + expect(queryDelayRangeInput.getAttribute('value')).toBe('20'); + + // Try saving + userEvent.click(result.getByTestId('rulesSettingsModalSaveButton')); + await waitFor(() => { + expect(modalProps.setUpdatingRulesSettings).toHaveBeenCalledWith(true); + }); + expect(modalProps.onClose).toHaveBeenCalledTimes(1); + expect(useKibanaMock().services.notifications.toasts.addDanger).toHaveBeenCalledTimes(1); + expect(modalProps.setUpdatingRulesSettings).toHaveBeenCalledWith(true); + expect(modalProps.onSave).toHaveBeenCalledTimes(1); + }); + + test('query delay form elements are disabled when provided with insufficient write permissions', async () => { + const [ + { + application: { capabilities }, + }, + ] = await mocks.getStartServices(); + useKibanaMock().services.application.capabilities = { + ...capabilities, + rulesSettings: { + save: true, + show: true, + writeQueryDelaySettingsUI: false, + readQueryDelaySettingsUI: true, + }, + }; + const result = render(); + await waitFor(() => { + expect(result.queryByTestId('centerJustifiedSpinner')).toBe(null); + }); + + expect(result.getByTestId('queryDelayRangeInput')).toBeDisabled(); + expect(result.getByTestId('rulesSettingsModalSaveButton')).toBeDisabled(); + }); + + test('query delay form elements are not visible when provided with insufficient read permissions', async () => { + const [ + { + application: { capabilities }, + }, + ] = await mocks.getStartServices(); + useKibanaMock().services.application.capabilities = { + ...capabilities, + rulesSettings: { + save: true, + show: false, + writeQueryDelaySettingsUI: true, + readQueryDelaySettingsUI: false, + }, + }; + + const result = render(); + await waitFor(() => { + expect(result.queryByTestId('centerJustifiedSpinner')).toBe(null); + }); + + expect(result.queryByTestId('rulesSettingsQueryDelaySection')).toBe(null); }); }); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_modal.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_modal.tsx index d71a134fa0f79..c15286325495a 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_modal.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/rules_setting/rules_settings_modal.tsx @@ -6,7 +6,11 @@ */ import React, { memo, useState } from 'react'; -import { RulesSettingsFlappingProperties } from '@kbn/alerting-plugin/common'; +import { + RulesSettingsFlappingProperties, + RulesSettingsProperties, + RulesSettingsQueryDelayProperties, +} from '@kbn/alerting-plugin/common'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n-react'; import { @@ -14,53 +18,22 @@ import { EuiButtonEmpty, EuiCallOut, EuiHorizontalRule, - EuiFlexGroup, - EuiFlexItem, - EuiForm, EuiModal, EuiModalHeader, EuiModalBody, EuiModalFooter, EuiModalHeaderTitle, EuiSpacer, - EuiSwitch, - EuiSwitchProps, - EuiPanel, - EuiText, EuiEmptyPrompt, } from '@elastic/eui'; import { useKibana } from '../../../common/lib/kibana'; -import { - RulesSettingsFlappingFormSection, - RulesSettingsFlappingFormSectionProps, - RulesSettingsFlappingTitle, -} from './rules_settings_flapping_form_section'; import { useGetFlappingSettings } from '../../hooks/use_get_flapping_settings'; -import { useUpdateFlappingSettings } from '../../hooks/use_update_flapping_settings'; +import { RulesSettingsFlappingSection } from './flapping/rules_settings_flapping_section'; +import { RulesSettingsQueryDelaySection } from './query_delay/rules_settings_query_delay_section'; +import { useGetQueryDelaySettings } from '../../hooks/use_get_query_delay_settings'; +import { useUpdateRuleSettings } from '../../hooks/use_update_rules_settings'; import { CenterJustifiedSpinner } from '../center_justified_spinner'; -const flappingDescription = i18n.translate( - 'xpack.triggersActionsUI.rulesSettings.modal.flappingDetectionDescription', - { - defaultMessage: - 'Detect alerts that switch quickly between active and recovered states and reduce unwanted noise for these flapping alerts.', - } -); - -const flappingOnLabel = i18n.translate( - 'xpack.triggersActionsUI.rulesSettings.modal.flappingOnLabel', - { - defaultMessage: 'On (recommended)', - } -); - -const flappingOffLabel = i18n.translate( - 'xpack.triggersActionsUI.rulesSettings.modal.flappingOffLabel', - { - defaultMessage: 'Off', - } -); - export const RulesSettingsErrorPrompt = memo(() => { return ( { ); }); -interface RulesSettingsModalFormLeftProps { - settings: RulesSettingsFlappingProperties; - onChange: EuiSwitchProps['onChange']; - isSwitchDisabled: boolean; -} - -export const RulesSettingsModalFormLeft = memo((props: RulesSettingsModalFormLeftProps) => { - const { settings, onChange, isSwitchDisabled } = props; - - return ( - - - - -

{flappingDescription}

-
-
- - - -
-
- ); -}); - -interface RulesSettingsModalFormRightProps { - settings: RulesSettingsFlappingProperties; - onChange: RulesSettingsFlappingFormSectionProps['onChange']; -} - -export const RulesSettingsModalFormRight = memo((props: RulesSettingsModalFormRightProps) => { - const { settings, onChange } = props; - - if (!settings) { - return null; - } - if (!settings.enabled) { - return ( - - - - - - - - ); - } - - return ( - - - - ); -}); - export interface RulesSettingsModalProps { isVisible: boolean; setUpdatingRulesSettings?: (isUpdating: boolean) => void; @@ -165,16 +74,27 @@ export const RulesSettingsModal = memo((props: RulesSettingsModalProps) => { application: { capabilities }, } = useKibana().services; const { - rulesSettings: { show, save, writeFlappingSettingsUI, readFlappingSettingsUI }, + rulesSettings: { + show, + save, + writeFlappingSettingsUI, + readFlappingSettingsUI, + writeQueryDelaySettingsUI, + readQueryDelaySettingsUI, + }, } = capabilities; - const [settings, setSettings] = useState(); + const [flappingSettings, setFlappingSettings] = useState(); + const [hasFlappingChanged, setHasFlappingChanged] = useState(false); + + const [queryDelaySettings, setQueryDelaySettings] = useState(); + const [hasQueryDelayChanged, setHasQueryDelayChanged] = useState(false); - const { isLoading, isError: hasError } = useGetFlappingSettings({ + const { isLoading: isFlappingLoading, isError: hasFlappingError } = useGetFlappingSettings({ enabled: isVisible, onSuccess: (fetchedSettings) => { - if (!settings) { - setSettings({ + if (!flappingSettings) { + setFlappingSettings({ enabled: fetchedSettings.enabled, lookBackWindow: fetchedSettings.lookBackWindow, statusChangeThreshold: fetchedSettings.statusChangeThreshold, @@ -183,7 +103,18 @@ export const RulesSettingsModal = memo((props: RulesSettingsModalProps) => { }, }); - const { mutate } = useUpdateFlappingSettings({ + const { isLoading: isQueryDelayLoading, isError: hasQueryDelayError } = useGetQueryDelaySettings({ + enabled: isVisible, + onSuccess: (fetchedSettings) => { + if (!queryDelaySettings) { + setQueryDelaySettings({ + delay: fetchedSettings.delay, + }); + } + }, + }); + + const { mutate } = useUpdateRuleSettings({ onSave, onClose, setUpdatingRulesSettings, @@ -192,36 +123,56 @@ export const RulesSettingsModal = memo((props: RulesSettingsModalProps) => { // In the future when we have more settings sub-features, we should // disassociate the rule settings capabilities (save, show) from the // sub-feature capabilities (writeXSettingsUI). - const canWriteFlappingSettings = save && writeFlappingSettingsUI && !hasError; + const canWriteFlappingSettings = save && writeFlappingSettingsUI && !hasFlappingError; const canShowFlappingSettings = show && readFlappingSettingsUI; + const canWriteQueryDelaySettings = save && writeQueryDelaySettingsUI && !hasQueryDelayError; + const canShowQueryDelaySettings = show && readQueryDelaySettingsUI; const handleSettingsChange = ( - key: keyof RulesSettingsFlappingProperties, - value: number | boolean + setting: keyof RulesSettingsProperties, + key: keyof RulesSettingsFlappingProperties | keyof RulesSettingsQueryDelayProperties, + value: boolean | number ) => { - if (!settings) { - return; + if (setting === 'flapping') { + if (!flappingSettings) { + return; + } + const newSettings = { + ...flappingSettings, + [key]: value, + }; + setFlappingSettings({ + ...newSettings, + statusChangeThreshold: Math.min( + newSettings.lookBackWindow, + newSettings.statusChangeThreshold + ), + }); + setHasFlappingChanged(true); } - const newSettings = { - ...settings, - [key]: value, - }; - - setSettings({ - ...newSettings, - statusChangeThreshold: Math.min( - newSettings.lookBackWindow, - newSettings.statusChangeThreshold - ), - }); + if (setting === 'queryDelay') { + if (!queryDelaySettings) { + return; + } + const newSettings = { + ...queryDelaySettings, + [key]: value, + }; + setQueryDelaySettings(newSettings); + setHasQueryDelayChanged(true); + } }; const handleSave = () => { - if (!settings) { - return; + const updatedSettings: RulesSettingsProperties = {}; + if (canWriteFlappingSettings && hasFlappingChanged) { + updatedSettings.flapping = flappingSettings; + } + if (canWriteQueryDelaySettings && hasQueryDelayChanged) { + updatedSettings.queryDelay = queryDelaySettings; } - mutate(settings); + mutate(updatedSettings); }; if (!isVisible) { @@ -229,32 +180,36 @@ export const RulesSettingsModal = memo((props: RulesSettingsModalProps) => { } const maybeRenderForm = () => { - if (hasError || !canShowFlappingSettings) { + if (!canShowFlappingSettings && !canShowQueryDelaySettings) { return ; } - if (!settings || isLoading) { + if (isFlappingLoading || isQueryDelayLoading) { return ; } return ( - - - - - - - - - handleSettingsChange('enabled', e.target.checked)} + <> + {flappingSettings && ( + handleSettingsChange('flapping', key, value)} + settings={flappingSettings} + canWrite={canWriteFlappingSettings} + canShow={canShowFlappingSettings} + hasError={hasFlappingError} /> - handleSettingsChange(key, value)} - /> - - + )} + {queryDelaySettings && ( + <> + + handleSettingsChange('queryDelay', key, value)} + settings={queryDelaySettings} + canWrite={canWriteQueryDelaySettings} + canShow={canShowQueryDelaySettings} + hasError={hasQueryDelayError} + /> + + )} + ); }; @@ -291,7 +246,7 @@ export const RulesSettingsModal = memo((props: RulesSettingsModalProps) => { fill data-test-subj="rulesSettingsModalSaveButton" onClick={handleSave} - disabled={!canWriteFlappingSettings} + disabled={!canWriteFlappingSettings && !canWriteQueryDelaySettings} > { + const { label, labelPopoverText, min, max, value, disabled, onChange, ...rest } = props; + + const renderLabel = () => { + return ( +
+ {label} +   + {labelPopoverText && ( + + )} +
+ ); + }; + + return ( + + + + ); +}); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_get_flapping_settings.ts b/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_get_flapping_settings.ts index e3166999df9ed..f5c66decad481 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_get_flapping_settings.ts +++ b/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_get_flapping_settings.ts @@ -5,7 +5,6 @@ * 2.0. */ -import { i18n } from '@kbn/i18n'; import { useQuery } from '@tanstack/react-query'; import { RulesSettingsFlapping } from '@kbn/alerting-plugin/common'; import { useKibana } from '../../common/lib/kibana'; @@ -18,27 +17,15 @@ interface UseGetFlappingSettingsProps { export const useGetFlappingSettings = (props: UseGetFlappingSettingsProps) => { const { enabled, onSuccess } = props; - const { - http, - notifications: { toasts }, - } = useKibana().services; + const { http } = useKibana().services; const queryFn = () => { return getFlappingSettings({ http }); }; - const onErrorFn = () => { - toasts.addDanger( - i18n.translate('xpack.triggersActionsUI.rulesSettings.modal.getRulesSettingsError', { - defaultMessage: 'Failed to get rules Settings.', - }) - ); - }; - const { data, isFetching, isError, isLoadingError, isLoading } = useQuery({ queryKey: ['getFlappingSettings'], queryFn, - onError: onErrorFn, onSuccess, enabled, refetchOnWindowFocus: false, diff --git a/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_get_query_delay_setting.test.tsx b/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_get_query_delay_setting.test.tsx new file mode 100644 index 0000000000000..bf792e29ed604 --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_get_query_delay_setting.test.tsx @@ -0,0 +1,57 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import React from 'react'; +import { renderHook } from '@testing-library/react-hooks/dom'; +import { waitFor } from '@testing-library/dom'; +import { QueryClient, QueryClientProvider } from '@tanstack/react-query'; +import { useGetQueryDelaySettings } from './use_get_query_delay_settings'; + +jest.mock('../lib/rule_api/get_query_delay_settings', () => ({ + getQueryDelaySettings: jest.fn(), +})); + +const { getQueryDelaySettings } = jest.requireMock('../lib/rule_api/get_query_delay_settings'); +const queryClient = new QueryClient({ + defaultOptions: { + queries: { + retry: false, + cacheTime: 0, + }, + }, +}); +const wrapper = ({ children }: { children: Node }) => ( + {children} +); + +describe('useGetQueryDelaySettings', () => { + beforeEach(() => { + jest.clearAllMocks(); + }); + + it('should call getQueryDelaySettings', async () => { + renderHook(() => useGetQueryDelaySettings({ enabled: true, onSuccess: () => {} }), { + wrapper, + }); + + await waitFor(() => { + expect(getQueryDelaySettings).toHaveBeenCalled(); + }); + }); + + it('should return isError = true if api fails', async () => { + getQueryDelaySettings.mockRejectedValue('This is an error.'); + + const { result } = renderHook( + () => useGetQueryDelaySettings({ enabled: true, onSuccess: () => {} }), + { + wrapper, + } + ); + + await waitFor(() => expect(result.current.isError).toBe(true)); + }); +}); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_get_query_delay_settings.ts b/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_get_query_delay_settings.ts new file mode 100644 index 0000000000000..2956d380aa8cf --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_get_query_delay_settings.ts @@ -0,0 +1,40 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { useQuery } from '@tanstack/react-query'; +import { RulesSettingsQueryDelay } from '@kbn/alerting-plugin/common'; +import { useKibana } from '../../common/lib/kibana'; +import { getQueryDelaySettings } from '../lib/rule_api/get_query_delay_settings'; + +interface UseGetQueryDelaySettingsProps { + enabled: boolean; + onSuccess: (settings: RulesSettingsQueryDelay) => void; +} + +export const useGetQueryDelaySettings = (props: UseGetQueryDelaySettingsProps) => { + const { enabled, onSuccess } = props; + const { http } = useKibana().services; + + const queryFn = () => { + return getQueryDelaySettings({ http }); + }; + + const { data, isFetching, isError, isLoadingError, isLoading } = useQuery({ + queryKey: ['getQueryDelaySettings'], + queryFn, + onSuccess, + enabled, + refetchOnWindowFocus: false, + retry: false, + }); + + return { + isLoading: isLoading || isFetching, + isError: isError || isLoadingError, + data, + }; +}; diff --git a/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_update_rules_settings.test.tsx b/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_update_rules_settings.test.tsx new file mode 100644 index 0000000000000..6a36a32ed2522 --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_update_rules_settings.test.tsx @@ -0,0 +1,109 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import React from 'react'; +import { QueryClient, QueryClientProvider } from '@tanstack/react-query'; +import { act, renderHook } from '@testing-library/react-hooks/dom'; +import { waitFor } from '@testing-library/dom'; +import { useUpdateRuleSettings } from './use_update_rules_settings'; + +const mockAddDanger = jest.fn(); +const mockAddSuccess = jest.fn(); + +jest.mock('../../common/lib/kibana', () => { + const originalModule = jest.requireActual('../../common/lib/kibana'); + return { + ...originalModule, + useKibana: () => { + const { services } = originalModule.useKibana(); + return { + services: { + ...services, + notifications: { toasts: { addSuccess: mockAddSuccess, addDanger: mockAddDanger } }, + }, + }; + }, + }; +}); +jest.mock('../lib/rule_api/update_query_delay_settings', () => ({ + updateQueryDelaySettings: jest.fn(), +})); +jest.mock('../lib/rule_api/update_flapping_settings', () => ({ + updateFlappingSettings: jest.fn(), +})); + +const { updateQueryDelaySettings } = jest.requireMock( + '../lib/rule_api/update_query_delay_settings' +); +const { updateFlappingSettings } = jest.requireMock('../lib/rule_api/update_flapping_settings'); + +const queryClient = new QueryClient({ + defaultOptions: { + queries: { + retry: false, + cacheTime: 0, + }, + }, +}); +const wrapper = ({ children }: { children: Node }) => ( + {children} +); + +describe('useUpdateRuleSettings', () => { + beforeEach(() => { + jest.clearAllMocks(); + }); + + it('should call onSuccess if api succeeds', async () => { + const { result } = renderHook( + () => + useUpdateRuleSettings({ + onSave: () => {}, + onClose: () => {}, + setUpdatingRulesSettings: () => {}, + }), + { + wrapper, + } + ); + + await act(async () => { + await result.current.mutate({ + flapping: { enabled: true, lookBackWindow: 3, statusChangeThreshold: 3 }, + queryDelay: { delay: 2 }, + }); + }); + await waitFor(() => + expect(mockAddSuccess).toBeCalledWith('Rules settings updated successfully.') + ); + }); + + it('should call onError if api fails', async () => { + updateQueryDelaySettings.mockRejectedValue(''); + updateFlappingSettings.mockRejectedValue(''); + + const { result } = renderHook( + () => + useUpdateRuleSettings({ + onSave: () => {}, + onClose: () => {}, + setUpdatingRulesSettings: () => {}, + }), + { + wrapper, + } + ); + + await act(async () => { + await result.current.mutate({ + flapping: { enabled: true, lookBackWindow: 3, statusChangeThreshold: 3 }, + queryDelay: { delay: 2 }, + }); + }); + + await waitFor(() => expect(mockAddDanger).toBeCalledWith('Failed to update rules settings.')); + }); +}); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_update_flapping_settings.ts b/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_update_rules_settings.ts similarity index 68% rename from x-pack/plugins/triggers_actions_ui/public/application/hooks/use_update_flapping_settings.ts rename to x-pack/plugins/triggers_actions_ui/public/application/hooks/use_update_rules_settings.ts index ee1309a3f6582..ee07dd5c914ab 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_update_flapping_settings.ts +++ b/x-pack/plugins/triggers_actions_ui/public/application/hooks/use_update_rules_settings.ts @@ -7,17 +7,18 @@ import { i18n } from '@kbn/i18n'; import { useMutation } from '@tanstack/react-query'; -import { RulesSettingsFlappingProperties } from '@kbn/alerting-plugin/common'; +import { RulesSettingsProperties } from '@kbn/alerting-plugin/common'; import { useKibana } from '../../common/lib/kibana'; import { updateFlappingSettings } from '../lib/rule_api/update_flapping_settings'; +import { updateQueryDelaySettings } from '../lib/rule_api/update_query_delay_settings'; -interface UseUpdateFlappingSettingsProps { +interface UseUpdateRuleSettingsProps { onClose: () => void; onSave?: () => void; setUpdatingRulesSettings?: (isUpdating: boolean) => void; } -export const useUpdateFlappingSettings = (props: UseUpdateFlappingSettingsProps) => { +export const useUpdateRuleSettings = (props: UseUpdateRuleSettingsProps) => { const { onSave, onClose, setUpdatingRulesSettings } = props; const { @@ -25,8 +26,17 @@ export const useUpdateFlappingSettings = (props: UseUpdateFlappingSettingsProps) notifications: { toasts }, } = useKibana().services; - const mutationFn = (flappingSettings: RulesSettingsFlappingProperties) => { - return updateFlappingSettings({ http, flappingSettings }); + const mutationFn = async (settings: RulesSettingsProperties) => { + const updates = []; + if (settings.flapping) { + updates.push(updateFlappingSettings({ http, flappingSettings: settings.flapping })); + } + + if (settings.queryDelay) { + updates.push(updateQueryDelaySettings({ http, queryDelaySettings: settings.queryDelay })); + } + + return await Promise.all(updates); }; return useMutation({ diff --git a/x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/get_query_delay_settings.test.ts b/x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/get_query_delay_settings.test.ts new file mode 100644 index 0000000000000..0cf03ac8f4a50 --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/get_query_delay_settings.test.ts @@ -0,0 +1,30 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { httpServiceMock } from '@kbn/core/public/mocks'; +import { getQueryDelaySettings } from './get_query_delay_settings'; + +const http = httpServiceMock.createStartContract(); + +beforeEach(() => jest.resetAllMocks()); + +describe('getQueryDelaySettings', () => { + test('should call get query delay settings api', async () => { + const apiResponse = { + delay: 10, + }; + http.get.mockResolvedValueOnce(apiResponse); + + const result = await getQueryDelaySettings({ http }); + expect(result).toEqual({ delay: 10 }); + expect(http.get.mock.calls[0]).toMatchInlineSnapshot(` + Array [ + "/internal/alerting/rules/settings/_query_delay", + ] + `); + }); +}); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/get_query_delay_settings.ts b/x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/get_query_delay_settings.ts new file mode 100644 index 0000000000000..c65e447dbb99f --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/get_query_delay_settings.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { HttpSetup } from '@kbn/core/public'; +import { AsApiContract, RewriteRequestCase } from '@kbn/actions-plugin/common'; +import { RulesSettingsQueryDelay } from '@kbn/alerting-plugin/common'; +import { INTERNAL_BASE_ALERTING_API_PATH } from '../../constants'; + +const rewriteBodyRes: RewriteRequestCase = ({ ...rest }: any) => ({ + ...rest, +}); + +export const getQueryDelaySettings = async ({ http }: { http: HttpSetup }) => { + const res = await http.get>( + `${INTERNAL_BASE_ALERTING_API_PATH}/rules/settings/_query_delay` + ); + return rewriteBodyRes(res); +}; diff --git a/x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/update_query_delay_settings.test.ts b/x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/update_query_delay_settings.test.ts new file mode 100644 index 0000000000000..78c0e5b89d3b5 --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/update_query_delay_settings.test.ts @@ -0,0 +1,33 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { httpServiceMock } from '@kbn/core/public/mocks'; +import { updateQueryDelaySettings } from './update_query_delay_settings'; + +const http = httpServiceMock.createStartContract(); + +beforeEach(() => jest.resetAllMocks()); + +describe('updateQueryDelaySettings', () => { + test('should call update query delay settings api', async () => { + const apiResponse = { + delay: 10, + }; + http.post.mockResolvedValueOnce(apiResponse); + + const result = await updateQueryDelaySettings({ http, queryDelaySettings: { delay: 10 } }); + expect(result).toEqual({ delay: 10 }); + expect(http.post.mock.calls[0]).toMatchInlineSnapshot(` + Array [ + "/internal/alerting/rules/settings/_query_delay", + Object { + "body": "{\\"delay\\":10}", + }, + ] + `); + }); +}); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/update_query_delay_settings.ts b/x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/update_query_delay_settings.ts new file mode 100644 index 0000000000000..5affa3cabb000 --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/update_query_delay_settings.ts @@ -0,0 +1,44 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { HttpSetup } from '@kbn/core/public'; +import { + RulesSettingsQueryDelay, + RulesSettingsQueryDelayProperties, +} from '@kbn/alerting-plugin/common'; +import { AsApiContract, RewriteRequestCase } from '@kbn/actions-plugin/common'; +import { INTERNAL_BASE_ALERTING_API_PATH } from '../../constants'; + +const rewriteBodyRes: RewriteRequestCase = ({ ...rest }: any) => ({ + ...rest, +}); + +export const updateQueryDelaySettings = async ({ + http, + queryDelaySettings, +}: { + http: HttpSetup; + queryDelaySettings: RulesSettingsQueryDelayProperties; +}) => { + let body: string; + try { + body = JSON.stringify({ + delay: queryDelaySettings.delay, + }); + } catch (e) { + throw new Error(`Unable to parse query delay settings update params: ${e}`); + } + + const res = await http.post>( + `${INTERNAL_BASE_ALERTING_API_PATH}/rules/settings/_query_delay`, + { + body, + } + ); + + return rewriteBodyRes(res); +}; diff --git a/x-pack/plugins/triggers_actions_ui/server/data/lib/time_series_query.test.ts b/x-pack/plugins/triggers_actions_ui/server/data/lib/time_series_query.test.ts index 514601612db21..0b86ce6b30487 100644 --- a/x-pack/plugins/triggers_actions_ui/server/data/lib/time_series_query.test.ts +++ b/x-pack/plugins/triggers_actions_ui/server/data/lib/time_series_query.test.ts @@ -713,6 +713,28 @@ describe('timeSeriesQuery', () => { { ignore: [404], meta: true } ); }); + + it('uses the passed in date parms when useCalculatedDateRange = false param is passed', async () => { + await timeSeriesQuery({ + ...params, + useCalculatedDateRange: false, + query: { + ...params.query, + dateStart: '2023-10-12T00:00:00Z', + dateEnd: '2023-10-12T00:00:00Z', + }, + }); + // @ts-ignore + expect(esClient.search.mock.calls[0]![0].body.query.bool.filter[0]).toEqual({ + range: { + 'time-field': { + format: 'strict_date_time', + gte: '2023-10-12T00:00:00Z', + lt: '2023-10-12T00:00:00Z', + }, + }, + }); + }); }); describe('getResultFromEs', () => { diff --git a/x-pack/plugins/triggers_actions_ui/server/data/lib/time_series_query.ts b/x-pack/plugins/triggers_actions_ui/server/data/lib/time_series_query.ts index fa6ff14bbb3e5..74d96112e7abb 100644 --- a/x-pack/plugins/triggers_actions_ui/server/data/lib/time_series_query.ts +++ b/x-pack/plugins/triggers_actions_ui/server/data/lib/time_series_query.ts @@ -33,12 +33,19 @@ export interface TimeSeriesQueryParameters { esClient: ElasticsearchClient; query: TimeSeriesQuery; condition?: TimeSeriesCondition; + useCalculatedDateRange?: boolean; } export async function timeSeriesQuery( params: TimeSeriesQueryParameters ): Promise { - const { logger, esClient, query: queryParams, condition: conditionParams } = params; + const { + logger, + esClient, + query: queryParams, + condition: conditionParams, + useCalculatedDateRange = true, + } = params; const { index, timeWindowSize, @@ -67,8 +74,8 @@ export async function timeSeriesQuery( { range: { [timeField]: { - gte: dateRangeInfo.dateStart, - lt: dateRangeInfo.dateEnd, + gte: useCalculatedDateRange ? dateRangeInfo.dateStart : dateStart, + lt: useCalculatedDateRange ? dateRangeInfo.dateEnd : dateEnd, format: 'strict_date_time', }, }, diff --git a/x-pack/test/alerting_api_integration/common/lib/reset_rules_settings.ts b/x-pack/test/alerting_api_integration/common/lib/reset_rules_settings.ts index 17ce4985e1f0c..149f67cffeb32 100644 --- a/x-pack/test/alerting_api_integration/common/lib/reset_rules_settings.ts +++ b/x-pack/test/alerting_api_integration/common/lib/reset_rules_settings.ts @@ -5,12 +5,15 @@ * 2.0. */ -import { DEFAULT_FLAPPING_SETTINGS } from '@kbn/alerting-plugin/common'; +import { + DEFAULT_FLAPPING_SETTINGS, + DEFAULT_QUERY_DELAY_SETTINGS, +} from '@kbn/alerting-plugin/common'; import { Superuser } from '../../security_and_spaces/scenarios'; import { getUrlPrefix } from './space_test_utils'; -export const resetRulesSettings = (supertest: any, space: string) => { - return supertest +export const resetRulesSettings = async (supertest: any, space: string) => { + await supertest .post(`${getUrlPrefix(space)}/internal/alerting/rules/settings/_flapping`) .set('kbn-xsrf', 'foo') .auth(Superuser.username, Superuser.password) @@ -20,4 +23,12 @@ export const resetRulesSettings = (supertest: any, space: string) => { status_change_threshold: DEFAULT_FLAPPING_SETTINGS.statusChangeThreshold, }) .expect(200); + return supertest + .post(`${getUrlPrefix(space)}/internal/alerting/rules/settings/_query_delay`) + .set('kbn-xsrf', 'foo') + .auth(Superuser.username, Superuser.password) + .send({ + delay: DEFAULT_QUERY_DELAY_SETTINGS.delay, + }) + .expect(200); }; diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/group3/tests/alerting/get_query_delay_settings.ts b/x-pack/test/alerting_api_integration/security_and_spaces/group3/tests/alerting/get_query_delay_settings.ts new file mode 100644 index 0000000000000..ce56b6e6690bc --- /dev/null +++ b/x-pack/test/alerting_api_integration/security_and_spaces/group3/tests/alerting/get_query_delay_settings.ts @@ -0,0 +1,65 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from '@kbn/expect'; +import { DEFAULT_QUERY_DELAY_SETTINGS } from '@kbn/alerting-plugin/common'; +import { UserAtSpaceScenarios } from '../../../scenarios'; +import { getUrlPrefix, resetRulesSettings } from '../../../../common/lib'; +import { FtrProviderContext } from '../../../../common/ftr_provider_context'; + +// eslint-disable-next-line import/no-default-export +export default function getQueryDelaySettingsTests({ getService }: FtrProviderContext) { + const supertestWithoutAuth = getService('supertestWithoutAuth'); + + describe('getQueryDelaySettings', () => { + beforeEach(async () => { + await resetRulesSettings(supertestWithoutAuth, 'space1'); + await resetRulesSettings(supertestWithoutAuth, 'space2'); + }); + + after(async () => { + await resetRulesSettings(supertestWithoutAuth, 'space1'); + await resetRulesSettings(supertestWithoutAuth, 'space2'); + }); + + for (const scenario of UserAtSpaceScenarios) { + const { user, space } = scenario; + describe(scenario.id, () => { + it('should handle get query delay settings request appropriately', async () => { + const response = await supertestWithoutAuth + .get(`${getUrlPrefix(space.id)}/internal/alerting/rules/settings/_query_delay`) + .auth(user.username, user.password); + + switch (scenario.id) { + case 'no_kibana_privileges at space1': + case 'space_1_all at space2': + case 'space_1_all_with_restricted_fixture at space1': + case 'space_1_all_alerts_none_actions at space1': + expect(response.statusCode).to.eql(403); + expect(response.body).to.eql({ + error: 'Forbidden', + message: 'Forbidden', + statusCode: 403, + }); + break; + case 'global_read at space1': + case 'superuser at space1': + case 'space_1_all at space1': + expect(response.statusCode).to.eql(200); + expect(response.body.delay).to.eql(DEFAULT_QUERY_DELAY_SETTINGS.delay); + expect(response.body.updated_by).to.be.a('string'); + expect(Date.parse(response.body.created_at)).to.be.greaterThan(0); + expect(Date.parse(response.body.updated_at)).to.be.greaterThan(0); + break; + default: + throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`); + } + }); + }); + } + }); +} diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/group3/tests/alerting/index.ts b/x-pack/test/alerting_api_integration/security_and_spaces/group3/tests/alerting/index.ts index f6247d662e527..f9af26be6def7 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/group3/tests/alerting/index.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/group3/tests/alerting/index.ts @@ -31,6 +31,8 @@ export default function alertingTests({ loadTestFile, getService }: FtrProviderC loadTestFile(require.resolve('./suggestions_value_rule')); loadTestFile(require.resolve('./update_flapping_settings')); loadTestFile(require.resolve('./user_managed_api_key')); + loadTestFile(require.resolve('./get_query_delay_settings')); + loadTestFile(require.resolve('./update_query_delay_settings')); }); }); } diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/group3/tests/alerting/update_query_delay_settings.ts b/x-pack/test/alerting_api_integration/security_and_spaces/group3/tests/alerting/update_query_delay_settings.ts new file mode 100644 index 0000000000000..7f7fcaa844691 --- /dev/null +++ b/x-pack/test/alerting_api_integration/security_and_spaces/group3/tests/alerting/update_query_delay_settings.ts @@ -0,0 +1,103 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from '@kbn/expect'; +import { DEFAULT_QUERY_DELAY_SETTINGS } from '@kbn/alerting-plugin/common'; +import { UserAtSpaceScenarios, Superuser } from '../../../scenarios'; +import { getUrlPrefix, resetRulesSettings } from '../../../../common/lib'; +import { FtrProviderContext } from '../../../../common/ftr_provider_context'; + +// eslint-disable-next-line import/no-default-export +export default function updateQueryDelaySettingsTest({ getService }: FtrProviderContext) { + const supertestWithoutAuth = getService('supertestWithoutAuth'); + + describe('updateQueryDelaySettings', () => { + afterEach(async () => { + await resetRulesSettings(supertestWithoutAuth, 'space1'); + await resetRulesSettings(supertestWithoutAuth, 'space2'); + }); + + for (const scenario of UserAtSpaceScenarios) { + const { user, space } = scenario; + describe(scenario.id, () => { + it('should handle update query delay settings request appropriately', async () => { + const response = await supertestWithoutAuth + .post(`${getUrlPrefix(space.id)}/internal/alerting/rules/settings/_query_delay`) + .set('kbn-xsrf', 'foo') + .auth(user.username, user.password) + .send({ + delay: 20, + }); + + switch (scenario.id) { + case 'no_kibana_privileges at space1': + case 'global_read at space1': + case 'space_1_all at space2': + case 'space_1_all_with_restricted_fixture at space1': + case 'space_1_all_alerts_none_actions at space1': + expect(response.statusCode).to.eql(403); + expect(response.body).to.eql({ + error: 'Forbidden', + message: 'Forbidden', + statusCode: 403, + }); + break; + case 'superuser at space1': + case 'space_1_all at space1': + expect(response.statusCode).to.eql(200); + expect(response.body.delay).to.eql(20); + expect(response.body.updated_by).to.eql(user.username); + expect(Date.parse(response.body.created_at)).to.be.greaterThan(0); + expect(Date.parse(response.body.updated_at)).to.be.greaterThan(0); + break; + default: + throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`); + } + }); + }); + } + + it('should error if provided with invalid inputs', async () => { + const response = await supertestWithoutAuth + .post(`${getUrlPrefix('space1')}/internal/alerting/rules/settings/_query_delay`) + .set('kbn-xsrf', 'foo') + .auth(Superuser.username, Superuser.password) + .send({ + delay: 200, + }) + .expect(400); + + expect(response.body.message).to.eql( + 'Invalid query delay value, must be between 0 and 60, but got: 200.' + ); + }); + + describe('updateQueryDelaySettings for other spaces', () => { + it('should update specific isolated settings depending on space', async () => { + // Update the rules setting in space1 + const postResponse = await supertestWithoutAuth + .post(`${getUrlPrefix('space1')}/internal/alerting/rules/settings/_query_delay`) + .set('kbn-xsrf', 'foo') + .auth(Superuser.username, Superuser.password) + .send({ + delay: 20, + }); + + expect(postResponse.statusCode).to.eql(200); + expect(postResponse.body.delay).to.eql(20); + + // Get the rules settings in space2 + const getResponse = await supertestWithoutAuth + .get(`${getUrlPrefix('space2')}/internal/alerting/rules/settings/_query_delay`) + .auth(Superuser.username, Superuser.password); + + expect(getResponse.statusCode).to.eql(200); + expect(getResponse.body.delay).to.eql(DEFAULT_QUERY_DELAY_SETTINGS.delay); + }); + }); + }); +} diff --git a/x-pack/test/api_integration/apis/security/privileges.ts b/x-pack/test/api_integration/apis/security/privileges.ts index 81cceb6561bd6..e6bc3b76f74ad 100644 --- a/x-pack/test/api_integration/apis/security/privileges.ts +++ b/x-pack/test/api_integration/apis/security/privileges.ts @@ -105,6 +105,8 @@ export default function ({ getService }: FtrProviderContext) { 'minimal_read', 'allFlappingSettings', 'readFlappingSettings', + 'allQueryDelaySettings', + 'readQueryDelaySettings', ], maintenanceWindow: ['all', 'read', 'minimal_all', 'minimal_read'], guidedOnboardingFeature: ['all', 'read', 'minimal_all', 'minimal_read'], diff --git a/x-pack/test/api_integration/apis/security/privileges_basic.ts b/x-pack/test/api_integration/apis/security/privileges_basic.ts index 174ac2a3c8f66..ecc37fdaf08ab 100644 --- a/x-pack/test/api_integration/apis/security/privileges_basic.ts +++ b/x-pack/test/api_integration/apis/security/privileges_basic.ts @@ -187,6 +187,8 @@ export default function ({ getService }: FtrProviderContext) { 'minimal_read', 'allFlappingSettings', 'readFlappingSettings', + 'allQueryDelaySettings', + 'readQueryDelaySettings', ], maintenanceWindow: ['all', 'read', 'minimal_all', 'minimal_read'], guidedOnboardingFeature: ['all', 'read', 'minimal_all', 'minimal_read'], diff --git a/x-pack/test/functional_with_es_ssl/apps/triggers_actions_ui/rules_settings.ts b/x-pack/test/functional_with_es_ssl/apps/triggers_actions_ui/rules_settings.ts index 56b6d08253ec4..8c86e8a5e5965 100644 --- a/x-pack/test/functional_with_es_ssl/apps/triggers_actions_ui/rules_settings.ts +++ b/x-pack/test/functional_with_es_ssl/apps/triggers_actions_ui/rules_settings.ts @@ -51,6 +51,13 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { status_change_threshold: 10, }) .expect(200); + await supertest + .post(`/internal/alerting/rules/settings/_query_delay`) + .set('kbn-xsrf', 'foo') + .send({ + delay: 10, + }) + .expect(200); }); beforeEach(async () => { @@ -78,20 +85,24 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { await testSubjects.waitForDeleted('centerJustifiedSpinner'); // Flapping enabled by default - await testSubjects.missingOrFail('rulesSettingsModalFlappingOffPrompt'); + await testSubjects.missingOrFail('rulesSettingsFlappingOffPrompt'); - await testSubjects.existOrFail('rulesSettingsModalEnableSwitch'); + await testSubjects.existOrFail('rulesSettingsFlappingEnableSwitch'); await testSubjects.existOrFail('lookBackWindowRangeInput'); await testSubjects.existOrFail('statusChangeThresholdRangeInput'); + await testSubjects.existOrFail('queryDelayRangeInput'); const lookBackWindowInput = await testSubjects.find('lookBackWindowRangeInput'); const statusChangeThresholdInput = await testSubjects.find('statusChangeThresholdRangeInput'); + const queryDelayInput = await testSubjects.find('queryDelayRangeInput'); const lookBackWindowValue = await lookBackWindowInput.getAttribute('value'); const statusChangeThresholdValue = await statusChangeThresholdInput.getAttribute('value'); + const queryDelayValue = await queryDelayInput.getAttribute('value'); expect(lookBackWindowValue).to.eql('10'); expect(statusChangeThresholdValue).to.eql('10'); + expect(queryDelayValue).to.eql('10'); }); it('should allow the user to modify rules settings', async () => { @@ -100,18 +111,22 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { await dragRangeInput('lookBackWindowRangeInput', 5, 'right'); await dragRangeInput('statusChangeThresholdRangeInput', 5, 'left'); + await dragRangeInput('queryDelayRangeInput', 5, 'left'); let lookBackWindowInput = await testSubjects.find('lookBackWindowRangeInput'); let statusChangeThresholdInput = await testSubjects.find('statusChangeThresholdRangeInput'); + let queryDelayInput = await testSubjects.find('queryDelayRangeInput'); let lookBackWindowValue = await lookBackWindowInput.getAttribute('value'); let statusChangeThresholdValue = await statusChangeThresholdInput.getAttribute('value'); + let queryDelayValue = await queryDelayInput.getAttribute('value'); expect(lookBackWindowValue).to.eql('15'); expect(statusChangeThresholdValue).to.eql('5'); + expect(queryDelayValue).to.eql('5'); - await testSubjects.click('rulesSettingsModalEnableSwitch'); - await testSubjects.existOrFail('rulesSettingsModalFlappingOffPrompt'); + await testSubjects.click('rulesSettingsFlappingEnableSwitch'); + await testSubjects.existOrFail('rulesSettingsFlappingOffPrompt'); // Save await testSubjects.click('rulesSettingsModalSaveButton'); @@ -123,17 +138,20 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { await testSubjects.waitForDeleted('centerJustifiedSpinner'); // Flapping initially disabled - await testSubjects.existOrFail('rulesSettingsModalFlappingOffPrompt'); - await testSubjects.click('rulesSettingsModalEnableSwitch'); + await testSubjects.existOrFail('rulesSettingsFlappingOffPrompt'); + await testSubjects.click('rulesSettingsFlappingEnableSwitch'); lookBackWindowInput = await testSubjects.find('lookBackWindowRangeInput'); statusChangeThresholdInput = await testSubjects.find('statusChangeThresholdRangeInput'); + queryDelayInput = await testSubjects.find('queryDelayRangeInput'); lookBackWindowValue = await lookBackWindowInput.getAttribute('value'); statusChangeThresholdValue = await statusChangeThresholdInput.getAttribute('value'); + queryDelayValue = await queryDelayInput.getAttribute('value'); expect(lookBackWindowValue).to.eql('15'); expect(statusChangeThresholdValue).to.eql('5'); + expect(queryDelayValue).to.eql('5'); }); }); }; From d38921c7fca150346d58e0f19639514cec005144 Mon Sep 17 00:00:00 2001 From: Zacqary Adam Xeper Date: Wed, 18 Oct 2023 13:29:04 -0500 Subject: [PATCH 04/50] [RAM] Disable untrack bulk action item for SIEM (#169282) ## Summary FIX -> https://github.com/elastic/kibana/issues/169245 Removes the Untrack bulk action from the bulk actions list if the SIEM feature id is passed ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --- .../sections/alerts_table/alerts_table.tsx | 1 + .../alerts_table/alerts_table_state.tsx | 2 + .../hooks/use_bulk_actions.test.tsx | 37 ++++++++++++++++++- .../alerts_table/hooks/use_bulk_actions.ts | 10 ++++- .../triggers_actions_ui/public/types.ts | 3 +- 5 files changed, 49 insertions(+), 4 deletions(-) diff --git a/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table.tsx b/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table.tsx index ddbeef1a80577..03aa3f72b73d7 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table.tsx @@ -109,6 +109,7 @@ const AlertsTable: React.FunctionComponent = (props: AlertsTab query: props.query, useBulkActionsConfig: props.alertsTableConfiguration.useBulkActions, refresh: alertsRefresh, + featureIds: props.featureIds, }); const refreshData = useCallback(() => { diff --git a/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table_state.tsx b/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table_state.tsx index e7df082d95f13..94d71caac5d11 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table_state.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table_state.tsx @@ -407,6 +407,7 @@ const AlertsTableStateWithQueryProvider = ({ showInspectButton, toolbarVisibility, shouldHighlightRow, + featureIds, }), [ alertsTableConfiguration, @@ -434,6 +435,7 @@ const AlertsTableStateWithQueryProvider = ({ showInspectButton, toolbarVisibility, shouldHighlightRow, + featureIds, ] ); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/hooks/use_bulk_actions.test.tsx b/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/hooks/use_bulk_actions.test.tsx index b6d9616b9fc7d..742a0fd3a4e87 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/hooks/use_bulk_actions.test.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/hooks/use_bulk_actions.test.tsx @@ -300,7 +300,7 @@ describe('bulk action hooks', () => { beforeEach(() => { jest.clearAllMocks(); }); - it('should not how the bulk actions when the user lacks any observability permissions', () => { + it('should not show the bulk actions when the user lacks any observability permissions', () => { mockKibana.mockImplementation(() => ({ services: { application: { capabilities: {} }, @@ -371,5 +371,40 @@ describe('bulk action hooks', () => { ] `); }); + + it('appends only the case bulk actions for SIEM', async () => { + const { result } = renderHook( + () => useBulkActions({ alerts: [], query: {}, casesConfig, refresh, featureIds: ['siem'] }), + { + wrapper: appMockRender.AppWrapper, + } + ); + + expect(result.current.bulkActions).toMatchInlineSnapshot(` + Array [ + Object { + "id": 0, + "items": Array [ + Object { + "data-test-subj": "attach-new-case", + "disableOnQuery": true, + "disabledLabel": "Add to new case", + "key": "attach-new-case", + "label": "Add to new case", + "onClick": [Function], + }, + Object { + "data-test-subj": "attach-existing-case", + "disableOnQuery": true, + "disabledLabel": "Add to existing case", + "key": "attach-existing-case", + "label": "Add to existing case", + "onClick": [Function], + }, + ], + }, + ] + `); + }); }); }); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/hooks/use_bulk_actions.ts b/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/hooks/use_bulk_actions.ts index 47a892ef76331..90a1962d0d1f6 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/hooks/use_bulk_actions.ts +++ b/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/hooks/use_bulk_actions.ts @@ -7,7 +7,7 @@ import { useCallback, useContext, useEffect, useMemo } from 'react'; import { QueryDslQueryContainer } from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; import { useKibana } from '@kbn/kibana-react-plugin/public'; -import { ALERT_CASE_IDS } from '@kbn/rule-data-utils'; +import { ALERT_CASE_IDS, ValidFeatureId } from '@kbn/rule-data-utils'; import { Alerts, AlertsTableConfigurationRegistry, @@ -39,6 +39,7 @@ interface BulkActionsProps { casesConfig?: AlertsTableConfigurationRegistry['cases']; useBulkActionsConfig?: UseBulkActionsRegistry; refresh: () => void; + featureIds?: ValidFeatureId[]; } export interface UseBulkActions { @@ -236,6 +237,7 @@ export function useBulkActions({ query, refresh, useBulkActionsConfig = () => [], + featureIds, }: BulkActionsProps): UseBulkActions { const [bulkActionsState, updateBulkActionsState] = useContext(BulkActionsContext); const configBulkActionPanels = useBulkActionsConfig(query); @@ -253,7 +255,11 @@ export function useBulkActions({ clearSelection, }); - const initialItems = [...caseBulkActions, ...untrackBulkActions]; + const initialItems = [ + ...caseBulkActions, + // SECURITY SOLUTION WORKAROUND: Disable untrack action for SIEM + ...(featureIds?.includes('siem') ? [] : untrackBulkActions), + ]; const bulkActions = initialItems.length ? addItemsToInitialPanel({ diff --git a/x-pack/plugins/triggers_actions_ui/public/types.ts b/x-pack/plugins/triggers_actions_ui/public/types.ts index 8e53f2f9aaa39..ff125d69fdfa1 100644 --- a/x-pack/plugins/triggers_actions_ui/public/types.ts +++ b/x-pack/plugins/triggers_actions_ui/public/types.ts @@ -25,7 +25,7 @@ import type { EuiSuperSelectOption, EuiDataGridOnColumnResizeHandler, } from '@elastic/eui'; -import type { AlertConsumers, STACK_ALERTS_FEATURE_ID } from '@kbn/rule-data-utils'; +import type { AlertConsumers, STACK_ALERTS_FEATURE_ID, ValidFeatureId } from '@kbn/rule-data-utils'; import { EuiDataGridColumn, EuiDataGridControlColumn, EuiDataGridSorting } from '@elastic/eui'; import { HttpSetup } from '@kbn/core/public'; import { KueryNode } from '@kbn/es-query'; @@ -560,6 +560,7 @@ export type AlertsTableProps = { * Allows to consumers of the table to decide to highlight a row based on the current alert. */ shouldHighlightRow?: (alert: Alert) => boolean; + featureIds?: ValidFeatureId[]; } & Partial>; // TODO We need to create generic type between our plugin, right now we have different one because of the old alerts table From 2a5c5db78371b658a623e458dcc1a54f7fdb59de Mon Sep 17 00:00:00 2001 From: christineweng <18648970+christineweng@users.noreply.github.com> Date: Wed, 18 Oct 2023 13:33:19 -0500 Subject: [PATCH 05/50] [Security Solution] Expandable flyout - fix deleted rule not showing highlighted fields (#169273) ## Summary This PR addresses https://github.com/elastic/kibana/issues/169201 and removes the `items` override in highlighted fields table when error is returned. Highlighted fields table should show items if they are available. After a rule is deleted ![image](https://github.com/elastic/kibana/assets/18648970/c3d4c51a-e211-466c-be72-a312ac52ba6a) also indicated in rule preview ![image](https://github.com/elastic/kibana/assets/18648970/3c9ca1a6-0efa-4c58-a409-ccde542f02ed) --- .../document_details/right/components/highlighted_fields.tsx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/plugins/security_solution/public/flyout/document_details/right/components/highlighted_fields.tsx b/x-pack/plugins/security_solution/public/flyout/document_details/right/components/highlighted_fields.tsx index 41f1afbceaa7e..717cf9856651e 100644 --- a/x-pack/plugins/security_solution/public/flyout/document_details/right/components/highlighted_fields.tsx +++ b/x-pack/plugins/security_solution/public/flyout/document_details/right/components/highlighted_fields.tsx @@ -95,7 +95,7 @@ const columns: Array> = [ export const HighlightedFields: FC = () => { const { dataFormattedForFieldBrowser, scopeId } = useRightPanelContext(); const { ruleId } = useBasicDataFromDetailsData(dataFormattedForFieldBrowser); - const { loading, error, rule: maybeRule } = useRuleWithFallback(ruleId); + const { loading, rule: maybeRule } = useRuleWithFallback(ruleId); const highlightedFields = useHighlightedFields({ dataFormattedForFieldBrowser, @@ -121,7 +121,7 @@ export const HighlightedFields: FC = () => { Date: Wed, 18 Oct 2023 20:34:33 +0200 Subject: [PATCH 06/50] [Fleet] Enforce 10 min cooldown for agent upgrade (#168606) ## Summary Closes https://github.com/elastic/kibana/issues/168233 This PR adds a check based on the `agent.upgraded_at` field and the time a request to upgrade the issue. If the request is issued sooner than 10 minutes after the last upgrade, it is rejected, even if `force: true` is passed: - `POST agents/{agentId}/upgrade` will fail with 400 - agents included in `POST agents/bulk_upgrade` will not be upgraded ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Kyle Pollich --- x-pack/plugins/fleet/common/services/index.ts | 2 +- .../services/is_agent_upgradeable.test.ts | 47 +++- .../common/services/is_agent_upgradeable.ts | 24 ++ .../components/agent_upgrade_modal/index.tsx | 36 ++- .../server/routes/agent/upgrade_handler.ts | 26 ++- .../server/services/agents/upgrade.test.ts | 1 + .../services/agents/upgrade_action_runner.ts | 7 +- .../apis/agents/upgrade.ts | 212 ++++++++++++++++++ 8 files changed, 335 insertions(+), 20 deletions(-) diff --git a/x-pack/plugins/fleet/common/services/index.ts b/x-pack/plugins/fleet/common/services/index.ts index 04f74404ba382..663cd27deab73 100644 --- a/x-pack/plugins/fleet/common/services/index.ts +++ b/x-pack/plugins/fleet/common/services/index.ts @@ -18,7 +18,7 @@ export { isPackageLimited, doesAgentPolicyAlreadyIncludePackage } from './limite export { isValidNamespace, INVALID_NAMESPACE_CHARACTERS } from './is_valid_namespace'; export { isDiffPathProtocol } from './is_diff_path_protocol'; export { LicenseService } from './license'; -export { isAgentUpgradeable } from './is_agent_upgradeable'; +export * from './is_agent_upgradeable'; export { isAgentRequestDiagnosticsSupported, MINIMUM_DIAGNOSTICS_AGENT_VERSION, diff --git a/x-pack/plugins/fleet/common/services/is_agent_upgradeable.test.ts b/x-pack/plugins/fleet/common/services/is_agent_upgradeable.test.ts index 8a3f3ce8d59ac..ad8138abbce7f 100644 --- a/x-pack/plugins/fleet/common/services/is_agent_upgradeable.test.ts +++ b/x-pack/plugins/fleet/common/services/is_agent_upgradeable.test.ts @@ -7,7 +7,7 @@ import type { Agent } from '../types/models/agent'; -import { isAgentUpgradeable } from './is_agent_upgradeable'; +import { getRecentUpgradeInfoForAgent, isAgentUpgradeable } from './is_agent_upgradeable'; const getAgent = ({ version, @@ -15,14 +15,14 @@ const getAgent = ({ unenrolling = false, unenrolled = false, updating = false, - upgraded = false, + minutesSinceUpgrade, }: { version: string; upgradeable?: boolean; unenrolling?: boolean; unenrolled?: boolean; updating?: boolean; - upgraded?: boolean; + minutesSinceUpgrade?: number; }): Agent => { const agent: Agent = { id: 'de9006e1-54a7-4320-b24e-927e6fe518a8', @@ -101,8 +101,8 @@ const getAgent = ({ if (updating) { agent.upgrade_started_at = new Date(Date.now()).toISOString(); } - if (upgraded) { - agent.upgraded_at = new Date(Date.now()).toISOString(); + if (minutesSinceUpgrade) { + agent.upgraded_at = new Date(Date.now() - minutesSinceUpgrade * 6e4).toISOString(); } return agent; }; @@ -176,9 +176,42 @@ describe('Fleet - isAgentUpgradeable', () => { isAgentUpgradeable(getAgent({ version: '7.9.0', upgradeable: true, updating: true }), '8.0.0') ).toBe(false); }); - it('returns true if agent was recently upgraded', () => { + it('returns false if the agent reports upgradeable but was upgraded less than 10 minutes ago', () => { expect( - isAgentUpgradeable(getAgent({ version: '7.9.0', upgradeable: true, upgraded: true }), '8.0.0') + isAgentUpgradeable( + getAgent({ version: '7.9.0', upgradeable: true, minutesSinceUpgrade: 9 }), + '8.0.0' + ) + ).toBe(false); + }); + it('returns true if agent reports upgradeable and was upgraded more than 10 minutes ago', () => { + expect( + isAgentUpgradeable( + getAgent({ version: '7.9.0', upgradeable: true, minutesSinceUpgrade: 11 }), + '8.0.0' + ) + ).toBe(true); + }); +}); + +describe('hasAgentBeenUpgradedRecently', () => { + it('returns true if the agent was upgraded less than 10 minutes ago', () => { + expect( + getRecentUpgradeInfoForAgent(getAgent({ version: '7.9.0', minutesSinceUpgrade: 9 })) + .hasBeenUpgradedRecently ).toBe(true); }); + + it('returns false if the agent was upgraded more than 10 minutes ago', () => { + expect( + getRecentUpgradeInfoForAgent(getAgent({ version: '7.9.0', minutesSinceUpgrade: 11 })) + .hasBeenUpgradedRecently + ).toBe(false); + }); + + it('returns false if the agent does not have an upgrade_at field', () => { + expect( + getRecentUpgradeInfoForAgent(getAgent({ version: '7.9.0' })).hasBeenUpgradedRecently + ).toBe(false); + }); }); diff --git a/x-pack/plugins/fleet/common/services/is_agent_upgradeable.ts b/x-pack/plugins/fleet/common/services/is_agent_upgradeable.ts index f896d6cf97bd4..c7bd21c45af4a 100644 --- a/x-pack/plugins/fleet/common/services/is_agent_upgradeable.ts +++ b/x-pack/plugins/fleet/common/services/is_agent_upgradeable.ts @@ -11,6 +11,8 @@ import semverGt from 'semver/functions/gt'; import type { Agent } from '../types'; +export const AGENT_UPGRADE_COOLDOWN_IN_MIN = 10; + export function isAgentUpgradeable( agent: Agent, latestAgentVersion: string, @@ -32,6 +34,10 @@ export function isAgentUpgradeable( if (agent.upgrade_started_at && !agent.upgraded_at) { return false; } + // check that the agent has not been upgraded more recently than the monitoring period + if (getRecentUpgradeInfoForAgent(agent).hasBeenUpgradedRecently) { + return false; + } if (versionToUpgrade !== undefined) { return isNotDowngrade(agentVersion, versionToUpgrade); } @@ -56,3 +62,21 @@ const isNotDowngrade = (agentVersion: string, versionToUpgrade: string) => { return semverGt(versionToUpgradeNumber, agentVersionNumber); }; + +export function getRecentUpgradeInfoForAgent(agent: Agent): { + hasBeenUpgradedRecently: boolean; + timeToWaitMs: number; +} { + if (!agent.upgraded_at) { + return { + hasBeenUpgradedRecently: false, + timeToWaitMs: 0, + }; + } + + const elaspedSinceUpgradeInMillis = Date.now() - Date.parse(agent.upgraded_at); + const timeToWaitMs = AGENT_UPGRADE_COOLDOWN_IN_MIN * 6e4 - elaspedSinceUpgradeInMillis; + const hasBeenUpgradedRecently = elaspedSinceUpgradeInMillis / 6e4 < AGENT_UPGRADE_COOLDOWN_IN_MIN; + + return { hasBeenUpgradedRecently, timeToWaitMs }; +} diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agents/components/agent_upgrade_modal/index.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agents/components/agent_upgrade_modal/index.tsx index 7b35927657959..d361349b3f327 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agents/components/agent_upgrade_modal/index.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agents/components/agent_upgrade_modal/index.tsx @@ -27,6 +27,8 @@ import type { EuiComboBoxOptionOption } from '@elastic/eui'; import semverGt from 'semver/functions/gt'; import semverLt from 'semver/functions/lt'; +import { AGENT_UPGRADE_COOLDOWN_IN_MIN } from '../../../../../../../common/services'; + import { getMinVersion } from '../../../../../../../common/services/get_min_max_version'; import { AGENT_UPDATING_TIMEOUT_HOURS, @@ -361,14 +363,32 @@ export const AgentUpgradeAgentModal: React.FunctionComponent ) : isSingleAgent ? ( - + <> +

+ +

+ {isUpdating && ( +

+ + + +

+ )} + ) : ( { const docs = (calledWith as estypes.BulkRequest)?.body ?.filter((i: any) => i.doc) .map((i: any) => i.doc); + expect(ids).toEqual(idsToAction); for (const doc of docs!) { expect(doc).toHaveProperty('upgrade_started_at'); diff --git a/x-pack/plugins/fleet/server/services/agents/upgrade_action_runner.ts b/x-pack/plugins/fleet/server/services/agents/upgrade_action_runner.ts index 014a9bec89739..b6ab67e5fb5e3 100644 --- a/x-pack/plugins/fleet/server/services/agents/upgrade_action_runner.ts +++ b/x-pack/plugins/fleet/server/services/agents/upgrade_action_runner.ts @@ -10,7 +10,7 @@ import type { SavedObjectsClientContract, ElasticsearchClient } from '@kbn/core/ import { v4 as uuidv4 } from 'uuid'; import moment from 'moment'; -import { isAgentUpgradeable } from '../../../common/services'; +import { getRecentUpgradeInfoForAgent, isAgentUpgradeable } from '../../../common/services'; import type { Agent } from '../../types'; @@ -76,9 +76,10 @@ export async function upgradeBatch( const latestAgentVersion = await getLatestAvailableVersion(); const upgradeableResults = await Promise.allSettled( agentsToCheckUpgradeable.map(async (agent) => { - // Filter out agents currently unenrolling, unenrolled, or not upgradeable b/c of version check + // Filter out agents currently unenrolling, unenrolled, recently upgraded or not upgradeable b/c of version check const isNotAllowed = - !options.force && !isAgentUpgradeable(agent, latestAgentVersion, options.version); + getRecentUpgradeInfoForAgent(agent).hasBeenUpgradedRecently || + (!options.force && !isAgentUpgradeable(agent, latestAgentVersion, options.version)); if (isNotAllowed) { throw new FleetError(`Agent ${agent.id} is not upgradeable`); } diff --git a/x-pack/test/fleet_api_integration/apis/agents/upgrade.ts b/x-pack/test/fleet_api_integration/apis/agents/upgrade.ts index b0cdbd9ece49e..0a3dc09692b68 100644 --- a/x-pack/test/fleet_api_integration/apis/agents/upgrade.ts +++ b/x-pack/test/fleet_api_integration/apis/agents/upgrade.ts @@ -147,6 +147,7 @@ export default function (providerContext: FtrProviderContext) { }) .expect(400); }); + it('should respond 200 if upgrading agent with version the same as snapshot version and force flag is passed', async () => { const fleetServerVersionSnapshot = makeSnapshotVersion(fleetServerVersion); await es.update({ @@ -170,6 +171,7 @@ export default function (providerContext: FtrProviderContext) { }) .expect(200); }); + it('should respond 200 if upgrading agent with version less than kibana snapshot version', async () => { const fleetServerVersionSnapshot = makeSnapshotVersion(fleetServerVersion); @@ -191,6 +193,7 @@ export default function (providerContext: FtrProviderContext) { }) .expect(200); }); + it('should respond 200 if trying to upgrade with source_uri set', async () => { await es.update({ id: 'agent1', @@ -219,6 +222,7 @@ export default function (providerContext: FtrProviderContext) { const action: any = actionsRes.hits.hits[0]._source; expect(action.data.sourceURI).contain('http://path/to/download'); }); + it('should respond 400 if trying to upgrade to a version that does not match installed kibana version', async () => { const kibanaVersion = await kibanaServer.version.get(); const higherVersion = semver.inc(kibanaVersion, 'patch'); @@ -230,6 +234,7 @@ export default function (providerContext: FtrProviderContext) { }) .expect(400); }); + it('should respond 400 if trying to downgrade version', async () => { await es.update({ id: 'agent1', @@ -249,6 +254,7 @@ export default function (providerContext: FtrProviderContext) { }) .expect(400); }); + it('should respond 400 if trying to upgrade an agent that is unenrolling', async () => { await supertest.post(`/api/fleet/agents/agent1/unenroll`).set('kbn-xsrf', 'xxx').send({ revoke: true, @@ -261,6 +267,7 @@ export default function (providerContext: FtrProviderContext) { }) .expect(400); }); + it('should respond 400 if trying to upgrade an agent that is unenrolled', async () => { await es.update({ id: 'agent1', @@ -344,6 +351,98 @@ export default function (providerContext: FtrProviderContext) { }) .expect(403); }); + + it('should respond 429 if trying to upgrade a recently upgraded agent', async () => { + await es.update({ + id: 'agent1', + refresh: 'wait_for', + index: AGENTS_INDEX, + body: { + doc: { + upgraded_at: new Date(Date.now() - 9 * 6e4).toISOString(), + local_metadata: { + elastic: { + agent: { + upgradeable: true, + version: '0.0.0', + }, + }, + }, + }, + }, + }); + const response = await supertest + .post(`/api/fleet/agents/agent1/upgrade`) + .set('kbn-xsrf', 'xxx') + .send({ + version: fleetServerVersion, + }) + .expect(429); + + expect(response.body.message).to.contain('was upgraded less than 10 minutes ago'); + + // We don't know how long this test will take to run, so we can't really assert on the actual elapsed time here + expect(response.body.message).to.match(/please wait \d{2}m\d{2}s/i); + + expect(response.header['retry-after']).to.match(/^\d+$/); + }); + + it('should respond 429 if trying to upgrade a recently upgraded agent with force flag', async () => { + await es.update({ + id: 'agent1', + refresh: 'wait_for', + index: AGENTS_INDEX, + body: { + doc: { + upgraded_at: new Date(Date.now() - 9 * 6e4).toISOString(), + local_metadata: { + elastic: { + agent: { + upgradeable: true, + version: '0.0.0', + }, + }, + }, + }, + }, + }); + await supertest + .post(`/api/fleet/agents/agent1/upgrade`) + .set('kbn-xsrf', 'xxx') + .send({ + version: fleetServerVersion, + force: true, + }) + .expect(429); + }); + + it('should respond 200 if trying to upgrade an agent that was upgraded more than 10 minutes ago', async () => { + await es.update({ + id: 'agent1', + refresh: 'wait_for', + index: AGENTS_INDEX, + body: { + doc: { + local_metadata: { + elastic: { + agent: { + upgradeable: true, + upgraded_at: new Date(Date.now() - 11 * 6e4).toString(), + version: '0.0.0', + }, + }, + }, + }, + }, + }); + await supertest + .post(`/api/fleet/agents/agent1/upgrade`) + .set('kbn-xsrf', 'xxx') + .send({ + version: fleetServerVersion, + }) + .expect(200); + }); }); describe('multiple agents', () => { @@ -397,6 +496,7 @@ export default function (providerContext: FtrProviderContext) { }, }); }); + it('should respond 200 to bulk upgrade upgradeable agents and update the agent SOs', async () => { await es.update({ id: 'agent1', @@ -483,6 +583,7 @@ export default function (providerContext: FtrProviderContext) { expect(action.agents).contain('agent1'); expect(action.agents).contain('agent2'); }); + it('should create a .fleet-actions document with the agents, version, and start_time if start_time passed', async () => { await es.update({ id: 'agent1', @@ -675,6 +776,7 @@ export default function (providerContext: FtrProviderContext) { expect(typeof agent1data.body.item.upgrade_started_at).to.be('undefined'); expect(typeof agent2data.body.item.upgrade_started_at).to.be('string'); }); + it('should not upgrade an unenrolled agent during bulk_upgrade', async () => { await es.update({ id: 'agent1', @@ -713,6 +815,7 @@ export default function (providerContext: FtrProviderContext) { expect(typeof agent1data.body.item.upgrade_started_at).to.be('undefined'); expect(typeof agent2data.body.item.upgrade_started_at).to.be('string'); }); + it('should not upgrade a non-upgradeable agent during bulk_upgrade', async () => { const kibanaVersion = await kibanaServer.version.get(); await es.update({ @@ -765,6 +868,112 @@ export default function (providerContext: FtrProviderContext) { expect(typeof agent2data.body.item.upgrade_started_at).to.be('undefined'); expect(typeof agent3data.body.item.upgrade_started_at).to.be('undefined'); }); + + it('should not upgrade a recently upgraded agent during bulk_upgrade', async () => { + await es.update({ + id: 'agent1', + refresh: 'wait_for', + index: AGENTS_INDEX, + body: { + doc: { + upgraded_at: new Date(Date.now() - 11 * 6e4).toISOString(), + local_metadata: { + elastic: { + agent: { + upgradeable: true, + version: '0.0.0', + }, + }, + }, + }, + }, + }); + await es.update({ + id: 'agent2', + refresh: 'wait_for', + index: AGENTS_INDEX, + body: { + doc: { + upgraded_at: new Date(Date.now() - 9 * 6e4).toISOString(), + local_metadata: { + elastic: { + agent: { + upgradeable: true, + version: '0.0.0', + }, + }, + }, + }, + }, + }); + await supertest + .post(`/api/fleet/agents/bulk_upgrade`) + .set('kbn-xsrf', 'xxx') + .send({ + agents: ['agent1', 'agent2'], + version: fleetServerVersion, + }); + const [agent1data, agent2data] = await Promise.all([ + supertest.get(`/api/fleet/agents/agent1`).set('kbn-xsrf', 'xxx'), + supertest.get(`/api/fleet/agents/agent2`).set('kbn-xsrf', 'xxx'), + ]); + expect(typeof agent1data.body.item.upgrade_started_at).to.be('string'); + expect(typeof agent2data.body.item.upgrade_started_at).to.be('undefined'); + }); + + it('should not upgrade a recently upgraded agent during bulk_upgrade even with force flag', async () => { + await es.update({ + id: 'agent1', + refresh: 'wait_for', + index: AGENTS_INDEX, + body: { + doc: { + upgraded_at: new Date(Date.now() - 11 * 6e4).toISOString(), + local_metadata: { + elastic: { + agent: { + upgradeable: true, + version: '0.0.0', + }, + }, + }, + }, + }, + }); + await es.update({ + id: 'agent2', + refresh: 'wait_for', + index: AGENTS_INDEX, + body: { + doc: { + upgraded_at: new Date(Date.now() - 9 * 6e4).toISOString(), + local_metadata: { + elastic: { + agent: { + upgradeable: true, + version: '0.0.0', + }, + }, + }, + }, + }, + }); + await supertest + .post(`/api/fleet/agents/bulk_upgrade`) + .set('kbn-xsrf', 'xxx') + .send({ + agents: ['agent1', 'agent2'], + version: fleetServerVersion, + force: true, + }); + const [agent1data, agent2data] = await Promise.all([ + supertest.get(`/api/fleet/agents/agent1`).set('kbn-xsrf', 'xxx'), + supertest.get(`/api/fleet/agents/agent2`).set('kbn-xsrf', 'xxx'), + ]); + expect(typeof agent1data.body.item.upgrade_started_at).to.be('string'); + expect(typeof agent2data.body.item.upgrade_started_at).to.be('undefined'); + }); + it('should upgrade a non upgradeable agent during bulk_upgrade with force flag', async () => { await es.update({ id: 'agent1', @@ -817,6 +1026,7 @@ export default function (providerContext: FtrProviderContext) { expect(typeof agent2data.body.item.upgrade_started_at).to.be('string'); expect(typeof agent3data.body.item.upgrade_started_at).to.be('string'); }); + it('should respond 400 if trying to bulk upgrade to a version that is higher than the latest installed kibana version', async () => { const kibanaVersion = await kibanaServer.version.get(); const higherVersion = semver.inc(kibanaVersion, 'patch'); @@ -851,6 +1061,7 @@ export default function (providerContext: FtrProviderContext) { }) .expect(400); }); + it('should respond 400 if trying to bulk upgrade to a version that is higher than the latest fleet server version', async () => { const higherVersion = semver.inc(fleetServerVersion, 'patch'); await es.update({ @@ -884,6 +1095,7 @@ export default function (providerContext: FtrProviderContext) { }) .expect(400); }); + it('should prevent any agent to downgrade', async () => { await es.update({ id: 'agent1', From 1416ff5a136ab6f9f36aee194deac5f927f69551 Mon Sep 17 00:00:00 2001 From: Shahzad Date: Wed, 18 Oct 2023 21:01:07 +0200 Subject: [PATCH 07/50] [Synthetics] Use agent policy namespace for monitors if custom not defined (#169225) --- .../synthetics_private_locations.ts | 1 + .../common/types/synthetics_monitor.ts | 1 + .../private_locations/get_agent_policies.ts | 19 ++++++++++++ .../settings/private_locations/helpers.ts | 25 +++++++++------ .../server/runtime_types/private_locations.ts | 1 + .../synthetics_private_location.ts | 31 ++++++++++++++----- .../add_monitor_private_location.ts | 1 + .../apis/synthetics/sync_global_params.ts | 1 + 8 files changed, 63 insertions(+), 17 deletions(-) diff --git a/x-pack/plugins/synthetics/common/runtime_types/monitor_management/synthetics_private_locations.ts b/x-pack/plugins/synthetics/common/runtime_types/monitor_management/synthetics_private_locations.ts index c0366d8e3935f..d1ee7898ccbd3 100644 --- a/x-pack/plugins/synthetics/common/runtime_types/monitor_management/synthetics_private_locations.ts +++ b/x-pack/plugins/synthetics/common/runtime_types/monitor_management/synthetics_private_locations.ts @@ -22,6 +22,7 @@ export const PrivateLocationCodec = t.intersection([ lat: t.number, lon: t.number, }), + namespace: t.string, }), ]); diff --git a/x-pack/plugins/synthetics/common/types/synthetics_monitor.ts b/x-pack/plugins/synthetics/common/types/synthetics_monitor.ts index 47b0eaf9d143c..a4697d1c38776 100644 --- a/x-pack/plugins/synthetics/common/types/synthetics_monitor.ts +++ b/x-pack/plugins/synthetics/common/types/synthetics_monitor.ts @@ -27,4 +27,5 @@ export interface AgentPolicyInfo { agents: number; status: string; description?: string; + namespace?: string; } diff --git a/x-pack/plugins/synthetics/server/routes/settings/private_locations/get_agent_policies.ts b/x-pack/plugins/synthetics/server/routes/settings/private_locations/get_agent_policies.ts index 668beba0a8f95..53858b0516dc6 100644 --- a/x-pack/plugins/synthetics/server/routes/settings/private_locations/get_agent_policies.ts +++ b/x-pack/plugins/synthetics/server/routes/settings/private_locations/get_agent_policies.ts @@ -39,5 +39,24 @@ export const getAgentPoliciesAsInternalUser = async (server: SyntheticsServerSet agents: agentPolicy.agents ?? 0, status: agentPolicy.status, description: agentPolicy.description, + namespace: agentPolicy.namespace, })); }; + +export const getAgentPolicyAsInternalUser = async (server: SyntheticsServerSetup, id: string) => { + const soClient = server.coreStart.savedObjects.createInternalRepository(); + + const agentPolicy = await server.fleet?.agentPolicyService.get(soClient, id); + if (!agentPolicy) { + return null; + } + + return { + id: agentPolicy.id, + name: agentPolicy.name, + agents: agentPolicy.agents ?? 0, + status: agentPolicy.status, + description: agentPolicy.description, + namespace: agentPolicy.namespace, + }; +}; diff --git a/x-pack/plugins/synthetics/server/routes/settings/private_locations/helpers.ts b/x-pack/plugins/synthetics/server/routes/settings/private_locations/helpers.ts index b41c8f5e7538d..9cccb0fc9a543 100644 --- a/x-pack/plugins/synthetics/server/routes/settings/private_locations/helpers.ts +++ b/x-pack/plugins/synthetics/server/routes/settings/private_locations/helpers.ts @@ -17,16 +17,20 @@ export const toClientContract = ( agentPolicies?: AgentPolicyInfo[] ): SyntheticsPrivateLocations => { return { - locations: attributes.locations.map((location) => ({ - label: location.label, - id: location.id, - agentPolicyId: location.agentPolicyId, - concurrentMonitors: location.concurrentMonitors, - isServiceManaged: false, - isInvalid: !Boolean(agentPolicies?.find((policy) => policy.id === location.agentPolicyId)), - tags: location.tags, - geo: location.geo, - })), + locations: attributes.locations.map((location) => { + const agPolicy = agentPolicies?.find((policy) => policy.id === location.agentPolicyId); + return { + label: location.label, + id: location.id, + agentPolicyId: location.agentPolicyId, + concurrentMonitors: location.concurrentMonitors, + isServiceManaged: false, + isInvalid: !Boolean(agPolicy), + tags: location.tags, + geo: location.geo, + namespace: agPolicy?.namespace, + }; + }), }; }; @@ -39,5 +43,6 @@ export const toSavedObjectContract = (location: PrivateLocation): PrivateLocatio tags: location.tags, isServiceManaged: false, geo: location.geo, + namespace: location.namespace, }; }; diff --git a/x-pack/plugins/synthetics/server/runtime_types/private_locations.ts b/x-pack/plugins/synthetics/server/runtime_types/private_locations.ts index d8b4e41ede17a..d7841cb2aca63 100644 --- a/x-pack/plugins/synthetics/server/runtime_types/private_locations.ts +++ b/x-pack/plugins/synthetics/server/runtime_types/private_locations.ts @@ -21,6 +21,7 @@ export const PrivateLocationAttributesCodec = t.intersection([ lat: t.number, lon: t.number, }), + namespace: t.string, }), ]); diff --git a/x-pack/plugins/synthetics/server/synthetics_service/private_location/synthetics_private_location.ts b/x-pack/plugins/synthetics/server/synthetics_service/private_location/synthetics_private_location.ts index d4e1a78977e36..7aa1b2570c68c 100644 --- a/x-pack/plugins/synthetics/server/synthetics_service/private_location/synthetics_private_location.ts +++ b/x-pack/plugins/synthetics/server/synthetics_service/private_location/synthetics_private_location.ts @@ -8,12 +8,16 @@ import { NewPackagePolicy } from '@kbn/fleet-plugin/common'; import { NewPackagePolicyWithId } from '@kbn/fleet-plugin/server/services/package_policy'; import { cloneDeep } from 'lodash'; import { SavedObjectError } from '@kbn/core-saved-objects-common'; +import { DEFAULT_NAMESPACE_STRING } from '../../../common/constants/monitor_defaults'; import { BROWSER_TEST_NOW_RUN, LIGHTWEIGHT_TEST_NOW_RUN, } from '../synthetics_monitor/synthetics_monitor_client'; import { scheduleCleanUpTask } from './clean_up_task'; -import { getAgentPoliciesAsInternalUser } from '../../routes/settings/private_locations/get_agent_policies'; +import { + getAgentPoliciesAsInternalUser, + getAgentPolicyAsInternalUser, +} from '../../routes/settings/private_locations/get_agent_policies'; import { SyntheticsServerSetup } from '../../types'; import { formatSyntheticsPolicy } from '../formatters/private_formatters/format_synthetics_policy'; import { @@ -66,7 +70,7 @@ export class SyntheticsPrivateLocation { return `${config.id}-${locId}-${spaceId}`; } - generateNewPolicy( + async generateNewPolicy( config: HeartbeatConfig, privateLocation: PrivateLocationAttributes, newPolicyTemplate: NewPackagePolicy, @@ -74,7 +78,7 @@ export class SyntheticsPrivateLocation { globalParams: Record, testRunId?: string, runOnce?: boolean - ): (NewPackagePolicy & { policy_id: string }) | null { + ): Promise<(NewPackagePolicy & { policy_id: string }) | null> { const { label: locName } = privateLocation; const newPolicy = cloneDeep(newPolicyTemplate); @@ -92,7 +96,9 @@ export class SyntheticsPrivateLocation { newPolicy.name = `${config[ConfigKey.NAME]}-${locName}-${spaceId}`; } } - newPolicy.namespace = config[ConfigKey.NAMESPACE]; + const configNameSpace = config[ConfigKey.NAMESPACE]; + + newPolicy.namespace = await this.getPolicyNameSpace(configNameSpace, privateLocation); const { formattedPolicy } = formatSyntheticsPolicy( newPolicy, @@ -152,7 +158,7 @@ export class SyntheticsPrivateLocation { ); } - const newPolicy = this.generateNewPolicy( + const newPolicy = await this.generateNewPolicy( config, location, newPolicyTemplate, @@ -226,7 +232,7 @@ export class SyntheticsPrivateLocation { const location = allPrivateLocations?.find((loc) => loc.id === privateLocation?.id)!; - const newPolicy = this.generateNewPolicy( + const newPolicy = await this.generateNewPolicy( config, location, newPolicyTemplate, @@ -278,7 +284,7 @@ export class SyntheticsPrivateLocation { const hasPolicy = existingPolicies?.some((policy) => policy.id === currId); try { if (hasLocation) { - const newPolicy = this.generateNewPolicy( + const newPolicy = await this.generateNewPolicy( config, privateLocation, newPolicyTemplate, @@ -437,6 +443,17 @@ export class SyntheticsPrivateLocation { async getAgentPolicies() { return await getAgentPoliciesAsInternalUser(this.server); } + + async getPolicyNameSpace(configNameSpace: string, privateLocation: PrivateLocationAttributes) { + if (configNameSpace && configNameSpace !== DEFAULT_NAMESPACE_STRING) { + return configNameSpace; + } + if (privateLocation.namespace) { + return privateLocation.namespace; + } + const agentPolicy = await getAgentPolicyAsInternalUser(this.server, privateLocation.id); + return agentPolicy?.namespace ?? DEFAULT_NAMESPACE_STRING; + } } const throwAddEditError = (hasPolicy: boolean, location?: string, name?: string) => { diff --git a/x-pack/test/api_integration/apis/synthetics/add_monitor_private_location.ts b/x-pack/test/api_integration/apis/synthetics/add_monitor_private_location.ts index 79a2267cbadef..83359d4e75b3e 100644 --- a/x-pack/test/api_integration/apis/synthetics/add_monitor_private_location.ts +++ b/x-pack/test/api_integration/apis/synthetics/add_monitor_private_location.ts @@ -81,6 +81,7 @@ export default function ({ getService }: FtrProviderContext) { lon: 0, }, agentPolicyId: testFleetPolicyID, + namespace: 'default', }, ]); }); diff --git a/x-pack/test/api_integration/apis/synthetics/sync_global_params.ts b/x-pack/test/api_integration/apis/synthetics/sync_global_params.ts index 765138034f772..7424634955951 100644 --- a/x-pack/test/api_integration/apis/synthetics/sync_global_params.ts +++ b/x-pack/test/api_integration/apis/synthetics/sync_global_params.ts @@ -89,6 +89,7 @@ export default function ({ getService }: FtrProviderContext) { lon: '', }, agentPolicyId: testFleetPolicyID, + namespace: 'default', }, ]); }); From 8359bad7ecb5d936ac5feaac54e5b812d8f0b1ec Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Wed, 18 Oct 2023 20:15:05 +0100 Subject: [PATCH 08/50] fix(NA): typecheck error --- .../alerting/metric_threshold/metric_threshold_executor.test.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/x-pack/plugins/infra/server/lib/alerting/metric_threshold/metric_threshold_executor.test.ts b/x-pack/plugins/infra/server/lib/alerting/metric_threshold/metric_threshold_executor.test.ts index f3bd6972eeea6..65fa6e5a070ce 100644 --- a/x-pack/plugins/infra/server/lib/alerting/metric_threshold/metric_threshold_executor.test.ts +++ b/x-pack/plugins/infra/server/lib/alerting/metric_threshold/metric_threshold_executor.test.ts @@ -42,6 +42,8 @@ const logger = { const mockNow = new Date('2023-09-20T15:11:04.105Z'); +const STARTED_AT_MOCK_DATE = new Date(); + const mockOptions = { executionId: '', startedAt: mockNow, From 8bd62dda2cb6278202be1a3c9f1f23142d9630f8 Mon Sep 17 00:00:00 2001 From: Jon Date: Wed, 18 Oct 2023 14:51:23 -0500 Subject: [PATCH 09/50] =?UTF-8?q?Revert=20"[ci]=20Temporarily=20move=20osq?= =?UTF-8?q?uery=20tests=20back=20to=20on=5Fmerge=5Funsuppor=E2=80=A6=20(#1?= =?UTF-8?q?69278)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit …ted pipeline (#169189)" This reverts commit 267fdb1ace81fc68a4435f2906da3f52f6252808. --- .buildkite/pipelines/on_merge.yml | 12 +++++++ .../pipelines/on_merge_unsupported_ftrs.yml | 12 ------- .buildkite/pipelines/pull_request/base.yml | 34 +++++++++++++++++++ .../pull_request/osquery_cypress.yml | 34 ------------------- .../pipelines/pull_request/pipeline.ts | 8 ----- 5 files changed, 46 insertions(+), 54 deletions(-) delete mode 100644 .buildkite/pipelines/pull_request/osquery_cypress.yml diff --git a/.buildkite/pipelines/on_merge.yml b/.buildkite/pipelines/on_merge.yml index 5c587545897f5..815e4d9adb5e2 100644 --- a/.buildkite/pipelines/on_merge.yml +++ b/.buildkite/pipelines/on_merge.yml @@ -187,6 +187,18 @@ steps: - exit_status: '*' limit: 1 + - command: .buildkite/scripts/steps/functional/osquery_cypress.sh + label: 'Osquery Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 50 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 + - command: '.buildkite/scripts/steps/functional/on_merge_unsupported_ftrs.sh' label: Trigger unsupported ftr tests timeout_in_minutes: 10 diff --git a/.buildkite/pipelines/on_merge_unsupported_ftrs.yml b/.buildkite/pipelines/on_merge_unsupported_ftrs.yml index 904bed2b042ab..6dee27db71659 100644 --- a/.buildkite/pipelines/on_merge_unsupported_ftrs.yml +++ b/.buildkite/pipelines/on_merge_unsupported_ftrs.yml @@ -63,15 +63,3 @@ steps: limit: 3 - exit_status: '*' limit: 1 - - - command: .buildkite/scripts/steps/functional/osquery_cypress.sh - label: 'Osquery Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 50 - parallelism: 6 - retry: - automatic: - - exit_status: '*' - limit: 1 diff --git a/.buildkite/pipelines/pull_request/base.yml b/.buildkite/pipelines/pull_request/base.yml index 5213dfc0e4ab1..c1cd68c6b04ab 100644 --- a/.buildkite/pipelines/pull_request/base.yml +++ b/.buildkite/pipelines/pull_request/base.yml @@ -187,6 +187,18 @@ steps: - exit_status: '*' limit: 1 + - command: .buildkite/scripts/steps/functional/osquery_cypress.sh + label: 'Osquery Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 50 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 + - command: .buildkite/scripts/steps/functional/security_solution_burn.sh label: 'Security Solution Cypress tests, burning changed specs' agents: @@ -198,6 +210,28 @@ steps: automatic: false soft_fail: true + - command: .buildkite/scripts/steps/functional/osquery_cypress_burn.sh + label: 'Osquery Cypress Tests, burning changed specs' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 50 + soft_fail: true + retry: + automatic: false + + - command: .buildkite/scripts/steps/functional/security_serverless_osquery.sh + label: 'Serverless Osquery Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 50 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 + # status_exception: Native role management is not enabled in this Elasticsearch instance # - command: .buildkite/scripts/steps/functional/security_serverless_defend_workflows.sh # label: 'Serverless Security Defend Workflows Cypress Tests' diff --git a/.buildkite/pipelines/pull_request/osquery_cypress.yml b/.buildkite/pipelines/pull_request/osquery_cypress.yml deleted file mode 100644 index 49ef00aeb8090..0000000000000 --- a/.buildkite/pipelines/pull_request/osquery_cypress.yml +++ /dev/null @@ -1,34 +0,0 @@ -steps: - - command: .buildkite/scripts/steps/functional/osquery_cypress.sh - label: 'Osquery Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 50 - parallelism: 6 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_serverless_osquery.sh - label: 'Serverless Osquery Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 50 - parallelism: 6 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/osquery_cypress_burn.sh - label: 'Osquery Cypress Tests, burning changed specs' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 50 - soft_fail: true - retry: - automatic: false diff --git a/.buildkite/scripts/pipelines/pull_request/pipeline.ts b/.buildkite/scripts/pipelines/pull_request/pipeline.ts index 4d6cd774393e0..7a7fa0f59b9c7 100644 --- a/.buildkite/scripts/pipelines/pull_request/pipeline.ts +++ b/.buildkite/scripts/pipelines/pull_request/pipeline.ts @@ -151,14 +151,6 @@ const uploadPipeline = (pipelineContent: string | object) => { pipeline.push(getPipeline('.buildkite/pipelines/pull_request/webpack_bundle_analyzer.yml')); } - if ( - ((await doAnyChangesMatch([/^x-pack\/plugins\/osquery/, /^x-pack\/test\/osquery_cypress/])) || - GITHUB_PR_LABELS.includes('ci:all-cypress-suites')) && - !GITHUB_PR_LABELS.includes('ci:skip-cypress-osquery') - ) { - pipeline.push(getPipeline('.buildkite/pipelines/pull_request/osquery_cypress.yml')); - } - if ( (await doAnyChangesMatch([ /\.docnav\.json$/, From 6fd7a867ea7ba56db8beb3210b7893288f191915 Mon Sep 17 00:00:00 2001 From: Ash <1849116+ashokaditya@users.noreply.github.com> Date: Wed, 18 Oct 2023 22:47:14 +0200 Subject: [PATCH 10/50] [Security Solution] [Endpoint] Upload action endpoint tests and other missing workflow tests for response console (#168005) ## Summary Adds missing tests for upload response action workflows. Adds tests for - [x] upload response action - [x] responder action from Alerts -> Alert details - [x] responder action from Cases -> Alert details - [x] responder action from Timeline view -> Alert Details ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Patryk Kopycinski Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../fleet/server/services/files/mocks.ts | 4 +- .../history_log.cy.ts | 6 +- .../alerts_response_console.cy.ts | 115 +++++++++++++++++ .../cases_response_console.cy.ts | 122 ++++++++++++++++++ .../endpoints_list_response_console.cy.ts | 69 ++++++++++ .../e2e/response_actions/isolate.cy.ts | 10 +- .../isolate_mocked_data.cy.ts | 8 +- ...e.cy.ts => response_console_actions.cy.ts} | 20 ++- .../management/cypress/screens/alerts.ts | 21 ++- .../management/cypress/screens/responder.ts | 2 +- .../public/management/cypress/support/e2e.ts | 12 +- .../management/cypress/tasks/isolate.ts | 8 +- 12 files changed, 372 insertions(+), 25 deletions(-) create mode 100644 x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/alerts_response_console.cy.ts create mode 100644 x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/cases_response_console.cy.ts create mode 100644 x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/endpoints_list_response_console.cy.ts rename x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/{response_console.cy.ts => response_console_actions.cy.ts} (94%) diff --git a/x-pack/plugins/fleet/server/services/files/mocks.ts b/x-pack/plugins/fleet/server/services/files/mocks.ts index 23c0482b7e111..2000f8eefc02b 100644 --- a/x-pack/plugins/fleet/server/services/files/mocks.ts +++ b/x-pack/plugins/fleet/server/services/files/mocks.ts @@ -10,12 +10,12 @@ import { Readable } from 'stream'; import type { estypes } from '@elastic/elasticsearch'; import type { + FleetFile, FleetFromHostFileClientInterface, FleetToHostFileClientInterface, HapiReadableStream, + HostUploadedFileMetadata, } from './types'; -import type { FleetFile } from './types'; -import type { HostUploadedFileMetadata } from './types'; export const createFleetFromHostFilesClientMock = (): jest.Mocked => { diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/history_log.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/history_log.cy.ts index b2f99a51087be..dbe75b576ac9c 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/history_log.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/history_log.cy.ts @@ -22,8 +22,6 @@ describe( const [endpointAgentId, endpointHostname] = generateRandomStringName(2); before(() => { - login(ROLE.endpoint_response_actions_access); - indexEndpointHosts({ numResponseActions: 2 }).then((indexEndpoints) => { endpointData = indexEndpoints; }); @@ -59,6 +57,10 @@ describe( } }); + beforeEach(() => { + login(ROLE.endpoint_response_actions_access); + }); + it('enable filtering by type', () => { cy.visit(`/app/security/administration/response_actions_history`); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/alerts_response_console.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/alerts_response_console.cy.ts new file mode 100644 index 0000000000000..a736e05c33145 --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/alerts_response_console.cy.ts @@ -0,0 +1,115 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { closeAllToasts } from '../../tasks/toasts'; +import { + getAlertsTableRows, + openAlertDetailsView, + openInvestigateInTimelineView, + openResponderFromEndpointAlertDetails, +} from '../../screens/alerts'; +import { ensureOnResponder } from '../../screens/responder'; +import { cleanupRule, loadRule } from '../../tasks/api_fixtures'; +import type { PolicyData } from '../../../../../common/endpoint/types'; +import type { CreateAndEnrollEndpointHostResponse } from '../../../../../scripts/endpoint/common/endpoint_host_services'; +import { waitForEndpointListPageToBeLoaded } from '../../tasks/response_console'; +import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; +import { createAgentPolicyTask, getEndpointIntegrationVersion } from '../../tasks/fleet'; +import { toggleRuleOffAndOn, visitRuleAlerts } from '../../tasks/isolate'; + +import { login } from '../../tasks/login'; +import { enableAllPolicyProtections } from '../../tasks/endpoint_policy'; +import { createEndpointHost } from '../../tasks/create_endpoint_host'; +import { deleteAllLoadedEndpointData } from '../../tasks/delete_all_endpoint_data'; + +describe('Response console', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => { + let indexedPolicy: IndexedFleetEndpointPolicyResponse; + let policy: PolicyData; + let createdHost: CreateAndEnrollEndpointHostResponse; + + beforeEach(() => { + login(); + }); + + before(() => { + getEndpointIntegrationVersion().then((version) => + createAgentPolicyTask(version).then((data) => { + indexedPolicy = data; + policy = indexedPolicy.integrationPolicies[0]; + + return enableAllPolicyProtections(policy.id).then(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policy.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + }) + ); + }); + + after(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (indexedPolicy) { + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicy); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + describe('From Alerts', () => { + let ruleId: string; + let ruleName: string; + + before(() => { + loadRule( + { query: `agent.name: ${createdHost.hostname} and agent.type: endpoint` }, + false + ).then((data) => { + ruleId = data.id; + ruleName = data.name; + }); + }); + + after(() => { + if (ruleId) { + cleanupRule(ruleId); + } + }); + + it('should open responder from alert details flyout', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + toggleRuleOffAndOn(ruleName); + visitRuleAlerts(ruleName); + closeAllToasts(); + getAlertsTableRows().should('have.length.greaterThan', 0); + openAlertDetailsView(); + + openResponderFromEndpointAlertDetails(); + ensureOnResponder(); + }); + + it('should open responder from timeline view alert details flyout', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + toggleRuleOffAndOn(ruleName); + visitRuleAlerts(ruleName); + closeAllToasts(); + + getAlertsTableRows().should('have.length.greaterThan', 0); + openInvestigateInTimelineView(); + cy.getByTestSubj('timeline-flyout').within(() => { + openAlertDetailsView(); + }); + openResponderFromEndpointAlertDetails(); + ensureOnResponder(); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/cases_response_console.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/cases_response_console.cy.ts new file mode 100644 index 0000000000000..a33d325d5443a --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/cases_response_console.cy.ts @@ -0,0 +1,122 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { loadPage } from '../../tasks/common'; +import { closeAllToasts } from '../../tasks/toasts'; +import { + addAlertToCase, + getAlertsTableRows, + openAlertDetailsView, + openResponderFromEndpointAlertDetails, +} from '../../screens/alerts'; +import { ensureOnResponder } from '../../screens/responder'; +import { cleanupCase, cleanupRule, loadCase, loadRule } from '../../tasks/api_fixtures'; +import type { PolicyData } from '../../../../../common/endpoint/types'; +import type { CreateAndEnrollEndpointHostResponse } from '../../../../../scripts/endpoint/common/endpoint_host_services'; +import { waitForEndpointListPageToBeLoaded } from '../../tasks/response_console'; +import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; +import { createAgentPolicyTask, getEndpointIntegrationVersion } from '../../tasks/fleet'; +import { openCaseAlertDetails, toggleRuleOffAndOn, visitRuleAlerts } from '../../tasks/isolate'; + +import { login } from '../../tasks/login'; +import { enableAllPolicyProtections } from '../../tasks/endpoint_policy'; +import { createEndpointHost } from '../../tasks/create_endpoint_host'; +import { deleteAllLoadedEndpointData } from '../../tasks/delete_all_endpoint_data'; +import { APP_CASES_PATH } from '../../../../../common/constants'; + +describe('Response console', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => { + let indexedPolicy: IndexedFleetEndpointPolicyResponse; + let policy: PolicyData; + let createdHost: CreateAndEnrollEndpointHostResponse; + + before(() => { + getEndpointIntegrationVersion().then((version) => + createAgentPolicyTask(version).then((data) => { + indexedPolicy = data; + policy = indexedPolicy.integrationPolicies[0]; + + return enableAllPolicyProtections(policy.id).then(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policy.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + }) + ); + }); + + beforeEach(() => { + login(); + }); + + after(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (indexedPolicy) { + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicy); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + describe('From Cases', () => { + let ruleId: string; + let ruleName: string; + let caseId: string; + const caseOwner = 'securitySolution'; + + beforeEach(() => { + loadRule( + { query: `agent.name: ${createdHost.hostname} and agent.type: endpoint` }, + false + ).then((data) => { + ruleId = data.id; + ruleName = data.name; + }); + loadCase(caseOwner).then((data) => { + caseId = data.id; + }); + }); + + afterEach(() => { + if (ruleId) { + cleanupRule(ruleId); + } + if (caseId) { + cleanupCase(caseId); + } + }); + + it('should open responder', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + toggleRuleOffAndOn(ruleName); + visitRuleAlerts(ruleName); + closeAllToasts(); + + getAlertsTableRows().should('have.length.greaterThan', 0); + openAlertDetailsView(); + addAlertToCase(caseId, caseOwner); + + // visit case details page + cy.intercept('GET', `/api/cases/${caseId}/user_actions/_find*`).as('case'); + loadPage(`${APP_CASES_PATH}/${caseId}`); + + cy.wait('@case', { timeout: 30000 }).then(({ response: res }) => { + const caseAlertId = res?.body.userActions[1].id; + closeAllToasts(); + openCaseAlertDetails(caseAlertId); + }); + + openResponderFromEndpointAlertDetails(); + ensureOnResponder(); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/endpoints_list_response_console.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/endpoints_list_response_console.cy.ts new file mode 100644 index 0000000000000..75074b0d3f94a --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/endpoints_list_response_console.cy.ts @@ -0,0 +1,69 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ensureOnResponder } from '../../screens/responder'; +import type { PolicyData } from '../../../../../common/endpoint/types'; +import type { CreateAndEnrollEndpointHostResponse } from '../../../../../scripts/endpoint/common/endpoint_host_services'; +import { + openResponseConsoleFromEndpointList, + waitForEndpointListPageToBeLoaded, +} from '../../tasks/response_console'; +import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; +import { createAgentPolicyTask, getEndpointIntegrationVersion } from '../../tasks/fleet'; + +import { login } from '../../tasks/login'; +import { enableAllPolicyProtections } from '../../tasks/endpoint_policy'; +import { createEndpointHost } from '../../tasks/create_endpoint_host'; +import { deleteAllLoadedEndpointData } from '../../tasks/delete_all_endpoint_data'; + +describe('Response console', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => { + beforeEach(() => { + login(); + }); + + describe('From endpoint list', () => { + let indexedPolicy: IndexedFleetEndpointPolicyResponse; + let policy: PolicyData; + let createdHost: CreateAndEnrollEndpointHostResponse; + + before(() => { + getEndpointIntegrationVersion().then((version) => + createAgentPolicyTask(version).then((data) => { + indexedPolicy = data; + policy = indexedPolicy.integrationPolicies[0]; + + return enableAllPolicyProtections(policy.id).then(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policy.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + }) + ); + }); + + after(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (indexedPolicy) { + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicy); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + it('should open responder', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + openResponseConsoleFromEndpointList(); + ensureOnResponder(); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate.cy.ts index f09e0b462a75d..ada452213b74d 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate.cy.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { openAlertDetailsView } from '../../screens/alerts'; import type { PolicyData } from '../../../../../common/endpoint/types'; import { APP_CASES_PATH, APP_ENDPOINTS_PATH } from '../../../../../common/constants'; import { closeAllToasts } from '../../tasks/toasts'; @@ -14,7 +15,6 @@ import { checkFlyoutEndpointIsolation, filterOutIsolatedHosts, isolateHostWithComment, - openAlertDetails, openCaseAlertDetails, releaseHostWithComment, toggleRuleOffAndOn, @@ -139,7 +139,7 @@ describe.skip('Isolate command', { tags: ['@ess', '@serverless', '@brokenInServe visitRuleAlerts(ruleName); closeAllToasts(); - openAlertDetails(); + openAlertDetailsView(); isolateHostWithComment(isolateComment, createdHost.hostname); @@ -147,7 +147,7 @@ describe.skip('Isolate command', { tags: ['@ess', '@serverless', '@brokenInServe cy.contains(`Isolation on host ${createdHost.hostname} successfully submitted`); cy.getByTestSubj('euiFlyoutCloseButton').click(); - openAlertDetails(); + openAlertDetailsView(); checkFlyoutEndpointIsolation(); @@ -156,7 +156,7 @@ describe.skip('Isolate command', { tags: ['@ess', '@serverless', '@brokenInServe cy.contains(`Release on host ${createdHost.hostname} successfully submitted`); cy.getByTestSubj('euiFlyoutCloseButton').click(); - openAlertDetails(); + openAlertDetailsView(); cy.getByTestSubj('event-field-agent.status').within(() => { cy.get('[title="Isolated"]').should('not.exist'); }); @@ -205,7 +205,7 @@ describe.skip('Isolate command', { tags: ['@ess', '@serverless', '@brokenInServe visitRuleAlerts(ruleName); closeAllToasts(); - openAlertDetails(); + openAlertDetailsView(); cy.getByTestSubj('add-to-existing-case-action').click(); cy.getByTestSubj(`cases-table-row-select-${caseId}`).click(); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate_mocked_data.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate_mocked_data.cy.ts index 00bca7e3864af..a630d8fc4ec01 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate_mocked_data.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate_mocked_data.cy.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { openAlertDetailsView } from '../../screens/alerts'; import { getEndpointListPath } from '../../../common/routing'; import { checkEndpointIsIsolated, @@ -12,7 +13,6 @@ import { filterOutIsolatedHosts, interceptActionRequests, isolateHostWithComment, - openAlertDetails, openCaseAlertDetails, releaseHostWithComment, sendActionResponse, @@ -148,7 +148,7 @@ describe('Isolate command', { tags: ['@ess', '@serverless'] }, () => { }); }); - openAlertDetails(); + openAlertDetailsView(); isolateHostWithComment(isolateComment, hostname); @@ -167,7 +167,7 @@ describe('Isolate command', { tags: ['@ess', '@serverless'] }, () => { cy.getByTestSubj('euiFlyoutCloseButton').click(); // eslint-disable-next-line cypress/no-unnecessary-waiting cy.wait(1000); - openAlertDetails(); + openAlertDetailsView(); checkFlyoutEndpointIsolation(); @@ -185,7 +185,7 @@ describe('Isolate command', { tags: ['@ess', '@serverless'] }, () => { cy.contains(`Release on host ${hostname} successfully submitted`); cy.getByTestSubj('euiFlyoutCloseButton').click(); - openAlertDetails(); + openAlertDetailsView(); cy.getByTestSubj('event-field-agent.status').within(() => { cy.get('[title="Isolated"]').should('not.exist'); }); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/response_console.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/response_console_actions.cy.ts similarity index 94% rename from x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/response_console.cy.ts rename to x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/response_console_actions.cy.ts index 9690107c2d218..b727697da17be 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/response_console.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/response_console_actions.cy.ts @@ -16,7 +16,7 @@ import { waitForEndpointListPageToBeLoaded, } from '../../tasks/response_console'; import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; -import { getEndpointIntegrationVersion, createAgentPolicyTask } from '../../tasks/fleet'; +import { createAgentPolicyTask, getEndpointIntegrationVersion } from '../../tasks/fleet'; import { checkEndpointListForOnlyIsolatedHosts, checkEndpointListForOnlyUnIsolatedHosts, @@ -188,7 +188,7 @@ describe('Response console', { tags: ['@ess', '@serverless', '@brokenInServerles }); }); - describe('File operations: get-file and execute', () => { + describe('File operations: get-file, upload and execute', () => { const homeFilePath = process.env.CI || true ? '/home/vagrant' : `/home/ubuntu`; const fileContent = 'This is a test file for the get-file command.'; @@ -271,6 +271,22 @@ describe('Response console', { tags: ['@ess', '@serverless', '@brokenInServerles submitCommand(); waitForCommandToBeExecuted('execute'); }); + + it('"upload --file" - should upload a file', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + openResponseConsoleFromEndpointList(); + inputConsoleCommand(`upload --file`); + cy.getByTestSubj('console-arg-file-picker').selectFile( + { + contents: Cypress.Buffer.from('upload file content here!'), + fileName: 'upload_file.txt', + lastModified: Date.now(), + }, + { force: true } + ); + submitCommand(); + waitForCommandToBeExecuted('upload'); + }); }); // FLAKY: https://github.com/elastic/kibana/issues/168296 diff --git a/x-pack/plugins/security_solution/public/management/cypress/screens/alerts.ts b/x-pack/plugins/security_solution/public/management/cypress/screens/alerts.ts index a1e53cee9b09a..b434458c4dc1d 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/screens/alerts.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/screens/alerts.ts @@ -13,7 +13,7 @@ export const navigateToAlertsList = (urlQueryParams: string = '') => { }; export const clickAlertListRefreshButton = (): Cypress.Chainable => { - cy.getByTestSubj('querySubmitButton').click(); + cy.getByTestSubj('querySubmitButton').first().click(); return cy.getByTestSubj('querySubmitButton').should('be.enabled'); }; @@ -41,3 +41,22 @@ export const getAlertsTableRows = (timeout?: number): Cypress.Chainable $rows); }; + +export const openAlertDetailsView = (rowIndex: number = 0): void => { + cy.getByTestSubj('expand-event').eq(rowIndex).click(); + cy.getByTestSubj('take-action-dropdown-btn').click(); +}; + +export const openInvestigateInTimelineView = (): void => { + cy.getByTestSubj('send-alert-to-timeline-button').first().click(); +}; + +export const openResponderFromEndpointAlertDetails = (): void => { + cy.getByTestSubj('endpointResponseActions-action-item').click(); +}; + +export const addAlertToCase = (caseId: string, caseOwner: string): void => { + cy.getByTestSubj('add-to-existing-case-action').click(); + cy.getByTestSubj(`cases-table-row-select-${caseId}`).click(); + cy.contains(`An alert was added to \"Test ${caseOwner} case`); +}; diff --git a/x-pack/plugins/security_solution/public/management/cypress/screens/responder.ts b/x-pack/plugins/security_solution/public/management/cypress/screens/responder.ts index c9e320728ee23..c612c99db17b3 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/screens/responder.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/screens/responder.ts @@ -30,7 +30,7 @@ export const getConsoleHelpPanelResponseActionTestSubj = (): Record< }; }; -const ensureOnResponder = (): Cypress.Chainable> => { +export const ensureOnResponder = (): Cypress.Chainable> => { return cy.getByTestSubj(TEST_SUBJ.responderPage).should('exist'); }; diff --git a/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts b/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts index 7c8bf5104524b..67c2a3ef0375e 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts @@ -23,12 +23,13 @@ // *********************************************************** import { subj as testSubjSelector } from '@kbn/test-subj-selector'; - import 'cypress-react-selector'; - // @ts-ignore import registerCypressGrep from '@cypress/grep'; +import { login, ROLE } from '../tasks/login'; +import { loadPage } from '../tasks/common'; + registerCypressGrep(); Cypress.Commands.addQuery<'getByTestSubj'>( @@ -100,3 +101,10 @@ Cypress.Commands.add( ); Cypress.on('uncaught:exception', () => false); + +// Login as a Platform Engineer to properly initialize Security Solution App +before(() => { + login(ROLE.soc_manager); + loadPage('/app/security/alerts'); + cy.getByTestSubj('manage-alert-detection-rules').should('exist'); +}); diff --git a/x-pack/plugins/security_solution/public/management/cypress/tasks/isolate.ts b/x-pack/plugins/security_solution/public/management/cypress/tasks/isolate.ts index a15a71f1362eb..e13bb832adce5 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/tasks/isolate.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/tasks/isolate.ts @@ -7,6 +7,7 @@ /* eslint-disable cypress/no-unnecessary-waiting */ +import { openAlertDetailsView } from '../screens/alerts'; import type { ActionDetails } from '../../../../common/endpoint/types'; import { loadPage } from './common'; @@ -46,11 +47,6 @@ export const releaseHostWithComment = (comment: string, hostname: string): void cy.getByTestSubj('host_isolation_comment').type(comment); }; -export const openAlertDetails = (): void => { - cy.getByTestSubj('expand-event').first().click(); - cy.getByTestSubj('take-action-dropdown-btn').click(); -}; - export const openCaseAlertDetails = (alertId: string): void => { cy.getByTestSubj(`comment-action-show-alert-${alertId}`).click(); cy.getByTestSubj('take-action-dropdown-btn').click(); @@ -84,7 +80,7 @@ export const checkFlyoutEndpointIsolation = (): void => { } else { cy.getByTestSubj('euiFlyoutCloseButton').click(); cy.wait(5000); - openAlertDetails(); + openAlertDetailsView(); cy.getByTestSubj('event-field-agent.status').within(() => { cy.contains('Isolated'); }); From 8fd827f8683cc0312ba957e384d82bab5ab217c7 Mon Sep 17 00:00:00 2001 From: Kurt Date: Wed, 18 Oct 2023 16:59:15 -0400 Subject: [PATCH 11/50] Upgrade babel/traverse to 7.23.2 (#169174) ## Summary Upgrading `@babel/traverse` form 7.21.2 to 7.23.2 --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 90 +++++++++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 83 insertions(+), 9 deletions(-) diff --git a/package.json b/package.json index 8947a3c3680b0..d2ce2ddb94eab 100644 --- a/package.json +++ b/package.json @@ -1093,7 +1093,7 @@ "@babel/preset-react": "^7.18.6", "@babel/preset-typescript": "^7.21.0", "@babel/register": "^7.21.0", - "@babel/traverse": "^7.21.2", + "@babel/traverse": "^7.23.2", "@babel/types": "^7.21.2", "@bazel/ibazel": "^0.16.2", "@bazel/typescript": "4.6.2", diff --git a/yarn.lock b/yarn.lock index 1dcea68abfd5b..751fcd443ce48 100644 --- a/yarn.lock +++ b/yarn.lock @@ -196,6 +196,16 @@ "@jridgewell/trace-mapping" "^0.3.17" jsesc "^2.5.1" +"@babel/generator@^7.23.0": + version "7.23.0" + resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.23.0.tgz#df5c386e2218be505b34837acbcb874d7a983420" + integrity sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g== + dependencies: + "@babel/types" "^7.23.0" + "@jridgewell/gen-mapping" "^0.3.2" + "@jridgewell/trace-mapping" "^0.3.17" + jsesc "^2.5.1" + "@babel/helper-annotate-as-pure@^7.16.0", "@babel/helper-annotate-as-pure@^7.18.6": version "7.18.6" resolved "https://registry.yarnpkg.com/@babel/helper-annotate-as-pure/-/helper-annotate-as-pure-7.18.6.tgz#eaa49f6f80d5a33f9a5dd2276e6d6e451be0a6bb" @@ -275,6 +285,11 @@ resolved "https://registry.yarnpkg.com/@babel/helper-environment-visitor/-/helper-environment-visitor-7.18.9.tgz#0c0cee9b35d2ca190478756865bb3528422f51be" integrity sha512-3r/aACDJ3fhQ/EVgFy0hpj8oHyHpQc+LPtJoY9SzTThAsStm4Ptegq92vqKoE3vD706ZVFWITnMnxucw+S9Ipg== +"@babel/helper-environment-visitor@^7.22.20": + version "7.22.20" + resolved "https://registry.yarnpkg.com/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz#96159db61d34a29dba454c959f5ae4a649ba9167" + integrity sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA== + "@babel/helper-explode-assignable-expression@^7.18.6": version "7.18.6" resolved "https://registry.yarnpkg.com/@babel/helper-explode-assignable-expression/-/helper-explode-assignable-expression-7.18.6.tgz#41f8228ef0a6f1a036b8dfdfec7ce94f9a6bc096" @@ -290,6 +305,14 @@ "@babel/template" "^7.20.7" "@babel/types" "^7.21.0" +"@babel/helper-function-name@^7.23.0": + version "7.23.0" + resolved "https://registry.yarnpkg.com/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz#1f9a3cdbd5b2698a670c30d2735f9af95ed52759" + integrity sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw== + dependencies: + "@babel/template" "^7.22.15" + "@babel/types" "^7.23.0" + "@babel/helper-hoist-variables@^7.18.6": version "7.18.6" resolved "https://registry.yarnpkg.com/@babel/helper-hoist-variables/-/helper-hoist-variables-7.18.6.tgz#d4d2c8fb4baeaa5c68b99cc8245c56554f926678" @@ -297,6 +320,13 @@ dependencies: "@babel/types" "^7.18.6" +"@babel/helper-hoist-variables@^7.22.5": + version "7.22.5" + resolved "https://registry.yarnpkg.com/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz#c01a007dac05c085914e8fb652b339db50d823bb" + integrity sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw== + dependencies: + "@babel/types" "^7.22.5" + "@babel/helper-member-expression-to-functions@^7.20.7", "@babel/helper-member-expression-to-functions@^7.21.0": version "7.21.0" resolved "https://registry.yarnpkg.com/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.21.0.tgz#319c6a940431a133897148515877d2f3269c3ba5" @@ -385,11 +415,23 @@ dependencies: "@babel/types" "^7.18.6" +"@babel/helper-split-export-declaration@^7.22.6": + version "7.22.6" + resolved "https://registry.yarnpkg.com/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz#322c61b7310c0997fe4c323955667f18fcefb91c" + integrity sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g== + dependencies: + "@babel/types" "^7.22.5" + "@babel/helper-string-parser@^7.19.4": version "7.19.4" resolved "https://registry.yarnpkg.com/@babel/helper-string-parser/-/helper-string-parser-7.19.4.tgz#38d3acb654b4701a9b77fb0615a96f775c3a9e63" integrity sha512-nHtDoQcuqFmwYNYPz3Rah5ph2p8PFeFCsZk9A/48dPc/rGocJ5J3hAAZ7pb76VWX3fZKu+uEr/FhH5jLx7umrw== +"@babel/helper-string-parser@^7.22.5": + version "7.22.5" + resolved "https://registry.yarnpkg.com/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz#533f36457a25814cf1df6488523ad547d784a99f" + integrity sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw== + "@babel/helper-validator-identifier@^7.19.1", "@babel/helper-validator-identifier@^7.22.5": version "7.22.5" resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.5.tgz#9544ef6a33999343c8740fa51350f30eeaaaf193" @@ -452,6 +494,11 @@ resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.22.5.tgz#721fd042f3ce1896238cf1b341c77eb7dee7dbea" integrity sha512-DFZMC9LJUG9PLOclRC32G63UXwzqS2koQC8dkx+PLdmt1xSePYpbT/NbsrJy8Q/muXz7o/h/d4A7Fuyixm559Q== +"@babel/parser@^7.22.15", "@babel/parser@^7.23.0": + version "7.23.0" + resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.23.0.tgz#da950e622420bf96ca0d0f2909cdddac3acd8719" + integrity sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw== + "@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression@^7.18.6": version "7.18.6" resolved "https://registry.yarnpkg.com/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression/-/plugin-bugfix-safari-id-destructuring-collision-in-function-expression-7.18.6.tgz#da5b8f9a580acdfbe53494dba45ea389fb09a4d2" @@ -1261,6 +1308,15 @@ "@babel/parser" "^7.20.7" "@babel/types" "^7.20.7" +"@babel/template@^7.22.15": + version "7.22.15" + resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.22.15.tgz#09576efc3830f0430f4548ef971dde1350ef2f38" + integrity sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w== + dependencies: + "@babel/code-frame" "^7.22.13" + "@babel/parser" "^7.22.15" + "@babel/types" "^7.22.15" + "@babel/traverse@^7.10.3", "@babel/traverse@^7.12.11", "@babel/traverse@^7.12.9", "@babel/traverse@^7.13.0", "@babel/traverse@^7.19.0", "@babel/traverse@^7.20.7", "@babel/traverse@^7.21.0", "@babel/traverse@^7.21.2", "@babel/traverse@^7.4.5": version "7.21.2" resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.21.2.tgz#ac7e1f27658750892e815e60ae90f382a46d8e75" @@ -1277,6 +1333,22 @@ debug "^4.1.0" globals "^11.1.0" +"@babel/traverse@^7.23.2": + version "7.23.2" + resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.23.2.tgz#329c7a06735e144a506bdb2cad0268b7f46f4ad8" + integrity sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw== + dependencies: + "@babel/code-frame" "^7.22.13" + "@babel/generator" "^7.23.0" + "@babel/helper-environment-visitor" "^7.22.20" + "@babel/helper-function-name" "^7.23.0" + "@babel/helper-hoist-variables" "^7.22.5" + "@babel/helper-split-export-declaration" "^7.22.6" + "@babel/parser" "^7.23.0" + "@babel/types" "^7.23.0" + debug "^4.1.0" + globals "^11.1.0" + "@babel/types@^7.0.0", "@babel/types@^7.10.3", "@babel/types@^7.12.11", "@babel/types@^7.12.7", "@babel/types@^7.18.6", "@babel/types@^7.18.9", "@babel/types@^7.19.0", "@babel/types@^7.20.0", "@babel/types@^7.20.2", "@babel/types@^7.20.7", "@babel/types@^7.21.0", "@babel/types@^7.21.2", "@babel/types@^7.3.0", "@babel/types@^7.3.3", "@babel/types@^7.4.4": version "7.21.2" resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.21.2.tgz#92246f6e00f91755893c2876ad653db70c8310d1" @@ -1286,6 +1358,15 @@ "@babel/helper-validator-identifier" "^7.19.1" to-fast-properties "^2.0.0" +"@babel/types@^7.22.15", "@babel/types@^7.22.5", "@babel/types@^7.23.0": + version "7.23.0" + resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.23.0.tgz#8c1f020c9df0e737e4e247c0619f58c68458aaeb" + integrity sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg== + dependencies: + "@babel/helper-string-parser" "^7.22.5" + "@babel/helper-validator-identifier" "^7.22.20" + to-fast-properties "^2.0.0" + "@base2/pretty-print-object@1.0.1": version "1.0.1" resolved "https://registry.yarnpkg.com/@base2/pretty-print-object/-/pretty-print-object-1.0.1.tgz#371ba8be66d556812dc7fb169ebc3c08378f69d4" @@ -27155,7 +27236,7 @@ semver@5.6.0: resolved "https://registry.yarnpkg.com/semver/-/semver-5.6.0.tgz#7e74256fbaa49c75aa7c7a205cc22799cac80004" integrity sha512-RS9R6R35NYgQn++fkDWaOmqGoj4Ek9gGs+DPxNUZKuwE183xjJroKvyo1IzVFeXvUrvmALy6FWD5xrdJT25gMg== -semver@7.5.4: +semver@7.5.4, semver@^7.3.2, semver@^7.3.4, semver@^7.3.5, semver@^7.3.7, semver@^7.3.8, semver@^7.5.0, semver@^7.5.2, semver@^7.5.3, semver@^7.5.4: version "7.5.4" resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.4.tgz#483986ec4ed38e1c6c48c34894a9182dbff68a6e" integrity sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA== @@ -27167,13 +27248,6 @@ semver@^6.0.0, semver@^6.1.0, semver@^6.1.1, semver@^6.1.2, semver@^6.2.0, semve resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.1.tgz#556d2ef8689146e46dcea4bfdd095f3434dffcb4" integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA== -semver@^7.3.2, semver@^7.3.4, semver@^7.3.5, semver@^7.3.7, semver@^7.3.8, semver@^7.5.0, semver@^7.5.2, semver@^7.5.3, semver@^7.5.4: - version "7.5.4" - resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.4.tgz#483986ec4ed38e1c6c48c34894a9182dbff68a6e" - integrity sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA== - dependencies: - lru-cache "^6.0.0" - send@0.17.2: version "0.17.2" resolved "https://registry.yarnpkg.com/send/-/send-0.17.2.tgz#926622f76601c41808012c8bf1688fe3906f7820" From 4f9108273c3bbdf03af26a8a0d2b7a571311751a Mon Sep 17 00:00:00 2001 From: Maxim Palenov Date: Thu, 19 Oct 2023 00:26:55 +0200 Subject: [PATCH 12/50] [Security Solution] Unskip rules bulk actions Serverless Cypress tests (#168307) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit **Addresses:** https://github.com/elastic/kibana/issues/161540 ## Summary This PR unskips rules bulk actions Serverless Cypress tests (besides role based `bulk_edit_rules_actions.cy.ts`) - `bulk_duplicate_rules.cy.ts` - `bulk_edit_rules.cy.ts` - `bulk_edit_rules_data_view.cy.ts` ## Flaky test runner `detection_response/rule_management/rule_actions/bulk_actions` folder [150 runs](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/3596) 🟢 --- .../bulk_actions/bulk_duplicate_rules.cy.ts | 150 ++-- .../bulk_actions/bulk_edit_rules.cy.ts | 843 +++++++++--------- .../bulk_edit_rules_actions.cy.ts | 335 ++++--- .../bulk_edit_rules_data_view.cy.ts | 5 +- 4 files changed, 659 insertions(+), 674 deletions(-) diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts index 02a77d227a4c5..f14ced2ea02cf 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts @@ -53,89 +53,83 @@ const EXPIRED_EXCEPTION_ITEM_NAME = 'Sample exception item'; const NON_EXPIRED_EXCEPTION_ITEM_NAME = 'Sample exception item with future expiration'; -// TODO: https://github.com/elastic/kibana/issues/161540 -// Flaky on serverless -describe( - 'Detection rules, bulk duplicate', - { tags: ['@ess', '@serverless', '@skipInServerless'] }, - () => { - before(() => { - cleanKibana(); +describe('Detection rules, bulk duplicate', { tags: ['@ess', '@serverless'] }, () => { + before(() => { + cleanKibana(); + }); + + beforeEach(() => { + login(); + // Make sure persisted rules table state is cleared + resetRulesTableState(); + deleteAlertsAndRules(); + cy.task('esArchiverResetKibana'); + createRule( + getNewRule({ name: RULE_NAME, ...defaultRuleData, rule_id: '1', enabled: false }) + ).then((response) => { + createRuleExceptionItem(response.body.id, [ + { + description: 'Exception item for rule default exception list', + entries: [ + { + field: 'user.name', + operator: 'included', + type: 'match', + value: 'some value', + }, + ], + name: EXPIRED_EXCEPTION_ITEM_NAME, + type: 'simple', + expire_time: expiredDate, + }, + { + description: 'Exception item for rule default exception list', + entries: [ + { + field: 'user.name', + operator: 'included', + type: 'match', + value: 'some value', + }, + ], + name: NON_EXPIRED_EXCEPTION_ITEM_NAME, + type: 'simple', + expire_time: futureDate, + }, + ]); }); - beforeEach(() => { - login(); - // Make sure persisted rules table state is cleared - resetRulesTableState(); - deleteAlertsAndRules(); - cy.task('esArchiverResetKibana'); - createRule( - getNewRule({ name: RULE_NAME, ...defaultRuleData, rule_id: '1', enabled: false }) - ).then((response) => { - createRuleExceptionItem(response.body.id, [ - { - description: 'Exception item for rule default exception list', - entries: [ - { - field: 'user.name', - operator: 'included', - type: 'match', - value: 'some value', - }, - ], - name: EXPIRED_EXCEPTION_ITEM_NAME, - type: 'simple', - expire_time: expiredDate, - }, - { - description: 'Exception item for rule default exception list', - entries: [ - { - field: 'user.name', - operator: 'included', - type: 'match', - value: 'some value', - }, - ], - name: NON_EXPIRED_EXCEPTION_ITEM_NAME, - type: 'simple', - expire_time: futureDate, - }, - ]); - }); - - visitRulesManagementTable(); - disableAutoRefresh(); - }); + visitRulesManagementTable(); + disableAutoRefresh(); + }); + + it('Duplicates rules', () => { + selectAllRules(); + duplicateSelectedRulesWithoutExceptions(); + expectManagementTableRules([`${RULE_NAME} [Duplicate]`]); + }); - it('Duplicates rules', () => { + describe('With exceptions', () => { + it('Duplicates rules with expired exceptions', () => { selectAllRules(); - duplicateSelectedRulesWithoutExceptions(); + duplicateSelectedRulesWithExceptions(); expectManagementTableRules([`${RULE_NAME} [Duplicate]`]); + goToRuleDetailsOf(`${RULE_NAME} [Duplicate]`); + goToExceptionsTab(); + assertExceptionItemsExists(EXCEPTION_CARD_ITEM_NAME, [NON_EXPIRED_EXCEPTION_ITEM_NAME]); + viewExpiredExceptionItems(); + assertExceptionItemsExists(EXCEPTION_CARD_ITEM_NAME, [EXPIRED_EXCEPTION_ITEM_NAME]); }); - describe('With exceptions', () => { - it('Duplicates rules with expired exceptions', () => { - selectAllRules(); - duplicateSelectedRulesWithExceptions(); - expectManagementTableRules([`${RULE_NAME} [Duplicate]`]); - goToRuleDetailsOf(`${RULE_NAME} [Duplicate]`); - goToExceptionsTab(); - assertExceptionItemsExists(EXCEPTION_CARD_ITEM_NAME, [NON_EXPIRED_EXCEPTION_ITEM_NAME]); - viewExpiredExceptionItems(); - assertExceptionItemsExists(EXCEPTION_CARD_ITEM_NAME, [EXPIRED_EXCEPTION_ITEM_NAME]); - }); - - it('Duplicates rules with exceptions, excluding expired exceptions', () => { - selectAllRules(); - duplicateSelectedRulesWithNonExpiredExceptions(); - expectManagementTableRules([`${RULE_NAME} [Duplicate]`]); - goToRuleDetailsOf(`${RULE_NAME} [Duplicate]`); - goToExceptionsTab(); - assertExceptionItemsExists(EXCEPTION_CARD_ITEM_NAME, [NON_EXPIRED_EXCEPTION_ITEM_NAME]); - viewExpiredExceptionItems(); - assertNumberOfExceptionItemsExists(0); - }); + it('Duplicates rules with exceptions, excluding expired exceptions', () => { + selectAllRules(); + duplicateSelectedRulesWithNonExpiredExceptions(); + expectManagementTableRules([`${RULE_NAME} [Duplicate]`]); + goToRuleDetailsOf(`${RULE_NAME} [Duplicate]`); + goToExceptionsTab(); + assertExceptionItemsExists(EXCEPTION_CARD_ITEM_NAME, [NON_EXPIRED_EXCEPTION_ITEM_NAME]); + viewExpiredExceptionItems(); + assertNumberOfExceptionItemsExists(0); }); - } -); + }); +}); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts index 8d551b655fca4..74448f32dcf5e 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts @@ -117,563 +117,558 @@ const defaultRuleData = { timeline_id: '495ad7a7-316e-4544-8a0f-9c098daee76e', }; -// TODO: https://github.com/elastic/kibana/issues/161540 -describe( - 'Detection rules, bulk edit', - { tags: ['@ess', '@serverless', '@brokenInServerless'] }, - () => { - before(() => { - cleanKibana(); - }); - beforeEach(() => { - login(); - // Make sure persisted rules table state is cleared - resetRulesTableState(); - deleteAlertsAndRules(); - preventPrebuiltRulesPackageInstallation(); // Make sure prebuilt rules aren't pulled from Fleet API - cy.task('esArchiverResetKibana'); - createRule(getNewRule({ name: RULE_NAME, ...defaultRuleData, rule_id: '1', enabled: false })); - createRule( - getEqlRule({ ...defaultRuleData, rule_id: '2', name: 'New EQL Rule', enabled: false }) - ); - createRule( - getMachineLearningRule({ - name: 'New ML Rule Test', - tags: ['test-default-tag-1', 'test-default-tag-2'], - enabled: false, - }) - ); - createRule( - getNewThreatIndicatorRule({ - ...defaultRuleData, - rule_id: '4', - name: 'Threat Indicator Rule Test', - enabled: false, - }) - ); - createRule( - getNewThresholdRule({ - ...defaultRuleData, - rule_id: '5', - name: 'Threshold Rule', - enabled: false, - }) - ); - createRule( - getNewTermsRule({ - ...defaultRuleData, - rule_id: '6', - name: 'New Terms Rule', - enabled: false, - }) - ); - - visitRulesManagementTable(); - disableAutoRefresh(); - }); - - describe('Prerequisites', () => { - const PREBUILT_RULES = [ - createRuleAssetSavedObject({ - name: 'Prebuilt rule 1', - rule_id: 'rule_1', - }), - createRuleAssetSavedObject({ - name: 'Prebuilt rule 2', - rule_id: 'rule_2', - }), - ]; - - it('No rules selected', () => { - openBulkActionsMenu(); - - // when no rule selected all bulk edit options should be disabled - cy.get(TAGS_RULE_BULK_MENU_ITEM).should('be.disabled'); - cy.get(INDEX_PATTERNS_RULE_BULK_MENU_ITEM).should('be.disabled'); - cy.get(APPLY_TIMELINE_RULE_BULK_MENU_ITEM).should('be.disabled'); - }); - - it('Only prebuilt rules selected', () => { - createAndInstallMockedPrebuiltRules(PREBUILT_RULES); - - // select Elastic(prebuilt) rules, check if we can't proceed further, as Elastic rules are not editable - filterByElasticRules(); - selectAllRulesOnPage(); - clickApplyTimelineTemplatesMenuItem(); - - getRulesManagementTableRows().then((rows) => { - // check modal window for Elastic rule that can't be edited - checkPrebuiltRulesCannotBeModified(rows.length); - - // the confirm button closes modal - cy.get(MODAL_CONFIRMATION_BTN).should('have.text', 'Close').click(); - cy.get(MODAL_CONFIRMATION_BODY).should('not.exist'); - }); - }); +describe('Detection rules, bulk edit', { tags: ['@ess', '@serverless'] }, () => { + before(() => { + cleanKibana(); + }); + beforeEach(() => { + login(); + // Make sure persisted rules table state is cleared + resetRulesTableState(); + deleteAlertsAndRules(); + preventPrebuiltRulesPackageInstallation(); // Make sure prebuilt rules aren't pulled from Fleet API + cy.task('esArchiverResetKibana'); + createRule(getNewRule({ name: RULE_NAME, ...defaultRuleData, rule_id: '1', enabled: false })); + createRule( + getEqlRule({ ...defaultRuleData, rule_id: '2', name: 'New EQL Rule', enabled: false }) + ); + createRule( + getMachineLearningRule({ + name: 'New ML Rule Test', + tags: ['test-default-tag-1', 'test-default-tag-2'], + enabled: false, + }) + ); + createRule( + getNewThreatIndicatorRule({ + ...defaultRuleData, + rule_id: '4', + name: 'Threat Indicator Rule Test', + enabled: false, + }) + ); + createRule( + getNewThresholdRule({ + ...defaultRuleData, + rule_id: '5', + name: 'Threshold Rule', + enabled: false, + }) + ); + createRule( + getNewTermsRule({ + ...defaultRuleData, + rule_id: '6', + name: 'New Terms Rule', + enabled: false, + }) + ); - it('Prebuilt and custom rules selected: user proceeds with custom rules editing', () => { - getRulesManagementTableRows().then((existedRulesRows) => { - createAndInstallMockedPrebuiltRules(PREBUILT_RULES); + visitRulesManagementTable(); + disableAutoRefresh(); + }); - // modal window should show how many rules can be edit, how many not - selectAllRules(); - clickAddTagsMenuItem(); + describe('Prerequisites', () => { + const PREBUILT_RULES = [ + createRuleAssetSavedObject({ + name: 'Prebuilt rule 1', + rule_id: 'rule_1', + }), + createRuleAssetSavedObject({ + name: 'Prebuilt rule 2', + rule_id: 'rule_2', + }), + ]; + + it('No rules selected', () => { + openBulkActionsMenu(); + + // when no rule selected all bulk edit options should be disabled + cy.get(TAGS_RULE_BULK_MENU_ITEM).should('be.disabled'); + cy.get(INDEX_PATTERNS_RULE_BULK_MENU_ITEM).should('be.disabled'); + cy.get(APPLY_TIMELINE_RULE_BULK_MENU_ITEM).should('be.disabled'); + }); - waitForMixedRulesBulkEditModal(existedRulesRows.length); + it('Only prebuilt rules selected', () => { + createAndInstallMockedPrebuiltRules(PREBUILT_RULES); - getAvailablePrebuiltRulesCount().then((availablePrebuiltRulesCount) => { - checkPrebuiltRulesCannotBeModified(availablePrebuiltRulesCount); - }); + // select Elastic(prebuilt) rules, check if we can't proceed further, as Elastic rules are not editable + filterByElasticRules(); + selectAllRulesOnPage(); + clickApplyTimelineTemplatesMenuItem(); - // user can proceed with custom rule editing - cy.get(MODAL_CONFIRMATION_BTN) - .should('have.text', `Edit ${existedRulesRows.length} custom rules`) - .click(); + getRulesManagementTableRows().then((rows) => { + // check modal window for Elastic rule that can't be edited + checkPrebuiltRulesCannotBeModified(rows.length); - // action should finish - typeTags(['test-tag']); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: existedRulesRows.length }); - }); + // the confirm button closes modal + cy.get(MODAL_CONFIRMATION_BTN).should('have.text', 'Close').click(); + cy.get(MODAL_CONFIRMATION_BODY).should('not.exist'); }); + }); - it('Prebuilt and custom rules selected: user cancels action', () => { + it('Prebuilt and custom rules selected: user proceeds with custom rules editing', () => { + getRulesManagementTableRows().then((existedRulesRows) => { createAndInstallMockedPrebuiltRules(PREBUILT_RULES); - getRulesManagementTableRows().then((rows) => { - // modal window should show how many rules can be edit, how many not - selectAllRules(); - clickAddTagsMenuItem(); - waitForMixedRulesBulkEditModal(rows.length); + // modal window should show how many rules can be edit, how many not + selectAllRules(); + clickAddTagsMenuItem(); - checkPrebuiltRulesCannotBeModified(PREBUILT_RULES.length); + waitForMixedRulesBulkEditModal(existedRulesRows.length); - // user cancels action and modal disappears - cancelConfirmationModal(); + getAvailablePrebuiltRulesCount().then((availablePrebuiltRulesCount) => { + checkPrebuiltRulesCannotBeModified(availablePrebuiltRulesCount); }); - }); - it('should not lose rules selection after edit action', () => { - const rulesToUpdate = [RULE_NAME, 'New EQL Rule', 'New Terms Rule'] as const; - // Switch to 5 rules per page, to have few pages in pagination(ideal way to test auto refresh and selection of few items) - setRowsPerPageTo(5); - // and make the rules order isn't changing (set sorting by rule name) over time if rules are run - sortByTableColumn('Rule'); - selectRulesByName(rulesToUpdate); + // user can proceed with custom rule editing + cy.get(MODAL_CONFIRMATION_BTN) + .should('have.text', `Edit ${existedRulesRows.length} custom rules`) + .click(); - // open add tags form and add 2 new tags - openBulkEditAddTagsForm(); - typeTags(['new-tag-1']); + // action should finish + typeTags(['test-tag']); submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rulesToUpdate.length }); - - testMultipleSelectedRulesLabel(rulesToUpdate.length); - // check if first four(rulesCount) rules still selected and tags are updated - for (const ruleName of rulesToUpdate) { - getRuleRow(ruleName).find(EUI_CHECKBOX).should('be.checked'); - getRuleRow(ruleName) - .find(RULES_TAGS_POPOVER_BTN) - .each(($el) => { - testTagsBadge($el, prePopulatedTags.concat(['new-tag-1'])); - }); - } + waitForBulkEditActionToFinish({ updatedCount: existedRulesRows.length }); }); }); - describe('Tags actions', () => { - it('Display list of tags in tags select', () => { + it('Prebuilt and custom rules selected: user cancels action', () => { + createAndInstallMockedPrebuiltRules(PREBUILT_RULES); + + getRulesManagementTableRows().then((rows) => { + // modal window should show how many rules can be edit, how many not selectAllRules(); + clickAddTagsMenuItem(); + waitForMixedRulesBulkEditModal(rows.length); - openBulkEditAddTagsForm(); - openTagsSelect(); + checkPrebuiltRulesCannotBeModified(PREBUILT_RULES.length); - cy.get(EUI_FILTER_SELECT_ITEM) - .should('have.length', prePopulatedTags.length) - .each(($el, index) => { - cy.wrap($el).should('have.text', prePopulatedTags[index]); - }); + // user cancels action and modal disappears + cancelConfirmationModal(); }); + }); - it('Add tags to custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const tagsToBeAdded = ['tag-to-add-1', 'tag-to-add-2']; - const resultingTags = [...prePopulatedTags, ...tagsToBeAdded]; - - // check if only pre-populated tags exist in the tags filter - checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); - - selectAllRules(); + it('should not lose rules selection after edit action', () => { + const rulesToUpdate = [RULE_NAME, 'New EQL Rule', 'New Terms Rule'] as const; + // Switch to 5 rules per page, to have few pages in pagination(ideal way to test auto refresh and selection of few items) + setRowsPerPageTo(5); + // and make the rules order isn't changing (set sorting by rule name) over time if rules are run + sortByTableColumn('Rule'); + selectRulesByName(rulesToUpdate); + + // open add tags form and add 2 new tags + openBulkEditAddTagsForm(); + typeTags(['new-tag-1']); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rulesToUpdate.length }); + + testMultipleSelectedRulesLabel(rulesToUpdate.length); + // check if first four(rulesCount) rules still selected and tags are updated + for (const ruleName of rulesToUpdate) { + getRuleRow(ruleName).find(EUI_CHECKBOX).should('be.checked'); + getRuleRow(ruleName) + .find(RULES_TAGS_POPOVER_BTN) + .each(($el) => { + testTagsBadge($el, prePopulatedTags.concat(['new-tag-1'])); + }); + } + }); + }); - // open add tags form and add 2 new tags - openBulkEditAddTagsForm(); - typeTags(tagsToBeAdded); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + describe('Tags actions', () => { + it('Display list of tags in tags select', () => { + selectAllRules(); - // check if all rules have been updated with new tags - testAllTagsBadges(resultingTags); + openBulkEditAddTagsForm(); + openTagsSelect(); - // check that new tags were added to tags filter - // tags in tags filter sorted alphabetically - const resultingTagsInFilter = [...resultingTags].sort(); - checkTagsInTagsFilter(resultingTagsInFilter, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + cy.get(EUI_FILTER_SELECT_ITEM) + .should('have.length', prePopulatedTags.length) + .each(($el, index) => { + cy.wrap($el).should('have.text', prePopulatedTags[index]); }); - }); + }); - it('Display success toast after adding tags', () => { - getRulesManagementTableRows().then((rows) => { - const tagsToBeAdded = ['tag-to-add-1', 'tag-to-add-2']; + it('Add tags to custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const tagsToBeAdded = ['tag-to-add-1', 'tag-to-add-2']; + const resultingTags = [...prePopulatedTags, ...tagsToBeAdded]; - // check if only pre-populated tags exist in the tags filter - checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + // check if only pre-populated tags exist in the tags filter + checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); - selectAllRules(); + selectAllRules(); - // open add tags form and add 2 new tags - openBulkEditAddTagsForm(); - typeTags(tagsToBeAdded); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); - }); - }); + // open add tags form and add 2 new tags + openBulkEditAddTagsForm(); + typeTags(tagsToBeAdded); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - it('Overwrite tags in custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const tagsToOverwrite = ['overwrite-tag-1']; + // check if all rules have been updated with new tags + testAllTagsBadges(resultingTags); - // check if only pre-populated tags exist in the tags filter - checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + // check that new tags were added to tags filter + // tags in tags filter sorted alphabetically + const resultingTagsInFilter = [...resultingTags].sort(); + checkTagsInTagsFilter(resultingTagsInFilter, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + }); + }); - selectAllRules(); + it('Display success toast after adding tags', () => { + getRulesManagementTableRows().then((rows) => { + const tagsToBeAdded = ['tag-to-add-1', 'tag-to-add-2']; - // open add tags form, check overwrite tags and warning message, type tags - openBulkEditAddTagsForm(); - checkOverwriteTagsCheckbox(); + // check if only pre-populated tags exist in the tags filter + checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); - cy.get(RULES_BULK_EDIT_TAGS_WARNING).should( - 'have.text', - `You’re about to overwrite tags for ${rows.length} selected rules, press Save to apply changes.` - ); + selectAllRules(); - typeTags(tagsToOverwrite); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + // open add tags form and add 2 new tags + openBulkEditAddTagsForm(); + typeTags(tagsToBeAdded); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); + }); + }); - // check if all rules have been updated with new tags - testAllTagsBadges(tagsToOverwrite); + it('Overwrite tags in custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const tagsToOverwrite = ['overwrite-tag-1']; - // check that only new tags are in the tag filter - checkTagsInTagsFilter(tagsToOverwrite, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); - }); - }); + // check if only pre-populated tags exist in the tags filter + checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); - it('Delete tags from custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const tagsToDelete = prePopulatedTags.slice(0, 1); - const resultingTags = prePopulatedTags.slice(1); + selectAllRules(); - // check if only pre-populated tags exist in the tags filter - checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + // open add tags form, check overwrite tags and warning message, type tags + openBulkEditAddTagsForm(); + checkOverwriteTagsCheckbox(); - selectAllRules(); + cy.get(RULES_BULK_EDIT_TAGS_WARNING).should( + 'have.text', + `You’re about to overwrite tags for ${rows.length} selected rules, press Save to apply changes.` + ); - // open add tags form, check overwrite tags, type tags - openBulkEditDeleteTagsForm(); - typeTags(tagsToDelete); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + typeTags(tagsToOverwrite); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - // check tags has been removed from all rules - testAllTagsBadges(resultingTags); + // check if all rules have been updated with new tags + testAllTagsBadges(tagsToOverwrite); - // check that tags were removed from the tag filter - checkTagsInTagsFilter(resultingTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); - }); + // check that only new tags are in the tag filter + checkTagsInTagsFilter(tagsToOverwrite, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); }); }); - describe('Index patterns', () => { - it('Index pattern action applied to custom rules, including machine learning: user proceeds with edit of custom non machine learning rule', () => { - getRulesManagementTableRows().then((rows) => { - const indexPattersToBeAdded = ['index-to-add-1-*', 'index-to-add-2-*']; - const resultingIndexPatterns = [...prePopulatedIndexPatterns, ...indexPattersToBeAdded]; + it('Delete tags from custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const tagsToDelete = prePopulatedTags.slice(0, 1); + const resultingTags = prePopulatedTags.slice(1); - selectAllRules(); - clickAddIndexPatternsMenuItem(); + // check if only pre-populated tags exist in the tags filter + checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); - // confirm editing custom rules, that are not Machine Learning - checkMachineLearningRulesCannotBeModified(expectedNumberOfMachineLearningRulesToBeEdited); - cy.get(MODAL_CONFIRMATION_BTN).click(); + selectAllRules(); - typeIndexPatterns(indexPattersToBeAdded); - submitBulkEditForm(); + // open add tags form, check overwrite tags, type tags + openBulkEditDeleteTagsForm(); + typeTags(tagsToDelete); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - waitForBulkEditActionToFinish({ - updatedCount: rows.length - expectedNumberOfMachineLearningRulesToBeEdited, - }); + // check tags has been removed from all rules + testAllTagsBadges(resultingTags); - // check if rule has been updated - goToRuleDetailsOf(RULE_NAME); - hasIndexPatterns(resultingIndexPatterns.join('')); - }); + // check that tags were removed from the tag filter + checkTagsInTagsFilter(resultingTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); }); + }); + }); + + describe('Index patterns', () => { + it('Index pattern action applied to custom rules, including machine learning: user proceeds with edit of custom non machine learning rule', () => { + getRulesManagementTableRows().then((rows) => { + const indexPattersToBeAdded = ['index-to-add-1-*', 'index-to-add-2-*']; + const resultingIndexPatterns = [...prePopulatedIndexPatterns, ...indexPattersToBeAdded]; - it('Index pattern action applied to custom rules, including machine learning: user cancels action', () => { selectAllRules(); clickAddIndexPatternsMenuItem(); // confirm editing custom rules, that are not Machine Learning checkMachineLearningRulesCannotBeModified(expectedNumberOfMachineLearningRulesToBeEdited); + cy.get(MODAL_CONFIRMATION_BTN).click(); - // user cancels action and modal disappears - cancelConfirmationModal(); - }); - - it('Add index patterns to custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const indexPattersToBeAdded = ['index-to-add-1-*', 'index-to-add-2-*']; - const resultingIndexPatterns = [...prePopulatedIndexPatterns, ...indexPattersToBeAdded]; - - // select only rules that are not ML - selectRulesByName([ - RULE_NAME, - 'New EQL Rule', - 'Threat Indicator Rule Test', - 'Threshold Rule', - 'New Terms Rule', - ]); - - openBulkEditAddIndexPatternsForm(); - typeIndexPatterns(indexPattersToBeAdded); - submitBulkEditForm(); - - waitForBulkEditActionToFinish({ - updatedCount: rows.length - expectedNumberOfMachineLearningRulesToBeEdited, - }); + typeIndexPatterns(indexPattersToBeAdded); + submitBulkEditForm(); - // check if rule has been updated - goToRuleDetailsOf(RULE_NAME); - hasIndexPatterns(resultingIndexPatterns.join('')); + waitForBulkEditActionToFinish({ + updatedCount: rows.length - expectedNumberOfMachineLearningRulesToBeEdited, }); - }); - it('Display success toast after editing the index pattern', () => { - getRulesManagementTableRows().then((rows) => { - const indexPattersToBeAdded = ['index-to-add-1-*', 'index-to-add-2-*']; - - // select only rules that are not ML - selectRulesByName([ - RULE_NAME, - 'New EQL Rule', - 'Threat Indicator Rule Test', - 'Threshold Rule', - 'New Terms Rule', - ]); - - openBulkEditAddIndexPatternsForm(); - typeIndexPatterns(indexPattersToBeAdded); - submitBulkEditForm(); - - waitForBulkEditActionToFinish({ - updatedCount: rows.length - expectedNumberOfMachineLearningRulesToBeEdited, - }); - }); + // check if rule has been updated + goToRuleDetailsOf(RULE_NAME); + hasIndexPatterns(resultingIndexPatterns.join('')); }); + }); + + it('Index pattern action applied to custom rules, including machine learning: user cancels action', () => { + selectAllRules(); + clickAddIndexPatternsMenuItem(); + + // confirm editing custom rules, that are not Machine Learning + checkMachineLearningRulesCannotBeModified(expectedNumberOfMachineLearningRulesToBeEdited); + + // user cancels action and modal disappears + cancelConfirmationModal(); + }); - it('Overwrite index patterns in custom rules', () => { - const rulesToSelect = [ + it('Add index patterns to custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const indexPattersToBeAdded = ['index-to-add-1-*', 'index-to-add-2-*']; + const resultingIndexPatterns = [...prePopulatedIndexPatterns, ...indexPattersToBeAdded]; + + // select only rules that are not ML + selectRulesByName([ RULE_NAME, 'New EQL Rule', 'Threat Indicator Rule Test', 'Threshold Rule', 'New Terms Rule', - ] as const; - const indexPattersToWrite = ['index-to-write-1-*', 'index-to-write-2-*']; - - // select only rules that are not ML - selectRulesByName(rulesToSelect); + ]); openBulkEditAddIndexPatternsForm(); - - // check overwrite index patterns checkbox, ensure warning message is displayed and type index patterns - checkOverwriteIndexPatternsCheckbox(); - cy.get(RULES_BULK_EDIT_INDEX_PATTERNS_WARNING).should( - 'have.text', - `You’re about to overwrite index patterns for ${rulesToSelect.length} selected rules, press Save to apply changes.` - ); - - typeIndexPatterns(indexPattersToWrite); + typeIndexPatterns(indexPattersToBeAdded); submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rulesToSelect.length }); + waitForBulkEditActionToFinish({ + updatedCount: rows.length - expectedNumberOfMachineLearningRulesToBeEdited, + }); // check if rule has been updated goToRuleDetailsOf(RULE_NAME); - hasIndexPatterns(indexPattersToWrite.join('')); + hasIndexPatterns(resultingIndexPatterns.join('')); }); + }); + + it('Display success toast after editing the index pattern', () => { + getRulesManagementTableRows().then((rows) => { + const indexPattersToBeAdded = ['index-to-add-1-*', 'index-to-add-2-*']; - it('Delete index patterns from custom rules', () => { - const rulesToSelect = [ + // select only rules that are not ML + selectRulesByName([ RULE_NAME, 'New EQL Rule', 'Threat Indicator Rule Test', 'Threshold Rule', 'New Terms Rule', - ] as const; - const indexPatternsToDelete = prePopulatedIndexPatterns.slice(0, 1); - const resultingIndexPatterns = prePopulatedIndexPatterns.slice(1); - - // select only not ML rules - selectRulesByName(rulesToSelect); + ]); - openBulkEditDeleteIndexPatternsForm(); - typeIndexPatterns(indexPatternsToDelete); + openBulkEditAddIndexPatternsForm(); + typeIndexPatterns(indexPattersToBeAdded); submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rulesToSelect.length }); - - // check if rule has been updated - goToRuleDetailsOf(RULE_NAME); - hasIndexPatterns(resultingIndexPatterns.join('')); + waitForBulkEditActionToFinish({ + updatedCount: rows.length - expectedNumberOfMachineLearningRulesToBeEdited, + }); }); + }); - it('Delete all index patterns from custom rules', () => { - const rulesToSelect = [ - RULE_NAME, - 'New EQL Rule', - 'Threat Indicator Rule Test', - 'Threshold Rule', - 'New Terms Rule', - ] as const; + it('Overwrite index patterns in custom rules', () => { + const rulesToSelect = [ + RULE_NAME, + 'New EQL Rule', + 'Threat Indicator Rule Test', + 'Threshold Rule', + 'New Terms Rule', + ] as const; + const indexPattersToWrite = ['index-to-write-1-*', 'index-to-write-2-*']; + + // select only rules that are not ML + selectRulesByName(rulesToSelect); + + openBulkEditAddIndexPatternsForm(); + + // check overwrite index patterns checkbox, ensure warning message is displayed and type index patterns + checkOverwriteIndexPatternsCheckbox(); + cy.get(RULES_BULK_EDIT_INDEX_PATTERNS_WARNING).should( + 'have.text', + `You’re about to overwrite index patterns for ${rulesToSelect.length} selected rules, press Save to apply changes.` + ); - // select only rules that are not ML - selectRulesByName(rulesToSelect); + typeIndexPatterns(indexPattersToWrite); + submitBulkEditForm(); - openBulkEditDeleteIndexPatternsForm(); - typeIndexPatterns(prePopulatedIndexPatterns); - submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rulesToSelect.length }); - // error toast should be displayed that that rules edit failed - waitForBulkEditActionToFinish({ failedCount: rulesToSelect.length }); + // check if rule has been updated + goToRuleDetailsOf(RULE_NAME); + hasIndexPatterns(indexPattersToWrite.join('')); + }); - // on error toast button click display error that index patterns can't be empty - clickErrorToastBtn(); - cy.contains(MODAL_ERROR_BODY, "Index patterns can't be empty"); - }); + it('Delete index patterns from custom rules', () => { + const rulesToSelect = [ + RULE_NAME, + 'New EQL Rule', + 'Threat Indicator Rule Test', + 'Threshold Rule', + 'New Terms Rule', + ] as const; + const indexPatternsToDelete = prePopulatedIndexPatterns.slice(0, 1); + const resultingIndexPatterns = prePopulatedIndexPatterns.slice(1); + + // select only not ML rules + selectRulesByName(rulesToSelect); + + openBulkEditDeleteIndexPatternsForm(); + typeIndexPatterns(indexPatternsToDelete); + submitBulkEditForm(); + + waitForBulkEditActionToFinish({ updatedCount: rulesToSelect.length }); + + // check if rule has been updated + goToRuleDetailsOf(RULE_NAME); + hasIndexPatterns(resultingIndexPatterns.join('')); }); - describe('Timeline templates', () => { - beforeEach(() => { - loadPrepackagedTimelineTemplates(); - }); + it('Delete all index patterns from custom rules', () => { + const rulesToSelect = [ + RULE_NAME, + 'New EQL Rule', + 'Threat Indicator Rule Test', + 'Threshold Rule', + 'New Terms Rule', + ] as const; - it('Apply timeline template to custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const timelineTemplateName = 'Generic Endpoint Timeline'; + // select only rules that are not ML + selectRulesByName(rulesToSelect); - selectAllRules(); + openBulkEditDeleteIndexPatternsForm(); + typeIndexPatterns(prePopulatedIndexPatterns); + submitBulkEditForm(); - // open Timeline template form, check warning, select timeline template - clickApplyTimelineTemplatesMenuItem(); - cy.get(RULES_BULK_EDIT_TIMELINE_TEMPLATES_WARNING).contains( - `You're about to apply changes to ${rows.length} selected rules. If you previously applied Timeline templates to these rules, they will be overwritten or (if you select 'None') reset to none.` - ); - selectTimelineTemplate(timelineTemplateName); + // error toast should be displayed that that rules edit failed + waitForBulkEditActionToFinish({ failedCount: rulesToSelect.length }); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + // on error toast button click display error that index patterns can't be empty + clickErrorToastBtn(); + cy.contains(MODAL_ERROR_BODY, "Index patterns can't be empty"); + }); + }); - // check if timeline template has been updated to selected one - goToRuleDetailsOf(RULE_NAME); - getDetails(TIMELINE_TEMPLATE_DETAILS).should('have.text', timelineTemplateName); - }); + describe('Timeline templates', () => { + beforeEach(() => { + loadPrepackagedTimelineTemplates(); + }); + + it('Apply timeline template to custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const timelineTemplateName = 'Generic Endpoint Timeline'; + + selectAllRules(); + + // open Timeline template form, check warning, select timeline template + clickApplyTimelineTemplatesMenuItem(); + cy.get(RULES_BULK_EDIT_TIMELINE_TEMPLATES_WARNING).contains( + `You're about to apply changes to ${rows.length} selected rules. If you previously applied Timeline templates to these rules, they will be overwritten or (if you select 'None') reset to none.` + ); + selectTimelineTemplate(timelineTemplateName); + + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); + + // check if timeline template has been updated to selected one + goToRuleDetailsOf(RULE_NAME); + getDetails(TIMELINE_TEMPLATE_DETAILS).should('have.text', timelineTemplateName); }); + }); - it('Reset timeline template to None for custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const noneTimelineTemplate = 'None'; + it('Reset timeline template to None for custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const noneTimelineTemplate = 'None'; - selectAllRules(); + selectAllRules(); - // open Timeline template form, submit form without picking timeline template as None is selected by default - clickApplyTimelineTemplatesMenuItem(); + // open Timeline template form, submit form without picking timeline template as None is selected by default + clickApplyTimelineTemplatesMenuItem(); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - // check if timeline template has been updated to selected one, by opening rule that have had timeline prior to editing - goToRuleDetailsOf(RULE_NAME); - getDetails(TIMELINE_TEMPLATE_DETAILS).should('have.text', noneTimelineTemplate); - }); + // check if timeline template has been updated to selected one, by opening rule that have had timeline prior to editing + goToRuleDetailsOf(RULE_NAME); + getDetails(TIMELINE_TEMPLATE_DETAILS).should('have.text', noneTimelineTemplate); }); }); + }); - describe('Schedule', () => { - it('Default values are applied to bulk edit schedule fields', () => { - getRulesManagementTableRows().then((rows) => { - selectAllRules(); - clickUpdateScheduleMenuItem(); + describe('Schedule', () => { + it('Default values are applied to bulk edit schedule fields', () => { + getRulesManagementTableRows().then((rows) => { + selectAllRules(); + clickUpdateScheduleMenuItem(); - assertUpdateScheduleWarningExists(rows.length); + assertUpdateScheduleWarningExists(rows.length); - assertDefaultValuesAreAppliedToScheduleFields({ - interval: 5, - lookback: 1, - }); + assertDefaultValuesAreAppliedToScheduleFields({ + interval: 5, + lookback: 1, }); }); + }); - it('Updates schedule for custom rules', () => { - getRulesManagementTableRows().then((rows) => { - selectAllRules(); - clickUpdateScheduleMenuItem(); + it('Updates schedule for custom rules', () => { + getRulesManagementTableRows().then((rows) => { + selectAllRules(); + clickUpdateScheduleMenuItem(); - assertUpdateScheduleWarningExists(rows.length); + assertUpdateScheduleWarningExists(rows.length); - typeScheduleInterval('20'); - setScheduleIntervalTimeUnit('Hours'); + typeScheduleInterval('20'); + setScheduleIntervalTimeUnit('Hours'); - typeScheduleLookback('10'); - setScheduleLookbackTimeUnit('Minutes'); + typeScheduleLookback('10'); + setScheduleLookbackTimeUnit('Minutes'); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - goToRuleDetailsOf(RULE_NAME); + goToRuleDetailsOf(RULE_NAME); - assertRuleScheduleValues({ - interval: '20h', - lookback: '10m', - }); + assertRuleScheduleValues({ + interval: '20h', + lookback: '10m', }); }); + }); - it('Validates invalid inputs when scheduling for custom rules', () => { - getRulesManagementTableRows().then((rows) => { - selectAllRules(); - clickUpdateScheduleMenuItem(); + it('Validates invalid inputs when scheduling for custom rules', () => { + getRulesManagementTableRows().then((rows) => { + selectAllRules(); + clickUpdateScheduleMenuItem(); - // Validate invalid values are corrected to minimumValue - for 0 and negative values - typeScheduleInterval('0'); - setScheduleIntervalTimeUnit('Hours'); + // Validate invalid values are corrected to minimumValue - for 0 and negative values + typeScheduleInterval('0'); + setScheduleIntervalTimeUnit('Hours'); - typeScheduleLookback('-5'); - setScheduleLookbackTimeUnit('Seconds'); + typeScheduleLookback('-5'); + setScheduleLookbackTimeUnit('Seconds'); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - goToRuleDetailsOf(RULE_NAME); + goToRuleDetailsOf(RULE_NAME); - assertRuleScheduleValues({ - interval: '1h', - lookback: '1s', - }); + assertRuleScheduleValues({ + interval: '1h', + lookback: '1s', }); }); }); - } -); + }); +}); // ES|QL rule type is supported only in ESS environment // Adding 2 use cases only for this rule type, while it is disabled on serverless diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_actions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_actions.cy.ts index 1d59135012a9d..48acff836f0a4 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_actions.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_actions.cy.ts @@ -74,82 +74,79 @@ const ruleNameToAssert = 'Custom rule name with actions'; const expectedExistingSlackMessage = 'Existing slack action'; const expectedSlackMessage = 'Slack action test message'; -// TODO: https://github.com/elastic/kibana/issues/161540 -describe( - 'Detection rules, bulk edit of rule actions', - { tags: ['@ess', '@serverless', '@brokenInServerless'] }, - () => { - beforeEach(() => { - cleanKibana(); - login(); - deleteAlertsAndRules(); - deleteConnectors(); - cy.task('esArchiverResetKibana'); - - createSlackConnector().then(({ body }) => { - const actions: RuleActionArray = [ - { - id: body.id, - action_type_id: '.slack', - group: 'default', - params: { - message: expectedExistingSlackMessage, - }, - frequency: { - summary: true, - throttle: null, - notifyWhen: 'onActiveAlert', - }, +describe('Detection rules, bulk edit of rule actions', { tags: ['@ess', '@serverless'] }, () => { + beforeEach(() => { + cleanKibana(); + login(); + deleteAlertsAndRules(); + deleteConnectors(); + cy.task('esArchiverResetKibana'); + + createSlackConnector().then(({ body }) => { + const actions: RuleActionArray = [ + { + id: body.id, + action_type_id: '.slack', + group: 'default', + params: { + message: expectedExistingSlackMessage, }, - ]; - - createRule( - getNewRule({ - rule_id: '1', - name: ruleNameToAssert, - max_signals: 500, - actions, - enabled: false, - }) - ); - }); + frequency: { + summary: true, + throttle: null, + notifyWhen: 'onActiveAlert', + }, + }, + ]; - createRule(getEqlRule({ rule_id: '2', name: 'New EQL Rule', enabled: false })); createRule( - getMachineLearningRule({ rule_id: '3', name: 'New ML Rule Test', enabled: false }) - ); - createRule( - getNewThreatIndicatorRule({ - rule_id: '4', - name: 'Threat Indicator Rule Test', + getNewRule({ + rule_id: '1', + name: ruleNameToAssert, + max_signals: 500, + actions, enabled: false, }) ); - createRule(getNewThresholdRule({ rule_id: '5', name: 'Threshold Rule', enabled: false })); - createRule(getNewTermsRule({ rule_id: '6', name: 'New Terms Rule', enabled: false })); - createRule( - getNewRule({ saved_id: 'mocked', rule_id: '7', name: 'New Rule Test', enabled: false }) - ); - - createSlackConnector(); - - // Prevent prebuilt rules package installation and mock two prebuilt rules - preventPrebuiltRulesPackageInstallation(); - - const RULE_1 = createRuleAssetSavedObject({ - name: 'Test rule 1', - rule_id: 'rule_1', - }); - const RULE_2 = createRuleAssetSavedObject({ - name: 'Test rule 2', - rule_id: 'rule_2', - }); + }); - createAndInstallMockedPrebuiltRules([RULE_1, RULE_2]); + createRule(getEqlRule({ rule_id: '2', name: 'New EQL Rule', enabled: false })); + createRule(getMachineLearningRule({ rule_id: '3', name: 'New ML Rule Test', enabled: false })); + createRule( + getNewThreatIndicatorRule({ + rule_id: '4', + name: 'Threat Indicator Rule Test', + enabled: false, + }) + ); + createRule(getNewThresholdRule({ rule_id: '5', name: 'Threshold Rule', enabled: false })); + createRule(getNewTermsRule({ rule_id: '6', name: 'New Terms Rule', enabled: false })); + createRule( + getNewRule({ saved_id: 'mocked', rule_id: '7', name: 'New Rule Test', enabled: false }) + ); + + createSlackConnector(); + + // Prevent prebuilt rules package installation and mock two prebuilt rules + preventPrebuiltRulesPackageInstallation(); + + const RULE_1 = createRuleAssetSavedObject({ + name: 'Test rule 1', + rule_id: 'rule_1', }); + const RULE_2 = createRuleAssetSavedObject({ + name: 'Test rule 2', + rule_id: 'rule_2', + }); + + createAndInstallMockedPrebuiltRules([RULE_1, RULE_2]); + }); - context('Restricted action privileges', () => { - it("User with no privileges can't add rule actions", () => { + context('Restricted action privileges', () => { + it( + "User with no privileges can't add rule actions", + { tags: ['@ess', '@skipInServerless'] }, + () => { login(ROLES.hunter_no_actions); visitRulesManagementTable(ROLES.hunter_no_actions); @@ -171,129 +168,129 @@ describe( openBulkActionsMenu(); cy.get(ADD_RULE_ACTIONS_MENU_ITEM).should('be.disabled'); - }); - }); + } + ); + }); - context('All actions privileges', () => { - beforeEach(() => { - login(); - visitRulesManagementTable(); - disableAutoRefresh(); - - expectManagementTableRules([ - ruleNameToAssert, - 'New EQL Rule', - 'New ML Rule Test', - 'Threat Indicator Rule Test', - 'Threshold Rule', - 'New Terms Rule', - 'New Rule Test', - 'Test rule 1', - 'Test rule 2', - ]); - }); + context('All actions privileges', () => { + beforeEach(() => { + login(); + visitRulesManagementTable(); + disableAutoRefresh(); + + expectManagementTableRules([ + ruleNameToAssert, + 'New EQL Rule', + 'New ML Rule Test', + 'Threat Indicator Rule Test', + 'Threshold Rule', + 'New Terms Rule', + 'New Rule Test', + 'Test rule 1', + 'Test rule 2', + ]); + }); - it('Add a rule action to rules (existing connector)', () => { - const expectedActionFrequency: RuleActionCustomFrequency = { - throttle: 1, - throttleUnit: 'd', - }; + it('Add a rule action to rules (existing connector)', () => { + const expectedActionFrequency: RuleActionCustomFrequency = { + throttle: 1, + throttleUnit: 'd', + }; - excessivelyInstallAllPrebuiltRules(); + excessivelyInstallAllPrebuiltRules(); - getRulesManagementTableRows().then((rows) => { - // select both custom and prebuilt rules - selectAllRules(); - openBulkEditRuleActionsForm(); + getRulesManagementTableRows().then((rows) => { + // select both custom and prebuilt rules + selectAllRules(); + openBulkEditRuleActionsForm(); - // ensure rule actions info callout displayed on the form - cy.get(RULES_BULK_EDIT_ACTIONS_INFO).should('be.visible'); + // ensure rule actions info callout displayed on the form + cy.get(RULES_BULK_EDIT_ACTIONS_INFO).should('be.visible'); - addSlackRuleAction(expectedSlackMessage); - pickSummaryOfAlertsOption(); - pickCustomFrequencyOption(expectedActionFrequency); + addSlackRuleAction(expectedSlackMessage); + pickSummaryOfAlertsOption(); + pickCustomFrequencyOption(expectedActionFrequency); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - // check if rule has been updated - goToEditRuleActionsSettingsOf(ruleNameToAssert); + // check if rule has been updated + goToEditRuleActionsSettingsOf(ruleNameToAssert); - assertSelectedSummaryOfAlertsOption(); - assertSelectedCustomFrequencyOption(expectedActionFrequency, 1); - assertSlackRuleAction(expectedExistingSlackMessage, 0); - assertSlackRuleAction(expectedSlackMessage, 1); - // ensure there is no third action - cy.get(actionFormSelector(2)).should('not.exist'); - }); + assertSelectedSummaryOfAlertsOption(); + assertSelectedCustomFrequencyOption(expectedActionFrequency, 1); + assertSlackRuleAction(expectedExistingSlackMessage, 0); + assertSlackRuleAction(expectedSlackMessage, 1); + // ensure there is no third action + cy.get(actionFormSelector(2)).should('not.exist'); }); + }); - it('Overwrite rule actions in rules', () => { - excessivelyInstallAllPrebuiltRules(); - - getRulesManagementTableRows().then((rows) => { - // select both custom and prebuilt rules - selectAllRules(); - openBulkEditRuleActionsForm(); - - addSlackRuleAction(expectedSlackMessage); - pickSummaryOfAlertsOption(); - pickPerRuleRunFrequencyOption(); - - // check overwrite box, ensure warning is displayed - checkOverwriteRuleActionsCheckbox(); - cy.get(RULES_BULK_EDIT_ACTIONS_WARNING).contains( - `You're about to overwrite rule actions for ${rows.length} selected rules` - ); - - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); - - // check if rule has been updated - goToEditRuleActionsSettingsOf(ruleNameToAssert); - - assertSelectedSummaryOfAlertsOption(); - assertSelectedPerRuleRunFrequencyOption(); - assertSlackRuleAction(expectedSlackMessage); - // ensure existing action was overwritten - cy.get(actionFormSelector(1)).should('not.exist'); - }); - }); + it('Overwrite rule actions in rules', () => { + excessivelyInstallAllPrebuiltRules(); - it('Add a rule action to rules (new connector)', () => { - const rulesToSelect = [ - ruleNameToAssert, - 'New EQL Rule', - 'New ML Rule Test', - 'Threat Indicator Rule Test', - 'Threshold Rule', - 'New Terms Rule', - 'New Rule Test', - ] as const; - const expectedActionFrequency: RuleActionCustomFrequency = { - throttle: 2, - throttleUnit: 'h', - }; - const expectedEmail = 'test@example.com'; - const expectedSubject = 'Subject'; - - selectRulesByName(rulesToSelect); + getRulesManagementTableRows().then((rows) => { + // select both custom and prebuilt rules + selectAllRules(); openBulkEditRuleActionsForm(); - addEmailConnectorAndRuleAction(expectedEmail, expectedSubject); + addSlackRuleAction(expectedSlackMessage); pickSummaryOfAlertsOption(); - pickCustomFrequencyOption(expectedActionFrequency); + pickPerRuleRunFrequencyOption(); + + // check overwrite box, ensure warning is displayed + checkOverwriteRuleActionsCheckbox(); + cy.get(RULES_BULK_EDIT_ACTIONS_WARNING).contains( + `You're about to overwrite rule actions for ${rows.length} selected rules` + ); submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rulesToSelect.length }); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); // check if rule has been updated goToEditRuleActionsSettingsOf(ruleNameToAssert); assertSelectedSummaryOfAlertsOption(); - assertSelectedCustomFrequencyOption(expectedActionFrequency, 1); - assertEmailRuleAction(expectedEmail, expectedSubject); + assertSelectedPerRuleRunFrequencyOption(); + assertSlackRuleAction(expectedSlackMessage); + // ensure existing action was overwritten + cy.get(actionFormSelector(1)).should('not.exist'); }); }); - } -); + + it('Add a rule action to rules (new connector)', () => { + const rulesToSelect = [ + ruleNameToAssert, + 'New EQL Rule', + 'New ML Rule Test', + 'Threat Indicator Rule Test', + 'Threshold Rule', + 'New Terms Rule', + 'New Rule Test', + ] as const; + const expectedActionFrequency: RuleActionCustomFrequency = { + throttle: 2, + throttleUnit: 'h', + }; + const expectedEmail = 'test@example.com'; + const expectedSubject = 'Subject'; + + selectRulesByName(rulesToSelect); + openBulkEditRuleActionsForm(); + + addEmailConnectorAndRuleAction(expectedEmail, expectedSubject); + pickSummaryOfAlertsOption(); + pickCustomFrequencyOption(expectedActionFrequency); + + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rulesToSelect.length }); + + // check if rule has been updated + goToEditRuleActionsSettingsOf(ruleNameToAssert); + + assertSelectedSummaryOfAlertsOption(); + assertSelectedCustomFrequencyOption(expectedActionFrequency, 1); + assertEmailRuleAction(expectedEmail, expectedSubject); + }); + }); +}); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts index b5c696da0c5ac..21c4558ce15e9 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts @@ -53,10 +53,9 @@ const DATA_VIEW_ID = 'auditbeat'; const expectedIndexPatterns = ['index-1-*', 'index-2-*']; -// TODO: https://github.com/elastic/kibana/issues/161540 describe( 'Bulk editing index patterns of rules with a data view only', - { tags: ['@ess', '@serverless', '@brokenInServerless'] }, + { tags: ['@ess', '@serverless'] }, () => { const TESTED_CUSTOM_QUERY_RULE_DATA = getNewRule({ index: undefined, @@ -244,7 +243,7 @@ describe( describe( 'Bulk editing index patterns of rules with index patterns and rules with a data view', - { tags: ['@ess', '@brokenInServerless'] }, + { tags: ['@ess', '@serverless'] }, () => { const TESTED_CUSTOM_QUERY_RULE_DATA_WITH_DATAVIEW = getNewRule({ name: 'with dataview', From d6f7384082a6e53efa5012405a9bf0b6d67bd95c Mon Sep 17 00:00:00 2001 From: Hannah Mudge Date: Wed, 18 Oct 2023 16:33:21 -0600 Subject: [PATCH 13/50] [Dashboard] Prevent unnecessary loss of dashboard unsaved state (#167707) Closes https://github.com/elastic/kibana/issues/167661 ## Summary After a whole bunch of investigation, I ultimately realized that the attached test was flaky because the dashboard session storage was being cleared in the `DashboardUnsavedListing` component. When loading the unsaved dashboards, we used to remove the unsaved state for dashboards that returned **any** error from the CM service - this was designed so that, if a dashboard was deleted, we would remove it from the unsaved dashboard listing callout. However, as an unintended consequence, **other** errors, which should **not** cause the unsaved state to be lost, also caused it to be cleared. Since I could only replicate **some** of the possible CM errors locally, it was impossible to narrow down exactly what error was being thrown in the attached flaky test since the FTR does not provide console logs. Therefore, rather than **preventing** that specific error from clearing the session storage, I instead made it so that **only** `404` errors (i.e. `"Saved object not found"` errors) cause the session storage to be cleared - this will guarantee that we only remove the unsaved state from the session storage if we know **for sure** that the dashboard has been deleted. Any other errors that are thrown by the CM will **not** cause the unsaved state to be unnecessarily lost. Also, in my attempt to solve the above flaky test, I discovered and fixed the following: 1. Previously, when an error was thrown and caught in the `DashboardUnsavedListing` component, the `refreshUnsavedDashboards` would cause a `useEffect` infinite loop because the reference for the `unsavedDashboardIds` array would always be different even if the contents of the array were identical. This PR fixes that by ensuring the array reference **only** changes if the contents change. 2. Our previous way of catching errors in the `findDashboardById` method was not reliable, and did not catch errors that were thrown in, for example, the CM client `get` method. I refactored this so that all errors should now be caught. ### [Flaky Test Runner](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/3554) ![image](https://github.com/elastic/kibana/assets/8698078/1bcd9d6a-0c37-43ee-b5d6-f418cf878b41) ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --- .../dashboard_listing_empty_prompt.tsx | 2 +- .../dashboard_unsaved_listing.test.tsx | 4 +- .../dashboard_unsaved_listing.tsx | 7 +++- .../dashboard_backup_service.ts | 14 ++++++- .../lib/find_dashboards.ts | 41 +++++++++++++------ .../dashboard_content_management/types.ts | 2 +- .../group1/dashboard_unsaved_state.ts | 6 ++- 7 files changed, 55 insertions(+), 21 deletions(-) diff --git a/src/plugins/dashboard/public/dashboard_listing/dashboard_listing_empty_prompt.tsx b/src/plugins/dashboard/public/dashboard_listing/dashboard_listing_empty_prompt.tsx index 098dbcc0b4933..63ccfcd0ae2e4 100644 --- a/src/plugins/dashboard/public/dashboard_listing/dashboard_listing_empty_prompt.tsx +++ b/src/plugins/dashboard/public/dashboard_listing/dashboard_listing_empty_prompt.tsx @@ -106,8 +106,8 @@ export const DashboardListingEmptyPrompt = ({ createItem, disableCreateDashboardButton, dashboardBackup, - setUnsavedDashboardIds, goToDashboard, + setUnsavedDashboardIds, ]); if (!showWriteControls) { diff --git a/src/plugins/dashboard/public/dashboard_listing/dashboard_unsaved_listing.test.tsx b/src/plugins/dashboard/public/dashboard_listing/dashboard_unsaved_listing.test.tsx index 81aa4bc073600..3983661a21a7e 100644 --- a/src/plugins/dashboard/public/dashboard_listing/dashboard_unsaved_listing.test.tsx +++ b/src/plugins/dashboard/public/dashboard_listing/dashboard_unsaved_listing.test.tsx @@ -104,12 +104,12 @@ describe('Unsaved listing', () => { { id: 'failCase1', status: 'error', - error: { error: 'oh no', message: 'bwah', statusCode: 100 }, + error: { error: 'oh no', message: 'bwah', statusCode: 404 }, }, { id: 'failCase2', status: 'error', - error: { error: 'oh no', message: 'bwah', statusCode: 100 }, + error: { error: 'oh no', message: 'bwah', statusCode: 404 }, }, ]); diff --git a/src/plugins/dashboard/public/dashboard_listing/dashboard_unsaved_listing.tsx b/src/plugins/dashboard/public/dashboard_listing/dashboard_unsaved_listing.tsx index 72580f7546bbe..7a67f237748a6 100644 --- a/src/plugins/dashboard/public/dashboard_listing/dashboard_unsaved_listing.tsx +++ b/src/plugins/dashboard/public/dashboard_listing/dashboard_unsaved_listing.tsx @@ -156,7 +156,10 @@ export const DashboardUnsavedListing = ({ const newItems = results.reduce((map, result) => { if (result.status === 'error') { hasError = true; - dashboardBackup.clearState(result.id); + if (result.error.statusCode === 404) { + // Save object not found error + dashboardBackup.clearState(result.id); + } return map; } return { @@ -170,6 +173,7 @@ export const DashboardUnsavedListing = ({ } setItems(newItems); }); + return () => { canceled = true; }; @@ -179,6 +183,7 @@ export const DashboardUnsavedListing = ({ <> 1 )} diff --git a/src/plugins/dashboard/public/services/dashboard_backup/dashboard_backup_service.ts b/src/plugins/dashboard/public/services/dashboard_backup/dashboard_backup_service.ts index 707ba9780ee9c..fb5b2c12f05ee 100644 --- a/src/plugins/dashboard/public/services/dashboard_backup/dashboard_backup_service.ts +++ b/src/plugins/dashboard/public/services/dashboard_backup/dashboard_backup_service.ts @@ -7,6 +7,7 @@ */ import { firstValueFrom } from 'rxjs'; +import { isEqual } from 'lodash'; import { set } from '@kbn/safer-lodash-set'; import { ViewMode } from '@kbn/embeddable-plugin/public'; @@ -42,6 +43,8 @@ class DashboardBackupService implements DashboardBackupServiceType { private notifications: DashboardNotificationsService; private spaces: DashboardSpacesService; + private oldDashboardsWithUnsavedChanges: string[] = []; + constructor(requiredServices: DashboardBackupRequiredServices) { ({ notifications: this.notifications, spaces: this.spaces } = requiredServices); this.sessionStorage = new Storage(sessionStorage); @@ -125,7 +128,16 @@ class DashboardBackupService implements DashboardBackupServiceType { ) dashboardsWithUnsavedChanges.push(dashboardId); }); - return dashboardsWithUnsavedChanges; + + /** + * Because we are storing these unsaved dashboard IDs in React component state, we only want things to be re-rendered + * if the **contents** change, not if the array reference changes + */ + if (!isEqual(this.oldDashboardsWithUnsavedChanges, dashboardsWithUnsavedChanges)) { + this.oldDashboardsWithUnsavedChanges = dashboardsWithUnsavedChanges; + } + + return this.oldDashboardsWithUnsavedChanges; } catch (e) { this.notifications.toasts.addDanger({ title: backupServiceStrings.getPanelsGetError(e.message), diff --git a/src/plugins/dashboard/public/services/dashboard_content_management/lib/find_dashboards.ts b/src/plugins/dashboard/public/services/dashboard_content_management/lib/find_dashboards.ts index efeaa76297f9e..b10f2216cfddf 100644 --- a/src/plugins/dashboard/public/services/dashboard_content_management/lib/find_dashboards.ts +++ b/src/plugins/dashboard/public/services/dashboard_content_management/lib/find_dashboards.ts @@ -6,16 +6,16 @@ * Side Public License, v 1. */ +import { Reference } from '@kbn/content-management-utils'; import { SavedObjectError, SavedObjectsFindOptionsReference } from '@kbn/core/public'; -import { Reference } from '@kbn/content-management-utils'; import { - DashboardItem, - DashboardCrudTypes, DashboardAttributes, + DashboardCrudTypes, + DashboardItem, } from '../../../../common/content_management'; -import { DashboardStartDependencies } from '../../../plugin'; import { DASHBOARD_CONTENT_ID } from '../../../dashboard_constants'; +import { DashboardStartDependencies } from '../../../plugin'; import { dashboardContentManagementCache } from '../dashboard_content_management_service'; export interface SearchDashboardsArgs { @@ -83,19 +83,34 @@ export async function findDashboardById( references: cachedDashboard.item.references, }; } + /** Otherwise, fetch the dashboard from the content management client, add it to the cache, and return the result */ - const response = await contentManagement.client - .get({ + try { + const response = await contentManagement.client.get< + DashboardCrudTypes['GetIn'], + DashboardCrudTypes['GetOut'] + >({ contentTypeId: DASHBOARD_CONTENT_ID, id, - }) - .then((result) => { - dashboardContentManagementCache.addDashboard(result); - return { id, status: 'success', attributes: result.item.attributes }; - }) - .catch((e) => ({ status: 'error', error: e.body, id })); + }); + if (response.item.error) { + throw response.item.error; + } - return response as FindDashboardsByIdResponse; + dashboardContentManagementCache.addDashboard(response); + return { + id, + status: 'success', + attributes: response.item.attributes, + references: response.item.references, + }; + } catch (e) { + return { + status: 'error', + error: e.body || e.message, + id, + }; + } } export async function findDashboardsByIds( diff --git a/src/plugins/dashboard/public/services/dashboard_content_management/types.ts b/src/plugins/dashboard/public/services/dashboard_content_management/types.ts index e562f5d0cc28b..50806797dfeca 100644 --- a/src/plugins/dashboard/public/services/dashboard_content_management/types.ts +++ b/src/plugins/dashboard/public/services/dashboard_content_management/types.ts @@ -39,7 +39,7 @@ export interface DashboardContentManagementRequiredServices { export interface DashboardContentManagementService { findDashboards: FindDashboardsService; - deleteDashboards: (ids: string[]) => void; + deleteDashboards: (ids: string[]) => Promise; loadDashboardState: (props: { id?: string }) => Promise; saveDashboardState: (props: SaveDashboardProps) => Promise; checkForDuplicateDashboardTitle: (meta: DashboardDuplicateTitleCheckProps) => Promise; diff --git a/test/functional/apps/dashboard/group1/dashboard_unsaved_state.ts b/test/functional/apps/dashboard/group1/dashboard_unsaved_state.ts index 39ac63288cba0..ce027f2d4fdbf 100644 --- a/test/functional/apps/dashboard/group1/dashboard_unsaved_state.ts +++ b/test/functional/apps/dashboard/group1/dashboard_unsaved_state.ts @@ -23,8 +23,7 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { let unsavedPanelCount = 0; const testQuery = 'Test Query'; - // Failing: See https://github.com/elastic/kibana/issues/167661 - describe.skip('dashboard unsaved state', () => { + describe('dashboard unsaved state', () => { before(async () => { await kibanaServer.savedObjects.cleanStandardList(); await kibanaServer.importExport.load( @@ -140,6 +139,9 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { await PageObjects.visualize.gotoVisualizationLandingPage(); await PageObjects.header.waitUntilLoadingHasFinished(); await PageObjects.dashboard.navigateToApp(); + if (await PageObjects.dashboard.onDashboardLandingPage()) { + await testSubjects.existOrFail('unsavedDashboardsCallout'); + } await PageObjects.dashboard.loadSavedDashboard('few panels'); const currentPanelCount = await PageObjects.dashboard.getPanelCount(); expect(currentPanelCount).to.eql(unsavedPanelCount); From 716b1d37cd79955c86174715b8da16bf53ee06d5 Mon Sep 17 00:00:00 2001 From: Garrett Spong Date: Wed, 18 Oct 2023 17:04:31 -0600 Subject: [PATCH 14/50] [Security Solution] [Elastic AI Assistant] Fixes Knowledge Base not loading in cloud environments (#169039) ## Summary Resolves an issue on cloud deployments where the Knowledge Base could be set up, but the ES|QL entries would not be loaded. Renames `knowledge_base/esql/docs` to `knowledge_base/esql/documentation`, as `docs` is part of the Kibana build [time exclusion strategy](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/copy_legacy_source_task.ts#L41). Note, even though line `39` excludes `asciidoc`, in testing it was actually the `docs` entry from line `41` that was preventing them from being included in the Kibana build process. Note: Actual changeset here is just a couple files, updating the `esql_loader` and corresponding tests. Majority of changes are from the rename, so should be a straight-forward review. To test that the assets are included in the build, you can run a `yarn build` locally and verify the assets are included in the dist at: `build/kibana/node_modules/@kbn/elastic-assistant-plugin/server/knowledge_base/esql/documentation`), or alternatively, just log into this PR's `ci:cloud-deploy` instance from the Kibana build details, and verify that the appropriate errors (ELSER n/a, not file missing) are logged when trying to load the `ES|QL Knowledge Base Documents`. > [!NOTE] > Since the `ci:cloud-deploy` instances don't deploy with an ML node of sufficient capacity, you can't actually deploy ELSER, but you can download it, which is all that the initial ELSER check ensures, so you can still test that the docs have attempted to be loaded into the `.kibana-elastic-ai-assistant-kb` index by checking the [cluster's kibana logs](https://kibana-pr-169039.kb.us-west2.gcp.elastic-cloud.com:9243/app/logs/stream?logFilter=(filters:!(),query:(language:kuery,query:'service.id:%2258121ceb066505e00f0913733b3e5ee9%22%20and%20%22language%20docs%22'),refreshInterval:(pause:!t,value:5000),timeRange:(from:now-15m,to:now))&logView=(logViewId:default,type:log-view-reference)&flyoutOptions=(flyoutId:'3L_7PosBZTjGpbeGx6t3',flyoutVisibility:hidden,surroundingLogsId:!n)&logPosition=(position:(tiebreaker:2852,time:1697599602455))), and verifying the below log line: > > `[kibana.log][INFO] Loaded 0 ES|QL docs, language docs, and example queries into the Knowledge Base` > > with logs above it detailing the docs to be loaded, and them failing because ELSER is MIA. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> --- .../server/__mocks__/docs_from_directory_loader.ts | 4 ++-- .../elastic_assistant/server/__mocks__/msearch_response.ts | 2 +- .../elastic_assistant/server/knowledge_base/README.md | 2 ++ .../{docs => documentation}/aggregation_functions.asciidoc | 0 .../aggregation_functions/avg.asciidoc | 0 .../aggregation_functions/count.asciidoc | 0 .../aggregation_functions/count_distinct.asciidoc | 0 .../aggregation_functions/max.asciidoc | 0 .../aggregation_functions/median.asciidoc | 0 .../aggregation_functions/median_absolute_deviation.asciidoc | 0 .../aggregation_functions/min.asciidoc | 0 .../aggregation_functions/percentile.asciidoc | 0 .../aggregation_functions/sum.asciidoc | 0 .../esql/{docs => documentation}/esql_functions.asciidoc | 0 .../esql_processing_commands.asciidoc | 0 .../{docs => documentation}/esql_source_commands.asciidoc | 0 .../esql/{docs => documentation}/esql_syntax.asciidoc | 0 .../esql/{docs => documentation}/functions/abs.asciidoc | 0 .../esql/{docs => documentation}/functions/acos.asciidoc | 0 .../esql/{docs => documentation}/functions/asin.asciidoc | 0 .../esql/{docs => documentation}/functions/atan.asciidoc | 0 .../esql/{docs => documentation}/functions/atan2.asciidoc | 0 .../{docs => documentation}/functions/auto_bucket.asciidoc | 0 .../esql/{docs => documentation}/functions/case.asciidoc | 0 .../esql/{docs => documentation}/functions/ceil.asciidoc | 0 .../{docs => documentation}/functions/cidr_match.asciidoc | 0 .../esql/{docs => documentation}/functions/coalesce.asciidoc | 0 .../esql/{docs => documentation}/functions/concat.asciidoc | 0 .../esql/{docs => documentation}/functions/cos.asciidoc | 0 .../esql/{docs => documentation}/functions/cosh.asciidoc | 0 .../{docs => documentation}/functions/date_extract.asciidoc | 0 .../{docs => documentation}/functions/date_format.asciidoc | 0 .../{docs => documentation}/functions/date_parse.asciidoc | 0 .../{docs => documentation}/functions/date_trunc.asciidoc | 0 .../esql/{docs => documentation}/functions/e.asciidoc | 0 .../esql/{docs => documentation}/functions/floor.asciidoc | 0 .../esql/{docs => documentation}/functions/greatest.asciidoc | 0 .../{docs => documentation}/functions/is_finite.asciidoc | 0 .../{docs => documentation}/functions/is_infinite.asciidoc | 0 .../esql/{docs => documentation}/functions/is_nan.asciidoc | 0 .../esql/{docs => documentation}/functions/least.asciidoc | 0 .../esql/{docs => documentation}/functions/left.asciidoc | 0 .../esql/{docs => documentation}/functions/length.asciidoc | 0 .../esql/{docs => documentation}/functions/log10.asciidoc | 0 .../esql/{docs => documentation}/functions/ltrim.asciidoc | 0 .../esql/{docs => documentation}/functions/mv_avg.asciidoc | 0 .../{docs => documentation}/functions/mv_concat.asciidoc | 0 .../esql/{docs => documentation}/functions/mv_count.asciidoc | 0 .../{docs => documentation}/functions/mv_dedupe.asciidoc | 0 .../esql/{docs => documentation}/functions/mv_max.asciidoc | 0 .../{docs => documentation}/functions/mv_median.asciidoc | 0 .../esql/{docs => documentation}/functions/mv_min.asciidoc | 0 .../esql/{docs => documentation}/functions/mv_sum.asciidoc | 0 .../esql/{docs => documentation}/functions/now.asciidoc | 0 .../esql/{docs => documentation}/functions/pi.asciidoc | 0 .../esql/{docs => documentation}/functions/pow.asciidoc | 0 .../esql/{docs => documentation}/functions/round.asciidoc | 0 .../esql/{docs => documentation}/functions/rtrim.asciidoc | 0 .../esql/{docs => documentation}/functions/sin.asciidoc | 0 .../esql/{docs => documentation}/functions/sinh.asciidoc | 0 .../esql/{docs => documentation}/functions/split.asciidoc | 0 .../esql/{docs => documentation}/functions/sqrt.asciidoc | 0 .../{docs => documentation}/functions/starts_with.asciidoc | 0 .../{docs => documentation}/functions/substring.asciidoc | 0 .../esql/{docs => documentation}/functions/tan.asciidoc | 0 .../esql/{docs => documentation}/functions/tanh.asciidoc | 0 .../esql/{docs => documentation}/functions/tau.asciidoc | 0 .../{docs => documentation}/functions/to_boolean.asciidoc | 0 .../{docs => documentation}/functions/to_datetime.asciidoc | 0 .../{docs => documentation}/functions/to_degrees.asciidoc | 0 .../{docs => documentation}/functions/to_double.asciidoc | 0 .../{docs => documentation}/functions/to_integer.asciidoc | 0 .../esql/{docs => documentation}/functions/to_ip.asciidoc | 0 .../esql/{docs => documentation}/functions/to_long.asciidoc | 0 .../{docs => documentation}/functions/to_radians.asciidoc | 0 .../{docs => documentation}/functions/to_string.asciidoc | 0 .../functions/to_unsigned_long.asciidoc | 0 .../{docs => documentation}/functions/to_version.asciidoc | 0 .../esql/{docs => documentation}/functions/trim.asciidoc | 0 .../{docs => documentation}/functions/types/abs.asciidoc | 0 .../{docs => documentation}/functions/types/acos.asciidoc | 0 .../{docs => documentation}/functions/types/asin.asciidoc | 0 .../{docs => documentation}/functions/types/atan.asciidoc | 0 .../{docs => documentation}/functions/types/atan2.asciidoc | 0 .../{docs => documentation}/functions/types/case.asciidoc | 0 .../{docs => documentation}/functions/types/ceil.asciidoc | 0 .../functions/types/coalesce.asciidoc | 0 .../{docs => documentation}/functions/types/concat.asciidoc | 0 .../{docs => documentation}/functions/types/cos.asciidoc | 0 .../{docs => documentation}/functions/types/cosh.asciidoc | 0 .../esql/{docs => documentation}/functions/types/e.asciidoc | 0 .../{docs => documentation}/functions/types/floor.asciidoc | 0 .../functions/types/greatest.asciidoc | 0 .../{docs => documentation}/functions/types/least.asciidoc | 0 .../{docs => documentation}/functions/types/length.asciidoc | 0 .../{docs => documentation}/functions/types/log10.asciidoc | 0 .../{docs => documentation}/functions/types/ltrim.asciidoc | 0 .../esql/{docs => documentation}/functions/types/pi.asciidoc | 0 .../{docs => documentation}/functions/types/pow.asciidoc | 0 .../{docs => documentation}/functions/types/round.asciidoc | 0 .../{docs => documentation}/functions/types/rtrim.asciidoc | 0 .../{docs => documentation}/functions/types/sin.asciidoc | 0 .../{docs => documentation}/functions/types/sinh.asciidoc | 0 .../{docs => documentation}/functions/types/split.asciidoc | 0 .../{docs => documentation}/functions/types/sqrt.asciidoc | 0 .../functions/types/substring.asciidoc | 0 .../{docs => documentation}/functions/types/tan.asciidoc | 0 .../{docs => documentation}/functions/types/tanh.asciidoc | 0 .../{docs => documentation}/functions/types/tau.asciidoc | 0 .../{docs => documentation}/functions/types/trim.asciidoc | 0 .../esql/{docs => documentation}/index.asciidoc | 0 .../esql/{docs => documentation}/multivalued_fields.asciidoc | 0 .../processing_commands/dissect.asciidoc | 0 .../processing_commands/drop.asciidoc | 0 .../processing_commands/enrich.asciidoc | 0 .../processing_commands/eval.asciidoc | 0 .../processing_commands/grok.asciidoc | 0 .../processing_commands/keep.asciidoc | 0 .../processing_commands/limit.asciidoc | 0 .../processing_commands/mv_expand.asciidoc | 0 .../processing_commands/rename.asciidoc | 0 .../processing_commands/sort.asciidoc | 0 .../processing_commands/stats.asciidoc | 0 .../processing_commands/where.asciidoc | 0 .../{docs => documentation}/source_commands/from.asciidoc | 0 .../{docs => documentation}/source_commands/row.asciidoc | 0 .../{docs => documentation}/source_commands/show.asciidoc | 0 .../esql/{docs => documentation}/task_management.asciidoc | 0 .../server/lib/langchain/content_loaders/esql_loader.test.ts | 3 +-- .../server/lib/langchain/content_loaders/esql_loader.ts | 5 ++--- .../elasticsearch_store/elasticsearch_store.test.ts | 2 +- .../lib/langchain/elasticsearch_store/elasticsearch_store.ts | 2 +- .../elasticsearch_store/helpers/get_flattened_hits.test.ts | 2 +- .../server/lib/model_evaluator/output_index/utils.ts | 2 +- 134 files changed, 12 insertions(+), 12 deletions(-) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/aggregation_functions.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/aggregation_functions/avg.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/aggregation_functions/count.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/aggregation_functions/count_distinct.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/aggregation_functions/max.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/aggregation_functions/median.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/aggregation_functions/median_absolute_deviation.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/aggregation_functions/min.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/aggregation_functions/percentile.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/aggregation_functions/sum.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/esql_functions.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/esql_processing_commands.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/esql_source_commands.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/esql_syntax.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/abs.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/acos.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/asin.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/atan.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/atan2.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/auto_bucket.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/case.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/ceil.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/cidr_match.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/coalesce.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/concat.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/cos.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/cosh.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/date_extract.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/date_format.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/date_parse.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/date_trunc.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/e.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/floor.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/greatest.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/is_finite.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/is_infinite.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/is_nan.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/least.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/left.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/length.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/log10.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/ltrim.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/mv_avg.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/mv_concat.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/mv_count.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/mv_dedupe.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/mv_max.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/mv_median.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/mv_min.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/mv_sum.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/now.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/pi.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/pow.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/round.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/rtrim.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/sin.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/sinh.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/split.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/sqrt.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/starts_with.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/substring.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/tan.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/tanh.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/tau.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/to_boolean.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/to_datetime.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/to_degrees.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/to_double.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/to_integer.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/to_ip.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/to_long.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/to_radians.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/to_string.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/to_unsigned_long.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/to_version.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/trim.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/abs.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/acos.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/asin.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/atan.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/atan2.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/case.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/ceil.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/coalesce.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/concat.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/cos.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/cosh.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/e.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/floor.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/greatest.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/least.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/length.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/log10.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/ltrim.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/pi.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/pow.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/round.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/rtrim.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/sin.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/sinh.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/split.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/sqrt.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/substring.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/tan.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/tanh.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/tau.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/functions/types/trim.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/index.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/multivalued_fields.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/processing_commands/dissect.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/processing_commands/drop.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/processing_commands/enrich.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/processing_commands/eval.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/processing_commands/grok.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/processing_commands/keep.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/processing_commands/limit.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/processing_commands/mv_expand.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/processing_commands/rename.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/processing_commands/sort.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/processing_commands/stats.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/processing_commands/where.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/source_commands/from.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/source_commands/row.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/source_commands/show.asciidoc (100%) rename x-pack/plugins/elastic_assistant/server/knowledge_base/esql/{docs => documentation}/task_management.asciidoc (100%) diff --git a/x-pack/plugins/elastic_assistant/server/__mocks__/docs_from_directory_loader.ts b/x-pack/plugins/elastic_assistant/server/__mocks__/docs_from_directory_loader.ts index 71100d68b73ad..152d8c83987a3 100644 --- a/x-pack/plugins/elastic_assistant/server/__mocks__/docs_from_directory_loader.ts +++ b/x-pack/plugins/elastic_assistant/server/__mocks__/docs_from_directory_loader.ts @@ -8,7 +8,7 @@ import { Document } from 'langchain/document'; /** - * Mock LangChain `Document`s from `knowledge_base/esql/docs`, loaded from a LangChain `DirectoryLoader` + * Mock LangChain `Document`s from `knowledge_base/esql/documentation`, loaded from a LangChain `DirectoryLoader` */ export const mockEsqlDocsFromDirectoryLoader: Document[] = [ { @@ -16,7 +16,7 @@ export const mockEsqlDocsFromDirectoryLoader: Document[] = [ '[[esql-agg-avg]]\n=== `AVG`\nThe average of a numeric field.\n\n[source.merge.styled,esql]\n----\ninclude::{esql-specs}/stats.csv-spec[tag=avg]\n----\n[%header.monospaced.styled,format=dsv,separator=|]\n|===\ninclude::{esql-specs}/stats.csv-spec[tag=avg-result]\n|===\n\nThe result is always a `double` not matter the input type.\n', metadata: { source: - '/Users/andrew.goldstein/Projects/forks/andrew-goldstein/kibana/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/avg.asciidoc', + '/Users/andrew.goldstein/Projects/forks/andrew-goldstein/kibana/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/avg.asciidoc', }, }, ]; diff --git a/x-pack/plugins/elastic_assistant/server/__mocks__/msearch_response.ts b/x-pack/plugins/elastic_assistant/server/__mocks__/msearch_response.ts index f281140b34b38..63439d5c07700 100644 --- a/x-pack/plugins/elastic_assistant/server/__mocks__/msearch_response.ts +++ b/x-pack/plugins/elastic_assistant/server/__mocks__/msearch_response.ts @@ -39,7 +39,7 @@ export const mockMsearchResponse: MsearchResponse = { _source: { metadata: { source: - '/Users/andrew.goldstein/Projects/forks/andrew-goldstein/kibana/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/source_commands/from.asciidoc', + '/Users/andrew.goldstein/Projects/forks/andrew-goldstein/kibana/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/source_commands/from.asciidoc', }, vector: { tokens: { diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/README.md b/x-pack/plugins/elastic_assistant/server/knowledge_base/README.md index 54c9c885b5189..ab52ecfca060e 100644 --- a/x-pack/plugins/elastic_assistant/server/knowledge_base/README.md +++ b/x-pack/plugins/elastic_assistant/server/knowledge_base/README.md @@ -10,6 +10,8 @@ This directory contains assets for the Knowledge Base feature. The assets are us The assets are stored in their original source format, so `.asciidoc` for documentation, and `.g4` and `.tokens` for the ANTLR language definitions. File names have been updated to be snake_case to satisfy Kibana linting rules. +NOTE: When adding knowledge base assets, please ensure that the source files and directories are not excluded as part of the Kibana build process, otherwise things will work fine locally, but will fail once a distribution has been built (i.e. cloud deployments). See `src/dev/build/tasks/copy_legacy_source_task.ts` for details on exclusion patterns. + ### Future Once asset format and chunking strategies are finalized, we may want to either move the assets to a shared package so they can be consumed by other plugins, or potentially ship the pre-packaged ELSER embeddings as part of a Fleet Integration. For now though, the assets will be included in their source format within the plugin, and can then be processed and embedded at runtime. diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/avg.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/avg.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/avg.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/avg.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/count.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/count.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/count.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/count.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/count_distinct.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/count_distinct.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/count_distinct.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/count_distinct.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/max.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/max.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/max.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/max.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/median.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/median.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/median.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/median.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/median_absolute_deviation.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/median_absolute_deviation.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/median_absolute_deviation.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/median_absolute_deviation.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/min.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/min.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/min.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/min.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/percentile.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/percentile.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/percentile.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/percentile.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/sum.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/sum.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/aggregation_functions/sum.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/aggregation_functions/sum.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/esql_functions.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/esql_functions.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/esql_functions.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/esql_functions.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/esql_processing_commands.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/esql_processing_commands.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/esql_processing_commands.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/esql_processing_commands.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/esql_source_commands.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/esql_source_commands.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/esql_source_commands.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/esql_source_commands.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/esql_syntax.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/esql_syntax.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/esql_syntax.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/esql_syntax.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/abs.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/abs.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/abs.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/abs.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/acos.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/acos.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/acos.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/acos.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/asin.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/asin.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/asin.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/asin.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/atan.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/atan.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/atan.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/atan.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/atan2.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/atan2.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/atan2.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/atan2.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/auto_bucket.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/auto_bucket.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/auto_bucket.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/auto_bucket.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/case.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/case.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/case.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/case.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/ceil.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/ceil.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/ceil.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/ceil.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/cidr_match.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/cidr_match.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/cidr_match.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/cidr_match.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/coalesce.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/coalesce.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/coalesce.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/coalesce.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/concat.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/concat.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/concat.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/concat.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/cos.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/cos.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/cos.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/cos.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/cosh.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/cosh.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/cosh.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/cosh.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/date_extract.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/date_extract.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/date_extract.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/date_extract.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/date_format.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/date_format.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/date_format.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/date_format.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/date_parse.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/date_parse.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/date_parse.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/date_parse.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/date_trunc.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/date_trunc.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/date_trunc.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/date_trunc.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/e.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/e.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/e.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/e.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/floor.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/floor.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/floor.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/floor.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/greatest.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/greatest.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/greatest.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/greatest.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/is_finite.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/is_finite.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/is_finite.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/is_finite.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/is_infinite.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/is_infinite.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/is_infinite.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/is_infinite.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/is_nan.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/is_nan.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/is_nan.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/is_nan.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/least.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/least.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/least.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/least.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/left.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/left.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/left.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/left.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/length.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/length.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/length.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/length.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/log10.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/log10.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/log10.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/log10.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/ltrim.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/ltrim.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/ltrim.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/ltrim.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_avg.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_avg.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_avg.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_avg.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_concat.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_concat.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_concat.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_concat.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_count.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_count.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_count.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_count.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_dedupe.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_dedupe.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_dedupe.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_dedupe.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_max.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_max.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_max.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_max.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_median.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_median.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_median.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_median.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_min.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_min.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_min.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_min.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_sum.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_sum.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/mv_sum.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/mv_sum.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/now.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/now.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/now.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/now.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/pi.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/pi.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/pi.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/pi.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/pow.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/pow.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/pow.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/pow.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/round.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/round.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/round.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/round.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/rtrim.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/rtrim.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/rtrim.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/rtrim.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/sin.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/sin.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/sin.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/sin.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/sinh.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/sinh.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/sinh.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/sinh.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/split.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/split.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/split.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/split.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/sqrt.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/sqrt.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/sqrt.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/sqrt.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/starts_with.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/starts_with.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/starts_with.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/starts_with.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/substring.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/substring.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/substring.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/substring.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/tan.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/tan.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/tan.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/tan.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/tanh.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/tanh.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/tanh.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/tanh.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/tau.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/tau.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/tau.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/tau.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_boolean.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_boolean.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_boolean.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_boolean.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_datetime.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_datetime.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_datetime.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_datetime.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_degrees.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_degrees.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_degrees.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_degrees.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_double.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_double.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_double.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_double.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_integer.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_integer.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_integer.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_integer.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_ip.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_ip.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_ip.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_ip.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_long.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_long.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_long.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_long.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_radians.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_radians.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_radians.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_radians.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_string.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_string.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_string.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_string.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_unsigned_long.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_unsigned_long.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_unsigned_long.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_unsigned_long.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_version.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_version.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/to_version.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/to_version.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/trim.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/trim.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/trim.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/trim.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/abs.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/abs.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/abs.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/abs.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/acos.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/acos.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/acos.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/acos.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/asin.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/asin.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/asin.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/asin.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/atan.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/atan.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/atan.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/atan.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/atan2.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/atan2.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/atan2.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/atan2.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/case.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/case.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/case.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/case.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/ceil.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/ceil.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/ceil.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/ceil.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/coalesce.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/coalesce.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/coalesce.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/coalesce.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/concat.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/concat.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/concat.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/concat.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/cos.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/cos.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/cos.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/cos.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/cosh.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/cosh.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/cosh.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/cosh.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/e.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/e.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/e.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/e.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/floor.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/floor.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/floor.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/floor.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/greatest.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/greatest.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/greatest.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/greatest.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/least.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/least.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/least.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/least.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/length.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/length.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/length.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/length.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/log10.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/log10.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/log10.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/log10.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/ltrim.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/ltrim.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/ltrim.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/ltrim.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/pi.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/pi.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/pi.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/pi.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/pow.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/pow.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/pow.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/pow.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/round.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/round.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/round.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/round.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/rtrim.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/rtrim.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/rtrim.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/rtrim.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/sin.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/sin.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/sin.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/sin.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/sinh.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/sinh.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/sinh.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/sinh.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/split.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/split.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/split.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/split.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/sqrt.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/sqrt.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/sqrt.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/sqrt.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/substring.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/substring.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/substring.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/substring.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/tan.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/tan.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/tan.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/tan.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/tanh.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/tanh.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/tanh.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/tanh.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/tau.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/tau.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/tau.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/tau.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/trim.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/trim.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/functions/types/trim.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/functions/types/trim.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/index.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/index.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/index.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/index.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/multivalued_fields.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/multivalued_fields.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/multivalued_fields.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/multivalued_fields.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/dissect.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/dissect.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/dissect.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/dissect.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/drop.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/drop.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/drop.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/drop.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/enrich.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/enrich.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/enrich.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/enrich.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/eval.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/eval.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/eval.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/eval.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/grok.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/grok.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/grok.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/grok.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/keep.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/keep.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/keep.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/keep.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/limit.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/limit.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/limit.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/limit.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/mv_expand.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/mv_expand.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/mv_expand.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/mv_expand.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/rename.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/rename.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/rename.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/rename.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/sort.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/sort.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/sort.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/sort.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/stats.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/stats.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/stats.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/stats.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/where.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/where.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/processing_commands/where.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/processing_commands/where.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/source_commands/from.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/source_commands/from.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/source_commands/from.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/source_commands/from.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/source_commands/row.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/source_commands/row.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/source_commands/row.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/source_commands/row.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/source_commands/show.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/source_commands/show.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/source_commands/show.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/source_commands/show.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/task_management.asciidoc b/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/task_management.asciidoc similarity index 100% rename from x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/task_management.asciidoc rename to x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/task_management.asciidoc diff --git a/x-pack/plugins/elastic_assistant/server/lib/langchain/content_loaders/esql_loader.test.ts b/x-pack/plugins/elastic_assistant/server/lib/langchain/content_loaders/esql_loader.test.ts index 307f5fc3055bb..319e1ea3eedf8 100644 --- a/x-pack/plugins/elastic_assistant/server/lib/langchain/content_loaders/esql_loader.test.ts +++ b/x-pack/plugins/elastic_assistant/server/lib/langchain/content_loaders/esql_loader.test.ts @@ -105,8 +105,7 @@ describe('loadESQL', () => { await loadESQL(esStore, logger); expect(logger.error).toHaveBeenCalledWith( - 'Failed to load ES|QL docs, language docs, and example queries into the Knowledge Base', - error + 'Failed to load ES|QL docs, language docs, and example queries into the Knowledge Base\nError: Failed to load documents' ); }); }); diff --git a/x-pack/plugins/elastic_assistant/server/lib/langchain/content_loaders/esql_loader.ts b/x-pack/plugins/elastic_assistant/server/lib/langchain/content_loaders/esql_loader.ts index 33310183e3d10..b34beb5c5aa9c 100644 --- a/x-pack/plugins/elastic_assistant/server/lib/langchain/content_loaders/esql_loader.ts +++ b/x-pack/plugins/elastic_assistant/server/lib/langchain/content_loaders/esql_loader.ts @@ -23,7 +23,7 @@ import { ESQL_RESOURCE } from '../../../routes/knowledge_base/constants'; export const loadESQL = async (esStore: ElasticsearchStore, logger: Logger): Promise => { try { const docsLoader = new DirectoryLoader( - resolve(__dirname, '../../../knowledge_base/esql/docs'), + resolve(__dirname, '../../../knowledge_base/esql/documentation'), { '.asciidoc': (path) => new TextLoader(path), }, @@ -76,8 +76,7 @@ export const loadESQL = async (esStore: ElasticsearchStore, logger: Logger): Pro return response.length > 0; } catch (e) { logger.error( - `Failed to load ES|QL docs, language docs, and example queries into the Knowledge Base`, - e + `Failed to load ES|QL docs, language docs, and example queries into the Knowledge Base\n${e}` ); return false; } diff --git a/x-pack/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/elasticsearch_store.test.ts b/x-pack/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/elasticsearch_store.test.ts index 9d563e240064a..1de907c3ddc9c 100644 --- a/x-pack/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/elasticsearch_store.test.ts +++ b/x-pack/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/elasticsearch_store.test.ts @@ -225,7 +225,7 @@ describe('ElasticsearchStore', () => { "[[esql-from]]\n=== `FROM`\n\nThe `FROM` source command returns a table with up to 10,000 documents from a\ndata stream, index, or alias. Each row in the resulting table represents a\ndocument. Each column corresponds to a field, and can be accessed by the name\nof that field.\n\n[source,esql]\n----\nFROM employees\n----\n\nYou can use <> to refer to indices, aliases\nand data streams. This can be useful for time series data, for example to access\ntoday's index:\n\n[source,esql]\n----\nFROM \n----\n\nUse comma-separated lists or wildcards to query multiple data streams, indices,\nor aliases:\n\n[source,esql]\n----\nFROM employees-00001,employees-*\n----\n", metadata: { source: - '/Users/andrew.goldstein/Projects/forks/andrew-goldstein/kibana/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/source_commands/from.asciidoc', + '/Users/andrew.goldstein/Projects/forks/andrew-goldstein/kibana/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/source_commands/from.asciidoc', }, }, { diff --git a/x-pack/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/elasticsearch_store.ts b/x-pack/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/elasticsearch_store.ts index d135ffb734bd4..52f3fe87275db 100644 --- a/x-pack/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/elasticsearch_store.ts +++ b/x-pack/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/elasticsearch_store.ts @@ -122,7 +122,7 @@ export class ElasticsearchStore extends VectorStore { i.index?._id != null && i.index.error == null ? [i.index._id] : [] ); } catch (e) { - this.logger.error('Error loading data into KB', e); + this.logger.error(`Error loading data into KB\n ${e}`); return []; } }; diff --git a/x-pack/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/helpers/get_flattened_hits.test.ts b/x-pack/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/helpers/get_flattened_hits.test.ts index 4ceda3904d420..cc08a95cdb532 100644 --- a/x-pack/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/helpers/get_flattened_hits.test.ts +++ b/x-pack/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/helpers/get_flattened_hits.test.ts @@ -29,7 +29,7 @@ describe('getFlattenedHits', () => { "[[esql-from]]\n=== `FROM`\n\nThe `FROM` source command returns a table with up to 10,000 documents from a\ndata stream, index, or alias. Each row in the resulting table represents a\ndocument. Each column corresponds to a field, and can be accessed by the name\nof that field.\n\n[source,esql]\n----\nFROM employees\n----\n\nYou can use <> to refer to indices, aliases\nand data streams. This can be useful for time series data, for example to access\ntoday's index:\n\n[source,esql]\n----\nFROM \n----\n\nUse comma-separated lists or wildcards to query multiple data streams, indices,\nor aliases:\n\n[source,esql]\n----\nFROM employees-00001,employees-*\n----\n", metadata: { source: - '/Users/andrew.goldstein/Projects/forks/andrew-goldstein/kibana/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/docs/source_commands/from.asciidoc', + '/Users/andrew.goldstein/Projects/forks/andrew-goldstein/kibana/x-pack/plugins/elastic_assistant/server/knowledge_base/esql/documentation/source_commands/from.asciidoc', }, }, ]; diff --git a/x-pack/plugins/elastic_assistant/server/lib/model_evaluator/output_index/utils.ts b/x-pack/plugins/elastic_assistant/server/lib/model_evaluator/output_index/utils.ts index 3782ab780e30b..61b410df49aa0 100644 --- a/x-pack/plugins/elastic_assistant/server/lib/model_evaluator/output_index/utils.ts +++ b/x-pack/plugins/elastic_assistant/server/lib/model_evaluator/output_index/utils.ts @@ -98,7 +98,7 @@ export const indexEvaluations = async ({ return true; } catch (e) { - logger.error('Error indexing data into the evaluation index', e); + logger.error(`Error indexing data into the evaluation index\n${e}`); return false; } }; From b225fc66982484f754703be9bb3da11e396633e2 Mon Sep 17 00:00:00 2001 From: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Date: Thu, 19 Oct 2023 01:03:43 -0400 Subject: [PATCH 15/50] [api-docs] 2023-10-19 Daily api_docs build (#169332) Generated by https://buildkite.com/elastic/kibana-api-docs-daily/builds/495 --- api_docs/actions.mdx | 2 +- api_docs/advanced_settings.mdx | 2 +- api_docs/aiops.mdx | 2 +- api_docs/alerting.devdocs.json | 353 ++++- api_docs/alerting.mdx | 4 +- api_docs/apm.mdx | 2 +- api_docs/apm_data_access.mdx | 2 +- api_docs/asset_manager.mdx | 2 +- api_docs/banners.mdx | 2 +- api_docs/bfetch.mdx | 2 +- api_docs/canvas.mdx | 2 +- api_docs/cases.mdx | 2 +- api_docs/charts.mdx | 2 +- api_docs/cloud.mdx | 2 +- api_docs/cloud_data_migration.mdx | 2 +- api_docs/cloud_defend.mdx | 2 +- api_docs/cloud_experiments.mdx | 2 +- api_docs/cloud_security_posture.mdx | 2 +- api_docs/console.mdx | 2 +- api_docs/content_management.mdx | 2 +- api_docs/controls.mdx | 2 +- api_docs/custom_integrations.mdx | 2 +- api_docs/dashboard.mdx | 2 +- api_docs/dashboard_enhanced.mdx | 2 +- api_docs/data.mdx | 2 +- api_docs/data_query.mdx | 2 +- api_docs/data_search.mdx | 2 +- api_docs/data_view_editor.mdx | 2 +- api_docs/data_view_field_editor.mdx | 2 +- api_docs/data_view_management.mdx | 2 +- api_docs/data_views.mdx | 2 +- api_docs/data_visualizer.mdx | 2 +- api_docs/deprecations_by_api.mdx | 2 +- api_docs/deprecations_by_plugin.mdx | 4 +- api_docs/deprecations_by_team.mdx | 2 +- api_docs/dev_tools.mdx | 2 +- api_docs/discover.mdx | 2 +- api_docs/discover_enhanced.mdx | 2 +- api_docs/ecs_data_quality_dashboard.mdx | 2 +- api_docs/elastic_assistant.mdx | 2 +- api_docs/embeddable.mdx | 2 +- api_docs/embeddable_enhanced.mdx | 2 +- api_docs/encrypted_saved_objects.mdx | 2 +- api_docs/enterprise_search.mdx | 2 +- api_docs/es_ui_shared.mdx | 2 +- api_docs/event_annotation.mdx | 2 +- api_docs/event_annotation_listing.mdx | 2 +- api_docs/event_log.mdx | 2 +- api_docs/exploratory_view.mdx | 2 +- api_docs/expression_error.mdx | 2 +- api_docs/expression_gauge.mdx | 2 +- api_docs/expression_heatmap.mdx | 2 +- api_docs/expression_image.mdx | 2 +- api_docs/expression_legacy_metric_vis.mdx | 2 +- api_docs/expression_metric.mdx | 2 +- api_docs/expression_metric_vis.mdx | 2 +- api_docs/expression_partition_vis.mdx | 2 +- api_docs/expression_repeat_image.mdx | 2 +- api_docs/expression_reveal_image.mdx | 2 +- api_docs/expression_shape.mdx | 2 +- api_docs/expression_tagcloud.mdx | 2 +- api_docs/expression_x_y.mdx | 2 +- api_docs/expressions.mdx | 2 +- api_docs/features.mdx | 2 +- api_docs/field_formats.mdx | 2 +- api_docs/file_upload.mdx | 2 +- api_docs/files.mdx | 2 +- api_docs/files_management.mdx | 2 +- api_docs/fleet.mdx | 2 +- api_docs/global_search.mdx | 2 +- api_docs/guided_onboarding.mdx | 2 +- api_docs/home.mdx | 2 +- api_docs/image_embeddable.mdx | 2 +- api_docs/index_lifecycle_management.mdx | 2 +- api_docs/index_management.devdocs.json | 2 +- api_docs/index_management.mdx | 2 +- api_docs/infra.mdx | 2 +- api_docs/inspector.mdx | 2 +- api_docs/interactive_setup.mdx | 2 +- api_docs/kbn_ace.mdx | 2 +- api_docs/kbn_aiops_components.mdx | 2 +- api_docs/kbn_aiops_utils.mdx | 2 +- .../kbn_alerting_api_integration_helpers.mdx | 2 +- api_docs/kbn_alerting_state_types.mdx | 2 +- .../kbn_alerts_as_data_utils.devdocs.json | 14 +- api_docs/kbn_alerts_as_data_utils.mdx | 2 +- api_docs/kbn_alerts_ui_shared.mdx | 2 +- api_docs/kbn_analytics.mdx | 2 +- api_docs/kbn_analytics_client.mdx | 2 +- ..._analytics_shippers_elastic_v3_browser.mdx | 2 +- ...n_analytics_shippers_elastic_v3_common.mdx | 2 +- ...n_analytics_shippers_elastic_v3_server.mdx | 2 +- api_docs/kbn_analytics_shippers_fullstory.mdx | 2 +- api_docs/kbn_analytics_shippers_gainsight.mdx | 2 +- api_docs/kbn_apm_config_loader.mdx | 2 +- api_docs/kbn_apm_synthtrace.mdx | 2 +- api_docs/kbn_apm_synthtrace_client.mdx | 2 +- api_docs/kbn_apm_utils.mdx | 2 +- api_docs/kbn_axe_config.mdx | 2 +- api_docs/kbn_cases_components.mdx | 2 +- api_docs/kbn_cell_actions.mdx | 2 +- api_docs/kbn_chart_expressions_common.mdx | 2 +- api_docs/kbn_chart_icons.mdx | 2 +- api_docs/kbn_ci_stats_core.mdx | 2 +- api_docs/kbn_ci_stats_performance_metrics.mdx | 2 +- api_docs/kbn_ci_stats_reporter.mdx | 2 +- api_docs/kbn_cli_dev_mode.mdx | 2 +- api_docs/kbn_code_editor.mdx | 2 +- api_docs/kbn_code_editor_mocks.mdx | 2 +- api_docs/kbn_coloring.mdx | 2 +- api_docs/kbn_config.mdx | 2 +- api_docs/kbn_config_mocks.mdx | 2 +- api_docs/kbn_config_schema.mdx | 2 +- .../kbn_content_management_content_editor.mdx | 2 +- ...tent_management_tabbed_table_list_view.mdx | 2 +- ...kbn_content_management_table_list_view.mdx | 2 +- ...ntent_management_table_list_view_table.mdx | 2 +- api_docs/kbn_content_management_utils.mdx | 2 +- api_docs/kbn_core_analytics_browser.mdx | 2 +- .../kbn_core_analytics_browser_internal.mdx | 2 +- api_docs/kbn_core_analytics_browser_mocks.mdx | 2 +- api_docs/kbn_core_analytics_server.mdx | 2 +- .../kbn_core_analytics_server_internal.mdx | 2 +- api_docs/kbn_core_analytics_server_mocks.mdx | 2 +- api_docs/kbn_core_application_browser.mdx | 2 +- .../kbn_core_application_browser_internal.mdx | 2 +- .../kbn_core_application_browser_mocks.mdx | 2 +- api_docs/kbn_core_application_common.mdx | 2 +- api_docs/kbn_core_apps_browser_internal.mdx | 2 +- api_docs/kbn_core_apps_browser_mocks.mdx | 2 +- api_docs/kbn_core_apps_server_internal.mdx | 2 +- api_docs/kbn_core_base_browser_mocks.mdx | 2 +- api_docs/kbn_core_base_common.mdx | 2 +- api_docs/kbn_core_base_server_internal.mdx | 2 +- api_docs/kbn_core_base_server_mocks.mdx | 2 +- .../kbn_core_capabilities_browser_mocks.mdx | 2 +- api_docs/kbn_core_capabilities_common.mdx | 2 +- api_docs/kbn_core_capabilities_server.mdx | 2 +- .../kbn_core_capabilities_server_mocks.mdx | 2 +- api_docs/kbn_core_chrome_browser.devdocs.json | 275 +--- api_docs/kbn_core_chrome_browser.mdx | 4 +- api_docs/kbn_core_chrome_browser_mocks.mdx | 2 +- api_docs/kbn_core_config_server_internal.mdx | 2 +- api_docs/kbn_core_custom_branding_browser.mdx | 2 +- ..._core_custom_branding_browser_internal.mdx | 2 +- ...kbn_core_custom_branding_browser_mocks.mdx | 2 +- api_docs/kbn_core_custom_branding_common.mdx | 2 +- api_docs/kbn_core_custom_branding_server.mdx | 2 +- ...n_core_custom_branding_server_internal.mdx | 2 +- .../kbn_core_custom_branding_server_mocks.mdx | 2 +- api_docs/kbn_core_deprecations_browser.mdx | 2 +- ...kbn_core_deprecations_browser_internal.mdx | 2 +- .../kbn_core_deprecations_browser_mocks.mdx | 2 +- api_docs/kbn_core_deprecations_common.mdx | 2 +- api_docs/kbn_core_deprecations_server.mdx | 2 +- .../kbn_core_deprecations_server_internal.mdx | 2 +- .../kbn_core_deprecations_server_mocks.mdx | 2 +- api_docs/kbn_core_doc_links_browser.mdx | 2 +- api_docs/kbn_core_doc_links_browser_mocks.mdx | 2 +- api_docs/kbn_core_doc_links_server.mdx | 2 +- api_docs/kbn_core_doc_links_server_mocks.mdx | 2 +- ...e_elasticsearch_client_server_internal.mdx | 2 +- ...core_elasticsearch_client_server_mocks.mdx | 2 +- api_docs/kbn_core_elasticsearch_server.mdx | 2 +- ...kbn_core_elasticsearch_server_internal.mdx | 2 +- .../kbn_core_elasticsearch_server_mocks.mdx | 2 +- .../kbn_core_environment_server_internal.mdx | 2 +- .../kbn_core_environment_server_mocks.mdx | 2 +- .../kbn_core_execution_context_browser.mdx | 2 +- ...ore_execution_context_browser_internal.mdx | 2 +- ...n_core_execution_context_browser_mocks.mdx | 2 +- .../kbn_core_execution_context_common.mdx | 2 +- .../kbn_core_execution_context_server.mdx | 2 +- ...core_execution_context_server_internal.mdx | 2 +- ...bn_core_execution_context_server_mocks.mdx | 2 +- api_docs/kbn_core_fatal_errors_browser.mdx | 2 +- .../kbn_core_fatal_errors_browser_mocks.mdx | 2 +- api_docs/kbn_core_http_browser.mdx | 2 +- api_docs/kbn_core_http_browser_internal.mdx | 2 +- api_docs/kbn_core_http_browser_mocks.mdx | 2 +- api_docs/kbn_core_http_common.mdx | 2 +- .../kbn_core_http_context_server_mocks.mdx | 2 +- ...re_http_request_handler_context_server.mdx | 2 +- api_docs/kbn_core_http_resources_server.mdx | 2 +- ...bn_core_http_resources_server_internal.mdx | 2 +- .../kbn_core_http_resources_server_mocks.mdx | 2 +- .../kbn_core_http_router_server_internal.mdx | 2 +- .../kbn_core_http_router_server_mocks.mdx | 2 +- api_docs/kbn_core_http_server.devdocs.json | 16 + api_docs/kbn_core_http_server.mdx | 2 +- api_docs/kbn_core_http_server_internal.mdx | 2 +- api_docs/kbn_core_http_server_mocks.mdx | 2 +- api_docs/kbn_core_i18n_browser.mdx | 2 +- api_docs/kbn_core_i18n_browser_mocks.mdx | 2 +- api_docs/kbn_core_i18n_server.mdx | 2 +- api_docs/kbn_core_i18n_server_internal.mdx | 2 +- api_docs/kbn_core_i18n_server_mocks.mdx | 2 +- ...n_core_injected_metadata_browser_mocks.mdx | 2 +- ...kbn_core_integrations_browser_internal.mdx | 2 +- .../kbn_core_integrations_browser_mocks.mdx | 2 +- api_docs/kbn_core_lifecycle_browser.mdx | 2 +- api_docs/kbn_core_lifecycle_browser_mocks.mdx | 2 +- api_docs/kbn_core_lifecycle_server.mdx | 2 +- api_docs/kbn_core_lifecycle_server_mocks.mdx | 2 +- api_docs/kbn_core_logging_browser_mocks.mdx | 2 +- api_docs/kbn_core_logging_common_internal.mdx | 2 +- api_docs/kbn_core_logging_server.mdx | 2 +- api_docs/kbn_core_logging_server_internal.mdx | 2 +- api_docs/kbn_core_logging_server_mocks.mdx | 2 +- ...ore_metrics_collectors_server_internal.mdx | 2 +- ...n_core_metrics_collectors_server_mocks.mdx | 2 +- api_docs/kbn_core_metrics_server.mdx | 2 +- api_docs/kbn_core_metrics_server_internal.mdx | 2 +- api_docs/kbn_core_metrics_server_mocks.mdx | 2 +- api_docs/kbn_core_mount_utils_browser.mdx | 2 +- api_docs/kbn_core_node_server.mdx | 2 +- api_docs/kbn_core_node_server_internal.mdx | 2 +- api_docs/kbn_core_node_server_mocks.mdx | 2 +- api_docs/kbn_core_notifications_browser.mdx | 2 +- ...bn_core_notifications_browser_internal.mdx | 2 +- .../kbn_core_notifications_browser_mocks.mdx | 2 +- api_docs/kbn_core_overlays_browser.mdx | 2 +- .../kbn_core_overlays_browser_internal.mdx | 2 +- api_docs/kbn_core_overlays_browser_mocks.mdx | 2 +- api_docs/kbn_core_plugins_browser.mdx | 2 +- api_docs/kbn_core_plugins_browser_mocks.mdx | 2 +- api_docs/kbn_core_plugins_server.mdx | 2 +- api_docs/kbn_core_plugins_server_mocks.mdx | 2 +- api_docs/kbn_core_preboot_server.mdx | 2 +- api_docs/kbn_core_preboot_server_mocks.mdx | 2 +- api_docs/kbn_core_rendering_browser_mocks.mdx | 2 +- .../kbn_core_rendering_server_internal.mdx | 2 +- api_docs/kbn_core_rendering_server_mocks.mdx | 2 +- api_docs/kbn_core_root_server_internal.mdx | 2 +- .../kbn_core_saved_objects_api_browser.mdx | 2 +- .../kbn_core_saved_objects_api_server.mdx | 2 +- ...bn_core_saved_objects_api_server_mocks.mdx | 2 +- ...ore_saved_objects_base_server_internal.mdx | 2 +- ...n_core_saved_objects_base_server_mocks.mdx | 2 +- api_docs/kbn_core_saved_objects_browser.mdx | 2 +- ...bn_core_saved_objects_browser_internal.mdx | 2 +- .../kbn_core_saved_objects_browser_mocks.mdx | 2 +- api_docs/kbn_core_saved_objects_common.mdx | 2 +- ..._objects_import_export_server_internal.mdx | 2 +- ...ved_objects_import_export_server_mocks.mdx | 2 +- ...aved_objects_migration_server_internal.mdx | 2 +- ...e_saved_objects_migration_server_mocks.mdx | 2 +- api_docs/kbn_core_saved_objects_server.mdx | 2 +- ...kbn_core_saved_objects_server_internal.mdx | 2 +- .../kbn_core_saved_objects_server_mocks.mdx | 2 +- .../kbn_core_saved_objects_utils_server.mdx | 2 +- api_docs/kbn_core_status_common.mdx | 2 +- api_docs/kbn_core_status_common_internal.mdx | 2 +- api_docs/kbn_core_status_server.mdx | 2 +- api_docs/kbn_core_status_server_internal.mdx | 2 +- api_docs/kbn_core_status_server_mocks.mdx | 2 +- ...core_test_helpers_deprecations_getters.mdx | 2 +- ...n_core_test_helpers_http_setup_browser.mdx | 2 +- api_docs/kbn_core_test_helpers_kbn_server.mdx | 2 +- .../kbn_core_test_helpers_model_versions.mdx | 2 +- ...n_core_test_helpers_so_type_serializer.mdx | 2 +- api_docs/kbn_core_test_helpers_test_utils.mdx | 2 +- api_docs/kbn_core_theme_browser.mdx | 2 +- api_docs/kbn_core_theme_browser_mocks.mdx | 2 +- api_docs/kbn_core_ui_settings_browser.mdx | 2 +- .../kbn_core_ui_settings_browser_internal.mdx | 2 +- .../kbn_core_ui_settings_browser_mocks.mdx | 2 +- api_docs/kbn_core_ui_settings_common.mdx | 2 +- api_docs/kbn_core_ui_settings_server.mdx | 2 +- .../kbn_core_ui_settings_server_internal.mdx | 2 +- .../kbn_core_ui_settings_server_mocks.mdx | 2 +- api_docs/kbn_core_usage_data_server.mdx | 2 +- .../kbn_core_usage_data_server_internal.mdx | 2 +- api_docs/kbn_core_usage_data_server_mocks.mdx | 2 +- api_docs/kbn_core_user_settings_server.mdx | 2 +- ...kbn_core_user_settings_server_internal.mdx | 2 +- .../kbn_core_user_settings_server_mocks.mdx | 2 +- api_docs/kbn_crypto.mdx | 2 +- api_docs/kbn_crypto_browser.mdx | 2 +- api_docs/kbn_custom_integrations.mdx | 2 +- api_docs/kbn_cypress_config.mdx | 2 +- api_docs/kbn_data_service.mdx | 2 +- api_docs/kbn_datemath.mdx | 2 +- api_docs/kbn_deeplinks_analytics.mdx | 2 +- api_docs/kbn_deeplinks_devtools.mdx | 2 +- api_docs/kbn_deeplinks_management.mdx | 2 +- api_docs/kbn_deeplinks_ml.mdx | 2 +- api_docs/kbn_deeplinks_observability.mdx | 2 +- api_docs/kbn_deeplinks_search.mdx | 2 +- .../kbn_default_nav_analytics.devdocs.json | 8 +- api_docs/kbn_default_nav_analytics.mdx | 2 +- .../kbn_default_nav_devtools.devdocs.json | 8 +- api_docs/kbn_default_nav_devtools.mdx | 2 +- .../kbn_default_nav_management.devdocs.json | 8 +- api_docs/kbn_default_nav_management.mdx | 2 +- api_docs/kbn_default_nav_ml.devdocs.json | 8 +- api_docs/kbn_default_nav_ml.mdx | 2 +- api_docs/kbn_dev_cli_errors.mdx | 2 +- api_docs/kbn_dev_cli_runner.mdx | 2 +- api_docs/kbn_dev_proc_runner.mdx | 2 +- api_docs/kbn_dev_utils.mdx | 2 +- api_docs/kbn_discover_utils.mdx | 2 +- api_docs/kbn_doc_links.devdocs.json | 16 +- api_docs/kbn_doc_links.mdx | 4 +- api_docs/kbn_docs_utils.mdx | 2 +- api_docs/kbn_dom_drag_drop.mdx | 2 +- api_docs/kbn_ebt_tools.mdx | 2 +- api_docs/kbn_ecs.mdx | 2 +- api_docs/kbn_ecs_data_quality_dashboard.mdx | 2 +- api_docs/kbn_elastic_assistant.mdx | 2 +- api_docs/kbn_es.mdx | 2 +- api_docs/kbn_es_archiver.mdx | 2 +- api_docs/kbn_es_errors.mdx | 2 +- api_docs/kbn_es_query.mdx | 2 +- api_docs/kbn_es_types.mdx | 2 +- api_docs/kbn_eslint_plugin_imports.mdx | 2 +- api_docs/kbn_event_annotation_common.mdx | 2 +- api_docs/kbn_event_annotation_components.mdx | 2 +- api_docs/kbn_expandable_flyout.mdx | 2 +- api_docs/kbn_field_types.mdx | 2 +- api_docs/kbn_field_utils.devdocs.json | 123 ++ api_docs/kbn_field_utils.mdx | 4 +- api_docs/kbn_find_used_node_modules.mdx | 2 +- .../kbn_ftr_common_functional_services.mdx | 2 +- api_docs/kbn_generate.mdx | 2 +- api_docs/kbn_generate_console_definitions.mdx | 2 +- api_docs/kbn_generate_csv.mdx | 2 +- api_docs/kbn_generate_csv_types.mdx | 2 +- api_docs/kbn_guided_onboarding.mdx | 2 +- api_docs/kbn_handlebars.mdx | 2 +- api_docs/kbn_hapi_mocks.mdx | 2 +- api_docs/kbn_health_gateway_server.mdx | 2 +- api_docs/kbn_home_sample_data_card.mdx | 2 +- api_docs/kbn_home_sample_data_tab.mdx | 2 +- api_docs/kbn_i18n.mdx | 2 +- api_docs/kbn_i18n_react.mdx | 2 +- api_docs/kbn_import_resolver.mdx | 2 +- api_docs/kbn_infra_forge.mdx | 2 +- api_docs/kbn_interpreter.mdx | 2 +- api_docs/kbn_io_ts_utils.mdx | 2 +- api_docs/kbn_jest_serializers.mdx | 2 +- api_docs/kbn_journeys.mdx | 2 +- api_docs/kbn_json_ast.mdx | 2 +- api_docs/kbn_kibana_manifest_schema.mdx | 2 +- .../kbn_language_documentation_popover.mdx | 2 +- api_docs/kbn_lens_embeddable_utils.mdx | 2 +- api_docs/kbn_logging.mdx | 2 +- api_docs/kbn_logging_mocks.mdx | 2 +- api_docs/kbn_managed_vscode_config.mdx | 2 +- api_docs/kbn_management_cards_navigation.mdx | 2 +- .../kbn_management_settings_application.mdx | 2 +- ...ent_settings_components_field_category.mdx | 2 +- ...gement_settings_components_field_input.mdx | 2 +- ...nagement_settings_components_field_row.mdx | 2 +- ...bn_management_settings_components_form.mdx | 2 +- ...n_management_settings_field_definition.mdx | 2 +- api_docs/kbn_management_settings_ids.mdx | 2 +- ...n_management_settings_section_registry.mdx | 2 +- api_docs/kbn_management_settings_types.mdx | 2 +- .../kbn_management_settings_utilities.mdx | 2 +- api_docs/kbn_management_storybook_config.mdx | 2 +- api_docs/kbn_mapbox_gl.mdx | 2 +- api_docs/kbn_maps_vector_tile_utils.mdx | 2 +- api_docs/kbn_ml_agg_utils.mdx | 2 +- api_docs/kbn_ml_anomaly_utils.mdx | 2 +- api_docs/kbn_ml_category_validator.mdx | 2 +- api_docs/kbn_ml_chi2test.mdx | 2 +- .../kbn_ml_data_frame_analytics_utils.mdx | 2 +- api_docs/kbn_ml_data_grid.mdx | 2 +- api_docs/kbn_ml_date_picker.mdx | 2 +- api_docs/kbn_ml_date_utils.mdx | 2 +- api_docs/kbn_ml_error_utils.mdx | 2 +- api_docs/kbn_ml_in_memory_table.mdx | 2 +- api_docs/kbn_ml_is_defined.mdx | 2 +- api_docs/kbn_ml_is_populated_object.mdx | 2 +- api_docs/kbn_ml_kibana_theme.mdx | 2 +- api_docs/kbn_ml_local_storage.mdx | 2 +- api_docs/kbn_ml_nested_property.mdx | 2 +- api_docs/kbn_ml_number_utils.mdx | 2 +- api_docs/kbn_ml_query_utils.mdx | 2 +- api_docs/kbn_ml_random_sampler_utils.mdx | 2 +- api_docs/kbn_ml_route_utils.mdx | 2 +- api_docs/kbn_ml_runtime_field_utils.mdx | 2 +- api_docs/kbn_ml_string_hash.mdx | 2 +- api_docs/kbn_ml_trained_models_utils.mdx | 2 +- api_docs/kbn_ml_url_state.mdx | 2 +- api_docs/kbn_monaco.mdx | 2 +- api_docs/kbn_object_versioning.mdx | 2 +- api_docs/kbn_observability_alert_details.mdx | 2 +- ...ervability_alerting_test_data.devdocs.json | 1348 +++++++++++++++++ .../kbn_observability_alerting_test_data.mdx | 33 + api_docs/kbn_openapi_generator.mdx | 2 +- api_docs/kbn_optimizer.mdx | 2 +- api_docs/kbn_optimizer_webpack_helpers.mdx | 2 +- api_docs/kbn_osquery_io_ts_types.mdx | 2 +- ..._performance_testing_dataset_extractor.mdx | 2 +- api_docs/kbn_plugin_generator.mdx | 2 +- api_docs/kbn_plugin_helpers.mdx | 2 +- api_docs/kbn_profiling_utils.mdx | 2 +- api_docs/kbn_random_sampling.mdx | 2 +- api_docs/kbn_react_field.mdx | 2 +- api_docs/kbn_react_kibana_context_common.mdx | 2 +- api_docs/kbn_react_kibana_context_render.mdx | 2 +- api_docs/kbn_react_kibana_context_root.mdx | 2 +- api_docs/kbn_react_kibana_context_styled.mdx | 2 +- api_docs/kbn_react_kibana_context_theme.mdx | 2 +- api_docs/kbn_react_kibana_mount.mdx | 2 +- api_docs/kbn_repo_file_maps.mdx | 2 +- api_docs/kbn_repo_linter.mdx | 2 +- api_docs/kbn_repo_path.mdx | 2 +- api_docs/kbn_repo_source_classifier.mdx | 2 +- api_docs/kbn_reporting_common.mdx | 2 +- api_docs/kbn_resizable_layout.mdx | 2 +- api_docs/kbn_rison.mdx | 2 +- api_docs/kbn_rrule.mdx | 2 +- api_docs/kbn_rule_data_utils.mdx | 2 +- api_docs/kbn_saved_objects_settings.mdx | 2 +- api_docs/kbn_search_api_panels.mdx | 2 +- api_docs/kbn_search_connectors.devdocs.json | 1163 ++++++++++++-- api_docs/kbn_search_connectors.mdx | 4 +- api_docs/kbn_search_response_warnings.mdx | 2 +- api_docs/kbn_security_solution_features.mdx | 2 +- api_docs/kbn_security_solution_navigation.mdx | 2 +- api_docs/kbn_security_solution_side_nav.mdx | 2 +- ...kbn_security_solution_storybook_config.mdx | 2 +- .../kbn_securitysolution_autocomplete.mdx | 2 +- api_docs/kbn_securitysolution_data_table.mdx | 2 +- api_docs/kbn_securitysolution_ecs.mdx | 2 +- api_docs/kbn_securitysolution_es_utils.mdx | 2 +- ...ritysolution_exception_list_components.mdx | 2 +- api_docs/kbn_securitysolution_grouping.mdx | 2 +- api_docs/kbn_securitysolution_hook_utils.mdx | 2 +- ..._securitysolution_io_ts_alerting_types.mdx | 2 +- .../kbn_securitysolution_io_ts_list_types.mdx | 2 +- api_docs/kbn_securitysolution_io_ts_types.mdx | 2 +- api_docs/kbn_securitysolution_io_ts_utils.mdx | 2 +- api_docs/kbn_securitysolution_list_api.mdx | 2 +- .../kbn_securitysolution_list_constants.mdx | 2 +- api_docs/kbn_securitysolution_list_hooks.mdx | 2 +- api_docs/kbn_securitysolution_list_utils.mdx | 2 +- api_docs/kbn_securitysolution_rules.mdx | 2 +- api_docs/kbn_securitysolution_t_grid.mdx | 2 +- api_docs/kbn_securitysolution_utils.mdx | 2 +- api_docs/kbn_server_http_tools.mdx | 2 +- api_docs/kbn_server_route_repository.mdx | 2 +- api_docs/kbn_serverless_common_settings.mdx | 2 +- .../kbn_serverless_observability_settings.mdx | 2 +- api_docs/kbn_serverless_project_switcher.mdx | 2 +- api_docs/kbn_serverless_search_settings.mdx | 2 +- api_docs/kbn_serverless_security_settings.mdx | 2 +- api_docs/kbn_serverless_storybook_config.mdx | 2 +- api_docs/kbn_shared_svg.mdx | 2 +- api_docs/kbn_shared_ux_avatar_solution.mdx | 2 +- ...ared_ux_avatar_user_profile_components.mdx | 2 +- .../kbn_shared_ux_button_exit_full_screen.mdx | 2 +- ...hared_ux_button_exit_full_screen_mocks.mdx | 2 +- api_docs/kbn_shared_ux_button_toolbar.mdx | 2 +- api_docs/kbn_shared_ux_card_no_data.mdx | 2 +- api_docs/kbn_shared_ux_card_no_data_mocks.mdx | 2 +- ...n_shared_ux_chrome_navigation.devdocs.json | 352 ++++- api_docs/kbn_shared_ux_chrome_navigation.mdx | 4 +- api_docs/kbn_shared_ux_file_context.mdx | 2 +- api_docs/kbn_shared_ux_file_image.mdx | 2 +- api_docs/kbn_shared_ux_file_image_mocks.mdx | 2 +- api_docs/kbn_shared_ux_file_mocks.mdx | 2 +- api_docs/kbn_shared_ux_file_picker.mdx | 2 +- api_docs/kbn_shared_ux_file_types.mdx | 2 +- api_docs/kbn_shared_ux_file_upload.mdx | 2 +- api_docs/kbn_shared_ux_file_util.mdx | 2 +- api_docs/kbn_shared_ux_link_redirect_app.mdx | 2 +- .../kbn_shared_ux_link_redirect_app_mocks.mdx | 2 +- api_docs/kbn_shared_ux_markdown.mdx | 2 +- api_docs/kbn_shared_ux_markdown_mocks.mdx | 2 +- .../kbn_shared_ux_page_analytics_no_data.mdx | 2 +- ...shared_ux_page_analytics_no_data_mocks.mdx | 2 +- .../kbn_shared_ux_page_kibana_no_data.mdx | 2 +- ...bn_shared_ux_page_kibana_no_data_mocks.mdx | 2 +- .../kbn_shared_ux_page_kibana_template.mdx | 2 +- ...n_shared_ux_page_kibana_template_mocks.mdx | 2 +- api_docs/kbn_shared_ux_page_no_data.mdx | 2 +- .../kbn_shared_ux_page_no_data_config.mdx | 2 +- ...bn_shared_ux_page_no_data_config_mocks.mdx | 2 +- api_docs/kbn_shared_ux_page_no_data_mocks.mdx | 2 +- api_docs/kbn_shared_ux_page_solution_nav.mdx | 2 +- .../kbn_shared_ux_prompt_no_data_views.mdx | 2 +- ...n_shared_ux_prompt_no_data_views_mocks.mdx | 2 +- api_docs/kbn_shared_ux_prompt_not_found.mdx | 2 +- api_docs/kbn_shared_ux_router.mdx | 2 +- api_docs/kbn_shared_ux_router_mocks.mdx | 2 +- api_docs/kbn_shared_ux_storybook_config.mdx | 2 +- api_docs/kbn_shared_ux_storybook_mock.mdx | 2 +- api_docs/kbn_shared_ux_utility.mdx | 2 +- api_docs/kbn_slo_schema.mdx | 2 +- api_docs/kbn_some_dev_log.mdx | 2 +- api_docs/kbn_std.mdx | 2 +- api_docs/kbn_stdio_dev_helpers.mdx | 2 +- api_docs/kbn_storybook.mdx | 2 +- api_docs/kbn_subscription_tracking.mdx | 2 +- api_docs/kbn_telemetry_tools.mdx | 2 +- api_docs/kbn_test.mdx | 2 +- api_docs/kbn_test_jest_helpers.mdx | 2 +- api_docs/kbn_test_subj_selector.mdx | 2 +- api_docs/kbn_text_based_editor.mdx | 2 +- api_docs/kbn_tooling_log.mdx | 2 +- api_docs/kbn_ts_projects.mdx | 2 +- api_docs/kbn_typed_react_router_config.mdx | 2 +- api_docs/kbn_ui_actions_browser.mdx | 2 +- api_docs/kbn_ui_shared_deps_src.mdx | 2 +- api_docs/kbn_ui_theme.mdx | 2 +- api_docs/kbn_unified_data_table.mdx | 2 +- api_docs/kbn_unified_doc_viewer.mdx | 2 +- api_docs/kbn_unified_field_list.mdx | 2 +- api_docs/kbn_url_state.mdx | 2 +- api_docs/kbn_use_tracked_promise.mdx | 2 +- api_docs/kbn_user_profile_components.mdx | 2 +- api_docs/kbn_utility_types.mdx | 2 +- api_docs/kbn_utility_types_jest.mdx | 2 +- api_docs/kbn_utils.mdx | 2 +- api_docs/kbn_visualization_ui_components.mdx | 2 +- api_docs/kbn_xstate_utils.mdx | 2 +- api_docs/kbn_yarn_lock_validator.mdx | 2 +- api_docs/kibana_overview.mdx | 2 +- api_docs/kibana_react.mdx | 2 +- api_docs/kibana_utils.mdx | 2 +- api_docs/kubernetes_security.mdx | 2 +- api_docs/lens.mdx | 2 +- api_docs/license_api_guard.mdx | 2 +- api_docs/license_management.mdx | 2 +- api_docs/licensing.mdx | 2 +- api_docs/links.mdx | 2 +- api_docs/lists.mdx | 2 +- api_docs/log_explorer.mdx | 2 +- api_docs/logs_shared.mdx | 2 +- api_docs/management.devdocs.json | 32 - api_docs/management.mdx | 4 +- api_docs/maps.mdx | 2 +- api_docs/maps_ems.mdx | 2 +- api_docs/metrics_data_access.mdx | 2 +- api_docs/ml.mdx | 2 +- api_docs/monitoring.mdx | 2 +- api_docs/monitoring_collection.mdx | 2 +- api_docs/navigation.mdx | 2 +- api_docs/newsfeed.mdx | 2 +- api_docs/no_data_page.mdx | 2 +- api_docs/notifications.mdx | 2 +- api_docs/observability.mdx | 4 +- .../observability_a_i_assistant.devdocs.json | 6 +- api_docs/observability_a_i_assistant.mdx | 2 +- api_docs/observability_log_explorer.mdx | 2 +- api_docs/observability_onboarding.mdx | 2 +- api_docs/observability_shared.mdx | 2 +- api_docs/osquery.mdx | 2 +- api_docs/painless_lab.mdx | 2 +- api_docs/plugin_directory.mdx | 23 +- api_docs/presentation_util.mdx | 2 +- api_docs/profiling.mdx | 2 +- api_docs/profiling_data_access.mdx | 2 +- api_docs/remote_clusters.mdx | 2 +- api_docs/reporting.mdx | 2 +- api_docs/rollup.mdx | 2 +- api_docs/rule_registry.mdx | 2 +- api_docs/runtime_fields.mdx | 2 +- api_docs/saved_objects.mdx | 2 +- api_docs/saved_objects_finder.mdx | 2 +- api_docs/saved_objects_management.mdx | 2 +- api_docs/saved_objects_tagging.mdx | 2 +- api_docs/saved_objects_tagging_oss.mdx | 2 +- api_docs/saved_search.mdx | 2 +- api_docs/screenshot_mode.mdx | 2 +- api_docs/screenshotting.mdx | 2 +- api_docs/security.mdx | 2 +- api_docs/security_solution.mdx | 2 +- api_docs/security_solution_ess.mdx | 2 +- api_docs/security_solution_serverless.mdx | 2 +- api_docs/serverless.mdx | 2 +- api_docs/serverless_observability.mdx | 2 +- api_docs/serverless_search.mdx | 2 +- api_docs/session_view.mdx | 2 +- api_docs/share.mdx | 2 +- api_docs/snapshot_restore.mdx | 2 +- api_docs/spaces.mdx | 2 +- api_docs/stack_alerts.mdx | 2 +- api_docs/stack_connectors.mdx | 2 +- api_docs/task_manager.mdx | 2 +- api_docs/telemetry.mdx | 2 +- api_docs/telemetry_collection_manager.mdx | 2 +- api_docs/telemetry_collection_xpack.mdx | 2 +- api_docs/telemetry_management_section.mdx | 2 +- api_docs/text_based_languages.mdx | 2 +- api_docs/threat_intelligence.mdx | 2 +- api_docs/timelines.mdx | 2 +- api_docs/transform.mdx | 2 +- api_docs/triggers_actions_ui.devdocs.json | 10 +- api_docs/triggers_actions_ui.mdx | 2 +- api_docs/ui_actions.mdx | 2 +- api_docs/ui_actions_enhanced.mdx | 2 +- api_docs/unified_doc_viewer.mdx | 2 +- api_docs/unified_histogram.mdx | 2 +- api_docs/unified_search.mdx | 2 +- api_docs/unified_search_autocomplete.mdx | 2 +- api_docs/uptime.mdx | 2 +- api_docs/url_forwarding.mdx | 2 +- api_docs/usage_collection.mdx | 2 +- api_docs/ux.mdx | 2 +- api_docs/vis_default_editor.mdx | 2 +- api_docs/vis_type_gauge.mdx | 2 +- api_docs/vis_type_heatmap.mdx | 2 +- api_docs/vis_type_pie.mdx | 2 +- api_docs/vis_type_table.mdx | 2 +- api_docs/vis_type_timelion.mdx | 2 +- api_docs/vis_type_timeseries.mdx | 2 +- api_docs/vis_type_vega.mdx | 2 +- api_docs/vis_type_vislib.mdx | 2 +- api_docs/vis_type_xy.mdx | 2 +- api_docs/visualizations.mdx | 2 +- 615 files changed, 3973 insertions(+), 1035 deletions(-) create mode 100644 api_docs/kbn_observability_alerting_test_data.devdocs.json create mode 100644 api_docs/kbn_observability_alerting_test_data.mdx diff --git a/api_docs/actions.mdx b/api_docs/actions.mdx index f598d299b7952..158ed582074da 100644 --- a/api_docs/actions.mdx +++ b/api_docs/actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/actions title: "actions" image: https://source.unsplash.com/400x175/?github description: API docs for the actions plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'actions'] --- import actionsObj from './actions.devdocs.json'; diff --git a/api_docs/advanced_settings.mdx b/api_docs/advanced_settings.mdx index efdfe59fa3040..8503a4ef8362f 100644 --- a/api_docs/advanced_settings.mdx +++ b/api_docs/advanced_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/advancedSettings title: "advancedSettings" image: https://source.unsplash.com/400x175/?github description: API docs for the advancedSettings plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'advancedSettings'] --- import advancedSettingsObj from './advanced_settings.devdocs.json'; diff --git a/api_docs/aiops.mdx b/api_docs/aiops.mdx index 74da23a1fa1b9..20d9b107b743e 100644 --- a/api_docs/aiops.mdx +++ b/api_docs/aiops.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/aiops title: "aiops" image: https://source.unsplash.com/400x175/?github description: API docs for the aiops plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'aiops'] --- import aiopsObj from './aiops.devdocs.json'; diff --git a/api_docs/alerting.devdocs.json b/api_docs/alerting.devdocs.json index 60198b50b1662..6ed62de4150a0 100644 --- a/api_docs/alerting.devdocs.json +++ b/api_docs/alerting.devdocs.json @@ -3222,6 +3222,38 @@ "path": "x-pack/plugins/alerting/server/types.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "alerting", + "id": "def-server.RuleExecutorOptions.getTimeRange", + "type": "Function", + "tags": [], + "label": "getTimeRange", + "description": [], + "signature": [ + "(timeWindow?: string | undefined) => { dateStart: string; dateEnd: string; }" + ], + "path": "x-pack/plugins/alerting/server/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "alerting", + "id": "def-server.RuleExecutorOptions.getTimeRange.$1", + "type": "string", + "tags": [], + "label": "timeWindow", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/alerting/server/types.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": false + } + ], + "returnComment": [] } ], "initialIsOpen": false @@ -3387,10 +3419,6 @@ "plugin": "infra", "path": "x-pack/plugins/infra/server/lib/alerting/log_threshold/log_threshold_executor.ts" }, - { - "plugin": "infra", - "path": "x-pack/plugins/infra/server/lib/alerting/metric_threshold/metric_threshold_executor.ts" - }, { "plugin": "infra", "path": "x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/inventory_metric_threshold_executor.ts" @@ -8865,17 +8893,31 @@ "pluginId": "alerting", "scope": "common", "docId": "kibAlertingPluginApi", - "section": "def-common.RulesSettingsFlappingProperties", - "text": "RulesSettingsFlappingProperties" + "section": "def-common.RulesSettingsFlapping", + "text": "RulesSettingsFlapping" }, - " & ", + " | undefined" + ], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "alerting", + "id": "def-common.RulesSettings.queryDelay", + "type": "CompoundType", + "tags": [], + "label": "queryDelay", + "description": [], + "signature": [ { "pluginId": "alerting", "scope": "common", "docId": "kibAlertingPluginApi", - "section": "def-common.RulesSettingsModificationMetadata", - "text": "RulesSettingsModificationMetadata" - } + "section": "def-common.RulesSettingsQueryDelay", + "text": "RulesSettingsQueryDelay" + }, + " | undefined" ], "path": "x-pack/plugins/alerting/common/rules_settings.ts", "deprecated": false, @@ -8995,6 +9037,87 @@ ], "initialIsOpen": false }, + { + "parentPluginId": "alerting", + "id": "def-common.RulesSettingsProperties", + "type": "Interface", + "tags": [], + "label": "RulesSettingsProperties", + "description": [], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "alerting", + "id": "def-common.RulesSettingsProperties.flapping", + "type": "Object", + "tags": [], + "label": "flapping", + "description": [], + "signature": [ + { + "pluginId": "alerting", + "scope": "common", + "docId": "kibAlertingPluginApi", + "section": "def-common.RulesSettingsFlappingProperties", + "text": "RulesSettingsFlappingProperties" + }, + " | undefined" + ], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "alerting", + "id": "def-common.RulesSettingsProperties.queryDelay", + "type": "Object", + "tags": [], + "label": "queryDelay", + "description": [], + "signature": [ + { + "pluginId": "alerting", + "scope": "common", + "docId": "kibAlertingPluginApi", + "section": "def-common.RulesSettingsQueryDelayProperties", + "text": "RulesSettingsQueryDelayProperties" + }, + " | undefined" + ], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "alerting", + "id": "def-common.RulesSettingsQueryDelayProperties", + "type": "Interface", + "tags": [], + "label": "RulesSettingsQueryDelayProperties", + "description": [], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "alerting", + "id": "def-common.RulesSettingsQueryDelayProperties.delay", + "type": "number", + "tags": [], + "label": "delay", + "description": [], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, { "parentPluginId": "alerting", "id": "def-common.RuleTagsAggregationFormattedResult", @@ -9540,6 +9663,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "alerting", + "id": "def-common.ALL_QUERY_DELAY_SETTINGS_SUB_FEATURE_ID", + "type": "string", + "tags": [], + "label": "ALL_QUERY_DELAY_SETTINGS_SUB_FEATURE_ID", + "description": [], + "signature": [ + "\"allQueryDelaySettings\"" + ], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "alerting", "id": "def-common.BASE_ALERTING_API_PATH", @@ -9585,6 +9723,36 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "alerting", + "id": "def-common.DEFAULT_QUERY_DELAY", + "type": "number", + "tags": [], + "label": "DEFAULT_QUERY_DELAY", + "description": [], + "signature": [ + "0" + ], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "alerting", + "id": "def-common.DEFAULT_SERVERLESS_QUERY_DELAY", + "type": "number", + "tags": [], + "label": "DEFAULT_SERVERLESS_QUERY_DELAY", + "description": [], + "signature": [ + "15" + ], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "alerting", "id": "def-common.DEFAULT_STATUS_CHANGE_THRESHOLD", @@ -10101,6 +10269,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "alerting", + "id": "def-common.MAX_QUERY_DELAY", + "type": "number", + "tags": [], + "label": "MAX_QUERY_DELAY", + "description": [], + "signature": [ + "60" + ], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "alerting", "id": "def-common.MAX_STATUS_CHANGE_THRESHOLD", @@ -10131,6 +10314,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "alerting", + "id": "def-common.MIN_QUERY_DELAY", + "type": "number", + "tags": [], + "label": "MIN_QUERY_DELAY", + "description": [], + "signature": [ + "0" + ], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "alerting", "id": "def-common.MIN_STATUS_CHANGE_THRESHOLD", @@ -10176,6 +10374,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "alerting", + "id": "def-common.READ_QUERY_DELAY_SETTINGS_SUB_FEATURE_ID", + "type": "string", + "tags": [], + "label": "READ_QUERY_DELAY_SETTINGS_SUB_FEATURE_ID", + "description": [], + "signature": [ + "\"readQueryDelaySettings\"" + ], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "alerting", "id": "def-common.RecoveredActionGroupId", @@ -10473,10 +10686,10 @@ }, { "parentPluginId": "alerting", - "id": "def-common.RULES_SETTINGS_SAVED_OBJECT_ID", + "id": "def-common.RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID", "type": "string", "tags": [], - "label": "RULES_SETTINGS_SAVED_OBJECT_ID", + "label": "RULES_SETTINGS_FLAPPING_SAVED_OBJECT_ID", "description": [], "signature": [ "\"rules-settings\"" @@ -10486,6 +10699,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "alerting", + "id": "def-common.RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID", + "type": "string", + "tags": [], + "label": "RULES_SETTINGS_QUERY_DELAY_SAVED_OBJECT_ID", + "description": [], + "signature": [ + "\"query-delay-settings\"" + ], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "alerting", "id": "def-common.RULES_SETTINGS_SAVED_OBJECT_TYPE", @@ -10553,6 +10781,35 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "alerting", + "id": "def-common.RulesSettingsQueryDelay", + "type": "Type", + "tags": [], + "label": "RulesSettingsQueryDelay", + "description": [], + "signature": [ + { + "pluginId": "alerting", + "scope": "common", + "docId": "kibAlertingPluginApi", + "section": "def-common.RulesSettingsQueryDelayProperties", + "text": "RulesSettingsQueryDelayProperties" + }, + " & ", + { + "pluginId": "alerting", + "scope": "common", + "docId": "kibAlertingPluginApi", + "section": "def-common.RulesSettingsModificationMetadata", + "text": "RulesSettingsModificationMetadata" + } + ], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "alerting", "id": "def-common.RuleStatusValues", @@ -12742,6 +12999,28 @@ "path": "x-pack/plugins/alerting/common/rules_settings.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "alerting", + "id": "def-common.API_PRIVILEGES.READ_QUERY_DELAY_SETTINGS", + "type": "string", + "tags": [], + "label": "READ_QUERY_DELAY_SETTINGS", + "description": [], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "alerting", + "id": "def-common.API_PRIVILEGES.WRITE_QUERY_DELAY_SETTINGS", + "type": "string", + "tags": [], + "label": "WRITE_QUERY_DELAY_SETTINGS", + "description": [], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false @@ -12796,6 +13075,56 @@ ], "initialIsOpen": false }, + { + "parentPluginId": "alerting", + "id": "def-common.DEFAULT_QUERY_DELAY_SETTINGS", + "type": "Object", + "tags": [], + "label": "DEFAULT_QUERY_DELAY_SETTINGS", + "description": [], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "alerting", + "id": "def-common.DEFAULT_QUERY_DELAY_SETTINGS.delay", + "type": "number", + "tags": [], + "label": "delay", + "description": [], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "alerting", + "id": "def-common.DEFAULT_SERVERLESS_QUERY_DELAY_SETTINGS", + "type": "Object", + "tags": [], + "label": "DEFAULT_SERVERLESS_QUERY_DELAY_SETTINGS", + "description": [], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "alerting", + "id": "def-common.DEFAULT_SERVERLESS_QUERY_DELAY_SETTINGS.delay", + "type": "number", + "tags": [], + "label": "delay", + "description": [], + "path": "x-pack/plugins/alerting/common/rules_settings.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, { "parentPluginId": "alerting", "id": "def-common.DISABLE_FLAPPING_SETTINGS", diff --git a/api_docs/alerting.mdx b/api_docs/alerting.mdx index 02dc00b27ca13..26353d98c3c78 100644 --- a/api_docs/alerting.mdx +++ b/api_docs/alerting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/alerting title: "alerting" image: https://source.unsplash.com/400x175/?github description: API docs for the alerting plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'alerting'] --- import alertingObj from './alerting.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-o | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 785 | 1 | 754 | 50 | +| 807 | 1 | 776 | 50 | ## Client diff --git a/api_docs/apm.mdx b/api_docs/apm.mdx index 8287d3919a991..1d85251d50b66 100644 --- a/api_docs/apm.mdx +++ b/api_docs/apm.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/apm title: "apm" image: https://source.unsplash.com/400x175/?github description: API docs for the apm plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'apm'] --- import apmObj from './apm.devdocs.json'; diff --git a/api_docs/apm_data_access.mdx b/api_docs/apm_data_access.mdx index d7b26fd019fce..cfa540d1eebf5 100644 --- a/api_docs/apm_data_access.mdx +++ b/api_docs/apm_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/apmDataAccess title: "apmDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the apmDataAccess plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'apmDataAccess'] --- import apmDataAccessObj from './apm_data_access.devdocs.json'; diff --git a/api_docs/asset_manager.mdx b/api_docs/asset_manager.mdx index 2cff2d5c0849f..5eb226c485aad 100644 --- a/api_docs/asset_manager.mdx +++ b/api_docs/asset_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/assetManager title: "assetManager" image: https://source.unsplash.com/400x175/?github description: API docs for the assetManager plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'assetManager'] --- import assetManagerObj from './asset_manager.devdocs.json'; diff --git a/api_docs/banners.mdx b/api_docs/banners.mdx index 83c98cab152f4..3277fcfba72d7 100644 --- a/api_docs/banners.mdx +++ b/api_docs/banners.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/banners title: "banners" image: https://source.unsplash.com/400x175/?github description: API docs for the banners plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'banners'] --- import bannersObj from './banners.devdocs.json'; diff --git a/api_docs/bfetch.mdx b/api_docs/bfetch.mdx index 47c8f43a041c2..856c9cba5d797 100644 --- a/api_docs/bfetch.mdx +++ b/api_docs/bfetch.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/bfetch title: "bfetch" image: https://source.unsplash.com/400x175/?github description: API docs for the bfetch plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'bfetch'] --- import bfetchObj from './bfetch.devdocs.json'; diff --git a/api_docs/canvas.mdx b/api_docs/canvas.mdx index b8c88c032ee77..f732bed794498 100644 --- a/api_docs/canvas.mdx +++ b/api_docs/canvas.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/canvas title: "canvas" image: https://source.unsplash.com/400x175/?github description: API docs for the canvas plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'canvas'] --- import canvasObj from './canvas.devdocs.json'; diff --git a/api_docs/cases.mdx b/api_docs/cases.mdx index f2fdc68160071..b73e2a2a0e3c3 100644 --- a/api_docs/cases.mdx +++ b/api_docs/cases.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cases title: "cases" image: https://source.unsplash.com/400x175/?github description: API docs for the cases plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cases'] --- import casesObj from './cases.devdocs.json'; diff --git a/api_docs/charts.mdx b/api_docs/charts.mdx index aee8df4a23f9a..167beee091c1e 100644 --- a/api_docs/charts.mdx +++ b/api_docs/charts.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/charts title: "charts" image: https://source.unsplash.com/400x175/?github description: API docs for the charts plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'charts'] --- import chartsObj from './charts.devdocs.json'; diff --git a/api_docs/cloud.mdx b/api_docs/cloud.mdx index 7b8f4eae37dae..c39beca8396dc 100644 --- a/api_docs/cloud.mdx +++ b/api_docs/cloud.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloud title: "cloud" image: https://source.unsplash.com/400x175/?github description: API docs for the cloud plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloud'] --- import cloudObj from './cloud.devdocs.json'; diff --git a/api_docs/cloud_data_migration.mdx b/api_docs/cloud_data_migration.mdx index 03d162c302217..79a651900c7bd 100644 --- a/api_docs/cloud_data_migration.mdx +++ b/api_docs/cloud_data_migration.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudDataMigration title: "cloudDataMigration" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudDataMigration plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudDataMigration'] --- import cloudDataMigrationObj from './cloud_data_migration.devdocs.json'; diff --git a/api_docs/cloud_defend.mdx b/api_docs/cloud_defend.mdx index e8c7b777c983e..630617dae0c7a 100644 --- a/api_docs/cloud_defend.mdx +++ b/api_docs/cloud_defend.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudDefend title: "cloudDefend" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudDefend plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudDefend'] --- import cloudDefendObj from './cloud_defend.devdocs.json'; diff --git a/api_docs/cloud_experiments.mdx b/api_docs/cloud_experiments.mdx index a2366607958b7..ccd27f1a0f7af 100644 --- a/api_docs/cloud_experiments.mdx +++ b/api_docs/cloud_experiments.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudExperiments title: "cloudExperiments" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudExperiments plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudExperiments'] --- import cloudExperimentsObj from './cloud_experiments.devdocs.json'; diff --git a/api_docs/cloud_security_posture.mdx b/api_docs/cloud_security_posture.mdx index 75b7596ba5086..9d250d631d266 100644 --- a/api_docs/cloud_security_posture.mdx +++ b/api_docs/cloud_security_posture.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudSecurityPosture title: "cloudSecurityPosture" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudSecurityPosture plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudSecurityPosture'] --- import cloudSecurityPostureObj from './cloud_security_posture.devdocs.json'; diff --git a/api_docs/console.mdx b/api_docs/console.mdx index 8a3477a8dfacd..19350d4866d3a 100644 --- a/api_docs/console.mdx +++ b/api_docs/console.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/console title: "console" image: https://source.unsplash.com/400x175/?github description: API docs for the console plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'console'] --- import consoleObj from './console.devdocs.json'; diff --git a/api_docs/content_management.mdx b/api_docs/content_management.mdx index 2488f2ac6532a..ee0241543baf7 100644 --- a/api_docs/content_management.mdx +++ b/api_docs/content_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/contentManagement title: "contentManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the contentManagement plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'contentManagement'] --- import contentManagementObj from './content_management.devdocs.json'; diff --git a/api_docs/controls.mdx b/api_docs/controls.mdx index 862602ee17c6a..f37183662b7e6 100644 --- a/api_docs/controls.mdx +++ b/api_docs/controls.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/controls title: "controls" image: https://source.unsplash.com/400x175/?github description: API docs for the controls plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'controls'] --- import controlsObj from './controls.devdocs.json'; diff --git a/api_docs/custom_integrations.mdx b/api_docs/custom_integrations.mdx index b31437b6180ad..2c5962bdfcf70 100644 --- a/api_docs/custom_integrations.mdx +++ b/api_docs/custom_integrations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/customIntegrations title: "customIntegrations" image: https://source.unsplash.com/400x175/?github description: API docs for the customIntegrations plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'customIntegrations'] --- import customIntegrationsObj from './custom_integrations.devdocs.json'; diff --git a/api_docs/dashboard.mdx b/api_docs/dashboard.mdx index e39c03f52d508..0e27071219987 100644 --- a/api_docs/dashboard.mdx +++ b/api_docs/dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dashboard title: "dashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the dashboard plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dashboard'] --- import dashboardObj from './dashboard.devdocs.json'; diff --git a/api_docs/dashboard_enhanced.mdx b/api_docs/dashboard_enhanced.mdx index ab32de268551c..d87dfad40a908 100644 --- a/api_docs/dashboard_enhanced.mdx +++ b/api_docs/dashboard_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dashboardEnhanced title: "dashboardEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the dashboardEnhanced plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dashboardEnhanced'] --- import dashboardEnhancedObj from './dashboard_enhanced.devdocs.json'; diff --git a/api_docs/data.mdx b/api_docs/data.mdx index fce9c0d289758..cee27cecf719c 100644 --- a/api_docs/data.mdx +++ b/api_docs/data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data title: "data" image: https://source.unsplash.com/400x175/?github description: API docs for the data plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data'] --- import dataObj from './data.devdocs.json'; diff --git a/api_docs/data_query.mdx b/api_docs/data_query.mdx index d142b7e5ff89f..672304e9d2088 100644 --- a/api_docs/data_query.mdx +++ b/api_docs/data_query.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data-query title: "data.query" image: https://source.unsplash.com/400x175/?github description: API docs for the data.query plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data.query'] --- import dataQueryObj from './data_query.devdocs.json'; diff --git a/api_docs/data_search.mdx b/api_docs/data_search.mdx index dbf6667d76ddc..c85e5714379b9 100644 --- a/api_docs/data_search.mdx +++ b/api_docs/data_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data-search title: "data.search" image: https://source.unsplash.com/400x175/?github description: API docs for the data.search plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data.search'] --- import dataSearchObj from './data_search.devdocs.json'; diff --git a/api_docs/data_view_editor.mdx b/api_docs/data_view_editor.mdx index fdac0998fc79d..9b38dbc3900e6 100644 --- a/api_docs/data_view_editor.mdx +++ b/api_docs/data_view_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewEditor title: "dataViewEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewEditor plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewEditor'] --- import dataViewEditorObj from './data_view_editor.devdocs.json'; diff --git a/api_docs/data_view_field_editor.mdx b/api_docs/data_view_field_editor.mdx index 21383a76ece72..af878f8fd1f04 100644 --- a/api_docs/data_view_field_editor.mdx +++ b/api_docs/data_view_field_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewFieldEditor title: "dataViewFieldEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewFieldEditor plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewFieldEditor'] --- import dataViewFieldEditorObj from './data_view_field_editor.devdocs.json'; diff --git a/api_docs/data_view_management.mdx b/api_docs/data_view_management.mdx index eb7b2fad1faf6..e4b807ca37b46 100644 --- a/api_docs/data_view_management.mdx +++ b/api_docs/data_view_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewManagement title: "dataViewManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewManagement plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewManagement'] --- import dataViewManagementObj from './data_view_management.devdocs.json'; diff --git a/api_docs/data_views.mdx b/api_docs/data_views.mdx index 5f3de11555319..96cb7a0445063 100644 --- a/api_docs/data_views.mdx +++ b/api_docs/data_views.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViews title: "dataViews" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViews plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViews'] --- import dataViewsObj from './data_views.devdocs.json'; diff --git a/api_docs/data_visualizer.mdx b/api_docs/data_visualizer.mdx index 5122172501e47..ff3da46ce8109 100644 --- a/api_docs/data_visualizer.mdx +++ b/api_docs/data_visualizer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataVisualizer title: "dataVisualizer" image: https://source.unsplash.com/400x175/?github description: API docs for the dataVisualizer plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataVisualizer'] --- import dataVisualizerObj from './data_visualizer.devdocs.json'; diff --git a/api_docs/deprecations_by_api.mdx b/api_docs/deprecations_by_api.mdx index 3bd8dfaf859b0..006f573791448 100644 --- a/api_docs/deprecations_by_api.mdx +++ b/api_docs/deprecations_by_api.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsByApi slug: /kibana-dev-docs/api-meta/deprecated-api-list-by-api title: Deprecated API usage by API description: A list of deprecated APIs, which plugins are still referencing them, and when they need to be removed by. -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- diff --git a/api_docs/deprecations_by_plugin.mdx b/api_docs/deprecations_by_plugin.mdx index 8b9b3cdf5f69c..ffab1485cdcb8 100644 --- a/api_docs/deprecations_by_plugin.mdx +++ b/api_docs/deprecations_by_plugin.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsByPlugin slug: /kibana-dev-docs/api-meta/deprecated-api-list-by-plugin title: Deprecated API usage by plugin description: A list of deprecated APIs, which plugins are still referencing them, and when they need to be removed by. -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -1004,7 +1004,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Deprecated API | Reference location(s) | Remove By | | ---------------|-----------|-----------| -| | [log_threshold_executor.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/server/lib/alerting/log_threshold/log_threshold_executor.ts#:~:text=alertFactory), [log_threshold_executor.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/server/lib/alerting/log_threshold/log_threshold_executor.ts#:~:text=alertFactory), [log_threshold_executor.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/server/lib/alerting/log_threshold/log_threshold_executor.ts#:~:text=alertFactory), [metric_threshold_executor.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/server/lib/alerting/metric_threshold/metric_threshold_executor.ts#:~:text=alertFactory), [inventory_metric_threshold_executor.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/inventory_metric_threshold_executor.ts#:~:text=alertFactory) | - | +| | [log_threshold_executor.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/server/lib/alerting/log_threshold/log_threshold_executor.ts#:~:text=alertFactory), [log_threshold_executor.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/server/lib/alerting/log_threshold/log_threshold_executor.ts#:~:text=alertFactory), [log_threshold_executor.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/server/lib/alerting/log_threshold/log_threshold_executor.ts#:~:text=alertFactory), [inventory_metric_threshold_executor.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/inventory_metric_threshold_executor.ts#:~:text=alertFactory) | - | | | [use_kibana_index_patterns.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/hooks/use_kibana_index_patterns.ts#:~:text=indexPatterns) | - | | | [validation_errors.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/logs/settings/validation_errors.ts#:~:text=title), [validation_errors.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/logs/settings/validation_errors.ts#:~:text=title), [validation_errors.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/logs/settings/validation_errors.ts#:~:text=title), [validation_errors.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/logs/settings/validation_errors.ts#:~:text=title), [index_patterns.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/common/dependency_mocks/index_patterns.ts#:~:text=title), [index_patterns.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/common/dependency_mocks/index_patterns.ts#:~:text=title), [index_patterns.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/common/dependency_mocks/index_patterns.ts#:~:text=title), [use_data_view.test.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/metrics/hosts/hooks/use_data_view.test.ts#:~:text=title), [validation_errors.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/logs/settings/validation_errors.ts#:~:text=title), [validation_errors.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/logs/settings/validation_errors.ts#:~:text=title)+ 6 more | - | | | [validation_errors.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/logs/settings/validation_errors.ts#:~:text=title), [validation_errors.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/logs/settings/validation_errors.ts#:~:text=title), [validation_errors.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/logs/settings/validation_errors.ts#:~:text=title), [validation_errors.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/logs/settings/validation_errors.ts#:~:text=title), [index_patterns.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/common/dependency_mocks/index_patterns.ts#:~:text=title), [index_patterns.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/common/dependency_mocks/index_patterns.ts#:~:text=title), [index_patterns.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/common/dependency_mocks/index_patterns.ts#:~:text=title), [use_data_view.test.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/metrics/hosts/hooks/use_data_view.test.ts#:~:text=title), [validation_errors.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/logs/settings/validation_errors.ts#:~:text=title), [validation_errors.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/infra/public/pages/logs/settings/validation_errors.ts#:~:text=title)+ 6 more | - | diff --git a/api_docs/deprecations_by_team.mdx b/api_docs/deprecations_by_team.mdx index fcaa5cdf99e7e..9b7389f12929a 100644 --- a/api_docs/deprecations_by_team.mdx +++ b/api_docs/deprecations_by_team.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsDueByTeam slug: /kibana-dev-docs/api-meta/deprecations-due-by-team title: Deprecated APIs due to be removed, by team description: Lists the teams that are referencing deprecated APIs with a remove by date. -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- diff --git a/api_docs/dev_tools.mdx b/api_docs/dev_tools.mdx index 21aedd218aa4f..b2b7257829403 100644 --- a/api_docs/dev_tools.mdx +++ b/api_docs/dev_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/devTools title: "devTools" image: https://source.unsplash.com/400x175/?github description: API docs for the devTools plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'devTools'] --- import devToolsObj from './dev_tools.devdocs.json'; diff --git a/api_docs/discover.mdx b/api_docs/discover.mdx index 6062eba281e76..ee882512278dc 100644 --- a/api_docs/discover.mdx +++ b/api_docs/discover.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discover title: "discover" image: https://source.unsplash.com/400x175/?github description: API docs for the discover plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discover'] --- import discoverObj from './discover.devdocs.json'; diff --git a/api_docs/discover_enhanced.mdx b/api_docs/discover_enhanced.mdx index e766717018974..19779887cd452 100644 --- a/api_docs/discover_enhanced.mdx +++ b/api_docs/discover_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discoverEnhanced title: "discoverEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the discoverEnhanced plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discoverEnhanced'] --- import discoverEnhancedObj from './discover_enhanced.devdocs.json'; diff --git a/api_docs/ecs_data_quality_dashboard.mdx b/api_docs/ecs_data_quality_dashboard.mdx index 2cd91fb61456f..fe32623abae25 100644 --- a/api_docs/ecs_data_quality_dashboard.mdx +++ b/api_docs/ecs_data_quality_dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ecsDataQualityDashboard title: "ecsDataQualityDashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the ecsDataQualityDashboard plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ecsDataQualityDashboard'] --- import ecsDataQualityDashboardObj from './ecs_data_quality_dashboard.devdocs.json'; diff --git a/api_docs/elastic_assistant.mdx b/api_docs/elastic_assistant.mdx index 90b235e6f81b7..a47c0aef6a494 100644 --- a/api_docs/elastic_assistant.mdx +++ b/api_docs/elastic_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/elasticAssistant title: "elasticAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the elasticAssistant plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'elasticAssistant'] --- import elasticAssistantObj from './elastic_assistant.devdocs.json'; diff --git a/api_docs/embeddable.mdx b/api_docs/embeddable.mdx index aeb1b2032f94d..da04e00c98540 100644 --- a/api_docs/embeddable.mdx +++ b/api_docs/embeddable.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/embeddable title: "embeddable" image: https://source.unsplash.com/400x175/?github description: API docs for the embeddable plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'embeddable'] --- import embeddableObj from './embeddable.devdocs.json'; diff --git a/api_docs/embeddable_enhanced.mdx b/api_docs/embeddable_enhanced.mdx index 40a066617027f..ab55834e6dc27 100644 --- a/api_docs/embeddable_enhanced.mdx +++ b/api_docs/embeddable_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/embeddableEnhanced title: "embeddableEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the embeddableEnhanced plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'embeddableEnhanced'] --- import embeddableEnhancedObj from './embeddable_enhanced.devdocs.json'; diff --git a/api_docs/encrypted_saved_objects.mdx b/api_docs/encrypted_saved_objects.mdx index 584cd3f07050c..6e012e4163a4f 100644 --- a/api_docs/encrypted_saved_objects.mdx +++ b/api_docs/encrypted_saved_objects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/encryptedSavedObjects title: "encryptedSavedObjects" image: https://source.unsplash.com/400x175/?github description: API docs for the encryptedSavedObjects plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'encryptedSavedObjects'] --- import encryptedSavedObjectsObj from './encrypted_saved_objects.devdocs.json'; diff --git a/api_docs/enterprise_search.mdx b/api_docs/enterprise_search.mdx index f6f428690d66e..b785b3634142a 100644 --- a/api_docs/enterprise_search.mdx +++ b/api_docs/enterprise_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/enterpriseSearch title: "enterpriseSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the enterpriseSearch plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'enterpriseSearch'] --- import enterpriseSearchObj from './enterprise_search.devdocs.json'; diff --git a/api_docs/es_ui_shared.mdx b/api_docs/es_ui_shared.mdx index c50ffd21b3ba9..908dbf5460d75 100644 --- a/api_docs/es_ui_shared.mdx +++ b/api_docs/es_ui_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esUiShared title: "esUiShared" image: https://source.unsplash.com/400x175/?github description: API docs for the esUiShared plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esUiShared'] --- import esUiSharedObj from './es_ui_shared.devdocs.json'; diff --git a/api_docs/event_annotation.mdx b/api_docs/event_annotation.mdx index fe2b80985f59f..ca73b1d3cd5b8 100644 --- a/api_docs/event_annotation.mdx +++ b/api_docs/event_annotation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventAnnotation title: "eventAnnotation" image: https://source.unsplash.com/400x175/?github description: API docs for the eventAnnotation plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventAnnotation'] --- import eventAnnotationObj from './event_annotation.devdocs.json'; diff --git a/api_docs/event_annotation_listing.mdx b/api_docs/event_annotation_listing.mdx index 3c8ac928b35a7..50e9b0c477836 100644 --- a/api_docs/event_annotation_listing.mdx +++ b/api_docs/event_annotation_listing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventAnnotationListing title: "eventAnnotationListing" image: https://source.unsplash.com/400x175/?github description: API docs for the eventAnnotationListing plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventAnnotationListing'] --- import eventAnnotationListingObj from './event_annotation_listing.devdocs.json'; diff --git a/api_docs/event_log.mdx b/api_docs/event_log.mdx index 6655e6b39dcc2..5c86719b1cbe9 100644 --- a/api_docs/event_log.mdx +++ b/api_docs/event_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventLog title: "eventLog" image: https://source.unsplash.com/400x175/?github description: API docs for the eventLog plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventLog'] --- import eventLogObj from './event_log.devdocs.json'; diff --git a/api_docs/exploratory_view.mdx b/api_docs/exploratory_view.mdx index ba280037c0952..625ae306fc840 100644 --- a/api_docs/exploratory_view.mdx +++ b/api_docs/exploratory_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/exploratoryView title: "exploratoryView" image: https://source.unsplash.com/400x175/?github description: API docs for the exploratoryView plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'exploratoryView'] --- import exploratoryViewObj from './exploratory_view.devdocs.json'; diff --git a/api_docs/expression_error.mdx b/api_docs/expression_error.mdx index 0154202e25245..77a66b43b3e70 100644 --- a/api_docs/expression_error.mdx +++ b/api_docs/expression_error.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionError title: "expressionError" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionError plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionError'] --- import expressionErrorObj from './expression_error.devdocs.json'; diff --git a/api_docs/expression_gauge.mdx b/api_docs/expression_gauge.mdx index 92548b77fc1fd..c1f42676a5d09 100644 --- a/api_docs/expression_gauge.mdx +++ b/api_docs/expression_gauge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionGauge title: "expressionGauge" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionGauge plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionGauge'] --- import expressionGaugeObj from './expression_gauge.devdocs.json'; diff --git a/api_docs/expression_heatmap.mdx b/api_docs/expression_heatmap.mdx index 6deb1327a5ff6..9e61045a209da 100644 --- a/api_docs/expression_heatmap.mdx +++ b/api_docs/expression_heatmap.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionHeatmap title: "expressionHeatmap" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionHeatmap plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionHeatmap'] --- import expressionHeatmapObj from './expression_heatmap.devdocs.json'; diff --git a/api_docs/expression_image.mdx b/api_docs/expression_image.mdx index f8870390ed0ed..5672fdde3b2c1 100644 --- a/api_docs/expression_image.mdx +++ b/api_docs/expression_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionImage title: "expressionImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionImage plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionImage'] --- import expressionImageObj from './expression_image.devdocs.json'; diff --git a/api_docs/expression_legacy_metric_vis.mdx b/api_docs/expression_legacy_metric_vis.mdx index 6339f330f1e53..bd57f2d90264a 100644 --- a/api_docs/expression_legacy_metric_vis.mdx +++ b/api_docs/expression_legacy_metric_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionLegacyMetricVis title: "expressionLegacyMetricVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionLegacyMetricVis plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionLegacyMetricVis'] --- import expressionLegacyMetricVisObj from './expression_legacy_metric_vis.devdocs.json'; diff --git a/api_docs/expression_metric.mdx b/api_docs/expression_metric.mdx index a61cb31f6f61c..6ecd23ec5e2c4 100644 --- a/api_docs/expression_metric.mdx +++ b/api_docs/expression_metric.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionMetric title: "expressionMetric" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionMetric plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionMetric'] --- import expressionMetricObj from './expression_metric.devdocs.json'; diff --git a/api_docs/expression_metric_vis.mdx b/api_docs/expression_metric_vis.mdx index bf5b4d05c4816..cbf802858b2f6 100644 --- a/api_docs/expression_metric_vis.mdx +++ b/api_docs/expression_metric_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionMetricVis title: "expressionMetricVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionMetricVis plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionMetricVis'] --- import expressionMetricVisObj from './expression_metric_vis.devdocs.json'; diff --git a/api_docs/expression_partition_vis.mdx b/api_docs/expression_partition_vis.mdx index 3b1336e2c95bf..9a8a0bd98cf27 100644 --- a/api_docs/expression_partition_vis.mdx +++ b/api_docs/expression_partition_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionPartitionVis title: "expressionPartitionVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionPartitionVis plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionPartitionVis'] --- import expressionPartitionVisObj from './expression_partition_vis.devdocs.json'; diff --git a/api_docs/expression_repeat_image.mdx b/api_docs/expression_repeat_image.mdx index 6896cecd5e596..c4c959d6368ca 100644 --- a/api_docs/expression_repeat_image.mdx +++ b/api_docs/expression_repeat_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionRepeatImage title: "expressionRepeatImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionRepeatImage plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionRepeatImage'] --- import expressionRepeatImageObj from './expression_repeat_image.devdocs.json'; diff --git a/api_docs/expression_reveal_image.mdx b/api_docs/expression_reveal_image.mdx index b78ff21638e5e..d252545d90eee 100644 --- a/api_docs/expression_reveal_image.mdx +++ b/api_docs/expression_reveal_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionRevealImage title: "expressionRevealImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionRevealImage plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionRevealImage'] --- import expressionRevealImageObj from './expression_reveal_image.devdocs.json'; diff --git a/api_docs/expression_shape.mdx b/api_docs/expression_shape.mdx index bb4cc8b27c60b..c80d71405912b 100644 --- a/api_docs/expression_shape.mdx +++ b/api_docs/expression_shape.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionShape title: "expressionShape" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionShape plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionShape'] --- import expressionShapeObj from './expression_shape.devdocs.json'; diff --git a/api_docs/expression_tagcloud.mdx b/api_docs/expression_tagcloud.mdx index f6ef3a5b0bd1a..88cfc04dba2cb 100644 --- a/api_docs/expression_tagcloud.mdx +++ b/api_docs/expression_tagcloud.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionTagcloud title: "expressionTagcloud" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionTagcloud plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionTagcloud'] --- import expressionTagcloudObj from './expression_tagcloud.devdocs.json'; diff --git a/api_docs/expression_x_y.mdx b/api_docs/expression_x_y.mdx index 644b16e3e441e..352ff9b5653e7 100644 --- a/api_docs/expression_x_y.mdx +++ b/api_docs/expression_x_y.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionXY title: "expressionXY" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionXY plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionXY'] --- import expressionXYObj from './expression_x_y.devdocs.json'; diff --git a/api_docs/expressions.mdx b/api_docs/expressions.mdx index 8166a8dff084c..a2b7dc59bab5f 100644 --- a/api_docs/expressions.mdx +++ b/api_docs/expressions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressions title: "expressions" image: https://source.unsplash.com/400x175/?github description: API docs for the expressions plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressions'] --- import expressionsObj from './expressions.devdocs.json'; diff --git a/api_docs/features.mdx b/api_docs/features.mdx index 29ef7f49f7b88..42b9b794cb166 100644 --- a/api_docs/features.mdx +++ b/api_docs/features.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/features title: "features" image: https://source.unsplash.com/400x175/?github description: API docs for the features plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'features'] --- import featuresObj from './features.devdocs.json'; diff --git a/api_docs/field_formats.mdx b/api_docs/field_formats.mdx index f30a4ebd3a939..a289c7a78a9a5 100644 --- a/api_docs/field_formats.mdx +++ b/api_docs/field_formats.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fieldFormats title: "fieldFormats" image: https://source.unsplash.com/400x175/?github description: API docs for the fieldFormats plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fieldFormats'] --- import fieldFormatsObj from './field_formats.devdocs.json'; diff --git a/api_docs/file_upload.mdx b/api_docs/file_upload.mdx index 1d097578b94e4..33ec0e834df27 100644 --- a/api_docs/file_upload.mdx +++ b/api_docs/file_upload.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fileUpload title: "fileUpload" image: https://source.unsplash.com/400x175/?github description: API docs for the fileUpload plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fileUpload'] --- import fileUploadObj from './file_upload.devdocs.json'; diff --git a/api_docs/files.mdx b/api_docs/files.mdx index 7eacea44c6840..bb66f98f110f8 100644 --- a/api_docs/files.mdx +++ b/api_docs/files.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/files title: "files" image: https://source.unsplash.com/400x175/?github description: API docs for the files plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'files'] --- import filesObj from './files.devdocs.json'; diff --git a/api_docs/files_management.mdx b/api_docs/files_management.mdx index 3f8ba3184b85a..eb8ad737ae6f0 100644 --- a/api_docs/files_management.mdx +++ b/api_docs/files_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/filesManagement title: "filesManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the filesManagement plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'filesManagement'] --- import filesManagementObj from './files_management.devdocs.json'; diff --git a/api_docs/fleet.mdx b/api_docs/fleet.mdx index 95cb660c99011..36c8d782b9879 100644 --- a/api_docs/fleet.mdx +++ b/api_docs/fleet.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fleet title: "fleet" image: https://source.unsplash.com/400x175/?github description: API docs for the fleet plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fleet'] --- import fleetObj from './fleet.devdocs.json'; diff --git a/api_docs/global_search.mdx b/api_docs/global_search.mdx index 6eeaeb1623a3c..5ebdab4168005 100644 --- a/api_docs/global_search.mdx +++ b/api_docs/global_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/globalSearch title: "globalSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the globalSearch plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'globalSearch'] --- import globalSearchObj from './global_search.devdocs.json'; diff --git a/api_docs/guided_onboarding.mdx b/api_docs/guided_onboarding.mdx index eb0e7ee5570b5..416382d09af4c 100644 --- a/api_docs/guided_onboarding.mdx +++ b/api_docs/guided_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/guidedOnboarding title: "guidedOnboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the guidedOnboarding plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'guidedOnboarding'] --- import guidedOnboardingObj from './guided_onboarding.devdocs.json'; diff --git a/api_docs/home.mdx b/api_docs/home.mdx index cb91f7074f8bd..6eab4bb4052aa 100644 --- a/api_docs/home.mdx +++ b/api_docs/home.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/home title: "home" image: https://source.unsplash.com/400x175/?github description: API docs for the home plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'home'] --- import homeObj from './home.devdocs.json'; diff --git a/api_docs/image_embeddable.mdx b/api_docs/image_embeddable.mdx index 4e9e0efc05c79..6011d185aa8bd 100644 --- a/api_docs/image_embeddable.mdx +++ b/api_docs/image_embeddable.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/imageEmbeddable title: "imageEmbeddable" image: https://source.unsplash.com/400x175/?github description: API docs for the imageEmbeddable plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'imageEmbeddable'] --- import imageEmbeddableObj from './image_embeddable.devdocs.json'; diff --git a/api_docs/index_lifecycle_management.mdx b/api_docs/index_lifecycle_management.mdx index b69e624f94a8b..7539b7d48de1c 100644 --- a/api_docs/index_lifecycle_management.mdx +++ b/api_docs/index_lifecycle_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/indexLifecycleManagement title: "indexLifecycleManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the indexLifecycleManagement plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'indexLifecycleManagement'] --- import indexLifecycleManagementObj from './index_lifecycle_management.devdocs.json'; diff --git a/api_docs/index_management.devdocs.json b/api_docs/index_management.devdocs.json index 6e81bfa83cbff..975b83f855f1b 100644 --- a/api_docs/index_management.devdocs.json +++ b/api_docs/index_management.devdocs.json @@ -848,7 +848,7 @@ "label": "IndexManagementConfig", "description": [], "signature": [ - "{ readonly ui: Readonly<{} & { enabled: boolean; }>; readonly enableIndexActions: boolean; readonly enableLegacyTemplates: boolean; readonly dev: Readonly<{} & { enableIndexDetailsPage: boolean; }>; readonly enableIndexStats: boolean; }" + "{ readonly ui: Readonly<{} & { enabled: boolean; }>; readonly enableIndexActions: boolean; readonly enableLegacyTemplates: boolean; readonly dev: Readonly<{} & { enableIndexDetailsPage: boolean; }>; readonly enableIndexStats: boolean; readonly editableIndexSettings: \"all\" | \"limited\"; }" ], "path": "x-pack/plugins/index_management/server/config.ts", "deprecated": false, diff --git a/api_docs/index_management.mdx b/api_docs/index_management.mdx index df51448155f3a..12778cc5d2262 100644 --- a/api_docs/index_management.mdx +++ b/api_docs/index_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/indexManagement title: "indexManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the indexManagement plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'indexManagement'] --- import indexManagementObj from './index_management.devdocs.json'; diff --git a/api_docs/infra.mdx b/api_docs/infra.mdx index c35679dcf4037..7b7991659007d 100644 --- a/api_docs/infra.mdx +++ b/api_docs/infra.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/infra title: "infra" image: https://source.unsplash.com/400x175/?github description: API docs for the infra plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'infra'] --- import infraObj from './infra.devdocs.json'; diff --git a/api_docs/inspector.mdx b/api_docs/inspector.mdx index 5f48fad8636c5..0456ad9ca6301 100644 --- a/api_docs/inspector.mdx +++ b/api_docs/inspector.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inspector title: "inspector" image: https://source.unsplash.com/400x175/?github description: API docs for the inspector plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inspector'] --- import inspectorObj from './inspector.devdocs.json'; diff --git a/api_docs/interactive_setup.mdx b/api_docs/interactive_setup.mdx index afac3ddae64ca..f281a18138918 100644 --- a/api_docs/interactive_setup.mdx +++ b/api_docs/interactive_setup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/interactiveSetup title: "interactiveSetup" image: https://source.unsplash.com/400x175/?github description: API docs for the interactiveSetup plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'interactiveSetup'] --- import interactiveSetupObj from './interactive_setup.devdocs.json'; diff --git a/api_docs/kbn_ace.mdx b/api_docs/kbn_ace.mdx index 94495a1b3d1cc..97fef78ff7ca2 100644 --- a/api_docs/kbn_ace.mdx +++ b/api_docs/kbn_ace.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ace title: "@kbn/ace" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ace plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ace'] --- import kbnAceObj from './kbn_ace.devdocs.json'; diff --git a/api_docs/kbn_aiops_components.mdx b/api_docs/kbn_aiops_components.mdx index 00cf9cdb57229..d425c8cd99921 100644 --- a/api_docs/kbn_aiops_components.mdx +++ b/api_docs/kbn_aiops_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-components title: "@kbn/aiops-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-components plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-components'] --- import kbnAiopsComponentsObj from './kbn_aiops_components.devdocs.json'; diff --git a/api_docs/kbn_aiops_utils.mdx b/api_docs/kbn_aiops_utils.mdx index 6ea3ee7fb2d6c..a5b844164f25e 100644 --- a/api_docs/kbn_aiops_utils.mdx +++ b/api_docs/kbn_aiops_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-utils title: "@kbn/aiops-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-utils'] --- import kbnAiopsUtilsObj from './kbn_aiops_utils.devdocs.json'; diff --git a/api_docs/kbn_alerting_api_integration_helpers.mdx b/api_docs/kbn_alerting_api_integration_helpers.mdx index 493bc1ae62a51..38cb1ec47cbee 100644 --- a/api_docs/kbn_alerting_api_integration_helpers.mdx +++ b/api_docs/kbn_alerting_api_integration_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-api-integration-helpers title: "@kbn/alerting-api-integration-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-api-integration-helpers plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-api-integration-helpers'] --- import kbnAlertingApiIntegrationHelpersObj from './kbn_alerting_api_integration_helpers.devdocs.json'; diff --git a/api_docs/kbn_alerting_state_types.mdx b/api_docs/kbn_alerting_state_types.mdx index c20ba5cddaed9..d6069d6bcb9da 100644 --- a/api_docs/kbn_alerting_state_types.mdx +++ b/api_docs/kbn_alerting_state_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-state-types title: "@kbn/alerting-state-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-state-types plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-state-types'] --- import kbnAlertingStateTypesObj from './kbn_alerting_state_types.devdocs.json'; diff --git a/api_docs/kbn_alerts_as_data_utils.devdocs.json b/api_docs/kbn_alerts_as_data_utils.devdocs.json index c985f042ac54f..8f3c9ec250b05 100644 --- a/api_docs/kbn_alerts_as_data_utils.devdocs.json +++ b/api_docs/kbn_alerts_as_data_utils.devdocs.json @@ -196,7 +196,7 @@ "label": "AADAlert", "description": [], "signature": [ - "({ '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; }) | ({} & { 'agent.name'?: string | undefined; 'error.grouping_key'?: string | undefined; 'error.grouping_name'?: string | undefined; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'processor.event'?: string | undefined; 'service.environment'?: string | undefined; 'service.language.name'?: string | undefined; 'service.name'?: string | undefined; 'transaction.name'?: string | undefined; 'transaction.type'?: string | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }) | ({} & { 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'ecs.version': string; } & { 'agent.build.original'?: string | undefined; 'agent.ephemeral_id'?: string | undefined; 'agent.id'?: string | undefined; 'agent.name'?: string | undefined; 'agent.type'?: string | undefined; 'agent.version'?: string | undefined; 'client.address'?: string | undefined; 'client.as.number'?: string | number | undefined; 'client.as.organization.name'?: string | undefined; 'client.bytes'?: string | number | undefined; 'client.domain'?: string | undefined; 'client.geo.city_name'?: string | undefined; 'client.geo.continent_code'?: string | undefined; 'client.geo.continent_name'?: string | undefined; 'client.geo.country_iso_code'?: string | undefined; 'client.geo.country_name'?: string | undefined; 'client.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'client.geo.name'?: string | undefined; 'client.geo.postal_code'?: string | undefined; 'client.geo.region_iso_code'?: string | undefined; 'client.geo.region_name'?: string | undefined; 'client.geo.timezone'?: string | undefined; 'client.ip'?: string | undefined; 'client.mac'?: string | undefined; 'client.nat.ip'?: string | undefined; 'client.nat.port'?: string | number | undefined; 'client.packets'?: string | number | undefined; 'client.port'?: string | number | undefined; 'client.registered_domain'?: string | undefined; 'client.subdomain'?: string | undefined; 'client.top_level_domain'?: string | undefined; 'client.user.domain'?: string | undefined; 'client.user.email'?: string | undefined; 'client.user.full_name'?: string | undefined; 'client.user.group.domain'?: string | undefined; 'client.user.group.id'?: string | undefined; 'client.user.group.name'?: string | undefined; 'client.user.hash'?: string | undefined; 'client.user.id'?: string | undefined; 'client.user.name'?: string | undefined; 'client.user.roles'?: string[] | undefined; 'cloud.account.id'?: string | undefined; 'cloud.account.name'?: string | undefined; 'cloud.availability_zone'?: string | undefined; 'cloud.instance.id'?: string | undefined; 'cloud.instance.name'?: string | undefined; 'cloud.machine.type'?: string | undefined; 'cloud.origin.account.id'?: string | undefined; 'cloud.origin.account.name'?: string | undefined; 'cloud.origin.availability_zone'?: string | undefined; 'cloud.origin.instance.id'?: string | undefined; 'cloud.origin.instance.name'?: string | undefined; 'cloud.origin.machine.type'?: string | undefined; 'cloud.origin.project.id'?: string | undefined; 'cloud.origin.project.name'?: string | undefined; 'cloud.origin.provider'?: string | undefined; 'cloud.origin.region'?: string | undefined; 'cloud.origin.service.name'?: string | undefined; 'cloud.project.id'?: string | undefined; 'cloud.project.name'?: string | undefined; 'cloud.provider'?: string | undefined; 'cloud.region'?: string | undefined; 'cloud.service.name'?: string | undefined; 'cloud.target.account.id'?: string | undefined; 'cloud.target.account.name'?: string | undefined; 'cloud.target.availability_zone'?: string | undefined; 'cloud.target.instance.id'?: string | undefined; 'cloud.target.instance.name'?: string | undefined; 'cloud.target.machine.type'?: string | undefined; 'cloud.target.project.id'?: string | undefined; 'cloud.target.project.name'?: string | undefined; 'cloud.target.provider'?: string | undefined; 'cloud.target.region'?: string | undefined; 'cloud.target.service.name'?: string | undefined; 'container.cpu.usage'?: string | number | undefined; 'container.disk.read.bytes'?: string | number | undefined; 'container.disk.write.bytes'?: string | number | undefined; 'container.id'?: string | undefined; 'container.image.hash.all'?: string[] | undefined; 'container.image.name'?: string | undefined; 'container.image.tag'?: string[] | undefined; 'container.memory.usage'?: string | number | undefined; 'container.name'?: string | undefined; 'container.network.egress.bytes'?: string | number | undefined; 'container.network.ingress.bytes'?: string | number | undefined; 'container.runtime'?: string | undefined; 'destination.address'?: string | undefined; 'destination.as.number'?: string | number | undefined; 'destination.as.organization.name'?: string | undefined; 'destination.bytes'?: string | number | undefined; 'destination.domain'?: string | undefined; 'destination.geo.city_name'?: string | undefined; 'destination.geo.continent_code'?: string | undefined; 'destination.geo.continent_name'?: string | undefined; 'destination.geo.country_iso_code'?: string | undefined; 'destination.geo.country_name'?: string | undefined; 'destination.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'destination.geo.name'?: string | undefined; 'destination.geo.postal_code'?: string | undefined; 'destination.geo.region_iso_code'?: string | undefined; 'destination.geo.region_name'?: string | undefined; 'destination.geo.timezone'?: string | undefined; 'destination.ip'?: string | undefined; 'destination.mac'?: string | undefined; 'destination.nat.ip'?: string | undefined; 'destination.nat.port'?: string | number | undefined; 'destination.packets'?: string | number | undefined; 'destination.port'?: string | number | undefined; 'destination.registered_domain'?: string | undefined; 'destination.subdomain'?: string | undefined; 'destination.top_level_domain'?: string | undefined; 'destination.user.domain'?: string | undefined; 'destination.user.email'?: string | undefined; 'destination.user.full_name'?: string | undefined; 'destination.user.group.domain'?: string | undefined; 'destination.user.group.id'?: string | undefined; 'destination.user.group.name'?: string | undefined; 'destination.user.hash'?: string | undefined; 'destination.user.id'?: string | undefined; 'destination.user.name'?: string | undefined; 'destination.user.roles'?: string[] | undefined; 'device.id'?: string | undefined; 'device.manufacturer'?: string | undefined; 'device.model.identifier'?: string | undefined; 'device.model.name'?: string | undefined; 'dll.code_signature.digest_algorithm'?: string | undefined; 'dll.code_signature.exists'?: boolean | undefined; 'dll.code_signature.signing_id'?: string | undefined; 'dll.code_signature.status'?: string | undefined; 'dll.code_signature.subject_name'?: string | undefined; 'dll.code_signature.team_id'?: string | undefined; 'dll.code_signature.timestamp'?: string | number | undefined; 'dll.code_signature.trusted'?: boolean | undefined; 'dll.code_signature.valid'?: boolean | undefined; 'dll.hash.md5'?: string | undefined; 'dll.hash.sha1'?: string | undefined; 'dll.hash.sha256'?: string | undefined; 'dll.hash.sha384'?: string | undefined; 'dll.hash.sha512'?: string | undefined; 'dll.hash.ssdeep'?: string | undefined; 'dll.hash.tlsh'?: string | undefined; 'dll.name'?: string | undefined; 'dll.path'?: string | undefined; 'dll.pe.architecture'?: string | undefined; 'dll.pe.company'?: string | undefined; 'dll.pe.description'?: string | undefined; 'dll.pe.file_version'?: string | undefined; 'dll.pe.imphash'?: string | undefined; 'dll.pe.original_file_name'?: string | undefined; 'dll.pe.pehash'?: string | undefined; 'dll.pe.product'?: string | undefined; 'dns.answers'?: { class?: string | undefined; data?: string | undefined; name?: string | undefined; ttl?: string | number | undefined; type?: string | undefined; }[] | undefined; 'dns.header_flags'?: string[] | undefined; 'dns.id'?: string | undefined; 'dns.op_code'?: string | undefined; 'dns.question.class'?: string | undefined; 'dns.question.name'?: string | undefined; 'dns.question.registered_domain'?: string | undefined; 'dns.question.subdomain'?: string | undefined; 'dns.question.top_level_domain'?: string | undefined; 'dns.question.type'?: string | undefined; 'dns.resolved_ip'?: string[] | undefined; 'dns.response_code'?: string | undefined; 'dns.type'?: string | undefined; 'email.attachments'?: { 'file.extension'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.name'?: string | undefined; 'file.size'?: string | number | undefined; }[] | undefined; 'email.bcc.address'?: string[] | undefined; 'email.cc.address'?: string[] | undefined; 'email.content_type'?: string | undefined; 'email.delivery_timestamp'?: string | number | undefined; 'email.direction'?: string | undefined; 'email.from.address'?: string[] | undefined; 'email.local_id'?: string | undefined; 'email.message_id'?: string | undefined; 'email.origination_timestamp'?: string | number | undefined; 'email.reply_to.address'?: string[] | undefined; 'email.sender.address'?: string | undefined; 'email.subject'?: string | undefined; 'email.to.address'?: string[] | undefined; 'email.x_mailer'?: string | undefined; 'error.code'?: string | undefined; 'error.id'?: string | undefined; 'error.message'?: string | undefined; 'error.stack_trace'?: string | undefined; 'error.type'?: string | undefined; 'event.action'?: string | undefined; 'event.agent_id_status'?: string | undefined; 'event.category'?: string[] | undefined; 'event.code'?: string | undefined; 'event.created'?: string | number | undefined; 'event.dataset'?: string | undefined; 'event.duration'?: string | number | undefined; 'event.end'?: string | number | undefined; 'event.hash'?: string | undefined; 'event.id'?: string | undefined; 'event.ingested'?: string | number | undefined; 'event.kind'?: string | undefined; 'event.module'?: string | undefined; 'event.original'?: string | undefined; 'event.outcome'?: string | undefined; 'event.provider'?: string | undefined; 'event.reason'?: string | undefined; 'event.reference'?: string | undefined; 'event.risk_score'?: number | undefined; 'event.risk_score_norm'?: number | undefined; 'event.sequence'?: string | number | undefined; 'event.severity'?: string | number | undefined; 'event.start'?: string | number | undefined; 'event.timezone'?: string | undefined; 'event.type'?: string[] | undefined; 'event.url'?: string | undefined; 'faas.coldstart'?: boolean | undefined; 'faas.execution'?: string | undefined; 'faas.id'?: string | undefined; 'faas.name'?: string | undefined; 'faas.version'?: string | undefined; 'file.accessed'?: string | number | undefined; 'file.attributes'?: string[] | undefined; 'file.code_signature.digest_algorithm'?: string | undefined; 'file.code_signature.exists'?: boolean | undefined; 'file.code_signature.signing_id'?: string | undefined; 'file.code_signature.status'?: string | undefined; 'file.code_signature.subject_name'?: string | undefined; 'file.code_signature.team_id'?: string | undefined; 'file.code_signature.timestamp'?: string | number | undefined; 'file.code_signature.trusted'?: boolean | undefined; 'file.code_signature.valid'?: boolean | undefined; 'file.created'?: string | number | undefined; 'file.ctime'?: string | number | undefined; 'file.device'?: string | undefined; 'file.directory'?: string | undefined; 'file.drive_letter'?: string | undefined; 'file.elf.architecture'?: string | undefined; 'file.elf.byte_order'?: string | undefined; 'file.elf.cpu_type'?: string | undefined; 'file.elf.creation_date'?: string | number | undefined; 'file.elf.exports'?: unknown[] | undefined; 'file.elf.header.abi_version'?: string | undefined; 'file.elf.header.class'?: string | undefined; 'file.elf.header.data'?: string | undefined; 'file.elf.header.entrypoint'?: string | number | undefined; 'file.elf.header.object_version'?: string | undefined; 'file.elf.header.os_abi'?: string | undefined; 'file.elf.header.type'?: string | undefined; 'file.elf.header.version'?: string | undefined; 'file.elf.imports'?: unknown[] | undefined; 'file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'file.elf.shared_libraries'?: string[] | undefined; 'file.elf.telfhash'?: string | undefined; 'file.extension'?: string | undefined; 'file.fork_name'?: string | undefined; 'file.gid'?: string | undefined; 'file.group'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.inode'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.mode'?: string | undefined; 'file.mtime'?: string | number | undefined; 'file.name'?: string | undefined; 'file.owner'?: string | undefined; 'file.path'?: string | undefined; 'file.pe.architecture'?: string | undefined; 'file.pe.company'?: string | undefined; 'file.pe.description'?: string | undefined; 'file.pe.file_version'?: string | undefined; 'file.pe.imphash'?: string | undefined; 'file.pe.original_file_name'?: string | undefined; 'file.pe.pehash'?: string | undefined; 'file.pe.product'?: string | undefined; 'file.size'?: string | number | undefined; 'file.target_path'?: string | undefined; 'file.type'?: string | undefined; 'file.uid'?: string | undefined; 'file.x509.alternative_names'?: string[] | undefined; 'file.x509.issuer.common_name'?: string[] | undefined; 'file.x509.issuer.country'?: string[] | undefined; 'file.x509.issuer.distinguished_name'?: string | undefined; 'file.x509.issuer.locality'?: string[] | undefined; 'file.x509.issuer.organization'?: string[] | undefined; 'file.x509.issuer.organizational_unit'?: string[] | undefined; 'file.x509.issuer.state_or_province'?: string[] | undefined; 'file.x509.not_after'?: string | number | undefined; 'file.x509.not_before'?: string | number | undefined; 'file.x509.public_key_algorithm'?: string | undefined; 'file.x509.public_key_curve'?: string | undefined; 'file.x509.public_key_exponent'?: string | number | undefined; 'file.x509.public_key_size'?: string | number | undefined; 'file.x509.serial_number'?: string | undefined; 'file.x509.signature_algorithm'?: string | undefined; 'file.x509.subject.common_name'?: string[] | undefined; 'file.x509.subject.country'?: string[] | undefined; 'file.x509.subject.distinguished_name'?: string | undefined; 'file.x509.subject.locality'?: string[] | undefined; 'file.x509.subject.organization'?: string[] | undefined; 'file.x509.subject.organizational_unit'?: string[] | undefined; 'file.x509.subject.state_or_province'?: string[] | undefined; 'file.x509.version_number'?: string | undefined; 'group.domain'?: string | undefined; 'group.id'?: string | undefined; 'group.name'?: string | undefined; 'host.architecture'?: string | undefined; 'host.boot.id'?: string | undefined; 'host.cpu.usage'?: string | number | undefined; 'host.disk.read.bytes'?: string | number | undefined; 'host.disk.write.bytes'?: string | number | undefined; 'host.domain'?: string | undefined; 'host.geo.city_name'?: string | undefined; 'host.geo.continent_code'?: string | undefined; 'host.geo.continent_name'?: string | undefined; 'host.geo.country_iso_code'?: string | undefined; 'host.geo.country_name'?: string | undefined; 'host.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'host.geo.name'?: string | undefined; 'host.geo.postal_code'?: string | undefined; 'host.geo.region_iso_code'?: string | undefined; 'host.geo.region_name'?: string | undefined; 'host.geo.timezone'?: string | undefined; 'host.hostname'?: string | undefined; 'host.id'?: string | undefined; 'host.ip'?: string[] | undefined; 'host.mac'?: string[] | undefined; 'host.name'?: string | undefined; 'host.network.egress.bytes'?: string | number | undefined; 'host.network.egress.packets'?: string | number | undefined; 'host.network.ingress.bytes'?: string | number | undefined; 'host.network.ingress.packets'?: string | number | undefined; 'host.os.family'?: string | undefined; 'host.os.full'?: string | undefined; 'host.os.kernel'?: string | undefined; 'host.os.name'?: string | undefined; 'host.os.platform'?: string | undefined; 'host.os.type'?: string | undefined; 'host.os.version'?: string | undefined; 'host.pid_ns_ino'?: string | undefined; 'host.risk.calculated_level'?: string | undefined; 'host.risk.calculated_score'?: number | undefined; 'host.risk.calculated_score_norm'?: number | undefined; 'host.risk.static_level'?: string | undefined; 'host.risk.static_score'?: number | undefined; 'host.risk.static_score_norm'?: number | undefined; 'host.type'?: string | undefined; 'host.uptime'?: string | number | undefined; 'http.request.body.bytes'?: string | number | undefined; 'http.request.body.content'?: string | undefined; 'http.request.bytes'?: string | number | undefined; 'http.request.id'?: string | undefined; 'http.request.method'?: string | undefined; 'http.request.mime_type'?: string | undefined; 'http.request.referrer'?: string | undefined; 'http.response.body.bytes'?: string | number | undefined; 'http.response.body.content'?: string | undefined; 'http.response.bytes'?: string | number | undefined; 'http.response.mime_type'?: string | undefined; 'http.response.status_code'?: string | number | undefined; 'http.version'?: string | undefined; 'log.file.path'?: string | undefined; 'log.level'?: string | undefined; 'log.logger'?: string | undefined; 'log.origin.file.line'?: string | number | undefined; 'log.origin.file.name'?: string | undefined; 'log.origin.function'?: string | undefined; message?: string | undefined; 'network.application'?: string | undefined; 'network.bytes'?: string | number | undefined; 'network.community_id'?: string | undefined; 'network.direction'?: string | undefined; 'network.forwarded_ip'?: string | undefined; 'network.iana_number'?: string | undefined; 'network.name'?: string | undefined; 'network.packets'?: string | number | undefined; 'network.protocol'?: string | undefined; 'network.transport'?: string | undefined; 'network.type'?: string | undefined; 'network.vlan.id'?: string | undefined; 'network.vlan.name'?: string | undefined; 'observer.geo.city_name'?: string | undefined; 'observer.geo.continent_code'?: string | undefined; 'observer.geo.continent_name'?: string | undefined; 'observer.geo.country_iso_code'?: string | undefined; 'observer.geo.country_name'?: string | undefined; 'observer.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'observer.geo.name'?: string | undefined; 'observer.geo.postal_code'?: string | undefined; 'observer.geo.region_iso_code'?: string | undefined; 'observer.geo.region_name'?: string | undefined; 'observer.geo.timezone'?: string | undefined; 'observer.hostname'?: string | undefined; 'observer.ip'?: string[] | undefined; 'observer.mac'?: string[] | undefined; 'observer.name'?: string | undefined; 'observer.os.family'?: string | undefined; 'observer.os.full'?: string | undefined; 'observer.os.kernel'?: string | undefined; 'observer.os.name'?: string | undefined; 'observer.os.platform'?: string | undefined; 'observer.os.type'?: string | undefined; 'observer.os.version'?: string | undefined; 'observer.product'?: string | undefined; 'observer.serial_number'?: string | undefined; 'observer.type'?: string | undefined; 'observer.vendor'?: string | undefined; 'observer.version'?: string | undefined; 'orchestrator.api_version'?: string | undefined; 'orchestrator.cluster.id'?: string | undefined; 'orchestrator.cluster.name'?: string | undefined; 'orchestrator.cluster.url'?: string | undefined; 'orchestrator.cluster.version'?: string | undefined; 'orchestrator.namespace'?: string | undefined; 'orchestrator.organization'?: string | undefined; 'orchestrator.resource.id'?: string | undefined; 'orchestrator.resource.ip'?: string[] | undefined; 'orchestrator.resource.name'?: string | undefined; 'orchestrator.resource.parent.type'?: string | undefined; 'orchestrator.resource.type'?: string | undefined; 'orchestrator.type'?: string | undefined; 'organization.id'?: string | undefined; 'organization.name'?: string | undefined; 'package.architecture'?: string | undefined; 'package.build_version'?: string | undefined; 'package.checksum'?: string | undefined; 'package.description'?: string | undefined; 'package.install_scope'?: string | undefined; 'package.installed'?: string | number | undefined; 'package.license'?: string | undefined; 'package.name'?: string | undefined; 'package.path'?: string | undefined; 'package.reference'?: string | undefined; 'package.size'?: string | number | undefined; 'package.type'?: string | undefined; 'package.version'?: string | undefined; 'process.args'?: string[] | undefined; 'process.args_count'?: string | number | undefined; 'process.code_signature.digest_algorithm'?: string | undefined; 'process.code_signature.exists'?: boolean | undefined; 'process.code_signature.signing_id'?: string | undefined; 'process.code_signature.status'?: string | undefined; 'process.code_signature.subject_name'?: string | undefined; 'process.code_signature.team_id'?: string | undefined; 'process.code_signature.timestamp'?: string | number | undefined; 'process.code_signature.trusted'?: boolean | undefined; 'process.code_signature.valid'?: boolean | undefined; 'process.command_line'?: string | undefined; 'process.elf.architecture'?: string | undefined; 'process.elf.byte_order'?: string | undefined; 'process.elf.cpu_type'?: string | undefined; 'process.elf.creation_date'?: string | number | undefined; 'process.elf.exports'?: unknown[] | undefined; 'process.elf.header.abi_version'?: string | undefined; 'process.elf.header.class'?: string | undefined; 'process.elf.header.data'?: string | undefined; 'process.elf.header.entrypoint'?: string | number | undefined; 'process.elf.header.object_version'?: string | undefined; 'process.elf.header.os_abi'?: string | undefined; 'process.elf.header.type'?: string | undefined; 'process.elf.header.version'?: string | undefined; 'process.elf.imports'?: unknown[] | undefined; 'process.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.elf.shared_libraries'?: string[] | undefined; 'process.elf.telfhash'?: string | undefined; 'process.end'?: string | number | undefined; 'process.entity_id'?: string | undefined; 'process.entry_leader.args'?: string[] | undefined; 'process.entry_leader.args_count'?: string | number | undefined; 'process.entry_leader.attested_groups.name'?: string | undefined; 'process.entry_leader.attested_user.id'?: string | undefined; 'process.entry_leader.attested_user.name'?: string | undefined; 'process.entry_leader.command_line'?: string | undefined; 'process.entry_leader.entity_id'?: string | undefined; 'process.entry_leader.entry_meta.source.ip'?: string | undefined; 'process.entry_leader.entry_meta.type'?: string | undefined; 'process.entry_leader.executable'?: string | undefined; 'process.entry_leader.group.id'?: string | undefined; 'process.entry_leader.group.name'?: string | undefined; 'process.entry_leader.interactive'?: boolean | undefined; 'process.entry_leader.name'?: string | undefined; 'process.entry_leader.parent.entity_id'?: string | undefined; 'process.entry_leader.parent.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.entity_id'?: string | undefined; 'process.entry_leader.parent.session_leader.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.start'?: string | number | undefined; 'process.entry_leader.parent.start'?: string | number | undefined; 'process.entry_leader.pid'?: string | number | undefined; 'process.entry_leader.real_group.id'?: string | undefined; 'process.entry_leader.real_group.name'?: string | undefined; 'process.entry_leader.real_user.id'?: string | undefined; 'process.entry_leader.real_user.name'?: string | undefined; 'process.entry_leader.same_as_process'?: boolean | undefined; 'process.entry_leader.saved_group.id'?: string | undefined; 'process.entry_leader.saved_group.name'?: string | undefined; 'process.entry_leader.saved_user.id'?: string | undefined; 'process.entry_leader.saved_user.name'?: string | undefined; 'process.entry_leader.start'?: string | number | undefined; 'process.entry_leader.supplemental_groups.id'?: string | undefined; 'process.entry_leader.supplemental_groups.name'?: string | undefined; 'process.entry_leader.user.id'?: string | undefined; 'process.entry_leader.user.name'?: string | undefined; 'process.entry_leader.working_directory'?: string | undefined; 'process.env_vars'?: string[] | undefined; 'process.executable'?: string | undefined; 'process.exit_code'?: string | number | undefined; 'process.group_leader.args'?: string[] | undefined; 'process.group_leader.args_count'?: string | number | undefined; 'process.group_leader.command_line'?: string | undefined; 'process.group_leader.entity_id'?: string | undefined; 'process.group_leader.executable'?: string | undefined; 'process.group_leader.group.id'?: string | undefined; 'process.group_leader.group.name'?: string | undefined; 'process.group_leader.interactive'?: boolean | undefined; 'process.group_leader.name'?: string | undefined; 'process.group_leader.pid'?: string | number | undefined; 'process.group_leader.real_group.id'?: string | undefined; 'process.group_leader.real_group.name'?: string | undefined; 'process.group_leader.real_user.id'?: string | undefined; 'process.group_leader.real_user.name'?: string | undefined; 'process.group_leader.same_as_process'?: boolean | undefined; 'process.group_leader.saved_group.id'?: string | undefined; 'process.group_leader.saved_group.name'?: string | undefined; 'process.group_leader.saved_user.id'?: string | undefined; 'process.group_leader.saved_user.name'?: string | undefined; 'process.group_leader.start'?: string | number | undefined; 'process.group_leader.supplemental_groups.id'?: string | undefined; 'process.group_leader.supplemental_groups.name'?: string | undefined; 'process.group_leader.user.id'?: string | undefined; 'process.group_leader.user.name'?: string | undefined; 'process.group_leader.working_directory'?: string | undefined; 'process.hash.md5'?: string | undefined; 'process.hash.sha1'?: string | undefined; 'process.hash.sha256'?: string | undefined; 'process.hash.sha384'?: string | undefined; 'process.hash.sha512'?: string | undefined; 'process.hash.ssdeep'?: string | undefined; 'process.hash.tlsh'?: string | undefined; 'process.interactive'?: boolean | undefined; 'process.name'?: string | undefined; 'process.parent.args'?: string[] | undefined; 'process.parent.args_count'?: string | number | undefined; 'process.parent.code_signature.digest_algorithm'?: string | undefined; 'process.parent.code_signature.exists'?: boolean | undefined; 'process.parent.code_signature.signing_id'?: string | undefined; 'process.parent.code_signature.status'?: string | undefined; 'process.parent.code_signature.subject_name'?: string | undefined; 'process.parent.code_signature.team_id'?: string | undefined; 'process.parent.code_signature.timestamp'?: string | number | undefined; 'process.parent.code_signature.trusted'?: boolean | undefined; 'process.parent.code_signature.valid'?: boolean | undefined; 'process.parent.command_line'?: string | undefined; 'process.parent.elf.architecture'?: string | undefined; 'process.parent.elf.byte_order'?: string | undefined; 'process.parent.elf.cpu_type'?: string | undefined; 'process.parent.elf.creation_date'?: string | number | undefined; 'process.parent.elf.exports'?: unknown[] | undefined; 'process.parent.elf.header.abi_version'?: string | undefined; 'process.parent.elf.header.class'?: string | undefined; 'process.parent.elf.header.data'?: string | undefined; 'process.parent.elf.header.entrypoint'?: string | number | undefined; 'process.parent.elf.header.object_version'?: string | undefined; 'process.parent.elf.header.os_abi'?: string | undefined; 'process.parent.elf.header.type'?: string | undefined; 'process.parent.elf.header.version'?: string | undefined; 'process.parent.elf.imports'?: unknown[] | undefined; 'process.parent.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.parent.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.parent.elf.shared_libraries'?: string[] | undefined; 'process.parent.elf.telfhash'?: string | undefined; 'process.parent.end'?: string | number | undefined; 'process.parent.entity_id'?: string | undefined; 'process.parent.executable'?: string | undefined; 'process.parent.exit_code'?: string | number | undefined; 'process.parent.group.id'?: string | undefined; 'process.parent.group.name'?: string | undefined; 'process.parent.group_leader.entity_id'?: string | undefined; 'process.parent.group_leader.pid'?: string | number | undefined; 'process.parent.group_leader.start'?: string | number | undefined; 'process.parent.hash.md5'?: string | undefined; 'process.parent.hash.sha1'?: string | undefined; 'process.parent.hash.sha256'?: string | undefined; 'process.parent.hash.sha384'?: string | undefined; 'process.parent.hash.sha512'?: string | undefined; 'process.parent.hash.ssdeep'?: string | undefined; 'process.parent.hash.tlsh'?: string | undefined; 'process.parent.interactive'?: boolean | undefined; 'process.parent.name'?: string | undefined; 'process.parent.pe.architecture'?: string | undefined; 'process.parent.pe.company'?: string | undefined; 'process.parent.pe.description'?: string | undefined; 'process.parent.pe.file_version'?: string | undefined; 'process.parent.pe.imphash'?: string | undefined; 'process.parent.pe.original_file_name'?: string | undefined; 'process.parent.pe.pehash'?: string | undefined; 'process.parent.pe.product'?: string | undefined; 'process.parent.pgid'?: string | number | undefined; 'process.parent.pid'?: string | number | undefined; 'process.parent.real_group.id'?: string | undefined; 'process.parent.real_group.name'?: string | undefined; 'process.parent.real_user.id'?: string | undefined; 'process.parent.real_user.name'?: string | undefined; 'process.parent.saved_group.id'?: string | undefined; 'process.parent.saved_group.name'?: string | undefined; 'process.parent.saved_user.id'?: string | undefined; 'process.parent.saved_user.name'?: string | undefined; 'process.parent.start'?: string | number | undefined; 'process.parent.supplemental_groups.id'?: string | undefined; 'process.parent.supplemental_groups.name'?: string | undefined; 'process.parent.thread.id'?: string | number | undefined; 'process.parent.thread.name'?: string | undefined; 'process.parent.title'?: string | undefined; 'process.parent.uptime'?: string | number | undefined; 'process.parent.user.id'?: string | undefined; 'process.parent.user.name'?: string | undefined; 'process.parent.working_directory'?: string | undefined; 'process.pe.architecture'?: string | undefined; 'process.pe.company'?: string | undefined; 'process.pe.description'?: string | undefined; 'process.pe.file_version'?: string | undefined; 'process.pe.imphash'?: string | undefined; 'process.pe.original_file_name'?: string | undefined; 'process.pe.pehash'?: string | undefined; 'process.pe.product'?: string | undefined; 'process.pgid'?: string | number | undefined; 'process.pid'?: string | number | undefined; 'process.previous.args'?: string[] | undefined; 'process.previous.args_count'?: string | number | undefined; 'process.previous.executable'?: string | undefined; 'process.real_group.id'?: string | undefined; 'process.real_group.name'?: string | undefined; 'process.real_user.id'?: string | undefined; 'process.real_user.name'?: string | undefined; 'process.saved_group.id'?: string | undefined; 'process.saved_group.name'?: string | undefined; 'process.saved_user.id'?: string | undefined; 'process.saved_user.name'?: string | undefined; 'process.session_leader.args'?: string[] | undefined; 'process.session_leader.args_count'?: string | number | undefined; 'process.session_leader.command_line'?: string | undefined; 'process.session_leader.entity_id'?: string | undefined; 'process.session_leader.executable'?: string | undefined; 'process.session_leader.group.id'?: string | undefined; 'process.session_leader.group.name'?: string | undefined; 'process.session_leader.interactive'?: boolean | undefined; 'process.session_leader.name'?: string | undefined; 'process.session_leader.parent.entity_id'?: string | undefined; 'process.session_leader.parent.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.entity_id'?: string | undefined; 'process.session_leader.parent.session_leader.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.start'?: string | number | undefined; 'process.session_leader.parent.start'?: string | number | undefined; 'process.session_leader.pid'?: string | number | undefined; 'process.session_leader.real_group.id'?: string | undefined; 'process.session_leader.real_group.name'?: string | undefined; 'process.session_leader.real_user.id'?: string | undefined; 'process.session_leader.real_user.name'?: string | undefined; 'process.session_leader.same_as_process'?: boolean | undefined; 'process.session_leader.saved_group.id'?: string | undefined; 'process.session_leader.saved_group.name'?: string | undefined; 'process.session_leader.saved_user.id'?: string | undefined; 'process.session_leader.saved_user.name'?: string | undefined; 'process.session_leader.start'?: string | number | undefined; 'process.session_leader.supplemental_groups.id'?: string | undefined; 'process.session_leader.supplemental_groups.name'?: string | undefined; 'process.session_leader.user.id'?: string | undefined; 'process.session_leader.user.name'?: string | undefined; 'process.session_leader.working_directory'?: string | undefined; 'process.start'?: string | number | undefined; 'process.supplemental_groups.id'?: string | undefined; 'process.supplemental_groups.name'?: string | undefined; 'process.thread.id'?: string | number | undefined; 'process.thread.name'?: string | undefined; 'process.title'?: string | undefined; 'process.uptime'?: string | number | undefined; 'process.user.id'?: string | undefined; 'process.user.name'?: string | undefined; 'process.working_directory'?: string | undefined; 'registry.data.bytes'?: string | undefined; 'registry.data.strings'?: string[] | undefined; 'registry.data.type'?: string | undefined; 'registry.hive'?: string | undefined; 'registry.key'?: string | undefined; 'registry.path'?: string | undefined; 'registry.value'?: string | undefined; 'related.hash'?: string[] | undefined; 'related.hosts'?: string[] | undefined; 'related.ip'?: string[] | undefined; 'related.user'?: string[] | undefined; 'rule.author'?: string[] | undefined; 'rule.category'?: string | undefined; 'rule.description'?: string | undefined; 'rule.id'?: string | undefined; 'rule.license'?: string | undefined; 'rule.name'?: string | undefined; 'rule.reference'?: string | undefined; 'rule.ruleset'?: string | undefined; 'rule.uuid'?: string | undefined; 'rule.version'?: string | undefined; 'server.address'?: string | undefined; 'server.as.number'?: string | number | undefined; 'server.as.organization.name'?: string | undefined; 'server.bytes'?: string | number | undefined; 'server.domain'?: string | undefined; 'server.geo.city_name'?: string | undefined; 'server.geo.continent_code'?: string | undefined; 'server.geo.continent_name'?: string | undefined; 'server.geo.country_iso_code'?: string | undefined; 'server.geo.country_name'?: string | undefined; 'server.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'server.geo.name'?: string | undefined; 'server.geo.postal_code'?: string | undefined; 'server.geo.region_iso_code'?: string | undefined; 'server.geo.region_name'?: string | undefined; 'server.geo.timezone'?: string | undefined; 'server.ip'?: string | undefined; 'server.mac'?: string | undefined; 'server.nat.ip'?: string | undefined; 'server.nat.port'?: string | number | undefined; 'server.packets'?: string | number | undefined; 'server.port'?: string | number | undefined; 'server.registered_domain'?: string | undefined; 'server.subdomain'?: string | undefined; 'server.top_level_domain'?: string | undefined; 'server.user.domain'?: string | undefined; 'server.user.email'?: string | undefined; 'server.user.full_name'?: string | undefined; 'server.user.group.domain'?: string | undefined; 'server.user.group.id'?: string | undefined; 'server.user.group.name'?: string | undefined; 'server.user.hash'?: string | undefined; 'server.user.id'?: string | undefined; 'server.user.name'?: string | undefined; 'server.user.roles'?: string[] | undefined; 'service.address'?: string | undefined; 'service.environment'?: string | undefined; 'service.ephemeral_id'?: string | undefined; 'service.id'?: string | undefined; 'service.name'?: string | undefined; 'service.node.name'?: string | undefined; 'service.node.role'?: string | undefined; 'service.node.roles'?: string[] | undefined; 'service.origin.address'?: string | undefined; 'service.origin.environment'?: string | undefined; 'service.origin.ephemeral_id'?: string | undefined; 'service.origin.id'?: string | undefined; 'service.origin.name'?: string | undefined; 'service.origin.node.name'?: string | undefined; 'service.origin.node.role'?: string | undefined; 'service.origin.node.roles'?: string[] | undefined; 'service.origin.state'?: string | undefined; 'service.origin.type'?: string | undefined; 'service.origin.version'?: string | undefined; 'service.state'?: string | undefined; 'service.target.address'?: string | undefined; 'service.target.environment'?: string | undefined; 'service.target.ephemeral_id'?: string | undefined; 'service.target.id'?: string | undefined; 'service.target.name'?: string | undefined; 'service.target.node.name'?: string | undefined; 'service.target.node.role'?: string | undefined; 'service.target.node.roles'?: string[] | undefined; 'service.target.state'?: string | undefined; 'service.target.type'?: string | undefined; 'service.target.version'?: string | undefined; 'service.type'?: string | undefined; 'service.version'?: string | undefined; 'source.address'?: string | undefined; 'source.as.number'?: string | number | undefined; 'source.as.organization.name'?: string | undefined; 'source.bytes'?: string | number | undefined; 'source.domain'?: string | undefined; 'source.geo.city_name'?: string | undefined; 'source.geo.continent_code'?: string | undefined; 'source.geo.continent_name'?: string | undefined; 'source.geo.country_iso_code'?: string | undefined; 'source.geo.country_name'?: string | undefined; 'source.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'source.geo.name'?: string | undefined; 'source.geo.postal_code'?: string | undefined; 'source.geo.region_iso_code'?: string | undefined; 'source.geo.region_name'?: string | undefined; 'source.geo.timezone'?: string | undefined; 'source.ip'?: string | undefined; 'source.mac'?: string | undefined; 'source.nat.ip'?: string | undefined; 'source.nat.port'?: string | number | undefined; 'source.packets'?: string | number | undefined; 'source.port'?: string | number | undefined; 'source.registered_domain'?: string | undefined; 'source.subdomain'?: string | undefined; 'source.top_level_domain'?: string | undefined; 'source.user.domain'?: string | undefined; 'source.user.email'?: string | undefined; 'source.user.full_name'?: string | undefined; 'source.user.group.domain'?: string | undefined; 'source.user.group.id'?: string | undefined; 'source.user.group.name'?: string | undefined; 'source.user.hash'?: string | undefined; 'source.user.id'?: string | undefined; 'source.user.name'?: string | undefined; 'source.user.roles'?: string[] | undefined; 'span.id'?: string | undefined; tags?: string[] | undefined; 'threat.enrichments'?: { 'matched.atomic'?: string | undefined; 'matched.field'?: string | undefined; 'matched.id'?: string | undefined; 'matched.index'?: string | undefined; 'matched.occurred'?: string | number | undefined; 'matched.type'?: string | undefined; }[] | undefined; 'threat.feed.dashboard_id'?: string | undefined; 'threat.feed.description'?: string | undefined; 'threat.feed.name'?: string | undefined; 'threat.feed.reference'?: string | undefined; 'threat.framework'?: string | undefined; 'threat.group.alias'?: string[] | undefined; 'threat.group.id'?: string | undefined; 'threat.group.name'?: string | undefined; 'threat.group.reference'?: string | undefined; 'threat.indicator.as.number'?: string | number | undefined; 'threat.indicator.as.organization.name'?: string | undefined; 'threat.indicator.confidence'?: string | undefined; 'threat.indicator.description'?: string | undefined; 'threat.indicator.email.address'?: string | undefined; 'threat.indicator.file.accessed'?: string | number | undefined; 'threat.indicator.file.attributes'?: string[] | undefined; 'threat.indicator.file.code_signature.digest_algorithm'?: string | undefined; 'threat.indicator.file.code_signature.exists'?: boolean | undefined; 'threat.indicator.file.code_signature.signing_id'?: string | undefined; 'threat.indicator.file.code_signature.status'?: string | undefined; 'threat.indicator.file.code_signature.subject_name'?: string | undefined; 'threat.indicator.file.code_signature.team_id'?: string | undefined; 'threat.indicator.file.code_signature.timestamp'?: string | number | undefined; 'threat.indicator.file.code_signature.trusted'?: boolean | undefined; 'threat.indicator.file.code_signature.valid'?: boolean | undefined; 'threat.indicator.file.created'?: string | number | undefined; 'threat.indicator.file.ctime'?: string | number | undefined; 'threat.indicator.file.device'?: string | undefined; 'threat.indicator.file.directory'?: string | undefined; 'threat.indicator.file.drive_letter'?: string | undefined; 'threat.indicator.file.elf.architecture'?: string | undefined; 'threat.indicator.file.elf.byte_order'?: string | undefined; 'threat.indicator.file.elf.cpu_type'?: string | undefined; 'threat.indicator.file.elf.creation_date'?: string | number | undefined; 'threat.indicator.file.elf.exports'?: unknown[] | undefined; 'threat.indicator.file.elf.header.abi_version'?: string | undefined; 'threat.indicator.file.elf.header.class'?: string | undefined; 'threat.indicator.file.elf.header.data'?: string | undefined; 'threat.indicator.file.elf.header.entrypoint'?: string | number | undefined; 'threat.indicator.file.elf.header.object_version'?: string | undefined; 'threat.indicator.file.elf.header.os_abi'?: string | undefined; 'threat.indicator.file.elf.header.type'?: string | undefined; 'threat.indicator.file.elf.header.version'?: string | undefined; 'threat.indicator.file.elf.imports'?: unknown[] | undefined; 'threat.indicator.file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'threat.indicator.file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'threat.indicator.file.elf.shared_libraries'?: string[] | undefined; 'threat.indicator.file.elf.telfhash'?: string | undefined; 'threat.indicator.file.extension'?: string | undefined; 'threat.indicator.file.fork_name'?: string | undefined; 'threat.indicator.file.gid'?: string | undefined; 'threat.indicator.file.group'?: string | undefined; 'threat.indicator.file.hash.md5'?: string | undefined; 'threat.indicator.file.hash.sha1'?: string | undefined; 'threat.indicator.file.hash.sha256'?: string | undefined; 'threat.indicator.file.hash.sha384'?: string | undefined; 'threat.indicator.file.hash.sha512'?: string | undefined; 'threat.indicator.file.hash.ssdeep'?: string | undefined; 'threat.indicator.file.hash.tlsh'?: string | undefined; 'threat.indicator.file.inode'?: string | undefined; 'threat.indicator.file.mime_type'?: string | undefined; 'threat.indicator.file.mode'?: string | undefined; 'threat.indicator.file.mtime'?: string | number | undefined; 'threat.indicator.file.name'?: string | undefined; 'threat.indicator.file.owner'?: string | undefined; 'threat.indicator.file.path'?: string | undefined; 'threat.indicator.file.pe.architecture'?: string | undefined; 'threat.indicator.file.pe.company'?: string | undefined; 'threat.indicator.file.pe.description'?: string | undefined; 'threat.indicator.file.pe.file_version'?: string | undefined; 'threat.indicator.file.pe.imphash'?: string | undefined; 'threat.indicator.file.pe.original_file_name'?: string | undefined; 'threat.indicator.file.pe.pehash'?: string | undefined; 'threat.indicator.file.pe.product'?: string | undefined; 'threat.indicator.file.size'?: string | number | undefined; 'threat.indicator.file.target_path'?: string | undefined; 'threat.indicator.file.type'?: string | undefined; 'threat.indicator.file.uid'?: string | undefined; 'threat.indicator.file.x509.alternative_names'?: string[] | undefined; 'threat.indicator.file.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.file.x509.issuer.country'?: string[] | undefined; 'threat.indicator.file.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.not_after'?: string | number | undefined; 'threat.indicator.file.x509.not_before'?: string | number | undefined; 'threat.indicator.file.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.file.x509.public_key_curve'?: string | undefined; 'threat.indicator.file.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.file.x509.public_key_size'?: string | number | undefined; 'threat.indicator.file.x509.serial_number'?: string | undefined; 'threat.indicator.file.x509.signature_algorithm'?: string | undefined; 'threat.indicator.file.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.file.x509.subject.country'?: string[] | undefined; 'threat.indicator.file.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.subject.locality'?: string[] | undefined; 'threat.indicator.file.x509.subject.organization'?: string[] | undefined; 'threat.indicator.file.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.version_number'?: string | undefined; 'threat.indicator.first_seen'?: string | number | undefined; 'threat.indicator.geo.city_name'?: string | undefined; 'threat.indicator.geo.continent_code'?: string | undefined; 'threat.indicator.geo.continent_name'?: string | undefined; 'threat.indicator.geo.country_iso_code'?: string | undefined; 'threat.indicator.geo.country_name'?: string | undefined; 'threat.indicator.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'threat.indicator.geo.name'?: string | undefined; 'threat.indicator.geo.postal_code'?: string | undefined; 'threat.indicator.geo.region_iso_code'?: string | undefined; 'threat.indicator.geo.region_name'?: string | undefined; 'threat.indicator.geo.timezone'?: string | undefined; 'threat.indicator.ip'?: string | undefined; 'threat.indicator.last_seen'?: string | number | undefined; 'threat.indicator.marking.tlp'?: string | undefined; 'threat.indicator.marking.tlp_version'?: string | undefined; 'threat.indicator.modified_at'?: string | number | undefined; 'threat.indicator.port'?: string | number | undefined; 'threat.indicator.provider'?: string | undefined; 'threat.indicator.reference'?: string | undefined; 'threat.indicator.registry.data.bytes'?: string | undefined; 'threat.indicator.registry.data.strings'?: string[] | undefined; 'threat.indicator.registry.data.type'?: string | undefined; 'threat.indicator.registry.hive'?: string | undefined; 'threat.indicator.registry.key'?: string | undefined; 'threat.indicator.registry.path'?: string | undefined; 'threat.indicator.registry.value'?: string | undefined; 'threat.indicator.scanner_stats'?: string | number | undefined; 'threat.indicator.sightings'?: string | number | undefined; 'threat.indicator.type'?: string | undefined; 'threat.indicator.url.domain'?: string | undefined; 'threat.indicator.url.extension'?: string | undefined; 'threat.indicator.url.fragment'?: string | undefined; 'threat.indicator.url.full'?: string | undefined; 'threat.indicator.url.original'?: string | undefined; 'threat.indicator.url.password'?: string | undefined; 'threat.indicator.url.path'?: string | undefined; 'threat.indicator.url.port'?: string | number | undefined; 'threat.indicator.url.query'?: string | undefined; 'threat.indicator.url.registered_domain'?: string | undefined; 'threat.indicator.url.scheme'?: string | undefined; 'threat.indicator.url.subdomain'?: string | undefined; 'threat.indicator.url.top_level_domain'?: string | undefined; 'threat.indicator.url.username'?: string | undefined; 'threat.indicator.x509.alternative_names'?: string[] | undefined; 'threat.indicator.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.x509.issuer.country'?: string[] | undefined; 'threat.indicator.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.x509.not_after'?: string | number | undefined; 'threat.indicator.x509.not_before'?: string | number | undefined; 'threat.indicator.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.x509.public_key_curve'?: string | undefined; 'threat.indicator.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.x509.public_key_size'?: string | number | undefined; 'threat.indicator.x509.serial_number'?: string | undefined; 'threat.indicator.x509.signature_algorithm'?: string | undefined; 'threat.indicator.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.x509.subject.country'?: string[] | undefined; 'threat.indicator.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.x509.subject.locality'?: string[] | undefined; 'threat.indicator.x509.subject.organization'?: string[] | undefined; 'threat.indicator.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.x509.version_number'?: string | undefined; 'threat.software.alias'?: string[] | undefined; 'threat.software.id'?: string | undefined; 'threat.software.name'?: string | undefined; 'threat.software.platforms'?: string[] | undefined; 'threat.software.reference'?: string | undefined; 'threat.software.type'?: string | undefined; 'threat.tactic.id'?: string[] | undefined; 'threat.tactic.name'?: string[] | undefined; 'threat.tactic.reference'?: string[] | undefined; 'threat.technique.id'?: string[] | undefined; 'threat.technique.name'?: string[] | undefined; 'threat.technique.reference'?: string[] | undefined; 'threat.technique.subtechnique.id'?: string[] | undefined; 'threat.technique.subtechnique.name'?: string[] | undefined; 'threat.technique.subtechnique.reference'?: string[] | undefined; 'tls.cipher'?: string | undefined; 'tls.client.certificate'?: string | undefined; 'tls.client.certificate_chain'?: string[] | undefined; 'tls.client.hash.md5'?: string | undefined; 'tls.client.hash.sha1'?: string | undefined; 'tls.client.hash.sha256'?: string | undefined; 'tls.client.issuer'?: string | undefined; 'tls.client.ja3'?: string | undefined; 'tls.client.not_after'?: string | number | undefined; 'tls.client.not_before'?: string | number | undefined; 'tls.client.server_name'?: string | undefined; 'tls.client.subject'?: string | undefined; 'tls.client.supported_ciphers'?: string[] | undefined; 'tls.client.x509.alternative_names'?: string[] | undefined; 'tls.client.x509.issuer.common_name'?: string[] | undefined; 'tls.client.x509.issuer.country'?: string[] | undefined; 'tls.client.x509.issuer.distinguished_name'?: string | undefined; 'tls.client.x509.issuer.locality'?: string[] | undefined; 'tls.client.x509.issuer.organization'?: string[] | undefined; 'tls.client.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.client.x509.issuer.state_or_province'?: string[] | undefined; 'tls.client.x509.not_after'?: string | number | undefined; 'tls.client.x509.not_before'?: string | number | undefined; 'tls.client.x509.public_key_algorithm'?: string | undefined; 'tls.client.x509.public_key_curve'?: string | undefined; 'tls.client.x509.public_key_exponent'?: string | number | undefined; 'tls.client.x509.public_key_size'?: string | number | undefined; 'tls.client.x509.serial_number'?: string | undefined; 'tls.client.x509.signature_algorithm'?: string | undefined; 'tls.client.x509.subject.common_name'?: string[] | undefined; 'tls.client.x509.subject.country'?: string[] | undefined; 'tls.client.x509.subject.distinguished_name'?: string | undefined; 'tls.client.x509.subject.locality'?: string[] | undefined; 'tls.client.x509.subject.organization'?: string[] | undefined; 'tls.client.x509.subject.organizational_unit'?: string[] | undefined; 'tls.client.x509.subject.state_or_province'?: string[] | undefined; 'tls.client.x509.version_number'?: string | undefined; 'tls.curve'?: string | undefined; 'tls.established'?: boolean | undefined; 'tls.next_protocol'?: string | undefined; 'tls.resumed'?: boolean | undefined; 'tls.server.certificate'?: string | undefined; 'tls.server.certificate_chain'?: string[] | undefined; 'tls.server.hash.md5'?: string | undefined; 'tls.server.hash.sha1'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.issuer'?: string | undefined; 'tls.server.ja3s'?: string | undefined; 'tls.server.not_after'?: string | number | undefined; 'tls.server.not_before'?: string | number | undefined; 'tls.server.subject'?: string | undefined; 'tls.server.x509.alternative_names'?: string[] | undefined; 'tls.server.x509.issuer.common_name'?: string[] | undefined; 'tls.server.x509.issuer.country'?: string[] | undefined; 'tls.server.x509.issuer.distinguished_name'?: string | undefined; 'tls.server.x509.issuer.locality'?: string[] | undefined; 'tls.server.x509.issuer.organization'?: string[] | undefined; 'tls.server.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.server.x509.issuer.state_or_province'?: string[] | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.public_key_algorithm'?: string | undefined; 'tls.server.x509.public_key_curve'?: string | undefined; 'tls.server.x509.public_key_exponent'?: string | number | undefined; 'tls.server.x509.public_key_size'?: string | number | undefined; 'tls.server.x509.serial_number'?: string | undefined; 'tls.server.x509.signature_algorithm'?: string | undefined; 'tls.server.x509.subject.common_name'?: string[] | undefined; 'tls.server.x509.subject.country'?: string[] | undefined; 'tls.server.x509.subject.distinguished_name'?: string | undefined; 'tls.server.x509.subject.locality'?: string[] | undefined; 'tls.server.x509.subject.organization'?: string[] | undefined; 'tls.server.x509.subject.organizational_unit'?: string[] | undefined; 'tls.server.x509.subject.state_or_province'?: string[] | undefined; 'tls.server.x509.version_number'?: string | undefined; 'tls.version'?: string | undefined; 'tls.version_protocol'?: string | undefined; 'trace.id'?: string | undefined; 'transaction.id'?: string | undefined; 'url.domain'?: string | undefined; 'url.extension'?: string | undefined; 'url.fragment'?: string | undefined; 'url.full'?: string | undefined; 'url.original'?: string | undefined; 'url.password'?: string | undefined; 'url.path'?: string | undefined; 'url.port'?: string | number | undefined; 'url.query'?: string | undefined; 'url.registered_domain'?: string | undefined; 'url.scheme'?: string | undefined; 'url.subdomain'?: string | undefined; 'url.top_level_domain'?: string | undefined; 'url.username'?: string | undefined; 'user.changes.domain'?: string | undefined; 'user.changes.email'?: string | undefined; 'user.changes.full_name'?: string | undefined; 'user.changes.group.domain'?: string | undefined; 'user.changes.group.id'?: string | undefined; 'user.changes.group.name'?: string | undefined; 'user.changes.hash'?: string | undefined; 'user.changes.id'?: string | undefined; 'user.changes.name'?: string | undefined; 'user.changes.roles'?: string[] | undefined; 'user.domain'?: string | undefined; 'user.effective.domain'?: string | undefined; 'user.effective.email'?: string | undefined; 'user.effective.full_name'?: string | undefined; 'user.effective.group.domain'?: string | undefined; 'user.effective.group.id'?: string | undefined; 'user.effective.group.name'?: string | undefined; 'user.effective.hash'?: string | undefined; 'user.effective.id'?: string | undefined; 'user.effective.name'?: string | undefined; 'user.effective.roles'?: string[] | undefined; 'user.email'?: string | undefined; 'user.full_name'?: string | undefined; 'user.group.domain'?: string | undefined; 'user.group.id'?: string | undefined; 'user.group.name'?: string | undefined; 'user.hash'?: string | undefined; 'user.id'?: string | undefined; 'user.name'?: string | undefined; 'user.risk.calculated_level'?: string | undefined; 'user.risk.calculated_score'?: number | undefined; 'user.risk.calculated_score_norm'?: number | undefined; 'user.risk.static_level'?: string | undefined; 'user.risk.static_score'?: number | undefined; 'user.risk.static_score_norm'?: number | undefined; 'user.roles'?: string[] | undefined; 'user.target.domain'?: string | undefined; 'user.target.email'?: string | undefined; 'user.target.full_name'?: string | undefined; 'user.target.group.domain'?: string | undefined; 'user.target.group.id'?: string | undefined; 'user.target.group.name'?: string | undefined; 'user.target.hash'?: string | undefined; 'user.target.id'?: string | undefined; 'user.target.name'?: string | undefined; 'user.target.roles'?: string[] | undefined; 'user_agent.device.name'?: string | undefined; 'user_agent.name'?: string | undefined; 'user_agent.original'?: string | undefined; 'user_agent.os.family'?: string | undefined; 'user_agent.os.full'?: string | undefined; 'user_agent.os.kernel'?: string | undefined; 'user_agent.os.name'?: string | undefined; 'user_agent.os.platform'?: string | undefined; 'user_agent.os.type'?: string | undefined; 'user_agent.os.version'?: string | undefined; 'user_agent.version'?: string | undefined; 'vulnerability.category'?: string[] | undefined; 'vulnerability.classification'?: string | undefined; 'vulnerability.description'?: string | undefined; 'vulnerability.enumeration'?: string | undefined; 'vulnerability.id'?: string | undefined; 'vulnerability.reference'?: string | undefined; 'vulnerability.report_id'?: string | undefined; 'vulnerability.scanner.vendor'?: string | undefined; 'vulnerability.score.base'?: number | undefined; 'vulnerability.score.environmental'?: number | undefined; 'vulnerability.score.temporal'?: number | undefined; 'vulnerability.score.version'?: string | undefined; 'vulnerability.severity'?: string | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }) | ({} & { 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'ecs.version': string; } & { 'agent.build.original'?: string | undefined; 'agent.ephemeral_id'?: string | undefined; 'agent.id'?: string | undefined; 'agent.name'?: string | undefined; 'agent.type'?: string | undefined; 'agent.version'?: string | undefined; 'client.address'?: string | undefined; 'client.as.number'?: string | number | undefined; 'client.as.organization.name'?: string | undefined; 'client.bytes'?: string | number | undefined; 'client.domain'?: string | undefined; 'client.geo.city_name'?: string | undefined; 'client.geo.continent_code'?: string | undefined; 'client.geo.continent_name'?: string | undefined; 'client.geo.country_iso_code'?: string | undefined; 'client.geo.country_name'?: string | undefined; 'client.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'client.geo.name'?: string | undefined; 'client.geo.postal_code'?: string | undefined; 'client.geo.region_iso_code'?: string | undefined; 'client.geo.region_name'?: string | undefined; 'client.geo.timezone'?: string | undefined; 'client.ip'?: string | undefined; 'client.mac'?: string | undefined; 'client.nat.ip'?: string | undefined; 'client.nat.port'?: string | number | undefined; 'client.packets'?: string | number | undefined; 'client.port'?: string | number | undefined; 'client.registered_domain'?: string | undefined; 'client.subdomain'?: string | undefined; 'client.top_level_domain'?: string | undefined; 'client.user.domain'?: string | undefined; 'client.user.email'?: string | undefined; 'client.user.full_name'?: string | undefined; 'client.user.group.domain'?: string | undefined; 'client.user.group.id'?: string | undefined; 'client.user.group.name'?: string | undefined; 'client.user.hash'?: string | undefined; 'client.user.id'?: string | undefined; 'client.user.name'?: string | undefined; 'client.user.roles'?: string[] | undefined; 'cloud.account.id'?: string | undefined; 'cloud.account.name'?: string | undefined; 'cloud.availability_zone'?: string | undefined; 'cloud.instance.id'?: string | undefined; 'cloud.instance.name'?: string | undefined; 'cloud.machine.type'?: string | undefined; 'cloud.origin.account.id'?: string | undefined; 'cloud.origin.account.name'?: string | undefined; 'cloud.origin.availability_zone'?: string | undefined; 'cloud.origin.instance.id'?: string | undefined; 'cloud.origin.instance.name'?: string | undefined; 'cloud.origin.machine.type'?: string | undefined; 'cloud.origin.project.id'?: string | undefined; 'cloud.origin.project.name'?: string | undefined; 'cloud.origin.provider'?: string | undefined; 'cloud.origin.region'?: string | undefined; 'cloud.origin.service.name'?: string | undefined; 'cloud.project.id'?: string | undefined; 'cloud.project.name'?: string | undefined; 'cloud.provider'?: string | undefined; 'cloud.region'?: string | undefined; 'cloud.service.name'?: string | undefined; 'cloud.target.account.id'?: string | undefined; 'cloud.target.account.name'?: string | undefined; 'cloud.target.availability_zone'?: string | undefined; 'cloud.target.instance.id'?: string | undefined; 'cloud.target.instance.name'?: string | undefined; 'cloud.target.machine.type'?: string | undefined; 'cloud.target.project.id'?: string | undefined; 'cloud.target.project.name'?: string | undefined; 'cloud.target.provider'?: string | undefined; 'cloud.target.region'?: string | undefined; 'cloud.target.service.name'?: string | undefined; 'container.cpu.usage'?: string | number | undefined; 'container.disk.read.bytes'?: string | number | undefined; 'container.disk.write.bytes'?: string | number | undefined; 'container.id'?: string | undefined; 'container.image.hash.all'?: string[] | undefined; 'container.image.name'?: string | undefined; 'container.image.tag'?: string[] | undefined; 'container.memory.usage'?: string | number | undefined; 'container.name'?: string | undefined; 'container.network.egress.bytes'?: string | number | undefined; 'container.network.ingress.bytes'?: string | number | undefined; 'container.runtime'?: string | undefined; 'destination.address'?: string | undefined; 'destination.as.number'?: string | number | undefined; 'destination.as.organization.name'?: string | undefined; 'destination.bytes'?: string | number | undefined; 'destination.domain'?: string | undefined; 'destination.geo.city_name'?: string | undefined; 'destination.geo.continent_code'?: string | undefined; 'destination.geo.continent_name'?: string | undefined; 'destination.geo.country_iso_code'?: string | undefined; 'destination.geo.country_name'?: string | undefined; 'destination.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'destination.geo.name'?: string | undefined; 'destination.geo.postal_code'?: string | undefined; 'destination.geo.region_iso_code'?: string | undefined; 'destination.geo.region_name'?: string | undefined; 'destination.geo.timezone'?: string | undefined; 'destination.ip'?: string | undefined; 'destination.mac'?: string | undefined; 'destination.nat.ip'?: string | undefined; 'destination.nat.port'?: string | number | undefined; 'destination.packets'?: string | number | undefined; 'destination.port'?: string | number | undefined; 'destination.registered_domain'?: string | undefined; 'destination.subdomain'?: string | undefined; 'destination.top_level_domain'?: string | undefined; 'destination.user.domain'?: string | undefined; 'destination.user.email'?: string | undefined; 'destination.user.full_name'?: string | undefined; 'destination.user.group.domain'?: string | undefined; 'destination.user.group.id'?: string | undefined; 'destination.user.group.name'?: string | undefined; 'destination.user.hash'?: string | undefined; 'destination.user.id'?: string | undefined; 'destination.user.name'?: string | undefined; 'destination.user.roles'?: string[] | undefined; 'device.id'?: string | undefined; 'device.manufacturer'?: string | undefined; 'device.model.identifier'?: string | undefined; 'device.model.name'?: string | undefined; 'dll.code_signature.digest_algorithm'?: string | undefined; 'dll.code_signature.exists'?: boolean | undefined; 'dll.code_signature.signing_id'?: string | undefined; 'dll.code_signature.status'?: string | undefined; 'dll.code_signature.subject_name'?: string | undefined; 'dll.code_signature.team_id'?: string | undefined; 'dll.code_signature.timestamp'?: string | number | undefined; 'dll.code_signature.trusted'?: boolean | undefined; 'dll.code_signature.valid'?: boolean | undefined; 'dll.hash.md5'?: string | undefined; 'dll.hash.sha1'?: string | undefined; 'dll.hash.sha256'?: string | undefined; 'dll.hash.sha384'?: string | undefined; 'dll.hash.sha512'?: string | undefined; 'dll.hash.ssdeep'?: string | undefined; 'dll.hash.tlsh'?: string | undefined; 'dll.name'?: string | undefined; 'dll.path'?: string | undefined; 'dll.pe.architecture'?: string | undefined; 'dll.pe.company'?: string | undefined; 'dll.pe.description'?: string | undefined; 'dll.pe.file_version'?: string | undefined; 'dll.pe.imphash'?: string | undefined; 'dll.pe.original_file_name'?: string | undefined; 'dll.pe.pehash'?: string | undefined; 'dll.pe.product'?: string | undefined; 'dns.answers'?: { class?: string | undefined; data?: string | undefined; name?: string | undefined; ttl?: string | number | undefined; type?: string | undefined; }[] | undefined; 'dns.header_flags'?: string[] | undefined; 'dns.id'?: string | undefined; 'dns.op_code'?: string | undefined; 'dns.question.class'?: string | undefined; 'dns.question.name'?: string | undefined; 'dns.question.registered_domain'?: string | undefined; 'dns.question.subdomain'?: string | undefined; 'dns.question.top_level_domain'?: string | undefined; 'dns.question.type'?: string | undefined; 'dns.resolved_ip'?: string[] | undefined; 'dns.response_code'?: string | undefined; 'dns.type'?: string | undefined; 'email.attachments'?: { 'file.extension'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.name'?: string | undefined; 'file.size'?: string | number | undefined; }[] | undefined; 'email.bcc.address'?: string[] | undefined; 'email.cc.address'?: string[] | undefined; 'email.content_type'?: string | undefined; 'email.delivery_timestamp'?: string | number | undefined; 'email.direction'?: string | undefined; 'email.from.address'?: string[] | undefined; 'email.local_id'?: string | undefined; 'email.message_id'?: string | undefined; 'email.origination_timestamp'?: string | number | undefined; 'email.reply_to.address'?: string[] | undefined; 'email.sender.address'?: string | undefined; 'email.subject'?: string | undefined; 'email.to.address'?: string[] | undefined; 'email.x_mailer'?: string | undefined; 'error.code'?: string | undefined; 'error.id'?: string | undefined; 'error.message'?: string | undefined; 'error.stack_trace'?: string | undefined; 'error.type'?: string | undefined; 'event.action'?: string | undefined; 'event.agent_id_status'?: string | undefined; 'event.category'?: string[] | undefined; 'event.code'?: string | undefined; 'event.created'?: string | number | undefined; 'event.dataset'?: string | undefined; 'event.duration'?: string | number | undefined; 'event.end'?: string | number | undefined; 'event.hash'?: string | undefined; 'event.id'?: string | undefined; 'event.ingested'?: string | number | undefined; 'event.kind'?: string | undefined; 'event.module'?: string | undefined; 'event.original'?: string | undefined; 'event.outcome'?: string | undefined; 'event.provider'?: string | undefined; 'event.reason'?: string | undefined; 'event.reference'?: string | undefined; 'event.risk_score'?: number | undefined; 'event.risk_score_norm'?: number | undefined; 'event.sequence'?: string | number | undefined; 'event.severity'?: string | number | undefined; 'event.start'?: string | number | undefined; 'event.timezone'?: string | undefined; 'event.type'?: string[] | undefined; 'event.url'?: string | undefined; 'faas.coldstart'?: boolean | undefined; 'faas.execution'?: string | undefined; 'faas.id'?: string | undefined; 'faas.name'?: string | undefined; 'faas.version'?: string | undefined; 'file.accessed'?: string | number | undefined; 'file.attributes'?: string[] | undefined; 'file.code_signature.digest_algorithm'?: string | undefined; 'file.code_signature.exists'?: boolean | undefined; 'file.code_signature.signing_id'?: string | undefined; 'file.code_signature.status'?: string | undefined; 'file.code_signature.subject_name'?: string | undefined; 'file.code_signature.team_id'?: string | undefined; 'file.code_signature.timestamp'?: string | number | undefined; 'file.code_signature.trusted'?: boolean | undefined; 'file.code_signature.valid'?: boolean | undefined; 'file.created'?: string | number | undefined; 'file.ctime'?: string | number | undefined; 'file.device'?: string | undefined; 'file.directory'?: string | undefined; 'file.drive_letter'?: string | undefined; 'file.elf.architecture'?: string | undefined; 'file.elf.byte_order'?: string | undefined; 'file.elf.cpu_type'?: string | undefined; 'file.elf.creation_date'?: string | number | undefined; 'file.elf.exports'?: unknown[] | undefined; 'file.elf.header.abi_version'?: string | undefined; 'file.elf.header.class'?: string | undefined; 'file.elf.header.data'?: string | undefined; 'file.elf.header.entrypoint'?: string | number | undefined; 'file.elf.header.object_version'?: string | undefined; 'file.elf.header.os_abi'?: string | undefined; 'file.elf.header.type'?: string | undefined; 'file.elf.header.version'?: string | undefined; 'file.elf.imports'?: unknown[] | undefined; 'file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'file.elf.shared_libraries'?: string[] | undefined; 'file.elf.telfhash'?: string | undefined; 'file.extension'?: string | undefined; 'file.fork_name'?: string | undefined; 'file.gid'?: string | undefined; 'file.group'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.inode'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.mode'?: string | undefined; 'file.mtime'?: string | number | undefined; 'file.name'?: string | undefined; 'file.owner'?: string | undefined; 'file.path'?: string | undefined; 'file.pe.architecture'?: string | undefined; 'file.pe.company'?: string | undefined; 'file.pe.description'?: string | undefined; 'file.pe.file_version'?: string | undefined; 'file.pe.imphash'?: string | undefined; 'file.pe.original_file_name'?: string | undefined; 'file.pe.pehash'?: string | undefined; 'file.pe.product'?: string | undefined; 'file.size'?: string | number | undefined; 'file.target_path'?: string | undefined; 'file.type'?: string | undefined; 'file.uid'?: string | undefined; 'file.x509.alternative_names'?: string[] | undefined; 'file.x509.issuer.common_name'?: string[] | undefined; 'file.x509.issuer.country'?: string[] | undefined; 'file.x509.issuer.distinguished_name'?: string | undefined; 'file.x509.issuer.locality'?: string[] | undefined; 'file.x509.issuer.organization'?: string[] | undefined; 'file.x509.issuer.organizational_unit'?: string[] | undefined; 'file.x509.issuer.state_or_province'?: string[] | undefined; 'file.x509.not_after'?: string | number | undefined; 'file.x509.not_before'?: string | number | undefined; 'file.x509.public_key_algorithm'?: string | undefined; 'file.x509.public_key_curve'?: string | undefined; 'file.x509.public_key_exponent'?: string | number | undefined; 'file.x509.public_key_size'?: string | number | undefined; 'file.x509.serial_number'?: string | undefined; 'file.x509.signature_algorithm'?: string | undefined; 'file.x509.subject.common_name'?: string[] | undefined; 'file.x509.subject.country'?: string[] | undefined; 'file.x509.subject.distinguished_name'?: string | undefined; 'file.x509.subject.locality'?: string[] | undefined; 'file.x509.subject.organization'?: string[] | undefined; 'file.x509.subject.organizational_unit'?: string[] | undefined; 'file.x509.subject.state_or_province'?: string[] | undefined; 'file.x509.version_number'?: string | undefined; 'group.domain'?: string | undefined; 'group.id'?: string | undefined; 'group.name'?: string | undefined; 'host.architecture'?: string | undefined; 'host.boot.id'?: string | undefined; 'host.cpu.usage'?: string | number | undefined; 'host.disk.read.bytes'?: string | number | undefined; 'host.disk.write.bytes'?: string | number | undefined; 'host.domain'?: string | undefined; 'host.geo.city_name'?: string | undefined; 'host.geo.continent_code'?: string | undefined; 'host.geo.continent_name'?: string | undefined; 'host.geo.country_iso_code'?: string | undefined; 'host.geo.country_name'?: string | undefined; 'host.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'host.geo.name'?: string | undefined; 'host.geo.postal_code'?: string | undefined; 'host.geo.region_iso_code'?: string | undefined; 'host.geo.region_name'?: string | undefined; 'host.geo.timezone'?: string | undefined; 'host.hostname'?: string | undefined; 'host.id'?: string | undefined; 'host.ip'?: string[] | undefined; 'host.mac'?: string[] | undefined; 'host.name'?: string | undefined; 'host.network.egress.bytes'?: string | number | undefined; 'host.network.egress.packets'?: string | number | undefined; 'host.network.ingress.bytes'?: string | number | undefined; 'host.network.ingress.packets'?: string | number | undefined; 'host.os.family'?: string | undefined; 'host.os.full'?: string | undefined; 'host.os.kernel'?: string | undefined; 'host.os.name'?: string | undefined; 'host.os.platform'?: string | undefined; 'host.os.type'?: string | undefined; 'host.os.version'?: string | undefined; 'host.pid_ns_ino'?: string | undefined; 'host.risk.calculated_level'?: string | undefined; 'host.risk.calculated_score'?: number | undefined; 'host.risk.calculated_score_norm'?: number | undefined; 'host.risk.static_level'?: string | undefined; 'host.risk.static_score'?: number | undefined; 'host.risk.static_score_norm'?: number | undefined; 'host.type'?: string | undefined; 'host.uptime'?: string | number | undefined; 'http.request.body.bytes'?: string | number | undefined; 'http.request.body.content'?: string | undefined; 'http.request.bytes'?: string | number | undefined; 'http.request.id'?: string | undefined; 'http.request.method'?: string | undefined; 'http.request.mime_type'?: string | undefined; 'http.request.referrer'?: string | undefined; 'http.response.body.bytes'?: string | number | undefined; 'http.response.body.content'?: string | undefined; 'http.response.bytes'?: string | number | undefined; 'http.response.mime_type'?: string | undefined; 'http.response.status_code'?: string | number | undefined; 'http.version'?: string | undefined; 'log.file.path'?: string | undefined; 'log.level'?: string | undefined; 'log.logger'?: string | undefined; 'log.origin.file.line'?: string | number | undefined; 'log.origin.file.name'?: string | undefined; 'log.origin.function'?: string | undefined; message?: string | undefined; 'network.application'?: string | undefined; 'network.bytes'?: string | number | undefined; 'network.community_id'?: string | undefined; 'network.direction'?: string | undefined; 'network.forwarded_ip'?: string | undefined; 'network.iana_number'?: string | undefined; 'network.name'?: string | undefined; 'network.packets'?: string | number | undefined; 'network.protocol'?: string | undefined; 'network.transport'?: string | undefined; 'network.type'?: string | undefined; 'network.vlan.id'?: string | undefined; 'network.vlan.name'?: string | undefined; 'observer.geo.city_name'?: string | undefined; 'observer.geo.continent_code'?: string | undefined; 'observer.geo.continent_name'?: string | undefined; 'observer.geo.country_iso_code'?: string | undefined; 'observer.geo.country_name'?: string | undefined; 'observer.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'observer.geo.name'?: string | undefined; 'observer.geo.postal_code'?: string | undefined; 'observer.geo.region_iso_code'?: string | undefined; 'observer.geo.region_name'?: string | undefined; 'observer.geo.timezone'?: string | undefined; 'observer.hostname'?: string | undefined; 'observer.ip'?: string[] | undefined; 'observer.mac'?: string[] | undefined; 'observer.name'?: string | undefined; 'observer.os.family'?: string | undefined; 'observer.os.full'?: string | undefined; 'observer.os.kernel'?: string | undefined; 'observer.os.name'?: string | undefined; 'observer.os.platform'?: string | undefined; 'observer.os.type'?: string | undefined; 'observer.os.version'?: string | undefined; 'observer.product'?: string | undefined; 'observer.serial_number'?: string | undefined; 'observer.type'?: string | undefined; 'observer.vendor'?: string | undefined; 'observer.version'?: string | undefined; 'orchestrator.api_version'?: string | undefined; 'orchestrator.cluster.id'?: string | undefined; 'orchestrator.cluster.name'?: string | undefined; 'orchestrator.cluster.url'?: string | undefined; 'orchestrator.cluster.version'?: string | undefined; 'orchestrator.namespace'?: string | undefined; 'orchestrator.organization'?: string | undefined; 'orchestrator.resource.id'?: string | undefined; 'orchestrator.resource.ip'?: string[] | undefined; 'orchestrator.resource.name'?: string | undefined; 'orchestrator.resource.parent.type'?: string | undefined; 'orchestrator.resource.type'?: string | undefined; 'orchestrator.type'?: string | undefined; 'organization.id'?: string | undefined; 'organization.name'?: string | undefined; 'package.architecture'?: string | undefined; 'package.build_version'?: string | undefined; 'package.checksum'?: string | undefined; 'package.description'?: string | undefined; 'package.install_scope'?: string | undefined; 'package.installed'?: string | number | undefined; 'package.license'?: string | undefined; 'package.name'?: string | undefined; 'package.path'?: string | undefined; 'package.reference'?: string | undefined; 'package.size'?: string | number | undefined; 'package.type'?: string | undefined; 'package.version'?: string | undefined; 'process.args'?: string[] | undefined; 'process.args_count'?: string | number | undefined; 'process.code_signature.digest_algorithm'?: string | undefined; 'process.code_signature.exists'?: boolean | undefined; 'process.code_signature.signing_id'?: string | undefined; 'process.code_signature.status'?: string | undefined; 'process.code_signature.subject_name'?: string | undefined; 'process.code_signature.team_id'?: string | undefined; 'process.code_signature.timestamp'?: string | number | undefined; 'process.code_signature.trusted'?: boolean | undefined; 'process.code_signature.valid'?: boolean | undefined; 'process.command_line'?: string | undefined; 'process.elf.architecture'?: string | undefined; 'process.elf.byte_order'?: string | undefined; 'process.elf.cpu_type'?: string | undefined; 'process.elf.creation_date'?: string | number | undefined; 'process.elf.exports'?: unknown[] | undefined; 'process.elf.header.abi_version'?: string | undefined; 'process.elf.header.class'?: string | undefined; 'process.elf.header.data'?: string | undefined; 'process.elf.header.entrypoint'?: string | number | undefined; 'process.elf.header.object_version'?: string | undefined; 'process.elf.header.os_abi'?: string | undefined; 'process.elf.header.type'?: string | undefined; 'process.elf.header.version'?: string | undefined; 'process.elf.imports'?: unknown[] | undefined; 'process.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.elf.shared_libraries'?: string[] | undefined; 'process.elf.telfhash'?: string | undefined; 'process.end'?: string | number | undefined; 'process.entity_id'?: string | undefined; 'process.entry_leader.args'?: string[] | undefined; 'process.entry_leader.args_count'?: string | number | undefined; 'process.entry_leader.attested_groups.name'?: string | undefined; 'process.entry_leader.attested_user.id'?: string | undefined; 'process.entry_leader.attested_user.name'?: string | undefined; 'process.entry_leader.command_line'?: string | undefined; 'process.entry_leader.entity_id'?: string | undefined; 'process.entry_leader.entry_meta.source.ip'?: string | undefined; 'process.entry_leader.entry_meta.type'?: string | undefined; 'process.entry_leader.executable'?: string | undefined; 'process.entry_leader.group.id'?: string | undefined; 'process.entry_leader.group.name'?: string | undefined; 'process.entry_leader.interactive'?: boolean | undefined; 'process.entry_leader.name'?: string | undefined; 'process.entry_leader.parent.entity_id'?: string | undefined; 'process.entry_leader.parent.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.entity_id'?: string | undefined; 'process.entry_leader.parent.session_leader.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.start'?: string | number | undefined; 'process.entry_leader.parent.start'?: string | number | undefined; 'process.entry_leader.pid'?: string | number | undefined; 'process.entry_leader.real_group.id'?: string | undefined; 'process.entry_leader.real_group.name'?: string | undefined; 'process.entry_leader.real_user.id'?: string | undefined; 'process.entry_leader.real_user.name'?: string | undefined; 'process.entry_leader.same_as_process'?: boolean | undefined; 'process.entry_leader.saved_group.id'?: string | undefined; 'process.entry_leader.saved_group.name'?: string | undefined; 'process.entry_leader.saved_user.id'?: string | undefined; 'process.entry_leader.saved_user.name'?: string | undefined; 'process.entry_leader.start'?: string | number | undefined; 'process.entry_leader.supplemental_groups.id'?: string | undefined; 'process.entry_leader.supplemental_groups.name'?: string | undefined; 'process.entry_leader.user.id'?: string | undefined; 'process.entry_leader.user.name'?: string | undefined; 'process.entry_leader.working_directory'?: string | undefined; 'process.env_vars'?: string[] | undefined; 'process.executable'?: string | undefined; 'process.exit_code'?: string | number | undefined; 'process.group_leader.args'?: string[] | undefined; 'process.group_leader.args_count'?: string | number | undefined; 'process.group_leader.command_line'?: string | undefined; 'process.group_leader.entity_id'?: string | undefined; 'process.group_leader.executable'?: string | undefined; 'process.group_leader.group.id'?: string | undefined; 'process.group_leader.group.name'?: string | undefined; 'process.group_leader.interactive'?: boolean | undefined; 'process.group_leader.name'?: string | undefined; 'process.group_leader.pid'?: string | number | undefined; 'process.group_leader.real_group.id'?: string | undefined; 'process.group_leader.real_group.name'?: string | undefined; 'process.group_leader.real_user.id'?: string | undefined; 'process.group_leader.real_user.name'?: string | undefined; 'process.group_leader.same_as_process'?: boolean | undefined; 'process.group_leader.saved_group.id'?: string | undefined; 'process.group_leader.saved_group.name'?: string | undefined; 'process.group_leader.saved_user.id'?: string | undefined; 'process.group_leader.saved_user.name'?: string | undefined; 'process.group_leader.start'?: string | number | undefined; 'process.group_leader.supplemental_groups.id'?: string | undefined; 'process.group_leader.supplemental_groups.name'?: string | undefined; 'process.group_leader.user.id'?: string | undefined; 'process.group_leader.user.name'?: string | undefined; 'process.group_leader.working_directory'?: string | undefined; 'process.hash.md5'?: string | undefined; 'process.hash.sha1'?: string | undefined; 'process.hash.sha256'?: string | undefined; 'process.hash.sha384'?: string | undefined; 'process.hash.sha512'?: string | undefined; 'process.hash.ssdeep'?: string | undefined; 'process.hash.tlsh'?: string | undefined; 'process.interactive'?: boolean | undefined; 'process.name'?: string | undefined; 'process.parent.args'?: string[] | undefined; 'process.parent.args_count'?: string | number | undefined; 'process.parent.code_signature.digest_algorithm'?: string | undefined; 'process.parent.code_signature.exists'?: boolean | undefined; 'process.parent.code_signature.signing_id'?: string | undefined; 'process.parent.code_signature.status'?: string | undefined; 'process.parent.code_signature.subject_name'?: string | undefined; 'process.parent.code_signature.team_id'?: string | undefined; 'process.parent.code_signature.timestamp'?: string | number | undefined; 'process.parent.code_signature.trusted'?: boolean | undefined; 'process.parent.code_signature.valid'?: boolean | undefined; 'process.parent.command_line'?: string | undefined; 'process.parent.elf.architecture'?: string | undefined; 'process.parent.elf.byte_order'?: string | undefined; 'process.parent.elf.cpu_type'?: string | undefined; 'process.parent.elf.creation_date'?: string | number | undefined; 'process.parent.elf.exports'?: unknown[] | undefined; 'process.parent.elf.header.abi_version'?: string | undefined; 'process.parent.elf.header.class'?: string | undefined; 'process.parent.elf.header.data'?: string | undefined; 'process.parent.elf.header.entrypoint'?: string | number | undefined; 'process.parent.elf.header.object_version'?: string | undefined; 'process.parent.elf.header.os_abi'?: string | undefined; 'process.parent.elf.header.type'?: string | undefined; 'process.parent.elf.header.version'?: string | undefined; 'process.parent.elf.imports'?: unknown[] | undefined; 'process.parent.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.parent.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.parent.elf.shared_libraries'?: string[] | undefined; 'process.parent.elf.telfhash'?: string | undefined; 'process.parent.end'?: string | number | undefined; 'process.parent.entity_id'?: string | undefined; 'process.parent.executable'?: string | undefined; 'process.parent.exit_code'?: string | number | undefined; 'process.parent.group.id'?: string | undefined; 'process.parent.group.name'?: string | undefined; 'process.parent.group_leader.entity_id'?: string | undefined; 'process.parent.group_leader.pid'?: string | number | undefined; 'process.parent.group_leader.start'?: string | number | undefined; 'process.parent.hash.md5'?: string | undefined; 'process.parent.hash.sha1'?: string | undefined; 'process.parent.hash.sha256'?: string | undefined; 'process.parent.hash.sha384'?: string | undefined; 'process.parent.hash.sha512'?: string | undefined; 'process.parent.hash.ssdeep'?: string | undefined; 'process.parent.hash.tlsh'?: string | undefined; 'process.parent.interactive'?: boolean | undefined; 'process.parent.name'?: string | undefined; 'process.parent.pe.architecture'?: string | undefined; 'process.parent.pe.company'?: string | undefined; 'process.parent.pe.description'?: string | undefined; 'process.parent.pe.file_version'?: string | undefined; 'process.parent.pe.imphash'?: string | undefined; 'process.parent.pe.original_file_name'?: string | undefined; 'process.parent.pe.pehash'?: string | undefined; 'process.parent.pe.product'?: string | undefined; 'process.parent.pgid'?: string | number | undefined; 'process.parent.pid'?: string | number | undefined; 'process.parent.real_group.id'?: string | undefined; 'process.parent.real_group.name'?: string | undefined; 'process.parent.real_user.id'?: string | undefined; 'process.parent.real_user.name'?: string | undefined; 'process.parent.saved_group.id'?: string | undefined; 'process.parent.saved_group.name'?: string | undefined; 'process.parent.saved_user.id'?: string | undefined; 'process.parent.saved_user.name'?: string | undefined; 'process.parent.start'?: string | number | undefined; 'process.parent.supplemental_groups.id'?: string | undefined; 'process.parent.supplemental_groups.name'?: string | undefined; 'process.parent.thread.id'?: string | number | undefined; 'process.parent.thread.name'?: string | undefined; 'process.parent.title'?: string | undefined; 'process.parent.uptime'?: string | number | undefined; 'process.parent.user.id'?: string | undefined; 'process.parent.user.name'?: string | undefined; 'process.parent.working_directory'?: string | undefined; 'process.pe.architecture'?: string | undefined; 'process.pe.company'?: string | undefined; 'process.pe.description'?: string | undefined; 'process.pe.file_version'?: string | undefined; 'process.pe.imphash'?: string | undefined; 'process.pe.original_file_name'?: string | undefined; 'process.pe.pehash'?: string | undefined; 'process.pe.product'?: string | undefined; 'process.pgid'?: string | number | undefined; 'process.pid'?: string | number | undefined; 'process.previous.args'?: string[] | undefined; 'process.previous.args_count'?: string | number | undefined; 'process.previous.executable'?: string | undefined; 'process.real_group.id'?: string | undefined; 'process.real_group.name'?: string | undefined; 'process.real_user.id'?: string | undefined; 'process.real_user.name'?: string | undefined; 'process.saved_group.id'?: string | undefined; 'process.saved_group.name'?: string | undefined; 'process.saved_user.id'?: string | undefined; 'process.saved_user.name'?: string | undefined; 'process.session_leader.args'?: string[] | undefined; 'process.session_leader.args_count'?: string | number | undefined; 'process.session_leader.command_line'?: string | undefined; 'process.session_leader.entity_id'?: string | undefined; 'process.session_leader.executable'?: string | undefined; 'process.session_leader.group.id'?: string | undefined; 'process.session_leader.group.name'?: string | undefined; 'process.session_leader.interactive'?: boolean | undefined; 'process.session_leader.name'?: string | undefined; 'process.session_leader.parent.entity_id'?: string | undefined; 'process.session_leader.parent.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.entity_id'?: string | undefined; 'process.session_leader.parent.session_leader.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.start'?: string | number | undefined; 'process.session_leader.parent.start'?: string | number | undefined; 'process.session_leader.pid'?: string | number | undefined; 'process.session_leader.real_group.id'?: string | undefined; 'process.session_leader.real_group.name'?: string | undefined; 'process.session_leader.real_user.id'?: string | undefined; 'process.session_leader.real_user.name'?: string | undefined; 'process.session_leader.same_as_process'?: boolean | undefined; 'process.session_leader.saved_group.id'?: string | undefined; 'process.session_leader.saved_group.name'?: string | undefined; 'process.session_leader.saved_user.id'?: string | undefined; 'process.session_leader.saved_user.name'?: string | undefined; 'process.session_leader.start'?: string | number | undefined; 'process.session_leader.supplemental_groups.id'?: string | undefined; 'process.session_leader.supplemental_groups.name'?: string | undefined; 'process.session_leader.user.id'?: string | undefined; 'process.session_leader.user.name'?: string | undefined; 'process.session_leader.working_directory'?: string | undefined; 'process.start'?: string | number | undefined; 'process.supplemental_groups.id'?: string | undefined; 'process.supplemental_groups.name'?: string | undefined; 'process.thread.id'?: string | number | undefined; 'process.thread.name'?: string | undefined; 'process.title'?: string | undefined; 'process.uptime'?: string | number | undefined; 'process.user.id'?: string | undefined; 'process.user.name'?: string | undefined; 'process.working_directory'?: string | undefined; 'registry.data.bytes'?: string | undefined; 'registry.data.strings'?: string[] | undefined; 'registry.data.type'?: string | undefined; 'registry.hive'?: string | undefined; 'registry.key'?: string | undefined; 'registry.path'?: string | undefined; 'registry.value'?: string | undefined; 'related.hash'?: string[] | undefined; 'related.hosts'?: string[] | undefined; 'related.ip'?: string[] | undefined; 'related.user'?: string[] | undefined; 'rule.author'?: string[] | undefined; 'rule.category'?: string | undefined; 'rule.description'?: string | undefined; 'rule.id'?: string | undefined; 'rule.license'?: string | undefined; 'rule.name'?: string | undefined; 'rule.reference'?: string | undefined; 'rule.ruleset'?: string | undefined; 'rule.uuid'?: string | undefined; 'rule.version'?: string | undefined; 'server.address'?: string | undefined; 'server.as.number'?: string | number | undefined; 'server.as.organization.name'?: string | undefined; 'server.bytes'?: string | number | undefined; 'server.domain'?: string | undefined; 'server.geo.city_name'?: string | undefined; 'server.geo.continent_code'?: string | undefined; 'server.geo.continent_name'?: string | undefined; 'server.geo.country_iso_code'?: string | undefined; 'server.geo.country_name'?: string | undefined; 'server.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'server.geo.name'?: string | undefined; 'server.geo.postal_code'?: string | undefined; 'server.geo.region_iso_code'?: string | undefined; 'server.geo.region_name'?: string | undefined; 'server.geo.timezone'?: string | undefined; 'server.ip'?: string | undefined; 'server.mac'?: string | undefined; 'server.nat.ip'?: string | undefined; 'server.nat.port'?: string | number | undefined; 'server.packets'?: string | number | undefined; 'server.port'?: string | number | undefined; 'server.registered_domain'?: string | undefined; 'server.subdomain'?: string | undefined; 'server.top_level_domain'?: string | undefined; 'server.user.domain'?: string | undefined; 'server.user.email'?: string | undefined; 'server.user.full_name'?: string | undefined; 'server.user.group.domain'?: string | undefined; 'server.user.group.id'?: string | undefined; 'server.user.group.name'?: string | undefined; 'server.user.hash'?: string | undefined; 'server.user.id'?: string | undefined; 'server.user.name'?: string | undefined; 'server.user.roles'?: string[] | undefined; 'service.address'?: string | undefined; 'service.environment'?: string | undefined; 'service.ephemeral_id'?: string | undefined; 'service.id'?: string | undefined; 'service.name'?: string | undefined; 'service.node.name'?: string | undefined; 'service.node.role'?: string | undefined; 'service.node.roles'?: string[] | undefined; 'service.origin.address'?: string | undefined; 'service.origin.environment'?: string | undefined; 'service.origin.ephemeral_id'?: string | undefined; 'service.origin.id'?: string | undefined; 'service.origin.name'?: string | undefined; 'service.origin.node.name'?: string | undefined; 'service.origin.node.role'?: string | undefined; 'service.origin.node.roles'?: string[] | undefined; 'service.origin.state'?: string | undefined; 'service.origin.type'?: string | undefined; 'service.origin.version'?: string | undefined; 'service.state'?: string | undefined; 'service.target.address'?: string | undefined; 'service.target.environment'?: string | undefined; 'service.target.ephemeral_id'?: string | undefined; 'service.target.id'?: string | undefined; 'service.target.name'?: string | undefined; 'service.target.node.name'?: string | undefined; 'service.target.node.role'?: string | undefined; 'service.target.node.roles'?: string[] | undefined; 'service.target.state'?: string | undefined; 'service.target.type'?: string | undefined; 'service.target.version'?: string | undefined; 'service.type'?: string | undefined; 'service.version'?: string | undefined; 'source.address'?: string | undefined; 'source.as.number'?: string | number | undefined; 'source.as.organization.name'?: string | undefined; 'source.bytes'?: string | number | undefined; 'source.domain'?: string | undefined; 'source.geo.city_name'?: string | undefined; 'source.geo.continent_code'?: string | undefined; 'source.geo.continent_name'?: string | undefined; 'source.geo.country_iso_code'?: string | undefined; 'source.geo.country_name'?: string | undefined; 'source.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'source.geo.name'?: string | undefined; 'source.geo.postal_code'?: string | undefined; 'source.geo.region_iso_code'?: string | undefined; 'source.geo.region_name'?: string | undefined; 'source.geo.timezone'?: string | undefined; 'source.ip'?: string | undefined; 'source.mac'?: string | undefined; 'source.nat.ip'?: string | undefined; 'source.nat.port'?: string | number | undefined; 'source.packets'?: string | number | undefined; 'source.port'?: string | number | undefined; 'source.registered_domain'?: string | undefined; 'source.subdomain'?: string | undefined; 'source.top_level_domain'?: string | undefined; 'source.user.domain'?: string | undefined; 'source.user.email'?: string | undefined; 'source.user.full_name'?: string | undefined; 'source.user.group.domain'?: string | undefined; 'source.user.group.id'?: string | undefined; 'source.user.group.name'?: string | undefined; 'source.user.hash'?: string | undefined; 'source.user.id'?: string | undefined; 'source.user.name'?: string | undefined; 'source.user.roles'?: string[] | undefined; 'span.id'?: string | undefined; tags?: string[] | undefined; 'threat.enrichments'?: { 'matched.atomic'?: string | undefined; 'matched.field'?: string | undefined; 'matched.id'?: string | undefined; 'matched.index'?: string | undefined; 'matched.occurred'?: string | number | undefined; 'matched.type'?: string | undefined; }[] | undefined; 'threat.feed.dashboard_id'?: string | undefined; 'threat.feed.description'?: string | undefined; 'threat.feed.name'?: string | undefined; 'threat.feed.reference'?: string | undefined; 'threat.framework'?: string | undefined; 'threat.group.alias'?: string[] | undefined; 'threat.group.id'?: string | undefined; 'threat.group.name'?: string | undefined; 'threat.group.reference'?: string | undefined; 'threat.indicator.as.number'?: string | number | undefined; 'threat.indicator.as.organization.name'?: string | undefined; 'threat.indicator.confidence'?: string | undefined; 'threat.indicator.description'?: string | undefined; 'threat.indicator.email.address'?: string | undefined; 'threat.indicator.file.accessed'?: string | number | undefined; 'threat.indicator.file.attributes'?: string[] | undefined; 'threat.indicator.file.code_signature.digest_algorithm'?: string | undefined; 'threat.indicator.file.code_signature.exists'?: boolean | undefined; 'threat.indicator.file.code_signature.signing_id'?: string | undefined; 'threat.indicator.file.code_signature.status'?: string | undefined; 'threat.indicator.file.code_signature.subject_name'?: string | undefined; 'threat.indicator.file.code_signature.team_id'?: string | undefined; 'threat.indicator.file.code_signature.timestamp'?: string | number | undefined; 'threat.indicator.file.code_signature.trusted'?: boolean | undefined; 'threat.indicator.file.code_signature.valid'?: boolean | undefined; 'threat.indicator.file.created'?: string | number | undefined; 'threat.indicator.file.ctime'?: string | number | undefined; 'threat.indicator.file.device'?: string | undefined; 'threat.indicator.file.directory'?: string | undefined; 'threat.indicator.file.drive_letter'?: string | undefined; 'threat.indicator.file.elf.architecture'?: string | undefined; 'threat.indicator.file.elf.byte_order'?: string | undefined; 'threat.indicator.file.elf.cpu_type'?: string | undefined; 'threat.indicator.file.elf.creation_date'?: string | number | undefined; 'threat.indicator.file.elf.exports'?: unknown[] | undefined; 'threat.indicator.file.elf.header.abi_version'?: string | undefined; 'threat.indicator.file.elf.header.class'?: string | undefined; 'threat.indicator.file.elf.header.data'?: string | undefined; 'threat.indicator.file.elf.header.entrypoint'?: string | number | undefined; 'threat.indicator.file.elf.header.object_version'?: string | undefined; 'threat.indicator.file.elf.header.os_abi'?: string | undefined; 'threat.indicator.file.elf.header.type'?: string | undefined; 'threat.indicator.file.elf.header.version'?: string | undefined; 'threat.indicator.file.elf.imports'?: unknown[] | undefined; 'threat.indicator.file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'threat.indicator.file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'threat.indicator.file.elf.shared_libraries'?: string[] | undefined; 'threat.indicator.file.elf.telfhash'?: string | undefined; 'threat.indicator.file.extension'?: string | undefined; 'threat.indicator.file.fork_name'?: string | undefined; 'threat.indicator.file.gid'?: string | undefined; 'threat.indicator.file.group'?: string | undefined; 'threat.indicator.file.hash.md5'?: string | undefined; 'threat.indicator.file.hash.sha1'?: string | undefined; 'threat.indicator.file.hash.sha256'?: string | undefined; 'threat.indicator.file.hash.sha384'?: string | undefined; 'threat.indicator.file.hash.sha512'?: string | undefined; 'threat.indicator.file.hash.ssdeep'?: string | undefined; 'threat.indicator.file.hash.tlsh'?: string | undefined; 'threat.indicator.file.inode'?: string | undefined; 'threat.indicator.file.mime_type'?: string | undefined; 'threat.indicator.file.mode'?: string | undefined; 'threat.indicator.file.mtime'?: string | number | undefined; 'threat.indicator.file.name'?: string | undefined; 'threat.indicator.file.owner'?: string | undefined; 'threat.indicator.file.path'?: string | undefined; 'threat.indicator.file.pe.architecture'?: string | undefined; 'threat.indicator.file.pe.company'?: string | undefined; 'threat.indicator.file.pe.description'?: string | undefined; 'threat.indicator.file.pe.file_version'?: string | undefined; 'threat.indicator.file.pe.imphash'?: string | undefined; 'threat.indicator.file.pe.original_file_name'?: string | undefined; 'threat.indicator.file.pe.pehash'?: string | undefined; 'threat.indicator.file.pe.product'?: string | undefined; 'threat.indicator.file.size'?: string | number | undefined; 'threat.indicator.file.target_path'?: string | undefined; 'threat.indicator.file.type'?: string | undefined; 'threat.indicator.file.uid'?: string | undefined; 'threat.indicator.file.x509.alternative_names'?: string[] | undefined; 'threat.indicator.file.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.file.x509.issuer.country'?: string[] | undefined; 'threat.indicator.file.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.not_after'?: string | number | undefined; 'threat.indicator.file.x509.not_before'?: string | number | undefined; 'threat.indicator.file.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.file.x509.public_key_curve'?: string | undefined; 'threat.indicator.file.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.file.x509.public_key_size'?: string | number | undefined; 'threat.indicator.file.x509.serial_number'?: string | undefined; 'threat.indicator.file.x509.signature_algorithm'?: string | undefined; 'threat.indicator.file.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.file.x509.subject.country'?: string[] | undefined; 'threat.indicator.file.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.subject.locality'?: string[] | undefined; 'threat.indicator.file.x509.subject.organization'?: string[] | undefined; 'threat.indicator.file.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.version_number'?: string | undefined; 'threat.indicator.first_seen'?: string | number | undefined; 'threat.indicator.geo.city_name'?: string | undefined; 'threat.indicator.geo.continent_code'?: string | undefined; 'threat.indicator.geo.continent_name'?: string | undefined; 'threat.indicator.geo.country_iso_code'?: string | undefined; 'threat.indicator.geo.country_name'?: string | undefined; 'threat.indicator.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'threat.indicator.geo.name'?: string | undefined; 'threat.indicator.geo.postal_code'?: string | undefined; 'threat.indicator.geo.region_iso_code'?: string | undefined; 'threat.indicator.geo.region_name'?: string | undefined; 'threat.indicator.geo.timezone'?: string | undefined; 'threat.indicator.ip'?: string | undefined; 'threat.indicator.last_seen'?: string | number | undefined; 'threat.indicator.marking.tlp'?: string | undefined; 'threat.indicator.marking.tlp_version'?: string | undefined; 'threat.indicator.modified_at'?: string | number | undefined; 'threat.indicator.port'?: string | number | undefined; 'threat.indicator.provider'?: string | undefined; 'threat.indicator.reference'?: string | undefined; 'threat.indicator.registry.data.bytes'?: string | undefined; 'threat.indicator.registry.data.strings'?: string[] | undefined; 'threat.indicator.registry.data.type'?: string | undefined; 'threat.indicator.registry.hive'?: string | undefined; 'threat.indicator.registry.key'?: string | undefined; 'threat.indicator.registry.path'?: string | undefined; 'threat.indicator.registry.value'?: string | undefined; 'threat.indicator.scanner_stats'?: string | number | undefined; 'threat.indicator.sightings'?: string | number | undefined; 'threat.indicator.type'?: string | undefined; 'threat.indicator.url.domain'?: string | undefined; 'threat.indicator.url.extension'?: string | undefined; 'threat.indicator.url.fragment'?: string | undefined; 'threat.indicator.url.full'?: string | undefined; 'threat.indicator.url.original'?: string | undefined; 'threat.indicator.url.password'?: string | undefined; 'threat.indicator.url.path'?: string | undefined; 'threat.indicator.url.port'?: string | number | undefined; 'threat.indicator.url.query'?: string | undefined; 'threat.indicator.url.registered_domain'?: string | undefined; 'threat.indicator.url.scheme'?: string | undefined; 'threat.indicator.url.subdomain'?: string | undefined; 'threat.indicator.url.top_level_domain'?: string | undefined; 'threat.indicator.url.username'?: string | undefined; 'threat.indicator.x509.alternative_names'?: string[] | undefined; 'threat.indicator.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.x509.issuer.country'?: string[] | undefined; 'threat.indicator.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.x509.not_after'?: string | number | undefined; 'threat.indicator.x509.not_before'?: string | number | undefined; 'threat.indicator.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.x509.public_key_curve'?: string | undefined; 'threat.indicator.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.x509.public_key_size'?: string | number | undefined; 'threat.indicator.x509.serial_number'?: string | undefined; 'threat.indicator.x509.signature_algorithm'?: string | undefined; 'threat.indicator.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.x509.subject.country'?: string[] | undefined; 'threat.indicator.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.x509.subject.locality'?: string[] | undefined; 'threat.indicator.x509.subject.organization'?: string[] | undefined; 'threat.indicator.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.x509.version_number'?: string | undefined; 'threat.software.alias'?: string[] | undefined; 'threat.software.id'?: string | undefined; 'threat.software.name'?: string | undefined; 'threat.software.platforms'?: string[] | undefined; 'threat.software.reference'?: string | undefined; 'threat.software.type'?: string | undefined; 'threat.tactic.id'?: string[] | undefined; 'threat.tactic.name'?: string[] | undefined; 'threat.tactic.reference'?: string[] | undefined; 'threat.technique.id'?: string[] | undefined; 'threat.technique.name'?: string[] | undefined; 'threat.technique.reference'?: string[] | undefined; 'threat.technique.subtechnique.id'?: string[] | undefined; 'threat.technique.subtechnique.name'?: string[] | undefined; 'threat.technique.subtechnique.reference'?: string[] | undefined; 'tls.cipher'?: string | undefined; 'tls.client.certificate'?: string | undefined; 'tls.client.certificate_chain'?: string[] | undefined; 'tls.client.hash.md5'?: string | undefined; 'tls.client.hash.sha1'?: string | undefined; 'tls.client.hash.sha256'?: string | undefined; 'tls.client.issuer'?: string | undefined; 'tls.client.ja3'?: string | undefined; 'tls.client.not_after'?: string | number | undefined; 'tls.client.not_before'?: string | number | undefined; 'tls.client.server_name'?: string | undefined; 'tls.client.subject'?: string | undefined; 'tls.client.supported_ciphers'?: string[] | undefined; 'tls.client.x509.alternative_names'?: string[] | undefined; 'tls.client.x509.issuer.common_name'?: string[] | undefined; 'tls.client.x509.issuer.country'?: string[] | undefined; 'tls.client.x509.issuer.distinguished_name'?: string | undefined; 'tls.client.x509.issuer.locality'?: string[] | undefined; 'tls.client.x509.issuer.organization'?: string[] | undefined; 'tls.client.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.client.x509.issuer.state_or_province'?: string[] | undefined; 'tls.client.x509.not_after'?: string | number | undefined; 'tls.client.x509.not_before'?: string | number | undefined; 'tls.client.x509.public_key_algorithm'?: string | undefined; 'tls.client.x509.public_key_curve'?: string | undefined; 'tls.client.x509.public_key_exponent'?: string | number | undefined; 'tls.client.x509.public_key_size'?: string | number | undefined; 'tls.client.x509.serial_number'?: string | undefined; 'tls.client.x509.signature_algorithm'?: string | undefined; 'tls.client.x509.subject.common_name'?: string[] | undefined; 'tls.client.x509.subject.country'?: string[] | undefined; 'tls.client.x509.subject.distinguished_name'?: string | undefined; 'tls.client.x509.subject.locality'?: string[] | undefined; 'tls.client.x509.subject.organization'?: string[] | undefined; 'tls.client.x509.subject.organizational_unit'?: string[] | undefined; 'tls.client.x509.subject.state_or_province'?: string[] | undefined; 'tls.client.x509.version_number'?: string | undefined; 'tls.curve'?: string | undefined; 'tls.established'?: boolean | undefined; 'tls.next_protocol'?: string | undefined; 'tls.resumed'?: boolean | undefined; 'tls.server.certificate'?: string | undefined; 'tls.server.certificate_chain'?: string[] | undefined; 'tls.server.hash.md5'?: string | undefined; 'tls.server.hash.sha1'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.issuer'?: string | undefined; 'tls.server.ja3s'?: string | undefined; 'tls.server.not_after'?: string | number | undefined; 'tls.server.not_before'?: string | number | undefined; 'tls.server.subject'?: string | undefined; 'tls.server.x509.alternative_names'?: string[] | undefined; 'tls.server.x509.issuer.common_name'?: string[] | undefined; 'tls.server.x509.issuer.country'?: string[] | undefined; 'tls.server.x509.issuer.distinguished_name'?: string | undefined; 'tls.server.x509.issuer.locality'?: string[] | undefined; 'tls.server.x509.issuer.organization'?: string[] | undefined; 'tls.server.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.server.x509.issuer.state_or_province'?: string[] | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.public_key_algorithm'?: string | undefined; 'tls.server.x509.public_key_curve'?: string | undefined; 'tls.server.x509.public_key_exponent'?: string | number | undefined; 'tls.server.x509.public_key_size'?: string | number | undefined; 'tls.server.x509.serial_number'?: string | undefined; 'tls.server.x509.signature_algorithm'?: string | undefined; 'tls.server.x509.subject.common_name'?: string[] | undefined; 'tls.server.x509.subject.country'?: string[] | undefined; 'tls.server.x509.subject.distinguished_name'?: string | undefined; 'tls.server.x509.subject.locality'?: string[] | undefined; 'tls.server.x509.subject.organization'?: string[] | undefined; 'tls.server.x509.subject.organizational_unit'?: string[] | undefined; 'tls.server.x509.subject.state_or_province'?: string[] | undefined; 'tls.server.x509.version_number'?: string | undefined; 'tls.version'?: string | undefined; 'tls.version_protocol'?: string | undefined; 'trace.id'?: string | undefined; 'transaction.id'?: string | undefined; 'url.domain'?: string | undefined; 'url.extension'?: string | undefined; 'url.fragment'?: string | undefined; 'url.full'?: string | undefined; 'url.original'?: string | undefined; 'url.password'?: string | undefined; 'url.path'?: string | undefined; 'url.port'?: string | number | undefined; 'url.query'?: string | undefined; 'url.registered_domain'?: string | undefined; 'url.scheme'?: string | undefined; 'url.subdomain'?: string | undefined; 'url.top_level_domain'?: string | undefined; 'url.username'?: string | undefined; 'user.changes.domain'?: string | undefined; 'user.changes.email'?: string | undefined; 'user.changes.full_name'?: string | undefined; 'user.changes.group.domain'?: string | undefined; 'user.changes.group.id'?: string | undefined; 'user.changes.group.name'?: string | undefined; 'user.changes.hash'?: string | undefined; 'user.changes.id'?: string | undefined; 'user.changes.name'?: string | undefined; 'user.changes.roles'?: string[] | undefined; 'user.domain'?: string | undefined; 'user.effective.domain'?: string | undefined; 'user.effective.email'?: string | undefined; 'user.effective.full_name'?: string | undefined; 'user.effective.group.domain'?: string | undefined; 'user.effective.group.id'?: string | undefined; 'user.effective.group.name'?: string | undefined; 'user.effective.hash'?: string | undefined; 'user.effective.id'?: string | undefined; 'user.effective.name'?: string | undefined; 'user.effective.roles'?: string[] | undefined; 'user.email'?: string | undefined; 'user.full_name'?: string | undefined; 'user.group.domain'?: string | undefined; 'user.group.id'?: string | undefined; 'user.group.name'?: string | undefined; 'user.hash'?: string | undefined; 'user.id'?: string | undefined; 'user.name'?: string | undefined; 'user.risk.calculated_level'?: string | undefined; 'user.risk.calculated_score'?: number | undefined; 'user.risk.calculated_score_norm'?: number | undefined; 'user.risk.static_level'?: string | undefined; 'user.risk.static_score'?: number | undefined; 'user.risk.static_score_norm'?: number | undefined; 'user.roles'?: string[] | undefined; 'user.target.domain'?: string | undefined; 'user.target.email'?: string | undefined; 'user.target.full_name'?: string | undefined; 'user.target.group.domain'?: string | undefined; 'user.target.group.id'?: string | undefined; 'user.target.group.name'?: string | undefined; 'user.target.hash'?: string | undefined; 'user.target.id'?: string | undefined; 'user.target.name'?: string | undefined; 'user.target.roles'?: string[] | undefined; 'user_agent.device.name'?: string | undefined; 'user_agent.name'?: string | undefined; 'user_agent.original'?: string | undefined; 'user_agent.os.family'?: string | undefined; 'user_agent.os.full'?: string | undefined; 'user_agent.os.kernel'?: string | undefined; 'user_agent.os.name'?: string | undefined; 'user_agent.os.platform'?: string | undefined; 'user_agent.os.type'?: string | undefined; 'user_agent.os.version'?: string | undefined; 'user_agent.version'?: string | undefined; 'vulnerability.category'?: string[] | undefined; 'vulnerability.classification'?: string | undefined; 'vulnerability.description'?: string | undefined; 'vulnerability.enumeration'?: string | undefined; 'vulnerability.id'?: string | undefined; 'vulnerability.reference'?: string | undefined; 'vulnerability.report_id'?: string | undefined; 'vulnerability.scanner.vendor'?: string | undefined; 'vulnerability.score.base'?: number | undefined; 'vulnerability.score.environmental'?: number | undefined; 'vulnerability.score.temporal'?: number | undefined; 'vulnerability.score.version'?: string | undefined; 'vulnerability.severity'?: string | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }) | ({} & { 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'slo.id'?: string | undefined; 'slo.instanceId'?: string | undefined; 'slo.revision'?: string | number | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }) | ({} & { 'agent.name'?: string | undefined; 'anomaly.bucket_span.minutes'?: string | undefined; 'anomaly.start'?: string | number | undefined; 'error.message'?: string | undefined; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'monitor.id'?: string | undefined; 'monitor.name'?: string | undefined; 'monitor.type'?: string | undefined; 'observer.geo.name'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.x509.issuer.common_name'?: string | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.subject.common_name'?: string | undefined; 'url.full'?: string | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }) | ({ '@timestamp': string | number; 'kibana.alert.ancestors': { depth: string | number; id: string; index: string; type: string; }[]; 'kibana.alert.depth': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.original_event.action': string; 'kibana.alert.original_event.category': string[]; 'kibana.alert.original_event.created': string | number; 'kibana.alert.original_event.dataset': string; 'kibana.alert.original_event.id': string; 'kibana.alert.original_event.ingested': string | number; 'kibana.alert.original_event.kind': string; 'kibana.alert.original_event.module': string; 'kibana.alert.original_event.original': string; 'kibana.alert.original_event.outcome': string; 'kibana.alert.original_event.provider': string; 'kibana.alert.original_event.sequence': string | number; 'kibana.alert.original_event.type': string[]; 'kibana.alert.original_time': string | number; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.false_positives': string[]; 'kibana.alert.rule.max_signals': (string | number)[]; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.threat.framework': string; 'kibana.alert.rule.threat.tactic.id': string; 'kibana.alert.rule.threat.tactic.name': string; 'kibana.alert.rule.threat.tactic.reference': string; 'kibana.alert.rule.threat.technique.id': string; 'kibana.alert.rule.threat.technique.name': string; 'kibana.alert.rule.threat.technique.reference': string; 'kibana.alert.rule.threat.technique.subtechnique.id': string; 'kibana.alert.rule.threat.technique.subtechnique.name': string; 'kibana.alert.rule.threat.technique.subtechnique.reference': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'ecs.version'?: string | undefined; 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.ancestors.rule'?: string | undefined; 'kibana.alert.building_block_type'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.group.id'?: string | undefined; 'kibana.alert.group.index'?: number | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.new_terms'?: string[] | undefined; 'kibana.alert.original_event.agent_id_status'?: string | undefined; 'kibana.alert.original_event.code'?: string | undefined; 'kibana.alert.original_event.duration'?: string | undefined; 'kibana.alert.original_event.end'?: string | number | undefined; 'kibana.alert.original_event.hash'?: string | undefined; 'kibana.alert.original_event.reason'?: string | undefined; 'kibana.alert.original_event.reference'?: string | undefined; 'kibana.alert.original_event.risk_score'?: number | undefined; 'kibana.alert.original_event.risk_score_norm'?: number | undefined; 'kibana.alert.original_event.severity'?: string | number | undefined; 'kibana.alert.original_event.start'?: string | number | undefined; 'kibana.alert.original_event.timezone'?: string | undefined; 'kibana.alert.original_event.url'?: string | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.building_block_type'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.immutable'?: string[] | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.rule.timeline_id'?: string[] | undefined; 'kibana.alert.rule.timeline_title'?: string[] | undefined; 'kibana.alert.rule.timestamp_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.threshold_result.count'?: string | number | undefined; 'kibana.alert.threshold_result.from'?: string | number | undefined; 'kibana.alert.threshold_result.terms'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.alert.workflow_user'?: string | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'ecs.version': string; } & { 'agent.build.original'?: string | undefined; 'agent.ephemeral_id'?: string | undefined; 'agent.id'?: string | undefined; 'agent.name'?: string | undefined; 'agent.type'?: string | undefined; 'agent.version'?: string | undefined; 'client.address'?: string | undefined; 'client.as.number'?: string | number | undefined; 'client.as.organization.name'?: string | undefined; 'client.bytes'?: string | number | undefined; 'client.domain'?: string | undefined; 'client.geo.city_name'?: string | undefined; 'client.geo.continent_code'?: string | undefined; 'client.geo.continent_name'?: string | undefined; 'client.geo.country_iso_code'?: string | undefined; 'client.geo.country_name'?: string | undefined; 'client.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'client.geo.name'?: string | undefined; 'client.geo.postal_code'?: string | undefined; 'client.geo.region_iso_code'?: string | undefined; 'client.geo.region_name'?: string | undefined; 'client.geo.timezone'?: string | undefined; 'client.ip'?: string | undefined; 'client.mac'?: string | undefined; 'client.nat.ip'?: string | undefined; 'client.nat.port'?: string | number | undefined; 'client.packets'?: string | number | undefined; 'client.port'?: string | number | undefined; 'client.registered_domain'?: string | undefined; 'client.subdomain'?: string | undefined; 'client.top_level_domain'?: string | undefined; 'client.user.domain'?: string | undefined; 'client.user.email'?: string | undefined; 'client.user.full_name'?: string | undefined; 'client.user.group.domain'?: string | undefined; 'client.user.group.id'?: string | undefined; 'client.user.group.name'?: string | undefined; 'client.user.hash'?: string | undefined; 'client.user.id'?: string | undefined; 'client.user.name'?: string | undefined; 'client.user.roles'?: string[] | undefined; 'cloud.account.id'?: string | undefined; 'cloud.account.name'?: string | undefined; 'cloud.availability_zone'?: string | undefined; 'cloud.instance.id'?: string | undefined; 'cloud.instance.name'?: string | undefined; 'cloud.machine.type'?: string | undefined; 'cloud.origin.account.id'?: string | undefined; 'cloud.origin.account.name'?: string | undefined; 'cloud.origin.availability_zone'?: string | undefined; 'cloud.origin.instance.id'?: string | undefined; 'cloud.origin.instance.name'?: string | undefined; 'cloud.origin.machine.type'?: string | undefined; 'cloud.origin.project.id'?: string | undefined; 'cloud.origin.project.name'?: string | undefined; 'cloud.origin.provider'?: string | undefined; 'cloud.origin.region'?: string | undefined; 'cloud.origin.service.name'?: string | undefined; 'cloud.project.id'?: string | undefined; 'cloud.project.name'?: string | undefined; 'cloud.provider'?: string | undefined; 'cloud.region'?: string | undefined; 'cloud.service.name'?: string | undefined; 'cloud.target.account.id'?: string | undefined; 'cloud.target.account.name'?: string | undefined; 'cloud.target.availability_zone'?: string | undefined; 'cloud.target.instance.id'?: string | undefined; 'cloud.target.instance.name'?: string | undefined; 'cloud.target.machine.type'?: string | undefined; 'cloud.target.project.id'?: string | undefined; 'cloud.target.project.name'?: string | undefined; 'cloud.target.provider'?: string | undefined; 'cloud.target.region'?: string | undefined; 'cloud.target.service.name'?: string | undefined; 'container.cpu.usage'?: string | number | undefined; 'container.disk.read.bytes'?: string | number | undefined; 'container.disk.write.bytes'?: string | number | undefined; 'container.id'?: string | undefined; 'container.image.hash.all'?: string[] | undefined; 'container.image.name'?: string | undefined; 'container.image.tag'?: string[] | undefined; 'container.memory.usage'?: string | number | undefined; 'container.name'?: string | undefined; 'container.network.egress.bytes'?: string | number | undefined; 'container.network.ingress.bytes'?: string | number | undefined; 'container.runtime'?: string | undefined; 'destination.address'?: string | undefined; 'destination.as.number'?: string | number | undefined; 'destination.as.organization.name'?: string | undefined; 'destination.bytes'?: string | number | undefined; 'destination.domain'?: string | undefined; 'destination.geo.city_name'?: string | undefined; 'destination.geo.continent_code'?: string | undefined; 'destination.geo.continent_name'?: string | undefined; 'destination.geo.country_iso_code'?: string | undefined; 'destination.geo.country_name'?: string | undefined; 'destination.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'destination.geo.name'?: string | undefined; 'destination.geo.postal_code'?: string | undefined; 'destination.geo.region_iso_code'?: string | undefined; 'destination.geo.region_name'?: string | undefined; 'destination.geo.timezone'?: string | undefined; 'destination.ip'?: string | undefined; 'destination.mac'?: string | undefined; 'destination.nat.ip'?: string | undefined; 'destination.nat.port'?: string | number | undefined; 'destination.packets'?: string | number | undefined; 'destination.port'?: string | number | undefined; 'destination.registered_domain'?: string | undefined; 'destination.subdomain'?: string | undefined; 'destination.top_level_domain'?: string | undefined; 'destination.user.domain'?: string | undefined; 'destination.user.email'?: string | undefined; 'destination.user.full_name'?: string | undefined; 'destination.user.group.domain'?: string | undefined; 'destination.user.group.id'?: string | undefined; 'destination.user.group.name'?: string | undefined; 'destination.user.hash'?: string | undefined; 'destination.user.id'?: string | undefined; 'destination.user.name'?: string | undefined; 'destination.user.roles'?: string[] | undefined; 'device.id'?: string | undefined; 'device.manufacturer'?: string | undefined; 'device.model.identifier'?: string | undefined; 'device.model.name'?: string | undefined; 'dll.code_signature.digest_algorithm'?: string | undefined; 'dll.code_signature.exists'?: boolean | undefined; 'dll.code_signature.signing_id'?: string | undefined; 'dll.code_signature.status'?: string | undefined; 'dll.code_signature.subject_name'?: string | undefined; 'dll.code_signature.team_id'?: string | undefined; 'dll.code_signature.timestamp'?: string | number | undefined; 'dll.code_signature.trusted'?: boolean | undefined; 'dll.code_signature.valid'?: boolean | undefined; 'dll.hash.md5'?: string | undefined; 'dll.hash.sha1'?: string | undefined; 'dll.hash.sha256'?: string | undefined; 'dll.hash.sha384'?: string | undefined; 'dll.hash.sha512'?: string | undefined; 'dll.hash.ssdeep'?: string | undefined; 'dll.hash.tlsh'?: string | undefined; 'dll.name'?: string | undefined; 'dll.path'?: string | undefined; 'dll.pe.architecture'?: string | undefined; 'dll.pe.company'?: string | undefined; 'dll.pe.description'?: string | undefined; 'dll.pe.file_version'?: string | undefined; 'dll.pe.imphash'?: string | undefined; 'dll.pe.original_file_name'?: string | undefined; 'dll.pe.pehash'?: string | undefined; 'dll.pe.product'?: string | undefined; 'dns.answers'?: { class?: string | undefined; data?: string | undefined; name?: string | undefined; ttl?: string | number | undefined; type?: string | undefined; }[] | undefined; 'dns.header_flags'?: string[] | undefined; 'dns.id'?: string | undefined; 'dns.op_code'?: string | undefined; 'dns.question.class'?: string | undefined; 'dns.question.name'?: string | undefined; 'dns.question.registered_domain'?: string | undefined; 'dns.question.subdomain'?: string | undefined; 'dns.question.top_level_domain'?: string | undefined; 'dns.question.type'?: string | undefined; 'dns.resolved_ip'?: string[] | undefined; 'dns.response_code'?: string | undefined; 'dns.type'?: string | undefined; 'email.attachments'?: { 'file.extension'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.name'?: string | undefined; 'file.size'?: string | number | undefined; }[] | undefined; 'email.bcc.address'?: string[] | undefined; 'email.cc.address'?: string[] | undefined; 'email.content_type'?: string | undefined; 'email.delivery_timestamp'?: string | number | undefined; 'email.direction'?: string | undefined; 'email.from.address'?: string[] | undefined; 'email.local_id'?: string | undefined; 'email.message_id'?: string | undefined; 'email.origination_timestamp'?: string | number | undefined; 'email.reply_to.address'?: string[] | undefined; 'email.sender.address'?: string | undefined; 'email.subject'?: string | undefined; 'email.to.address'?: string[] | undefined; 'email.x_mailer'?: string | undefined; 'error.code'?: string | undefined; 'error.id'?: string | undefined; 'error.message'?: string | undefined; 'error.stack_trace'?: string | undefined; 'error.type'?: string | undefined; 'event.action'?: string | undefined; 'event.agent_id_status'?: string | undefined; 'event.category'?: string[] | undefined; 'event.code'?: string | undefined; 'event.created'?: string | number | undefined; 'event.dataset'?: string | undefined; 'event.duration'?: string | number | undefined; 'event.end'?: string | number | undefined; 'event.hash'?: string | undefined; 'event.id'?: string | undefined; 'event.ingested'?: string | number | undefined; 'event.kind'?: string | undefined; 'event.module'?: string | undefined; 'event.original'?: string | undefined; 'event.outcome'?: string | undefined; 'event.provider'?: string | undefined; 'event.reason'?: string | undefined; 'event.reference'?: string | undefined; 'event.risk_score'?: number | undefined; 'event.risk_score_norm'?: number | undefined; 'event.sequence'?: string | number | undefined; 'event.severity'?: string | number | undefined; 'event.start'?: string | number | undefined; 'event.timezone'?: string | undefined; 'event.type'?: string[] | undefined; 'event.url'?: string | undefined; 'faas.coldstart'?: boolean | undefined; 'faas.execution'?: string | undefined; 'faas.id'?: string | undefined; 'faas.name'?: string | undefined; 'faas.version'?: string | undefined; 'file.accessed'?: string | number | undefined; 'file.attributes'?: string[] | undefined; 'file.code_signature.digest_algorithm'?: string | undefined; 'file.code_signature.exists'?: boolean | undefined; 'file.code_signature.signing_id'?: string | undefined; 'file.code_signature.status'?: string | undefined; 'file.code_signature.subject_name'?: string | undefined; 'file.code_signature.team_id'?: string | undefined; 'file.code_signature.timestamp'?: string | number | undefined; 'file.code_signature.trusted'?: boolean | undefined; 'file.code_signature.valid'?: boolean | undefined; 'file.created'?: string | number | undefined; 'file.ctime'?: string | number | undefined; 'file.device'?: string | undefined; 'file.directory'?: string | undefined; 'file.drive_letter'?: string | undefined; 'file.elf.architecture'?: string | undefined; 'file.elf.byte_order'?: string | undefined; 'file.elf.cpu_type'?: string | undefined; 'file.elf.creation_date'?: string | number | undefined; 'file.elf.exports'?: unknown[] | undefined; 'file.elf.header.abi_version'?: string | undefined; 'file.elf.header.class'?: string | undefined; 'file.elf.header.data'?: string | undefined; 'file.elf.header.entrypoint'?: string | number | undefined; 'file.elf.header.object_version'?: string | undefined; 'file.elf.header.os_abi'?: string | undefined; 'file.elf.header.type'?: string | undefined; 'file.elf.header.version'?: string | undefined; 'file.elf.imports'?: unknown[] | undefined; 'file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'file.elf.shared_libraries'?: string[] | undefined; 'file.elf.telfhash'?: string | undefined; 'file.extension'?: string | undefined; 'file.fork_name'?: string | undefined; 'file.gid'?: string | undefined; 'file.group'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.inode'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.mode'?: string | undefined; 'file.mtime'?: string | number | undefined; 'file.name'?: string | undefined; 'file.owner'?: string | undefined; 'file.path'?: string | undefined; 'file.pe.architecture'?: string | undefined; 'file.pe.company'?: string | undefined; 'file.pe.description'?: string | undefined; 'file.pe.file_version'?: string | undefined; 'file.pe.imphash'?: string | undefined; 'file.pe.original_file_name'?: string | undefined; 'file.pe.pehash'?: string | undefined; 'file.pe.product'?: string | undefined; 'file.size'?: string | number | undefined; 'file.target_path'?: string | undefined; 'file.type'?: string | undefined; 'file.uid'?: string | undefined; 'file.x509.alternative_names'?: string[] | undefined; 'file.x509.issuer.common_name'?: string[] | undefined; 'file.x509.issuer.country'?: string[] | undefined; 'file.x509.issuer.distinguished_name'?: string | undefined; 'file.x509.issuer.locality'?: string[] | undefined; 'file.x509.issuer.organization'?: string[] | undefined; 'file.x509.issuer.organizational_unit'?: string[] | undefined; 'file.x509.issuer.state_or_province'?: string[] | undefined; 'file.x509.not_after'?: string | number | undefined; 'file.x509.not_before'?: string | number | undefined; 'file.x509.public_key_algorithm'?: string | undefined; 'file.x509.public_key_curve'?: string | undefined; 'file.x509.public_key_exponent'?: string | number | undefined; 'file.x509.public_key_size'?: string | number | undefined; 'file.x509.serial_number'?: string | undefined; 'file.x509.signature_algorithm'?: string | undefined; 'file.x509.subject.common_name'?: string[] | undefined; 'file.x509.subject.country'?: string[] | undefined; 'file.x509.subject.distinguished_name'?: string | undefined; 'file.x509.subject.locality'?: string[] | undefined; 'file.x509.subject.organization'?: string[] | undefined; 'file.x509.subject.organizational_unit'?: string[] | undefined; 'file.x509.subject.state_or_province'?: string[] | undefined; 'file.x509.version_number'?: string | undefined; 'group.domain'?: string | undefined; 'group.id'?: string | undefined; 'group.name'?: string | undefined; 'host.architecture'?: string | undefined; 'host.boot.id'?: string | undefined; 'host.cpu.usage'?: string | number | undefined; 'host.disk.read.bytes'?: string | number | undefined; 'host.disk.write.bytes'?: string | number | undefined; 'host.domain'?: string | undefined; 'host.geo.city_name'?: string | undefined; 'host.geo.continent_code'?: string | undefined; 'host.geo.continent_name'?: string | undefined; 'host.geo.country_iso_code'?: string | undefined; 'host.geo.country_name'?: string | undefined; 'host.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'host.geo.name'?: string | undefined; 'host.geo.postal_code'?: string | undefined; 'host.geo.region_iso_code'?: string | undefined; 'host.geo.region_name'?: string | undefined; 'host.geo.timezone'?: string | undefined; 'host.hostname'?: string | undefined; 'host.id'?: string | undefined; 'host.ip'?: string[] | undefined; 'host.mac'?: string[] | undefined; 'host.name'?: string | undefined; 'host.network.egress.bytes'?: string | number | undefined; 'host.network.egress.packets'?: string | number | undefined; 'host.network.ingress.bytes'?: string | number | undefined; 'host.network.ingress.packets'?: string | number | undefined; 'host.os.family'?: string | undefined; 'host.os.full'?: string | undefined; 'host.os.kernel'?: string | undefined; 'host.os.name'?: string | undefined; 'host.os.platform'?: string | undefined; 'host.os.type'?: string | undefined; 'host.os.version'?: string | undefined; 'host.pid_ns_ino'?: string | undefined; 'host.risk.calculated_level'?: string | undefined; 'host.risk.calculated_score'?: number | undefined; 'host.risk.calculated_score_norm'?: number | undefined; 'host.risk.static_level'?: string | undefined; 'host.risk.static_score'?: number | undefined; 'host.risk.static_score_norm'?: number | undefined; 'host.type'?: string | undefined; 'host.uptime'?: string | number | undefined; 'http.request.body.bytes'?: string | number | undefined; 'http.request.body.content'?: string | undefined; 'http.request.bytes'?: string | number | undefined; 'http.request.id'?: string | undefined; 'http.request.method'?: string | undefined; 'http.request.mime_type'?: string | undefined; 'http.request.referrer'?: string | undefined; 'http.response.body.bytes'?: string | number | undefined; 'http.response.body.content'?: string | undefined; 'http.response.bytes'?: string | number | undefined; 'http.response.mime_type'?: string | undefined; 'http.response.status_code'?: string | number | undefined; 'http.version'?: string | undefined; 'log.file.path'?: string | undefined; 'log.level'?: string | undefined; 'log.logger'?: string | undefined; 'log.origin.file.line'?: string | number | undefined; 'log.origin.file.name'?: string | undefined; 'log.origin.function'?: string | undefined; message?: string | undefined; 'network.application'?: string | undefined; 'network.bytes'?: string | number | undefined; 'network.community_id'?: string | undefined; 'network.direction'?: string | undefined; 'network.forwarded_ip'?: string | undefined; 'network.iana_number'?: string | undefined; 'network.name'?: string | undefined; 'network.packets'?: string | number | undefined; 'network.protocol'?: string | undefined; 'network.transport'?: string | undefined; 'network.type'?: string | undefined; 'network.vlan.id'?: string | undefined; 'network.vlan.name'?: string | undefined; 'observer.geo.city_name'?: string | undefined; 'observer.geo.continent_code'?: string | undefined; 'observer.geo.continent_name'?: string | undefined; 'observer.geo.country_iso_code'?: string | undefined; 'observer.geo.country_name'?: string | undefined; 'observer.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'observer.geo.name'?: string | undefined; 'observer.geo.postal_code'?: string | undefined; 'observer.geo.region_iso_code'?: string | undefined; 'observer.geo.region_name'?: string | undefined; 'observer.geo.timezone'?: string | undefined; 'observer.hostname'?: string | undefined; 'observer.ip'?: string[] | undefined; 'observer.mac'?: string[] | undefined; 'observer.name'?: string | undefined; 'observer.os.family'?: string | undefined; 'observer.os.full'?: string | undefined; 'observer.os.kernel'?: string | undefined; 'observer.os.name'?: string | undefined; 'observer.os.platform'?: string | undefined; 'observer.os.type'?: string | undefined; 'observer.os.version'?: string | undefined; 'observer.product'?: string | undefined; 'observer.serial_number'?: string | undefined; 'observer.type'?: string | undefined; 'observer.vendor'?: string | undefined; 'observer.version'?: string | undefined; 'orchestrator.api_version'?: string | undefined; 'orchestrator.cluster.id'?: string | undefined; 'orchestrator.cluster.name'?: string | undefined; 'orchestrator.cluster.url'?: string | undefined; 'orchestrator.cluster.version'?: string | undefined; 'orchestrator.namespace'?: string | undefined; 'orchestrator.organization'?: string | undefined; 'orchestrator.resource.id'?: string | undefined; 'orchestrator.resource.ip'?: string[] | undefined; 'orchestrator.resource.name'?: string | undefined; 'orchestrator.resource.parent.type'?: string | undefined; 'orchestrator.resource.type'?: string | undefined; 'orchestrator.type'?: string | undefined; 'organization.id'?: string | undefined; 'organization.name'?: string | undefined; 'package.architecture'?: string | undefined; 'package.build_version'?: string | undefined; 'package.checksum'?: string | undefined; 'package.description'?: string | undefined; 'package.install_scope'?: string | undefined; 'package.installed'?: string | number | undefined; 'package.license'?: string | undefined; 'package.name'?: string | undefined; 'package.path'?: string | undefined; 'package.reference'?: string | undefined; 'package.size'?: string | number | undefined; 'package.type'?: string | undefined; 'package.version'?: string | undefined; 'process.args'?: string[] | undefined; 'process.args_count'?: string | number | undefined; 'process.code_signature.digest_algorithm'?: string | undefined; 'process.code_signature.exists'?: boolean | undefined; 'process.code_signature.signing_id'?: string | undefined; 'process.code_signature.status'?: string | undefined; 'process.code_signature.subject_name'?: string | undefined; 'process.code_signature.team_id'?: string | undefined; 'process.code_signature.timestamp'?: string | number | undefined; 'process.code_signature.trusted'?: boolean | undefined; 'process.code_signature.valid'?: boolean | undefined; 'process.command_line'?: string | undefined; 'process.elf.architecture'?: string | undefined; 'process.elf.byte_order'?: string | undefined; 'process.elf.cpu_type'?: string | undefined; 'process.elf.creation_date'?: string | number | undefined; 'process.elf.exports'?: unknown[] | undefined; 'process.elf.header.abi_version'?: string | undefined; 'process.elf.header.class'?: string | undefined; 'process.elf.header.data'?: string | undefined; 'process.elf.header.entrypoint'?: string | number | undefined; 'process.elf.header.object_version'?: string | undefined; 'process.elf.header.os_abi'?: string | undefined; 'process.elf.header.type'?: string | undefined; 'process.elf.header.version'?: string | undefined; 'process.elf.imports'?: unknown[] | undefined; 'process.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.elf.shared_libraries'?: string[] | undefined; 'process.elf.telfhash'?: string | undefined; 'process.end'?: string | number | undefined; 'process.entity_id'?: string | undefined; 'process.entry_leader.args'?: string[] | undefined; 'process.entry_leader.args_count'?: string | number | undefined; 'process.entry_leader.attested_groups.name'?: string | undefined; 'process.entry_leader.attested_user.id'?: string | undefined; 'process.entry_leader.attested_user.name'?: string | undefined; 'process.entry_leader.command_line'?: string | undefined; 'process.entry_leader.entity_id'?: string | undefined; 'process.entry_leader.entry_meta.source.ip'?: string | undefined; 'process.entry_leader.entry_meta.type'?: string | undefined; 'process.entry_leader.executable'?: string | undefined; 'process.entry_leader.group.id'?: string | undefined; 'process.entry_leader.group.name'?: string | undefined; 'process.entry_leader.interactive'?: boolean | undefined; 'process.entry_leader.name'?: string | undefined; 'process.entry_leader.parent.entity_id'?: string | undefined; 'process.entry_leader.parent.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.entity_id'?: string | undefined; 'process.entry_leader.parent.session_leader.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.start'?: string | number | undefined; 'process.entry_leader.parent.start'?: string | number | undefined; 'process.entry_leader.pid'?: string | number | undefined; 'process.entry_leader.real_group.id'?: string | undefined; 'process.entry_leader.real_group.name'?: string | undefined; 'process.entry_leader.real_user.id'?: string | undefined; 'process.entry_leader.real_user.name'?: string | undefined; 'process.entry_leader.same_as_process'?: boolean | undefined; 'process.entry_leader.saved_group.id'?: string | undefined; 'process.entry_leader.saved_group.name'?: string | undefined; 'process.entry_leader.saved_user.id'?: string | undefined; 'process.entry_leader.saved_user.name'?: string | undefined; 'process.entry_leader.start'?: string | number | undefined; 'process.entry_leader.supplemental_groups.id'?: string | undefined; 'process.entry_leader.supplemental_groups.name'?: string | undefined; 'process.entry_leader.user.id'?: string | undefined; 'process.entry_leader.user.name'?: string | undefined; 'process.entry_leader.working_directory'?: string | undefined; 'process.env_vars'?: string[] | undefined; 'process.executable'?: string | undefined; 'process.exit_code'?: string | number | undefined; 'process.group_leader.args'?: string[] | undefined; 'process.group_leader.args_count'?: string | number | undefined; 'process.group_leader.command_line'?: string | undefined; 'process.group_leader.entity_id'?: string | undefined; 'process.group_leader.executable'?: string | undefined; 'process.group_leader.group.id'?: string | undefined; 'process.group_leader.group.name'?: string | undefined; 'process.group_leader.interactive'?: boolean | undefined; 'process.group_leader.name'?: string | undefined; 'process.group_leader.pid'?: string | number | undefined; 'process.group_leader.real_group.id'?: string | undefined; 'process.group_leader.real_group.name'?: string | undefined; 'process.group_leader.real_user.id'?: string | undefined; 'process.group_leader.real_user.name'?: string | undefined; 'process.group_leader.same_as_process'?: boolean | undefined; 'process.group_leader.saved_group.id'?: string | undefined; 'process.group_leader.saved_group.name'?: string | undefined; 'process.group_leader.saved_user.id'?: string | undefined; 'process.group_leader.saved_user.name'?: string | undefined; 'process.group_leader.start'?: string | number | undefined; 'process.group_leader.supplemental_groups.id'?: string | undefined; 'process.group_leader.supplemental_groups.name'?: string | undefined; 'process.group_leader.user.id'?: string | undefined; 'process.group_leader.user.name'?: string | undefined; 'process.group_leader.working_directory'?: string | undefined; 'process.hash.md5'?: string | undefined; 'process.hash.sha1'?: string | undefined; 'process.hash.sha256'?: string | undefined; 'process.hash.sha384'?: string | undefined; 'process.hash.sha512'?: string | undefined; 'process.hash.ssdeep'?: string | undefined; 'process.hash.tlsh'?: string | undefined; 'process.interactive'?: boolean | undefined; 'process.name'?: string | undefined; 'process.parent.args'?: string[] | undefined; 'process.parent.args_count'?: string | number | undefined; 'process.parent.code_signature.digest_algorithm'?: string | undefined; 'process.parent.code_signature.exists'?: boolean | undefined; 'process.parent.code_signature.signing_id'?: string | undefined; 'process.parent.code_signature.status'?: string | undefined; 'process.parent.code_signature.subject_name'?: string | undefined; 'process.parent.code_signature.team_id'?: string | undefined; 'process.parent.code_signature.timestamp'?: string | number | undefined; 'process.parent.code_signature.trusted'?: boolean | undefined; 'process.parent.code_signature.valid'?: boolean | undefined; 'process.parent.command_line'?: string | undefined; 'process.parent.elf.architecture'?: string | undefined; 'process.parent.elf.byte_order'?: string | undefined; 'process.parent.elf.cpu_type'?: string | undefined; 'process.parent.elf.creation_date'?: string | number | undefined; 'process.parent.elf.exports'?: unknown[] | undefined; 'process.parent.elf.header.abi_version'?: string | undefined; 'process.parent.elf.header.class'?: string | undefined; 'process.parent.elf.header.data'?: string | undefined; 'process.parent.elf.header.entrypoint'?: string | number | undefined; 'process.parent.elf.header.object_version'?: string | undefined; 'process.parent.elf.header.os_abi'?: string | undefined; 'process.parent.elf.header.type'?: string | undefined; 'process.parent.elf.header.version'?: string | undefined; 'process.parent.elf.imports'?: unknown[] | undefined; 'process.parent.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.parent.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.parent.elf.shared_libraries'?: string[] | undefined; 'process.parent.elf.telfhash'?: string | undefined; 'process.parent.end'?: string | number | undefined; 'process.parent.entity_id'?: string | undefined; 'process.parent.executable'?: string | undefined; 'process.parent.exit_code'?: string | number | undefined; 'process.parent.group.id'?: string | undefined; 'process.parent.group.name'?: string | undefined; 'process.parent.group_leader.entity_id'?: string | undefined; 'process.parent.group_leader.pid'?: string | number | undefined; 'process.parent.group_leader.start'?: string | number | undefined; 'process.parent.hash.md5'?: string | undefined; 'process.parent.hash.sha1'?: string | undefined; 'process.parent.hash.sha256'?: string | undefined; 'process.parent.hash.sha384'?: string | undefined; 'process.parent.hash.sha512'?: string | undefined; 'process.parent.hash.ssdeep'?: string | undefined; 'process.parent.hash.tlsh'?: string | undefined; 'process.parent.interactive'?: boolean | undefined; 'process.parent.name'?: string | undefined; 'process.parent.pe.architecture'?: string | undefined; 'process.parent.pe.company'?: string | undefined; 'process.parent.pe.description'?: string | undefined; 'process.parent.pe.file_version'?: string | undefined; 'process.parent.pe.imphash'?: string | undefined; 'process.parent.pe.original_file_name'?: string | undefined; 'process.parent.pe.pehash'?: string | undefined; 'process.parent.pe.product'?: string | undefined; 'process.parent.pgid'?: string | number | undefined; 'process.parent.pid'?: string | number | undefined; 'process.parent.real_group.id'?: string | undefined; 'process.parent.real_group.name'?: string | undefined; 'process.parent.real_user.id'?: string | undefined; 'process.parent.real_user.name'?: string | undefined; 'process.parent.saved_group.id'?: string | undefined; 'process.parent.saved_group.name'?: string | undefined; 'process.parent.saved_user.id'?: string | undefined; 'process.parent.saved_user.name'?: string | undefined; 'process.parent.start'?: string | number | undefined; 'process.parent.supplemental_groups.id'?: string | undefined; 'process.parent.supplemental_groups.name'?: string | undefined; 'process.parent.thread.id'?: string | number | undefined; 'process.parent.thread.name'?: string | undefined; 'process.parent.title'?: string | undefined; 'process.parent.uptime'?: string | number | undefined; 'process.parent.user.id'?: string | undefined; 'process.parent.user.name'?: string | undefined; 'process.parent.working_directory'?: string | undefined; 'process.pe.architecture'?: string | undefined; 'process.pe.company'?: string | undefined; 'process.pe.description'?: string | undefined; 'process.pe.file_version'?: string | undefined; 'process.pe.imphash'?: string | undefined; 'process.pe.original_file_name'?: string | undefined; 'process.pe.pehash'?: string | undefined; 'process.pe.product'?: string | undefined; 'process.pgid'?: string | number | undefined; 'process.pid'?: string | number | undefined; 'process.previous.args'?: string[] | undefined; 'process.previous.args_count'?: string | number | undefined; 'process.previous.executable'?: string | undefined; 'process.real_group.id'?: string | undefined; 'process.real_group.name'?: string | undefined; 'process.real_user.id'?: string | undefined; 'process.real_user.name'?: string | undefined; 'process.saved_group.id'?: string | undefined; 'process.saved_group.name'?: string | undefined; 'process.saved_user.id'?: string | undefined; 'process.saved_user.name'?: string | undefined; 'process.session_leader.args'?: string[] | undefined; 'process.session_leader.args_count'?: string | number | undefined; 'process.session_leader.command_line'?: string | undefined; 'process.session_leader.entity_id'?: string | undefined; 'process.session_leader.executable'?: string | undefined; 'process.session_leader.group.id'?: string | undefined; 'process.session_leader.group.name'?: string | undefined; 'process.session_leader.interactive'?: boolean | undefined; 'process.session_leader.name'?: string | undefined; 'process.session_leader.parent.entity_id'?: string | undefined; 'process.session_leader.parent.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.entity_id'?: string | undefined; 'process.session_leader.parent.session_leader.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.start'?: string | number | undefined; 'process.session_leader.parent.start'?: string | number | undefined; 'process.session_leader.pid'?: string | number | undefined; 'process.session_leader.real_group.id'?: string | undefined; 'process.session_leader.real_group.name'?: string | undefined; 'process.session_leader.real_user.id'?: string | undefined; 'process.session_leader.real_user.name'?: string | undefined; 'process.session_leader.same_as_process'?: boolean | undefined; 'process.session_leader.saved_group.id'?: string | undefined; 'process.session_leader.saved_group.name'?: string | undefined; 'process.session_leader.saved_user.id'?: string | undefined; 'process.session_leader.saved_user.name'?: string | undefined; 'process.session_leader.start'?: string | number | undefined; 'process.session_leader.supplemental_groups.id'?: string | undefined; 'process.session_leader.supplemental_groups.name'?: string | undefined; 'process.session_leader.user.id'?: string | undefined; 'process.session_leader.user.name'?: string | undefined; 'process.session_leader.working_directory'?: string | undefined; 'process.start'?: string | number | undefined; 'process.supplemental_groups.id'?: string | undefined; 'process.supplemental_groups.name'?: string | undefined; 'process.thread.id'?: string | number | undefined; 'process.thread.name'?: string | undefined; 'process.title'?: string | undefined; 'process.uptime'?: string | number | undefined; 'process.user.id'?: string | undefined; 'process.user.name'?: string | undefined; 'process.working_directory'?: string | undefined; 'registry.data.bytes'?: string | undefined; 'registry.data.strings'?: string[] | undefined; 'registry.data.type'?: string | undefined; 'registry.hive'?: string | undefined; 'registry.key'?: string | undefined; 'registry.path'?: string | undefined; 'registry.value'?: string | undefined; 'related.hash'?: string[] | undefined; 'related.hosts'?: string[] | undefined; 'related.ip'?: string[] | undefined; 'related.user'?: string[] | undefined; 'rule.author'?: string[] | undefined; 'rule.category'?: string | undefined; 'rule.description'?: string | undefined; 'rule.id'?: string | undefined; 'rule.license'?: string | undefined; 'rule.name'?: string | undefined; 'rule.reference'?: string | undefined; 'rule.ruleset'?: string | undefined; 'rule.uuid'?: string | undefined; 'rule.version'?: string | undefined; 'server.address'?: string | undefined; 'server.as.number'?: string | number | undefined; 'server.as.organization.name'?: string | undefined; 'server.bytes'?: string | number | undefined; 'server.domain'?: string | undefined; 'server.geo.city_name'?: string | undefined; 'server.geo.continent_code'?: string | undefined; 'server.geo.continent_name'?: string | undefined; 'server.geo.country_iso_code'?: string | undefined; 'server.geo.country_name'?: string | undefined; 'server.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'server.geo.name'?: string | undefined; 'server.geo.postal_code'?: string | undefined; 'server.geo.region_iso_code'?: string | undefined; 'server.geo.region_name'?: string | undefined; 'server.geo.timezone'?: string | undefined; 'server.ip'?: string | undefined; 'server.mac'?: string | undefined; 'server.nat.ip'?: string | undefined; 'server.nat.port'?: string | number | undefined; 'server.packets'?: string | number | undefined; 'server.port'?: string | number | undefined; 'server.registered_domain'?: string | undefined; 'server.subdomain'?: string | undefined; 'server.top_level_domain'?: string | undefined; 'server.user.domain'?: string | undefined; 'server.user.email'?: string | undefined; 'server.user.full_name'?: string | undefined; 'server.user.group.domain'?: string | undefined; 'server.user.group.id'?: string | undefined; 'server.user.group.name'?: string | undefined; 'server.user.hash'?: string | undefined; 'server.user.id'?: string | undefined; 'server.user.name'?: string | undefined; 'server.user.roles'?: string[] | undefined; 'service.address'?: string | undefined; 'service.environment'?: string | undefined; 'service.ephemeral_id'?: string | undefined; 'service.id'?: string | undefined; 'service.name'?: string | undefined; 'service.node.name'?: string | undefined; 'service.node.role'?: string | undefined; 'service.node.roles'?: string[] | undefined; 'service.origin.address'?: string | undefined; 'service.origin.environment'?: string | undefined; 'service.origin.ephemeral_id'?: string | undefined; 'service.origin.id'?: string | undefined; 'service.origin.name'?: string | undefined; 'service.origin.node.name'?: string | undefined; 'service.origin.node.role'?: string | undefined; 'service.origin.node.roles'?: string[] | undefined; 'service.origin.state'?: string | undefined; 'service.origin.type'?: string | undefined; 'service.origin.version'?: string | undefined; 'service.state'?: string | undefined; 'service.target.address'?: string | undefined; 'service.target.environment'?: string | undefined; 'service.target.ephemeral_id'?: string | undefined; 'service.target.id'?: string | undefined; 'service.target.name'?: string | undefined; 'service.target.node.name'?: string | undefined; 'service.target.node.role'?: string | undefined; 'service.target.node.roles'?: string[] | undefined; 'service.target.state'?: string | undefined; 'service.target.type'?: string | undefined; 'service.target.version'?: string | undefined; 'service.type'?: string | undefined; 'service.version'?: string | undefined; 'source.address'?: string | undefined; 'source.as.number'?: string | number | undefined; 'source.as.organization.name'?: string | undefined; 'source.bytes'?: string | number | undefined; 'source.domain'?: string | undefined; 'source.geo.city_name'?: string | undefined; 'source.geo.continent_code'?: string | undefined; 'source.geo.continent_name'?: string | undefined; 'source.geo.country_iso_code'?: string | undefined; 'source.geo.country_name'?: string | undefined; 'source.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'source.geo.name'?: string | undefined; 'source.geo.postal_code'?: string | undefined; 'source.geo.region_iso_code'?: string | undefined; 'source.geo.region_name'?: string | undefined; 'source.geo.timezone'?: string | undefined; 'source.ip'?: string | undefined; 'source.mac'?: string | undefined; 'source.nat.ip'?: string | undefined; 'source.nat.port'?: string | number | undefined; 'source.packets'?: string | number | undefined; 'source.port'?: string | number | undefined; 'source.registered_domain'?: string | undefined; 'source.subdomain'?: string | undefined; 'source.top_level_domain'?: string | undefined; 'source.user.domain'?: string | undefined; 'source.user.email'?: string | undefined; 'source.user.full_name'?: string | undefined; 'source.user.group.domain'?: string | undefined; 'source.user.group.id'?: string | undefined; 'source.user.group.name'?: string | undefined; 'source.user.hash'?: string | undefined; 'source.user.id'?: string | undefined; 'source.user.name'?: string | undefined; 'source.user.roles'?: string[] | undefined; 'span.id'?: string | undefined; tags?: string[] | undefined; 'threat.enrichments'?: { 'matched.atomic'?: string | undefined; 'matched.field'?: string | undefined; 'matched.id'?: string | undefined; 'matched.index'?: string | undefined; 'matched.occurred'?: string | number | undefined; 'matched.type'?: string | undefined; }[] | undefined; 'threat.feed.dashboard_id'?: string | undefined; 'threat.feed.description'?: string | undefined; 'threat.feed.name'?: string | undefined; 'threat.feed.reference'?: string | undefined; 'threat.framework'?: string | undefined; 'threat.group.alias'?: string[] | undefined; 'threat.group.id'?: string | undefined; 'threat.group.name'?: string | undefined; 'threat.group.reference'?: string | undefined; 'threat.indicator.as.number'?: string | number | undefined; 'threat.indicator.as.organization.name'?: string | undefined; 'threat.indicator.confidence'?: string | undefined; 'threat.indicator.description'?: string | undefined; 'threat.indicator.email.address'?: string | undefined; 'threat.indicator.file.accessed'?: string | number | undefined; 'threat.indicator.file.attributes'?: string[] | undefined; 'threat.indicator.file.code_signature.digest_algorithm'?: string | undefined; 'threat.indicator.file.code_signature.exists'?: boolean | undefined; 'threat.indicator.file.code_signature.signing_id'?: string | undefined; 'threat.indicator.file.code_signature.status'?: string | undefined; 'threat.indicator.file.code_signature.subject_name'?: string | undefined; 'threat.indicator.file.code_signature.team_id'?: string | undefined; 'threat.indicator.file.code_signature.timestamp'?: string | number | undefined; 'threat.indicator.file.code_signature.trusted'?: boolean | undefined; 'threat.indicator.file.code_signature.valid'?: boolean | undefined; 'threat.indicator.file.created'?: string | number | undefined; 'threat.indicator.file.ctime'?: string | number | undefined; 'threat.indicator.file.device'?: string | undefined; 'threat.indicator.file.directory'?: string | undefined; 'threat.indicator.file.drive_letter'?: string | undefined; 'threat.indicator.file.elf.architecture'?: string | undefined; 'threat.indicator.file.elf.byte_order'?: string | undefined; 'threat.indicator.file.elf.cpu_type'?: string | undefined; 'threat.indicator.file.elf.creation_date'?: string | number | undefined; 'threat.indicator.file.elf.exports'?: unknown[] | undefined; 'threat.indicator.file.elf.header.abi_version'?: string | undefined; 'threat.indicator.file.elf.header.class'?: string | undefined; 'threat.indicator.file.elf.header.data'?: string | undefined; 'threat.indicator.file.elf.header.entrypoint'?: string | number | undefined; 'threat.indicator.file.elf.header.object_version'?: string | undefined; 'threat.indicator.file.elf.header.os_abi'?: string | undefined; 'threat.indicator.file.elf.header.type'?: string | undefined; 'threat.indicator.file.elf.header.version'?: string | undefined; 'threat.indicator.file.elf.imports'?: unknown[] | undefined; 'threat.indicator.file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'threat.indicator.file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'threat.indicator.file.elf.shared_libraries'?: string[] | undefined; 'threat.indicator.file.elf.telfhash'?: string | undefined; 'threat.indicator.file.extension'?: string | undefined; 'threat.indicator.file.fork_name'?: string | undefined; 'threat.indicator.file.gid'?: string | undefined; 'threat.indicator.file.group'?: string | undefined; 'threat.indicator.file.hash.md5'?: string | undefined; 'threat.indicator.file.hash.sha1'?: string | undefined; 'threat.indicator.file.hash.sha256'?: string | undefined; 'threat.indicator.file.hash.sha384'?: string | undefined; 'threat.indicator.file.hash.sha512'?: string | undefined; 'threat.indicator.file.hash.ssdeep'?: string | undefined; 'threat.indicator.file.hash.tlsh'?: string | undefined; 'threat.indicator.file.inode'?: string | undefined; 'threat.indicator.file.mime_type'?: string | undefined; 'threat.indicator.file.mode'?: string | undefined; 'threat.indicator.file.mtime'?: string | number | undefined; 'threat.indicator.file.name'?: string | undefined; 'threat.indicator.file.owner'?: string | undefined; 'threat.indicator.file.path'?: string | undefined; 'threat.indicator.file.pe.architecture'?: string | undefined; 'threat.indicator.file.pe.company'?: string | undefined; 'threat.indicator.file.pe.description'?: string | undefined; 'threat.indicator.file.pe.file_version'?: string | undefined; 'threat.indicator.file.pe.imphash'?: string | undefined; 'threat.indicator.file.pe.original_file_name'?: string | undefined; 'threat.indicator.file.pe.pehash'?: string | undefined; 'threat.indicator.file.pe.product'?: string | undefined; 'threat.indicator.file.size'?: string | number | undefined; 'threat.indicator.file.target_path'?: string | undefined; 'threat.indicator.file.type'?: string | undefined; 'threat.indicator.file.uid'?: string | undefined; 'threat.indicator.file.x509.alternative_names'?: string[] | undefined; 'threat.indicator.file.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.file.x509.issuer.country'?: string[] | undefined; 'threat.indicator.file.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.not_after'?: string | number | undefined; 'threat.indicator.file.x509.not_before'?: string | number | undefined; 'threat.indicator.file.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.file.x509.public_key_curve'?: string | undefined; 'threat.indicator.file.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.file.x509.public_key_size'?: string | number | undefined; 'threat.indicator.file.x509.serial_number'?: string | undefined; 'threat.indicator.file.x509.signature_algorithm'?: string | undefined; 'threat.indicator.file.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.file.x509.subject.country'?: string[] | undefined; 'threat.indicator.file.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.subject.locality'?: string[] | undefined; 'threat.indicator.file.x509.subject.organization'?: string[] | undefined; 'threat.indicator.file.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.version_number'?: string | undefined; 'threat.indicator.first_seen'?: string | number | undefined; 'threat.indicator.geo.city_name'?: string | undefined; 'threat.indicator.geo.continent_code'?: string | undefined; 'threat.indicator.geo.continent_name'?: string | undefined; 'threat.indicator.geo.country_iso_code'?: string | undefined; 'threat.indicator.geo.country_name'?: string | undefined; 'threat.indicator.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'threat.indicator.geo.name'?: string | undefined; 'threat.indicator.geo.postal_code'?: string | undefined; 'threat.indicator.geo.region_iso_code'?: string | undefined; 'threat.indicator.geo.region_name'?: string | undefined; 'threat.indicator.geo.timezone'?: string | undefined; 'threat.indicator.ip'?: string | undefined; 'threat.indicator.last_seen'?: string | number | undefined; 'threat.indicator.marking.tlp'?: string | undefined; 'threat.indicator.marking.tlp_version'?: string | undefined; 'threat.indicator.modified_at'?: string | number | undefined; 'threat.indicator.port'?: string | number | undefined; 'threat.indicator.provider'?: string | undefined; 'threat.indicator.reference'?: string | undefined; 'threat.indicator.registry.data.bytes'?: string | undefined; 'threat.indicator.registry.data.strings'?: string[] | undefined; 'threat.indicator.registry.data.type'?: string | undefined; 'threat.indicator.registry.hive'?: string | undefined; 'threat.indicator.registry.key'?: string | undefined; 'threat.indicator.registry.path'?: string | undefined; 'threat.indicator.registry.value'?: string | undefined; 'threat.indicator.scanner_stats'?: string | number | undefined; 'threat.indicator.sightings'?: string | number | undefined; 'threat.indicator.type'?: string | undefined; 'threat.indicator.url.domain'?: string | undefined; 'threat.indicator.url.extension'?: string | undefined; 'threat.indicator.url.fragment'?: string | undefined; 'threat.indicator.url.full'?: string | undefined; 'threat.indicator.url.original'?: string | undefined; 'threat.indicator.url.password'?: string | undefined; 'threat.indicator.url.path'?: string | undefined; 'threat.indicator.url.port'?: string | number | undefined; 'threat.indicator.url.query'?: string | undefined; 'threat.indicator.url.registered_domain'?: string | undefined; 'threat.indicator.url.scheme'?: string | undefined; 'threat.indicator.url.subdomain'?: string | undefined; 'threat.indicator.url.top_level_domain'?: string | undefined; 'threat.indicator.url.username'?: string | undefined; 'threat.indicator.x509.alternative_names'?: string[] | undefined; 'threat.indicator.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.x509.issuer.country'?: string[] | undefined; 'threat.indicator.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.x509.not_after'?: string | number | undefined; 'threat.indicator.x509.not_before'?: string | number | undefined; 'threat.indicator.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.x509.public_key_curve'?: string | undefined; 'threat.indicator.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.x509.public_key_size'?: string | number | undefined; 'threat.indicator.x509.serial_number'?: string | undefined; 'threat.indicator.x509.signature_algorithm'?: string | undefined; 'threat.indicator.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.x509.subject.country'?: string[] | undefined; 'threat.indicator.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.x509.subject.locality'?: string[] | undefined; 'threat.indicator.x509.subject.organization'?: string[] | undefined; 'threat.indicator.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.x509.version_number'?: string | undefined; 'threat.software.alias'?: string[] | undefined; 'threat.software.id'?: string | undefined; 'threat.software.name'?: string | undefined; 'threat.software.platforms'?: string[] | undefined; 'threat.software.reference'?: string | undefined; 'threat.software.type'?: string | undefined; 'threat.tactic.id'?: string[] | undefined; 'threat.tactic.name'?: string[] | undefined; 'threat.tactic.reference'?: string[] | undefined; 'threat.technique.id'?: string[] | undefined; 'threat.technique.name'?: string[] | undefined; 'threat.technique.reference'?: string[] | undefined; 'threat.technique.subtechnique.id'?: string[] | undefined; 'threat.technique.subtechnique.name'?: string[] | undefined; 'threat.technique.subtechnique.reference'?: string[] | undefined; 'tls.cipher'?: string | undefined; 'tls.client.certificate'?: string | undefined; 'tls.client.certificate_chain'?: string[] | undefined; 'tls.client.hash.md5'?: string | undefined; 'tls.client.hash.sha1'?: string | undefined; 'tls.client.hash.sha256'?: string | undefined; 'tls.client.issuer'?: string | undefined; 'tls.client.ja3'?: string | undefined; 'tls.client.not_after'?: string | number | undefined; 'tls.client.not_before'?: string | number | undefined; 'tls.client.server_name'?: string | undefined; 'tls.client.subject'?: string | undefined; 'tls.client.supported_ciphers'?: string[] | undefined; 'tls.client.x509.alternative_names'?: string[] | undefined; 'tls.client.x509.issuer.common_name'?: string[] | undefined; 'tls.client.x509.issuer.country'?: string[] | undefined; 'tls.client.x509.issuer.distinguished_name'?: string | undefined; 'tls.client.x509.issuer.locality'?: string[] | undefined; 'tls.client.x509.issuer.organization'?: string[] | undefined; 'tls.client.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.client.x509.issuer.state_or_province'?: string[] | undefined; 'tls.client.x509.not_after'?: string | number | undefined; 'tls.client.x509.not_before'?: string | number | undefined; 'tls.client.x509.public_key_algorithm'?: string | undefined; 'tls.client.x509.public_key_curve'?: string | undefined; 'tls.client.x509.public_key_exponent'?: string | number | undefined; 'tls.client.x509.public_key_size'?: string | number | undefined; 'tls.client.x509.serial_number'?: string | undefined; 'tls.client.x509.signature_algorithm'?: string | undefined; 'tls.client.x509.subject.common_name'?: string[] | undefined; 'tls.client.x509.subject.country'?: string[] | undefined; 'tls.client.x509.subject.distinguished_name'?: string | undefined; 'tls.client.x509.subject.locality'?: string[] | undefined; 'tls.client.x509.subject.organization'?: string[] | undefined; 'tls.client.x509.subject.organizational_unit'?: string[] | undefined; 'tls.client.x509.subject.state_or_province'?: string[] | undefined; 'tls.client.x509.version_number'?: string | undefined; 'tls.curve'?: string | undefined; 'tls.established'?: boolean | undefined; 'tls.next_protocol'?: string | undefined; 'tls.resumed'?: boolean | undefined; 'tls.server.certificate'?: string | undefined; 'tls.server.certificate_chain'?: string[] | undefined; 'tls.server.hash.md5'?: string | undefined; 'tls.server.hash.sha1'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.issuer'?: string | undefined; 'tls.server.ja3s'?: string | undefined; 'tls.server.not_after'?: string | number | undefined; 'tls.server.not_before'?: string | number | undefined; 'tls.server.subject'?: string | undefined; 'tls.server.x509.alternative_names'?: string[] | undefined; 'tls.server.x509.issuer.common_name'?: string[] | undefined; 'tls.server.x509.issuer.country'?: string[] | undefined; 'tls.server.x509.issuer.distinguished_name'?: string | undefined; 'tls.server.x509.issuer.locality'?: string[] | undefined; 'tls.server.x509.issuer.organization'?: string[] | undefined; 'tls.server.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.server.x509.issuer.state_or_province'?: string[] | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.public_key_algorithm'?: string | undefined; 'tls.server.x509.public_key_curve'?: string | undefined; 'tls.server.x509.public_key_exponent'?: string | number | undefined; 'tls.server.x509.public_key_size'?: string | number | undefined; 'tls.server.x509.serial_number'?: string | undefined; 'tls.server.x509.signature_algorithm'?: string | undefined; 'tls.server.x509.subject.common_name'?: string[] | undefined; 'tls.server.x509.subject.country'?: string[] | undefined; 'tls.server.x509.subject.distinguished_name'?: string | undefined; 'tls.server.x509.subject.locality'?: string[] | undefined; 'tls.server.x509.subject.organization'?: string[] | undefined; 'tls.server.x509.subject.organizational_unit'?: string[] | undefined; 'tls.server.x509.subject.state_or_province'?: string[] | undefined; 'tls.server.x509.version_number'?: string | undefined; 'tls.version'?: string | undefined; 'tls.version_protocol'?: string | undefined; 'trace.id'?: string | undefined; 'transaction.id'?: string | undefined; 'url.domain'?: string | undefined; 'url.extension'?: string | undefined; 'url.fragment'?: string | undefined; 'url.full'?: string | undefined; 'url.original'?: string | undefined; 'url.password'?: string | undefined; 'url.path'?: string | undefined; 'url.port'?: string | number | undefined; 'url.query'?: string | undefined; 'url.registered_domain'?: string | undefined; 'url.scheme'?: string | undefined; 'url.subdomain'?: string | undefined; 'url.top_level_domain'?: string | undefined; 'url.username'?: string | undefined; 'user.changes.domain'?: string | undefined; 'user.changes.email'?: string | undefined; 'user.changes.full_name'?: string | undefined; 'user.changes.group.domain'?: string | undefined; 'user.changes.group.id'?: string | undefined; 'user.changes.group.name'?: string | undefined; 'user.changes.hash'?: string | undefined; 'user.changes.id'?: string | undefined; 'user.changes.name'?: string | undefined; 'user.changes.roles'?: string[] | undefined; 'user.domain'?: string | undefined; 'user.effective.domain'?: string | undefined; 'user.effective.email'?: string | undefined; 'user.effective.full_name'?: string | undefined; 'user.effective.group.domain'?: string | undefined; 'user.effective.group.id'?: string | undefined; 'user.effective.group.name'?: string | undefined; 'user.effective.hash'?: string | undefined; 'user.effective.id'?: string | undefined; 'user.effective.name'?: string | undefined; 'user.effective.roles'?: string[] | undefined; 'user.email'?: string | undefined; 'user.full_name'?: string | undefined; 'user.group.domain'?: string | undefined; 'user.group.id'?: string | undefined; 'user.group.name'?: string | undefined; 'user.hash'?: string | undefined; 'user.id'?: string | undefined; 'user.name'?: string | undefined; 'user.risk.calculated_level'?: string | undefined; 'user.risk.calculated_score'?: number | undefined; 'user.risk.calculated_score_norm'?: number | undefined; 'user.risk.static_level'?: string | undefined; 'user.risk.static_score'?: number | undefined; 'user.risk.static_score_norm'?: number | undefined; 'user.roles'?: string[] | undefined; 'user.target.domain'?: string | undefined; 'user.target.email'?: string | undefined; 'user.target.full_name'?: string | undefined; 'user.target.group.domain'?: string | undefined; 'user.target.group.id'?: string | undefined; 'user.target.group.name'?: string | undefined; 'user.target.hash'?: string | undefined; 'user.target.id'?: string | undefined; 'user.target.name'?: string | undefined; 'user.target.roles'?: string[] | undefined; 'user_agent.device.name'?: string | undefined; 'user_agent.name'?: string | undefined; 'user_agent.original'?: string | undefined; 'user_agent.os.family'?: string | undefined; 'user_agent.os.full'?: string | undefined; 'user_agent.os.kernel'?: string | undefined; 'user_agent.os.name'?: string | undefined; 'user_agent.os.platform'?: string | undefined; 'user_agent.os.type'?: string | undefined; 'user_agent.os.version'?: string | undefined; 'user_agent.version'?: string | undefined; 'vulnerability.category'?: string[] | undefined; 'vulnerability.classification'?: string | undefined; 'vulnerability.description'?: string | undefined; 'vulnerability.enumeration'?: string | undefined; 'vulnerability.id'?: string | undefined; 'vulnerability.reference'?: string | undefined; 'vulnerability.report_id'?: string | undefined; 'vulnerability.scanner.vendor'?: string | undefined; 'vulnerability.score.base'?: number | undefined; 'vulnerability.score.environmental'?: number | undefined; 'vulnerability.score.temporal'?: number | undefined; 'vulnerability.score.version'?: string | undefined; 'vulnerability.severity'?: string | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }) | ({ 'kibana.alert.job_id': string; } & { 'kibana.alert.anomaly_score'?: number | undefined; 'kibana.alert.anomaly_timestamp'?: string | number | undefined; 'kibana.alert.is_interim'?: boolean | undefined; 'kibana.alert.top_influencers'?: { influencer_field_name?: string | undefined; influencer_field_value?: string | undefined; influencer_score?: number | undefined; initial_influencer_score?: number | undefined; is_interim?: boolean | undefined; job_id?: string | undefined; timestamp?: string | number | undefined; }[] | undefined; 'kibana.alert.top_records'?: { actual?: number | undefined; by_field_name?: string | undefined; by_field_value?: string | undefined; detector_index?: number | undefined; field_name?: string | undefined; function?: string | undefined; initial_record_score?: number | undefined; is_interim?: boolean | undefined; job_id?: string | undefined; over_field_name?: string | undefined; over_field_value?: string | undefined; partition_field_name?: string | undefined; partition_field_value?: string | undefined; record_score?: number | undefined; timestamp?: string | number | undefined; typical?: number | undefined; }[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; })" + "({ '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; }) | ({} & { 'agent.name'?: string | undefined; 'error.grouping_key'?: string | undefined; 'error.grouping_name'?: string | undefined; 'kibana.alert.context'?: unknown; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; labels?: unknown; 'processor.event'?: string | undefined; 'service.environment'?: string | undefined; 'service.language.name'?: string | undefined; 'service.name'?: string | undefined; 'transaction.name'?: string | undefined; 'transaction.type'?: string | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }) | ({} & { 'kibana.alert.context'?: unknown; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'ecs.version': string; } & { 'agent.build.original'?: string | undefined; 'agent.ephemeral_id'?: string | undefined; 'agent.id'?: string | undefined; 'agent.name'?: string | undefined; 'agent.type'?: string | undefined; 'agent.version'?: string | undefined; 'client.address'?: string | undefined; 'client.as.number'?: string | number | undefined; 'client.as.organization.name'?: string | undefined; 'client.bytes'?: string | number | undefined; 'client.domain'?: string | undefined; 'client.geo.city_name'?: string | undefined; 'client.geo.continent_code'?: string | undefined; 'client.geo.continent_name'?: string | undefined; 'client.geo.country_iso_code'?: string | undefined; 'client.geo.country_name'?: string | undefined; 'client.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'client.geo.name'?: string | undefined; 'client.geo.postal_code'?: string | undefined; 'client.geo.region_iso_code'?: string | undefined; 'client.geo.region_name'?: string | undefined; 'client.geo.timezone'?: string | undefined; 'client.ip'?: string | undefined; 'client.mac'?: string | undefined; 'client.nat.ip'?: string | undefined; 'client.nat.port'?: string | number | undefined; 'client.packets'?: string | number | undefined; 'client.port'?: string | number | undefined; 'client.registered_domain'?: string | undefined; 'client.subdomain'?: string | undefined; 'client.top_level_domain'?: string | undefined; 'client.user.domain'?: string | undefined; 'client.user.email'?: string | undefined; 'client.user.full_name'?: string | undefined; 'client.user.group.domain'?: string | undefined; 'client.user.group.id'?: string | undefined; 'client.user.group.name'?: string | undefined; 'client.user.hash'?: string | undefined; 'client.user.id'?: string | undefined; 'client.user.name'?: string | undefined; 'client.user.roles'?: string[] | undefined; 'cloud.account.id'?: string | undefined; 'cloud.account.name'?: string | undefined; 'cloud.availability_zone'?: string | undefined; 'cloud.instance.id'?: string | undefined; 'cloud.instance.name'?: string | undefined; 'cloud.machine.type'?: string | undefined; 'cloud.origin.account.id'?: string | undefined; 'cloud.origin.account.name'?: string | undefined; 'cloud.origin.availability_zone'?: string | undefined; 'cloud.origin.instance.id'?: string | undefined; 'cloud.origin.instance.name'?: string | undefined; 'cloud.origin.machine.type'?: string | undefined; 'cloud.origin.project.id'?: string | undefined; 'cloud.origin.project.name'?: string | undefined; 'cloud.origin.provider'?: string | undefined; 'cloud.origin.region'?: string | undefined; 'cloud.origin.service.name'?: string | undefined; 'cloud.project.id'?: string | undefined; 'cloud.project.name'?: string | undefined; 'cloud.provider'?: string | undefined; 'cloud.region'?: string | undefined; 'cloud.service.name'?: string | undefined; 'cloud.target.account.id'?: string | undefined; 'cloud.target.account.name'?: string | undefined; 'cloud.target.availability_zone'?: string | undefined; 'cloud.target.instance.id'?: string | undefined; 'cloud.target.instance.name'?: string | undefined; 'cloud.target.machine.type'?: string | undefined; 'cloud.target.project.id'?: string | undefined; 'cloud.target.project.name'?: string | undefined; 'cloud.target.provider'?: string | undefined; 'cloud.target.region'?: string | undefined; 'cloud.target.service.name'?: string | undefined; 'container.cpu.usage'?: string | number | undefined; 'container.disk.read.bytes'?: string | number | undefined; 'container.disk.write.bytes'?: string | number | undefined; 'container.id'?: string | undefined; 'container.image.hash.all'?: string[] | undefined; 'container.image.name'?: string | undefined; 'container.image.tag'?: string[] | undefined; 'container.labels'?: unknown; 'container.memory.usage'?: string | number | undefined; 'container.name'?: string | undefined; 'container.network.egress.bytes'?: string | number | undefined; 'container.network.ingress.bytes'?: string | number | undefined; 'container.runtime'?: string | undefined; 'destination.address'?: string | undefined; 'destination.as.number'?: string | number | undefined; 'destination.as.organization.name'?: string | undefined; 'destination.bytes'?: string | number | undefined; 'destination.domain'?: string | undefined; 'destination.geo.city_name'?: string | undefined; 'destination.geo.continent_code'?: string | undefined; 'destination.geo.continent_name'?: string | undefined; 'destination.geo.country_iso_code'?: string | undefined; 'destination.geo.country_name'?: string | undefined; 'destination.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'destination.geo.name'?: string | undefined; 'destination.geo.postal_code'?: string | undefined; 'destination.geo.region_iso_code'?: string | undefined; 'destination.geo.region_name'?: string | undefined; 'destination.geo.timezone'?: string | undefined; 'destination.ip'?: string | undefined; 'destination.mac'?: string | undefined; 'destination.nat.ip'?: string | undefined; 'destination.nat.port'?: string | number | undefined; 'destination.packets'?: string | number | undefined; 'destination.port'?: string | number | undefined; 'destination.registered_domain'?: string | undefined; 'destination.subdomain'?: string | undefined; 'destination.top_level_domain'?: string | undefined; 'destination.user.domain'?: string | undefined; 'destination.user.email'?: string | undefined; 'destination.user.full_name'?: string | undefined; 'destination.user.group.domain'?: string | undefined; 'destination.user.group.id'?: string | undefined; 'destination.user.group.name'?: string | undefined; 'destination.user.hash'?: string | undefined; 'destination.user.id'?: string | undefined; 'destination.user.name'?: string | undefined; 'destination.user.roles'?: string[] | undefined; 'device.id'?: string | undefined; 'device.manufacturer'?: string | undefined; 'device.model.identifier'?: string | undefined; 'device.model.name'?: string | undefined; 'dll.code_signature.digest_algorithm'?: string | undefined; 'dll.code_signature.exists'?: boolean | undefined; 'dll.code_signature.signing_id'?: string | undefined; 'dll.code_signature.status'?: string | undefined; 'dll.code_signature.subject_name'?: string | undefined; 'dll.code_signature.team_id'?: string | undefined; 'dll.code_signature.timestamp'?: string | number | undefined; 'dll.code_signature.trusted'?: boolean | undefined; 'dll.code_signature.valid'?: boolean | undefined; 'dll.hash.md5'?: string | undefined; 'dll.hash.sha1'?: string | undefined; 'dll.hash.sha256'?: string | undefined; 'dll.hash.sha384'?: string | undefined; 'dll.hash.sha512'?: string | undefined; 'dll.hash.ssdeep'?: string | undefined; 'dll.hash.tlsh'?: string | undefined; 'dll.name'?: string | undefined; 'dll.path'?: string | undefined; 'dll.pe.architecture'?: string | undefined; 'dll.pe.company'?: string | undefined; 'dll.pe.description'?: string | undefined; 'dll.pe.file_version'?: string | undefined; 'dll.pe.imphash'?: string | undefined; 'dll.pe.original_file_name'?: string | undefined; 'dll.pe.pehash'?: string | undefined; 'dll.pe.product'?: string | undefined; 'dns.answers'?: { class?: string | undefined; data?: string | undefined; name?: string | undefined; ttl?: string | number | undefined; type?: string | undefined; }[] | undefined; 'dns.header_flags'?: string[] | undefined; 'dns.id'?: string | undefined; 'dns.op_code'?: string | undefined; 'dns.question.class'?: string | undefined; 'dns.question.name'?: string | undefined; 'dns.question.registered_domain'?: string | undefined; 'dns.question.subdomain'?: string | undefined; 'dns.question.top_level_domain'?: string | undefined; 'dns.question.type'?: string | undefined; 'dns.resolved_ip'?: string[] | undefined; 'dns.response_code'?: string | undefined; 'dns.type'?: string | undefined; 'email.attachments'?: { 'file.extension'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.name'?: string | undefined; 'file.size'?: string | number | undefined; }[] | undefined; 'email.bcc.address'?: string[] | undefined; 'email.cc.address'?: string[] | undefined; 'email.content_type'?: string | undefined; 'email.delivery_timestamp'?: string | number | undefined; 'email.direction'?: string | undefined; 'email.from.address'?: string[] | undefined; 'email.local_id'?: string | undefined; 'email.message_id'?: string | undefined; 'email.origination_timestamp'?: string | number | undefined; 'email.reply_to.address'?: string[] | undefined; 'email.sender.address'?: string | undefined; 'email.subject'?: string | undefined; 'email.to.address'?: string[] | undefined; 'email.x_mailer'?: string | undefined; 'error.code'?: string | undefined; 'error.id'?: string | undefined; 'error.message'?: string | undefined; 'error.stack_trace'?: string | undefined; 'error.type'?: string | undefined; 'event.action'?: string | undefined; 'event.agent_id_status'?: string | undefined; 'event.category'?: string[] | undefined; 'event.code'?: string | undefined; 'event.created'?: string | number | undefined; 'event.dataset'?: string | undefined; 'event.duration'?: string | number | undefined; 'event.end'?: string | number | undefined; 'event.hash'?: string | undefined; 'event.id'?: string | undefined; 'event.ingested'?: string | number | undefined; 'event.kind'?: string | undefined; 'event.module'?: string | undefined; 'event.original'?: string | undefined; 'event.outcome'?: string | undefined; 'event.provider'?: string | undefined; 'event.reason'?: string | undefined; 'event.reference'?: string | undefined; 'event.risk_score'?: number | undefined; 'event.risk_score_norm'?: number | undefined; 'event.sequence'?: string | number | undefined; 'event.severity'?: string | number | undefined; 'event.start'?: string | number | undefined; 'event.timezone'?: string | undefined; 'event.type'?: string[] | undefined; 'event.url'?: string | undefined; 'faas.coldstart'?: boolean | undefined; 'faas.execution'?: string | undefined; 'faas.id'?: string | undefined; 'faas.name'?: string | undefined; 'faas.trigger'?: unknown; 'faas.version'?: string | undefined; 'file.accessed'?: string | number | undefined; 'file.attributes'?: string[] | undefined; 'file.code_signature.digest_algorithm'?: string | undefined; 'file.code_signature.exists'?: boolean | undefined; 'file.code_signature.signing_id'?: string | undefined; 'file.code_signature.status'?: string | undefined; 'file.code_signature.subject_name'?: string | undefined; 'file.code_signature.team_id'?: string | undefined; 'file.code_signature.timestamp'?: string | number | undefined; 'file.code_signature.trusted'?: boolean | undefined; 'file.code_signature.valid'?: boolean | undefined; 'file.created'?: string | number | undefined; 'file.ctime'?: string | number | undefined; 'file.device'?: string | undefined; 'file.directory'?: string | undefined; 'file.drive_letter'?: string | undefined; 'file.elf.architecture'?: string | undefined; 'file.elf.byte_order'?: string | undefined; 'file.elf.cpu_type'?: string | undefined; 'file.elf.creation_date'?: string | number | undefined; 'file.elf.exports'?: unknown[] | undefined; 'file.elf.header.abi_version'?: string | undefined; 'file.elf.header.class'?: string | undefined; 'file.elf.header.data'?: string | undefined; 'file.elf.header.entrypoint'?: string | number | undefined; 'file.elf.header.object_version'?: string | undefined; 'file.elf.header.os_abi'?: string | undefined; 'file.elf.header.type'?: string | undefined; 'file.elf.header.version'?: string | undefined; 'file.elf.imports'?: unknown[] | undefined; 'file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'file.elf.shared_libraries'?: string[] | undefined; 'file.elf.telfhash'?: string | undefined; 'file.extension'?: string | undefined; 'file.fork_name'?: string | undefined; 'file.gid'?: string | undefined; 'file.group'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.inode'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.mode'?: string | undefined; 'file.mtime'?: string | number | undefined; 'file.name'?: string | undefined; 'file.owner'?: string | undefined; 'file.path'?: string | undefined; 'file.pe.architecture'?: string | undefined; 'file.pe.company'?: string | undefined; 'file.pe.description'?: string | undefined; 'file.pe.file_version'?: string | undefined; 'file.pe.imphash'?: string | undefined; 'file.pe.original_file_name'?: string | undefined; 'file.pe.pehash'?: string | undefined; 'file.pe.product'?: string | undefined; 'file.size'?: string | number | undefined; 'file.target_path'?: string | undefined; 'file.type'?: string | undefined; 'file.uid'?: string | undefined; 'file.x509.alternative_names'?: string[] | undefined; 'file.x509.issuer.common_name'?: string[] | undefined; 'file.x509.issuer.country'?: string[] | undefined; 'file.x509.issuer.distinguished_name'?: string | undefined; 'file.x509.issuer.locality'?: string[] | undefined; 'file.x509.issuer.organization'?: string[] | undefined; 'file.x509.issuer.organizational_unit'?: string[] | undefined; 'file.x509.issuer.state_or_province'?: string[] | undefined; 'file.x509.not_after'?: string | number | undefined; 'file.x509.not_before'?: string | number | undefined; 'file.x509.public_key_algorithm'?: string | undefined; 'file.x509.public_key_curve'?: string | undefined; 'file.x509.public_key_exponent'?: string | number | undefined; 'file.x509.public_key_size'?: string | number | undefined; 'file.x509.serial_number'?: string | undefined; 'file.x509.signature_algorithm'?: string | undefined; 'file.x509.subject.common_name'?: string[] | undefined; 'file.x509.subject.country'?: string[] | undefined; 'file.x509.subject.distinguished_name'?: string | undefined; 'file.x509.subject.locality'?: string[] | undefined; 'file.x509.subject.organization'?: string[] | undefined; 'file.x509.subject.organizational_unit'?: string[] | undefined; 'file.x509.subject.state_or_province'?: string[] | undefined; 'file.x509.version_number'?: string | undefined; 'group.domain'?: string | undefined; 'group.id'?: string | undefined; 'group.name'?: string | undefined; 'host.architecture'?: string | undefined; 'host.boot.id'?: string | undefined; 'host.cpu.usage'?: string | number | undefined; 'host.disk.read.bytes'?: string | number | undefined; 'host.disk.write.bytes'?: string | number | undefined; 'host.domain'?: string | undefined; 'host.geo.city_name'?: string | undefined; 'host.geo.continent_code'?: string | undefined; 'host.geo.continent_name'?: string | undefined; 'host.geo.country_iso_code'?: string | undefined; 'host.geo.country_name'?: string | undefined; 'host.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'host.geo.name'?: string | undefined; 'host.geo.postal_code'?: string | undefined; 'host.geo.region_iso_code'?: string | undefined; 'host.geo.region_name'?: string | undefined; 'host.geo.timezone'?: string | undefined; 'host.hostname'?: string | undefined; 'host.id'?: string | undefined; 'host.ip'?: string[] | undefined; 'host.mac'?: string[] | undefined; 'host.name'?: string | undefined; 'host.network.egress.bytes'?: string | number | undefined; 'host.network.egress.packets'?: string | number | undefined; 'host.network.ingress.bytes'?: string | number | undefined; 'host.network.ingress.packets'?: string | number | undefined; 'host.os.family'?: string | undefined; 'host.os.full'?: string | undefined; 'host.os.kernel'?: string | undefined; 'host.os.name'?: string | undefined; 'host.os.platform'?: string | undefined; 'host.os.type'?: string | undefined; 'host.os.version'?: string | undefined; 'host.pid_ns_ino'?: string | undefined; 'host.risk.calculated_level'?: string | undefined; 'host.risk.calculated_score'?: number | undefined; 'host.risk.calculated_score_norm'?: number | undefined; 'host.risk.static_level'?: string | undefined; 'host.risk.static_score'?: number | undefined; 'host.risk.static_score_norm'?: number | undefined; 'host.type'?: string | undefined; 'host.uptime'?: string | number | undefined; 'http.request.body.bytes'?: string | number | undefined; 'http.request.body.content'?: string | undefined; 'http.request.bytes'?: string | number | undefined; 'http.request.id'?: string | undefined; 'http.request.method'?: string | undefined; 'http.request.mime_type'?: string | undefined; 'http.request.referrer'?: string | undefined; 'http.response.body.bytes'?: string | number | undefined; 'http.response.body.content'?: string | undefined; 'http.response.bytes'?: string | number | undefined; 'http.response.mime_type'?: string | undefined; 'http.response.status_code'?: string | number | undefined; 'http.version'?: string | undefined; labels?: unknown; 'log.file.path'?: string | undefined; 'log.level'?: string | undefined; 'log.logger'?: string | undefined; 'log.origin.file.line'?: string | number | undefined; 'log.origin.file.name'?: string | undefined; 'log.origin.function'?: string | undefined; 'log.syslog'?: unknown; message?: string | undefined; 'network.application'?: string | undefined; 'network.bytes'?: string | number | undefined; 'network.community_id'?: string | undefined; 'network.direction'?: string | undefined; 'network.forwarded_ip'?: string | undefined; 'network.iana_number'?: string | undefined; 'network.inner'?: unknown; 'network.name'?: string | undefined; 'network.packets'?: string | number | undefined; 'network.protocol'?: string | undefined; 'network.transport'?: string | undefined; 'network.type'?: string | undefined; 'network.vlan.id'?: string | undefined; 'network.vlan.name'?: string | undefined; 'observer.egress'?: unknown; 'observer.geo.city_name'?: string | undefined; 'observer.geo.continent_code'?: string | undefined; 'observer.geo.continent_name'?: string | undefined; 'observer.geo.country_iso_code'?: string | undefined; 'observer.geo.country_name'?: string | undefined; 'observer.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'observer.geo.name'?: string | undefined; 'observer.geo.postal_code'?: string | undefined; 'observer.geo.region_iso_code'?: string | undefined; 'observer.geo.region_name'?: string | undefined; 'observer.geo.timezone'?: string | undefined; 'observer.hostname'?: string | undefined; 'observer.ingress'?: unknown; 'observer.ip'?: string[] | undefined; 'observer.mac'?: string[] | undefined; 'observer.name'?: string | undefined; 'observer.os.family'?: string | undefined; 'observer.os.full'?: string | undefined; 'observer.os.kernel'?: string | undefined; 'observer.os.name'?: string | undefined; 'observer.os.platform'?: string | undefined; 'observer.os.type'?: string | undefined; 'observer.os.version'?: string | undefined; 'observer.product'?: string | undefined; 'observer.serial_number'?: string | undefined; 'observer.type'?: string | undefined; 'observer.vendor'?: string | undefined; 'observer.version'?: string | undefined; 'orchestrator.api_version'?: string | undefined; 'orchestrator.cluster.id'?: string | undefined; 'orchestrator.cluster.name'?: string | undefined; 'orchestrator.cluster.url'?: string | undefined; 'orchestrator.cluster.version'?: string | undefined; 'orchestrator.namespace'?: string | undefined; 'orchestrator.organization'?: string | undefined; 'orchestrator.resource.id'?: string | undefined; 'orchestrator.resource.ip'?: string[] | undefined; 'orchestrator.resource.name'?: string | undefined; 'orchestrator.resource.parent.type'?: string | undefined; 'orchestrator.resource.type'?: string | undefined; 'orchestrator.type'?: string | undefined; 'organization.id'?: string | undefined; 'organization.name'?: string | undefined; 'package.architecture'?: string | undefined; 'package.build_version'?: string | undefined; 'package.checksum'?: string | undefined; 'package.description'?: string | undefined; 'package.install_scope'?: string | undefined; 'package.installed'?: string | number | undefined; 'package.license'?: string | undefined; 'package.name'?: string | undefined; 'package.path'?: string | undefined; 'package.reference'?: string | undefined; 'package.size'?: string | number | undefined; 'package.type'?: string | undefined; 'package.version'?: string | undefined; 'process.args'?: string[] | undefined; 'process.args_count'?: string | number | undefined; 'process.code_signature.digest_algorithm'?: string | undefined; 'process.code_signature.exists'?: boolean | undefined; 'process.code_signature.signing_id'?: string | undefined; 'process.code_signature.status'?: string | undefined; 'process.code_signature.subject_name'?: string | undefined; 'process.code_signature.team_id'?: string | undefined; 'process.code_signature.timestamp'?: string | number | undefined; 'process.code_signature.trusted'?: boolean | undefined; 'process.code_signature.valid'?: boolean | undefined; 'process.command_line'?: string | undefined; 'process.elf.architecture'?: string | undefined; 'process.elf.byte_order'?: string | undefined; 'process.elf.cpu_type'?: string | undefined; 'process.elf.creation_date'?: string | number | undefined; 'process.elf.exports'?: unknown[] | undefined; 'process.elf.header.abi_version'?: string | undefined; 'process.elf.header.class'?: string | undefined; 'process.elf.header.data'?: string | undefined; 'process.elf.header.entrypoint'?: string | number | undefined; 'process.elf.header.object_version'?: string | undefined; 'process.elf.header.os_abi'?: string | undefined; 'process.elf.header.type'?: string | undefined; 'process.elf.header.version'?: string | undefined; 'process.elf.imports'?: unknown[] | undefined; 'process.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.elf.shared_libraries'?: string[] | undefined; 'process.elf.telfhash'?: string | undefined; 'process.end'?: string | number | undefined; 'process.entity_id'?: string | undefined; 'process.entry_leader.args'?: string[] | undefined; 'process.entry_leader.args_count'?: string | number | undefined; 'process.entry_leader.attested_groups.name'?: string | undefined; 'process.entry_leader.attested_user.id'?: string | undefined; 'process.entry_leader.attested_user.name'?: string | undefined; 'process.entry_leader.command_line'?: string | undefined; 'process.entry_leader.entity_id'?: string | undefined; 'process.entry_leader.entry_meta.source.ip'?: string | undefined; 'process.entry_leader.entry_meta.type'?: string | undefined; 'process.entry_leader.executable'?: string | undefined; 'process.entry_leader.group.id'?: string | undefined; 'process.entry_leader.group.name'?: string | undefined; 'process.entry_leader.interactive'?: boolean | undefined; 'process.entry_leader.name'?: string | undefined; 'process.entry_leader.parent.entity_id'?: string | undefined; 'process.entry_leader.parent.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.entity_id'?: string | undefined; 'process.entry_leader.parent.session_leader.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.start'?: string | number | undefined; 'process.entry_leader.parent.start'?: string | number | undefined; 'process.entry_leader.pid'?: string | number | undefined; 'process.entry_leader.real_group.id'?: string | undefined; 'process.entry_leader.real_group.name'?: string | undefined; 'process.entry_leader.real_user.id'?: string | undefined; 'process.entry_leader.real_user.name'?: string | undefined; 'process.entry_leader.same_as_process'?: boolean | undefined; 'process.entry_leader.saved_group.id'?: string | undefined; 'process.entry_leader.saved_group.name'?: string | undefined; 'process.entry_leader.saved_user.id'?: string | undefined; 'process.entry_leader.saved_user.name'?: string | undefined; 'process.entry_leader.start'?: string | number | undefined; 'process.entry_leader.supplemental_groups.id'?: string | undefined; 'process.entry_leader.supplemental_groups.name'?: string | undefined; 'process.entry_leader.tty'?: unknown; 'process.entry_leader.user.id'?: string | undefined; 'process.entry_leader.user.name'?: string | undefined; 'process.entry_leader.working_directory'?: string | undefined; 'process.env_vars'?: string[] | undefined; 'process.executable'?: string | undefined; 'process.exit_code'?: string | number | undefined; 'process.group_leader.args'?: string[] | undefined; 'process.group_leader.args_count'?: string | number | undefined; 'process.group_leader.command_line'?: string | undefined; 'process.group_leader.entity_id'?: string | undefined; 'process.group_leader.executable'?: string | undefined; 'process.group_leader.group.id'?: string | undefined; 'process.group_leader.group.name'?: string | undefined; 'process.group_leader.interactive'?: boolean | undefined; 'process.group_leader.name'?: string | undefined; 'process.group_leader.pid'?: string | number | undefined; 'process.group_leader.real_group.id'?: string | undefined; 'process.group_leader.real_group.name'?: string | undefined; 'process.group_leader.real_user.id'?: string | undefined; 'process.group_leader.real_user.name'?: string | undefined; 'process.group_leader.same_as_process'?: boolean | undefined; 'process.group_leader.saved_group.id'?: string | undefined; 'process.group_leader.saved_group.name'?: string | undefined; 'process.group_leader.saved_user.id'?: string | undefined; 'process.group_leader.saved_user.name'?: string | undefined; 'process.group_leader.start'?: string | number | undefined; 'process.group_leader.supplemental_groups.id'?: string | undefined; 'process.group_leader.supplemental_groups.name'?: string | undefined; 'process.group_leader.tty'?: unknown; 'process.group_leader.user.id'?: string | undefined; 'process.group_leader.user.name'?: string | undefined; 'process.group_leader.working_directory'?: string | undefined; 'process.hash.md5'?: string | undefined; 'process.hash.sha1'?: string | undefined; 'process.hash.sha256'?: string | undefined; 'process.hash.sha384'?: string | undefined; 'process.hash.sha512'?: string | undefined; 'process.hash.ssdeep'?: string | undefined; 'process.hash.tlsh'?: string | undefined; 'process.interactive'?: boolean | undefined; 'process.io'?: unknown; 'process.name'?: string | undefined; 'process.parent.args'?: string[] | undefined; 'process.parent.args_count'?: string | number | undefined; 'process.parent.code_signature.digest_algorithm'?: string | undefined; 'process.parent.code_signature.exists'?: boolean | undefined; 'process.parent.code_signature.signing_id'?: string | undefined; 'process.parent.code_signature.status'?: string | undefined; 'process.parent.code_signature.subject_name'?: string | undefined; 'process.parent.code_signature.team_id'?: string | undefined; 'process.parent.code_signature.timestamp'?: string | number | undefined; 'process.parent.code_signature.trusted'?: boolean | undefined; 'process.parent.code_signature.valid'?: boolean | undefined; 'process.parent.command_line'?: string | undefined; 'process.parent.elf.architecture'?: string | undefined; 'process.parent.elf.byte_order'?: string | undefined; 'process.parent.elf.cpu_type'?: string | undefined; 'process.parent.elf.creation_date'?: string | number | undefined; 'process.parent.elf.exports'?: unknown[] | undefined; 'process.parent.elf.header.abi_version'?: string | undefined; 'process.parent.elf.header.class'?: string | undefined; 'process.parent.elf.header.data'?: string | undefined; 'process.parent.elf.header.entrypoint'?: string | number | undefined; 'process.parent.elf.header.object_version'?: string | undefined; 'process.parent.elf.header.os_abi'?: string | undefined; 'process.parent.elf.header.type'?: string | undefined; 'process.parent.elf.header.version'?: string | undefined; 'process.parent.elf.imports'?: unknown[] | undefined; 'process.parent.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.parent.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.parent.elf.shared_libraries'?: string[] | undefined; 'process.parent.elf.telfhash'?: string | undefined; 'process.parent.end'?: string | number | undefined; 'process.parent.entity_id'?: string | undefined; 'process.parent.executable'?: string | undefined; 'process.parent.exit_code'?: string | number | undefined; 'process.parent.group.id'?: string | undefined; 'process.parent.group.name'?: string | undefined; 'process.parent.group_leader.entity_id'?: string | undefined; 'process.parent.group_leader.pid'?: string | number | undefined; 'process.parent.group_leader.start'?: string | number | undefined; 'process.parent.hash.md5'?: string | undefined; 'process.parent.hash.sha1'?: string | undefined; 'process.parent.hash.sha256'?: string | undefined; 'process.parent.hash.sha384'?: string | undefined; 'process.parent.hash.sha512'?: string | undefined; 'process.parent.hash.ssdeep'?: string | undefined; 'process.parent.hash.tlsh'?: string | undefined; 'process.parent.interactive'?: boolean | undefined; 'process.parent.name'?: string | undefined; 'process.parent.pe.architecture'?: string | undefined; 'process.parent.pe.company'?: string | undefined; 'process.parent.pe.description'?: string | undefined; 'process.parent.pe.file_version'?: string | undefined; 'process.parent.pe.imphash'?: string | undefined; 'process.parent.pe.original_file_name'?: string | undefined; 'process.parent.pe.pehash'?: string | undefined; 'process.parent.pe.product'?: string | undefined; 'process.parent.pgid'?: string | number | undefined; 'process.parent.pid'?: string | number | undefined; 'process.parent.real_group.id'?: string | undefined; 'process.parent.real_group.name'?: string | undefined; 'process.parent.real_user.id'?: string | undefined; 'process.parent.real_user.name'?: string | undefined; 'process.parent.saved_group.id'?: string | undefined; 'process.parent.saved_group.name'?: string | undefined; 'process.parent.saved_user.id'?: string | undefined; 'process.parent.saved_user.name'?: string | undefined; 'process.parent.start'?: string | number | undefined; 'process.parent.supplemental_groups.id'?: string | undefined; 'process.parent.supplemental_groups.name'?: string | undefined; 'process.parent.thread.id'?: string | number | undefined; 'process.parent.thread.name'?: string | undefined; 'process.parent.title'?: string | undefined; 'process.parent.tty'?: unknown; 'process.parent.uptime'?: string | number | undefined; 'process.parent.user.id'?: string | undefined; 'process.parent.user.name'?: string | undefined; 'process.parent.working_directory'?: string | undefined; 'process.pe.architecture'?: string | undefined; 'process.pe.company'?: string | undefined; 'process.pe.description'?: string | undefined; 'process.pe.file_version'?: string | undefined; 'process.pe.imphash'?: string | undefined; 'process.pe.original_file_name'?: string | undefined; 'process.pe.pehash'?: string | undefined; 'process.pe.product'?: string | undefined; 'process.pgid'?: string | number | undefined; 'process.pid'?: string | number | undefined; 'process.previous.args'?: string[] | undefined; 'process.previous.args_count'?: string | number | undefined; 'process.previous.executable'?: string | undefined; 'process.real_group.id'?: string | undefined; 'process.real_group.name'?: string | undefined; 'process.real_user.id'?: string | undefined; 'process.real_user.name'?: string | undefined; 'process.saved_group.id'?: string | undefined; 'process.saved_group.name'?: string | undefined; 'process.saved_user.id'?: string | undefined; 'process.saved_user.name'?: string | undefined; 'process.session_leader.args'?: string[] | undefined; 'process.session_leader.args_count'?: string | number | undefined; 'process.session_leader.command_line'?: string | undefined; 'process.session_leader.entity_id'?: string | undefined; 'process.session_leader.executable'?: string | undefined; 'process.session_leader.group.id'?: string | undefined; 'process.session_leader.group.name'?: string | undefined; 'process.session_leader.interactive'?: boolean | undefined; 'process.session_leader.name'?: string | undefined; 'process.session_leader.parent.entity_id'?: string | undefined; 'process.session_leader.parent.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.entity_id'?: string | undefined; 'process.session_leader.parent.session_leader.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.start'?: string | number | undefined; 'process.session_leader.parent.start'?: string | number | undefined; 'process.session_leader.pid'?: string | number | undefined; 'process.session_leader.real_group.id'?: string | undefined; 'process.session_leader.real_group.name'?: string | undefined; 'process.session_leader.real_user.id'?: string | undefined; 'process.session_leader.real_user.name'?: string | undefined; 'process.session_leader.same_as_process'?: boolean | undefined; 'process.session_leader.saved_group.id'?: string | undefined; 'process.session_leader.saved_group.name'?: string | undefined; 'process.session_leader.saved_user.id'?: string | undefined; 'process.session_leader.saved_user.name'?: string | undefined; 'process.session_leader.start'?: string | number | undefined; 'process.session_leader.supplemental_groups.id'?: string | undefined; 'process.session_leader.supplemental_groups.name'?: string | undefined; 'process.session_leader.tty'?: unknown; 'process.session_leader.user.id'?: string | undefined; 'process.session_leader.user.name'?: string | undefined; 'process.session_leader.working_directory'?: string | undefined; 'process.start'?: string | number | undefined; 'process.supplemental_groups.id'?: string | undefined; 'process.supplemental_groups.name'?: string | undefined; 'process.thread.id'?: string | number | undefined; 'process.thread.name'?: string | undefined; 'process.title'?: string | undefined; 'process.tty'?: unknown; 'process.uptime'?: string | number | undefined; 'process.user.id'?: string | undefined; 'process.user.name'?: string | undefined; 'process.working_directory'?: string | undefined; 'registry.data.bytes'?: string | undefined; 'registry.data.strings'?: string[] | undefined; 'registry.data.type'?: string | undefined; 'registry.hive'?: string | undefined; 'registry.key'?: string | undefined; 'registry.path'?: string | undefined; 'registry.value'?: string | undefined; 'related.hash'?: string[] | undefined; 'related.hosts'?: string[] | undefined; 'related.ip'?: string[] | undefined; 'related.user'?: string[] | undefined; 'rule.author'?: string[] | undefined; 'rule.category'?: string | undefined; 'rule.description'?: string | undefined; 'rule.id'?: string | undefined; 'rule.license'?: string | undefined; 'rule.name'?: string | undefined; 'rule.reference'?: string | undefined; 'rule.ruleset'?: string | undefined; 'rule.uuid'?: string | undefined; 'rule.version'?: string | undefined; 'server.address'?: string | undefined; 'server.as.number'?: string | number | undefined; 'server.as.organization.name'?: string | undefined; 'server.bytes'?: string | number | undefined; 'server.domain'?: string | undefined; 'server.geo.city_name'?: string | undefined; 'server.geo.continent_code'?: string | undefined; 'server.geo.continent_name'?: string | undefined; 'server.geo.country_iso_code'?: string | undefined; 'server.geo.country_name'?: string | undefined; 'server.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'server.geo.name'?: string | undefined; 'server.geo.postal_code'?: string | undefined; 'server.geo.region_iso_code'?: string | undefined; 'server.geo.region_name'?: string | undefined; 'server.geo.timezone'?: string | undefined; 'server.ip'?: string | undefined; 'server.mac'?: string | undefined; 'server.nat.ip'?: string | undefined; 'server.nat.port'?: string | number | undefined; 'server.packets'?: string | number | undefined; 'server.port'?: string | number | undefined; 'server.registered_domain'?: string | undefined; 'server.subdomain'?: string | undefined; 'server.top_level_domain'?: string | undefined; 'server.user.domain'?: string | undefined; 'server.user.email'?: string | undefined; 'server.user.full_name'?: string | undefined; 'server.user.group.domain'?: string | undefined; 'server.user.group.id'?: string | undefined; 'server.user.group.name'?: string | undefined; 'server.user.hash'?: string | undefined; 'server.user.id'?: string | undefined; 'server.user.name'?: string | undefined; 'server.user.roles'?: string[] | undefined; 'service.address'?: string | undefined; 'service.environment'?: string | undefined; 'service.ephemeral_id'?: string | undefined; 'service.id'?: string | undefined; 'service.name'?: string | undefined; 'service.node.name'?: string | undefined; 'service.node.role'?: string | undefined; 'service.node.roles'?: string[] | undefined; 'service.origin.address'?: string | undefined; 'service.origin.environment'?: string | undefined; 'service.origin.ephemeral_id'?: string | undefined; 'service.origin.id'?: string | undefined; 'service.origin.name'?: string | undefined; 'service.origin.node.name'?: string | undefined; 'service.origin.node.role'?: string | undefined; 'service.origin.node.roles'?: string[] | undefined; 'service.origin.state'?: string | undefined; 'service.origin.type'?: string | undefined; 'service.origin.version'?: string | undefined; 'service.state'?: string | undefined; 'service.target.address'?: string | undefined; 'service.target.environment'?: string | undefined; 'service.target.ephemeral_id'?: string | undefined; 'service.target.id'?: string | undefined; 'service.target.name'?: string | undefined; 'service.target.node.name'?: string | undefined; 'service.target.node.role'?: string | undefined; 'service.target.node.roles'?: string[] | undefined; 'service.target.state'?: string | undefined; 'service.target.type'?: string | undefined; 'service.target.version'?: string | undefined; 'service.type'?: string | undefined; 'service.version'?: string | undefined; 'source.address'?: string | undefined; 'source.as.number'?: string | number | undefined; 'source.as.organization.name'?: string | undefined; 'source.bytes'?: string | number | undefined; 'source.domain'?: string | undefined; 'source.geo.city_name'?: string | undefined; 'source.geo.continent_code'?: string | undefined; 'source.geo.continent_name'?: string | undefined; 'source.geo.country_iso_code'?: string | undefined; 'source.geo.country_name'?: string | undefined; 'source.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'source.geo.name'?: string | undefined; 'source.geo.postal_code'?: string | undefined; 'source.geo.region_iso_code'?: string | undefined; 'source.geo.region_name'?: string | undefined; 'source.geo.timezone'?: string | undefined; 'source.ip'?: string | undefined; 'source.mac'?: string | undefined; 'source.nat.ip'?: string | undefined; 'source.nat.port'?: string | number | undefined; 'source.packets'?: string | number | undefined; 'source.port'?: string | number | undefined; 'source.registered_domain'?: string | undefined; 'source.subdomain'?: string | undefined; 'source.top_level_domain'?: string | undefined; 'source.user.domain'?: string | undefined; 'source.user.email'?: string | undefined; 'source.user.full_name'?: string | undefined; 'source.user.group.domain'?: string | undefined; 'source.user.group.id'?: string | undefined; 'source.user.group.name'?: string | undefined; 'source.user.hash'?: string | undefined; 'source.user.id'?: string | undefined; 'source.user.name'?: string | undefined; 'source.user.roles'?: string[] | undefined; 'span.id'?: string | undefined; tags?: string[] | undefined; 'threat.enrichments'?: { indicator?: unknown; 'matched.atomic'?: string | undefined; 'matched.field'?: string | undefined; 'matched.id'?: string | undefined; 'matched.index'?: string | undefined; 'matched.occurred'?: string | number | undefined; 'matched.type'?: string | undefined; }[] | undefined; 'threat.feed.dashboard_id'?: string | undefined; 'threat.feed.description'?: string | undefined; 'threat.feed.name'?: string | undefined; 'threat.feed.reference'?: string | undefined; 'threat.framework'?: string | undefined; 'threat.group.alias'?: string[] | undefined; 'threat.group.id'?: string | undefined; 'threat.group.name'?: string | undefined; 'threat.group.reference'?: string | undefined; 'threat.indicator.as.number'?: string | number | undefined; 'threat.indicator.as.organization.name'?: string | undefined; 'threat.indicator.confidence'?: string | undefined; 'threat.indicator.description'?: string | undefined; 'threat.indicator.email.address'?: string | undefined; 'threat.indicator.file.accessed'?: string | number | undefined; 'threat.indicator.file.attributes'?: string[] | undefined; 'threat.indicator.file.code_signature.digest_algorithm'?: string | undefined; 'threat.indicator.file.code_signature.exists'?: boolean | undefined; 'threat.indicator.file.code_signature.signing_id'?: string | undefined; 'threat.indicator.file.code_signature.status'?: string | undefined; 'threat.indicator.file.code_signature.subject_name'?: string | undefined; 'threat.indicator.file.code_signature.team_id'?: string | undefined; 'threat.indicator.file.code_signature.timestamp'?: string | number | undefined; 'threat.indicator.file.code_signature.trusted'?: boolean | undefined; 'threat.indicator.file.code_signature.valid'?: boolean | undefined; 'threat.indicator.file.created'?: string | number | undefined; 'threat.indicator.file.ctime'?: string | number | undefined; 'threat.indicator.file.device'?: string | undefined; 'threat.indicator.file.directory'?: string | undefined; 'threat.indicator.file.drive_letter'?: string | undefined; 'threat.indicator.file.elf.architecture'?: string | undefined; 'threat.indicator.file.elf.byte_order'?: string | undefined; 'threat.indicator.file.elf.cpu_type'?: string | undefined; 'threat.indicator.file.elf.creation_date'?: string | number | undefined; 'threat.indicator.file.elf.exports'?: unknown[] | undefined; 'threat.indicator.file.elf.header.abi_version'?: string | undefined; 'threat.indicator.file.elf.header.class'?: string | undefined; 'threat.indicator.file.elf.header.data'?: string | undefined; 'threat.indicator.file.elf.header.entrypoint'?: string | number | undefined; 'threat.indicator.file.elf.header.object_version'?: string | undefined; 'threat.indicator.file.elf.header.os_abi'?: string | undefined; 'threat.indicator.file.elf.header.type'?: string | undefined; 'threat.indicator.file.elf.header.version'?: string | undefined; 'threat.indicator.file.elf.imports'?: unknown[] | undefined; 'threat.indicator.file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'threat.indicator.file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'threat.indicator.file.elf.shared_libraries'?: string[] | undefined; 'threat.indicator.file.elf.telfhash'?: string | undefined; 'threat.indicator.file.extension'?: string | undefined; 'threat.indicator.file.fork_name'?: string | undefined; 'threat.indicator.file.gid'?: string | undefined; 'threat.indicator.file.group'?: string | undefined; 'threat.indicator.file.hash.md5'?: string | undefined; 'threat.indicator.file.hash.sha1'?: string | undefined; 'threat.indicator.file.hash.sha256'?: string | undefined; 'threat.indicator.file.hash.sha384'?: string | undefined; 'threat.indicator.file.hash.sha512'?: string | undefined; 'threat.indicator.file.hash.ssdeep'?: string | undefined; 'threat.indicator.file.hash.tlsh'?: string | undefined; 'threat.indicator.file.inode'?: string | undefined; 'threat.indicator.file.mime_type'?: string | undefined; 'threat.indicator.file.mode'?: string | undefined; 'threat.indicator.file.mtime'?: string | number | undefined; 'threat.indicator.file.name'?: string | undefined; 'threat.indicator.file.owner'?: string | undefined; 'threat.indicator.file.path'?: string | undefined; 'threat.indicator.file.pe.architecture'?: string | undefined; 'threat.indicator.file.pe.company'?: string | undefined; 'threat.indicator.file.pe.description'?: string | undefined; 'threat.indicator.file.pe.file_version'?: string | undefined; 'threat.indicator.file.pe.imphash'?: string | undefined; 'threat.indicator.file.pe.original_file_name'?: string | undefined; 'threat.indicator.file.pe.pehash'?: string | undefined; 'threat.indicator.file.pe.product'?: string | undefined; 'threat.indicator.file.size'?: string | number | undefined; 'threat.indicator.file.target_path'?: string | undefined; 'threat.indicator.file.type'?: string | undefined; 'threat.indicator.file.uid'?: string | undefined; 'threat.indicator.file.x509.alternative_names'?: string[] | undefined; 'threat.indicator.file.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.file.x509.issuer.country'?: string[] | undefined; 'threat.indicator.file.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.not_after'?: string | number | undefined; 'threat.indicator.file.x509.not_before'?: string | number | undefined; 'threat.indicator.file.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.file.x509.public_key_curve'?: string | undefined; 'threat.indicator.file.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.file.x509.public_key_size'?: string | number | undefined; 'threat.indicator.file.x509.serial_number'?: string | undefined; 'threat.indicator.file.x509.signature_algorithm'?: string | undefined; 'threat.indicator.file.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.file.x509.subject.country'?: string[] | undefined; 'threat.indicator.file.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.subject.locality'?: string[] | undefined; 'threat.indicator.file.x509.subject.organization'?: string[] | undefined; 'threat.indicator.file.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.version_number'?: string | undefined; 'threat.indicator.first_seen'?: string | number | undefined; 'threat.indicator.geo.city_name'?: string | undefined; 'threat.indicator.geo.continent_code'?: string | undefined; 'threat.indicator.geo.continent_name'?: string | undefined; 'threat.indicator.geo.country_iso_code'?: string | undefined; 'threat.indicator.geo.country_name'?: string | undefined; 'threat.indicator.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'threat.indicator.geo.name'?: string | undefined; 'threat.indicator.geo.postal_code'?: string | undefined; 'threat.indicator.geo.region_iso_code'?: string | undefined; 'threat.indicator.geo.region_name'?: string | undefined; 'threat.indicator.geo.timezone'?: string | undefined; 'threat.indicator.ip'?: string | undefined; 'threat.indicator.last_seen'?: string | number | undefined; 'threat.indicator.marking.tlp'?: string | undefined; 'threat.indicator.marking.tlp_version'?: string | undefined; 'threat.indicator.modified_at'?: string | number | undefined; 'threat.indicator.port'?: string | number | undefined; 'threat.indicator.provider'?: string | undefined; 'threat.indicator.reference'?: string | undefined; 'threat.indicator.registry.data.bytes'?: string | undefined; 'threat.indicator.registry.data.strings'?: string[] | undefined; 'threat.indicator.registry.data.type'?: string | undefined; 'threat.indicator.registry.hive'?: string | undefined; 'threat.indicator.registry.key'?: string | undefined; 'threat.indicator.registry.path'?: string | undefined; 'threat.indicator.registry.value'?: string | undefined; 'threat.indicator.scanner_stats'?: string | number | undefined; 'threat.indicator.sightings'?: string | number | undefined; 'threat.indicator.type'?: string | undefined; 'threat.indicator.url.domain'?: string | undefined; 'threat.indicator.url.extension'?: string | undefined; 'threat.indicator.url.fragment'?: string | undefined; 'threat.indicator.url.full'?: string | undefined; 'threat.indicator.url.original'?: string | undefined; 'threat.indicator.url.password'?: string | undefined; 'threat.indicator.url.path'?: string | undefined; 'threat.indicator.url.port'?: string | number | undefined; 'threat.indicator.url.query'?: string | undefined; 'threat.indicator.url.registered_domain'?: string | undefined; 'threat.indicator.url.scheme'?: string | undefined; 'threat.indicator.url.subdomain'?: string | undefined; 'threat.indicator.url.top_level_domain'?: string | undefined; 'threat.indicator.url.username'?: string | undefined; 'threat.indicator.x509.alternative_names'?: string[] | undefined; 'threat.indicator.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.x509.issuer.country'?: string[] | undefined; 'threat.indicator.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.x509.not_after'?: string | number | undefined; 'threat.indicator.x509.not_before'?: string | number | undefined; 'threat.indicator.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.x509.public_key_curve'?: string | undefined; 'threat.indicator.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.x509.public_key_size'?: string | number | undefined; 'threat.indicator.x509.serial_number'?: string | undefined; 'threat.indicator.x509.signature_algorithm'?: string | undefined; 'threat.indicator.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.x509.subject.country'?: string[] | undefined; 'threat.indicator.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.x509.subject.locality'?: string[] | undefined; 'threat.indicator.x509.subject.organization'?: string[] | undefined; 'threat.indicator.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.x509.version_number'?: string | undefined; 'threat.software.alias'?: string[] | undefined; 'threat.software.id'?: string | undefined; 'threat.software.name'?: string | undefined; 'threat.software.platforms'?: string[] | undefined; 'threat.software.reference'?: string | undefined; 'threat.software.type'?: string | undefined; 'threat.tactic.id'?: string[] | undefined; 'threat.tactic.name'?: string[] | undefined; 'threat.tactic.reference'?: string[] | undefined; 'threat.technique.id'?: string[] | undefined; 'threat.technique.name'?: string[] | undefined; 'threat.technique.reference'?: string[] | undefined; 'threat.technique.subtechnique.id'?: string[] | undefined; 'threat.technique.subtechnique.name'?: string[] | undefined; 'threat.technique.subtechnique.reference'?: string[] | undefined; 'tls.cipher'?: string | undefined; 'tls.client.certificate'?: string | undefined; 'tls.client.certificate_chain'?: string[] | undefined; 'tls.client.hash.md5'?: string | undefined; 'tls.client.hash.sha1'?: string | undefined; 'tls.client.hash.sha256'?: string | undefined; 'tls.client.issuer'?: string | undefined; 'tls.client.ja3'?: string | undefined; 'tls.client.not_after'?: string | number | undefined; 'tls.client.not_before'?: string | number | undefined; 'tls.client.server_name'?: string | undefined; 'tls.client.subject'?: string | undefined; 'tls.client.supported_ciphers'?: string[] | undefined; 'tls.client.x509.alternative_names'?: string[] | undefined; 'tls.client.x509.issuer.common_name'?: string[] | undefined; 'tls.client.x509.issuer.country'?: string[] | undefined; 'tls.client.x509.issuer.distinguished_name'?: string | undefined; 'tls.client.x509.issuer.locality'?: string[] | undefined; 'tls.client.x509.issuer.organization'?: string[] | undefined; 'tls.client.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.client.x509.issuer.state_or_province'?: string[] | undefined; 'tls.client.x509.not_after'?: string | number | undefined; 'tls.client.x509.not_before'?: string | number | undefined; 'tls.client.x509.public_key_algorithm'?: string | undefined; 'tls.client.x509.public_key_curve'?: string | undefined; 'tls.client.x509.public_key_exponent'?: string | number | undefined; 'tls.client.x509.public_key_size'?: string | number | undefined; 'tls.client.x509.serial_number'?: string | undefined; 'tls.client.x509.signature_algorithm'?: string | undefined; 'tls.client.x509.subject.common_name'?: string[] | undefined; 'tls.client.x509.subject.country'?: string[] | undefined; 'tls.client.x509.subject.distinguished_name'?: string | undefined; 'tls.client.x509.subject.locality'?: string[] | undefined; 'tls.client.x509.subject.organization'?: string[] | undefined; 'tls.client.x509.subject.organizational_unit'?: string[] | undefined; 'tls.client.x509.subject.state_or_province'?: string[] | undefined; 'tls.client.x509.version_number'?: string | undefined; 'tls.curve'?: string | undefined; 'tls.established'?: boolean | undefined; 'tls.next_protocol'?: string | undefined; 'tls.resumed'?: boolean | undefined; 'tls.server.certificate'?: string | undefined; 'tls.server.certificate_chain'?: string[] | undefined; 'tls.server.hash.md5'?: string | undefined; 'tls.server.hash.sha1'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.issuer'?: string | undefined; 'tls.server.ja3s'?: string | undefined; 'tls.server.not_after'?: string | number | undefined; 'tls.server.not_before'?: string | number | undefined; 'tls.server.subject'?: string | undefined; 'tls.server.x509.alternative_names'?: string[] | undefined; 'tls.server.x509.issuer.common_name'?: string[] | undefined; 'tls.server.x509.issuer.country'?: string[] | undefined; 'tls.server.x509.issuer.distinguished_name'?: string | undefined; 'tls.server.x509.issuer.locality'?: string[] | undefined; 'tls.server.x509.issuer.organization'?: string[] | undefined; 'tls.server.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.server.x509.issuer.state_or_province'?: string[] | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.public_key_algorithm'?: string | undefined; 'tls.server.x509.public_key_curve'?: string | undefined; 'tls.server.x509.public_key_exponent'?: string | number | undefined; 'tls.server.x509.public_key_size'?: string | number | undefined; 'tls.server.x509.serial_number'?: string | undefined; 'tls.server.x509.signature_algorithm'?: string | undefined; 'tls.server.x509.subject.common_name'?: string[] | undefined; 'tls.server.x509.subject.country'?: string[] | undefined; 'tls.server.x509.subject.distinguished_name'?: string | undefined; 'tls.server.x509.subject.locality'?: string[] | undefined; 'tls.server.x509.subject.organization'?: string[] | undefined; 'tls.server.x509.subject.organizational_unit'?: string[] | undefined; 'tls.server.x509.subject.state_or_province'?: string[] | undefined; 'tls.server.x509.version_number'?: string | undefined; 'tls.version'?: string | undefined; 'tls.version_protocol'?: string | undefined; 'trace.id'?: string | undefined; 'transaction.id'?: string | undefined; 'url.domain'?: string | undefined; 'url.extension'?: string | undefined; 'url.fragment'?: string | undefined; 'url.full'?: string | undefined; 'url.original'?: string | undefined; 'url.password'?: string | undefined; 'url.path'?: string | undefined; 'url.port'?: string | number | undefined; 'url.query'?: string | undefined; 'url.registered_domain'?: string | undefined; 'url.scheme'?: string | undefined; 'url.subdomain'?: string | undefined; 'url.top_level_domain'?: string | undefined; 'url.username'?: string | undefined; 'user.changes.domain'?: string | undefined; 'user.changes.email'?: string | undefined; 'user.changes.full_name'?: string | undefined; 'user.changes.group.domain'?: string | undefined; 'user.changes.group.id'?: string | undefined; 'user.changes.group.name'?: string | undefined; 'user.changes.hash'?: string | undefined; 'user.changes.id'?: string | undefined; 'user.changes.name'?: string | undefined; 'user.changes.roles'?: string[] | undefined; 'user.domain'?: string | undefined; 'user.effective.domain'?: string | undefined; 'user.effective.email'?: string | undefined; 'user.effective.full_name'?: string | undefined; 'user.effective.group.domain'?: string | undefined; 'user.effective.group.id'?: string | undefined; 'user.effective.group.name'?: string | undefined; 'user.effective.hash'?: string | undefined; 'user.effective.id'?: string | undefined; 'user.effective.name'?: string | undefined; 'user.effective.roles'?: string[] | undefined; 'user.email'?: string | undefined; 'user.full_name'?: string | undefined; 'user.group.domain'?: string | undefined; 'user.group.id'?: string | undefined; 'user.group.name'?: string | undefined; 'user.hash'?: string | undefined; 'user.id'?: string | undefined; 'user.name'?: string | undefined; 'user.risk.calculated_level'?: string | undefined; 'user.risk.calculated_score'?: number | undefined; 'user.risk.calculated_score_norm'?: number | undefined; 'user.risk.static_level'?: string | undefined; 'user.risk.static_score'?: number | undefined; 'user.risk.static_score_norm'?: number | undefined; 'user.roles'?: string[] | undefined; 'user.target.domain'?: string | undefined; 'user.target.email'?: string | undefined; 'user.target.full_name'?: string | undefined; 'user.target.group.domain'?: string | undefined; 'user.target.group.id'?: string | undefined; 'user.target.group.name'?: string | undefined; 'user.target.hash'?: string | undefined; 'user.target.id'?: string | undefined; 'user.target.name'?: string | undefined; 'user.target.roles'?: string[] | undefined; 'user_agent.device.name'?: string | undefined; 'user_agent.name'?: string | undefined; 'user_agent.original'?: string | undefined; 'user_agent.os.family'?: string | undefined; 'user_agent.os.full'?: string | undefined; 'user_agent.os.kernel'?: string | undefined; 'user_agent.os.name'?: string | undefined; 'user_agent.os.platform'?: string | undefined; 'user_agent.os.type'?: string | undefined; 'user_agent.os.version'?: string | undefined; 'user_agent.version'?: string | undefined; 'vulnerability.category'?: string[] | undefined; 'vulnerability.classification'?: string | undefined; 'vulnerability.description'?: string | undefined; 'vulnerability.enumeration'?: string | undefined; 'vulnerability.id'?: string | undefined; 'vulnerability.reference'?: string | undefined; 'vulnerability.report_id'?: string | undefined; 'vulnerability.scanner.vendor'?: string | undefined; 'vulnerability.score.base'?: number | undefined; 'vulnerability.score.environmental'?: number | undefined; 'vulnerability.score.temporal'?: number | undefined; 'vulnerability.score.version'?: string | undefined; 'vulnerability.severity'?: string | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }) | ({} & { 'kibana.alert.context'?: unknown; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'ecs.version': string; } & { 'agent.build.original'?: string | undefined; 'agent.ephemeral_id'?: string | undefined; 'agent.id'?: string | undefined; 'agent.name'?: string | undefined; 'agent.type'?: string | undefined; 'agent.version'?: string | undefined; 'client.address'?: string | undefined; 'client.as.number'?: string | number | undefined; 'client.as.organization.name'?: string | undefined; 'client.bytes'?: string | number | undefined; 'client.domain'?: string | undefined; 'client.geo.city_name'?: string | undefined; 'client.geo.continent_code'?: string | undefined; 'client.geo.continent_name'?: string | undefined; 'client.geo.country_iso_code'?: string | undefined; 'client.geo.country_name'?: string | undefined; 'client.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'client.geo.name'?: string | undefined; 'client.geo.postal_code'?: string | undefined; 'client.geo.region_iso_code'?: string | undefined; 'client.geo.region_name'?: string | undefined; 'client.geo.timezone'?: string | undefined; 'client.ip'?: string | undefined; 'client.mac'?: string | undefined; 'client.nat.ip'?: string | undefined; 'client.nat.port'?: string | number | undefined; 'client.packets'?: string | number | undefined; 'client.port'?: string | number | undefined; 'client.registered_domain'?: string | undefined; 'client.subdomain'?: string | undefined; 'client.top_level_domain'?: string | undefined; 'client.user.domain'?: string | undefined; 'client.user.email'?: string | undefined; 'client.user.full_name'?: string | undefined; 'client.user.group.domain'?: string | undefined; 'client.user.group.id'?: string | undefined; 'client.user.group.name'?: string | undefined; 'client.user.hash'?: string | undefined; 'client.user.id'?: string | undefined; 'client.user.name'?: string | undefined; 'client.user.roles'?: string[] | undefined; 'cloud.account.id'?: string | undefined; 'cloud.account.name'?: string | undefined; 'cloud.availability_zone'?: string | undefined; 'cloud.instance.id'?: string | undefined; 'cloud.instance.name'?: string | undefined; 'cloud.machine.type'?: string | undefined; 'cloud.origin.account.id'?: string | undefined; 'cloud.origin.account.name'?: string | undefined; 'cloud.origin.availability_zone'?: string | undefined; 'cloud.origin.instance.id'?: string | undefined; 'cloud.origin.instance.name'?: string | undefined; 'cloud.origin.machine.type'?: string | undefined; 'cloud.origin.project.id'?: string | undefined; 'cloud.origin.project.name'?: string | undefined; 'cloud.origin.provider'?: string | undefined; 'cloud.origin.region'?: string | undefined; 'cloud.origin.service.name'?: string | undefined; 'cloud.project.id'?: string | undefined; 'cloud.project.name'?: string | undefined; 'cloud.provider'?: string | undefined; 'cloud.region'?: string | undefined; 'cloud.service.name'?: string | undefined; 'cloud.target.account.id'?: string | undefined; 'cloud.target.account.name'?: string | undefined; 'cloud.target.availability_zone'?: string | undefined; 'cloud.target.instance.id'?: string | undefined; 'cloud.target.instance.name'?: string | undefined; 'cloud.target.machine.type'?: string | undefined; 'cloud.target.project.id'?: string | undefined; 'cloud.target.project.name'?: string | undefined; 'cloud.target.provider'?: string | undefined; 'cloud.target.region'?: string | undefined; 'cloud.target.service.name'?: string | undefined; 'container.cpu.usage'?: string | number | undefined; 'container.disk.read.bytes'?: string | number | undefined; 'container.disk.write.bytes'?: string | number | undefined; 'container.id'?: string | undefined; 'container.image.hash.all'?: string[] | undefined; 'container.image.name'?: string | undefined; 'container.image.tag'?: string[] | undefined; 'container.labels'?: unknown; 'container.memory.usage'?: string | number | undefined; 'container.name'?: string | undefined; 'container.network.egress.bytes'?: string | number | undefined; 'container.network.ingress.bytes'?: string | number | undefined; 'container.runtime'?: string | undefined; 'destination.address'?: string | undefined; 'destination.as.number'?: string | number | undefined; 'destination.as.organization.name'?: string | undefined; 'destination.bytes'?: string | number | undefined; 'destination.domain'?: string | undefined; 'destination.geo.city_name'?: string | undefined; 'destination.geo.continent_code'?: string | undefined; 'destination.geo.continent_name'?: string | undefined; 'destination.geo.country_iso_code'?: string | undefined; 'destination.geo.country_name'?: string | undefined; 'destination.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'destination.geo.name'?: string | undefined; 'destination.geo.postal_code'?: string | undefined; 'destination.geo.region_iso_code'?: string | undefined; 'destination.geo.region_name'?: string | undefined; 'destination.geo.timezone'?: string | undefined; 'destination.ip'?: string | undefined; 'destination.mac'?: string | undefined; 'destination.nat.ip'?: string | undefined; 'destination.nat.port'?: string | number | undefined; 'destination.packets'?: string | number | undefined; 'destination.port'?: string | number | undefined; 'destination.registered_domain'?: string | undefined; 'destination.subdomain'?: string | undefined; 'destination.top_level_domain'?: string | undefined; 'destination.user.domain'?: string | undefined; 'destination.user.email'?: string | undefined; 'destination.user.full_name'?: string | undefined; 'destination.user.group.domain'?: string | undefined; 'destination.user.group.id'?: string | undefined; 'destination.user.group.name'?: string | undefined; 'destination.user.hash'?: string | undefined; 'destination.user.id'?: string | undefined; 'destination.user.name'?: string | undefined; 'destination.user.roles'?: string[] | undefined; 'device.id'?: string | undefined; 'device.manufacturer'?: string | undefined; 'device.model.identifier'?: string | undefined; 'device.model.name'?: string | undefined; 'dll.code_signature.digest_algorithm'?: string | undefined; 'dll.code_signature.exists'?: boolean | undefined; 'dll.code_signature.signing_id'?: string | undefined; 'dll.code_signature.status'?: string | undefined; 'dll.code_signature.subject_name'?: string | undefined; 'dll.code_signature.team_id'?: string | undefined; 'dll.code_signature.timestamp'?: string | number | undefined; 'dll.code_signature.trusted'?: boolean | undefined; 'dll.code_signature.valid'?: boolean | undefined; 'dll.hash.md5'?: string | undefined; 'dll.hash.sha1'?: string | undefined; 'dll.hash.sha256'?: string | undefined; 'dll.hash.sha384'?: string | undefined; 'dll.hash.sha512'?: string | undefined; 'dll.hash.ssdeep'?: string | undefined; 'dll.hash.tlsh'?: string | undefined; 'dll.name'?: string | undefined; 'dll.path'?: string | undefined; 'dll.pe.architecture'?: string | undefined; 'dll.pe.company'?: string | undefined; 'dll.pe.description'?: string | undefined; 'dll.pe.file_version'?: string | undefined; 'dll.pe.imphash'?: string | undefined; 'dll.pe.original_file_name'?: string | undefined; 'dll.pe.pehash'?: string | undefined; 'dll.pe.product'?: string | undefined; 'dns.answers'?: { class?: string | undefined; data?: string | undefined; name?: string | undefined; ttl?: string | number | undefined; type?: string | undefined; }[] | undefined; 'dns.header_flags'?: string[] | undefined; 'dns.id'?: string | undefined; 'dns.op_code'?: string | undefined; 'dns.question.class'?: string | undefined; 'dns.question.name'?: string | undefined; 'dns.question.registered_domain'?: string | undefined; 'dns.question.subdomain'?: string | undefined; 'dns.question.top_level_domain'?: string | undefined; 'dns.question.type'?: string | undefined; 'dns.resolved_ip'?: string[] | undefined; 'dns.response_code'?: string | undefined; 'dns.type'?: string | undefined; 'email.attachments'?: { 'file.extension'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.name'?: string | undefined; 'file.size'?: string | number | undefined; }[] | undefined; 'email.bcc.address'?: string[] | undefined; 'email.cc.address'?: string[] | undefined; 'email.content_type'?: string | undefined; 'email.delivery_timestamp'?: string | number | undefined; 'email.direction'?: string | undefined; 'email.from.address'?: string[] | undefined; 'email.local_id'?: string | undefined; 'email.message_id'?: string | undefined; 'email.origination_timestamp'?: string | number | undefined; 'email.reply_to.address'?: string[] | undefined; 'email.sender.address'?: string | undefined; 'email.subject'?: string | undefined; 'email.to.address'?: string[] | undefined; 'email.x_mailer'?: string | undefined; 'error.code'?: string | undefined; 'error.id'?: string | undefined; 'error.message'?: string | undefined; 'error.stack_trace'?: string | undefined; 'error.type'?: string | undefined; 'event.action'?: string | undefined; 'event.agent_id_status'?: string | undefined; 'event.category'?: string[] | undefined; 'event.code'?: string | undefined; 'event.created'?: string | number | undefined; 'event.dataset'?: string | undefined; 'event.duration'?: string | number | undefined; 'event.end'?: string | number | undefined; 'event.hash'?: string | undefined; 'event.id'?: string | undefined; 'event.ingested'?: string | number | undefined; 'event.kind'?: string | undefined; 'event.module'?: string | undefined; 'event.original'?: string | undefined; 'event.outcome'?: string | undefined; 'event.provider'?: string | undefined; 'event.reason'?: string | undefined; 'event.reference'?: string | undefined; 'event.risk_score'?: number | undefined; 'event.risk_score_norm'?: number | undefined; 'event.sequence'?: string | number | undefined; 'event.severity'?: string | number | undefined; 'event.start'?: string | number | undefined; 'event.timezone'?: string | undefined; 'event.type'?: string[] | undefined; 'event.url'?: string | undefined; 'faas.coldstart'?: boolean | undefined; 'faas.execution'?: string | undefined; 'faas.id'?: string | undefined; 'faas.name'?: string | undefined; 'faas.trigger'?: unknown; 'faas.version'?: string | undefined; 'file.accessed'?: string | number | undefined; 'file.attributes'?: string[] | undefined; 'file.code_signature.digest_algorithm'?: string | undefined; 'file.code_signature.exists'?: boolean | undefined; 'file.code_signature.signing_id'?: string | undefined; 'file.code_signature.status'?: string | undefined; 'file.code_signature.subject_name'?: string | undefined; 'file.code_signature.team_id'?: string | undefined; 'file.code_signature.timestamp'?: string | number | undefined; 'file.code_signature.trusted'?: boolean | undefined; 'file.code_signature.valid'?: boolean | undefined; 'file.created'?: string | number | undefined; 'file.ctime'?: string | number | undefined; 'file.device'?: string | undefined; 'file.directory'?: string | undefined; 'file.drive_letter'?: string | undefined; 'file.elf.architecture'?: string | undefined; 'file.elf.byte_order'?: string | undefined; 'file.elf.cpu_type'?: string | undefined; 'file.elf.creation_date'?: string | number | undefined; 'file.elf.exports'?: unknown[] | undefined; 'file.elf.header.abi_version'?: string | undefined; 'file.elf.header.class'?: string | undefined; 'file.elf.header.data'?: string | undefined; 'file.elf.header.entrypoint'?: string | number | undefined; 'file.elf.header.object_version'?: string | undefined; 'file.elf.header.os_abi'?: string | undefined; 'file.elf.header.type'?: string | undefined; 'file.elf.header.version'?: string | undefined; 'file.elf.imports'?: unknown[] | undefined; 'file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'file.elf.shared_libraries'?: string[] | undefined; 'file.elf.telfhash'?: string | undefined; 'file.extension'?: string | undefined; 'file.fork_name'?: string | undefined; 'file.gid'?: string | undefined; 'file.group'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.inode'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.mode'?: string | undefined; 'file.mtime'?: string | number | undefined; 'file.name'?: string | undefined; 'file.owner'?: string | undefined; 'file.path'?: string | undefined; 'file.pe.architecture'?: string | undefined; 'file.pe.company'?: string | undefined; 'file.pe.description'?: string | undefined; 'file.pe.file_version'?: string | undefined; 'file.pe.imphash'?: string | undefined; 'file.pe.original_file_name'?: string | undefined; 'file.pe.pehash'?: string | undefined; 'file.pe.product'?: string | undefined; 'file.size'?: string | number | undefined; 'file.target_path'?: string | undefined; 'file.type'?: string | undefined; 'file.uid'?: string | undefined; 'file.x509.alternative_names'?: string[] | undefined; 'file.x509.issuer.common_name'?: string[] | undefined; 'file.x509.issuer.country'?: string[] | undefined; 'file.x509.issuer.distinguished_name'?: string | undefined; 'file.x509.issuer.locality'?: string[] | undefined; 'file.x509.issuer.organization'?: string[] | undefined; 'file.x509.issuer.organizational_unit'?: string[] | undefined; 'file.x509.issuer.state_or_province'?: string[] | undefined; 'file.x509.not_after'?: string | number | undefined; 'file.x509.not_before'?: string | number | undefined; 'file.x509.public_key_algorithm'?: string | undefined; 'file.x509.public_key_curve'?: string | undefined; 'file.x509.public_key_exponent'?: string | number | undefined; 'file.x509.public_key_size'?: string | number | undefined; 'file.x509.serial_number'?: string | undefined; 'file.x509.signature_algorithm'?: string | undefined; 'file.x509.subject.common_name'?: string[] | undefined; 'file.x509.subject.country'?: string[] | undefined; 'file.x509.subject.distinguished_name'?: string | undefined; 'file.x509.subject.locality'?: string[] | undefined; 'file.x509.subject.organization'?: string[] | undefined; 'file.x509.subject.organizational_unit'?: string[] | undefined; 'file.x509.subject.state_or_province'?: string[] | undefined; 'file.x509.version_number'?: string | undefined; 'group.domain'?: string | undefined; 'group.id'?: string | undefined; 'group.name'?: string | undefined; 'host.architecture'?: string | undefined; 'host.boot.id'?: string | undefined; 'host.cpu.usage'?: string | number | undefined; 'host.disk.read.bytes'?: string | number | undefined; 'host.disk.write.bytes'?: string | number | undefined; 'host.domain'?: string | undefined; 'host.geo.city_name'?: string | undefined; 'host.geo.continent_code'?: string | undefined; 'host.geo.continent_name'?: string | undefined; 'host.geo.country_iso_code'?: string | undefined; 'host.geo.country_name'?: string | undefined; 'host.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'host.geo.name'?: string | undefined; 'host.geo.postal_code'?: string | undefined; 'host.geo.region_iso_code'?: string | undefined; 'host.geo.region_name'?: string | undefined; 'host.geo.timezone'?: string | undefined; 'host.hostname'?: string | undefined; 'host.id'?: string | undefined; 'host.ip'?: string[] | undefined; 'host.mac'?: string[] | undefined; 'host.name'?: string | undefined; 'host.network.egress.bytes'?: string | number | undefined; 'host.network.egress.packets'?: string | number | undefined; 'host.network.ingress.bytes'?: string | number | undefined; 'host.network.ingress.packets'?: string | number | undefined; 'host.os.family'?: string | undefined; 'host.os.full'?: string | undefined; 'host.os.kernel'?: string | undefined; 'host.os.name'?: string | undefined; 'host.os.platform'?: string | undefined; 'host.os.type'?: string | undefined; 'host.os.version'?: string | undefined; 'host.pid_ns_ino'?: string | undefined; 'host.risk.calculated_level'?: string | undefined; 'host.risk.calculated_score'?: number | undefined; 'host.risk.calculated_score_norm'?: number | undefined; 'host.risk.static_level'?: string | undefined; 'host.risk.static_score'?: number | undefined; 'host.risk.static_score_norm'?: number | undefined; 'host.type'?: string | undefined; 'host.uptime'?: string | number | undefined; 'http.request.body.bytes'?: string | number | undefined; 'http.request.body.content'?: string | undefined; 'http.request.bytes'?: string | number | undefined; 'http.request.id'?: string | undefined; 'http.request.method'?: string | undefined; 'http.request.mime_type'?: string | undefined; 'http.request.referrer'?: string | undefined; 'http.response.body.bytes'?: string | number | undefined; 'http.response.body.content'?: string | undefined; 'http.response.bytes'?: string | number | undefined; 'http.response.mime_type'?: string | undefined; 'http.response.status_code'?: string | number | undefined; 'http.version'?: string | undefined; labels?: unknown; 'log.file.path'?: string | undefined; 'log.level'?: string | undefined; 'log.logger'?: string | undefined; 'log.origin.file.line'?: string | number | undefined; 'log.origin.file.name'?: string | undefined; 'log.origin.function'?: string | undefined; 'log.syslog'?: unknown; message?: string | undefined; 'network.application'?: string | undefined; 'network.bytes'?: string | number | undefined; 'network.community_id'?: string | undefined; 'network.direction'?: string | undefined; 'network.forwarded_ip'?: string | undefined; 'network.iana_number'?: string | undefined; 'network.inner'?: unknown; 'network.name'?: string | undefined; 'network.packets'?: string | number | undefined; 'network.protocol'?: string | undefined; 'network.transport'?: string | undefined; 'network.type'?: string | undefined; 'network.vlan.id'?: string | undefined; 'network.vlan.name'?: string | undefined; 'observer.egress'?: unknown; 'observer.geo.city_name'?: string | undefined; 'observer.geo.continent_code'?: string | undefined; 'observer.geo.continent_name'?: string | undefined; 'observer.geo.country_iso_code'?: string | undefined; 'observer.geo.country_name'?: string | undefined; 'observer.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'observer.geo.name'?: string | undefined; 'observer.geo.postal_code'?: string | undefined; 'observer.geo.region_iso_code'?: string | undefined; 'observer.geo.region_name'?: string | undefined; 'observer.geo.timezone'?: string | undefined; 'observer.hostname'?: string | undefined; 'observer.ingress'?: unknown; 'observer.ip'?: string[] | undefined; 'observer.mac'?: string[] | undefined; 'observer.name'?: string | undefined; 'observer.os.family'?: string | undefined; 'observer.os.full'?: string | undefined; 'observer.os.kernel'?: string | undefined; 'observer.os.name'?: string | undefined; 'observer.os.platform'?: string | undefined; 'observer.os.type'?: string | undefined; 'observer.os.version'?: string | undefined; 'observer.product'?: string | undefined; 'observer.serial_number'?: string | undefined; 'observer.type'?: string | undefined; 'observer.vendor'?: string | undefined; 'observer.version'?: string | undefined; 'orchestrator.api_version'?: string | undefined; 'orchestrator.cluster.id'?: string | undefined; 'orchestrator.cluster.name'?: string | undefined; 'orchestrator.cluster.url'?: string | undefined; 'orchestrator.cluster.version'?: string | undefined; 'orchestrator.namespace'?: string | undefined; 'orchestrator.organization'?: string | undefined; 'orchestrator.resource.id'?: string | undefined; 'orchestrator.resource.ip'?: string[] | undefined; 'orchestrator.resource.name'?: string | undefined; 'orchestrator.resource.parent.type'?: string | undefined; 'orchestrator.resource.type'?: string | undefined; 'orchestrator.type'?: string | undefined; 'organization.id'?: string | undefined; 'organization.name'?: string | undefined; 'package.architecture'?: string | undefined; 'package.build_version'?: string | undefined; 'package.checksum'?: string | undefined; 'package.description'?: string | undefined; 'package.install_scope'?: string | undefined; 'package.installed'?: string | number | undefined; 'package.license'?: string | undefined; 'package.name'?: string | undefined; 'package.path'?: string | undefined; 'package.reference'?: string | undefined; 'package.size'?: string | number | undefined; 'package.type'?: string | undefined; 'package.version'?: string | undefined; 'process.args'?: string[] | undefined; 'process.args_count'?: string | number | undefined; 'process.code_signature.digest_algorithm'?: string | undefined; 'process.code_signature.exists'?: boolean | undefined; 'process.code_signature.signing_id'?: string | undefined; 'process.code_signature.status'?: string | undefined; 'process.code_signature.subject_name'?: string | undefined; 'process.code_signature.team_id'?: string | undefined; 'process.code_signature.timestamp'?: string | number | undefined; 'process.code_signature.trusted'?: boolean | undefined; 'process.code_signature.valid'?: boolean | undefined; 'process.command_line'?: string | undefined; 'process.elf.architecture'?: string | undefined; 'process.elf.byte_order'?: string | undefined; 'process.elf.cpu_type'?: string | undefined; 'process.elf.creation_date'?: string | number | undefined; 'process.elf.exports'?: unknown[] | undefined; 'process.elf.header.abi_version'?: string | undefined; 'process.elf.header.class'?: string | undefined; 'process.elf.header.data'?: string | undefined; 'process.elf.header.entrypoint'?: string | number | undefined; 'process.elf.header.object_version'?: string | undefined; 'process.elf.header.os_abi'?: string | undefined; 'process.elf.header.type'?: string | undefined; 'process.elf.header.version'?: string | undefined; 'process.elf.imports'?: unknown[] | undefined; 'process.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.elf.shared_libraries'?: string[] | undefined; 'process.elf.telfhash'?: string | undefined; 'process.end'?: string | number | undefined; 'process.entity_id'?: string | undefined; 'process.entry_leader.args'?: string[] | undefined; 'process.entry_leader.args_count'?: string | number | undefined; 'process.entry_leader.attested_groups.name'?: string | undefined; 'process.entry_leader.attested_user.id'?: string | undefined; 'process.entry_leader.attested_user.name'?: string | undefined; 'process.entry_leader.command_line'?: string | undefined; 'process.entry_leader.entity_id'?: string | undefined; 'process.entry_leader.entry_meta.source.ip'?: string | undefined; 'process.entry_leader.entry_meta.type'?: string | undefined; 'process.entry_leader.executable'?: string | undefined; 'process.entry_leader.group.id'?: string | undefined; 'process.entry_leader.group.name'?: string | undefined; 'process.entry_leader.interactive'?: boolean | undefined; 'process.entry_leader.name'?: string | undefined; 'process.entry_leader.parent.entity_id'?: string | undefined; 'process.entry_leader.parent.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.entity_id'?: string | undefined; 'process.entry_leader.parent.session_leader.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.start'?: string | number | undefined; 'process.entry_leader.parent.start'?: string | number | undefined; 'process.entry_leader.pid'?: string | number | undefined; 'process.entry_leader.real_group.id'?: string | undefined; 'process.entry_leader.real_group.name'?: string | undefined; 'process.entry_leader.real_user.id'?: string | undefined; 'process.entry_leader.real_user.name'?: string | undefined; 'process.entry_leader.same_as_process'?: boolean | undefined; 'process.entry_leader.saved_group.id'?: string | undefined; 'process.entry_leader.saved_group.name'?: string | undefined; 'process.entry_leader.saved_user.id'?: string | undefined; 'process.entry_leader.saved_user.name'?: string | undefined; 'process.entry_leader.start'?: string | number | undefined; 'process.entry_leader.supplemental_groups.id'?: string | undefined; 'process.entry_leader.supplemental_groups.name'?: string | undefined; 'process.entry_leader.tty'?: unknown; 'process.entry_leader.user.id'?: string | undefined; 'process.entry_leader.user.name'?: string | undefined; 'process.entry_leader.working_directory'?: string | undefined; 'process.env_vars'?: string[] | undefined; 'process.executable'?: string | undefined; 'process.exit_code'?: string | number | undefined; 'process.group_leader.args'?: string[] | undefined; 'process.group_leader.args_count'?: string | number | undefined; 'process.group_leader.command_line'?: string | undefined; 'process.group_leader.entity_id'?: string | undefined; 'process.group_leader.executable'?: string | undefined; 'process.group_leader.group.id'?: string | undefined; 'process.group_leader.group.name'?: string | undefined; 'process.group_leader.interactive'?: boolean | undefined; 'process.group_leader.name'?: string | undefined; 'process.group_leader.pid'?: string | number | undefined; 'process.group_leader.real_group.id'?: string | undefined; 'process.group_leader.real_group.name'?: string | undefined; 'process.group_leader.real_user.id'?: string | undefined; 'process.group_leader.real_user.name'?: string | undefined; 'process.group_leader.same_as_process'?: boolean | undefined; 'process.group_leader.saved_group.id'?: string | undefined; 'process.group_leader.saved_group.name'?: string | undefined; 'process.group_leader.saved_user.id'?: string | undefined; 'process.group_leader.saved_user.name'?: string | undefined; 'process.group_leader.start'?: string | number | undefined; 'process.group_leader.supplemental_groups.id'?: string | undefined; 'process.group_leader.supplemental_groups.name'?: string | undefined; 'process.group_leader.tty'?: unknown; 'process.group_leader.user.id'?: string | undefined; 'process.group_leader.user.name'?: string | undefined; 'process.group_leader.working_directory'?: string | undefined; 'process.hash.md5'?: string | undefined; 'process.hash.sha1'?: string | undefined; 'process.hash.sha256'?: string | undefined; 'process.hash.sha384'?: string | undefined; 'process.hash.sha512'?: string | undefined; 'process.hash.ssdeep'?: string | undefined; 'process.hash.tlsh'?: string | undefined; 'process.interactive'?: boolean | undefined; 'process.io'?: unknown; 'process.name'?: string | undefined; 'process.parent.args'?: string[] | undefined; 'process.parent.args_count'?: string | number | undefined; 'process.parent.code_signature.digest_algorithm'?: string | undefined; 'process.parent.code_signature.exists'?: boolean | undefined; 'process.parent.code_signature.signing_id'?: string | undefined; 'process.parent.code_signature.status'?: string | undefined; 'process.parent.code_signature.subject_name'?: string | undefined; 'process.parent.code_signature.team_id'?: string | undefined; 'process.parent.code_signature.timestamp'?: string | number | undefined; 'process.parent.code_signature.trusted'?: boolean | undefined; 'process.parent.code_signature.valid'?: boolean | undefined; 'process.parent.command_line'?: string | undefined; 'process.parent.elf.architecture'?: string | undefined; 'process.parent.elf.byte_order'?: string | undefined; 'process.parent.elf.cpu_type'?: string | undefined; 'process.parent.elf.creation_date'?: string | number | undefined; 'process.parent.elf.exports'?: unknown[] | undefined; 'process.parent.elf.header.abi_version'?: string | undefined; 'process.parent.elf.header.class'?: string | undefined; 'process.parent.elf.header.data'?: string | undefined; 'process.parent.elf.header.entrypoint'?: string | number | undefined; 'process.parent.elf.header.object_version'?: string | undefined; 'process.parent.elf.header.os_abi'?: string | undefined; 'process.parent.elf.header.type'?: string | undefined; 'process.parent.elf.header.version'?: string | undefined; 'process.parent.elf.imports'?: unknown[] | undefined; 'process.parent.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.parent.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.parent.elf.shared_libraries'?: string[] | undefined; 'process.parent.elf.telfhash'?: string | undefined; 'process.parent.end'?: string | number | undefined; 'process.parent.entity_id'?: string | undefined; 'process.parent.executable'?: string | undefined; 'process.parent.exit_code'?: string | number | undefined; 'process.parent.group.id'?: string | undefined; 'process.parent.group.name'?: string | undefined; 'process.parent.group_leader.entity_id'?: string | undefined; 'process.parent.group_leader.pid'?: string | number | undefined; 'process.parent.group_leader.start'?: string | number | undefined; 'process.parent.hash.md5'?: string | undefined; 'process.parent.hash.sha1'?: string | undefined; 'process.parent.hash.sha256'?: string | undefined; 'process.parent.hash.sha384'?: string | undefined; 'process.parent.hash.sha512'?: string | undefined; 'process.parent.hash.ssdeep'?: string | undefined; 'process.parent.hash.tlsh'?: string | undefined; 'process.parent.interactive'?: boolean | undefined; 'process.parent.name'?: string | undefined; 'process.parent.pe.architecture'?: string | undefined; 'process.parent.pe.company'?: string | undefined; 'process.parent.pe.description'?: string | undefined; 'process.parent.pe.file_version'?: string | undefined; 'process.parent.pe.imphash'?: string | undefined; 'process.parent.pe.original_file_name'?: string | undefined; 'process.parent.pe.pehash'?: string | undefined; 'process.parent.pe.product'?: string | undefined; 'process.parent.pgid'?: string | number | undefined; 'process.parent.pid'?: string | number | undefined; 'process.parent.real_group.id'?: string | undefined; 'process.parent.real_group.name'?: string | undefined; 'process.parent.real_user.id'?: string | undefined; 'process.parent.real_user.name'?: string | undefined; 'process.parent.saved_group.id'?: string | undefined; 'process.parent.saved_group.name'?: string | undefined; 'process.parent.saved_user.id'?: string | undefined; 'process.parent.saved_user.name'?: string | undefined; 'process.parent.start'?: string | number | undefined; 'process.parent.supplemental_groups.id'?: string | undefined; 'process.parent.supplemental_groups.name'?: string | undefined; 'process.parent.thread.id'?: string | number | undefined; 'process.parent.thread.name'?: string | undefined; 'process.parent.title'?: string | undefined; 'process.parent.tty'?: unknown; 'process.parent.uptime'?: string | number | undefined; 'process.parent.user.id'?: string | undefined; 'process.parent.user.name'?: string | undefined; 'process.parent.working_directory'?: string | undefined; 'process.pe.architecture'?: string | undefined; 'process.pe.company'?: string | undefined; 'process.pe.description'?: string | undefined; 'process.pe.file_version'?: string | undefined; 'process.pe.imphash'?: string | undefined; 'process.pe.original_file_name'?: string | undefined; 'process.pe.pehash'?: string | undefined; 'process.pe.product'?: string | undefined; 'process.pgid'?: string | number | undefined; 'process.pid'?: string | number | undefined; 'process.previous.args'?: string[] | undefined; 'process.previous.args_count'?: string | number | undefined; 'process.previous.executable'?: string | undefined; 'process.real_group.id'?: string | undefined; 'process.real_group.name'?: string | undefined; 'process.real_user.id'?: string | undefined; 'process.real_user.name'?: string | undefined; 'process.saved_group.id'?: string | undefined; 'process.saved_group.name'?: string | undefined; 'process.saved_user.id'?: string | undefined; 'process.saved_user.name'?: string | undefined; 'process.session_leader.args'?: string[] | undefined; 'process.session_leader.args_count'?: string | number | undefined; 'process.session_leader.command_line'?: string | undefined; 'process.session_leader.entity_id'?: string | undefined; 'process.session_leader.executable'?: string | undefined; 'process.session_leader.group.id'?: string | undefined; 'process.session_leader.group.name'?: string | undefined; 'process.session_leader.interactive'?: boolean | undefined; 'process.session_leader.name'?: string | undefined; 'process.session_leader.parent.entity_id'?: string | undefined; 'process.session_leader.parent.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.entity_id'?: string | undefined; 'process.session_leader.parent.session_leader.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.start'?: string | number | undefined; 'process.session_leader.parent.start'?: string | number | undefined; 'process.session_leader.pid'?: string | number | undefined; 'process.session_leader.real_group.id'?: string | undefined; 'process.session_leader.real_group.name'?: string | undefined; 'process.session_leader.real_user.id'?: string | undefined; 'process.session_leader.real_user.name'?: string | undefined; 'process.session_leader.same_as_process'?: boolean | undefined; 'process.session_leader.saved_group.id'?: string | undefined; 'process.session_leader.saved_group.name'?: string | undefined; 'process.session_leader.saved_user.id'?: string | undefined; 'process.session_leader.saved_user.name'?: string | undefined; 'process.session_leader.start'?: string | number | undefined; 'process.session_leader.supplemental_groups.id'?: string | undefined; 'process.session_leader.supplemental_groups.name'?: string | undefined; 'process.session_leader.tty'?: unknown; 'process.session_leader.user.id'?: string | undefined; 'process.session_leader.user.name'?: string | undefined; 'process.session_leader.working_directory'?: string | undefined; 'process.start'?: string | number | undefined; 'process.supplemental_groups.id'?: string | undefined; 'process.supplemental_groups.name'?: string | undefined; 'process.thread.id'?: string | number | undefined; 'process.thread.name'?: string | undefined; 'process.title'?: string | undefined; 'process.tty'?: unknown; 'process.uptime'?: string | number | undefined; 'process.user.id'?: string | undefined; 'process.user.name'?: string | undefined; 'process.working_directory'?: string | undefined; 'registry.data.bytes'?: string | undefined; 'registry.data.strings'?: string[] | undefined; 'registry.data.type'?: string | undefined; 'registry.hive'?: string | undefined; 'registry.key'?: string | undefined; 'registry.path'?: string | undefined; 'registry.value'?: string | undefined; 'related.hash'?: string[] | undefined; 'related.hosts'?: string[] | undefined; 'related.ip'?: string[] | undefined; 'related.user'?: string[] | undefined; 'rule.author'?: string[] | undefined; 'rule.category'?: string | undefined; 'rule.description'?: string | undefined; 'rule.id'?: string | undefined; 'rule.license'?: string | undefined; 'rule.name'?: string | undefined; 'rule.reference'?: string | undefined; 'rule.ruleset'?: string | undefined; 'rule.uuid'?: string | undefined; 'rule.version'?: string | undefined; 'server.address'?: string | undefined; 'server.as.number'?: string | number | undefined; 'server.as.organization.name'?: string | undefined; 'server.bytes'?: string | number | undefined; 'server.domain'?: string | undefined; 'server.geo.city_name'?: string | undefined; 'server.geo.continent_code'?: string | undefined; 'server.geo.continent_name'?: string | undefined; 'server.geo.country_iso_code'?: string | undefined; 'server.geo.country_name'?: string | undefined; 'server.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'server.geo.name'?: string | undefined; 'server.geo.postal_code'?: string | undefined; 'server.geo.region_iso_code'?: string | undefined; 'server.geo.region_name'?: string | undefined; 'server.geo.timezone'?: string | undefined; 'server.ip'?: string | undefined; 'server.mac'?: string | undefined; 'server.nat.ip'?: string | undefined; 'server.nat.port'?: string | number | undefined; 'server.packets'?: string | number | undefined; 'server.port'?: string | number | undefined; 'server.registered_domain'?: string | undefined; 'server.subdomain'?: string | undefined; 'server.top_level_domain'?: string | undefined; 'server.user.domain'?: string | undefined; 'server.user.email'?: string | undefined; 'server.user.full_name'?: string | undefined; 'server.user.group.domain'?: string | undefined; 'server.user.group.id'?: string | undefined; 'server.user.group.name'?: string | undefined; 'server.user.hash'?: string | undefined; 'server.user.id'?: string | undefined; 'server.user.name'?: string | undefined; 'server.user.roles'?: string[] | undefined; 'service.address'?: string | undefined; 'service.environment'?: string | undefined; 'service.ephemeral_id'?: string | undefined; 'service.id'?: string | undefined; 'service.name'?: string | undefined; 'service.node.name'?: string | undefined; 'service.node.role'?: string | undefined; 'service.node.roles'?: string[] | undefined; 'service.origin.address'?: string | undefined; 'service.origin.environment'?: string | undefined; 'service.origin.ephemeral_id'?: string | undefined; 'service.origin.id'?: string | undefined; 'service.origin.name'?: string | undefined; 'service.origin.node.name'?: string | undefined; 'service.origin.node.role'?: string | undefined; 'service.origin.node.roles'?: string[] | undefined; 'service.origin.state'?: string | undefined; 'service.origin.type'?: string | undefined; 'service.origin.version'?: string | undefined; 'service.state'?: string | undefined; 'service.target.address'?: string | undefined; 'service.target.environment'?: string | undefined; 'service.target.ephemeral_id'?: string | undefined; 'service.target.id'?: string | undefined; 'service.target.name'?: string | undefined; 'service.target.node.name'?: string | undefined; 'service.target.node.role'?: string | undefined; 'service.target.node.roles'?: string[] | undefined; 'service.target.state'?: string | undefined; 'service.target.type'?: string | undefined; 'service.target.version'?: string | undefined; 'service.type'?: string | undefined; 'service.version'?: string | undefined; 'source.address'?: string | undefined; 'source.as.number'?: string | number | undefined; 'source.as.organization.name'?: string | undefined; 'source.bytes'?: string | number | undefined; 'source.domain'?: string | undefined; 'source.geo.city_name'?: string | undefined; 'source.geo.continent_code'?: string | undefined; 'source.geo.continent_name'?: string | undefined; 'source.geo.country_iso_code'?: string | undefined; 'source.geo.country_name'?: string | undefined; 'source.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'source.geo.name'?: string | undefined; 'source.geo.postal_code'?: string | undefined; 'source.geo.region_iso_code'?: string | undefined; 'source.geo.region_name'?: string | undefined; 'source.geo.timezone'?: string | undefined; 'source.ip'?: string | undefined; 'source.mac'?: string | undefined; 'source.nat.ip'?: string | undefined; 'source.nat.port'?: string | number | undefined; 'source.packets'?: string | number | undefined; 'source.port'?: string | number | undefined; 'source.registered_domain'?: string | undefined; 'source.subdomain'?: string | undefined; 'source.top_level_domain'?: string | undefined; 'source.user.domain'?: string | undefined; 'source.user.email'?: string | undefined; 'source.user.full_name'?: string | undefined; 'source.user.group.domain'?: string | undefined; 'source.user.group.id'?: string | undefined; 'source.user.group.name'?: string | undefined; 'source.user.hash'?: string | undefined; 'source.user.id'?: string | undefined; 'source.user.name'?: string | undefined; 'source.user.roles'?: string[] | undefined; 'span.id'?: string | undefined; tags?: string[] | undefined; 'threat.enrichments'?: { indicator?: unknown; 'matched.atomic'?: string | undefined; 'matched.field'?: string | undefined; 'matched.id'?: string | undefined; 'matched.index'?: string | undefined; 'matched.occurred'?: string | number | undefined; 'matched.type'?: string | undefined; }[] | undefined; 'threat.feed.dashboard_id'?: string | undefined; 'threat.feed.description'?: string | undefined; 'threat.feed.name'?: string | undefined; 'threat.feed.reference'?: string | undefined; 'threat.framework'?: string | undefined; 'threat.group.alias'?: string[] | undefined; 'threat.group.id'?: string | undefined; 'threat.group.name'?: string | undefined; 'threat.group.reference'?: string | undefined; 'threat.indicator.as.number'?: string | number | undefined; 'threat.indicator.as.organization.name'?: string | undefined; 'threat.indicator.confidence'?: string | undefined; 'threat.indicator.description'?: string | undefined; 'threat.indicator.email.address'?: string | undefined; 'threat.indicator.file.accessed'?: string | number | undefined; 'threat.indicator.file.attributes'?: string[] | undefined; 'threat.indicator.file.code_signature.digest_algorithm'?: string | undefined; 'threat.indicator.file.code_signature.exists'?: boolean | undefined; 'threat.indicator.file.code_signature.signing_id'?: string | undefined; 'threat.indicator.file.code_signature.status'?: string | undefined; 'threat.indicator.file.code_signature.subject_name'?: string | undefined; 'threat.indicator.file.code_signature.team_id'?: string | undefined; 'threat.indicator.file.code_signature.timestamp'?: string | number | undefined; 'threat.indicator.file.code_signature.trusted'?: boolean | undefined; 'threat.indicator.file.code_signature.valid'?: boolean | undefined; 'threat.indicator.file.created'?: string | number | undefined; 'threat.indicator.file.ctime'?: string | number | undefined; 'threat.indicator.file.device'?: string | undefined; 'threat.indicator.file.directory'?: string | undefined; 'threat.indicator.file.drive_letter'?: string | undefined; 'threat.indicator.file.elf.architecture'?: string | undefined; 'threat.indicator.file.elf.byte_order'?: string | undefined; 'threat.indicator.file.elf.cpu_type'?: string | undefined; 'threat.indicator.file.elf.creation_date'?: string | number | undefined; 'threat.indicator.file.elf.exports'?: unknown[] | undefined; 'threat.indicator.file.elf.header.abi_version'?: string | undefined; 'threat.indicator.file.elf.header.class'?: string | undefined; 'threat.indicator.file.elf.header.data'?: string | undefined; 'threat.indicator.file.elf.header.entrypoint'?: string | number | undefined; 'threat.indicator.file.elf.header.object_version'?: string | undefined; 'threat.indicator.file.elf.header.os_abi'?: string | undefined; 'threat.indicator.file.elf.header.type'?: string | undefined; 'threat.indicator.file.elf.header.version'?: string | undefined; 'threat.indicator.file.elf.imports'?: unknown[] | undefined; 'threat.indicator.file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'threat.indicator.file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'threat.indicator.file.elf.shared_libraries'?: string[] | undefined; 'threat.indicator.file.elf.telfhash'?: string | undefined; 'threat.indicator.file.extension'?: string | undefined; 'threat.indicator.file.fork_name'?: string | undefined; 'threat.indicator.file.gid'?: string | undefined; 'threat.indicator.file.group'?: string | undefined; 'threat.indicator.file.hash.md5'?: string | undefined; 'threat.indicator.file.hash.sha1'?: string | undefined; 'threat.indicator.file.hash.sha256'?: string | undefined; 'threat.indicator.file.hash.sha384'?: string | undefined; 'threat.indicator.file.hash.sha512'?: string | undefined; 'threat.indicator.file.hash.ssdeep'?: string | undefined; 'threat.indicator.file.hash.tlsh'?: string | undefined; 'threat.indicator.file.inode'?: string | undefined; 'threat.indicator.file.mime_type'?: string | undefined; 'threat.indicator.file.mode'?: string | undefined; 'threat.indicator.file.mtime'?: string | number | undefined; 'threat.indicator.file.name'?: string | undefined; 'threat.indicator.file.owner'?: string | undefined; 'threat.indicator.file.path'?: string | undefined; 'threat.indicator.file.pe.architecture'?: string | undefined; 'threat.indicator.file.pe.company'?: string | undefined; 'threat.indicator.file.pe.description'?: string | undefined; 'threat.indicator.file.pe.file_version'?: string | undefined; 'threat.indicator.file.pe.imphash'?: string | undefined; 'threat.indicator.file.pe.original_file_name'?: string | undefined; 'threat.indicator.file.pe.pehash'?: string | undefined; 'threat.indicator.file.pe.product'?: string | undefined; 'threat.indicator.file.size'?: string | number | undefined; 'threat.indicator.file.target_path'?: string | undefined; 'threat.indicator.file.type'?: string | undefined; 'threat.indicator.file.uid'?: string | undefined; 'threat.indicator.file.x509.alternative_names'?: string[] | undefined; 'threat.indicator.file.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.file.x509.issuer.country'?: string[] | undefined; 'threat.indicator.file.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.not_after'?: string | number | undefined; 'threat.indicator.file.x509.not_before'?: string | number | undefined; 'threat.indicator.file.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.file.x509.public_key_curve'?: string | undefined; 'threat.indicator.file.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.file.x509.public_key_size'?: string | number | undefined; 'threat.indicator.file.x509.serial_number'?: string | undefined; 'threat.indicator.file.x509.signature_algorithm'?: string | undefined; 'threat.indicator.file.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.file.x509.subject.country'?: string[] | undefined; 'threat.indicator.file.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.subject.locality'?: string[] | undefined; 'threat.indicator.file.x509.subject.organization'?: string[] | undefined; 'threat.indicator.file.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.version_number'?: string | undefined; 'threat.indicator.first_seen'?: string | number | undefined; 'threat.indicator.geo.city_name'?: string | undefined; 'threat.indicator.geo.continent_code'?: string | undefined; 'threat.indicator.geo.continent_name'?: string | undefined; 'threat.indicator.geo.country_iso_code'?: string | undefined; 'threat.indicator.geo.country_name'?: string | undefined; 'threat.indicator.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'threat.indicator.geo.name'?: string | undefined; 'threat.indicator.geo.postal_code'?: string | undefined; 'threat.indicator.geo.region_iso_code'?: string | undefined; 'threat.indicator.geo.region_name'?: string | undefined; 'threat.indicator.geo.timezone'?: string | undefined; 'threat.indicator.ip'?: string | undefined; 'threat.indicator.last_seen'?: string | number | undefined; 'threat.indicator.marking.tlp'?: string | undefined; 'threat.indicator.marking.tlp_version'?: string | undefined; 'threat.indicator.modified_at'?: string | number | undefined; 'threat.indicator.port'?: string | number | undefined; 'threat.indicator.provider'?: string | undefined; 'threat.indicator.reference'?: string | undefined; 'threat.indicator.registry.data.bytes'?: string | undefined; 'threat.indicator.registry.data.strings'?: string[] | undefined; 'threat.indicator.registry.data.type'?: string | undefined; 'threat.indicator.registry.hive'?: string | undefined; 'threat.indicator.registry.key'?: string | undefined; 'threat.indicator.registry.path'?: string | undefined; 'threat.indicator.registry.value'?: string | undefined; 'threat.indicator.scanner_stats'?: string | number | undefined; 'threat.indicator.sightings'?: string | number | undefined; 'threat.indicator.type'?: string | undefined; 'threat.indicator.url.domain'?: string | undefined; 'threat.indicator.url.extension'?: string | undefined; 'threat.indicator.url.fragment'?: string | undefined; 'threat.indicator.url.full'?: string | undefined; 'threat.indicator.url.original'?: string | undefined; 'threat.indicator.url.password'?: string | undefined; 'threat.indicator.url.path'?: string | undefined; 'threat.indicator.url.port'?: string | number | undefined; 'threat.indicator.url.query'?: string | undefined; 'threat.indicator.url.registered_domain'?: string | undefined; 'threat.indicator.url.scheme'?: string | undefined; 'threat.indicator.url.subdomain'?: string | undefined; 'threat.indicator.url.top_level_domain'?: string | undefined; 'threat.indicator.url.username'?: string | undefined; 'threat.indicator.x509.alternative_names'?: string[] | undefined; 'threat.indicator.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.x509.issuer.country'?: string[] | undefined; 'threat.indicator.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.x509.not_after'?: string | number | undefined; 'threat.indicator.x509.not_before'?: string | number | undefined; 'threat.indicator.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.x509.public_key_curve'?: string | undefined; 'threat.indicator.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.x509.public_key_size'?: string | number | undefined; 'threat.indicator.x509.serial_number'?: string | undefined; 'threat.indicator.x509.signature_algorithm'?: string | undefined; 'threat.indicator.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.x509.subject.country'?: string[] | undefined; 'threat.indicator.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.x509.subject.locality'?: string[] | undefined; 'threat.indicator.x509.subject.organization'?: string[] | undefined; 'threat.indicator.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.x509.version_number'?: string | undefined; 'threat.software.alias'?: string[] | undefined; 'threat.software.id'?: string | undefined; 'threat.software.name'?: string | undefined; 'threat.software.platforms'?: string[] | undefined; 'threat.software.reference'?: string | undefined; 'threat.software.type'?: string | undefined; 'threat.tactic.id'?: string[] | undefined; 'threat.tactic.name'?: string[] | undefined; 'threat.tactic.reference'?: string[] | undefined; 'threat.technique.id'?: string[] | undefined; 'threat.technique.name'?: string[] | undefined; 'threat.technique.reference'?: string[] | undefined; 'threat.technique.subtechnique.id'?: string[] | undefined; 'threat.technique.subtechnique.name'?: string[] | undefined; 'threat.technique.subtechnique.reference'?: string[] | undefined; 'tls.cipher'?: string | undefined; 'tls.client.certificate'?: string | undefined; 'tls.client.certificate_chain'?: string[] | undefined; 'tls.client.hash.md5'?: string | undefined; 'tls.client.hash.sha1'?: string | undefined; 'tls.client.hash.sha256'?: string | undefined; 'tls.client.issuer'?: string | undefined; 'tls.client.ja3'?: string | undefined; 'tls.client.not_after'?: string | number | undefined; 'tls.client.not_before'?: string | number | undefined; 'tls.client.server_name'?: string | undefined; 'tls.client.subject'?: string | undefined; 'tls.client.supported_ciphers'?: string[] | undefined; 'tls.client.x509.alternative_names'?: string[] | undefined; 'tls.client.x509.issuer.common_name'?: string[] | undefined; 'tls.client.x509.issuer.country'?: string[] | undefined; 'tls.client.x509.issuer.distinguished_name'?: string | undefined; 'tls.client.x509.issuer.locality'?: string[] | undefined; 'tls.client.x509.issuer.organization'?: string[] | undefined; 'tls.client.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.client.x509.issuer.state_or_province'?: string[] | undefined; 'tls.client.x509.not_after'?: string | number | undefined; 'tls.client.x509.not_before'?: string | number | undefined; 'tls.client.x509.public_key_algorithm'?: string | undefined; 'tls.client.x509.public_key_curve'?: string | undefined; 'tls.client.x509.public_key_exponent'?: string | number | undefined; 'tls.client.x509.public_key_size'?: string | number | undefined; 'tls.client.x509.serial_number'?: string | undefined; 'tls.client.x509.signature_algorithm'?: string | undefined; 'tls.client.x509.subject.common_name'?: string[] | undefined; 'tls.client.x509.subject.country'?: string[] | undefined; 'tls.client.x509.subject.distinguished_name'?: string | undefined; 'tls.client.x509.subject.locality'?: string[] | undefined; 'tls.client.x509.subject.organization'?: string[] | undefined; 'tls.client.x509.subject.organizational_unit'?: string[] | undefined; 'tls.client.x509.subject.state_or_province'?: string[] | undefined; 'tls.client.x509.version_number'?: string | undefined; 'tls.curve'?: string | undefined; 'tls.established'?: boolean | undefined; 'tls.next_protocol'?: string | undefined; 'tls.resumed'?: boolean | undefined; 'tls.server.certificate'?: string | undefined; 'tls.server.certificate_chain'?: string[] | undefined; 'tls.server.hash.md5'?: string | undefined; 'tls.server.hash.sha1'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.issuer'?: string | undefined; 'tls.server.ja3s'?: string | undefined; 'tls.server.not_after'?: string | number | undefined; 'tls.server.not_before'?: string | number | undefined; 'tls.server.subject'?: string | undefined; 'tls.server.x509.alternative_names'?: string[] | undefined; 'tls.server.x509.issuer.common_name'?: string[] | undefined; 'tls.server.x509.issuer.country'?: string[] | undefined; 'tls.server.x509.issuer.distinguished_name'?: string | undefined; 'tls.server.x509.issuer.locality'?: string[] | undefined; 'tls.server.x509.issuer.organization'?: string[] | undefined; 'tls.server.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.server.x509.issuer.state_or_province'?: string[] | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.public_key_algorithm'?: string | undefined; 'tls.server.x509.public_key_curve'?: string | undefined; 'tls.server.x509.public_key_exponent'?: string | number | undefined; 'tls.server.x509.public_key_size'?: string | number | undefined; 'tls.server.x509.serial_number'?: string | undefined; 'tls.server.x509.signature_algorithm'?: string | undefined; 'tls.server.x509.subject.common_name'?: string[] | undefined; 'tls.server.x509.subject.country'?: string[] | undefined; 'tls.server.x509.subject.distinguished_name'?: string | undefined; 'tls.server.x509.subject.locality'?: string[] | undefined; 'tls.server.x509.subject.organization'?: string[] | undefined; 'tls.server.x509.subject.organizational_unit'?: string[] | undefined; 'tls.server.x509.subject.state_or_province'?: string[] | undefined; 'tls.server.x509.version_number'?: string | undefined; 'tls.version'?: string | undefined; 'tls.version_protocol'?: string | undefined; 'trace.id'?: string | undefined; 'transaction.id'?: string | undefined; 'url.domain'?: string | undefined; 'url.extension'?: string | undefined; 'url.fragment'?: string | undefined; 'url.full'?: string | undefined; 'url.original'?: string | undefined; 'url.password'?: string | undefined; 'url.path'?: string | undefined; 'url.port'?: string | number | undefined; 'url.query'?: string | undefined; 'url.registered_domain'?: string | undefined; 'url.scheme'?: string | undefined; 'url.subdomain'?: string | undefined; 'url.top_level_domain'?: string | undefined; 'url.username'?: string | undefined; 'user.changes.domain'?: string | undefined; 'user.changes.email'?: string | undefined; 'user.changes.full_name'?: string | undefined; 'user.changes.group.domain'?: string | undefined; 'user.changes.group.id'?: string | undefined; 'user.changes.group.name'?: string | undefined; 'user.changes.hash'?: string | undefined; 'user.changes.id'?: string | undefined; 'user.changes.name'?: string | undefined; 'user.changes.roles'?: string[] | undefined; 'user.domain'?: string | undefined; 'user.effective.domain'?: string | undefined; 'user.effective.email'?: string | undefined; 'user.effective.full_name'?: string | undefined; 'user.effective.group.domain'?: string | undefined; 'user.effective.group.id'?: string | undefined; 'user.effective.group.name'?: string | undefined; 'user.effective.hash'?: string | undefined; 'user.effective.id'?: string | undefined; 'user.effective.name'?: string | undefined; 'user.effective.roles'?: string[] | undefined; 'user.email'?: string | undefined; 'user.full_name'?: string | undefined; 'user.group.domain'?: string | undefined; 'user.group.id'?: string | undefined; 'user.group.name'?: string | undefined; 'user.hash'?: string | undefined; 'user.id'?: string | undefined; 'user.name'?: string | undefined; 'user.risk.calculated_level'?: string | undefined; 'user.risk.calculated_score'?: number | undefined; 'user.risk.calculated_score_norm'?: number | undefined; 'user.risk.static_level'?: string | undefined; 'user.risk.static_score'?: number | undefined; 'user.risk.static_score_norm'?: number | undefined; 'user.roles'?: string[] | undefined; 'user.target.domain'?: string | undefined; 'user.target.email'?: string | undefined; 'user.target.full_name'?: string | undefined; 'user.target.group.domain'?: string | undefined; 'user.target.group.id'?: string | undefined; 'user.target.group.name'?: string | undefined; 'user.target.hash'?: string | undefined; 'user.target.id'?: string | undefined; 'user.target.name'?: string | undefined; 'user.target.roles'?: string[] | undefined; 'user_agent.device.name'?: string | undefined; 'user_agent.name'?: string | undefined; 'user_agent.original'?: string | undefined; 'user_agent.os.family'?: string | undefined; 'user_agent.os.full'?: string | undefined; 'user_agent.os.kernel'?: string | undefined; 'user_agent.os.name'?: string | undefined; 'user_agent.os.platform'?: string | undefined; 'user_agent.os.type'?: string | undefined; 'user_agent.os.version'?: string | undefined; 'user_agent.version'?: string | undefined; 'vulnerability.category'?: string[] | undefined; 'vulnerability.classification'?: string | undefined; 'vulnerability.description'?: string | undefined; 'vulnerability.enumeration'?: string | undefined; 'vulnerability.id'?: string | undefined; 'vulnerability.reference'?: string | undefined; 'vulnerability.report_id'?: string | undefined; 'vulnerability.scanner.vendor'?: string | undefined; 'vulnerability.score.base'?: number | undefined; 'vulnerability.score.environmental'?: number | undefined; 'vulnerability.score.temporal'?: number | undefined; 'vulnerability.score.version'?: string | undefined; 'vulnerability.severity'?: string | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }) | ({} & { 'kibana.alert.context'?: unknown; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'slo.id'?: string | undefined; 'slo.instanceId'?: string | undefined; 'slo.revision'?: string | number | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }) | ({} & { 'agent.name'?: string | undefined; 'anomaly.bucket_span.minutes'?: string | undefined; 'anomaly.start'?: string | number | undefined; 'error.message'?: string | undefined; 'kibana.alert.context'?: unknown; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'monitor.id'?: string | undefined; 'monitor.name'?: string | undefined; 'monitor.type'?: string | undefined; 'observer.geo.name'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.x509.issuer.common_name'?: string | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.subject.common_name'?: string | undefined; 'url.full'?: string | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }) | ({ '@timestamp': string | number; 'kibana.alert.ancestors': { depth: string | number; id: string; index: string; type: string; }[]; 'kibana.alert.depth': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.original_event.action': string; 'kibana.alert.original_event.category': string[]; 'kibana.alert.original_event.created': string | number; 'kibana.alert.original_event.dataset': string; 'kibana.alert.original_event.id': string; 'kibana.alert.original_event.ingested': string | number; 'kibana.alert.original_event.kind': string; 'kibana.alert.original_event.module': string; 'kibana.alert.original_event.original': string; 'kibana.alert.original_event.outcome': string; 'kibana.alert.original_event.provider': string; 'kibana.alert.original_event.sequence': string | number; 'kibana.alert.original_event.type': string[]; 'kibana.alert.original_time': string | number; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.false_positives': string[]; 'kibana.alert.rule.max_signals': (string | number)[]; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.threat.framework': string; 'kibana.alert.rule.threat.tactic.id': string; 'kibana.alert.rule.threat.tactic.name': string; 'kibana.alert.rule.threat.tactic.reference': string; 'kibana.alert.rule.threat.technique.id': string; 'kibana.alert.rule.threat.technique.name': string; 'kibana.alert.rule.threat.technique.reference': string; 'kibana.alert.rule.threat.technique.subtechnique.id': string; 'kibana.alert.rule.threat.technique.subtechnique.name': string; 'kibana.alert.rule.threat.technique.subtechnique.reference': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'ecs.version'?: string | undefined; 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.ancestors.rule'?: string | undefined; 'kibana.alert.building_block_type'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.group.id'?: string | undefined; 'kibana.alert.group.index'?: number | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.new_terms'?: string[] | undefined; 'kibana.alert.original_event.agent_id_status'?: string | undefined; 'kibana.alert.original_event.code'?: string | undefined; 'kibana.alert.original_event.duration'?: string | undefined; 'kibana.alert.original_event.end'?: string | number | undefined; 'kibana.alert.original_event.hash'?: string | undefined; 'kibana.alert.original_event.reason'?: string | undefined; 'kibana.alert.original_event.reference'?: string | undefined; 'kibana.alert.original_event.risk_score'?: number | undefined; 'kibana.alert.original_event.risk_score_norm'?: number | undefined; 'kibana.alert.original_event.severity'?: string | number | undefined; 'kibana.alert.original_event.start'?: string | number | undefined; 'kibana.alert.original_event.timezone'?: string | undefined; 'kibana.alert.original_event.url'?: string | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.building_block_type'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.immutable'?: string[] | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.rule.timeline_id'?: string[] | undefined; 'kibana.alert.rule.timeline_title'?: string[] | undefined; 'kibana.alert.rule.timestamp_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.threshold_result.cardinality'?: unknown; 'kibana.alert.threshold_result.count'?: string | number | undefined; 'kibana.alert.threshold_result.from'?: string | number | undefined; 'kibana.alert.threshold_result.terms'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.alert.workflow_user'?: string | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'ecs.version': string; } & { 'agent.build.original'?: string | undefined; 'agent.ephemeral_id'?: string | undefined; 'agent.id'?: string | undefined; 'agent.name'?: string | undefined; 'agent.type'?: string | undefined; 'agent.version'?: string | undefined; 'client.address'?: string | undefined; 'client.as.number'?: string | number | undefined; 'client.as.organization.name'?: string | undefined; 'client.bytes'?: string | number | undefined; 'client.domain'?: string | undefined; 'client.geo.city_name'?: string | undefined; 'client.geo.continent_code'?: string | undefined; 'client.geo.continent_name'?: string | undefined; 'client.geo.country_iso_code'?: string | undefined; 'client.geo.country_name'?: string | undefined; 'client.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'client.geo.name'?: string | undefined; 'client.geo.postal_code'?: string | undefined; 'client.geo.region_iso_code'?: string | undefined; 'client.geo.region_name'?: string | undefined; 'client.geo.timezone'?: string | undefined; 'client.ip'?: string | undefined; 'client.mac'?: string | undefined; 'client.nat.ip'?: string | undefined; 'client.nat.port'?: string | number | undefined; 'client.packets'?: string | number | undefined; 'client.port'?: string | number | undefined; 'client.registered_domain'?: string | undefined; 'client.subdomain'?: string | undefined; 'client.top_level_domain'?: string | undefined; 'client.user.domain'?: string | undefined; 'client.user.email'?: string | undefined; 'client.user.full_name'?: string | undefined; 'client.user.group.domain'?: string | undefined; 'client.user.group.id'?: string | undefined; 'client.user.group.name'?: string | undefined; 'client.user.hash'?: string | undefined; 'client.user.id'?: string | undefined; 'client.user.name'?: string | undefined; 'client.user.roles'?: string[] | undefined; 'cloud.account.id'?: string | undefined; 'cloud.account.name'?: string | undefined; 'cloud.availability_zone'?: string | undefined; 'cloud.instance.id'?: string | undefined; 'cloud.instance.name'?: string | undefined; 'cloud.machine.type'?: string | undefined; 'cloud.origin.account.id'?: string | undefined; 'cloud.origin.account.name'?: string | undefined; 'cloud.origin.availability_zone'?: string | undefined; 'cloud.origin.instance.id'?: string | undefined; 'cloud.origin.instance.name'?: string | undefined; 'cloud.origin.machine.type'?: string | undefined; 'cloud.origin.project.id'?: string | undefined; 'cloud.origin.project.name'?: string | undefined; 'cloud.origin.provider'?: string | undefined; 'cloud.origin.region'?: string | undefined; 'cloud.origin.service.name'?: string | undefined; 'cloud.project.id'?: string | undefined; 'cloud.project.name'?: string | undefined; 'cloud.provider'?: string | undefined; 'cloud.region'?: string | undefined; 'cloud.service.name'?: string | undefined; 'cloud.target.account.id'?: string | undefined; 'cloud.target.account.name'?: string | undefined; 'cloud.target.availability_zone'?: string | undefined; 'cloud.target.instance.id'?: string | undefined; 'cloud.target.instance.name'?: string | undefined; 'cloud.target.machine.type'?: string | undefined; 'cloud.target.project.id'?: string | undefined; 'cloud.target.project.name'?: string | undefined; 'cloud.target.provider'?: string | undefined; 'cloud.target.region'?: string | undefined; 'cloud.target.service.name'?: string | undefined; 'container.cpu.usage'?: string | number | undefined; 'container.disk.read.bytes'?: string | number | undefined; 'container.disk.write.bytes'?: string | number | undefined; 'container.id'?: string | undefined; 'container.image.hash.all'?: string[] | undefined; 'container.image.name'?: string | undefined; 'container.image.tag'?: string[] | undefined; 'container.labels'?: unknown; 'container.memory.usage'?: string | number | undefined; 'container.name'?: string | undefined; 'container.network.egress.bytes'?: string | number | undefined; 'container.network.ingress.bytes'?: string | number | undefined; 'container.runtime'?: string | undefined; 'destination.address'?: string | undefined; 'destination.as.number'?: string | number | undefined; 'destination.as.organization.name'?: string | undefined; 'destination.bytes'?: string | number | undefined; 'destination.domain'?: string | undefined; 'destination.geo.city_name'?: string | undefined; 'destination.geo.continent_code'?: string | undefined; 'destination.geo.continent_name'?: string | undefined; 'destination.geo.country_iso_code'?: string | undefined; 'destination.geo.country_name'?: string | undefined; 'destination.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'destination.geo.name'?: string | undefined; 'destination.geo.postal_code'?: string | undefined; 'destination.geo.region_iso_code'?: string | undefined; 'destination.geo.region_name'?: string | undefined; 'destination.geo.timezone'?: string | undefined; 'destination.ip'?: string | undefined; 'destination.mac'?: string | undefined; 'destination.nat.ip'?: string | undefined; 'destination.nat.port'?: string | number | undefined; 'destination.packets'?: string | number | undefined; 'destination.port'?: string | number | undefined; 'destination.registered_domain'?: string | undefined; 'destination.subdomain'?: string | undefined; 'destination.top_level_domain'?: string | undefined; 'destination.user.domain'?: string | undefined; 'destination.user.email'?: string | undefined; 'destination.user.full_name'?: string | undefined; 'destination.user.group.domain'?: string | undefined; 'destination.user.group.id'?: string | undefined; 'destination.user.group.name'?: string | undefined; 'destination.user.hash'?: string | undefined; 'destination.user.id'?: string | undefined; 'destination.user.name'?: string | undefined; 'destination.user.roles'?: string[] | undefined; 'device.id'?: string | undefined; 'device.manufacturer'?: string | undefined; 'device.model.identifier'?: string | undefined; 'device.model.name'?: string | undefined; 'dll.code_signature.digest_algorithm'?: string | undefined; 'dll.code_signature.exists'?: boolean | undefined; 'dll.code_signature.signing_id'?: string | undefined; 'dll.code_signature.status'?: string | undefined; 'dll.code_signature.subject_name'?: string | undefined; 'dll.code_signature.team_id'?: string | undefined; 'dll.code_signature.timestamp'?: string | number | undefined; 'dll.code_signature.trusted'?: boolean | undefined; 'dll.code_signature.valid'?: boolean | undefined; 'dll.hash.md5'?: string | undefined; 'dll.hash.sha1'?: string | undefined; 'dll.hash.sha256'?: string | undefined; 'dll.hash.sha384'?: string | undefined; 'dll.hash.sha512'?: string | undefined; 'dll.hash.ssdeep'?: string | undefined; 'dll.hash.tlsh'?: string | undefined; 'dll.name'?: string | undefined; 'dll.path'?: string | undefined; 'dll.pe.architecture'?: string | undefined; 'dll.pe.company'?: string | undefined; 'dll.pe.description'?: string | undefined; 'dll.pe.file_version'?: string | undefined; 'dll.pe.imphash'?: string | undefined; 'dll.pe.original_file_name'?: string | undefined; 'dll.pe.pehash'?: string | undefined; 'dll.pe.product'?: string | undefined; 'dns.answers'?: { class?: string | undefined; data?: string | undefined; name?: string | undefined; ttl?: string | number | undefined; type?: string | undefined; }[] | undefined; 'dns.header_flags'?: string[] | undefined; 'dns.id'?: string | undefined; 'dns.op_code'?: string | undefined; 'dns.question.class'?: string | undefined; 'dns.question.name'?: string | undefined; 'dns.question.registered_domain'?: string | undefined; 'dns.question.subdomain'?: string | undefined; 'dns.question.top_level_domain'?: string | undefined; 'dns.question.type'?: string | undefined; 'dns.resolved_ip'?: string[] | undefined; 'dns.response_code'?: string | undefined; 'dns.type'?: string | undefined; 'email.attachments'?: { 'file.extension'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.name'?: string | undefined; 'file.size'?: string | number | undefined; }[] | undefined; 'email.bcc.address'?: string[] | undefined; 'email.cc.address'?: string[] | undefined; 'email.content_type'?: string | undefined; 'email.delivery_timestamp'?: string | number | undefined; 'email.direction'?: string | undefined; 'email.from.address'?: string[] | undefined; 'email.local_id'?: string | undefined; 'email.message_id'?: string | undefined; 'email.origination_timestamp'?: string | number | undefined; 'email.reply_to.address'?: string[] | undefined; 'email.sender.address'?: string | undefined; 'email.subject'?: string | undefined; 'email.to.address'?: string[] | undefined; 'email.x_mailer'?: string | undefined; 'error.code'?: string | undefined; 'error.id'?: string | undefined; 'error.message'?: string | undefined; 'error.stack_trace'?: string | undefined; 'error.type'?: string | undefined; 'event.action'?: string | undefined; 'event.agent_id_status'?: string | undefined; 'event.category'?: string[] | undefined; 'event.code'?: string | undefined; 'event.created'?: string | number | undefined; 'event.dataset'?: string | undefined; 'event.duration'?: string | number | undefined; 'event.end'?: string | number | undefined; 'event.hash'?: string | undefined; 'event.id'?: string | undefined; 'event.ingested'?: string | number | undefined; 'event.kind'?: string | undefined; 'event.module'?: string | undefined; 'event.original'?: string | undefined; 'event.outcome'?: string | undefined; 'event.provider'?: string | undefined; 'event.reason'?: string | undefined; 'event.reference'?: string | undefined; 'event.risk_score'?: number | undefined; 'event.risk_score_norm'?: number | undefined; 'event.sequence'?: string | number | undefined; 'event.severity'?: string | number | undefined; 'event.start'?: string | number | undefined; 'event.timezone'?: string | undefined; 'event.type'?: string[] | undefined; 'event.url'?: string | undefined; 'faas.coldstart'?: boolean | undefined; 'faas.execution'?: string | undefined; 'faas.id'?: string | undefined; 'faas.name'?: string | undefined; 'faas.trigger'?: unknown; 'faas.version'?: string | undefined; 'file.accessed'?: string | number | undefined; 'file.attributes'?: string[] | undefined; 'file.code_signature.digest_algorithm'?: string | undefined; 'file.code_signature.exists'?: boolean | undefined; 'file.code_signature.signing_id'?: string | undefined; 'file.code_signature.status'?: string | undefined; 'file.code_signature.subject_name'?: string | undefined; 'file.code_signature.team_id'?: string | undefined; 'file.code_signature.timestamp'?: string | number | undefined; 'file.code_signature.trusted'?: boolean | undefined; 'file.code_signature.valid'?: boolean | undefined; 'file.created'?: string | number | undefined; 'file.ctime'?: string | number | undefined; 'file.device'?: string | undefined; 'file.directory'?: string | undefined; 'file.drive_letter'?: string | undefined; 'file.elf.architecture'?: string | undefined; 'file.elf.byte_order'?: string | undefined; 'file.elf.cpu_type'?: string | undefined; 'file.elf.creation_date'?: string | number | undefined; 'file.elf.exports'?: unknown[] | undefined; 'file.elf.header.abi_version'?: string | undefined; 'file.elf.header.class'?: string | undefined; 'file.elf.header.data'?: string | undefined; 'file.elf.header.entrypoint'?: string | number | undefined; 'file.elf.header.object_version'?: string | undefined; 'file.elf.header.os_abi'?: string | undefined; 'file.elf.header.type'?: string | undefined; 'file.elf.header.version'?: string | undefined; 'file.elf.imports'?: unknown[] | undefined; 'file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'file.elf.shared_libraries'?: string[] | undefined; 'file.elf.telfhash'?: string | undefined; 'file.extension'?: string | undefined; 'file.fork_name'?: string | undefined; 'file.gid'?: string | undefined; 'file.group'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.inode'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.mode'?: string | undefined; 'file.mtime'?: string | number | undefined; 'file.name'?: string | undefined; 'file.owner'?: string | undefined; 'file.path'?: string | undefined; 'file.pe.architecture'?: string | undefined; 'file.pe.company'?: string | undefined; 'file.pe.description'?: string | undefined; 'file.pe.file_version'?: string | undefined; 'file.pe.imphash'?: string | undefined; 'file.pe.original_file_name'?: string | undefined; 'file.pe.pehash'?: string | undefined; 'file.pe.product'?: string | undefined; 'file.size'?: string | number | undefined; 'file.target_path'?: string | undefined; 'file.type'?: string | undefined; 'file.uid'?: string | undefined; 'file.x509.alternative_names'?: string[] | undefined; 'file.x509.issuer.common_name'?: string[] | undefined; 'file.x509.issuer.country'?: string[] | undefined; 'file.x509.issuer.distinguished_name'?: string | undefined; 'file.x509.issuer.locality'?: string[] | undefined; 'file.x509.issuer.organization'?: string[] | undefined; 'file.x509.issuer.organizational_unit'?: string[] | undefined; 'file.x509.issuer.state_or_province'?: string[] | undefined; 'file.x509.not_after'?: string | number | undefined; 'file.x509.not_before'?: string | number | undefined; 'file.x509.public_key_algorithm'?: string | undefined; 'file.x509.public_key_curve'?: string | undefined; 'file.x509.public_key_exponent'?: string | number | undefined; 'file.x509.public_key_size'?: string | number | undefined; 'file.x509.serial_number'?: string | undefined; 'file.x509.signature_algorithm'?: string | undefined; 'file.x509.subject.common_name'?: string[] | undefined; 'file.x509.subject.country'?: string[] | undefined; 'file.x509.subject.distinguished_name'?: string | undefined; 'file.x509.subject.locality'?: string[] | undefined; 'file.x509.subject.organization'?: string[] | undefined; 'file.x509.subject.organizational_unit'?: string[] | undefined; 'file.x509.subject.state_or_province'?: string[] | undefined; 'file.x509.version_number'?: string | undefined; 'group.domain'?: string | undefined; 'group.id'?: string | undefined; 'group.name'?: string | undefined; 'host.architecture'?: string | undefined; 'host.boot.id'?: string | undefined; 'host.cpu.usage'?: string | number | undefined; 'host.disk.read.bytes'?: string | number | undefined; 'host.disk.write.bytes'?: string | number | undefined; 'host.domain'?: string | undefined; 'host.geo.city_name'?: string | undefined; 'host.geo.continent_code'?: string | undefined; 'host.geo.continent_name'?: string | undefined; 'host.geo.country_iso_code'?: string | undefined; 'host.geo.country_name'?: string | undefined; 'host.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'host.geo.name'?: string | undefined; 'host.geo.postal_code'?: string | undefined; 'host.geo.region_iso_code'?: string | undefined; 'host.geo.region_name'?: string | undefined; 'host.geo.timezone'?: string | undefined; 'host.hostname'?: string | undefined; 'host.id'?: string | undefined; 'host.ip'?: string[] | undefined; 'host.mac'?: string[] | undefined; 'host.name'?: string | undefined; 'host.network.egress.bytes'?: string | number | undefined; 'host.network.egress.packets'?: string | number | undefined; 'host.network.ingress.bytes'?: string | number | undefined; 'host.network.ingress.packets'?: string | number | undefined; 'host.os.family'?: string | undefined; 'host.os.full'?: string | undefined; 'host.os.kernel'?: string | undefined; 'host.os.name'?: string | undefined; 'host.os.platform'?: string | undefined; 'host.os.type'?: string | undefined; 'host.os.version'?: string | undefined; 'host.pid_ns_ino'?: string | undefined; 'host.risk.calculated_level'?: string | undefined; 'host.risk.calculated_score'?: number | undefined; 'host.risk.calculated_score_norm'?: number | undefined; 'host.risk.static_level'?: string | undefined; 'host.risk.static_score'?: number | undefined; 'host.risk.static_score_norm'?: number | undefined; 'host.type'?: string | undefined; 'host.uptime'?: string | number | undefined; 'http.request.body.bytes'?: string | number | undefined; 'http.request.body.content'?: string | undefined; 'http.request.bytes'?: string | number | undefined; 'http.request.id'?: string | undefined; 'http.request.method'?: string | undefined; 'http.request.mime_type'?: string | undefined; 'http.request.referrer'?: string | undefined; 'http.response.body.bytes'?: string | number | undefined; 'http.response.body.content'?: string | undefined; 'http.response.bytes'?: string | number | undefined; 'http.response.mime_type'?: string | undefined; 'http.response.status_code'?: string | number | undefined; 'http.version'?: string | undefined; labels?: unknown; 'log.file.path'?: string | undefined; 'log.level'?: string | undefined; 'log.logger'?: string | undefined; 'log.origin.file.line'?: string | number | undefined; 'log.origin.file.name'?: string | undefined; 'log.origin.function'?: string | undefined; 'log.syslog'?: unknown; message?: string | undefined; 'network.application'?: string | undefined; 'network.bytes'?: string | number | undefined; 'network.community_id'?: string | undefined; 'network.direction'?: string | undefined; 'network.forwarded_ip'?: string | undefined; 'network.iana_number'?: string | undefined; 'network.inner'?: unknown; 'network.name'?: string | undefined; 'network.packets'?: string | number | undefined; 'network.protocol'?: string | undefined; 'network.transport'?: string | undefined; 'network.type'?: string | undefined; 'network.vlan.id'?: string | undefined; 'network.vlan.name'?: string | undefined; 'observer.egress'?: unknown; 'observer.geo.city_name'?: string | undefined; 'observer.geo.continent_code'?: string | undefined; 'observer.geo.continent_name'?: string | undefined; 'observer.geo.country_iso_code'?: string | undefined; 'observer.geo.country_name'?: string | undefined; 'observer.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'observer.geo.name'?: string | undefined; 'observer.geo.postal_code'?: string | undefined; 'observer.geo.region_iso_code'?: string | undefined; 'observer.geo.region_name'?: string | undefined; 'observer.geo.timezone'?: string | undefined; 'observer.hostname'?: string | undefined; 'observer.ingress'?: unknown; 'observer.ip'?: string[] | undefined; 'observer.mac'?: string[] | undefined; 'observer.name'?: string | undefined; 'observer.os.family'?: string | undefined; 'observer.os.full'?: string | undefined; 'observer.os.kernel'?: string | undefined; 'observer.os.name'?: string | undefined; 'observer.os.platform'?: string | undefined; 'observer.os.type'?: string | undefined; 'observer.os.version'?: string | undefined; 'observer.product'?: string | undefined; 'observer.serial_number'?: string | undefined; 'observer.type'?: string | undefined; 'observer.vendor'?: string | undefined; 'observer.version'?: string | undefined; 'orchestrator.api_version'?: string | undefined; 'orchestrator.cluster.id'?: string | undefined; 'orchestrator.cluster.name'?: string | undefined; 'orchestrator.cluster.url'?: string | undefined; 'orchestrator.cluster.version'?: string | undefined; 'orchestrator.namespace'?: string | undefined; 'orchestrator.organization'?: string | undefined; 'orchestrator.resource.id'?: string | undefined; 'orchestrator.resource.ip'?: string[] | undefined; 'orchestrator.resource.name'?: string | undefined; 'orchestrator.resource.parent.type'?: string | undefined; 'orchestrator.resource.type'?: string | undefined; 'orchestrator.type'?: string | undefined; 'organization.id'?: string | undefined; 'organization.name'?: string | undefined; 'package.architecture'?: string | undefined; 'package.build_version'?: string | undefined; 'package.checksum'?: string | undefined; 'package.description'?: string | undefined; 'package.install_scope'?: string | undefined; 'package.installed'?: string | number | undefined; 'package.license'?: string | undefined; 'package.name'?: string | undefined; 'package.path'?: string | undefined; 'package.reference'?: string | undefined; 'package.size'?: string | number | undefined; 'package.type'?: string | undefined; 'package.version'?: string | undefined; 'process.args'?: string[] | undefined; 'process.args_count'?: string | number | undefined; 'process.code_signature.digest_algorithm'?: string | undefined; 'process.code_signature.exists'?: boolean | undefined; 'process.code_signature.signing_id'?: string | undefined; 'process.code_signature.status'?: string | undefined; 'process.code_signature.subject_name'?: string | undefined; 'process.code_signature.team_id'?: string | undefined; 'process.code_signature.timestamp'?: string | number | undefined; 'process.code_signature.trusted'?: boolean | undefined; 'process.code_signature.valid'?: boolean | undefined; 'process.command_line'?: string | undefined; 'process.elf.architecture'?: string | undefined; 'process.elf.byte_order'?: string | undefined; 'process.elf.cpu_type'?: string | undefined; 'process.elf.creation_date'?: string | number | undefined; 'process.elf.exports'?: unknown[] | undefined; 'process.elf.header.abi_version'?: string | undefined; 'process.elf.header.class'?: string | undefined; 'process.elf.header.data'?: string | undefined; 'process.elf.header.entrypoint'?: string | number | undefined; 'process.elf.header.object_version'?: string | undefined; 'process.elf.header.os_abi'?: string | undefined; 'process.elf.header.type'?: string | undefined; 'process.elf.header.version'?: string | undefined; 'process.elf.imports'?: unknown[] | undefined; 'process.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.elf.shared_libraries'?: string[] | undefined; 'process.elf.telfhash'?: string | undefined; 'process.end'?: string | number | undefined; 'process.entity_id'?: string | undefined; 'process.entry_leader.args'?: string[] | undefined; 'process.entry_leader.args_count'?: string | number | undefined; 'process.entry_leader.attested_groups.name'?: string | undefined; 'process.entry_leader.attested_user.id'?: string | undefined; 'process.entry_leader.attested_user.name'?: string | undefined; 'process.entry_leader.command_line'?: string | undefined; 'process.entry_leader.entity_id'?: string | undefined; 'process.entry_leader.entry_meta.source.ip'?: string | undefined; 'process.entry_leader.entry_meta.type'?: string | undefined; 'process.entry_leader.executable'?: string | undefined; 'process.entry_leader.group.id'?: string | undefined; 'process.entry_leader.group.name'?: string | undefined; 'process.entry_leader.interactive'?: boolean | undefined; 'process.entry_leader.name'?: string | undefined; 'process.entry_leader.parent.entity_id'?: string | undefined; 'process.entry_leader.parent.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.entity_id'?: string | undefined; 'process.entry_leader.parent.session_leader.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.start'?: string | number | undefined; 'process.entry_leader.parent.start'?: string | number | undefined; 'process.entry_leader.pid'?: string | number | undefined; 'process.entry_leader.real_group.id'?: string | undefined; 'process.entry_leader.real_group.name'?: string | undefined; 'process.entry_leader.real_user.id'?: string | undefined; 'process.entry_leader.real_user.name'?: string | undefined; 'process.entry_leader.same_as_process'?: boolean | undefined; 'process.entry_leader.saved_group.id'?: string | undefined; 'process.entry_leader.saved_group.name'?: string | undefined; 'process.entry_leader.saved_user.id'?: string | undefined; 'process.entry_leader.saved_user.name'?: string | undefined; 'process.entry_leader.start'?: string | number | undefined; 'process.entry_leader.supplemental_groups.id'?: string | undefined; 'process.entry_leader.supplemental_groups.name'?: string | undefined; 'process.entry_leader.tty'?: unknown; 'process.entry_leader.user.id'?: string | undefined; 'process.entry_leader.user.name'?: string | undefined; 'process.entry_leader.working_directory'?: string | undefined; 'process.env_vars'?: string[] | undefined; 'process.executable'?: string | undefined; 'process.exit_code'?: string | number | undefined; 'process.group_leader.args'?: string[] | undefined; 'process.group_leader.args_count'?: string | number | undefined; 'process.group_leader.command_line'?: string | undefined; 'process.group_leader.entity_id'?: string | undefined; 'process.group_leader.executable'?: string | undefined; 'process.group_leader.group.id'?: string | undefined; 'process.group_leader.group.name'?: string | undefined; 'process.group_leader.interactive'?: boolean | undefined; 'process.group_leader.name'?: string | undefined; 'process.group_leader.pid'?: string | number | undefined; 'process.group_leader.real_group.id'?: string | undefined; 'process.group_leader.real_group.name'?: string | undefined; 'process.group_leader.real_user.id'?: string | undefined; 'process.group_leader.real_user.name'?: string | undefined; 'process.group_leader.same_as_process'?: boolean | undefined; 'process.group_leader.saved_group.id'?: string | undefined; 'process.group_leader.saved_group.name'?: string | undefined; 'process.group_leader.saved_user.id'?: string | undefined; 'process.group_leader.saved_user.name'?: string | undefined; 'process.group_leader.start'?: string | number | undefined; 'process.group_leader.supplemental_groups.id'?: string | undefined; 'process.group_leader.supplemental_groups.name'?: string | undefined; 'process.group_leader.tty'?: unknown; 'process.group_leader.user.id'?: string | undefined; 'process.group_leader.user.name'?: string | undefined; 'process.group_leader.working_directory'?: string | undefined; 'process.hash.md5'?: string | undefined; 'process.hash.sha1'?: string | undefined; 'process.hash.sha256'?: string | undefined; 'process.hash.sha384'?: string | undefined; 'process.hash.sha512'?: string | undefined; 'process.hash.ssdeep'?: string | undefined; 'process.hash.tlsh'?: string | undefined; 'process.interactive'?: boolean | undefined; 'process.io'?: unknown; 'process.name'?: string | undefined; 'process.parent.args'?: string[] | undefined; 'process.parent.args_count'?: string | number | undefined; 'process.parent.code_signature.digest_algorithm'?: string | undefined; 'process.parent.code_signature.exists'?: boolean | undefined; 'process.parent.code_signature.signing_id'?: string | undefined; 'process.parent.code_signature.status'?: string | undefined; 'process.parent.code_signature.subject_name'?: string | undefined; 'process.parent.code_signature.team_id'?: string | undefined; 'process.parent.code_signature.timestamp'?: string | number | undefined; 'process.parent.code_signature.trusted'?: boolean | undefined; 'process.parent.code_signature.valid'?: boolean | undefined; 'process.parent.command_line'?: string | undefined; 'process.parent.elf.architecture'?: string | undefined; 'process.parent.elf.byte_order'?: string | undefined; 'process.parent.elf.cpu_type'?: string | undefined; 'process.parent.elf.creation_date'?: string | number | undefined; 'process.parent.elf.exports'?: unknown[] | undefined; 'process.parent.elf.header.abi_version'?: string | undefined; 'process.parent.elf.header.class'?: string | undefined; 'process.parent.elf.header.data'?: string | undefined; 'process.parent.elf.header.entrypoint'?: string | number | undefined; 'process.parent.elf.header.object_version'?: string | undefined; 'process.parent.elf.header.os_abi'?: string | undefined; 'process.parent.elf.header.type'?: string | undefined; 'process.parent.elf.header.version'?: string | undefined; 'process.parent.elf.imports'?: unknown[] | undefined; 'process.parent.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.parent.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.parent.elf.shared_libraries'?: string[] | undefined; 'process.parent.elf.telfhash'?: string | undefined; 'process.parent.end'?: string | number | undefined; 'process.parent.entity_id'?: string | undefined; 'process.parent.executable'?: string | undefined; 'process.parent.exit_code'?: string | number | undefined; 'process.parent.group.id'?: string | undefined; 'process.parent.group.name'?: string | undefined; 'process.parent.group_leader.entity_id'?: string | undefined; 'process.parent.group_leader.pid'?: string | number | undefined; 'process.parent.group_leader.start'?: string | number | undefined; 'process.parent.hash.md5'?: string | undefined; 'process.parent.hash.sha1'?: string | undefined; 'process.parent.hash.sha256'?: string | undefined; 'process.parent.hash.sha384'?: string | undefined; 'process.parent.hash.sha512'?: string | undefined; 'process.parent.hash.ssdeep'?: string | undefined; 'process.parent.hash.tlsh'?: string | undefined; 'process.parent.interactive'?: boolean | undefined; 'process.parent.name'?: string | undefined; 'process.parent.pe.architecture'?: string | undefined; 'process.parent.pe.company'?: string | undefined; 'process.parent.pe.description'?: string | undefined; 'process.parent.pe.file_version'?: string | undefined; 'process.parent.pe.imphash'?: string | undefined; 'process.parent.pe.original_file_name'?: string | undefined; 'process.parent.pe.pehash'?: string | undefined; 'process.parent.pe.product'?: string | undefined; 'process.parent.pgid'?: string | number | undefined; 'process.parent.pid'?: string | number | undefined; 'process.parent.real_group.id'?: string | undefined; 'process.parent.real_group.name'?: string | undefined; 'process.parent.real_user.id'?: string | undefined; 'process.parent.real_user.name'?: string | undefined; 'process.parent.saved_group.id'?: string | undefined; 'process.parent.saved_group.name'?: string | undefined; 'process.parent.saved_user.id'?: string | undefined; 'process.parent.saved_user.name'?: string | undefined; 'process.parent.start'?: string | number | undefined; 'process.parent.supplemental_groups.id'?: string | undefined; 'process.parent.supplemental_groups.name'?: string | undefined; 'process.parent.thread.id'?: string | number | undefined; 'process.parent.thread.name'?: string | undefined; 'process.parent.title'?: string | undefined; 'process.parent.tty'?: unknown; 'process.parent.uptime'?: string | number | undefined; 'process.parent.user.id'?: string | undefined; 'process.parent.user.name'?: string | undefined; 'process.parent.working_directory'?: string | undefined; 'process.pe.architecture'?: string | undefined; 'process.pe.company'?: string | undefined; 'process.pe.description'?: string | undefined; 'process.pe.file_version'?: string | undefined; 'process.pe.imphash'?: string | undefined; 'process.pe.original_file_name'?: string | undefined; 'process.pe.pehash'?: string | undefined; 'process.pe.product'?: string | undefined; 'process.pgid'?: string | number | undefined; 'process.pid'?: string | number | undefined; 'process.previous.args'?: string[] | undefined; 'process.previous.args_count'?: string | number | undefined; 'process.previous.executable'?: string | undefined; 'process.real_group.id'?: string | undefined; 'process.real_group.name'?: string | undefined; 'process.real_user.id'?: string | undefined; 'process.real_user.name'?: string | undefined; 'process.saved_group.id'?: string | undefined; 'process.saved_group.name'?: string | undefined; 'process.saved_user.id'?: string | undefined; 'process.saved_user.name'?: string | undefined; 'process.session_leader.args'?: string[] | undefined; 'process.session_leader.args_count'?: string | number | undefined; 'process.session_leader.command_line'?: string | undefined; 'process.session_leader.entity_id'?: string | undefined; 'process.session_leader.executable'?: string | undefined; 'process.session_leader.group.id'?: string | undefined; 'process.session_leader.group.name'?: string | undefined; 'process.session_leader.interactive'?: boolean | undefined; 'process.session_leader.name'?: string | undefined; 'process.session_leader.parent.entity_id'?: string | undefined; 'process.session_leader.parent.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.entity_id'?: string | undefined; 'process.session_leader.parent.session_leader.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.start'?: string | number | undefined; 'process.session_leader.parent.start'?: string | number | undefined; 'process.session_leader.pid'?: string | number | undefined; 'process.session_leader.real_group.id'?: string | undefined; 'process.session_leader.real_group.name'?: string | undefined; 'process.session_leader.real_user.id'?: string | undefined; 'process.session_leader.real_user.name'?: string | undefined; 'process.session_leader.same_as_process'?: boolean | undefined; 'process.session_leader.saved_group.id'?: string | undefined; 'process.session_leader.saved_group.name'?: string | undefined; 'process.session_leader.saved_user.id'?: string | undefined; 'process.session_leader.saved_user.name'?: string | undefined; 'process.session_leader.start'?: string | number | undefined; 'process.session_leader.supplemental_groups.id'?: string | undefined; 'process.session_leader.supplemental_groups.name'?: string | undefined; 'process.session_leader.tty'?: unknown; 'process.session_leader.user.id'?: string | undefined; 'process.session_leader.user.name'?: string | undefined; 'process.session_leader.working_directory'?: string | undefined; 'process.start'?: string | number | undefined; 'process.supplemental_groups.id'?: string | undefined; 'process.supplemental_groups.name'?: string | undefined; 'process.thread.id'?: string | number | undefined; 'process.thread.name'?: string | undefined; 'process.title'?: string | undefined; 'process.tty'?: unknown; 'process.uptime'?: string | number | undefined; 'process.user.id'?: string | undefined; 'process.user.name'?: string | undefined; 'process.working_directory'?: string | undefined; 'registry.data.bytes'?: string | undefined; 'registry.data.strings'?: string[] | undefined; 'registry.data.type'?: string | undefined; 'registry.hive'?: string | undefined; 'registry.key'?: string | undefined; 'registry.path'?: string | undefined; 'registry.value'?: string | undefined; 'related.hash'?: string[] | undefined; 'related.hosts'?: string[] | undefined; 'related.ip'?: string[] | undefined; 'related.user'?: string[] | undefined; 'rule.author'?: string[] | undefined; 'rule.category'?: string | undefined; 'rule.description'?: string | undefined; 'rule.id'?: string | undefined; 'rule.license'?: string | undefined; 'rule.name'?: string | undefined; 'rule.reference'?: string | undefined; 'rule.ruleset'?: string | undefined; 'rule.uuid'?: string | undefined; 'rule.version'?: string | undefined; 'server.address'?: string | undefined; 'server.as.number'?: string | number | undefined; 'server.as.organization.name'?: string | undefined; 'server.bytes'?: string | number | undefined; 'server.domain'?: string | undefined; 'server.geo.city_name'?: string | undefined; 'server.geo.continent_code'?: string | undefined; 'server.geo.continent_name'?: string | undefined; 'server.geo.country_iso_code'?: string | undefined; 'server.geo.country_name'?: string | undefined; 'server.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'server.geo.name'?: string | undefined; 'server.geo.postal_code'?: string | undefined; 'server.geo.region_iso_code'?: string | undefined; 'server.geo.region_name'?: string | undefined; 'server.geo.timezone'?: string | undefined; 'server.ip'?: string | undefined; 'server.mac'?: string | undefined; 'server.nat.ip'?: string | undefined; 'server.nat.port'?: string | number | undefined; 'server.packets'?: string | number | undefined; 'server.port'?: string | number | undefined; 'server.registered_domain'?: string | undefined; 'server.subdomain'?: string | undefined; 'server.top_level_domain'?: string | undefined; 'server.user.domain'?: string | undefined; 'server.user.email'?: string | undefined; 'server.user.full_name'?: string | undefined; 'server.user.group.domain'?: string | undefined; 'server.user.group.id'?: string | undefined; 'server.user.group.name'?: string | undefined; 'server.user.hash'?: string | undefined; 'server.user.id'?: string | undefined; 'server.user.name'?: string | undefined; 'server.user.roles'?: string[] | undefined; 'service.address'?: string | undefined; 'service.environment'?: string | undefined; 'service.ephemeral_id'?: string | undefined; 'service.id'?: string | undefined; 'service.name'?: string | undefined; 'service.node.name'?: string | undefined; 'service.node.role'?: string | undefined; 'service.node.roles'?: string[] | undefined; 'service.origin.address'?: string | undefined; 'service.origin.environment'?: string | undefined; 'service.origin.ephemeral_id'?: string | undefined; 'service.origin.id'?: string | undefined; 'service.origin.name'?: string | undefined; 'service.origin.node.name'?: string | undefined; 'service.origin.node.role'?: string | undefined; 'service.origin.node.roles'?: string[] | undefined; 'service.origin.state'?: string | undefined; 'service.origin.type'?: string | undefined; 'service.origin.version'?: string | undefined; 'service.state'?: string | undefined; 'service.target.address'?: string | undefined; 'service.target.environment'?: string | undefined; 'service.target.ephemeral_id'?: string | undefined; 'service.target.id'?: string | undefined; 'service.target.name'?: string | undefined; 'service.target.node.name'?: string | undefined; 'service.target.node.role'?: string | undefined; 'service.target.node.roles'?: string[] | undefined; 'service.target.state'?: string | undefined; 'service.target.type'?: string | undefined; 'service.target.version'?: string | undefined; 'service.type'?: string | undefined; 'service.version'?: string | undefined; 'source.address'?: string | undefined; 'source.as.number'?: string | number | undefined; 'source.as.organization.name'?: string | undefined; 'source.bytes'?: string | number | undefined; 'source.domain'?: string | undefined; 'source.geo.city_name'?: string | undefined; 'source.geo.continent_code'?: string | undefined; 'source.geo.continent_name'?: string | undefined; 'source.geo.country_iso_code'?: string | undefined; 'source.geo.country_name'?: string | undefined; 'source.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'source.geo.name'?: string | undefined; 'source.geo.postal_code'?: string | undefined; 'source.geo.region_iso_code'?: string | undefined; 'source.geo.region_name'?: string | undefined; 'source.geo.timezone'?: string | undefined; 'source.ip'?: string | undefined; 'source.mac'?: string | undefined; 'source.nat.ip'?: string | undefined; 'source.nat.port'?: string | number | undefined; 'source.packets'?: string | number | undefined; 'source.port'?: string | number | undefined; 'source.registered_domain'?: string | undefined; 'source.subdomain'?: string | undefined; 'source.top_level_domain'?: string | undefined; 'source.user.domain'?: string | undefined; 'source.user.email'?: string | undefined; 'source.user.full_name'?: string | undefined; 'source.user.group.domain'?: string | undefined; 'source.user.group.id'?: string | undefined; 'source.user.group.name'?: string | undefined; 'source.user.hash'?: string | undefined; 'source.user.id'?: string | undefined; 'source.user.name'?: string | undefined; 'source.user.roles'?: string[] | undefined; 'span.id'?: string | undefined; tags?: string[] | undefined; 'threat.enrichments'?: { indicator?: unknown; 'matched.atomic'?: string | undefined; 'matched.field'?: string | undefined; 'matched.id'?: string | undefined; 'matched.index'?: string | undefined; 'matched.occurred'?: string | number | undefined; 'matched.type'?: string | undefined; }[] | undefined; 'threat.feed.dashboard_id'?: string | undefined; 'threat.feed.description'?: string | undefined; 'threat.feed.name'?: string | undefined; 'threat.feed.reference'?: string | undefined; 'threat.framework'?: string | undefined; 'threat.group.alias'?: string[] | undefined; 'threat.group.id'?: string | undefined; 'threat.group.name'?: string | undefined; 'threat.group.reference'?: string | undefined; 'threat.indicator.as.number'?: string | number | undefined; 'threat.indicator.as.organization.name'?: string | undefined; 'threat.indicator.confidence'?: string | undefined; 'threat.indicator.description'?: string | undefined; 'threat.indicator.email.address'?: string | undefined; 'threat.indicator.file.accessed'?: string | number | undefined; 'threat.indicator.file.attributes'?: string[] | undefined; 'threat.indicator.file.code_signature.digest_algorithm'?: string | undefined; 'threat.indicator.file.code_signature.exists'?: boolean | undefined; 'threat.indicator.file.code_signature.signing_id'?: string | undefined; 'threat.indicator.file.code_signature.status'?: string | undefined; 'threat.indicator.file.code_signature.subject_name'?: string | undefined; 'threat.indicator.file.code_signature.team_id'?: string | undefined; 'threat.indicator.file.code_signature.timestamp'?: string | number | undefined; 'threat.indicator.file.code_signature.trusted'?: boolean | undefined; 'threat.indicator.file.code_signature.valid'?: boolean | undefined; 'threat.indicator.file.created'?: string | number | undefined; 'threat.indicator.file.ctime'?: string | number | undefined; 'threat.indicator.file.device'?: string | undefined; 'threat.indicator.file.directory'?: string | undefined; 'threat.indicator.file.drive_letter'?: string | undefined; 'threat.indicator.file.elf.architecture'?: string | undefined; 'threat.indicator.file.elf.byte_order'?: string | undefined; 'threat.indicator.file.elf.cpu_type'?: string | undefined; 'threat.indicator.file.elf.creation_date'?: string | number | undefined; 'threat.indicator.file.elf.exports'?: unknown[] | undefined; 'threat.indicator.file.elf.header.abi_version'?: string | undefined; 'threat.indicator.file.elf.header.class'?: string | undefined; 'threat.indicator.file.elf.header.data'?: string | undefined; 'threat.indicator.file.elf.header.entrypoint'?: string | number | undefined; 'threat.indicator.file.elf.header.object_version'?: string | undefined; 'threat.indicator.file.elf.header.os_abi'?: string | undefined; 'threat.indicator.file.elf.header.type'?: string | undefined; 'threat.indicator.file.elf.header.version'?: string | undefined; 'threat.indicator.file.elf.imports'?: unknown[] | undefined; 'threat.indicator.file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'threat.indicator.file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'threat.indicator.file.elf.shared_libraries'?: string[] | undefined; 'threat.indicator.file.elf.telfhash'?: string | undefined; 'threat.indicator.file.extension'?: string | undefined; 'threat.indicator.file.fork_name'?: string | undefined; 'threat.indicator.file.gid'?: string | undefined; 'threat.indicator.file.group'?: string | undefined; 'threat.indicator.file.hash.md5'?: string | undefined; 'threat.indicator.file.hash.sha1'?: string | undefined; 'threat.indicator.file.hash.sha256'?: string | undefined; 'threat.indicator.file.hash.sha384'?: string | undefined; 'threat.indicator.file.hash.sha512'?: string | undefined; 'threat.indicator.file.hash.ssdeep'?: string | undefined; 'threat.indicator.file.hash.tlsh'?: string | undefined; 'threat.indicator.file.inode'?: string | undefined; 'threat.indicator.file.mime_type'?: string | undefined; 'threat.indicator.file.mode'?: string | undefined; 'threat.indicator.file.mtime'?: string | number | undefined; 'threat.indicator.file.name'?: string | undefined; 'threat.indicator.file.owner'?: string | undefined; 'threat.indicator.file.path'?: string | undefined; 'threat.indicator.file.pe.architecture'?: string | undefined; 'threat.indicator.file.pe.company'?: string | undefined; 'threat.indicator.file.pe.description'?: string | undefined; 'threat.indicator.file.pe.file_version'?: string | undefined; 'threat.indicator.file.pe.imphash'?: string | undefined; 'threat.indicator.file.pe.original_file_name'?: string | undefined; 'threat.indicator.file.pe.pehash'?: string | undefined; 'threat.indicator.file.pe.product'?: string | undefined; 'threat.indicator.file.size'?: string | number | undefined; 'threat.indicator.file.target_path'?: string | undefined; 'threat.indicator.file.type'?: string | undefined; 'threat.indicator.file.uid'?: string | undefined; 'threat.indicator.file.x509.alternative_names'?: string[] | undefined; 'threat.indicator.file.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.file.x509.issuer.country'?: string[] | undefined; 'threat.indicator.file.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.not_after'?: string | number | undefined; 'threat.indicator.file.x509.not_before'?: string | number | undefined; 'threat.indicator.file.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.file.x509.public_key_curve'?: string | undefined; 'threat.indicator.file.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.file.x509.public_key_size'?: string | number | undefined; 'threat.indicator.file.x509.serial_number'?: string | undefined; 'threat.indicator.file.x509.signature_algorithm'?: string | undefined; 'threat.indicator.file.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.file.x509.subject.country'?: string[] | undefined; 'threat.indicator.file.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.subject.locality'?: string[] | undefined; 'threat.indicator.file.x509.subject.organization'?: string[] | undefined; 'threat.indicator.file.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.version_number'?: string | undefined; 'threat.indicator.first_seen'?: string | number | undefined; 'threat.indicator.geo.city_name'?: string | undefined; 'threat.indicator.geo.continent_code'?: string | undefined; 'threat.indicator.geo.continent_name'?: string | undefined; 'threat.indicator.geo.country_iso_code'?: string | undefined; 'threat.indicator.geo.country_name'?: string | undefined; 'threat.indicator.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'threat.indicator.geo.name'?: string | undefined; 'threat.indicator.geo.postal_code'?: string | undefined; 'threat.indicator.geo.region_iso_code'?: string | undefined; 'threat.indicator.geo.region_name'?: string | undefined; 'threat.indicator.geo.timezone'?: string | undefined; 'threat.indicator.ip'?: string | undefined; 'threat.indicator.last_seen'?: string | number | undefined; 'threat.indicator.marking.tlp'?: string | undefined; 'threat.indicator.marking.tlp_version'?: string | undefined; 'threat.indicator.modified_at'?: string | number | undefined; 'threat.indicator.port'?: string | number | undefined; 'threat.indicator.provider'?: string | undefined; 'threat.indicator.reference'?: string | undefined; 'threat.indicator.registry.data.bytes'?: string | undefined; 'threat.indicator.registry.data.strings'?: string[] | undefined; 'threat.indicator.registry.data.type'?: string | undefined; 'threat.indicator.registry.hive'?: string | undefined; 'threat.indicator.registry.key'?: string | undefined; 'threat.indicator.registry.path'?: string | undefined; 'threat.indicator.registry.value'?: string | undefined; 'threat.indicator.scanner_stats'?: string | number | undefined; 'threat.indicator.sightings'?: string | number | undefined; 'threat.indicator.type'?: string | undefined; 'threat.indicator.url.domain'?: string | undefined; 'threat.indicator.url.extension'?: string | undefined; 'threat.indicator.url.fragment'?: string | undefined; 'threat.indicator.url.full'?: string | undefined; 'threat.indicator.url.original'?: string | undefined; 'threat.indicator.url.password'?: string | undefined; 'threat.indicator.url.path'?: string | undefined; 'threat.indicator.url.port'?: string | number | undefined; 'threat.indicator.url.query'?: string | undefined; 'threat.indicator.url.registered_domain'?: string | undefined; 'threat.indicator.url.scheme'?: string | undefined; 'threat.indicator.url.subdomain'?: string | undefined; 'threat.indicator.url.top_level_domain'?: string | undefined; 'threat.indicator.url.username'?: string | undefined; 'threat.indicator.x509.alternative_names'?: string[] | undefined; 'threat.indicator.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.x509.issuer.country'?: string[] | undefined; 'threat.indicator.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.x509.not_after'?: string | number | undefined; 'threat.indicator.x509.not_before'?: string | number | undefined; 'threat.indicator.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.x509.public_key_curve'?: string | undefined; 'threat.indicator.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.x509.public_key_size'?: string | number | undefined; 'threat.indicator.x509.serial_number'?: string | undefined; 'threat.indicator.x509.signature_algorithm'?: string | undefined; 'threat.indicator.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.x509.subject.country'?: string[] | undefined; 'threat.indicator.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.x509.subject.locality'?: string[] | undefined; 'threat.indicator.x509.subject.organization'?: string[] | undefined; 'threat.indicator.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.x509.version_number'?: string | undefined; 'threat.software.alias'?: string[] | undefined; 'threat.software.id'?: string | undefined; 'threat.software.name'?: string | undefined; 'threat.software.platforms'?: string[] | undefined; 'threat.software.reference'?: string | undefined; 'threat.software.type'?: string | undefined; 'threat.tactic.id'?: string[] | undefined; 'threat.tactic.name'?: string[] | undefined; 'threat.tactic.reference'?: string[] | undefined; 'threat.technique.id'?: string[] | undefined; 'threat.technique.name'?: string[] | undefined; 'threat.technique.reference'?: string[] | undefined; 'threat.technique.subtechnique.id'?: string[] | undefined; 'threat.technique.subtechnique.name'?: string[] | undefined; 'threat.technique.subtechnique.reference'?: string[] | undefined; 'tls.cipher'?: string | undefined; 'tls.client.certificate'?: string | undefined; 'tls.client.certificate_chain'?: string[] | undefined; 'tls.client.hash.md5'?: string | undefined; 'tls.client.hash.sha1'?: string | undefined; 'tls.client.hash.sha256'?: string | undefined; 'tls.client.issuer'?: string | undefined; 'tls.client.ja3'?: string | undefined; 'tls.client.not_after'?: string | number | undefined; 'tls.client.not_before'?: string | number | undefined; 'tls.client.server_name'?: string | undefined; 'tls.client.subject'?: string | undefined; 'tls.client.supported_ciphers'?: string[] | undefined; 'tls.client.x509.alternative_names'?: string[] | undefined; 'tls.client.x509.issuer.common_name'?: string[] | undefined; 'tls.client.x509.issuer.country'?: string[] | undefined; 'tls.client.x509.issuer.distinguished_name'?: string | undefined; 'tls.client.x509.issuer.locality'?: string[] | undefined; 'tls.client.x509.issuer.organization'?: string[] | undefined; 'tls.client.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.client.x509.issuer.state_or_province'?: string[] | undefined; 'tls.client.x509.not_after'?: string | number | undefined; 'tls.client.x509.not_before'?: string | number | undefined; 'tls.client.x509.public_key_algorithm'?: string | undefined; 'tls.client.x509.public_key_curve'?: string | undefined; 'tls.client.x509.public_key_exponent'?: string | number | undefined; 'tls.client.x509.public_key_size'?: string | number | undefined; 'tls.client.x509.serial_number'?: string | undefined; 'tls.client.x509.signature_algorithm'?: string | undefined; 'tls.client.x509.subject.common_name'?: string[] | undefined; 'tls.client.x509.subject.country'?: string[] | undefined; 'tls.client.x509.subject.distinguished_name'?: string | undefined; 'tls.client.x509.subject.locality'?: string[] | undefined; 'tls.client.x509.subject.organization'?: string[] | undefined; 'tls.client.x509.subject.organizational_unit'?: string[] | undefined; 'tls.client.x509.subject.state_or_province'?: string[] | undefined; 'tls.client.x509.version_number'?: string | undefined; 'tls.curve'?: string | undefined; 'tls.established'?: boolean | undefined; 'tls.next_protocol'?: string | undefined; 'tls.resumed'?: boolean | undefined; 'tls.server.certificate'?: string | undefined; 'tls.server.certificate_chain'?: string[] | undefined; 'tls.server.hash.md5'?: string | undefined; 'tls.server.hash.sha1'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.issuer'?: string | undefined; 'tls.server.ja3s'?: string | undefined; 'tls.server.not_after'?: string | number | undefined; 'tls.server.not_before'?: string | number | undefined; 'tls.server.subject'?: string | undefined; 'tls.server.x509.alternative_names'?: string[] | undefined; 'tls.server.x509.issuer.common_name'?: string[] | undefined; 'tls.server.x509.issuer.country'?: string[] | undefined; 'tls.server.x509.issuer.distinguished_name'?: string | undefined; 'tls.server.x509.issuer.locality'?: string[] | undefined; 'tls.server.x509.issuer.organization'?: string[] | undefined; 'tls.server.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.server.x509.issuer.state_or_province'?: string[] | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.public_key_algorithm'?: string | undefined; 'tls.server.x509.public_key_curve'?: string | undefined; 'tls.server.x509.public_key_exponent'?: string | number | undefined; 'tls.server.x509.public_key_size'?: string | number | undefined; 'tls.server.x509.serial_number'?: string | undefined; 'tls.server.x509.signature_algorithm'?: string | undefined; 'tls.server.x509.subject.common_name'?: string[] | undefined; 'tls.server.x509.subject.country'?: string[] | undefined; 'tls.server.x509.subject.distinguished_name'?: string | undefined; 'tls.server.x509.subject.locality'?: string[] | undefined; 'tls.server.x509.subject.organization'?: string[] | undefined; 'tls.server.x509.subject.organizational_unit'?: string[] | undefined; 'tls.server.x509.subject.state_or_province'?: string[] | undefined; 'tls.server.x509.version_number'?: string | undefined; 'tls.version'?: string | undefined; 'tls.version_protocol'?: string | undefined; 'trace.id'?: string | undefined; 'transaction.id'?: string | undefined; 'url.domain'?: string | undefined; 'url.extension'?: string | undefined; 'url.fragment'?: string | undefined; 'url.full'?: string | undefined; 'url.original'?: string | undefined; 'url.password'?: string | undefined; 'url.path'?: string | undefined; 'url.port'?: string | number | undefined; 'url.query'?: string | undefined; 'url.registered_domain'?: string | undefined; 'url.scheme'?: string | undefined; 'url.subdomain'?: string | undefined; 'url.top_level_domain'?: string | undefined; 'url.username'?: string | undefined; 'user.changes.domain'?: string | undefined; 'user.changes.email'?: string | undefined; 'user.changes.full_name'?: string | undefined; 'user.changes.group.domain'?: string | undefined; 'user.changes.group.id'?: string | undefined; 'user.changes.group.name'?: string | undefined; 'user.changes.hash'?: string | undefined; 'user.changes.id'?: string | undefined; 'user.changes.name'?: string | undefined; 'user.changes.roles'?: string[] | undefined; 'user.domain'?: string | undefined; 'user.effective.domain'?: string | undefined; 'user.effective.email'?: string | undefined; 'user.effective.full_name'?: string | undefined; 'user.effective.group.domain'?: string | undefined; 'user.effective.group.id'?: string | undefined; 'user.effective.group.name'?: string | undefined; 'user.effective.hash'?: string | undefined; 'user.effective.id'?: string | undefined; 'user.effective.name'?: string | undefined; 'user.effective.roles'?: string[] | undefined; 'user.email'?: string | undefined; 'user.full_name'?: string | undefined; 'user.group.domain'?: string | undefined; 'user.group.id'?: string | undefined; 'user.group.name'?: string | undefined; 'user.hash'?: string | undefined; 'user.id'?: string | undefined; 'user.name'?: string | undefined; 'user.risk.calculated_level'?: string | undefined; 'user.risk.calculated_score'?: number | undefined; 'user.risk.calculated_score_norm'?: number | undefined; 'user.risk.static_level'?: string | undefined; 'user.risk.static_score'?: number | undefined; 'user.risk.static_score_norm'?: number | undefined; 'user.roles'?: string[] | undefined; 'user.target.domain'?: string | undefined; 'user.target.email'?: string | undefined; 'user.target.full_name'?: string | undefined; 'user.target.group.domain'?: string | undefined; 'user.target.group.id'?: string | undefined; 'user.target.group.name'?: string | undefined; 'user.target.hash'?: string | undefined; 'user.target.id'?: string | undefined; 'user.target.name'?: string | undefined; 'user.target.roles'?: string[] | undefined; 'user_agent.device.name'?: string | undefined; 'user_agent.name'?: string | undefined; 'user_agent.original'?: string | undefined; 'user_agent.os.family'?: string | undefined; 'user_agent.os.full'?: string | undefined; 'user_agent.os.kernel'?: string | undefined; 'user_agent.os.name'?: string | undefined; 'user_agent.os.platform'?: string | undefined; 'user_agent.os.type'?: string | undefined; 'user_agent.os.version'?: string | undefined; 'user_agent.version'?: string | undefined; 'vulnerability.category'?: string[] | undefined; 'vulnerability.classification'?: string | undefined; 'vulnerability.description'?: string | undefined; 'vulnerability.enumeration'?: string | undefined; 'vulnerability.id'?: string | undefined; 'vulnerability.reference'?: string | undefined; 'vulnerability.report_id'?: string | undefined; 'vulnerability.scanner.vendor'?: string | undefined; 'vulnerability.score.base'?: number | undefined; 'vulnerability.score.environmental'?: number | undefined; 'vulnerability.score.temporal'?: number | undefined; 'vulnerability.score.version'?: string | undefined; 'vulnerability.severity'?: string | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }) | ({ 'kibana.alert.job_id': string; } & { 'kibana.alert.anomaly_score'?: number | undefined; 'kibana.alert.anomaly_timestamp'?: string | number | undefined; 'kibana.alert.is_interim'?: boolean | undefined; 'kibana.alert.top_influencers'?: { influencer_field_name?: string | undefined; influencer_field_value?: string | undefined; influencer_score?: number | undefined; initial_influencer_score?: number | undefined; is_interim?: boolean | undefined; job_id?: string | undefined; timestamp?: string | number | undefined; }[] | undefined; 'kibana.alert.top_records'?: { actual?: number | undefined; by_field_name?: string | undefined; by_field_value?: string | undefined; detector_index?: number | undefined; field_name?: string | undefined; function?: string | undefined; initial_record_score?: number | undefined; is_interim?: boolean | undefined; job_id?: string | undefined; over_field_name?: string | undefined; over_field_value?: string | undefined; partition_field_name?: string | undefined; partition_field_value?: string | undefined; record_score?: number | undefined; timestamp?: string | number | undefined; typical?: number | undefined; }[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; })" ], "path": "packages/kbn-alerts-as-data-utils/src/schemas/index.ts", "deprecated": false, @@ -322,7 +322,7 @@ "label": "ObservabilityApmAlert", "description": [], "signature": [ - "{} & { 'agent.name'?: string | undefined; 'error.grouping_key'?: string | undefined; 'error.grouping_name'?: string | undefined; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'processor.event'?: string | undefined; 'service.environment'?: string | undefined; 'service.language.name'?: string | undefined; 'service.name'?: string | undefined; 'transaction.name'?: string | undefined; 'transaction.type'?: string | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }" + "{} & { 'agent.name'?: string | undefined; 'error.grouping_key'?: string | undefined; 'error.grouping_name'?: string | undefined; 'kibana.alert.context'?: unknown; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; labels?: unknown; 'processor.event'?: string | undefined; 'service.environment'?: string | undefined; 'service.language.name'?: string | undefined; 'service.name'?: string | undefined; 'transaction.name'?: string | undefined; 'transaction.type'?: string | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }" ], "path": "packages/kbn-alerts-as-data-utils/src/schemas/generated/observability_apm_schema.ts", "deprecated": false, @@ -337,7 +337,7 @@ "label": "ObservabilityLogsAlert", "description": [], "signature": [ - "{} & { 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'ecs.version': string; } & { 'agent.build.original'?: string | undefined; 'agent.ephemeral_id'?: string | undefined; 'agent.id'?: string | undefined; 'agent.name'?: string | undefined; 'agent.type'?: string | undefined; 'agent.version'?: string | undefined; 'client.address'?: string | undefined; 'client.as.number'?: string | number | undefined; 'client.as.organization.name'?: string | undefined; 'client.bytes'?: string | number | undefined; 'client.domain'?: string | undefined; 'client.geo.city_name'?: string | undefined; 'client.geo.continent_code'?: string | undefined; 'client.geo.continent_name'?: string | undefined; 'client.geo.country_iso_code'?: string | undefined; 'client.geo.country_name'?: string | undefined; 'client.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'client.geo.name'?: string | undefined; 'client.geo.postal_code'?: string | undefined; 'client.geo.region_iso_code'?: string | undefined; 'client.geo.region_name'?: string | undefined; 'client.geo.timezone'?: string | undefined; 'client.ip'?: string | undefined; 'client.mac'?: string | undefined; 'client.nat.ip'?: string | undefined; 'client.nat.port'?: string | number | undefined; 'client.packets'?: string | number | undefined; 'client.port'?: string | number | undefined; 'client.registered_domain'?: string | undefined; 'client.subdomain'?: string | undefined; 'client.top_level_domain'?: string | undefined; 'client.user.domain'?: string | undefined; 'client.user.email'?: string | undefined; 'client.user.full_name'?: string | undefined; 'client.user.group.domain'?: string | undefined; 'client.user.group.id'?: string | undefined; 'client.user.group.name'?: string | undefined; 'client.user.hash'?: string | undefined; 'client.user.id'?: string | undefined; 'client.user.name'?: string | undefined; 'client.user.roles'?: string[] | undefined; 'cloud.account.id'?: string | undefined; 'cloud.account.name'?: string | undefined; 'cloud.availability_zone'?: string | undefined; 'cloud.instance.id'?: string | undefined; 'cloud.instance.name'?: string | undefined; 'cloud.machine.type'?: string | undefined; 'cloud.origin.account.id'?: string | undefined; 'cloud.origin.account.name'?: string | undefined; 'cloud.origin.availability_zone'?: string | undefined; 'cloud.origin.instance.id'?: string | undefined; 'cloud.origin.instance.name'?: string | undefined; 'cloud.origin.machine.type'?: string | undefined; 'cloud.origin.project.id'?: string | undefined; 'cloud.origin.project.name'?: string | undefined; 'cloud.origin.provider'?: string | undefined; 'cloud.origin.region'?: string | undefined; 'cloud.origin.service.name'?: string | undefined; 'cloud.project.id'?: string | undefined; 'cloud.project.name'?: string | undefined; 'cloud.provider'?: string | undefined; 'cloud.region'?: string | undefined; 'cloud.service.name'?: string | undefined; 'cloud.target.account.id'?: string | undefined; 'cloud.target.account.name'?: string | undefined; 'cloud.target.availability_zone'?: string | undefined; 'cloud.target.instance.id'?: string | undefined; 'cloud.target.instance.name'?: string | undefined; 'cloud.target.machine.type'?: string | undefined; 'cloud.target.project.id'?: string | undefined; 'cloud.target.project.name'?: string | undefined; 'cloud.target.provider'?: string | undefined; 'cloud.target.region'?: string | undefined; 'cloud.target.service.name'?: string | undefined; 'container.cpu.usage'?: string | number | undefined; 'container.disk.read.bytes'?: string | number | undefined; 'container.disk.write.bytes'?: string | number | undefined; 'container.id'?: string | undefined; 'container.image.hash.all'?: string[] | undefined; 'container.image.name'?: string | undefined; 'container.image.tag'?: string[] | undefined; 'container.memory.usage'?: string | number | undefined; 'container.name'?: string | undefined; 'container.network.egress.bytes'?: string | number | undefined; 'container.network.ingress.bytes'?: string | number | undefined; 'container.runtime'?: string | undefined; 'destination.address'?: string | undefined; 'destination.as.number'?: string | number | undefined; 'destination.as.organization.name'?: string | undefined; 'destination.bytes'?: string | number | undefined; 'destination.domain'?: string | undefined; 'destination.geo.city_name'?: string | undefined; 'destination.geo.continent_code'?: string | undefined; 'destination.geo.continent_name'?: string | undefined; 'destination.geo.country_iso_code'?: string | undefined; 'destination.geo.country_name'?: string | undefined; 'destination.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'destination.geo.name'?: string | undefined; 'destination.geo.postal_code'?: string | undefined; 'destination.geo.region_iso_code'?: string | undefined; 'destination.geo.region_name'?: string | undefined; 'destination.geo.timezone'?: string | undefined; 'destination.ip'?: string | undefined; 'destination.mac'?: string | undefined; 'destination.nat.ip'?: string | undefined; 'destination.nat.port'?: string | number | undefined; 'destination.packets'?: string | number | undefined; 'destination.port'?: string | number | undefined; 'destination.registered_domain'?: string | undefined; 'destination.subdomain'?: string | undefined; 'destination.top_level_domain'?: string | undefined; 'destination.user.domain'?: string | undefined; 'destination.user.email'?: string | undefined; 'destination.user.full_name'?: string | undefined; 'destination.user.group.domain'?: string | undefined; 'destination.user.group.id'?: string | undefined; 'destination.user.group.name'?: string | undefined; 'destination.user.hash'?: string | undefined; 'destination.user.id'?: string | undefined; 'destination.user.name'?: string | undefined; 'destination.user.roles'?: string[] | undefined; 'device.id'?: string | undefined; 'device.manufacturer'?: string | undefined; 'device.model.identifier'?: string | undefined; 'device.model.name'?: string | undefined; 'dll.code_signature.digest_algorithm'?: string | undefined; 'dll.code_signature.exists'?: boolean | undefined; 'dll.code_signature.signing_id'?: string | undefined; 'dll.code_signature.status'?: string | undefined; 'dll.code_signature.subject_name'?: string | undefined; 'dll.code_signature.team_id'?: string | undefined; 'dll.code_signature.timestamp'?: string | number | undefined; 'dll.code_signature.trusted'?: boolean | undefined; 'dll.code_signature.valid'?: boolean | undefined; 'dll.hash.md5'?: string | undefined; 'dll.hash.sha1'?: string | undefined; 'dll.hash.sha256'?: string | undefined; 'dll.hash.sha384'?: string | undefined; 'dll.hash.sha512'?: string | undefined; 'dll.hash.ssdeep'?: string | undefined; 'dll.hash.tlsh'?: string | undefined; 'dll.name'?: string | undefined; 'dll.path'?: string | undefined; 'dll.pe.architecture'?: string | undefined; 'dll.pe.company'?: string | undefined; 'dll.pe.description'?: string | undefined; 'dll.pe.file_version'?: string | undefined; 'dll.pe.imphash'?: string | undefined; 'dll.pe.original_file_name'?: string | undefined; 'dll.pe.pehash'?: string | undefined; 'dll.pe.product'?: string | undefined; 'dns.answers'?: { class?: string | undefined; data?: string | undefined; name?: string | undefined; ttl?: string | number | undefined; type?: string | undefined; }[] | undefined; 'dns.header_flags'?: string[] | undefined; 'dns.id'?: string | undefined; 'dns.op_code'?: string | undefined; 'dns.question.class'?: string | undefined; 'dns.question.name'?: string | undefined; 'dns.question.registered_domain'?: string | undefined; 'dns.question.subdomain'?: string | undefined; 'dns.question.top_level_domain'?: string | undefined; 'dns.question.type'?: string | undefined; 'dns.resolved_ip'?: string[] | undefined; 'dns.response_code'?: string | undefined; 'dns.type'?: string | undefined; 'email.attachments'?: { 'file.extension'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.name'?: string | undefined; 'file.size'?: string | number | undefined; }[] | undefined; 'email.bcc.address'?: string[] | undefined; 'email.cc.address'?: string[] | undefined; 'email.content_type'?: string | undefined; 'email.delivery_timestamp'?: string | number | undefined; 'email.direction'?: string | undefined; 'email.from.address'?: string[] | undefined; 'email.local_id'?: string | undefined; 'email.message_id'?: string | undefined; 'email.origination_timestamp'?: string | number | undefined; 'email.reply_to.address'?: string[] | undefined; 'email.sender.address'?: string | undefined; 'email.subject'?: string | undefined; 'email.to.address'?: string[] | undefined; 'email.x_mailer'?: string | undefined; 'error.code'?: string | undefined; 'error.id'?: string | undefined; 'error.message'?: string | undefined; 'error.stack_trace'?: string | undefined; 'error.type'?: string | undefined; 'event.action'?: string | undefined; 'event.agent_id_status'?: string | undefined; 'event.category'?: string[] | undefined; 'event.code'?: string | undefined; 'event.created'?: string | number | undefined; 'event.dataset'?: string | undefined; 'event.duration'?: string | number | undefined; 'event.end'?: string | number | undefined; 'event.hash'?: string | undefined; 'event.id'?: string | undefined; 'event.ingested'?: string | number | undefined; 'event.kind'?: string | undefined; 'event.module'?: string | undefined; 'event.original'?: string | undefined; 'event.outcome'?: string | undefined; 'event.provider'?: string | undefined; 'event.reason'?: string | undefined; 'event.reference'?: string | undefined; 'event.risk_score'?: number | undefined; 'event.risk_score_norm'?: number | undefined; 'event.sequence'?: string | number | undefined; 'event.severity'?: string | number | undefined; 'event.start'?: string | number | undefined; 'event.timezone'?: string | undefined; 'event.type'?: string[] | undefined; 'event.url'?: string | undefined; 'faas.coldstart'?: boolean | undefined; 'faas.execution'?: string | undefined; 'faas.id'?: string | undefined; 'faas.name'?: string | undefined; 'faas.version'?: string | undefined; 'file.accessed'?: string | number | undefined; 'file.attributes'?: string[] | undefined; 'file.code_signature.digest_algorithm'?: string | undefined; 'file.code_signature.exists'?: boolean | undefined; 'file.code_signature.signing_id'?: string | undefined; 'file.code_signature.status'?: string | undefined; 'file.code_signature.subject_name'?: string | undefined; 'file.code_signature.team_id'?: string | undefined; 'file.code_signature.timestamp'?: string | number | undefined; 'file.code_signature.trusted'?: boolean | undefined; 'file.code_signature.valid'?: boolean | undefined; 'file.created'?: string | number | undefined; 'file.ctime'?: string | number | undefined; 'file.device'?: string | undefined; 'file.directory'?: string | undefined; 'file.drive_letter'?: string | undefined; 'file.elf.architecture'?: string | undefined; 'file.elf.byte_order'?: string | undefined; 'file.elf.cpu_type'?: string | undefined; 'file.elf.creation_date'?: string | number | undefined; 'file.elf.exports'?: unknown[] | undefined; 'file.elf.header.abi_version'?: string | undefined; 'file.elf.header.class'?: string | undefined; 'file.elf.header.data'?: string | undefined; 'file.elf.header.entrypoint'?: string | number | undefined; 'file.elf.header.object_version'?: string | undefined; 'file.elf.header.os_abi'?: string | undefined; 'file.elf.header.type'?: string | undefined; 'file.elf.header.version'?: string | undefined; 'file.elf.imports'?: unknown[] | undefined; 'file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'file.elf.shared_libraries'?: string[] | undefined; 'file.elf.telfhash'?: string | undefined; 'file.extension'?: string | undefined; 'file.fork_name'?: string | undefined; 'file.gid'?: string | undefined; 'file.group'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.inode'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.mode'?: string | undefined; 'file.mtime'?: string | number | undefined; 'file.name'?: string | undefined; 'file.owner'?: string | undefined; 'file.path'?: string | undefined; 'file.pe.architecture'?: string | undefined; 'file.pe.company'?: string | undefined; 'file.pe.description'?: string | undefined; 'file.pe.file_version'?: string | undefined; 'file.pe.imphash'?: string | undefined; 'file.pe.original_file_name'?: string | undefined; 'file.pe.pehash'?: string | undefined; 'file.pe.product'?: string | undefined; 'file.size'?: string | number | undefined; 'file.target_path'?: string | undefined; 'file.type'?: string | undefined; 'file.uid'?: string | undefined; 'file.x509.alternative_names'?: string[] | undefined; 'file.x509.issuer.common_name'?: string[] | undefined; 'file.x509.issuer.country'?: string[] | undefined; 'file.x509.issuer.distinguished_name'?: string | undefined; 'file.x509.issuer.locality'?: string[] | undefined; 'file.x509.issuer.organization'?: string[] | undefined; 'file.x509.issuer.organizational_unit'?: string[] | undefined; 'file.x509.issuer.state_or_province'?: string[] | undefined; 'file.x509.not_after'?: string | number | undefined; 'file.x509.not_before'?: string | number | undefined; 'file.x509.public_key_algorithm'?: string | undefined; 'file.x509.public_key_curve'?: string | undefined; 'file.x509.public_key_exponent'?: string | number | undefined; 'file.x509.public_key_size'?: string | number | undefined; 'file.x509.serial_number'?: string | undefined; 'file.x509.signature_algorithm'?: string | undefined; 'file.x509.subject.common_name'?: string[] | undefined; 'file.x509.subject.country'?: string[] | undefined; 'file.x509.subject.distinguished_name'?: string | undefined; 'file.x509.subject.locality'?: string[] | undefined; 'file.x509.subject.organization'?: string[] | undefined; 'file.x509.subject.organizational_unit'?: string[] | undefined; 'file.x509.subject.state_or_province'?: string[] | undefined; 'file.x509.version_number'?: string | undefined; 'group.domain'?: string | undefined; 'group.id'?: string | undefined; 'group.name'?: string | undefined; 'host.architecture'?: string | undefined; 'host.boot.id'?: string | undefined; 'host.cpu.usage'?: string | number | undefined; 'host.disk.read.bytes'?: string | number | undefined; 'host.disk.write.bytes'?: string | number | undefined; 'host.domain'?: string | undefined; 'host.geo.city_name'?: string | undefined; 'host.geo.continent_code'?: string | undefined; 'host.geo.continent_name'?: string | undefined; 'host.geo.country_iso_code'?: string | undefined; 'host.geo.country_name'?: string | undefined; 'host.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'host.geo.name'?: string | undefined; 'host.geo.postal_code'?: string | undefined; 'host.geo.region_iso_code'?: string | undefined; 'host.geo.region_name'?: string | undefined; 'host.geo.timezone'?: string | undefined; 'host.hostname'?: string | undefined; 'host.id'?: string | undefined; 'host.ip'?: string[] | undefined; 'host.mac'?: string[] | undefined; 'host.name'?: string | undefined; 'host.network.egress.bytes'?: string | number | undefined; 'host.network.egress.packets'?: string | number | undefined; 'host.network.ingress.bytes'?: string | number | undefined; 'host.network.ingress.packets'?: string | number | undefined; 'host.os.family'?: string | undefined; 'host.os.full'?: string | undefined; 'host.os.kernel'?: string | undefined; 'host.os.name'?: string | undefined; 'host.os.platform'?: string | undefined; 'host.os.type'?: string | undefined; 'host.os.version'?: string | undefined; 'host.pid_ns_ino'?: string | undefined; 'host.risk.calculated_level'?: string | undefined; 'host.risk.calculated_score'?: number | undefined; 'host.risk.calculated_score_norm'?: number | undefined; 'host.risk.static_level'?: string | undefined; 'host.risk.static_score'?: number | undefined; 'host.risk.static_score_norm'?: number | undefined; 'host.type'?: string | undefined; 'host.uptime'?: string | number | undefined; 'http.request.body.bytes'?: string | number | undefined; 'http.request.body.content'?: string | undefined; 'http.request.bytes'?: string | number | undefined; 'http.request.id'?: string | undefined; 'http.request.method'?: string | undefined; 'http.request.mime_type'?: string | undefined; 'http.request.referrer'?: string | undefined; 'http.response.body.bytes'?: string | number | undefined; 'http.response.body.content'?: string | undefined; 'http.response.bytes'?: string | number | undefined; 'http.response.mime_type'?: string | undefined; 'http.response.status_code'?: string | number | undefined; 'http.version'?: string | undefined; 'log.file.path'?: string | undefined; 'log.level'?: string | undefined; 'log.logger'?: string | undefined; 'log.origin.file.line'?: string | number | undefined; 'log.origin.file.name'?: string | undefined; 'log.origin.function'?: string | undefined; message?: string | undefined; 'network.application'?: string | undefined; 'network.bytes'?: string | number | undefined; 'network.community_id'?: string | undefined; 'network.direction'?: string | undefined; 'network.forwarded_ip'?: string | undefined; 'network.iana_number'?: string | undefined; 'network.name'?: string | undefined; 'network.packets'?: string | number | undefined; 'network.protocol'?: string | undefined; 'network.transport'?: string | undefined; 'network.type'?: string | undefined; 'network.vlan.id'?: string | undefined; 'network.vlan.name'?: string | undefined; 'observer.geo.city_name'?: string | undefined; 'observer.geo.continent_code'?: string | undefined; 'observer.geo.continent_name'?: string | undefined; 'observer.geo.country_iso_code'?: string | undefined; 'observer.geo.country_name'?: string | undefined; 'observer.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'observer.geo.name'?: string | undefined; 'observer.geo.postal_code'?: string | undefined; 'observer.geo.region_iso_code'?: string | undefined; 'observer.geo.region_name'?: string | undefined; 'observer.geo.timezone'?: string | undefined; 'observer.hostname'?: string | undefined; 'observer.ip'?: string[] | undefined; 'observer.mac'?: string[] | undefined; 'observer.name'?: string | undefined; 'observer.os.family'?: string | undefined; 'observer.os.full'?: string | undefined; 'observer.os.kernel'?: string | undefined; 'observer.os.name'?: string | undefined; 'observer.os.platform'?: string | undefined; 'observer.os.type'?: string | undefined; 'observer.os.version'?: string | undefined; 'observer.product'?: string | undefined; 'observer.serial_number'?: string | undefined; 'observer.type'?: string | undefined; 'observer.vendor'?: string | undefined; 'observer.version'?: string | undefined; 'orchestrator.api_version'?: string | undefined; 'orchestrator.cluster.id'?: string | undefined; 'orchestrator.cluster.name'?: string | undefined; 'orchestrator.cluster.url'?: string | undefined; 'orchestrator.cluster.version'?: string | undefined; 'orchestrator.namespace'?: string | undefined; 'orchestrator.organization'?: string | undefined; 'orchestrator.resource.id'?: string | undefined; 'orchestrator.resource.ip'?: string[] | undefined; 'orchestrator.resource.name'?: string | undefined; 'orchestrator.resource.parent.type'?: string | undefined; 'orchestrator.resource.type'?: string | undefined; 'orchestrator.type'?: string | undefined; 'organization.id'?: string | undefined; 'organization.name'?: string | undefined; 'package.architecture'?: string | undefined; 'package.build_version'?: string | undefined; 'package.checksum'?: string | undefined; 'package.description'?: string | undefined; 'package.install_scope'?: string | undefined; 'package.installed'?: string | number | undefined; 'package.license'?: string | undefined; 'package.name'?: string | undefined; 'package.path'?: string | undefined; 'package.reference'?: string | undefined; 'package.size'?: string | number | undefined; 'package.type'?: string | undefined; 'package.version'?: string | undefined; 'process.args'?: string[] | undefined; 'process.args_count'?: string | number | undefined; 'process.code_signature.digest_algorithm'?: string | undefined; 'process.code_signature.exists'?: boolean | undefined; 'process.code_signature.signing_id'?: string | undefined; 'process.code_signature.status'?: string | undefined; 'process.code_signature.subject_name'?: string | undefined; 'process.code_signature.team_id'?: string | undefined; 'process.code_signature.timestamp'?: string | number | undefined; 'process.code_signature.trusted'?: boolean | undefined; 'process.code_signature.valid'?: boolean | undefined; 'process.command_line'?: string | undefined; 'process.elf.architecture'?: string | undefined; 'process.elf.byte_order'?: string | undefined; 'process.elf.cpu_type'?: string | undefined; 'process.elf.creation_date'?: string | number | undefined; 'process.elf.exports'?: unknown[] | undefined; 'process.elf.header.abi_version'?: string | undefined; 'process.elf.header.class'?: string | undefined; 'process.elf.header.data'?: string | undefined; 'process.elf.header.entrypoint'?: string | number | undefined; 'process.elf.header.object_version'?: string | undefined; 'process.elf.header.os_abi'?: string | undefined; 'process.elf.header.type'?: string | undefined; 'process.elf.header.version'?: string | undefined; 'process.elf.imports'?: unknown[] | undefined; 'process.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.elf.shared_libraries'?: string[] | undefined; 'process.elf.telfhash'?: string | undefined; 'process.end'?: string | number | undefined; 'process.entity_id'?: string | undefined; 'process.entry_leader.args'?: string[] | undefined; 'process.entry_leader.args_count'?: string | number | undefined; 'process.entry_leader.attested_groups.name'?: string | undefined; 'process.entry_leader.attested_user.id'?: string | undefined; 'process.entry_leader.attested_user.name'?: string | undefined; 'process.entry_leader.command_line'?: string | undefined; 'process.entry_leader.entity_id'?: string | undefined; 'process.entry_leader.entry_meta.source.ip'?: string | undefined; 'process.entry_leader.entry_meta.type'?: string | undefined; 'process.entry_leader.executable'?: string | undefined; 'process.entry_leader.group.id'?: string | undefined; 'process.entry_leader.group.name'?: string | undefined; 'process.entry_leader.interactive'?: boolean | undefined; 'process.entry_leader.name'?: string | undefined; 'process.entry_leader.parent.entity_id'?: string | undefined; 'process.entry_leader.parent.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.entity_id'?: string | undefined; 'process.entry_leader.parent.session_leader.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.start'?: string | number | undefined; 'process.entry_leader.parent.start'?: string | number | undefined; 'process.entry_leader.pid'?: string | number | undefined; 'process.entry_leader.real_group.id'?: string | undefined; 'process.entry_leader.real_group.name'?: string | undefined; 'process.entry_leader.real_user.id'?: string | undefined; 'process.entry_leader.real_user.name'?: string | undefined; 'process.entry_leader.same_as_process'?: boolean | undefined; 'process.entry_leader.saved_group.id'?: string | undefined; 'process.entry_leader.saved_group.name'?: string | undefined; 'process.entry_leader.saved_user.id'?: string | undefined; 'process.entry_leader.saved_user.name'?: string | undefined; 'process.entry_leader.start'?: string | number | undefined; 'process.entry_leader.supplemental_groups.id'?: string | undefined; 'process.entry_leader.supplemental_groups.name'?: string | undefined; 'process.entry_leader.user.id'?: string | undefined; 'process.entry_leader.user.name'?: string | undefined; 'process.entry_leader.working_directory'?: string | undefined; 'process.env_vars'?: string[] | undefined; 'process.executable'?: string | undefined; 'process.exit_code'?: string | number | undefined; 'process.group_leader.args'?: string[] | undefined; 'process.group_leader.args_count'?: string | number | undefined; 'process.group_leader.command_line'?: string | undefined; 'process.group_leader.entity_id'?: string | undefined; 'process.group_leader.executable'?: string | undefined; 'process.group_leader.group.id'?: string | undefined; 'process.group_leader.group.name'?: string | undefined; 'process.group_leader.interactive'?: boolean | undefined; 'process.group_leader.name'?: string | undefined; 'process.group_leader.pid'?: string | number | undefined; 'process.group_leader.real_group.id'?: string | undefined; 'process.group_leader.real_group.name'?: string | undefined; 'process.group_leader.real_user.id'?: string | undefined; 'process.group_leader.real_user.name'?: string | undefined; 'process.group_leader.same_as_process'?: boolean | undefined; 'process.group_leader.saved_group.id'?: string | undefined; 'process.group_leader.saved_group.name'?: string | undefined; 'process.group_leader.saved_user.id'?: string | undefined; 'process.group_leader.saved_user.name'?: string | undefined; 'process.group_leader.start'?: string | number | undefined; 'process.group_leader.supplemental_groups.id'?: string | undefined; 'process.group_leader.supplemental_groups.name'?: string | undefined; 'process.group_leader.user.id'?: string | undefined; 'process.group_leader.user.name'?: string | undefined; 'process.group_leader.working_directory'?: string | undefined; 'process.hash.md5'?: string | undefined; 'process.hash.sha1'?: string | undefined; 'process.hash.sha256'?: string | undefined; 'process.hash.sha384'?: string | undefined; 'process.hash.sha512'?: string | undefined; 'process.hash.ssdeep'?: string | undefined; 'process.hash.tlsh'?: string | undefined; 'process.interactive'?: boolean | undefined; 'process.name'?: string | undefined; 'process.parent.args'?: string[] | undefined; 'process.parent.args_count'?: string | number | undefined; 'process.parent.code_signature.digest_algorithm'?: string | undefined; 'process.parent.code_signature.exists'?: boolean | undefined; 'process.parent.code_signature.signing_id'?: string | undefined; 'process.parent.code_signature.status'?: string | undefined; 'process.parent.code_signature.subject_name'?: string | undefined; 'process.parent.code_signature.team_id'?: string | undefined; 'process.parent.code_signature.timestamp'?: string | number | undefined; 'process.parent.code_signature.trusted'?: boolean | undefined; 'process.parent.code_signature.valid'?: boolean | undefined; 'process.parent.command_line'?: string | undefined; 'process.parent.elf.architecture'?: string | undefined; 'process.parent.elf.byte_order'?: string | undefined; 'process.parent.elf.cpu_type'?: string | undefined; 'process.parent.elf.creation_date'?: string | number | undefined; 'process.parent.elf.exports'?: unknown[] | undefined; 'process.parent.elf.header.abi_version'?: string | undefined; 'process.parent.elf.header.class'?: string | undefined; 'process.parent.elf.header.data'?: string | undefined; 'process.parent.elf.header.entrypoint'?: string | number | undefined; 'process.parent.elf.header.object_version'?: string | undefined; 'process.parent.elf.header.os_abi'?: string | undefined; 'process.parent.elf.header.type'?: string | undefined; 'process.parent.elf.header.version'?: string | undefined; 'process.parent.elf.imports'?: unknown[] | undefined; 'process.parent.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.parent.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.parent.elf.shared_libraries'?: string[] | undefined; 'process.parent.elf.telfhash'?: string | undefined; 'process.parent.end'?: string | number | undefined; 'process.parent.entity_id'?: string | undefined; 'process.parent.executable'?: string | undefined; 'process.parent.exit_code'?: string | number | undefined; 'process.parent.group.id'?: string | undefined; 'process.parent.group.name'?: string | undefined; 'process.parent.group_leader.entity_id'?: string | undefined; 'process.parent.group_leader.pid'?: string | number | undefined; 'process.parent.group_leader.start'?: string | number | undefined; 'process.parent.hash.md5'?: string | undefined; 'process.parent.hash.sha1'?: string | undefined; 'process.parent.hash.sha256'?: string | undefined; 'process.parent.hash.sha384'?: string | undefined; 'process.parent.hash.sha512'?: string | undefined; 'process.parent.hash.ssdeep'?: string | undefined; 'process.parent.hash.tlsh'?: string | undefined; 'process.parent.interactive'?: boolean | undefined; 'process.parent.name'?: string | undefined; 'process.parent.pe.architecture'?: string | undefined; 'process.parent.pe.company'?: string | undefined; 'process.parent.pe.description'?: string | undefined; 'process.parent.pe.file_version'?: string | undefined; 'process.parent.pe.imphash'?: string | undefined; 'process.parent.pe.original_file_name'?: string | undefined; 'process.parent.pe.pehash'?: string | undefined; 'process.parent.pe.product'?: string | undefined; 'process.parent.pgid'?: string | number | undefined; 'process.parent.pid'?: string | number | undefined; 'process.parent.real_group.id'?: string | undefined; 'process.parent.real_group.name'?: string | undefined; 'process.parent.real_user.id'?: string | undefined; 'process.parent.real_user.name'?: string | undefined; 'process.parent.saved_group.id'?: string | undefined; 'process.parent.saved_group.name'?: string | undefined; 'process.parent.saved_user.id'?: string | undefined; 'process.parent.saved_user.name'?: string | undefined; 'process.parent.start'?: string | number | undefined; 'process.parent.supplemental_groups.id'?: string | undefined; 'process.parent.supplemental_groups.name'?: string | undefined; 'process.parent.thread.id'?: string | number | undefined; 'process.parent.thread.name'?: string | undefined; 'process.parent.title'?: string | undefined; 'process.parent.uptime'?: string | number | undefined; 'process.parent.user.id'?: string | undefined; 'process.parent.user.name'?: string | undefined; 'process.parent.working_directory'?: string | undefined; 'process.pe.architecture'?: string | undefined; 'process.pe.company'?: string | undefined; 'process.pe.description'?: string | undefined; 'process.pe.file_version'?: string | undefined; 'process.pe.imphash'?: string | undefined; 'process.pe.original_file_name'?: string | undefined; 'process.pe.pehash'?: string | undefined; 'process.pe.product'?: string | undefined; 'process.pgid'?: string | number | undefined; 'process.pid'?: string | number | undefined; 'process.previous.args'?: string[] | undefined; 'process.previous.args_count'?: string | number | undefined; 'process.previous.executable'?: string | undefined; 'process.real_group.id'?: string | undefined; 'process.real_group.name'?: string | undefined; 'process.real_user.id'?: string | undefined; 'process.real_user.name'?: string | undefined; 'process.saved_group.id'?: string | undefined; 'process.saved_group.name'?: string | undefined; 'process.saved_user.id'?: string | undefined; 'process.saved_user.name'?: string | undefined; 'process.session_leader.args'?: string[] | undefined; 'process.session_leader.args_count'?: string | number | undefined; 'process.session_leader.command_line'?: string | undefined; 'process.session_leader.entity_id'?: string | undefined; 'process.session_leader.executable'?: string | undefined; 'process.session_leader.group.id'?: string | undefined; 'process.session_leader.group.name'?: string | undefined; 'process.session_leader.interactive'?: boolean | undefined; 'process.session_leader.name'?: string | undefined; 'process.session_leader.parent.entity_id'?: string | undefined; 'process.session_leader.parent.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.entity_id'?: string | undefined; 'process.session_leader.parent.session_leader.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.start'?: string | number | undefined; 'process.session_leader.parent.start'?: string | number | undefined; 'process.session_leader.pid'?: string | number | undefined; 'process.session_leader.real_group.id'?: string | undefined; 'process.session_leader.real_group.name'?: string | undefined; 'process.session_leader.real_user.id'?: string | undefined; 'process.session_leader.real_user.name'?: string | undefined; 'process.session_leader.same_as_process'?: boolean | undefined; 'process.session_leader.saved_group.id'?: string | undefined; 'process.session_leader.saved_group.name'?: string | undefined; 'process.session_leader.saved_user.id'?: string | undefined; 'process.session_leader.saved_user.name'?: string | undefined; 'process.session_leader.start'?: string | number | undefined; 'process.session_leader.supplemental_groups.id'?: string | undefined; 'process.session_leader.supplemental_groups.name'?: string | undefined; 'process.session_leader.user.id'?: string | undefined; 'process.session_leader.user.name'?: string | undefined; 'process.session_leader.working_directory'?: string | undefined; 'process.start'?: string | number | undefined; 'process.supplemental_groups.id'?: string | undefined; 'process.supplemental_groups.name'?: string | undefined; 'process.thread.id'?: string | number | undefined; 'process.thread.name'?: string | undefined; 'process.title'?: string | undefined; 'process.uptime'?: string | number | undefined; 'process.user.id'?: string | undefined; 'process.user.name'?: string | undefined; 'process.working_directory'?: string | undefined; 'registry.data.bytes'?: string | undefined; 'registry.data.strings'?: string[] | undefined; 'registry.data.type'?: string | undefined; 'registry.hive'?: string | undefined; 'registry.key'?: string | undefined; 'registry.path'?: string | undefined; 'registry.value'?: string | undefined; 'related.hash'?: string[] | undefined; 'related.hosts'?: string[] | undefined; 'related.ip'?: string[] | undefined; 'related.user'?: string[] | undefined; 'rule.author'?: string[] | undefined; 'rule.category'?: string | undefined; 'rule.description'?: string | undefined; 'rule.id'?: string | undefined; 'rule.license'?: string | undefined; 'rule.name'?: string | undefined; 'rule.reference'?: string | undefined; 'rule.ruleset'?: string | undefined; 'rule.uuid'?: string | undefined; 'rule.version'?: string | undefined; 'server.address'?: string | undefined; 'server.as.number'?: string | number | undefined; 'server.as.organization.name'?: string | undefined; 'server.bytes'?: string | number | undefined; 'server.domain'?: string | undefined; 'server.geo.city_name'?: string | undefined; 'server.geo.continent_code'?: string | undefined; 'server.geo.continent_name'?: string | undefined; 'server.geo.country_iso_code'?: string | undefined; 'server.geo.country_name'?: string | undefined; 'server.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'server.geo.name'?: string | undefined; 'server.geo.postal_code'?: string | undefined; 'server.geo.region_iso_code'?: string | undefined; 'server.geo.region_name'?: string | undefined; 'server.geo.timezone'?: string | undefined; 'server.ip'?: string | undefined; 'server.mac'?: string | undefined; 'server.nat.ip'?: string | undefined; 'server.nat.port'?: string | number | undefined; 'server.packets'?: string | number | undefined; 'server.port'?: string | number | undefined; 'server.registered_domain'?: string | undefined; 'server.subdomain'?: string | undefined; 'server.top_level_domain'?: string | undefined; 'server.user.domain'?: string | undefined; 'server.user.email'?: string | undefined; 'server.user.full_name'?: string | undefined; 'server.user.group.domain'?: string | undefined; 'server.user.group.id'?: string | undefined; 'server.user.group.name'?: string | undefined; 'server.user.hash'?: string | undefined; 'server.user.id'?: string | undefined; 'server.user.name'?: string | undefined; 'server.user.roles'?: string[] | undefined; 'service.address'?: string | undefined; 'service.environment'?: string | undefined; 'service.ephemeral_id'?: string | undefined; 'service.id'?: string | undefined; 'service.name'?: string | undefined; 'service.node.name'?: string | undefined; 'service.node.role'?: string | undefined; 'service.node.roles'?: string[] | undefined; 'service.origin.address'?: string | undefined; 'service.origin.environment'?: string | undefined; 'service.origin.ephemeral_id'?: string | undefined; 'service.origin.id'?: string | undefined; 'service.origin.name'?: string | undefined; 'service.origin.node.name'?: string | undefined; 'service.origin.node.role'?: string | undefined; 'service.origin.node.roles'?: string[] | undefined; 'service.origin.state'?: string | undefined; 'service.origin.type'?: string | undefined; 'service.origin.version'?: string | undefined; 'service.state'?: string | undefined; 'service.target.address'?: string | undefined; 'service.target.environment'?: string | undefined; 'service.target.ephemeral_id'?: string | undefined; 'service.target.id'?: string | undefined; 'service.target.name'?: string | undefined; 'service.target.node.name'?: string | undefined; 'service.target.node.role'?: string | undefined; 'service.target.node.roles'?: string[] | undefined; 'service.target.state'?: string | undefined; 'service.target.type'?: string | undefined; 'service.target.version'?: string | undefined; 'service.type'?: string | undefined; 'service.version'?: string | undefined; 'source.address'?: string | undefined; 'source.as.number'?: string | number | undefined; 'source.as.organization.name'?: string | undefined; 'source.bytes'?: string | number | undefined; 'source.domain'?: string | undefined; 'source.geo.city_name'?: string | undefined; 'source.geo.continent_code'?: string | undefined; 'source.geo.continent_name'?: string | undefined; 'source.geo.country_iso_code'?: string | undefined; 'source.geo.country_name'?: string | undefined; 'source.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'source.geo.name'?: string | undefined; 'source.geo.postal_code'?: string | undefined; 'source.geo.region_iso_code'?: string | undefined; 'source.geo.region_name'?: string | undefined; 'source.geo.timezone'?: string | undefined; 'source.ip'?: string | undefined; 'source.mac'?: string | undefined; 'source.nat.ip'?: string | undefined; 'source.nat.port'?: string | number | undefined; 'source.packets'?: string | number | undefined; 'source.port'?: string | number | undefined; 'source.registered_domain'?: string | undefined; 'source.subdomain'?: string | undefined; 'source.top_level_domain'?: string | undefined; 'source.user.domain'?: string | undefined; 'source.user.email'?: string | undefined; 'source.user.full_name'?: string | undefined; 'source.user.group.domain'?: string | undefined; 'source.user.group.id'?: string | undefined; 'source.user.group.name'?: string | undefined; 'source.user.hash'?: string | undefined; 'source.user.id'?: string | undefined; 'source.user.name'?: string | undefined; 'source.user.roles'?: string[] | undefined; 'span.id'?: string | undefined; tags?: string[] | undefined; 'threat.enrichments'?: { 'matched.atomic'?: string | undefined; 'matched.field'?: string | undefined; 'matched.id'?: string | undefined; 'matched.index'?: string | undefined; 'matched.occurred'?: string | number | undefined; 'matched.type'?: string | undefined; }[] | undefined; 'threat.feed.dashboard_id'?: string | undefined; 'threat.feed.description'?: string | undefined; 'threat.feed.name'?: string | undefined; 'threat.feed.reference'?: string | undefined; 'threat.framework'?: string | undefined; 'threat.group.alias'?: string[] | undefined; 'threat.group.id'?: string | undefined; 'threat.group.name'?: string | undefined; 'threat.group.reference'?: string | undefined; 'threat.indicator.as.number'?: string | number | undefined; 'threat.indicator.as.organization.name'?: string | undefined; 'threat.indicator.confidence'?: string | undefined; 'threat.indicator.description'?: string | undefined; 'threat.indicator.email.address'?: string | undefined; 'threat.indicator.file.accessed'?: string | number | undefined; 'threat.indicator.file.attributes'?: string[] | undefined; 'threat.indicator.file.code_signature.digest_algorithm'?: string | undefined; 'threat.indicator.file.code_signature.exists'?: boolean | undefined; 'threat.indicator.file.code_signature.signing_id'?: string | undefined; 'threat.indicator.file.code_signature.status'?: string | undefined; 'threat.indicator.file.code_signature.subject_name'?: string | undefined; 'threat.indicator.file.code_signature.team_id'?: string | undefined; 'threat.indicator.file.code_signature.timestamp'?: string | number | undefined; 'threat.indicator.file.code_signature.trusted'?: boolean | undefined; 'threat.indicator.file.code_signature.valid'?: boolean | undefined; 'threat.indicator.file.created'?: string | number | undefined; 'threat.indicator.file.ctime'?: string | number | undefined; 'threat.indicator.file.device'?: string | undefined; 'threat.indicator.file.directory'?: string | undefined; 'threat.indicator.file.drive_letter'?: string | undefined; 'threat.indicator.file.elf.architecture'?: string | undefined; 'threat.indicator.file.elf.byte_order'?: string | undefined; 'threat.indicator.file.elf.cpu_type'?: string | undefined; 'threat.indicator.file.elf.creation_date'?: string | number | undefined; 'threat.indicator.file.elf.exports'?: unknown[] | undefined; 'threat.indicator.file.elf.header.abi_version'?: string | undefined; 'threat.indicator.file.elf.header.class'?: string | undefined; 'threat.indicator.file.elf.header.data'?: string | undefined; 'threat.indicator.file.elf.header.entrypoint'?: string | number | undefined; 'threat.indicator.file.elf.header.object_version'?: string | undefined; 'threat.indicator.file.elf.header.os_abi'?: string | undefined; 'threat.indicator.file.elf.header.type'?: string | undefined; 'threat.indicator.file.elf.header.version'?: string | undefined; 'threat.indicator.file.elf.imports'?: unknown[] | undefined; 'threat.indicator.file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'threat.indicator.file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'threat.indicator.file.elf.shared_libraries'?: string[] | undefined; 'threat.indicator.file.elf.telfhash'?: string | undefined; 'threat.indicator.file.extension'?: string | undefined; 'threat.indicator.file.fork_name'?: string | undefined; 'threat.indicator.file.gid'?: string | undefined; 'threat.indicator.file.group'?: string | undefined; 'threat.indicator.file.hash.md5'?: string | undefined; 'threat.indicator.file.hash.sha1'?: string | undefined; 'threat.indicator.file.hash.sha256'?: string | undefined; 'threat.indicator.file.hash.sha384'?: string | undefined; 'threat.indicator.file.hash.sha512'?: string | undefined; 'threat.indicator.file.hash.ssdeep'?: string | undefined; 'threat.indicator.file.hash.tlsh'?: string | undefined; 'threat.indicator.file.inode'?: string | undefined; 'threat.indicator.file.mime_type'?: string | undefined; 'threat.indicator.file.mode'?: string | undefined; 'threat.indicator.file.mtime'?: string | number | undefined; 'threat.indicator.file.name'?: string | undefined; 'threat.indicator.file.owner'?: string | undefined; 'threat.indicator.file.path'?: string | undefined; 'threat.indicator.file.pe.architecture'?: string | undefined; 'threat.indicator.file.pe.company'?: string | undefined; 'threat.indicator.file.pe.description'?: string | undefined; 'threat.indicator.file.pe.file_version'?: string | undefined; 'threat.indicator.file.pe.imphash'?: string | undefined; 'threat.indicator.file.pe.original_file_name'?: string | undefined; 'threat.indicator.file.pe.pehash'?: string | undefined; 'threat.indicator.file.pe.product'?: string | undefined; 'threat.indicator.file.size'?: string | number | undefined; 'threat.indicator.file.target_path'?: string | undefined; 'threat.indicator.file.type'?: string | undefined; 'threat.indicator.file.uid'?: string | undefined; 'threat.indicator.file.x509.alternative_names'?: string[] | undefined; 'threat.indicator.file.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.file.x509.issuer.country'?: string[] | undefined; 'threat.indicator.file.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.not_after'?: string | number | undefined; 'threat.indicator.file.x509.not_before'?: string | number | undefined; 'threat.indicator.file.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.file.x509.public_key_curve'?: string | undefined; 'threat.indicator.file.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.file.x509.public_key_size'?: string | number | undefined; 'threat.indicator.file.x509.serial_number'?: string | undefined; 'threat.indicator.file.x509.signature_algorithm'?: string | undefined; 'threat.indicator.file.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.file.x509.subject.country'?: string[] | undefined; 'threat.indicator.file.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.subject.locality'?: string[] | undefined; 'threat.indicator.file.x509.subject.organization'?: string[] | undefined; 'threat.indicator.file.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.version_number'?: string | undefined; 'threat.indicator.first_seen'?: string | number | undefined; 'threat.indicator.geo.city_name'?: string | undefined; 'threat.indicator.geo.continent_code'?: string | undefined; 'threat.indicator.geo.continent_name'?: string | undefined; 'threat.indicator.geo.country_iso_code'?: string | undefined; 'threat.indicator.geo.country_name'?: string | undefined; 'threat.indicator.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'threat.indicator.geo.name'?: string | undefined; 'threat.indicator.geo.postal_code'?: string | undefined; 'threat.indicator.geo.region_iso_code'?: string | undefined; 'threat.indicator.geo.region_name'?: string | undefined; 'threat.indicator.geo.timezone'?: string | undefined; 'threat.indicator.ip'?: string | undefined; 'threat.indicator.last_seen'?: string | number | undefined; 'threat.indicator.marking.tlp'?: string | undefined; 'threat.indicator.marking.tlp_version'?: string | undefined; 'threat.indicator.modified_at'?: string | number | undefined; 'threat.indicator.port'?: string | number | undefined; 'threat.indicator.provider'?: string | undefined; 'threat.indicator.reference'?: string | undefined; 'threat.indicator.registry.data.bytes'?: string | undefined; 'threat.indicator.registry.data.strings'?: string[] | undefined; 'threat.indicator.registry.data.type'?: string | undefined; 'threat.indicator.registry.hive'?: string | undefined; 'threat.indicator.registry.key'?: string | undefined; 'threat.indicator.registry.path'?: string | undefined; 'threat.indicator.registry.value'?: string | undefined; 'threat.indicator.scanner_stats'?: string | number | undefined; 'threat.indicator.sightings'?: string | number | undefined; 'threat.indicator.type'?: string | undefined; 'threat.indicator.url.domain'?: string | undefined; 'threat.indicator.url.extension'?: string | undefined; 'threat.indicator.url.fragment'?: string | undefined; 'threat.indicator.url.full'?: string | undefined; 'threat.indicator.url.original'?: string | undefined; 'threat.indicator.url.password'?: string | undefined; 'threat.indicator.url.path'?: string | undefined; 'threat.indicator.url.port'?: string | number | undefined; 'threat.indicator.url.query'?: string | undefined; 'threat.indicator.url.registered_domain'?: string | undefined; 'threat.indicator.url.scheme'?: string | undefined; 'threat.indicator.url.subdomain'?: string | undefined; 'threat.indicator.url.top_level_domain'?: string | undefined; 'threat.indicator.url.username'?: string | undefined; 'threat.indicator.x509.alternative_names'?: string[] | undefined; 'threat.indicator.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.x509.issuer.country'?: string[] | undefined; 'threat.indicator.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.x509.not_after'?: string | number | undefined; 'threat.indicator.x509.not_before'?: string | number | undefined; 'threat.indicator.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.x509.public_key_curve'?: string | undefined; 'threat.indicator.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.x509.public_key_size'?: string | number | undefined; 'threat.indicator.x509.serial_number'?: string | undefined; 'threat.indicator.x509.signature_algorithm'?: string | undefined; 'threat.indicator.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.x509.subject.country'?: string[] | undefined; 'threat.indicator.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.x509.subject.locality'?: string[] | undefined; 'threat.indicator.x509.subject.organization'?: string[] | undefined; 'threat.indicator.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.x509.version_number'?: string | undefined; 'threat.software.alias'?: string[] | undefined; 'threat.software.id'?: string | undefined; 'threat.software.name'?: string | undefined; 'threat.software.platforms'?: string[] | undefined; 'threat.software.reference'?: string | undefined; 'threat.software.type'?: string | undefined; 'threat.tactic.id'?: string[] | undefined; 'threat.tactic.name'?: string[] | undefined; 'threat.tactic.reference'?: string[] | undefined; 'threat.technique.id'?: string[] | undefined; 'threat.technique.name'?: string[] | undefined; 'threat.technique.reference'?: string[] | undefined; 'threat.technique.subtechnique.id'?: string[] | undefined; 'threat.technique.subtechnique.name'?: string[] | undefined; 'threat.technique.subtechnique.reference'?: string[] | undefined; 'tls.cipher'?: string | undefined; 'tls.client.certificate'?: string | undefined; 'tls.client.certificate_chain'?: string[] | undefined; 'tls.client.hash.md5'?: string | undefined; 'tls.client.hash.sha1'?: string | undefined; 'tls.client.hash.sha256'?: string | undefined; 'tls.client.issuer'?: string | undefined; 'tls.client.ja3'?: string | undefined; 'tls.client.not_after'?: string | number | undefined; 'tls.client.not_before'?: string | number | undefined; 'tls.client.server_name'?: string | undefined; 'tls.client.subject'?: string | undefined; 'tls.client.supported_ciphers'?: string[] | undefined; 'tls.client.x509.alternative_names'?: string[] | undefined; 'tls.client.x509.issuer.common_name'?: string[] | undefined; 'tls.client.x509.issuer.country'?: string[] | undefined; 'tls.client.x509.issuer.distinguished_name'?: string | undefined; 'tls.client.x509.issuer.locality'?: string[] | undefined; 'tls.client.x509.issuer.organization'?: string[] | undefined; 'tls.client.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.client.x509.issuer.state_or_province'?: string[] | undefined; 'tls.client.x509.not_after'?: string | number | undefined; 'tls.client.x509.not_before'?: string | number | undefined; 'tls.client.x509.public_key_algorithm'?: string | undefined; 'tls.client.x509.public_key_curve'?: string | undefined; 'tls.client.x509.public_key_exponent'?: string | number | undefined; 'tls.client.x509.public_key_size'?: string | number | undefined; 'tls.client.x509.serial_number'?: string | undefined; 'tls.client.x509.signature_algorithm'?: string | undefined; 'tls.client.x509.subject.common_name'?: string[] | undefined; 'tls.client.x509.subject.country'?: string[] | undefined; 'tls.client.x509.subject.distinguished_name'?: string | undefined; 'tls.client.x509.subject.locality'?: string[] | undefined; 'tls.client.x509.subject.organization'?: string[] | undefined; 'tls.client.x509.subject.organizational_unit'?: string[] | undefined; 'tls.client.x509.subject.state_or_province'?: string[] | undefined; 'tls.client.x509.version_number'?: string | undefined; 'tls.curve'?: string | undefined; 'tls.established'?: boolean | undefined; 'tls.next_protocol'?: string | undefined; 'tls.resumed'?: boolean | undefined; 'tls.server.certificate'?: string | undefined; 'tls.server.certificate_chain'?: string[] | undefined; 'tls.server.hash.md5'?: string | undefined; 'tls.server.hash.sha1'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.issuer'?: string | undefined; 'tls.server.ja3s'?: string | undefined; 'tls.server.not_after'?: string | number | undefined; 'tls.server.not_before'?: string | number | undefined; 'tls.server.subject'?: string | undefined; 'tls.server.x509.alternative_names'?: string[] | undefined; 'tls.server.x509.issuer.common_name'?: string[] | undefined; 'tls.server.x509.issuer.country'?: string[] | undefined; 'tls.server.x509.issuer.distinguished_name'?: string | undefined; 'tls.server.x509.issuer.locality'?: string[] | undefined; 'tls.server.x509.issuer.organization'?: string[] | undefined; 'tls.server.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.server.x509.issuer.state_or_province'?: string[] | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.public_key_algorithm'?: string | undefined; 'tls.server.x509.public_key_curve'?: string | undefined; 'tls.server.x509.public_key_exponent'?: string | number | undefined; 'tls.server.x509.public_key_size'?: string | number | undefined; 'tls.server.x509.serial_number'?: string | undefined; 'tls.server.x509.signature_algorithm'?: string | undefined; 'tls.server.x509.subject.common_name'?: string[] | undefined; 'tls.server.x509.subject.country'?: string[] | undefined; 'tls.server.x509.subject.distinguished_name'?: string | undefined; 'tls.server.x509.subject.locality'?: string[] | undefined; 'tls.server.x509.subject.organization'?: string[] | undefined; 'tls.server.x509.subject.organizational_unit'?: string[] | undefined; 'tls.server.x509.subject.state_or_province'?: string[] | undefined; 'tls.server.x509.version_number'?: string | undefined; 'tls.version'?: string | undefined; 'tls.version_protocol'?: string | undefined; 'trace.id'?: string | undefined; 'transaction.id'?: string | undefined; 'url.domain'?: string | undefined; 'url.extension'?: string | undefined; 'url.fragment'?: string | undefined; 'url.full'?: string | undefined; 'url.original'?: string | undefined; 'url.password'?: string | undefined; 'url.path'?: string | undefined; 'url.port'?: string | number | undefined; 'url.query'?: string | undefined; 'url.registered_domain'?: string | undefined; 'url.scheme'?: string | undefined; 'url.subdomain'?: string | undefined; 'url.top_level_domain'?: string | undefined; 'url.username'?: string | undefined; 'user.changes.domain'?: string | undefined; 'user.changes.email'?: string | undefined; 'user.changes.full_name'?: string | undefined; 'user.changes.group.domain'?: string | undefined; 'user.changes.group.id'?: string | undefined; 'user.changes.group.name'?: string | undefined; 'user.changes.hash'?: string | undefined; 'user.changes.id'?: string | undefined; 'user.changes.name'?: string | undefined; 'user.changes.roles'?: string[] | undefined; 'user.domain'?: string | undefined; 'user.effective.domain'?: string | undefined; 'user.effective.email'?: string | undefined; 'user.effective.full_name'?: string | undefined; 'user.effective.group.domain'?: string | undefined; 'user.effective.group.id'?: string | undefined; 'user.effective.group.name'?: string | undefined; 'user.effective.hash'?: string | undefined; 'user.effective.id'?: string | undefined; 'user.effective.name'?: string | undefined; 'user.effective.roles'?: string[] | undefined; 'user.email'?: string | undefined; 'user.full_name'?: string | undefined; 'user.group.domain'?: string | undefined; 'user.group.id'?: string | undefined; 'user.group.name'?: string | undefined; 'user.hash'?: string | undefined; 'user.id'?: string | undefined; 'user.name'?: string | undefined; 'user.risk.calculated_level'?: string | undefined; 'user.risk.calculated_score'?: number | undefined; 'user.risk.calculated_score_norm'?: number | undefined; 'user.risk.static_level'?: string | undefined; 'user.risk.static_score'?: number | undefined; 'user.risk.static_score_norm'?: number | undefined; 'user.roles'?: string[] | undefined; 'user.target.domain'?: string | undefined; 'user.target.email'?: string | undefined; 'user.target.full_name'?: string | undefined; 'user.target.group.domain'?: string | undefined; 'user.target.group.id'?: string | undefined; 'user.target.group.name'?: string | undefined; 'user.target.hash'?: string | undefined; 'user.target.id'?: string | undefined; 'user.target.name'?: string | undefined; 'user.target.roles'?: string[] | undefined; 'user_agent.device.name'?: string | undefined; 'user_agent.name'?: string | undefined; 'user_agent.original'?: string | undefined; 'user_agent.os.family'?: string | undefined; 'user_agent.os.full'?: string | undefined; 'user_agent.os.kernel'?: string | undefined; 'user_agent.os.name'?: string | undefined; 'user_agent.os.platform'?: string | undefined; 'user_agent.os.type'?: string | undefined; 'user_agent.os.version'?: string | undefined; 'user_agent.version'?: string | undefined; 'vulnerability.category'?: string[] | undefined; 'vulnerability.classification'?: string | undefined; 'vulnerability.description'?: string | undefined; 'vulnerability.enumeration'?: string | undefined; 'vulnerability.id'?: string | undefined; 'vulnerability.reference'?: string | undefined; 'vulnerability.report_id'?: string | undefined; 'vulnerability.scanner.vendor'?: string | undefined; 'vulnerability.score.base'?: number | undefined; 'vulnerability.score.environmental'?: number | undefined; 'vulnerability.score.temporal'?: number | undefined; 'vulnerability.score.version'?: string | undefined; 'vulnerability.severity'?: string | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }" + "{} & { 'kibana.alert.context'?: unknown; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'ecs.version': string; } & { 'agent.build.original'?: string | undefined; 'agent.ephemeral_id'?: string | undefined; 'agent.id'?: string | undefined; 'agent.name'?: string | undefined; 'agent.type'?: string | undefined; 'agent.version'?: string | undefined; 'client.address'?: string | undefined; 'client.as.number'?: string | number | undefined; 'client.as.organization.name'?: string | undefined; 'client.bytes'?: string | number | undefined; 'client.domain'?: string | undefined; 'client.geo.city_name'?: string | undefined; 'client.geo.continent_code'?: string | undefined; 'client.geo.continent_name'?: string | undefined; 'client.geo.country_iso_code'?: string | undefined; 'client.geo.country_name'?: string | undefined; 'client.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'client.geo.name'?: string | undefined; 'client.geo.postal_code'?: string | undefined; 'client.geo.region_iso_code'?: string | undefined; 'client.geo.region_name'?: string | undefined; 'client.geo.timezone'?: string | undefined; 'client.ip'?: string | undefined; 'client.mac'?: string | undefined; 'client.nat.ip'?: string | undefined; 'client.nat.port'?: string | number | undefined; 'client.packets'?: string | number | undefined; 'client.port'?: string | number | undefined; 'client.registered_domain'?: string | undefined; 'client.subdomain'?: string | undefined; 'client.top_level_domain'?: string | undefined; 'client.user.domain'?: string | undefined; 'client.user.email'?: string | undefined; 'client.user.full_name'?: string | undefined; 'client.user.group.domain'?: string | undefined; 'client.user.group.id'?: string | undefined; 'client.user.group.name'?: string | undefined; 'client.user.hash'?: string | undefined; 'client.user.id'?: string | undefined; 'client.user.name'?: string | undefined; 'client.user.roles'?: string[] | undefined; 'cloud.account.id'?: string | undefined; 'cloud.account.name'?: string | undefined; 'cloud.availability_zone'?: string | undefined; 'cloud.instance.id'?: string | undefined; 'cloud.instance.name'?: string | undefined; 'cloud.machine.type'?: string | undefined; 'cloud.origin.account.id'?: string | undefined; 'cloud.origin.account.name'?: string | undefined; 'cloud.origin.availability_zone'?: string | undefined; 'cloud.origin.instance.id'?: string | undefined; 'cloud.origin.instance.name'?: string | undefined; 'cloud.origin.machine.type'?: string | undefined; 'cloud.origin.project.id'?: string | undefined; 'cloud.origin.project.name'?: string | undefined; 'cloud.origin.provider'?: string | undefined; 'cloud.origin.region'?: string | undefined; 'cloud.origin.service.name'?: string | undefined; 'cloud.project.id'?: string | undefined; 'cloud.project.name'?: string | undefined; 'cloud.provider'?: string | undefined; 'cloud.region'?: string | undefined; 'cloud.service.name'?: string | undefined; 'cloud.target.account.id'?: string | undefined; 'cloud.target.account.name'?: string | undefined; 'cloud.target.availability_zone'?: string | undefined; 'cloud.target.instance.id'?: string | undefined; 'cloud.target.instance.name'?: string | undefined; 'cloud.target.machine.type'?: string | undefined; 'cloud.target.project.id'?: string | undefined; 'cloud.target.project.name'?: string | undefined; 'cloud.target.provider'?: string | undefined; 'cloud.target.region'?: string | undefined; 'cloud.target.service.name'?: string | undefined; 'container.cpu.usage'?: string | number | undefined; 'container.disk.read.bytes'?: string | number | undefined; 'container.disk.write.bytes'?: string | number | undefined; 'container.id'?: string | undefined; 'container.image.hash.all'?: string[] | undefined; 'container.image.name'?: string | undefined; 'container.image.tag'?: string[] | undefined; 'container.labels'?: unknown; 'container.memory.usage'?: string | number | undefined; 'container.name'?: string | undefined; 'container.network.egress.bytes'?: string | number | undefined; 'container.network.ingress.bytes'?: string | number | undefined; 'container.runtime'?: string | undefined; 'destination.address'?: string | undefined; 'destination.as.number'?: string | number | undefined; 'destination.as.organization.name'?: string | undefined; 'destination.bytes'?: string | number | undefined; 'destination.domain'?: string | undefined; 'destination.geo.city_name'?: string | undefined; 'destination.geo.continent_code'?: string | undefined; 'destination.geo.continent_name'?: string | undefined; 'destination.geo.country_iso_code'?: string | undefined; 'destination.geo.country_name'?: string | undefined; 'destination.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'destination.geo.name'?: string | undefined; 'destination.geo.postal_code'?: string | undefined; 'destination.geo.region_iso_code'?: string | undefined; 'destination.geo.region_name'?: string | undefined; 'destination.geo.timezone'?: string | undefined; 'destination.ip'?: string | undefined; 'destination.mac'?: string | undefined; 'destination.nat.ip'?: string | undefined; 'destination.nat.port'?: string | number | undefined; 'destination.packets'?: string | number | undefined; 'destination.port'?: string | number | undefined; 'destination.registered_domain'?: string | undefined; 'destination.subdomain'?: string | undefined; 'destination.top_level_domain'?: string | undefined; 'destination.user.domain'?: string | undefined; 'destination.user.email'?: string | undefined; 'destination.user.full_name'?: string | undefined; 'destination.user.group.domain'?: string | undefined; 'destination.user.group.id'?: string | undefined; 'destination.user.group.name'?: string | undefined; 'destination.user.hash'?: string | undefined; 'destination.user.id'?: string | undefined; 'destination.user.name'?: string | undefined; 'destination.user.roles'?: string[] | undefined; 'device.id'?: string | undefined; 'device.manufacturer'?: string | undefined; 'device.model.identifier'?: string | undefined; 'device.model.name'?: string | undefined; 'dll.code_signature.digest_algorithm'?: string | undefined; 'dll.code_signature.exists'?: boolean | undefined; 'dll.code_signature.signing_id'?: string | undefined; 'dll.code_signature.status'?: string | undefined; 'dll.code_signature.subject_name'?: string | undefined; 'dll.code_signature.team_id'?: string | undefined; 'dll.code_signature.timestamp'?: string | number | undefined; 'dll.code_signature.trusted'?: boolean | undefined; 'dll.code_signature.valid'?: boolean | undefined; 'dll.hash.md5'?: string | undefined; 'dll.hash.sha1'?: string | undefined; 'dll.hash.sha256'?: string | undefined; 'dll.hash.sha384'?: string | undefined; 'dll.hash.sha512'?: string | undefined; 'dll.hash.ssdeep'?: string | undefined; 'dll.hash.tlsh'?: string | undefined; 'dll.name'?: string | undefined; 'dll.path'?: string | undefined; 'dll.pe.architecture'?: string | undefined; 'dll.pe.company'?: string | undefined; 'dll.pe.description'?: string | undefined; 'dll.pe.file_version'?: string | undefined; 'dll.pe.imphash'?: string | undefined; 'dll.pe.original_file_name'?: string | undefined; 'dll.pe.pehash'?: string | undefined; 'dll.pe.product'?: string | undefined; 'dns.answers'?: { class?: string | undefined; data?: string | undefined; name?: string | undefined; ttl?: string | number | undefined; type?: string | undefined; }[] | undefined; 'dns.header_flags'?: string[] | undefined; 'dns.id'?: string | undefined; 'dns.op_code'?: string | undefined; 'dns.question.class'?: string | undefined; 'dns.question.name'?: string | undefined; 'dns.question.registered_domain'?: string | undefined; 'dns.question.subdomain'?: string | undefined; 'dns.question.top_level_domain'?: string | undefined; 'dns.question.type'?: string | undefined; 'dns.resolved_ip'?: string[] | undefined; 'dns.response_code'?: string | undefined; 'dns.type'?: string | undefined; 'email.attachments'?: { 'file.extension'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.name'?: string | undefined; 'file.size'?: string | number | undefined; }[] | undefined; 'email.bcc.address'?: string[] | undefined; 'email.cc.address'?: string[] | undefined; 'email.content_type'?: string | undefined; 'email.delivery_timestamp'?: string | number | undefined; 'email.direction'?: string | undefined; 'email.from.address'?: string[] | undefined; 'email.local_id'?: string | undefined; 'email.message_id'?: string | undefined; 'email.origination_timestamp'?: string | number | undefined; 'email.reply_to.address'?: string[] | undefined; 'email.sender.address'?: string | undefined; 'email.subject'?: string | undefined; 'email.to.address'?: string[] | undefined; 'email.x_mailer'?: string | undefined; 'error.code'?: string | undefined; 'error.id'?: string | undefined; 'error.message'?: string | undefined; 'error.stack_trace'?: string | undefined; 'error.type'?: string | undefined; 'event.action'?: string | undefined; 'event.agent_id_status'?: string | undefined; 'event.category'?: string[] | undefined; 'event.code'?: string | undefined; 'event.created'?: string | number | undefined; 'event.dataset'?: string | undefined; 'event.duration'?: string | number | undefined; 'event.end'?: string | number | undefined; 'event.hash'?: string | undefined; 'event.id'?: string | undefined; 'event.ingested'?: string | number | undefined; 'event.kind'?: string | undefined; 'event.module'?: string | undefined; 'event.original'?: string | undefined; 'event.outcome'?: string | undefined; 'event.provider'?: string | undefined; 'event.reason'?: string | undefined; 'event.reference'?: string | undefined; 'event.risk_score'?: number | undefined; 'event.risk_score_norm'?: number | undefined; 'event.sequence'?: string | number | undefined; 'event.severity'?: string | number | undefined; 'event.start'?: string | number | undefined; 'event.timezone'?: string | undefined; 'event.type'?: string[] | undefined; 'event.url'?: string | undefined; 'faas.coldstart'?: boolean | undefined; 'faas.execution'?: string | undefined; 'faas.id'?: string | undefined; 'faas.name'?: string | undefined; 'faas.trigger'?: unknown; 'faas.version'?: string | undefined; 'file.accessed'?: string | number | undefined; 'file.attributes'?: string[] | undefined; 'file.code_signature.digest_algorithm'?: string | undefined; 'file.code_signature.exists'?: boolean | undefined; 'file.code_signature.signing_id'?: string | undefined; 'file.code_signature.status'?: string | undefined; 'file.code_signature.subject_name'?: string | undefined; 'file.code_signature.team_id'?: string | undefined; 'file.code_signature.timestamp'?: string | number | undefined; 'file.code_signature.trusted'?: boolean | undefined; 'file.code_signature.valid'?: boolean | undefined; 'file.created'?: string | number | undefined; 'file.ctime'?: string | number | undefined; 'file.device'?: string | undefined; 'file.directory'?: string | undefined; 'file.drive_letter'?: string | undefined; 'file.elf.architecture'?: string | undefined; 'file.elf.byte_order'?: string | undefined; 'file.elf.cpu_type'?: string | undefined; 'file.elf.creation_date'?: string | number | undefined; 'file.elf.exports'?: unknown[] | undefined; 'file.elf.header.abi_version'?: string | undefined; 'file.elf.header.class'?: string | undefined; 'file.elf.header.data'?: string | undefined; 'file.elf.header.entrypoint'?: string | number | undefined; 'file.elf.header.object_version'?: string | undefined; 'file.elf.header.os_abi'?: string | undefined; 'file.elf.header.type'?: string | undefined; 'file.elf.header.version'?: string | undefined; 'file.elf.imports'?: unknown[] | undefined; 'file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'file.elf.shared_libraries'?: string[] | undefined; 'file.elf.telfhash'?: string | undefined; 'file.extension'?: string | undefined; 'file.fork_name'?: string | undefined; 'file.gid'?: string | undefined; 'file.group'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.inode'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.mode'?: string | undefined; 'file.mtime'?: string | number | undefined; 'file.name'?: string | undefined; 'file.owner'?: string | undefined; 'file.path'?: string | undefined; 'file.pe.architecture'?: string | undefined; 'file.pe.company'?: string | undefined; 'file.pe.description'?: string | undefined; 'file.pe.file_version'?: string | undefined; 'file.pe.imphash'?: string | undefined; 'file.pe.original_file_name'?: string | undefined; 'file.pe.pehash'?: string | undefined; 'file.pe.product'?: string | undefined; 'file.size'?: string | number | undefined; 'file.target_path'?: string | undefined; 'file.type'?: string | undefined; 'file.uid'?: string | undefined; 'file.x509.alternative_names'?: string[] | undefined; 'file.x509.issuer.common_name'?: string[] | undefined; 'file.x509.issuer.country'?: string[] | undefined; 'file.x509.issuer.distinguished_name'?: string | undefined; 'file.x509.issuer.locality'?: string[] | undefined; 'file.x509.issuer.organization'?: string[] | undefined; 'file.x509.issuer.organizational_unit'?: string[] | undefined; 'file.x509.issuer.state_or_province'?: string[] | undefined; 'file.x509.not_after'?: string | number | undefined; 'file.x509.not_before'?: string | number | undefined; 'file.x509.public_key_algorithm'?: string | undefined; 'file.x509.public_key_curve'?: string | undefined; 'file.x509.public_key_exponent'?: string | number | undefined; 'file.x509.public_key_size'?: string | number | undefined; 'file.x509.serial_number'?: string | undefined; 'file.x509.signature_algorithm'?: string | undefined; 'file.x509.subject.common_name'?: string[] | undefined; 'file.x509.subject.country'?: string[] | undefined; 'file.x509.subject.distinguished_name'?: string | undefined; 'file.x509.subject.locality'?: string[] | undefined; 'file.x509.subject.organization'?: string[] | undefined; 'file.x509.subject.organizational_unit'?: string[] | undefined; 'file.x509.subject.state_or_province'?: string[] | undefined; 'file.x509.version_number'?: string | undefined; 'group.domain'?: string | undefined; 'group.id'?: string | undefined; 'group.name'?: string | undefined; 'host.architecture'?: string | undefined; 'host.boot.id'?: string | undefined; 'host.cpu.usage'?: string | number | undefined; 'host.disk.read.bytes'?: string | number | undefined; 'host.disk.write.bytes'?: string | number | undefined; 'host.domain'?: string | undefined; 'host.geo.city_name'?: string | undefined; 'host.geo.continent_code'?: string | undefined; 'host.geo.continent_name'?: string | undefined; 'host.geo.country_iso_code'?: string | undefined; 'host.geo.country_name'?: string | undefined; 'host.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'host.geo.name'?: string | undefined; 'host.geo.postal_code'?: string | undefined; 'host.geo.region_iso_code'?: string | undefined; 'host.geo.region_name'?: string | undefined; 'host.geo.timezone'?: string | undefined; 'host.hostname'?: string | undefined; 'host.id'?: string | undefined; 'host.ip'?: string[] | undefined; 'host.mac'?: string[] | undefined; 'host.name'?: string | undefined; 'host.network.egress.bytes'?: string | number | undefined; 'host.network.egress.packets'?: string | number | undefined; 'host.network.ingress.bytes'?: string | number | undefined; 'host.network.ingress.packets'?: string | number | undefined; 'host.os.family'?: string | undefined; 'host.os.full'?: string | undefined; 'host.os.kernel'?: string | undefined; 'host.os.name'?: string | undefined; 'host.os.platform'?: string | undefined; 'host.os.type'?: string | undefined; 'host.os.version'?: string | undefined; 'host.pid_ns_ino'?: string | undefined; 'host.risk.calculated_level'?: string | undefined; 'host.risk.calculated_score'?: number | undefined; 'host.risk.calculated_score_norm'?: number | undefined; 'host.risk.static_level'?: string | undefined; 'host.risk.static_score'?: number | undefined; 'host.risk.static_score_norm'?: number | undefined; 'host.type'?: string | undefined; 'host.uptime'?: string | number | undefined; 'http.request.body.bytes'?: string | number | undefined; 'http.request.body.content'?: string | undefined; 'http.request.bytes'?: string | number | undefined; 'http.request.id'?: string | undefined; 'http.request.method'?: string | undefined; 'http.request.mime_type'?: string | undefined; 'http.request.referrer'?: string | undefined; 'http.response.body.bytes'?: string | number | undefined; 'http.response.body.content'?: string | undefined; 'http.response.bytes'?: string | number | undefined; 'http.response.mime_type'?: string | undefined; 'http.response.status_code'?: string | number | undefined; 'http.version'?: string | undefined; labels?: unknown; 'log.file.path'?: string | undefined; 'log.level'?: string | undefined; 'log.logger'?: string | undefined; 'log.origin.file.line'?: string | number | undefined; 'log.origin.file.name'?: string | undefined; 'log.origin.function'?: string | undefined; 'log.syslog'?: unknown; message?: string | undefined; 'network.application'?: string | undefined; 'network.bytes'?: string | number | undefined; 'network.community_id'?: string | undefined; 'network.direction'?: string | undefined; 'network.forwarded_ip'?: string | undefined; 'network.iana_number'?: string | undefined; 'network.inner'?: unknown; 'network.name'?: string | undefined; 'network.packets'?: string | number | undefined; 'network.protocol'?: string | undefined; 'network.transport'?: string | undefined; 'network.type'?: string | undefined; 'network.vlan.id'?: string | undefined; 'network.vlan.name'?: string | undefined; 'observer.egress'?: unknown; 'observer.geo.city_name'?: string | undefined; 'observer.geo.continent_code'?: string | undefined; 'observer.geo.continent_name'?: string | undefined; 'observer.geo.country_iso_code'?: string | undefined; 'observer.geo.country_name'?: string | undefined; 'observer.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'observer.geo.name'?: string | undefined; 'observer.geo.postal_code'?: string | undefined; 'observer.geo.region_iso_code'?: string | undefined; 'observer.geo.region_name'?: string | undefined; 'observer.geo.timezone'?: string | undefined; 'observer.hostname'?: string | undefined; 'observer.ingress'?: unknown; 'observer.ip'?: string[] | undefined; 'observer.mac'?: string[] | undefined; 'observer.name'?: string | undefined; 'observer.os.family'?: string | undefined; 'observer.os.full'?: string | undefined; 'observer.os.kernel'?: string | undefined; 'observer.os.name'?: string | undefined; 'observer.os.platform'?: string | undefined; 'observer.os.type'?: string | undefined; 'observer.os.version'?: string | undefined; 'observer.product'?: string | undefined; 'observer.serial_number'?: string | undefined; 'observer.type'?: string | undefined; 'observer.vendor'?: string | undefined; 'observer.version'?: string | undefined; 'orchestrator.api_version'?: string | undefined; 'orchestrator.cluster.id'?: string | undefined; 'orchestrator.cluster.name'?: string | undefined; 'orchestrator.cluster.url'?: string | undefined; 'orchestrator.cluster.version'?: string | undefined; 'orchestrator.namespace'?: string | undefined; 'orchestrator.organization'?: string | undefined; 'orchestrator.resource.id'?: string | undefined; 'orchestrator.resource.ip'?: string[] | undefined; 'orchestrator.resource.name'?: string | undefined; 'orchestrator.resource.parent.type'?: string | undefined; 'orchestrator.resource.type'?: string | undefined; 'orchestrator.type'?: string | undefined; 'organization.id'?: string | undefined; 'organization.name'?: string | undefined; 'package.architecture'?: string | undefined; 'package.build_version'?: string | undefined; 'package.checksum'?: string | undefined; 'package.description'?: string | undefined; 'package.install_scope'?: string | undefined; 'package.installed'?: string | number | undefined; 'package.license'?: string | undefined; 'package.name'?: string | undefined; 'package.path'?: string | undefined; 'package.reference'?: string | undefined; 'package.size'?: string | number | undefined; 'package.type'?: string | undefined; 'package.version'?: string | undefined; 'process.args'?: string[] | undefined; 'process.args_count'?: string | number | undefined; 'process.code_signature.digest_algorithm'?: string | undefined; 'process.code_signature.exists'?: boolean | undefined; 'process.code_signature.signing_id'?: string | undefined; 'process.code_signature.status'?: string | undefined; 'process.code_signature.subject_name'?: string | undefined; 'process.code_signature.team_id'?: string | undefined; 'process.code_signature.timestamp'?: string | number | undefined; 'process.code_signature.trusted'?: boolean | undefined; 'process.code_signature.valid'?: boolean | undefined; 'process.command_line'?: string | undefined; 'process.elf.architecture'?: string | undefined; 'process.elf.byte_order'?: string | undefined; 'process.elf.cpu_type'?: string | undefined; 'process.elf.creation_date'?: string | number | undefined; 'process.elf.exports'?: unknown[] | undefined; 'process.elf.header.abi_version'?: string | undefined; 'process.elf.header.class'?: string | undefined; 'process.elf.header.data'?: string | undefined; 'process.elf.header.entrypoint'?: string | number | undefined; 'process.elf.header.object_version'?: string | undefined; 'process.elf.header.os_abi'?: string | undefined; 'process.elf.header.type'?: string | undefined; 'process.elf.header.version'?: string | undefined; 'process.elf.imports'?: unknown[] | undefined; 'process.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.elf.shared_libraries'?: string[] | undefined; 'process.elf.telfhash'?: string | undefined; 'process.end'?: string | number | undefined; 'process.entity_id'?: string | undefined; 'process.entry_leader.args'?: string[] | undefined; 'process.entry_leader.args_count'?: string | number | undefined; 'process.entry_leader.attested_groups.name'?: string | undefined; 'process.entry_leader.attested_user.id'?: string | undefined; 'process.entry_leader.attested_user.name'?: string | undefined; 'process.entry_leader.command_line'?: string | undefined; 'process.entry_leader.entity_id'?: string | undefined; 'process.entry_leader.entry_meta.source.ip'?: string | undefined; 'process.entry_leader.entry_meta.type'?: string | undefined; 'process.entry_leader.executable'?: string | undefined; 'process.entry_leader.group.id'?: string | undefined; 'process.entry_leader.group.name'?: string | undefined; 'process.entry_leader.interactive'?: boolean | undefined; 'process.entry_leader.name'?: string | undefined; 'process.entry_leader.parent.entity_id'?: string | undefined; 'process.entry_leader.parent.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.entity_id'?: string | undefined; 'process.entry_leader.parent.session_leader.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.start'?: string | number | undefined; 'process.entry_leader.parent.start'?: string | number | undefined; 'process.entry_leader.pid'?: string | number | undefined; 'process.entry_leader.real_group.id'?: string | undefined; 'process.entry_leader.real_group.name'?: string | undefined; 'process.entry_leader.real_user.id'?: string | undefined; 'process.entry_leader.real_user.name'?: string | undefined; 'process.entry_leader.same_as_process'?: boolean | undefined; 'process.entry_leader.saved_group.id'?: string | undefined; 'process.entry_leader.saved_group.name'?: string | undefined; 'process.entry_leader.saved_user.id'?: string | undefined; 'process.entry_leader.saved_user.name'?: string | undefined; 'process.entry_leader.start'?: string | number | undefined; 'process.entry_leader.supplemental_groups.id'?: string | undefined; 'process.entry_leader.supplemental_groups.name'?: string | undefined; 'process.entry_leader.tty'?: unknown; 'process.entry_leader.user.id'?: string | undefined; 'process.entry_leader.user.name'?: string | undefined; 'process.entry_leader.working_directory'?: string | undefined; 'process.env_vars'?: string[] | undefined; 'process.executable'?: string | undefined; 'process.exit_code'?: string | number | undefined; 'process.group_leader.args'?: string[] | undefined; 'process.group_leader.args_count'?: string | number | undefined; 'process.group_leader.command_line'?: string | undefined; 'process.group_leader.entity_id'?: string | undefined; 'process.group_leader.executable'?: string | undefined; 'process.group_leader.group.id'?: string | undefined; 'process.group_leader.group.name'?: string | undefined; 'process.group_leader.interactive'?: boolean | undefined; 'process.group_leader.name'?: string | undefined; 'process.group_leader.pid'?: string | number | undefined; 'process.group_leader.real_group.id'?: string | undefined; 'process.group_leader.real_group.name'?: string | undefined; 'process.group_leader.real_user.id'?: string | undefined; 'process.group_leader.real_user.name'?: string | undefined; 'process.group_leader.same_as_process'?: boolean | undefined; 'process.group_leader.saved_group.id'?: string | undefined; 'process.group_leader.saved_group.name'?: string | undefined; 'process.group_leader.saved_user.id'?: string | undefined; 'process.group_leader.saved_user.name'?: string | undefined; 'process.group_leader.start'?: string | number | undefined; 'process.group_leader.supplemental_groups.id'?: string | undefined; 'process.group_leader.supplemental_groups.name'?: string | undefined; 'process.group_leader.tty'?: unknown; 'process.group_leader.user.id'?: string | undefined; 'process.group_leader.user.name'?: string | undefined; 'process.group_leader.working_directory'?: string | undefined; 'process.hash.md5'?: string | undefined; 'process.hash.sha1'?: string | undefined; 'process.hash.sha256'?: string | undefined; 'process.hash.sha384'?: string | undefined; 'process.hash.sha512'?: string | undefined; 'process.hash.ssdeep'?: string | undefined; 'process.hash.tlsh'?: string | undefined; 'process.interactive'?: boolean | undefined; 'process.io'?: unknown; 'process.name'?: string | undefined; 'process.parent.args'?: string[] | undefined; 'process.parent.args_count'?: string | number | undefined; 'process.parent.code_signature.digest_algorithm'?: string | undefined; 'process.parent.code_signature.exists'?: boolean | undefined; 'process.parent.code_signature.signing_id'?: string | undefined; 'process.parent.code_signature.status'?: string | undefined; 'process.parent.code_signature.subject_name'?: string | undefined; 'process.parent.code_signature.team_id'?: string | undefined; 'process.parent.code_signature.timestamp'?: string | number | undefined; 'process.parent.code_signature.trusted'?: boolean | undefined; 'process.parent.code_signature.valid'?: boolean | undefined; 'process.parent.command_line'?: string | undefined; 'process.parent.elf.architecture'?: string | undefined; 'process.parent.elf.byte_order'?: string | undefined; 'process.parent.elf.cpu_type'?: string | undefined; 'process.parent.elf.creation_date'?: string | number | undefined; 'process.parent.elf.exports'?: unknown[] | undefined; 'process.parent.elf.header.abi_version'?: string | undefined; 'process.parent.elf.header.class'?: string | undefined; 'process.parent.elf.header.data'?: string | undefined; 'process.parent.elf.header.entrypoint'?: string | number | undefined; 'process.parent.elf.header.object_version'?: string | undefined; 'process.parent.elf.header.os_abi'?: string | undefined; 'process.parent.elf.header.type'?: string | undefined; 'process.parent.elf.header.version'?: string | undefined; 'process.parent.elf.imports'?: unknown[] | undefined; 'process.parent.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.parent.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.parent.elf.shared_libraries'?: string[] | undefined; 'process.parent.elf.telfhash'?: string | undefined; 'process.parent.end'?: string | number | undefined; 'process.parent.entity_id'?: string | undefined; 'process.parent.executable'?: string | undefined; 'process.parent.exit_code'?: string | number | undefined; 'process.parent.group.id'?: string | undefined; 'process.parent.group.name'?: string | undefined; 'process.parent.group_leader.entity_id'?: string | undefined; 'process.parent.group_leader.pid'?: string | number | undefined; 'process.parent.group_leader.start'?: string | number | undefined; 'process.parent.hash.md5'?: string | undefined; 'process.parent.hash.sha1'?: string | undefined; 'process.parent.hash.sha256'?: string | undefined; 'process.parent.hash.sha384'?: string | undefined; 'process.parent.hash.sha512'?: string | undefined; 'process.parent.hash.ssdeep'?: string | undefined; 'process.parent.hash.tlsh'?: string | undefined; 'process.parent.interactive'?: boolean | undefined; 'process.parent.name'?: string | undefined; 'process.parent.pe.architecture'?: string | undefined; 'process.parent.pe.company'?: string | undefined; 'process.parent.pe.description'?: string | undefined; 'process.parent.pe.file_version'?: string | undefined; 'process.parent.pe.imphash'?: string | undefined; 'process.parent.pe.original_file_name'?: string | undefined; 'process.parent.pe.pehash'?: string | undefined; 'process.parent.pe.product'?: string | undefined; 'process.parent.pgid'?: string | number | undefined; 'process.parent.pid'?: string | number | undefined; 'process.parent.real_group.id'?: string | undefined; 'process.parent.real_group.name'?: string | undefined; 'process.parent.real_user.id'?: string | undefined; 'process.parent.real_user.name'?: string | undefined; 'process.parent.saved_group.id'?: string | undefined; 'process.parent.saved_group.name'?: string | undefined; 'process.parent.saved_user.id'?: string | undefined; 'process.parent.saved_user.name'?: string | undefined; 'process.parent.start'?: string | number | undefined; 'process.parent.supplemental_groups.id'?: string | undefined; 'process.parent.supplemental_groups.name'?: string | undefined; 'process.parent.thread.id'?: string | number | undefined; 'process.parent.thread.name'?: string | undefined; 'process.parent.title'?: string | undefined; 'process.parent.tty'?: unknown; 'process.parent.uptime'?: string | number | undefined; 'process.parent.user.id'?: string | undefined; 'process.parent.user.name'?: string | undefined; 'process.parent.working_directory'?: string | undefined; 'process.pe.architecture'?: string | undefined; 'process.pe.company'?: string | undefined; 'process.pe.description'?: string | undefined; 'process.pe.file_version'?: string | undefined; 'process.pe.imphash'?: string | undefined; 'process.pe.original_file_name'?: string | undefined; 'process.pe.pehash'?: string | undefined; 'process.pe.product'?: string | undefined; 'process.pgid'?: string | number | undefined; 'process.pid'?: string | number | undefined; 'process.previous.args'?: string[] | undefined; 'process.previous.args_count'?: string | number | undefined; 'process.previous.executable'?: string | undefined; 'process.real_group.id'?: string | undefined; 'process.real_group.name'?: string | undefined; 'process.real_user.id'?: string | undefined; 'process.real_user.name'?: string | undefined; 'process.saved_group.id'?: string | undefined; 'process.saved_group.name'?: string | undefined; 'process.saved_user.id'?: string | undefined; 'process.saved_user.name'?: string | undefined; 'process.session_leader.args'?: string[] | undefined; 'process.session_leader.args_count'?: string | number | undefined; 'process.session_leader.command_line'?: string | undefined; 'process.session_leader.entity_id'?: string | undefined; 'process.session_leader.executable'?: string | undefined; 'process.session_leader.group.id'?: string | undefined; 'process.session_leader.group.name'?: string | undefined; 'process.session_leader.interactive'?: boolean | undefined; 'process.session_leader.name'?: string | undefined; 'process.session_leader.parent.entity_id'?: string | undefined; 'process.session_leader.parent.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.entity_id'?: string | undefined; 'process.session_leader.parent.session_leader.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.start'?: string | number | undefined; 'process.session_leader.parent.start'?: string | number | undefined; 'process.session_leader.pid'?: string | number | undefined; 'process.session_leader.real_group.id'?: string | undefined; 'process.session_leader.real_group.name'?: string | undefined; 'process.session_leader.real_user.id'?: string | undefined; 'process.session_leader.real_user.name'?: string | undefined; 'process.session_leader.same_as_process'?: boolean | undefined; 'process.session_leader.saved_group.id'?: string | undefined; 'process.session_leader.saved_group.name'?: string | undefined; 'process.session_leader.saved_user.id'?: string | undefined; 'process.session_leader.saved_user.name'?: string | undefined; 'process.session_leader.start'?: string | number | undefined; 'process.session_leader.supplemental_groups.id'?: string | undefined; 'process.session_leader.supplemental_groups.name'?: string | undefined; 'process.session_leader.tty'?: unknown; 'process.session_leader.user.id'?: string | undefined; 'process.session_leader.user.name'?: string | undefined; 'process.session_leader.working_directory'?: string | undefined; 'process.start'?: string | number | undefined; 'process.supplemental_groups.id'?: string | undefined; 'process.supplemental_groups.name'?: string | undefined; 'process.thread.id'?: string | number | undefined; 'process.thread.name'?: string | undefined; 'process.title'?: string | undefined; 'process.tty'?: unknown; 'process.uptime'?: string | number | undefined; 'process.user.id'?: string | undefined; 'process.user.name'?: string | undefined; 'process.working_directory'?: string | undefined; 'registry.data.bytes'?: string | undefined; 'registry.data.strings'?: string[] | undefined; 'registry.data.type'?: string | undefined; 'registry.hive'?: string | undefined; 'registry.key'?: string | undefined; 'registry.path'?: string | undefined; 'registry.value'?: string | undefined; 'related.hash'?: string[] | undefined; 'related.hosts'?: string[] | undefined; 'related.ip'?: string[] | undefined; 'related.user'?: string[] | undefined; 'rule.author'?: string[] | undefined; 'rule.category'?: string | undefined; 'rule.description'?: string | undefined; 'rule.id'?: string | undefined; 'rule.license'?: string | undefined; 'rule.name'?: string | undefined; 'rule.reference'?: string | undefined; 'rule.ruleset'?: string | undefined; 'rule.uuid'?: string | undefined; 'rule.version'?: string | undefined; 'server.address'?: string | undefined; 'server.as.number'?: string | number | undefined; 'server.as.organization.name'?: string | undefined; 'server.bytes'?: string | number | undefined; 'server.domain'?: string | undefined; 'server.geo.city_name'?: string | undefined; 'server.geo.continent_code'?: string | undefined; 'server.geo.continent_name'?: string | undefined; 'server.geo.country_iso_code'?: string | undefined; 'server.geo.country_name'?: string | undefined; 'server.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'server.geo.name'?: string | undefined; 'server.geo.postal_code'?: string | undefined; 'server.geo.region_iso_code'?: string | undefined; 'server.geo.region_name'?: string | undefined; 'server.geo.timezone'?: string | undefined; 'server.ip'?: string | undefined; 'server.mac'?: string | undefined; 'server.nat.ip'?: string | undefined; 'server.nat.port'?: string | number | undefined; 'server.packets'?: string | number | undefined; 'server.port'?: string | number | undefined; 'server.registered_domain'?: string | undefined; 'server.subdomain'?: string | undefined; 'server.top_level_domain'?: string | undefined; 'server.user.domain'?: string | undefined; 'server.user.email'?: string | undefined; 'server.user.full_name'?: string | undefined; 'server.user.group.domain'?: string | undefined; 'server.user.group.id'?: string | undefined; 'server.user.group.name'?: string | undefined; 'server.user.hash'?: string | undefined; 'server.user.id'?: string | undefined; 'server.user.name'?: string | undefined; 'server.user.roles'?: string[] | undefined; 'service.address'?: string | undefined; 'service.environment'?: string | undefined; 'service.ephemeral_id'?: string | undefined; 'service.id'?: string | undefined; 'service.name'?: string | undefined; 'service.node.name'?: string | undefined; 'service.node.role'?: string | undefined; 'service.node.roles'?: string[] | undefined; 'service.origin.address'?: string | undefined; 'service.origin.environment'?: string | undefined; 'service.origin.ephemeral_id'?: string | undefined; 'service.origin.id'?: string | undefined; 'service.origin.name'?: string | undefined; 'service.origin.node.name'?: string | undefined; 'service.origin.node.role'?: string | undefined; 'service.origin.node.roles'?: string[] | undefined; 'service.origin.state'?: string | undefined; 'service.origin.type'?: string | undefined; 'service.origin.version'?: string | undefined; 'service.state'?: string | undefined; 'service.target.address'?: string | undefined; 'service.target.environment'?: string | undefined; 'service.target.ephemeral_id'?: string | undefined; 'service.target.id'?: string | undefined; 'service.target.name'?: string | undefined; 'service.target.node.name'?: string | undefined; 'service.target.node.role'?: string | undefined; 'service.target.node.roles'?: string[] | undefined; 'service.target.state'?: string | undefined; 'service.target.type'?: string | undefined; 'service.target.version'?: string | undefined; 'service.type'?: string | undefined; 'service.version'?: string | undefined; 'source.address'?: string | undefined; 'source.as.number'?: string | number | undefined; 'source.as.organization.name'?: string | undefined; 'source.bytes'?: string | number | undefined; 'source.domain'?: string | undefined; 'source.geo.city_name'?: string | undefined; 'source.geo.continent_code'?: string | undefined; 'source.geo.continent_name'?: string | undefined; 'source.geo.country_iso_code'?: string | undefined; 'source.geo.country_name'?: string | undefined; 'source.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'source.geo.name'?: string | undefined; 'source.geo.postal_code'?: string | undefined; 'source.geo.region_iso_code'?: string | undefined; 'source.geo.region_name'?: string | undefined; 'source.geo.timezone'?: string | undefined; 'source.ip'?: string | undefined; 'source.mac'?: string | undefined; 'source.nat.ip'?: string | undefined; 'source.nat.port'?: string | number | undefined; 'source.packets'?: string | number | undefined; 'source.port'?: string | number | undefined; 'source.registered_domain'?: string | undefined; 'source.subdomain'?: string | undefined; 'source.top_level_domain'?: string | undefined; 'source.user.domain'?: string | undefined; 'source.user.email'?: string | undefined; 'source.user.full_name'?: string | undefined; 'source.user.group.domain'?: string | undefined; 'source.user.group.id'?: string | undefined; 'source.user.group.name'?: string | undefined; 'source.user.hash'?: string | undefined; 'source.user.id'?: string | undefined; 'source.user.name'?: string | undefined; 'source.user.roles'?: string[] | undefined; 'span.id'?: string | undefined; tags?: string[] | undefined; 'threat.enrichments'?: { indicator?: unknown; 'matched.atomic'?: string | undefined; 'matched.field'?: string | undefined; 'matched.id'?: string | undefined; 'matched.index'?: string | undefined; 'matched.occurred'?: string | number | undefined; 'matched.type'?: string | undefined; }[] | undefined; 'threat.feed.dashboard_id'?: string | undefined; 'threat.feed.description'?: string | undefined; 'threat.feed.name'?: string | undefined; 'threat.feed.reference'?: string | undefined; 'threat.framework'?: string | undefined; 'threat.group.alias'?: string[] | undefined; 'threat.group.id'?: string | undefined; 'threat.group.name'?: string | undefined; 'threat.group.reference'?: string | undefined; 'threat.indicator.as.number'?: string | number | undefined; 'threat.indicator.as.organization.name'?: string | undefined; 'threat.indicator.confidence'?: string | undefined; 'threat.indicator.description'?: string | undefined; 'threat.indicator.email.address'?: string | undefined; 'threat.indicator.file.accessed'?: string | number | undefined; 'threat.indicator.file.attributes'?: string[] | undefined; 'threat.indicator.file.code_signature.digest_algorithm'?: string | undefined; 'threat.indicator.file.code_signature.exists'?: boolean | undefined; 'threat.indicator.file.code_signature.signing_id'?: string | undefined; 'threat.indicator.file.code_signature.status'?: string | undefined; 'threat.indicator.file.code_signature.subject_name'?: string | undefined; 'threat.indicator.file.code_signature.team_id'?: string | undefined; 'threat.indicator.file.code_signature.timestamp'?: string | number | undefined; 'threat.indicator.file.code_signature.trusted'?: boolean | undefined; 'threat.indicator.file.code_signature.valid'?: boolean | undefined; 'threat.indicator.file.created'?: string | number | undefined; 'threat.indicator.file.ctime'?: string | number | undefined; 'threat.indicator.file.device'?: string | undefined; 'threat.indicator.file.directory'?: string | undefined; 'threat.indicator.file.drive_letter'?: string | undefined; 'threat.indicator.file.elf.architecture'?: string | undefined; 'threat.indicator.file.elf.byte_order'?: string | undefined; 'threat.indicator.file.elf.cpu_type'?: string | undefined; 'threat.indicator.file.elf.creation_date'?: string | number | undefined; 'threat.indicator.file.elf.exports'?: unknown[] | undefined; 'threat.indicator.file.elf.header.abi_version'?: string | undefined; 'threat.indicator.file.elf.header.class'?: string | undefined; 'threat.indicator.file.elf.header.data'?: string | undefined; 'threat.indicator.file.elf.header.entrypoint'?: string | number | undefined; 'threat.indicator.file.elf.header.object_version'?: string | undefined; 'threat.indicator.file.elf.header.os_abi'?: string | undefined; 'threat.indicator.file.elf.header.type'?: string | undefined; 'threat.indicator.file.elf.header.version'?: string | undefined; 'threat.indicator.file.elf.imports'?: unknown[] | undefined; 'threat.indicator.file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'threat.indicator.file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'threat.indicator.file.elf.shared_libraries'?: string[] | undefined; 'threat.indicator.file.elf.telfhash'?: string | undefined; 'threat.indicator.file.extension'?: string | undefined; 'threat.indicator.file.fork_name'?: string | undefined; 'threat.indicator.file.gid'?: string | undefined; 'threat.indicator.file.group'?: string | undefined; 'threat.indicator.file.hash.md5'?: string | undefined; 'threat.indicator.file.hash.sha1'?: string | undefined; 'threat.indicator.file.hash.sha256'?: string | undefined; 'threat.indicator.file.hash.sha384'?: string | undefined; 'threat.indicator.file.hash.sha512'?: string | undefined; 'threat.indicator.file.hash.ssdeep'?: string | undefined; 'threat.indicator.file.hash.tlsh'?: string | undefined; 'threat.indicator.file.inode'?: string | undefined; 'threat.indicator.file.mime_type'?: string | undefined; 'threat.indicator.file.mode'?: string | undefined; 'threat.indicator.file.mtime'?: string | number | undefined; 'threat.indicator.file.name'?: string | undefined; 'threat.indicator.file.owner'?: string | undefined; 'threat.indicator.file.path'?: string | undefined; 'threat.indicator.file.pe.architecture'?: string | undefined; 'threat.indicator.file.pe.company'?: string | undefined; 'threat.indicator.file.pe.description'?: string | undefined; 'threat.indicator.file.pe.file_version'?: string | undefined; 'threat.indicator.file.pe.imphash'?: string | undefined; 'threat.indicator.file.pe.original_file_name'?: string | undefined; 'threat.indicator.file.pe.pehash'?: string | undefined; 'threat.indicator.file.pe.product'?: string | undefined; 'threat.indicator.file.size'?: string | number | undefined; 'threat.indicator.file.target_path'?: string | undefined; 'threat.indicator.file.type'?: string | undefined; 'threat.indicator.file.uid'?: string | undefined; 'threat.indicator.file.x509.alternative_names'?: string[] | undefined; 'threat.indicator.file.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.file.x509.issuer.country'?: string[] | undefined; 'threat.indicator.file.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.not_after'?: string | number | undefined; 'threat.indicator.file.x509.not_before'?: string | number | undefined; 'threat.indicator.file.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.file.x509.public_key_curve'?: string | undefined; 'threat.indicator.file.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.file.x509.public_key_size'?: string | number | undefined; 'threat.indicator.file.x509.serial_number'?: string | undefined; 'threat.indicator.file.x509.signature_algorithm'?: string | undefined; 'threat.indicator.file.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.file.x509.subject.country'?: string[] | undefined; 'threat.indicator.file.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.subject.locality'?: string[] | undefined; 'threat.indicator.file.x509.subject.organization'?: string[] | undefined; 'threat.indicator.file.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.version_number'?: string | undefined; 'threat.indicator.first_seen'?: string | number | undefined; 'threat.indicator.geo.city_name'?: string | undefined; 'threat.indicator.geo.continent_code'?: string | undefined; 'threat.indicator.geo.continent_name'?: string | undefined; 'threat.indicator.geo.country_iso_code'?: string | undefined; 'threat.indicator.geo.country_name'?: string | undefined; 'threat.indicator.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'threat.indicator.geo.name'?: string | undefined; 'threat.indicator.geo.postal_code'?: string | undefined; 'threat.indicator.geo.region_iso_code'?: string | undefined; 'threat.indicator.geo.region_name'?: string | undefined; 'threat.indicator.geo.timezone'?: string | undefined; 'threat.indicator.ip'?: string | undefined; 'threat.indicator.last_seen'?: string | number | undefined; 'threat.indicator.marking.tlp'?: string | undefined; 'threat.indicator.marking.tlp_version'?: string | undefined; 'threat.indicator.modified_at'?: string | number | undefined; 'threat.indicator.port'?: string | number | undefined; 'threat.indicator.provider'?: string | undefined; 'threat.indicator.reference'?: string | undefined; 'threat.indicator.registry.data.bytes'?: string | undefined; 'threat.indicator.registry.data.strings'?: string[] | undefined; 'threat.indicator.registry.data.type'?: string | undefined; 'threat.indicator.registry.hive'?: string | undefined; 'threat.indicator.registry.key'?: string | undefined; 'threat.indicator.registry.path'?: string | undefined; 'threat.indicator.registry.value'?: string | undefined; 'threat.indicator.scanner_stats'?: string | number | undefined; 'threat.indicator.sightings'?: string | number | undefined; 'threat.indicator.type'?: string | undefined; 'threat.indicator.url.domain'?: string | undefined; 'threat.indicator.url.extension'?: string | undefined; 'threat.indicator.url.fragment'?: string | undefined; 'threat.indicator.url.full'?: string | undefined; 'threat.indicator.url.original'?: string | undefined; 'threat.indicator.url.password'?: string | undefined; 'threat.indicator.url.path'?: string | undefined; 'threat.indicator.url.port'?: string | number | undefined; 'threat.indicator.url.query'?: string | undefined; 'threat.indicator.url.registered_domain'?: string | undefined; 'threat.indicator.url.scheme'?: string | undefined; 'threat.indicator.url.subdomain'?: string | undefined; 'threat.indicator.url.top_level_domain'?: string | undefined; 'threat.indicator.url.username'?: string | undefined; 'threat.indicator.x509.alternative_names'?: string[] | undefined; 'threat.indicator.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.x509.issuer.country'?: string[] | undefined; 'threat.indicator.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.x509.not_after'?: string | number | undefined; 'threat.indicator.x509.not_before'?: string | number | undefined; 'threat.indicator.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.x509.public_key_curve'?: string | undefined; 'threat.indicator.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.x509.public_key_size'?: string | number | undefined; 'threat.indicator.x509.serial_number'?: string | undefined; 'threat.indicator.x509.signature_algorithm'?: string | undefined; 'threat.indicator.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.x509.subject.country'?: string[] | undefined; 'threat.indicator.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.x509.subject.locality'?: string[] | undefined; 'threat.indicator.x509.subject.organization'?: string[] | undefined; 'threat.indicator.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.x509.version_number'?: string | undefined; 'threat.software.alias'?: string[] | undefined; 'threat.software.id'?: string | undefined; 'threat.software.name'?: string | undefined; 'threat.software.platforms'?: string[] | undefined; 'threat.software.reference'?: string | undefined; 'threat.software.type'?: string | undefined; 'threat.tactic.id'?: string[] | undefined; 'threat.tactic.name'?: string[] | undefined; 'threat.tactic.reference'?: string[] | undefined; 'threat.technique.id'?: string[] | undefined; 'threat.technique.name'?: string[] | undefined; 'threat.technique.reference'?: string[] | undefined; 'threat.technique.subtechnique.id'?: string[] | undefined; 'threat.technique.subtechnique.name'?: string[] | undefined; 'threat.technique.subtechnique.reference'?: string[] | undefined; 'tls.cipher'?: string | undefined; 'tls.client.certificate'?: string | undefined; 'tls.client.certificate_chain'?: string[] | undefined; 'tls.client.hash.md5'?: string | undefined; 'tls.client.hash.sha1'?: string | undefined; 'tls.client.hash.sha256'?: string | undefined; 'tls.client.issuer'?: string | undefined; 'tls.client.ja3'?: string | undefined; 'tls.client.not_after'?: string | number | undefined; 'tls.client.not_before'?: string | number | undefined; 'tls.client.server_name'?: string | undefined; 'tls.client.subject'?: string | undefined; 'tls.client.supported_ciphers'?: string[] | undefined; 'tls.client.x509.alternative_names'?: string[] | undefined; 'tls.client.x509.issuer.common_name'?: string[] | undefined; 'tls.client.x509.issuer.country'?: string[] | undefined; 'tls.client.x509.issuer.distinguished_name'?: string | undefined; 'tls.client.x509.issuer.locality'?: string[] | undefined; 'tls.client.x509.issuer.organization'?: string[] | undefined; 'tls.client.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.client.x509.issuer.state_or_province'?: string[] | undefined; 'tls.client.x509.not_after'?: string | number | undefined; 'tls.client.x509.not_before'?: string | number | undefined; 'tls.client.x509.public_key_algorithm'?: string | undefined; 'tls.client.x509.public_key_curve'?: string | undefined; 'tls.client.x509.public_key_exponent'?: string | number | undefined; 'tls.client.x509.public_key_size'?: string | number | undefined; 'tls.client.x509.serial_number'?: string | undefined; 'tls.client.x509.signature_algorithm'?: string | undefined; 'tls.client.x509.subject.common_name'?: string[] | undefined; 'tls.client.x509.subject.country'?: string[] | undefined; 'tls.client.x509.subject.distinguished_name'?: string | undefined; 'tls.client.x509.subject.locality'?: string[] | undefined; 'tls.client.x509.subject.organization'?: string[] | undefined; 'tls.client.x509.subject.organizational_unit'?: string[] | undefined; 'tls.client.x509.subject.state_or_province'?: string[] | undefined; 'tls.client.x509.version_number'?: string | undefined; 'tls.curve'?: string | undefined; 'tls.established'?: boolean | undefined; 'tls.next_protocol'?: string | undefined; 'tls.resumed'?: boolean | undefined; 'tls.server.certificate'?: string | undefined; 'tls.server.certificate_chain'?: string[] | undefined; 'tls.server.hash.md5'?: string | undefined; 'tls.server.hash.sha1'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.issuer'?: string | undefined; 'tls.server.ja3s'?: string | undefined; 'tls.server.not_after'?: string | number | undefined; 'tls.server.not_before'?: string | number | undefined; 'tls.server.subject'?: string | undefined; 'tls.server.x509.alternative_names'?: string[] | undefined; 'tls.server.x509.issuer.common_name'?: string[] | undefined; 'tls.server.x509.issuer.country'?: string[] | undefined; 'tls.server.x509.issuer.distinguished_name'?: string | undefined; 'tls.server.x509.issuer.locality'?: string[] | undefined; 'tls.server.x509.issuer.organization'?: string[] | undefined; 'tls.server.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.server.x509.issuer.state_or_province'?: string[] | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.public_key_algorithm'?: string | undefined; 'tls.server.x509.public_key_curve'?: string | undefined; 'tls.server.x509.public_key_exponent'?: string | number | undefined; 'tls.server.x509.public_key_size'?: string | number | undefined; 'tls.server.x509.serial_number'?: string | undefined; 'tls.server.x509.signature_algorithm'?: string | undefined; 'tls.server.x509.subject.common_name'?: string[] | undefined; 'tls.server.x509.subject.country'?: string[] | undefined; 'tls.server.x509.subject.distinguished_name'?: string | undefined; 'tls.server.x509.subject.locality'?: string[] | undefined; 'tls.server.x509.subject.organization'?: string[] | undefined; 'tls.server.x509.subject.organizational_unit'?: string[] | undefined; 'tls.server.x509.subject.state_or_province'?: string[] | undefined; 'tls.server.x509.version_number'?: string | undefined; 'tls.version'?: string | undefined; 'tls.version_protocol'?: string | undefined; 'trace.id'?: string | undefined; 'transaction.id'?: string | undefined; 'url.domain'?: string | undefined; 'url.extension'?: string | undefined; 'url.fragment'?: string | undefined; 'url.full'?: string | undefined; 'url.original'?: string | undefined; 'url.password'?: string | undefined; 'url.path'?: string | undefined; 'url.port'?: string | number | undefined; 'url.query'?: string | undefined; 'url.registered_domain'?: string | undefined; 'url.scheme'?: string | undefined; 'url.subdomain'?: string | undefined; 'url.top_level_domain'?: string | undefined; 'url.username'?: string | undefined; 'user.changes.domain'?: string | undefined; 'user.changes.email'?: string | undefined; 'user.changes.full_name'?: string | undefined; 'user.changes.group.domain'?: string | undefined; 'user.changes.group.id'?: string | undefined; 'user.changes.group.name'?: string | undefined; 'user.changes.hash'?: string | undefined; 'user.changes.id'?: string | undefined; 'user.changes.name'?: string | undefined; 'user.changes.roles'?: string[] | undefined; 'user.domain'?: string | undefined; 'user.effective.domain'?: string | undefined; 'user.effective.email'?: string | undefined; 'user.effective.full_name'?: string | undefined; 'user.effective.group.domain'?: string | undefined; 'user.effective.group.id'?: string | undefined; 'user.effective.group.name'?: string | undefined; 'user.effective.hash'?: string | undefined; 'user.effective.id'?: string | undefined; 'user.effective.name'?: string | undefined; 'user.effective.roles'?: string[] | undefined; 'user.email'?: string | undefined; 'user.full_name'?: string | undefined; 'user.group.domain'?: string | undefined; 'user.group.id'?: string | undefined; 'user.group.name'?: string | undefined; 'user.hash'?: string | undefined; 'user.id'?: string | undefined; 'user.name'?: string | undefined; 'user.risk.calculated_level'?: string | undefined; 'user.risk.calculated_score'?: number | undefined; 'user.risk.calculated_score_norm'?: number | undefined; 'user.risk.static_level'?: string | undefined; 'user.risk.static_score'?: number | undefined; 'user.risk.static_score_norm'?: number | undefined; 'user.roles'?: string[] | undefined; 'user.target.domain'?: string | undefined; 'user.target.email'?: string | undefined; 'user.target.full_name'?: string | undefined; 'user.target.group.domain'?: string | undefined; 'user.target.group.id'?: string | undefined; 'user.target.group.name'?: string | undefined; 'user.target.hash'?: string | undefined; 'user.target.id'?: string | undefined; 'user.target.name'?: string | undefined; 'user.target.roles'?: string[] | undefined; 'user_agent.device.name'?: string | undefined; 'user_agent.name'?: string | undefined; 'user_agent.original'?: string | undefined; 'user_agent.os.family'?: string | undefined; 'user_agent.os.full'?: string | undefined; 'user_agent.os.kernel'?: string | undefined; 'user_agent.os.name'?: string | undefined; 'user_agent.os.platform'?: string | undefined; 'user_agent.os.type'?: string | undefined; 'user_agent.os.version'?: string | undefined; 'user_agent.version'?: string | undefined; 'vulnerability.category'?: string[] | undefined; 'vulnerability.classification'?: string | undefined; 'vulnerability.description'?: string | undefined; 'vulnerability.enumeration'?: string | undefined; 'vulnerability.id'?: string | undefined; 'vulnerability.reference'?: string | undefined; 'vulnerability.report_id'?: string | undefined; 'vulnerability.scanner.vendor'?: string | undefined; 'vulnerability.score.base'?: number | undefined; 'vulnerability.score.environmental'?: number | undefined; 'vulnerability.score.temporal'?: number | undefined; 'vulnerability.score.version'?: string | undefined; 'vulnerability.severity'?: string | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }" ], "path": "packages/kbn-alerts-as-data-utils/src/schemas/generated/observability_logs_schema.ts", "deprecated": false, @@ -352,7 +352,7 @@ "label": "ObservabilityMetricsAlert", "description": [], "signature": [ - "{} & { 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'ecs.version': string; } & { 'agent.build.original'?: string | undefined; 'agent.ephemeral_id'?: string | undefined; 'agent.id'?: string | undefined; 'agent.name'?: string | undefined; 'agent.type'?: string | undefined; 'agent.version'?: string | undefined; 'client.address'?: string | undefined; 'client.as.number'?: string | number | undefined; 'client.as.organization.name'?: string | undefined; 'client.bytes'?: string | number | undefined; 'client.domain'?: string | undefined; 'client.geo.city_name'?: string | undefined; 'client.geo.continent_code'?: string | undefined; 'client.geo.continent_name'?: string | undefined; 'client.geo.country_iso_code'?: string | undefined; 'client.geo.country_name'?: string | undefined; 'client.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'client.geo.name'?: string | undefined; 'client.geo.postal_code'?: string | undefined; 'client.geo.region_iso_code'?: string | undefined; 'client.geo.region_name'?: string | undefined; 'client.geo.timezone'?: string | undefined; 'client.ip'?: string | undefined; 'client.mac'?: string | undefined; 'client.nat.ip'?: string | undefined; 'client.nat.port'?: string | number | undefined; 'client.packets'?: string | number | undefined; 'client.port'?: string | number | undefined; 'client.registered_domain'?: string | undefined; 'client.subdomain'?: string | undefined; 'client.top_level_domain'?: string | undefined; 'client.user.domain'?: string | undefined; 'client.user.email'?: string | undefined; 'client.user.full_name'?: string | undefined; 'client.user.group.domain'?: string | undefined; 'client.user.group.id'?: string | undefined; 'client.user.group.name'?: string | undefined; 'client.user.hash'?: string | undefined; 'client.user.id'?: string | undefined; 'client.user.name'?: string | undefined; 'client.user.roles'?: string[] | undefined; 'cloud.account.id'?: string | undefined; 'cloud.account.name'?: string | undefined; 'cloud.availability_zone'?: string | undefined; 'cloud.instance.id'?: string | undefined; 'cloud.instance.name'?: string | undefined; 'cloud.machine.type'?: string | undefined; 'cloud.origin.account.id'?: string | undefined; 'cloud.origin.account.name'?: string | undefined; 'cloud.origin.availability_zone'?: string | undefined; 'cloud.origin.instance.id'?: string | undefined; 'cloud.origin.instance.name'?: string | undefined; 'cloud.origin.machine.type'?: string | undefined; 'cloud.origin.project.id'?: string | undefined; 'cloud.origin.project.name'?: string | undefined; 'cloud.origin.provider'?: string | undefined; 'cloud.origin.region'?: string | undefined; 'cloud.origin.service.name'?: string | undefined; 'cloud.project.id'?: string | undefined; 'cloud.project.name'?: string | undefined; 'cloud.provider'?: string | undefined; 'cloud.region'?: string | undefined; 'cloud.service.name'?: string | undefined; 'cloud.target.account.id'?: string | undefined; 'cloud.target.account.name'?: string | undefined; 'cloud.target.availability_zone'?: string | undefined; 'cloud.target.instance.id'?: string | undefined; 'cloud.target.instance.name'?: string | undefined; 'cloud.target.machine.type'?: string | undefined; 'cloud.target.project.id'?: string | undefined; 'cloud.target.project.name'?: string | undefined; 'cloud.target.provider'?: string | undefined; 'cloud.target.region'?: string | undefined; 'cloud.target.service.name'?: string | undefined; 'container.cpu.usage'?: string | number | undefined; 'container.disk.read.bytes'?: string | number | undefined; 'container.disk.write.bytes'?: string | number | undefined; 'container.id'?: string | undefined; 'container.image.hash.all'?: string[] | undefined; 'container.image.name'?: string | undefined; 'container.image.tag'?: string[] | undefined; 'container.memory.usage'?: string | number | undefined; 'container.name'?: string | undefined; 'container.network.egress.bytes'?: string | number | undefined; 'container.network.ingress.bytes'?: string | number | undefined; 'container.runtime'?: string | undefined; 'destination.address'?: string | undefined; 'destination.as.number'?: string | number | undefined; 'destination.as.organization.name'?: string | undefined; 'destination.bytes'?: string | number | undefined; 'destination.domain'?: string | undefined; 'destination.geo.city_name'?: string | undefined; 'destination.geo.continent_code'?: string | undefined; 'destination.geo.continent_name'?: string | undefined; 'destination.geo.country_iso_code'?: string | undefined; 'destination.geo.country_name'?: string | undefined; 'destination.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'destination.geo.name'?: string | undefined; 'destination.geo.postal_code'?: string | undefined; 'destination.geo.region_iso_code'?: string | undefined; 'destination.geo.region_name'?: string | undefined; 'destination.geo.timezone'?: string | undefined; 'destination.ip'?: string | undefined; 'destination.mac'?: string | undefined; 'destination.nat.ip'?: string | undefined; 'destination.nat.port'?: string | number | undefined; 'destination.packets'?: string | number | undefined; 'destination.port'?: string | number | undefined; 'destination.registered_domain'?: string | undefined; 'destination.subdomain'?: string | undefined; 'destination.top_level_domain'?: string | undefined; 'destination.user.domain'?: string | undefined; 'destination.user.email'?: string | undefined; 'destination.user.full_name'?: string | undefined; 'destination.user.group.domain'?: string | undefined; 'destination.user.group.id'?: string | undefined; 'destination.user.group.name'?: string | undefined; 'destination.user.hash'?: string | undefined; 'destination.user.id'?: string | undefined; 'destination.user.name'?: string | undefined; 'destination.user.roles'?: string[] | undefined; 'device.id'?: string | undefined; 'device.manufacturer'?: string | undefined; 'device.model.identifier'?: string | undefined; 'device.model.name'?: string | undefined; 'dll.code_signature.digest_algorithm'?: string | undefined; 'dll.code_signature.exists'?: boolean | undefined; 'dll.code_signature.signing_id'?: string | undefined; 'dll.code_signature.status'?: string | undefined; 'dll.code_signature.subject_name'?: string | undefined; 'dll.code_signature.team_id'?: string | undefined; 'dll.code_signature.timestamp'?: string | number | undefined; 'dll.code_signature.trusted'?: boolean | undefined; 'dll.code_signature.valid'?: boolean | undefined; 'dll.hash.md5'?: string | undefined; 'dll.hash.sha1'?: string | undefined; 'dll.hash.sha256'?: string | undefined; 'dll.hash.sha384'?: string | undefined; 'dll.hash.sha512'?: string | undefined; 'dll.hash.ssdeep'?: string | undefined; 'dll.hash.tlsh'?: string | undefined; 'dll.name'?: string | undefined; 'dll.path'?: string | undefined; 'dll.pe.architecture'?: string | undefined; 'dll.pe.company'?: string | undefined; 'dll.pe.description'?: string | undefined; 'dll.pe.file_version'?: string | undefined; 'dll.pe.imphash'?: string | undefined; 'dll.pe.original_file_name'?: string | undefined; 'dll.pe.pehash'?: string | undefined; 'dll.pe.product'?: string | undefined; 'dns.answers'?: { class?: string | undefined; data?: string | undefined; name?: string | undefined; ttl?: string | number | undefined; type?: string | undefined; }[] | undefined; 'dns.header_flags'?: string[] | undefined; 'dns.id'?: string | undefined; 'dns.op_code'?: string | undefined; 'dns.question.class'?: string | undefined; 'dns.question.name'?: string | undefined; 'dns.question.registered_domain'?: string | undefined; 'dns.question.subdomain'?: string | undefined; 'dns.question.top_level_domain'?: string | undefined; 'dns.question.type'?: string | undefined; 'dns.resolved_ip'?: string[] | undefined; 'dns.response_code'?: string | undefined; 'dns.type'?: string | undefined; 'email.attachments'?: { 'file.extension'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.name'?: string | undefined; 'file.size'?: string | number | undefined; }[] | undefined; 'email.bcc.address'?: string[] | undefined; 'email.cc.address'?: string[] | undefined; 'email.content_type'?: string | undefined; 'email.delivery_timestamp'?: string | number | undefined; 'email.direction'?: string | undefined; 'email.from.address'?: string[] | undefined; 'email.local_id'?: string | undefined; 'email.message_id'?: string | undefined; 'email.origination_timestamp'?: string | number | undefined; 'email.reply_to.address'?: string[] | undefined; 'email.sender.address'?: string | undefined; 'email.subject'?: string | undefined; 'email.to.address'?: string[] | undefined; 'email.x_mailer'?: string | undefined; 'error.code'?: string | undefined; 'error.id'?: string | undefined; 'error.message'?: string | undefined; 'error.stack_trace'?: string | undefined; 'error.type'?: string | undefined; 'event.action'?: string | undefined; 'event.agent_id_status'?: string | undefined; 'event.category'?: string[] | undefined; 'event.code'?: string | undefined; 'event.created'?: string | number | undefined; 'event.dataset'?: string | undefined; 'event.duration'?: string | number | undefined; 'event.end'?: string | number | undefined; 'event.hash'?: string | undefined; 'event.id'?: string | undefined; 'event.ingested'?: string | number | undefined; 'event.kind'?: string | undefined; 'event.module'?: string | undefined; 'event.original'?: string | undefined; 'event.outcome'?: string | undefined; 'event.provider'?: string | undefined; 'event.reason'?: string | undefined; 'event.reference'?: string | undefined; 'event.risk_score'?: number | undefined; 'event.risk_score_norm'?: number | undefined; 'event.sequence'?: string | number | undefined; 'event.severity'?: string | number | undefined; 'event.start'?: string | number | undefined; 'event.timezone'?: string | undefined; 'event.type'?: string[] | undefined; 'event.url'?: string | undefined; 'faas.coldstart'?: boolean | undefined; 'faas.execution'?: string | undefined; 'faas.id'?: string | undefined; 'faas.name'?: string | undefined; 'faas.version'?: string | undefined; 'file.accessed'?: string | number | undefined; 'file.attributes'?: string[] | undefined; 'file.code_signature.digest_algorithm'?: string | undefined; 'file.code_signature.exists'?: boolean | undefined; 'file.code_signature.signing_id'?: string | undefined; 'file.code_signature.status'?: string | undefined; 'file.code_signature.subject_name'?: string | undefined; 'file.code_signature.team_id'?: string | undefined; 'file.code_signature.timestamp'?: string | number | undefined; 'file.code_signature.trusted'?: boolean | undefined; 'file.code_signature.valid'?: boolean | undefined; 'file.created'?: string | number | undefined; 'file.ctime'?: string | number | undefined; 'file.device'?: string | undefined; 'file.directory'?: string | undefined; 'file.drive_letter'?: string | undefined; 'file.elf.architecture'?: string | undefined; 'file.elf.byte_order'?: string | undefined; 'file.elf.cpu_type'?: string | undefined; 'file.elf.creation_date'?: string | number | undefined; 'file.elf.exports'?: unknown[] | undefined; 'file.elf.header.abi_version'?: string | undefined; 'file.elf.header.class'?: string | undefined; 'file.elf.header.data'?: string | undefined; 'file.elf.header.entrypoint'?: string | number | undefined; 'file.elf.header.object_version'?: string | undefined; 'file.elf.header.os_abi'?: string | undefined; 'file.elf.header.type'?: string | undefined; 'file.elf.header.version'?: string | undefined; 'file.elf.imports'?: unknown[] | undefined; 'file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'file.elf.shared_libraries'?: string[] | undefined; 'file.elf.telfhash'?: string | undefined; 'file.extension'?: string | undefined; 'file.fork_name'?: string | undefined; 'file.gid'?: string | undefined; 'file.group'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.inode'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.mode'?: string | undefined; 'file.mtime'?: string | number | undefined; 'file.name'?: string | undefined; 'file.owner'?: string | undefined; 'file.path'?: string | undefined; 'file.pe.architecture'?: string | undefined; 'file.pe.company'?: string | undefined; 'file.pe.description'?: string | undefined; 'file.pe.file_version'?: string | undefined; 'file.pe.imphash'?: string | undefined; 'file.pe.original_file_name'?: string | undefined; 'file.pe.pehash'?: string | undefined; 'file.pe.product'?: string | undefined; 'file.size'?: string | number | undefined; 'file.target_path'?: string | undefined; 'file.type'?: string | undefined; 'file.uid'?: string | undefined; 'file.x509.alternative_names'?: string[] | undefined; 'file.x509.issuer.common_name'?: string[] | undefined; 'file.x509.issuer.country'?: string[] | undefined; 'file.x509.issuer.distinguished_name'?: string | undefined; 'file.x509.issuer.locality'?: string[] | undefined; 'file.x509.issuer.organization'?: string[] | undefined; 'file.x509.issuer.organizational_unit'?: string[] | undefined; 'file.x509.issuer.state_or_province'?: string[] | undefined; 'file.x509.not_after'?: string | number | undefined; 'file.x509.not_before'?: string | number | undefined; 'file.x509.public_key_algorithm'?: string | undefined; 'file.x509.public_key_curve'?: string | undefined; 'file.x509.public_key_exponent'?: string | number | undefined; 'file.x509.public_key_size'?: string | number | undefined; 'file.x509.serial_number'?: string | undefined; 'file.x509.signature_algorithm'?: string | undefined; 'file.x509.subject.common_name'?: string[] | undefined; 'file.x509.subject.country'?: string[] | undefined; 'file.x509.subject.distinguished_name'?: string | undefined; 'file.x509.subject.locality'?: string[] | undefined; 'file.x509.subject.organization'?: string[] | undefined; 'file.x509.subject.organizational_unit'?: string[] | undefined; 'file.x509.subject.state_or_province'?: string[] | undefined; 'file.x509.version_number'?: string | undefined; 'group.domain'?: string | undefined; 'group.id'?: string | undefined; 'group.name'?: string | undefined; 'host.architecture'?: string | undefined; 'host.boot.id'?: string | undefined; 'host.cpu.usage'?: string | number | undefined; 'host.disk.read.bytes'?: string | number | undefined; 'host.disk.write.bytes'?: string | number | undefined; 'host.domain'?: string | undefined; 'host.geo.city_name'?: string | undefined; 'host.geo.continent_code'?: string | undefined; 'host.geo.continent_name'?: string | undefined; 'host.geo.country_iso_code'?: string | undefined; 'host.geo.country_name'?: string | undefined; 'host.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'host.geo.name'?: string | undefined; 'host.geo.postal_code'?: string | undefined; 'host.geo.region_iso_code'?: string | undefined; 'host.geo.region_name'?: string | undefined; 'host.geo.timezone'?: string | undefined; 'host.hostname'?: string | undefined; 'host.id'?: string | undefined; 'host.ip'?: string[] | undefined; 'host.mac'?: string[] | undefined; 'host.name'?: string | undefined; 'host.network.egress.bytes'?: string | number | undefined; 'host.network.egress.packets'?: string | number | undefined; 'host.network.ingress.bytes'?: string | number | undefined; 'host.network.ingress.packets'?: string | number | undefined; 'host.os.family'?: string | undefined; 'host.os.full'?: string | undefined; 'host.os.kernel'?: string | undefined; 'host.os.name'?: string | undefined; 'host.os.platform'?: string | undefined; 'host.os.type'?: string | undefined; 'host.os.version'?: string | undefined; 'host.pid_ns_ino'?: string | undefined; 'host.risk.calculated_level'?: string | undefined; 'host.risk.calculated_score'?: number | undefined; 'host.risk.calculated_score_norm'?: number | undefined; 'host.risk.static_level'?: string | undefined; 'host.risk.static_score'?: number | undefined; 'host.risk.static_score_norm'?: number | undefined; 'host.type'?: string | undefined; 'host.uptime'?: string | number | undefined; 'http.request.body.bytes'?: string | number | undefined; 'http.request.body.content'?: string | undefined; 'http.request.bytes'?: string | number | undefined; 'http.request.id'?: string | undefined; 'http.request.method'?: string | undefined; 'http.request.mime_type'?: string | undefined; 'http.request.referrer'?: string | undefined; 'http.response.body.bytes'?: string | number | undefined; 'http.response.body.content'?: string | undefined; 'http.response.bytes'?: string | number | undefined; 'http.response.mime_type'?: string | undefined; 'http.response.status_code'?: string | number | undefined; 'http.version'?: string | undefined; 'log.file.path'?: string | undefined; 'log.level'?: string | undefined; 'log.logger'?: string | undefined; 'log.origin.file.line'?: string | number | undefined; 'log.origin.file.name'?: string | undefined; 'log.origin.function'?: string | undefined; message?: string | undefined; 'network.application'?: string | undefined; 'network.bytes'?: string | number | undefined; 'network.community_id'?: string | undefined; 'network.direction'?: string | undefined; 'network.forwarded_ip'?: string | undefined; 'network.iana_number'?: string | undefined; 'network.name'?: string | undefined; 'network.packets'?: string | number | undefined; 'network.protocol'?: string | undefined; 'network.transport'?: string | undefined; 'network.type'?: string | undefined; 'network.vlan.id'?: string | undefined; 'network.vlan.name'?: string | undefined; 'observer.geo.city_name'?: string | undefined; 'observer.geo.continent_code'?: string | undefined; 'observer.geo.continent_name'?: string | undefined; 'observer.geo.country_iso_code'?: string | undefined; 'observer.geo.country_name'?: string | undefined; 'observer.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'observer.geo.name'?: string | undefined; 'observer.geo.postal_code'?: string | undefined; 'observer.geo.region_iso_code'?: string | undefined; 'observer.geo.region_name'?: string | undefined; 'observer.geo.timezone'?: string | undefined; 'observer.hostname'?: string | undefined; 'observer.ip'?: string[] | undefined; 'observer.mac'?: string[] | undefined; 'observer.name'?: string | undefined; 'observer.os.family'?: string | undefined; 'observer.os.full'?: string | undefined; 'observer.os.kernel'?: string | undefined; 'observer.os.name'?: string | undefined; 'observer.os.platform'?: string | undefined; 'observer.os.type'?: string | undefined; 'observer.os.version'?: string | undefined; 'observer.product'?: string | undefined; 'observer.serial_number'?: string | undefined; 'observer.type'?: string | undefined; 'observer.vendor'?: string | undefined; 'observer.version'?: string | undefined; 'orchestrator.api_version'?: string | undefined; 'orchestrator.cluster.id'?: string | undefined; 'orchestrator.cluster.name'?: string | undefined; 'orchestrator.cluster.url'?: string | undefined; 'orchestrator.cluster.version'?: string | undefined; 'orchestrator.namespace'?: string | undefined; 'orchestrator.organization'?: string | undefined; 'orchestrator.resource.id'?: string | undefined; 'orchestrator.resource.ip'?: string[] | undefined; 'orchestrator.resource.name'?: string | undefined; 'orchestrator.resource.parent.type'?: string | undefined; 'orchestrator.resource.type'?: string | undefined; 'orchestrator.type'?: string | undefined; 'organization.id'?: string | undefined; 'organization.name'?: string | undefined; 'package.architecture'?: string | undefined; 'package.build_version'?: string | undefined; 'package.checksum'?: string | undefined; 'package.description'?: string | undefined; 'package.install_scope'?: string | undefined; 'package.installed'?: string | number | undefined; 'package.license'?: string | undefined; 'package.name'?: string | undefined; 'package.path'?: string | undefined; 'package.reference'?: string | undefined; 'package.size'?: string | number | undefined; 'package.type'?: string | undefined; 'package.version'?: string | undefined; 'process.args'?: string[] | undefined; 'process.args_count'?: string | number | undefined; 'process.code_signature.digest_algorithm'?: string | undefined; 'process.code_signature.exists'?: boolean | undefined; 'process.code_signature.signing_id'?: string | undefined; 'process.code_signature.status'?: string | undefined; 'process.code_signature.subject_name'?: string | undefined; 'process.code_signature.team_id'?: string | undefined; 'process.code_signature.timestamp'?: string | number | undefined; 'process.code_signature.trusted'?: boolean | undefined; 'process.code_signature.valid'?: boolean | undefined; 'process.command_line'?: string | undefined; 'process.elf.architecture'?: string | undefined; 'process.elf.byte_order'?: string | undefined; 'process.elf.cpu_type'?: string | undefined; 'process.elf.creation_date'?: string | number | undefined; 'process.elf.exports'?: unknown[] | undefined; 'process.elf.header.abi_version'?: string | undefined; 'process.elf.header.class'?: string | undefined; 'process.elf.header.data'?: string | undefined; 'process.elf.header.entrypoint'?: string | number | undefined; 'process.elf.header.object_version'?: string | undefined; 'process.elf.header.os_abi'?: string | undefined; 'process.elf.header.type'?: string | undefined; 'process.elf.header.version'?: string | undefined; 'process.elf.imports'?: unknown[] | undefined; 'process.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.elf.shared_libraries'?: string[] | undefined; 'process.elf.telfhash'?: string | undefined; 'process.end'?: string | number | undefined; 'process.entity_id'?: string | undefined; 'process.entry_leader.args'?: string[] | undefined; 'process.entry_leader.args_count'?: string | number | undefined; 'process.entry_leader.attested_groups.name'?: string | undefined; 'process.entry_leader.attested_user.id'?: string | undefined; 'process.entry_leader.attested_user.name'?: string | undefined; 'process.entry_leader.command_line'?: string | undefined; 'process.entry_leader.entity_id'?: string | undefined; 'process.entry_leader.entry_meta.source.ip'?: string | undefined; 'process.entry_leader.entry_meta.type'?: string | undefined; 'process.entry_leader.executable'?: string | undefined; 'process.entry_leader.group.id'?: string | undefined; 'process.entry_leader.group.name'?: string | undefined; 'process.entry_leader.interactive'?: boolean | undefined; 'process.entry_leader.name'?: string | undefined; 'process.entry_leader.parent.entity_id'?: string | undefined; 'process.entry_leader.parent.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.entity_id'?: string | undefined; 'process.entry_leader.parent.session_leader.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.start'?: string | number | undefined; 'process.entry_leader.parent.start'?: string | number | undefined; 'process.entry_leader.pid'?: string | number | undefined; 'process.entry_leader.real_group.id'?: string | undefined; 'process.entry_leader.real_group.name'?: string | undefined; 'process.entry_leader.real_user.id'?: string | undefined; 'process.entry_leader.real_user.name'?: string | undefined; 'process.entry_leader.same_as_process'?: boolean | undefined; 'process.entry_leader.saved_group.id'?: string | undefined; 'process.entry_leader.saved_group.name'?: string | undefined; 'process.entry_leader.saved_user.id'?: string | undefined; 'process.entry_leader.saved_user.name'?: string | undefined; 'process.entry_leader.start'?: string | number | undefined; 'process.entry_leader.supplemental_groups.id'?: string | undefined; 'process.entry_leader.supplemental_groups.name'?: string | undefined; 'process.entry_leader.user.id'?: string | undefined; 'process.entry_leader.user.name'?: string | undefined; 'process.entry_leader.working_directory'?: string | undefined; 'process.env_vars'?: string[] | undefined; 'process.executable'?: string | undefined; 'process.exit_code'?: string | number | undefined; 'process.group_leader.args'?: string[] | undefined; 'process.group_leader.args_count'?: string | number | undefined; 'process.group_leader.command_line'?: string | undefined; 'process.group_leader.entity_id'?: string | undefined; 'process.group_leader.executable'?: string | undefined; 'process.group_leader.group.id'?: string | undefined; 'process.group_leader.group.name'?: string | undefined; 'process.group_leader.interactive'?: boolean | undefined; 'process.group_leader.name'?: string | undefined; 'process.group_leader.pid'?: string | number | undefined; 'process.group_leader.real_group.id'?: string | undefined; 'process.group_leader.real_group.name'?: string | undefined; 'process.group_leader.real_user.id'?: string | undefined; 'process.group_leader.real_user.name'?: string | undefined; 'process.group_leader.same_as_process'?: boolean | undefined; 'process.group_leader.saved_group.id'?: string | undefined; 'process.group_leader.saved_group.name'?: string | undefined; 'process.group_leader.saved_user.id'?: string | undefined; 'process.group_leader.saved_user.name'?: string | undefined; 'process.group_leader.start'?: string | number | undefined; 'process.group_leader.supplemental_groups.id'?: string | undefined; 'process.group_leader.supplemental_groups.name'?: string | undefined; 'process.group_leader.user.id'?: string | undefined; 'process.group_leader.user.name'?: string | undefined; 'process.group_leader.working_directory'?: string | undefined; 'process.hash.md5'?: string | undefined; 'process.hash.sha1'?: string | undefined; 'process.hash.sha256'?: string | undefined; 'process.hash.sha384'?: string | undefined; 'process.hash.sha512'?: string | undefined; 'process.hash.ssdeep'?: string | undefined; 'process.hash.tlsh'?: string | undefined; 'process.interactive'?: boolean | undefined; 'process.name'?: string | undefined; 'process.parent.args'?: string[] | undefined; 'process.parent.args_count'?: string | number | undefined; 'process.parent.code_signature.digest_algorithm'?: string | undefined; 'process.parent.code_signature.exists'?: boolean | undefined; 'process.parent.code_signature.signing_id'?: string | undefined; 'process.parent.code_signature.status'?: string | undefined; 'process.parent.code_signature.subject_name'?: string | undefined; 'process.parent.code_signature.team_id'?: string | undefined; 'process.parent.code_signature.timestamp'?: string | number | undefined; 'process.parent.code_signature.trusted'?: boolean | undefined; 'process.parent.code_signature.valid'?: boolean | undefined; 'process.parent.command_line'?: string | undefined; 'process.parent.elf.architecture'?: string | undefined; 'process.parent.elf.byte_order'?: string | undefined; 'process.parent.elf.cpu_type'?: string | undefined; 'process.parent.elf.creation_date'?: string | number | undefined; 'process.parent.elf.exports'?: unknown[] | undefined; 'process.parent.elf.header.abi_version'?: string | undefined; 'process.parent.elf.header.class'?: string | undefined; 'process.parent.elf.header.data'?: string | undefined; 'process.parent.elf.header.entrypoint'?: string | number | undefined; 'process.parent.elf.header.object_version'?: string | undefined; 'process.parent.elf.header.os_abi'?: string | undefined; 'process.parent.elf.header.type'?: string | undefined; 'process.parent.elf.header.version'?: string | undefined; 'process.parent.elf.imports'?: unknown[] | undefined; 'process.parent.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.parent.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.parent.elf.shared_libraries'?: string[] | undefined; 'process.parent.elf.telfhash'?: string | undefined; 'process.parent.end'?: string | number | undefined; 'process.parent.entity_id'?: string | undefined; 'process.parent.executable'?: string | undefined; 'process.parent.exit_code'?: string | number | undefined; 'process.parent.group.id'?: string | undefined; 'process.parent.group.name'?: string | undefined; 'process.parent.group_leader.entity_id'?: string | undefined; 'process.parent.group_leader.pid'?: string | number | undefined; 'process.parent.group_leader.start'?: string | number | undefined; 'process.parent.hash.md5'?: string | undefined; 'process.parent.hash.sha1'?: string | undefined; 'process.parent.hash.sha256'?: string | undefined; 'process.parent.hash.sha384'?: string | undefined; 'process.parent.hash.sha512'?: string | undefined; 'process.parent.hash.ssdeep'?: string | undefined; 'process.parent.hash.tlsh'?: string | undefined; 'process.parent.interactive'?: boolean | undefined; 'process.parent.name'?: string | undefined; 'process.parent.pe.architecture'?: string | undefined; 'process.parent.pe.company'?: string | undefined; 'process.parent.pe.description'?: string | undefined; 'process.parent.pe.file_version'?: string | undefined; 'process.parent.pe.imphash'?: string | undefined; 'process.parent.pe.original_file_name'?: string | undefined; 'process.parent.pe.pehash'?: string | undefined; 'process.parent.pe.product'?: string | undefined; 'process.parent.pgid'?: string | number | undefined; 'process.parent.pid'?: string | number | undefined; 'process.parent.real_group.id'?: string | undefined; 'process.parent.real_group.name'?: string | undefined; 'process.parent.real_user.id'?: string | undefined; 'process.parent.real_user.name'?: string | undefined; 'process.parent.saved_group.id'?: string | undefined; 'process.parent.saved_group.name'?: string | undefined; 'process.parent.saved_user.id'?: string | undefined; 'process.parent.saved_user.name'?: string | undefined; 'process.parent.start'?: string | number | undefined; 'process.parent.supplemental_groups.id'?: string | undefined; 'process.parent.supplemental_groups.name'?: string | undefined; 'process.parent.thread.id'?: string | number | undefined; 'process.parent.thread.name'?: string | undefined; 'process.parent.title'?: string | undefined; 'process.parent.uptime'?: string | number | undefined; 'process.parent.user.id'?: string | undefined; 'process.parent.user.name'?: string | undefined; 'process.parent.working_directory'?: string | undefined; 'process.pe.architecture'?: string | undefined; 'process.pe.company'?: string | undefined; 'process.pe.description'?: string | undefined; 'process.pe.file_version'?: string | undefined; 'process.pe.imphash'?: string | undefined; 'process.pe.original_file_name'?: string | undefined; 'process.pe.pehash'?: string | undefined; 'process.pe.product'?: string | undefined; 'process.pgid'?: string | number | undefined; 'process.pid'?: string | number | undefined; 'process.previous.args'?: string[] | undefined; 'process.previous.args_count'?: string | number | undefined; 'process.previous.executable'?: string | undefined; 'process.real_group.id'?: string | undefined; 'process.real_group.name'?: string | undefined; 'process.real_user.id'?: string | undefined; 'process.real_user.name'?: string | undefined; 'process.saved_group.id'?: string | undefined; 'process.saved_group.name'?: string | undefined; 'process.saved_user.id'?: string | undefined; 'process.saved_user.name'?: string | undefined; 'process.session_leader.args'?: string[] | undefined; 'process.session_leader.args_count'?: string | number | undefined; 'process.session_leader.command_line'?: string | undefined; 'process.session_leader.entity_id'?: string | undefined; 'process.session_leader.executable'?: string | undefined; 'process.session_leader.group.id'?: string | undefined; 'process.session_leader.group.name'?: string | undefined; 'process.session_leader.interactive'?: boolean | undefined; 'process.session_leader.name'?: string | undefined; 'process.session_leader.parent.entity_id'?: string | undefined; 'process.session_leader.parent.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.entity_id'?: string | undefined; 'process.session_leader.parent.session_leader.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.start'?: string | number | undefined; 'process.session_leader.parent.start'?: string | number | undefined; 'process.session_leader.pid'?: string | number | undefined; 'process.session_leader.real_group.id'?: string | undefined; 'process.session_leader.real_group.name'?: string | undefined; 'process.session_leader.real_user.id'?: string | undefined; 'process.session_leader.real_user.name'?: string | undefined; 'process.session_leader.same_as_process'?: boolean | undefined; 'process.session_leader.saved_group.id'?: string | undefined; 'process.session_leader.saved_group.name'?: string | undefined; 'process.session_leader.saved_user.id'?: string | undefined; 'process.session_leader.saved_user.name'?: string | undefined; 'process.session_leader.start'?: string | number | undefined; 'process.session_leader.supplemental_groups.id'?: string | undefined; 'process.session_leader.supplemental_groups.name'?: string | undefined; 'process.session_leader.user.id'?: string | undefined; 'process.session_leader.user.name'?: string | undefined; 'process.session_leader.working_directory'?: string | undefined; 'process.start'?: string | number | undefined; 'process.supplemental_groups.id'?: string | undefined; 'process.supplemental_groups.name'?: string | undefined; 'process.thread.id'?: string | number | undefined; 'process.thread.name'?: string | undefined; 'process.title'?: string | undefined; 'process.uptime'?: string | number | undefined; 'process.user.id'?: string | undefined; 'process.user.name'?: string | undefined; 'process.working_directory'?: string | undefined; 'registry.data.bytes'?: string | undefined; 'registry.data.strings'?: string[] | undefined; 'registry.data.type'?: string | undefined; 'registry.hive'?: string | undefined; 'registry.key'?: string | undefined; 'registry.path'?: string | undefined; 'registry.value'?: string | undefined; 'related.hash'?: string[] | undefined; 'related.hosts'?: string[] | undefined; 'related.ip'?: string[] | undefined; 'related.user'?: string[] | undefined; 'rule.author'?: string[] | undefined; 'rule.category'?: string | undefined; 'rule.description'?: string | undefined; 'rule.id'?: string | undefined; 'rule.license'?: string | undefined; 'rule.name'?: string | undefined; 'rule.reference'?: string | undefined; 'rule.ruleset'?: string | undefined; 'rule.uuid'?: string | undefined; 'rule.version'?: string | undefined; 'server.address'?: string | undefined; 'server.as.number'?: string | number | undefined; 'server.as.organization.name'?: string | undefined; 'server.bytes'?: string | number | undefined; 'server.domain'?: string | undefined; 'server.geo.city_name'?: string | undefined; 'server.geo.continent_code'?: string | undefined; 'server.geo.continent_name'?: string | undefined; 'server.geo.country_iso_code'?: string | undefined; 'server.geo.country_name'?: string | undefined; 'server.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'server.geo.name'?: string | undefined; 'server.geo.postal_code'?: string | undefined; 'server.geo.region_iso_code'?: string | undefined; 'server.geo.region_name'?: string | undefined; 'server.geo.timezone'?: string | undefined; 'server.ip'?: string | undefined; 'server.mac'?: string | undefined; 'server.nat.ip'?: string | undefined; 'server.nat.port'?: string | number | undefined; 'server.packets'?: string | number | undefined; 'server.port'?: string | number | undefined; 'server.registered_domain'?: string | undefined; 'server.subdomain'?: string | undefined; 'server.top_level_domain'?: string | undefined; 'server.user.domain'?: string | undefined; 'server.user.email'?: string | undefined; 'server.user.full_name'?: string | undefined; 'server.user.group.domain'?: string | undefined; 'server.user.group.id'?: string | undefined; 'server.user.group.name'?: string | undefined; 'server.user.hash'?: string | undefined; 'server.user.id'?: string | undefined; 'server.user.name'?: string | undefined; 'server.user.roles'?: string[] | undefined; 'service.address'?: string | undefined; 'service.environment'?: string | undefined; 'service.ephemeral_id'?: string | undefined; 'service.id'?: string | undefined; 'service.name'?: string | undefined; 'service.node.name'?: string | undefined; 'service.node.role'?: string | undefined; 'service.node.roles'?: string[] | undefined; 'service.origin.address'?: string | undefined; 'service.origin.environment'?: string | undefined; 'service.origin.ephemeral_id'?: string | undefined; 'service.origin.id'?: string | undefined; 'service.origin.name'?: string | undefined; 'service.origin.node.name'?: string | undefined; 'service.origin.node.role'?: string | undefined; 'service.origin.node.roles'?: string[] | undefined; 'service.origin.state'?: string | undefined; 'service.origin.type'?: string | undefined; 'service.origin.version'?: string | undefined; 'service.state'?: string | undefined; 'service.target.address'?: string | undefined; 'service.target.environment'?: string | undefined; 'service.target.ephemeral_id'?: string | undefined; 'service.target.id'?: string | undefined; 'service.target.name'?: string | undefined; 'service.target.node.name'?: string | undefined; 'service.target.node.role'?: string | undefined; 'service.target.node.roles'?: string[] | undefined; 'service.target.state'?: string | undefined; 'service.target.type'?: string | undefined; 'service.target.version'?: string | undefined; 'service.type'?: string | undefined; 'service.version'?: string | undefined; 'source.address'?: string | undefined; 'source.as.number'?: string | number | undefined; 'source.as.organization.name'?: string | undefined; 'source.bytes'?: string | number | undefined; 'source.domain'?: string | undefined; 'source.geo.city_name'?: string | undefined; 'source.geo.continent_code'?: string | undefined; 'source.geo.continent_name'?: string | undefined; 'source.geo.country_iso_code'?: string | undefined; 'source.geo.country_name'?: string | undefined; 'source.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'source.geo.name'?: string | undefined; 'source.geo.postal_code'?: string | undefined; 'source.geo.region_iso_code'?: string | undefined; 'source.geo.region_name'?: string | undefined; 'source.geo.timezone'?: string | undefined; 'source.ip'?: string | undefined; 'source.mac'?: string | undefined; 'source.nat.ip'?: string | undefined; 'source.nat.port'?: string | number | undefined; 'source.packets'?: string | number | undefined; 'source.port'?: string | number | undefined; 'source.registered_domain'?: string | undefined; 'source.subdomain'?: string | undefined; 'source.top_level_domain'?: string | undefined; 'source.user.domain'?: string | undefined; 'source.user.email'?: string | undefined; 'source.user.full_name'?: string | undefined; 'source.user.group.domain'?: string | undefined; 'source.user.group.id'?: string | undefined; 'source.user.group.name'?: string | undefined; 'source.user.hash'?: string | undefined; 'source.user.id'?: string | undefined; 'source.user.name'?: string | undefined; 'source.user.roles'?: string[] | undefined; 'span.id'?: string | undefined; tags?: string[] | undefined; 'threat.enrichments'?: { 'matched.atomic'?: string | undefined; 'matched.field'?: string | undefined; 'matched.id'?: string | undefined; 'matched.index'?: string | undefined; 'matched.occurred'?: string | number | undefined; 'matched.type'?: string | undefined; }[] | undefined; 'threat.feed.dashboard_id'?: string | undefined; 'threat.feed.description'?: string | undefined; 'threat.feed.name'?: string | undefined; 'threat.feed.reference'?: string | undefined; 'threat.framework'?: string | undefined; 'threat.group.alias'?: string[] | undefined; 'threat.group.id'?: string | undefined; 'threat.group.name'?: string | undefined; 'threat.group.reference'?: string | undefined; 'threat.indicator.as.number'?: string | number | undefined; 'threat.indicator.as.organization.name'?: string | undefined; 'threat.indicator.confidence'?: string | undefined; 'threat.indicator.description'?: string | undefined; 'threat.indicator.email.address'?: string | undefined; 'threat.indicator.file.accessed'?: string | number | undefined; 'threat.indicator.file.attributes'?: string[] | undefined; 'threat.indicator.file.code_signature.digest_algorithm'?: string | undefined; 'threat.indicator.file.code_signature.exists'?: boolean | undefined; 'threat.indicator.file.code_signature.signing_id'?: string | undefined; 'threat.indicator.file.code_signature.status'?: string | undefined; 'threat.indicator.file.code_signature.subject_name'?: string | undefined; 'threat.indicator.file.code_signature.team_id'?: string | undefined; 'threat.indicator.file.code_signature.timestamp'?: string | number | undefined; 'threat.indicator.file.code_signature.trusted'?: boolean | undefined; 'threat.indicator.file.code_signature.valid'?: boolean | undefined; 'threat.indicator.file.created'?: string | number | undefined; 'threat.indicator.file.ctime'?: string | number | undefined; 'threat.indicator.file.device'?: string | undefined; 'threat.indicator.file.directory'?: string | undefined; 'threat.indicator.file.drive_letter'?: string | undefined; 'threat.indicator.file.elf.architecture'?: string | undefined; 'threat.indicator.file.elf.byte_order'?: string | undefined; 'threat.indicator.file.elf.cpu_type'?: string | undefined; 'threat.indicator.file.elf.creation_date'?: string | number | undefined; 'threat.indicator.file.elf.exports'?: unknown[] | undefined; 'threat.indicator.file.elf.header.abi_version'?: string | undefined; 'threat.indicator.file.elf.header.class'?: string | undefined; 'threat.indicator.file.elf.header.data'?: string | undefined; 'threat.indicator.file.elf.header.entrypoint'?: string | number | undefined; 'threat.indicator.file.elf.header.object_version'?: string | undefined; 'threat.indicator.file.elf.header.os_abi'?: string | undefined; 'threat.indicator.file.elf.header.type'?: string | undefined; 'threat.indicator.file.elf.header.version'?: string | undefined; 'threat.indicator.file.elf.imports'?: unknown[] | undefined; 'threat.indicator.file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'threat.indicator.file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'threat.indicator.file.elf.shared_libraries'?: string[] | undefined; 'threat.indicator.file.elf.telfhash'?: string | undefined; 'threat.indicator.file.extension'?: string | undefined; 'threat.indicator.file.fork_name'?: string | undefined; 'threat.indicator.file.gid'?: string | undefined; 'threat.indicator.file.group'?: string | undefined; 'threat.indicator.file.hash.md5'?: string | undefined; 'threat.indicator.file.hash.sha1'?: string | undefined; 'threat.indicator.file.hash.sha256'?: string | undefined; 'threat.indicator.file.hash.sha384'?: string | undefined; 'threat.indicator.file.hash.sha512'?: string | undefined; 'threat.indicator.file.hash.ssdeep'?: string | undefined; 'threat.indicator.file.hash.tlsh'?: string | undefined; 'threat.indicator.file.inode'?: string | undefined; 'threat.indicator.file.mime_type'?: string | undefined; 'threat.indicator.file.mode'?: string | undefined; 'threat.indicator.file.mtime'?: string | number | undefined; 'threat.indicator.file.name'?: string | undefined; 'threat.indicator.file.owner'?: string | undefined; 'threat.indicator.file.path'?: string | undefined; 'threat.indicator.file.pe.architecture'?: string | undefined; 'threat.indicator.file.pe.company'?: string | undefined; 'threat.indicator.file.pe.description'?: string | undefined; 'threat.indicator.file.pe.file_version'?: string | undefined; 'threat.indicator.file.pe.imphash'?: string | undefined; 'threat.indicator.file.pe.original_file_name'?: string | undefined; 'threat.indicator.file.pe.pehash'?: string | undefined; 'threat.indicator.file.pe.product'?: string | undefined; 'threat.indicator.file.size'?: string | number | undefined; 'threat.indicator.file.target_path'?: string | undefined; 'threat.indicator.file.type'?: string | undefined; 'threat.indicator.file.uid'?: string | undefined; 'threat.indicator.file.x509.alternative_names'?: string[] | undefined; 'threat.indicator.file.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.file.x509.issuer.country'?: string[] | undefined; 'threat.indicator.file.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.not_after'?: string | number | undefined; 'threat.indicator.file.x509.not_before'?: string | number | undefined; 'threat.indicator.file.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.file.x509.public_key_curve'?: string | undefined; 'threat.indicator.file.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.file.x509.public_key_size'?: string | number | undefined; 'threat.indicator.file.x509.serial_number'?: string | undefined; 'threat.indicator.file.x509.signature_algorithm'?: string | undefined; 'threat.indicator.file.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.file.x509.subject.country'?: string[] | undefined; 'threat.indicator.file.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.subject.locality'?: string[] | undefined; 'threat.indicator.file.x509.subject.organization'?: string[] | undefined; 'threat.indicator.file.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.version_number'?: string | undefined; 'threat.indicator.first_seen'?: string | number | undefined; 'threat.indicator.geo.city_name'?: string | undefined; 'threat.indicator.geo.continent_code'?: string | undefined; 'threat.indicator.geo.continent_name'?: string | undefined; 'threat.indicator.geo.country_iso_code'?: string | undefined; 'threat.indicator.geo.country_name'?: string | undefined; 'threat.indicator.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'threat.indicator.geo.name'?: string | undefined; 'threat.indicator.geo.postal_code'?: string | undefined; 'threat.indicator.geo.region_iso_code'?: string | undefined; 'threat.indicator.geo.region_name'?: string | undefined; 'threat.indicator.geo.timezone'?: string | undefined; 'threat.indicator.ip'?: string | undefined; 'threat.indicator.last_seen'?: string | number | undefined; 'threat.indicator.marking.tlp'?: string | undefined; 'threat.indicator.marking.tlp_version'?: string | undefined; 'threat.indicator.modified_at'?: string | number | undefined; 'threat.indicator.port'?: string | number | undefined; 'threat.indicator.provider'?: string | undefined; 'threat.indicator.reference'?: string | undefined; 'threat.indicator.registry.data.bytes'?: string | undefined; 'threat.indicator.registry.data.strings'?: string[] | undefined; 'threat.indicator.registry.data.type'?: string | undefined; 'threat.indicator.registry.hive'?: string | undefined; 'threat.indicator.registry.key'?: string | undefined; 'threat.indicator.registry.path'?: string | undefined; 'threat.indicator.registry.value'?: string | undefined; 'threat.indicator.scanner_stats'?: string | number | undefined; 'threat.indicator.sightings'?: string | number | undefined; 'threat.indicator.type'?: string | undefined; 'threat.indicator.url.domain'?: string | undefined; 'threat.indicator.url.extension'?: string | undefined; 'threat.indicator.url.fragment'?: string | undefined; 'threat.indicator.url.full'?: string | undefined; 'threat.indicator.url.original'?: string | undefined; 'threat.indicator.url.password'?: string | undefined; 'threat.indicator.url.path'?: string | undefined; 'threat.indicator.url.port'?: string | number | undefined; 'threat.indicator.url.query'?: string | undefined; 'threat.indicator.url.registered_domain'?: string | undefined; 'threat.indicator.url.scheme'?: string | undefined; 'threat.indicator.url.subdomain'?: string | undefined; 'threat.indicator.url.top_level_domain'?: string | undefined; 'threat.indicator.url.username'?: string | undefined; 'threat.indicator.x509.alternative_names'?: string[] | undefined; 'threat.indicator.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.x509.issuer.country'?: string[] | undefined; 'threat.indicator.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.x509.not_after'?: string | number | undefined; 'threat.indicator.x509.not_before'?: string | number | undefined; 'threat.indicator.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.x509.public_key_curve'?: string | undefined; 'threat.indicator.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.x509.public_key_size'?: string | number | undefined; 'threat.indicator.x509.serial_number'?: string | undefined; 'threat.indicator.x509.signature_algorithm'?: string | undefined; 'threat.indicator.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.x509.subject.country'?: string[] | undefined; 'threat.indicator.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.x509.subject.locality'?: string[] | undefined; 'threat.indicator.x509.subject.organization'?: string[] | undefined; 'threat.indicator.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.x509.version_number'?: string | undefined; 'threat.software.alias'?: string[] | undefined; 'threat.software.id'?: string | undefined; 'threat.software.name'?: string | undefined; 'threat.software.platforms'?: string[] | undefined; 'threat.software.reference'?: string | undefined; 'threat.software.type'?: string | undefined; 'threat.tactic.id'?: string[] | undefined; 'threat.tactic.name'?: string[] | undefined; 'threat.tactic.reference'?: string[] | undefined; 'threat.technique.id'?: string[] | undefined; 'threat.technique.name'?: string[] | undefined; 'threat.technique.reference'?: string[] | undefined; 'threat.technique.subtechnique.id'?: string[] | undefined; 'threat.technique.subtechnique.name'?: string[] | undefined; 'threat.technique.subtechnique.reference'?: string[] | undefined; 'tls.cipher'?: string | undefined; 'tls.client.certificate'?: string | undefined; 'tls.client.certificate_chain'?: string[] | undefined; 'tls.client.hash.md5'?: string | undefined; 'tls.client.hash.sha1'?: string | undefined; 'tls.client.hash.sha256'?: string | undefined; 'tls.client.issuer'?: string | undefined; 'tls.client.ja3'?: string | undefined; 'tls.client.not_after'?: string | number | undefined; 'tls.client.not_before'?: string | number | undefined; 'tls.client.server_name'?: string | undefined; 'tls.client.subject'?: string | undefined; 'tls.client.supported_ciphers'?: string[] | undefined; 'tls.client.x509.alternative_names'?: string[] | undefined; 'tls.client.x509.issuer.common_name'?: string[] | undefined; 'tls.client.x509.issuer.country'?: string[] | undefined; 'tls.client.x509.issuer.distinguished_name'?: string | undefined; 'tls.client.x509.issuer.locality'?: string[] | undefined; 'tls.client.x509.issuer.organization'?: string[] | undefined; 'tls.client.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.client.x509.issuer.state_or_province'?: string[] | undefined; 'tls.client.x509.not_after'?: string | number | undefined; 'tls.client.x509.not_before'?: string | number | undefined; 'tls.client.x509.public_key_algorithm'?: string | undefined; 'tls.client.x509.public_key_curve'?: string | undefined; 'tls.client.x509.public_key_exponent'?: string | number | undefined; 'tls.client.x509.public_key_size'?: string | number | undefined; 'tls.client.x509.serial_number'?: string | undefined; 'tls.client.x509.signature_algorithm'?: string | undefined; 'tls.client.x509.subject.common_name'?: string[] | undefined; 'tls.client.x509.subject.country'?: string[] | undefined; 'tls.client.x509.subject.distinguished_name'?: string | undefined; 'tls.client.x509.subject.locality'?: string[] | undefined; 'tls.client.x509.subject.organization'?: string[] | undefined; 'tls.client.x509.subject.organizational_unit'?: string[] | undefined; 'tls.client.x509.subject.state_or_province'?: string[] | undefined; 'tls.client.x509.version_number'?: string | undefined; 'tls.curve'?: string | undefined; 'tls.established'?: boolean | undefined; 'tls.next_protocol'?: string | undefined; 'tls.resumed'?: boolean | undefined; 'tls.server.certificate'?: string | undefined; 'tls.server.certificate_chain'?: string[] | undefined; 'tls.server.hash.md5'?: string | undefined; 'tls.server.hash.sha1'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.issuer'?: string | undefined; 'tls.server.ja3s'?: string | undefined; 'tls.server.not_after'?: string | number | undefined; 'tls.server.not_before'?: string | number | undefined; 'tls.server.subject'?: string | undefined; 'tls.server.x509.alternative_names'?: string[] | undefined; 'tls.server.x509.issuer.common_name'?: string[] | undefined; 'tls.server.x509.issuer.country'?: string[] | undefined; 'tls.server.x509.issuer.distinguished_name'?: string | undefined; 'tls.server.x509.issuer.locality'?: string[] | undefined; 'tls.server.x509.issuer.organization'?: string[] | undefined; 'tls.server.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.server.x509.issuer.state_or_province'?: string[] | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.public_key_algorithm'?: string | undefined; 'tls.server.x509.public_key_curve'?: string | undefined; 'tls.server.x509.public_key_exponent'?: string | number | undefined; 'tls.server.x509.public_key_size'?: string | number | undefined; 'tls.server.x509.serial_number'?: string | undefined; 'tls.server.x509.signature_algorithm'?: string | undefined; 'tls.server.x509.subject.common_name'?: string[] | undefined; 'tls.server.x509.subject.country'?: string[] | undefined; 'tls.server.x509.subject.distinguished_name'?: string | undefined; 'tls.server.x509.subject.locality'?: string[] | undefined; 'tls.server.x509.subject.organization'?: string[] | undefined; 'tls.server.x509.subject.organizational_unit'?: string[] | undefined; 'tls.server.x509.subject.state_or_province'?: string[] | undefined; 'tls.server.x509.version_number'?: string | undefined; 'tls.version'?: string | undefined; 'tls.version_protocol'?: string | undefined; 'trace.id'?: string | undefined; 'transaction.id'?: string | undefined; 'url.domain'?: string | undefined; 'url.extension'?: string | undefined; 'url.fragment'?: string | undefined; 'url.full'?: string | undefined; 'url.original'?: string | undefined; 'url.password'?: string | undefined; 'url.path'?: string | undefined; 'url.port'?: string | number | undefined; 'url.query'?: string | undefined; 'url.registered_domain'?: string | undefined; 'url.scheme'?: string | undefined; 'url.subdomain'?: string | undefined; 'url.top_level_domain'?: string | undefined; 'url.username'?: string | undefined; 'user.changes.domain'?: string | undefined; 'user.changes.email'?: string | undefined; 'user.changes.full_name'?: string | undefined; 'user.changes.group.domain'?: string | undefined; 'user.changes.group.id'?: string | undefined; 'user.changes.group.name'?: string | undefined; 'user.changes.hash'?: string | undefined; 'user.changes.id'?: string | undefined; 'user.changes.name'?: string | undefined; 'user.changes.roles'?: string[] | undefined; 'user.domain'?: string | undefined; 'user.effective.domain'?: string | undefined; 'user.effective.email'?: string | undefined; 'user.effective.full_name'?: string | undefined; 'user.effective.group.domain'?: string | undefined; 'user.effective.group.id'?: string | undefined; 'user.effective.group.name'?: string | undefined; 'user.effective.hash'?: string | undefined; 'user.effective.id'?: string | undefined; 'user.effective.name'?: string | undefined; 'user.effective.roles'?: string[] | undefined; 'user.email'?: string | undefined; 'user.full_name'?: string | undefined; 'user.group.domain'?: string | undefined; 'user.group.id'?: string | undefined; 'user.group.name'?: string | undefined; 'user.hash'?: string | undefined; 'user.id'?: string | undefined; 'user.name'?: string | undefined; 'user.risk.calculated_level'?: string | undefined; 'user.risk.calculated_score'?: number | undefined; 'user.risk.calculated_score_norm'?: number | undefined; 'user.risk.static_level'?: string | undefined; 'user.risk.static_score'?: number | undefined; 'user.risk.static_score_norm'?: number | undefined; 'user.roles'?: string[] | undefined; 'user.target.domain'?: string | undefined; 'user.target.email'?: string | undefined; 'user.target.full_name'?: string | undefined; 'user.target.group.domain'?: string | undefined; 'user.target.group.id'?: string | undefined; 'user.target.group.name'?: string | undefined; 'user.target.hash'?: string | undefined; 'user.target.id'?: string | undefined; 'user.target.name'?: string | undefined; 'user.target.roles'?: string[] | undefined; 'user_agent.device.name'?: string | undefined; 'user_agent.name'?: string | undefined; 'user_agent.original'?: string | undefined; 'user_agent.os.family'?: string | undefined; 'user_agent.os.full'?: string | undefined; 'user_agent.os.kernel'?: string | undefined; 'user_agent.os.name'?: string | undefined; 'user_agent.os.platform'?: string | undefined; 'user_agent.os.type'?: string | undefined; 'user_agent.os.version'?: string | undefined; 'user_agent.version'?: string | undefined; 'vulnerability.category'?: string[] | undefined; 'vulnerability.classification'?: string | undefined; 'vulnerability.description'?: string | undefined; 'vulnerability.enumeration'?: string | undefined; 'vulnerability.id'?: string | undefined; 'vulnerability.reference'?: string | undefined; 'vulnerability.report_id'?: string | undefined; 'vulnerability.scanner.vendor'?: string | undefined; 'vulnerability.score.base'?: number | undefined; 'vulnerability.score.environmental'?: number | undefined; 'vulnerability.score.temporal'?: number | undefined; 'vulnerability.score.version'?: string | undefined; 'vulnerability.severity'?: string | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }" + "{} & { 'kibana.alert.context'?: unknown; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'ecs.version': string; } & { 'agent.build.original'?: string | undefined; 'agent.ephemeral_id'?: string | undefined; 'agent.id'?: string | undefined; 'agent.name'?: string | undefined; 'agent.type'?: string | undefined; 'agent.version'?: string | undefined; 'client.address'?: string | undefined; 'client.as.number'?: string | number | undefined; 'client.as.organization.name'?: string | undefined; 'client.bytes'?: string | number | undefined; 'client.domain'?: string | undefined; 'client.geo.city_name'?: string | undefined; 'client.geo.continent_code'?: string | undefined; 'client.geo.continent_name'?: string | undefined; 'client.geo.country_iso_code'?: string | undefined; 'client.geo.country_name'?: string | undefined; 'client.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'client.geo.name'?: string | undefined; 'client.geo.postal_code'?: string | undefined; 'client.geo.region_iso_code'?: string | undefined; 'client.geo.region_name'?: string | undefined; 'client.geo.timezone'?: string | undefined; 'client.ip'?: string | undefined; 'client.mac'?: string | undefined; 'client.nat.ip'?: string | undefined; 'client.nat.port'?: string | number | undefined; 'client.packets'?: string | number | undefined; 'client.port'?: string | number | undefined; 'client.registered_domain'?: string | undefined; 'client.subdomain'?: string | undefined; 'client.top_level_domain'?: string | undefined; 'client.user.domain'?: string | undefined; 'client.user.email'?: string | undefined; 'client.user.full_name'?: string | undefined; 'client.user.group.domain'?: string | undefined; 'client.user.group.id'?: string | undefined; 'client.user.group.name'?: string | undefined; 'client.user.hash'?: string | undefined; 'client.user.id'?: string | undefined; 'client.user.name'?: string | undefined; 'client.user.roles'?: string[] | undefined; 'cloud.account.id'?: string | undefined; 'cloud.account.name'?: string | undefined; 'cloud.availability_zone'?: string | undefined; 'cloud.instance.id'?: string | undefined; 'cloud.instance.name'?: string | undefined; 'cloud.machine.type'?: string | undefined; 'cloud.origin.account.id'?: string | undefined; 'cloud.origin.account.name'?: string | undefined; 'cloud.origin.availability_zone'?: string | undefined; 'cloud.origin.instance.id'?: string | undefined; 'cloud.origin.instance.name'?: string | undefined; 'cloud.origin.machine.type'?: string | undefined; 'cloud.origin.project.id'?: string | undefined; 'cloud.origin.project.name'?: string | undefined; 'cloud.origin.provider'?: string | undefined; 'cloud.origin.region'?: string | undefined; 'cloud.origin.service.name'?: string | undefined; 'cloud.project.id'?: string | undefined; 'cloud.project.name'?: string | undefined; 'cloud.provider'?: string | undefined; 'cloud.region'?: string | undefined; 'cloud.service.name'?: string | undefined; 'cloud.target.account.id'?: string | undefined; 'cloud.target.account.name'?: string | undefined; 'cloud.target.availability_zone'?: string | undefined; 'cloud.target.instance.id'?: string | undefined; 'cloud.target.instance.name'?: string | undefined; 'cloud.target.machine.type'?: string | undefined; 'cloud.target.project.id'?: string | undefined; 'cloud.target.project.name'?: string | undefined; 'cloud.target.provider'?: string | undefined; 'cloud.target.region'?: string | undefined; 'cloud.target.service.name'?: string | undefined; 'container.cpu.usage'?: string | number | undefined; 'container.disk.read.bytes'?: string | number | undefined; 'container.disk.write.bytes'?: string | number | undefined; 'container.id'?: string | undefined; 'container.image.hash.all'?: string[] | undefined; 'container.image.name'?: string | undefined; 'container.image.tag'?: string[] | undefined; 'container.labels'?: unknown; 'container.memory.usage'?: string | number | undefined; 'container.name'?: string | undefined; 'container.network.egress.bytes'?: string | number | undefined; 'container.network.ingress.bytes'?: string | number | undefined; 'container.runtime'?: string | undefined; 'destination.address'?: string | undefined; 'destination.as.number'?: string | number | undefined; 'destination.as.organization.name'?: string | undefined; 'destination.bytes'?: string | number | undefined; 'destination.domain'?: string | undefined; 'destination.geo.city_name'?: string | undefined; 'destination.geo.continent_code'?: string | undefined; 'destination.geo.continent_name'?: string | undefined; 'destination.geo.country_iso_code'?: string | undefined; 'destination.geo.country_name'?: string | undefined; 'destination.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'destination.geo.name'?: string | undefined; 'destination.geo.postal_code'?: string | undefined; 'destination.geo.region_iso_code'?: string | undefined; 'destination.geo.region_name'?: string | undefined; 'destination.geo.timezone'?: string | undefined; 'destination.ip'?: string | undefined; 'destination.mac'?: string | undefined; 'destination.nat.ip'?: string | undefined; 'destination.nat.port'?: string | number | undefined; 'destination.packets'?: string | number | undefined; 'destination.port'?: string | number | undefined; 'destination.registered_domain'?: string | undefined; 'destination.subdomain'?: string | undefined; 'destination.top_level_domain'?: string | undefined; 'destination.user.domain'?: string | undefined; 'destination.user.email'?: string | undefined; 'destination.user.full_name'?: string | undefined; 'destination.user.group.domain'?: string | undefined; 'destination.user.group.id'?: string | undefined; 'destination.user.group.name'?: string | undefined; 'destination.user.hash'?: string | undefined; 'destination.user.id'?: string | undefined; 'destination.user.name'?: string | undefined; 'destination.user.roles'?: string[] | undefined; 'device.id'?: string | undefined; 'device.manufacturer'?: string | undefined; 'device.model.identifier'?: string | undefined; 'device.model.name'?: string | undefined; 'dll.code_signature.digest_algorithm'?: string | undefined; 'dll.code_signature.exists'?: boolean | undefined; 'dll.code_signature.signing_id'?: string | undefined; 'dll.code_signature.status'?: string | undefined; 'dll.code_signature.subject_name'?: string | undefined; 'dll.code_signature.team_id'?: string | undefined; 'dll.code_signature.timestamp'?: string | number | undefined; 'dll.code_signature.trusted'?: boolean | undefined; 'dll.code_signature.valid'?: boolean | undefined; 'dll.hash.md5'?: string | undefined; 'dll.hash.sha1'?: string | undefined; 'dll.hash.sha256'?: string | undefined; 'dll.hash.sha384'?: string | undefined; 'dll.hash.sha512'?: string | undefined; 'dll.hash.ssdeep'?: string | undefined; 'dll.hash.tlsh'?: string | undefined; 'dll.name'?: string | undefined; 'dll.path'?: string | undefined; 'dll.pe.architecture'?: string | undefined; 'dll.pe.company'?: string | undefined; 'dll.pe.description'?: string | undefined; 'dll.pe.file_version'?: string | undefined; 'dll.pe.imphash'?: string | undefined; 'dll.pe.original_file_name'?: string | undefined; 'dll.pe.pehash'?: string | undefined; 'dll.pe.product'?: string | undefined; 'dns.answers'?: { class?: string | undefined; data?: string | undefined; name?: string | undefined; ttl?: string | number | undefined; type?: string | undefined; }[] | undefined; 'dns.header_flags'?: string[] | undefined; 'dns.id'?: string | undefined; 'dns.op_code'?: string | undefined; 'dns.question.class'?: string | undefined; 'dns.question.name'?: string | undefined; 'dns.question.registered_domain'?: string | undefined; 'dns.question.subdomain'?: string | undefined; 'dns.question.top_level_domain'?: string | undefined; 'dns.question.type'?: string | undefined; 'dns.resolved_ip'?: string[] | undefined; 'dns.response_code'?: string | undefined; 'dns.type'?: string | undefined; 'email.attachments'?: { 'file.extension'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.name'?: string | undefined; 'file.size'?: string | number | undefined; }[] | undefined; 'email.bcc.address'?: string[] | undefined; 'email.cc.address'?: string[] | undefined; 'email.content_type'?: string | undefined; 'email.delivery_timestamp'?: string | number | undefined; 'email.direction'?: string | undefined; 'email.from.address'?: string[] | undefined; 'email.local_id'?: string | undefined; 'email.message_id'?: string | undefined; 'email.origination_timestamp'?: string | number | undefined; 'email.reply_to.address'?: string[] | undefined; 'email.sender.address'?: string | undefined; 'email.subject'?: string | undefined; 'email.to.address'?: string[] | undefined; 'email.x_mailer'?: string | undefined; 'error.code'?: string | undefined; 'error.id'?: string | undefined; 'error.message'?: string | undefined; 'error.stack_trace'?: string | undefined; 'error.type'?: string | undefined; 'event.action'?: string | undefined; 'event.agent_id_status'?: string | undefined; 'event.category'?: string[] | undefined; 'event.code'?: string | undefined; 'event.created'?: string | number | undefined; 'event.dataset'?: string | undefined; 'event.duration'?: string | number | undefined; 'event.end'?: string | number | undefined; 'event.hash'?: string | undefined; 'event.id'?: string | undefined; 'event.ingested'?: string | number | undefined; 'event.kind'?: string | undefined; 'event.module'?: string | undefined; 'event.original'?: string | undefined; 'event.outcome'?: string | undefined; 'event.provider'?: string | undefined; 'event.reason'?: string | undefined; 'event.reference'?: string | undefined; 'event.risk_score'?: number | undefined; 'event.risk_score_norm'?: number | undefined; 'event.sequence'?: string | number | undefined; 'event.severity'?: string | number | undefined; 'event.start'?: string | number | undefined; 'event.timezone'?: string | undefined; 'event.type'?: string[] | undefined; 'event.url'?: string | undefined; 'faas.coldstart'?: boolean | undefined; 'faas.execution'?: string | undefined; 'faas.id'?: string | undefined; 'faas.name'?: string | undefined; 'faas.trigger'?: unknown; 'faas.version'?: string | undefined; 'file.accessed'?: string | number | undefined; 'file.attributes'?: string[] | undefined; 'file.code_signature.digest_algorithm'?: string | undefined; 'file.code_signature.exists'?: boolean | undefined; 'file.code_signature.signing_id'?: string | undefined; 'file.code_signature.status'?: string | undefined; 'file.code_signature.subject_name'?: string | undefined; 'file.code_signature.team_id'?: string | undefined; 'file.code_signature.timestamp'?: string | number | undefined; 'file.code_signature.trusted'?: boolean | undefined; 'file.code_signature.valid'?: boolean | undefined; 'file.created'?: string | number | undefined; 'file.ctime'?: string | number | undefined; 'file.device'?: string | undefined; 'file.directory'?: string | undefined; 'file.drive_letter'?: string | undefined; 'file.elf.architecture'?: string | undefined; 'file.elf.byte_order'?: string | undefined; 'file.elf.cpu_type'?: string | undefined; 'file.elf.creation_date'?: string | number | undefined; 'file.elf.exports'?: unknown[] | undefined; 'file.elf.header.abi_version'?: string | undefined; 'file.elf.header.class'?: string | undefined; 'file.elf.header.data'?: string | undefined; 'file.elf.header.entrypoint'?: string | number | undefined; 'file.elf.header.object_version'?: string | undefined; 'file.elf.header.os_abi'?: string | undefined; 'file.elf.header.type'?: string | undefined; 'file.elf.header.version'?: string | undefined; 'file.elf.imports'?: unknown[] | undefined; 'file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'file.elf.shared_libraries'?: string[] | undefined; 'file.elf.telfhash'?: string | undefined; 'file.extension'?: string | undefined; 'file.fork_name'?: string | undefined; 'file.gid'?: string | undefined; 'file.group'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.inode'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.mode'?: string | undefined; 'file.mtime'?: string | number | undefined; 'file.name'?: string | undefined; 'file.owner'?: string | undefined; 'file.path'?: string | undefined; 'file.pe.architecture'?: string | undefined; 'file.pe.company'?: string | undefined; 'file.pe.description'?: string | undefined; 'file.pe.file_version'?: string | undefined; 'file.pe.imphash'?: string | undefined; 'file.pe.original_file_name'?: string | undefined; 'file.pe.pehash'?: string | undefined; 'file.pe.product'?: string | undefined; 'file.size'?: string | number | undefined; 'file.target_path'?: string | undefined; 'file.type'?: string | undefined; 'file.uid'?: string | undefined; 'file.x509.alternative_names'?: string[] | undefined; 'file.x509.issuer.common_name'?: string[] | undefined; 'file.x509.issuer.country'?: string[] | undefined; 'file.x509.issuer.distinguished_name'?: string | undefined; 'file.x509.issuer.locality'?: string[] | undefined; 'file.x509.issuer.organization'?: string[] | undefined; 'file.x509.issuer.organizational_unit'?: string[] | undefined; 'file.x509.issuer.state_or_province'?: string[] | undefined; 'file.x509.not_after'?: string | number | undefined; 'file.x509.not_before'?: string | number | undefined; 'file.x509.public_key_algorithm'?: string | undefined; 'file.x509.public_key_curve'?: string | undefined; 'file.x509.public_key_exponent'?: string | number | undefined; 'file.x509.public_key_size'?: string | number | undefined; 'file.x509.serial_number'?: string | undefined; 'file.x509.signature_algorithm'?: string | undefined; 'file.x509.subject.common_name'?: string[] | undefined; 'file.x509.subject.country'?: string[] | undefined; 'file.x509.subject.distinguished_name'?: string | undefined; 'file.x509.subject.locality'?: string[] | undefined; 'file.x509.subject.organization'?: string[] | undefined; 'file.x509.subject.organizational_unit'?: string[] | undefined; 'file.x509.subject.state_or_province'?: string[] | undefined; 'file.x509.version_number'?: string | undefined; 'group.domain'?: string | undefined; 'group.id'?: string | undefined; 'group.name'?: string | undefined; 'host.architecture'?: string | undefined; 'host.boot.id'?: string | undefined; 'host.cpu.usage'?: string | number | undefined; 'host.disk.read.bytes'?: string | number | undefined; 'host.disk.write.bytes'?: string | number | undefined; 'host.domain'?: string | undefined; 'host.geo.city_name'?: string | undefined; 'host.geo.continent_code'?: string | undefined; 'host.geo.continent_name'?: string | undefined; 'host.geo.country_iso_code'?: string | undefined; 'host.geo.country_name'?: string | undefined; 'host.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'host.geo.name'?: string | undefined; 'host.geo.postal_code'?: string | undefined; 'host.geo.region_iso_code'?: string | undefined; 'host.geo.region_name'?: string | undefined; 'host.geo.timezone'?: string | undefined; 'host.hostname'?: string | undefined; 'host.id'?: string | undefined; 'host.ip'?: string[] | undefined; 'host.mac'?: string[] | undefined; 'host.name'?: string | undefined; 'host.network.egress.bytes'?: string | number | undefined; 'host.network.egress.packets'?: string | number | undefined; 'host.network.ingress.bytes'?: string | number | undefined; 'host.network.ingress.packets'?: string | number | undefined; 'host.os.family'?: string | undefined; 'host.os.full'?: string | undefined; 'host.os.kernel'?: string | undefined; 'host.os.name'?: string | undefined; 'host.os.platform'?: string | undefined; 'host.os.type'?: string | undefined; 'host.os.version'?: string | undefined; 'host.pid_ns_ino'?: string | undefined; 'host.risk.calculated_level'?: string | undefined; 'host.risk.calculated_score'?: number | undefined; 'host.risk.calculated_score_norm'?: number | undefined; 'host.risk.static_level'?: string | undefined; 'host.risk.static_score'?: number | undefined; 'host.risk.static_score_norm'?: number | undefined; 'host.type'?: string | undefined; 'host.uptime'?: string | number | undefined; 'http.request.body.bytes'?: string | number | undefined; 'http.request.body.content'?: string | undefined; 'http.request.bytes'?: string | number | undefined; 'http.request.id'?: string | undefined; 'http.request.method'?: string | undefined; 'http.request.mime_type'?: string | undefined; 'http.request.referrer'?: string | undefined; 'http.response.body.bytes'?: string | number | undefined; 'http.response.body.content'?: string | undefined; 'http.response.bytes'?: string | number | undefined; 'http.response.mime_type'?: string | undefined; 'http.response.status_code'?: string | number | undefined; 'http.version'?: string | undefined; labels?: unknown; 'log.file.path'?: string | undefined; 'log.level'?: string | undefined; 'log.logger'?: string | undefined; 'log.origin.file.line'?: string | number | undefined; 'log.origin.file.name'?: string | undefined; 'log.origin.function'?: string | undefined; 'log.syslog'?: unknown; message?: string | undefined; 'network.application'?: string | undefined; 'network.bytes'?: string | number | undefined; 'network.community_id'?: string | undefined; 'network.direction'?: string | undefined; 'network.forwarded_ip'?: string | undefined; 'network.iana_number'?: string | undefined; 'network.inner'?: unknown; 'network.name'?: string | undefined; 'network.packets'?: string | number | undefined; 'network.protocol'?: string | undefined; 'network.transport'?: string | undefined; 'network.type'?: string | undefined; 'network.vlan.id'?: string | undefined; 'network.vlan.name'?: string | undefined; 'observer.egress'?: unknown; 'observer.geo.city_name'?: string | undefined; 'observer.geo.continent_code'?: string | undefined; 'observer.geo.continent_name'?: string | undefined; 'observer.geo.country_iso_code'?: string | undefined; 'observer.geo.country_name'?: string | undefined; 'observer.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'observer.geo.name'?: string | undefined; 'observer.geo.postal_code'?: string | undefined; 'observer.geo.region_iso_code'?: string | undefined; 'observer.geo.region_name'?: string | undefined; 'observer.geo.timezone'?: string | undefined; 'observer.hostname'?: string | undefined; 'observer.ingress'?: unknown; 'observer.ip'?: string[] | undefined; 'observer.mac'?: string[] | undefined; 'observer.name'?: string | undefined; 'observer.os.family'?: string | undefined; 'observer.os.full'?: string | undefined; 'observer.os.kernel'?: string | undefined; 'observer.os.name'?: string | undefined; 'observer.os.platform'?: string | undefined; 'observer.os.type'?: string | undefined; 'observer.os.version'?: string | undefined; 'observer.product'?: string | undefined; 'observer.serial_number'?: string | undefined; 'observer.type'?: string | undefined; 'observer.vendor'?: string | undefined; 'observer.version'?: string | undefined; 'orchestrator.api_version'?: string | undefined; 'orchestrator.cluster.id'?: string | undefined; 'orchestrator.cluster.name'?: string | undefined; 'orchestrator.cluster.url'?: string | undefined; 'orchestrator.cluster.version'?: string | undefined; 'orchestrator.namespace'?: string | undefined; 'orchestrator.organization'?: string | undefined; 'orchestrator.resource.id'?: string | undefined; 'orchestrator.resource.ip'?: string[] | undefined; 'orchestrator.resource.name'?: string | undefined; 'orchestrator.resource.parent.type'?: string | undefined; 'orchestrator.resource.type'?: string | undefined; 'orchestrator.type'?: string | undefined; 'organization.id'?: string | undefined; 'organization.name'?: string | undefined; 'package.architecture'?: string | undefined; 'package.build_version'?: string | undefined; 'package.checksum'?: string | undefined; 'package.description'?: string | undefined; 'package.install_scope'?: string | undefined; 'package.installed'?: string | number | undefined; 'package.license'?: string | undefined; 'package.name'?: string | undefined; 'package.path'?: string | undefined; 'package.reference'?: string | undefined; 'package.size'?: string | number | undefined; 'package.type'?: string | undefined; 'package.version'?: string | undefined; 'process.args'?: string[] | undefined; 'process.args_count'?: string | number | undefined; 'process.code_signature.digest_algorithm'?: string | undefined; 'process.code_signature.exists'?: boolean | undefined; 'process.code_signature.signing_id'?: string | undefined; 'process.code_signature.status'?: string | undefined; 'process.code_signature.subject_name'?: string | undefined; 'process.code_signature.team_id'?: string | undefined; 'process.code_signature.timestamp'?: string | number | undefined; 'process.code_signature.trusted'?: boolean | undefined; 'process.code_signature.valid'?: boolean | undefined; 'process.command_line'?: string | undefined; 'process.elf.architecture'?: string | undefined; 'process.elf.byte_order'?: string | undefined; 'process.elf.cpu_type'?: string | undefined; 'process.elf.creation_date'?: string | number | undefined; 'process.elf.exports'?: unknown[] | undefined; 'process.elf.header.abi_version'?: string | undefined; 'process.elf.header.class'?: string | undefined; 'process.elf.header.data'?: string | undefined; 'process.elf.header.entrypoint'?: string | number | undefined; 'process.elf.header.object_version'?: string | undefined; 'process.elf.header.os_abi'?: string | undefined; 'process.elf.header.type'?: string | undefined; 'process.elf.header.version'?: string | undefined; 'process.elf.imports'?: unknown[] | undefined; 'process.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.elf.shared_libraries'?: string[] | undefined; 'process.elf.telfhash'?: string | undefined; 'process.end'?: string | number | undefined; 'process.entity_id'?: string | undefined; 'process.entry_leader.args'?: string[] | undefined; 'process.entry_leader.args_count'?: string | number | undefined; 'process.entry_leader.attested_groups.name'?: string | undefined; 'process.entry_leader.attested_user.id'?: string | undefined; 'process.entry_leader.attested_user.name'?: string | undefined; 'process.entry_leader.command_line'?: string | undefined; 'process.entry_leader.entity_id'?: string | undefined; 'process.entry_leader.entry_meta.source.ip'?: string | undefined; 'process.entry_leader.entry_meta.type'?: string | undefined; 'process.entry_leader.executable'?: string | undefined; 'process.entry_leader.group.id'?: string | undefined; 'process.entry_leader.group.name'?: string | undefined; 'process.entry_leader.interactive'?: boolean | undefined; 'process.entry_leader.name'?: string | undefined; 'process.entry_leader.parent.entity_id'?: string | undefined; 'process.entry_leader.parent.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.entity_id'?: string | undefined; 'process.entry_leader.parent.session_leader.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.start'?: string | number | undefined; 'process.entry_leader.parent.start'?: string | number | undefined; 'process.entry_leader.pid'?: string | number | undefined; 'process.entry_leader.real_group.id'?: string | undefined; 'process.entry_leader.real_group.name'?: string | undefined; 'process.entry_leader.real_user.id'?: string | undefined; 'process.entry_leader.real_user.name'?: string | undefined; 'process.entry_leader.same_as_process'?: boolean | undefined; 'process.entry_leader.saved_group.id'?: string | undefined; 'process.entry_leader.saved_group.name'?: string | undefined; 'process.entry_leader.saved_user.id'?: string | undefined; 'process.entry_leader.saved_user.name'?: string | undefined; 'process.entry_leader.start'?: string | number | undefined; 'process.entry_leader.supplemental_groups.id'?: string | undefined; 'process.entry_leader.supplemental_groups.name'?: string | undefined; 'process.entry_leader.tty'?: unknown; 'process.entry_leader.user.id'?: string | undefined; 'process.entry_leader.user.name'?: string | undefined; 'process.entry_leader.working_directory'?: string | undefined; 'process.env_vars'?: string[] | undefined; 'process.executable'?: string | undefined; 'process.exit_code'?: string | number | undefined; 'process.group_leader.args'?: string[] | undefined; 'process.group_leader.args_count'?: string | number | undefined; 'process.group_leader.command_line'?: string | undefined; 'process.group_leader.entity_id'?: string | undefined; 'process.group_leader.executable'?: string | undefined; 'process.group_leader.group.id'?: string | undefined; 'process.group_leader.group.name'?: string | undefined; 'process.group_leader.interactive'?: boolean | undefined; 'process.group_leader.name'?: string | undefined; 'process.group_leader.pid'?: string | number | undefined; 'process.group_leader.real_group.id'?: string | undefined; 'process.group_leader.real_group.name'?: string | undefined; 'process.group_leader.real_user.id'?: string | undefined; 'process.group_leader.real_user.name'?: string | undefined; 'process.group_leader.same_as_process'?: boolean | undefined; 'process.group_leader.saved_group.id'?: string | undefined; 'process.group_leader.saved_group.name'?: string | undefined; 'process.group_leader.saved_user.id'?: string | undefined; 'process.group_leader.saved_user.name'?: string | undefined; 'process.group_leader.start'?: string | number | undefined; 'process.group_leader.supplemental_groups.id'?: string | undefined; 'process.group_leader.supplemental_groups.name'?: string | undefined; 'process.group_leader.tty'?: unknown; 'process.group_leader.user.id'?: string | undefined; 'process.group_leader.user.name'?: string | undefined; 'process.group_leader.working_directory'?: string | undefined; 'process.hash.md5'?: string | undefined; 'process.hash.sha1'?: string | undefined; 'process.hash.sha256'?: string | undefined; 'process.hash.sha384'?: string | undefined; 'process.hash.sha512'?: string | undefined; 'process.hash.ssdeep'?: string | undefined; 'process.hash.tlsh'?: string | undefined; 'process.interactive'?: boolean | undefined; 'process.io'?: unknown; 'process.name'?: string | undefined; 'process.parent.args'?: string[] | undefined; 'process.parent.args_count'?: string | number | undefined; 'process.parent.code_signature.digest_algorithm'?: string | undefined; 'process.parent.code_signature.exists'?: boolean | undefined; 'process.parent.code_signature.signing_id'?: string | undefined; 'process.parent.code_signature.status'?: string | undefined; 'process.parent.code_signature.subject_name'?: string | undefined; 'process.parent.code_signature.team_id'?: string | undefined; 'process.parent.code_signature.timestamp'?: string | number | undefined; 'process.parent.code_signature.trusted'?: boolean | undefined; 'process.parent.code_signature.valid'?: boolean | undefined; 'process.parent.command_line'?: string | undefined; 'process.parent.elf.architecture'?: string | undefined; 'process.parent.elf.byte_order'?: string | undefined; 'process.parent.elf.cpu_type'?: string | undefined; 'process.parent.elf.creation_date'?: string | number | undefined; 'process.parent.elf.exports'?: unknown[] | undefined; 'process.parent.elf.header.abi_version'?: string | undefined; 'process.parent.elf.header.class'?: string | undefined; 'process.parent.elf.header.data'?: string | undefined; 'process.parent.elf.header.entrypoint'?: string | number | undefined; 'process.parent.elf.header.object_version'?: string | undefined; 'process.parent.elf.header.os_abi'?: string | undefined; 'process.parent.elf.header.type'?: string | undefined; 'process.parent.elf.header.version'?: string | undefined; 'process.parent.elf.imports'?: unknown[] | undefined; 'process.parent.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.parent.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.parent.elf.shared_libraries'?: string[] | undefined; 'process.parent.elf.telfhash'?: string | undefined; 'process.parent.end'?: string | number | undefined; 'process.parent.entity_id'?: string | undefined; 'process.parent.executable'?: string | undefined; 'process.parent.exit_code'?: string | number | undefined; 'process.parent.group.id'?: string | undefined; 'process.parent.group.name'?: string | undefined; 'process.parent.group_leader.entity_id'?: string | undefined; 'process.parent.group_leader.pid'?: string | number | undefined; 'process.parent.group_leader.start'?: string | number | undefined; 'process.parent.hash.md5'?: string | undefined; 'process.parent.hash.sha1'?: string | undefined; 'process.parent.hash.sha256'?: string | undefined; 'process.parent.hash.sha384'?: string | undefined; 'process.parent.hash.sha512'?: string | undefined; 'process.parent.hash.ssdeep'?: string | undefined; 'process.parent.hash.tlsh'?: string | undefined; 'process.parent.interactive'?: boolean | undefined; 'process.parent.name'?: string | undefined; 'process.parent.pe.architecture'?: string | undefined; 'process.parent.pe.company'?: string | undefined; 'process.parent.pe.description'?: string | undefined; 'process.parent.pe.file_version'?: string | undefined; 'process.parent.pe.imphash'?: string | undefined; 'process.parent.pe.original_file_name'?: string | undefined; 'process.parent.pe.pehash'?: string | undefined; 'process.parent.pe.product'?: string | undefined; 'process.parent.pgid'?: string | number | undefined; 'process.parent.pid'?: string | number | undefined; 'process.parent.real_group.id'?: string | undefined; 'process.parent.real_group.name'?: string | undefined; 'process.parent.real_user.id'?: string | undefined; 'process.parent.real_user.name'?: string | undefined; 'process.parent.saved_group.id'?: string | undefined; 'process.parent.saved_group.name'?: string | undefined; 'process.parent.saved_user.id'?: string | undefined; 'process.parent.saved_user.name'?: string | undefined; 'process.parent.start'?: string | number | undefined; 'process.parent.supplemental_groups.id'?: string | undefined; 'process.parent.supplemental_groups.name'?: string | undefined; 'process.parent.thread.id'?: string | number | undefined; 'process.parent.thread.name'?: string | undefined; 'process.parent.title'?: string | undefined; 'process.parent.tty'?: unknown; 'process.parent.uptime'?: string | number | undefined; 'process.parent.user.id'?: string | undefined; 'process.parent.user.name'?: string | undefined; 'process.parent.working_directory'?: string | undefined; 'process.pe.architecture'?: string | undefined; 'process.pe.company'?: string | undefined; 'process.pe.description'?: string | undefined; 'process.pe.file_version'?: string | undefined; 'process.pe.imphash'?: string | undefined; 'process.pe.original_file_name'?: string | undefined; 'process.pe.pehash'?: string | undefined; 'process.pe.product'?: string | undefined; 'process.pgid'?: string | number | undefined; 'process.pid'?: string | number | undefined; 'process.previous.args'?: string[] | undefined; 'process.previous.args_count'?: string | number | undefined; 'process.previous.executable'?: string | undefined; 'process.real_group.id'?: string | undefined; 'process.real_group.name'?: string | undefined; 'process.real_user.id'?: string | undefined; 'process.real_user.name'?: string | undefined; 'process.saved_group.id'?: string | undefined; 'process.saved_group.name'?: string | undefined; 'process.saved_user.id'?: string | undefined; 'process.saved_user.name'?: string | undefined; 'process.session_leader.args'?: string[] | undefined; 'process.session_leader.args_count'?: string | number | undefined; 'process.session_leader.command_line'?: string | undefined; 'process.session_leader.entity_id'?: string | undefined; 'process.session_leader.executable'?: string | undefined; 'process.session_leader.group.id'?: string | undefined; 'process.session_leader.group.name'?: string | undefined; 'process.session_leader.interactive'?: boolean | undefined; 'process.session_leader.name'?: string | undefined; 'process.session_leader.parent.entity_id'?: string | undefined; 'process.session_leader.parent.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.entity_id'?: string | undefined; 'process.session_leader.parent.session_leader.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.start'?: string | number | undefined; 'process.session_leader.parent.start'?: string | number | undefined; 'process.session_leader.pid'?: string | number | undefined; 'process.session_leader.real_group.id'?: string | undefined; 'process.session_leader.real_group.name'?: string | undefined; 'process.session_leader.real_user.id'?: string | undefined; 'process.session_leader.real_user.name'?: string | undefined; 'process.session_leader.same_as_process'?: boolean | undefined; 'process.session_leader.saved_group.id'?: string | undefined; 'process.session_leader.saved_group.name'?: string | undefined; 'process.session_leader.saved_user.id'?: string | undefined; 'process.session_leader.saved_user.name'?: string | undefined; 'process.session_leader.start'?: string | number | undefined; 'process.session_leader.supplemental_groups.id'?: string | undefined; 'process.session_leader.supplemental_groups.name'?: string | undefined; 'process.session_leader.tty'?: unknown; 'process.session_leader.user.id'?: string | undefined; 'process.session_leader.user.name'?: string | undefined; 'process.session_leader.working_directory'?: string | undefined; 'process.start'?: string | number | undefined; 'process.supplemental_groups.id'?: string | undefined; 'process.supplemental_groups.name'?: string | undefined; 'process.thread.id'?: string | number | undefined; 'process.thread.name'?: string | undefined; 'process.title'?: string | undefined; 'process.tty'?: unknown; 'process.uptime'?: string | number | undefined; 'process.user.id'?: string | undefined; 'process.user.name'?: string | undefined; 'process.working_directory'?: string | undefined; 'registry.data.bytes'?: string | undefined; 'registry.data.strings'?: string[] | undefined; 'registry.data.type'?: string | undefined; 'registry.hive'?: string | undefined; 'registry.key'?: string | undefined; 'registry.path'?: string | undefined; 'registry.value'?: string | undefined; 'related.hash'?: string[] | undefined; 'related.hosts'?: string[] | undefined; 'related.ip'?: string[] | undefined; 'related.user'?: string[] | undefined; 'rule.author'?: string[] | undefined; 'rule.category'?: string | undefined; 'rule.description'?: string | undefined; 'rule.id'?: string | undefined; 'rule.license'?: string | undefined; 'rule.name'?: string | undefined; 'rule.reference'?: string | undefined; 'rule.ruleset'?: string | undefined; 'rule.uuid'?: string | undefined; 'rule.version'?: string | undefined; 'server.address'?: string | undefined; 'server.as.number'?: string | number | undefined; 'server.as.organization.name'?: string | undefined; 'server.bytes'?: string | number | undefined; 'server.domain'?: string | undefined; 'server.geo.city_name'?: string | undefined; 'server.geo.continent_code'?: string | undefined; 'server.geo.continent_name'?: string | undefined; 'server.geo.country_iso_code'?: string | undefined; 'server.geo.country_name'?: string | undefined; 'server.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'server.geo.name'?: string | undefined; 'server.geo.postal_code'?: string | undefined; 'server.geo.region_iso_code'?: string | undefined; 'server.geo.region_name'?: string | undefined; 'server.geo.timezone'?: string | undefined; 'server.ip'?: string | undefined; 'server.mac'?: string | undefined; 'server.nat.ip'?: string | undefined; 'server.nat.port'?: string | number | undefined; 'server.packets'?: string | number | undefined; 'server.port'?: string | number | undefined; 'server.registered_domain'?: string | undefined; 'server.subdomain'?: string | undefined; 'server.top_level_domain'?: string | undefined; 'server.user.domain'?: string | undefined; 'server.user.email'?: string | undefined; 'server.user.full_name'?: string | undefined; 'server.user.group.domain'?: string | undefined; 'server.user.group.id'?: string | undefined; 'server.user.group.name'?: string | undefined; 'server.user.hash'?: string | undefined; 'server.user.id'?: string | undefined; 'server.user.name'?: string | undefined; 'server.user.roles'?: string[] | undefined; 'service.address'?: string | undefined; 'service.environment'?: string | undefined; 'service.ephemeral_id'?: string | undefined; 'service.id'?: string | undefined; 'service.name'?: string | undefined; 'service.node.name'?: string | undefined; 'service.node.role'?: string | undefined; 'service.node.roles'?: string[] | undefined; 'service.origin.address'?: string | undefined; 'service.origin.environment'?: string | undefined; 'service.origin.ephemeral_id'?: string | undefined; 'service.origin.id'?: string | undefined; 'service.origin.name'?: string | undefined; 'service.origin.node.name'?: string | undefined; 'service.origin.node.role'?: string | undefined; 'service.origin.node.roles'?: string[] | undefined; 'service.origin.state'?: string | undefined; 'service.origin.type'?: string | undefined; 'service.origin.version'?: string | undefined; 'service.state'?: string | undefined; 'service.target.address'?: string | undefined; 'service.target.environment'?: string | undefined; 'service.target.ephemeral_id'?: string | undefined; 'service.target.id'?: string | undefined; 'service.target.name'?: string | undefined; 'service.target.node.name'?: string | undefined; 'service.target.node.role'?: string | undefined; 'service.target.node.roles'?: string[] | undefined; 'service.target.state'?: string | undefined; 'service.target.type'?: string | undefined; 'service.target.version'?: string | undefined; 'service.type'?: string | undefined; 'service.version'?: string | undefined; 'source.address'?: string | undefined; 'source.as.number'?: string | number | undefined; 'source.as.organization.name'?: string | undefined; 'source.bytes'?: string | number | undefined; 'source.domain'?: string | undefined; 'source.geo.city_name'?: string | undefined; 'source.geo.continent_code'?: string | undefined; 'source.geo.continent_name'?: string | undefined; 'source.geo.country_iso_code'?: string | undefined; 'source.geo.country_name'?: string | undefined; 'source.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'source.geo.name'?: string | undefined; 'source.geo.postal_code'?: string | undefined; 'source.geo.region_iso_code'?: string | undefined; 'source.geo.region_name'?: string | undefined; 'source.geo.timezone'?: string | undefined; 'source.ip'?: string | undefined; 'source.mac'?: string | undefined; 'source.nat.ip'?: string | undefined; 'source.nat.port'?: string | number | undefined; 'source.packets'?: string | number | undefined; 'source.port'?: string | number | undefined; 'source.registered_domain'?: string | undefined; 'source.subdomain'?: string | undefined; 'source.top_level_domain'?: string | undefined; 'source.user.domain'?: string | undefined; 'source.user.email'?: string | undefined; 'source.user.full_name'?: string | undefined; 'source.user.group.domain'?: string | undefined; 'source.user.group.id'?: string | undefined; 'source.user.group.name'?: string | undefined; 'source.user.hash'?: string | undefined; 'source.user.id'?: string | undefined; 'source.user.name'?: string | undefined; 'source.user.roles'?: string[] | undefined; 'span.id'?: string | undefined; tags?: string[] | undefined; 'threat.enrichments'?: { indicator?: unknown; 'matched.atomic'?: string | undefined; 'matched.field'?: string | undefined; 'matched.id'?: string | undefined; 'matched.index'?: string | undefined; 'matched.occurred'?: string | number | undefined; 'matched.type'?: string | undefined; }[] | undefined; 'threat.feed.dashboard_id'?: string | undefined; 'threat.feed.description'?: string | undefined; 'threat.feed.name'?: string | undefined; 'threat.feed.reference'?: string | undefined; 'threat.framework'?: string | undefined; 'threat.group.alias'?: string[] | undefined; 'threat.group.id'?: string | undefined; 'threat.group.name'?: string | undefined; 'threat.group.reference'?: string | undefined; 'threat.indicator.as.number'?: string | number | undefined; 'threat.indicator.as.organization.name'?: string | undefined; 'threat.indicator.confidence'?: string | undefined; 'threat.indicator.description'?: string | undefined; 'threat.indicator.email.address'?: string | undefined; 'threat.indicator.file.accessed'?: string | number | undefined; 'threat.indicator.file.attributes'?: string[] | undefined; 'threat.indicator.file.code_signature.digest_algorithm'?: string | undefined; 'threat.indicator.file.code_signature.exists'?: boolean | undefined; 'threat.indicator.file.code_signature.signing_id'?: string | undefined; 'threat.indicator.file.code_signature.status'?: string | undefined; 'threat.indicator.file.code_signature.subject_name'?: string | undefined; 'threat.indicator.file.code_signature.team_id'?: string | undefined; 'threat.indicator.file.code_signature.timestamp'?: string | number | undefined; 'threat.indicator.file.code_signature.trusted'?: boolean | undefined; 'threat.indicator.file.code_signature.valid'?: boolean | undefined; 'threat.indicator.file.created'?: string | number | undefined; 'threat.indicator.file.ctime'?: string | number | undefined; 'threat.indicator.file.device'?: string | undefined; 'threat.indicator.file.directory'?: string | undefined; 'threat.indicator.file.drive_letter'?: string | undefined; 'threat.indicator.file.elf.architecture'?: string | undefined; 'threat.indicator.file.elf.byte_order'?: string | undefined; 'threat.indicator.file.elf.cpu_type'?: string | undefined; 'threat.indicator.file.elf.creation_date'?: string | number | undefined; 'threat.indicator.file.elf.exports'?: unknown[] | undefined; 'threat.indicator.file.elf.header.abi_version'?: string | undefined; 'threat.indicator.file.elf.header.class'?: string | undefined; 'threat.indicator.file.elf.header.data'?: string | undefined; 'threat.indicator.file.elf.header.entrypoint'?: string | number | undefined; 'threat.indicator.file.elf.header.object_version'?: string | undefined; 'threat.indicator.file.elf.header.os_abi'?: string | undefined; 'threat.indicator.file.elf.header.type'?: string | undefined; 'threat.indicator.file.elf.header.version'?: string | undefined; 'threat.indicator.file.elf.imports'?: unknown[] | undefined; 'threat.indicator.file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'threat.indicator.file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'threat.indicator.file.elf.shared_libraries'?: string[] | undefined; 'threat.indicator.file.elf.telfhash'?: string | undefined; 'threat.indicator.file.extension'?: string | undefined; 'threat.indicator.file.fork_name'?: string | undefined; 'threat.indicator.file.gid'?: string | undefined; 'threat.indicator.file.group'?: string | undefined; 'threat.indicator.file.hash.md5'?: string | undefined; 'threat.indicator.file.hash.sha1'?: string | undefined; 'threat.indicator.file.hash.sha256'?: string | undefined; 'threat.indicator.file.hash.sha384'?: string | undefined; 'threat.indicator.file.hash.sha512'?: string | undefined; 'threat.indicator.file.hash.ssdeep'?: string | undefined; 'threat.indicator.file.hash.tlsh'?: string | undefined; 'threat.indicator.file.inode'?: string | undefined; 'threat.indicator.file.mime_type'?: string | undefined; 'threat.indicator.file.mode'?: string | undefined; 'threat.indicator.file.mtime'?: string | number | undefined; 'threat.indicator.file.name'?: string | undefined; 'threat.indicator.file.owner'?: string | undefined; 'threat.indicator.file.path'?: string | undefined; 'threat.indicator.file.pe.architecture'?: string | undefined; 'threat.indicator.file.pe.company'?: string | undefined; 'threat.indicator.file.pe.description'?: string | undefined; 'threat.indicator.file.pe.file_version'?: string | undefined; 'threat.indicator.file.pe.imphash'?: string | undefined; 'threat.indicator.file.pe.original_file_name'?: string | undefined; 'threat.indicator.file.pe.pehash'?: string | undefined; 'threat.indicator.file.pe.product'?: string | undefined; 'threat.indicator.file.size'?: string | number | undefined; 'threat.indicator.file.target_path'?: string | undefined; 'threat.indicator.file.type'?: string | undefined; 'threat.indicator.file.uid'?: string | undefined; 'threat.indicator.file.x509.alternative_names'?: string[] | undefined; 'threat.indicator.file.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.file.x509.issuer.country'?: string[] | undefined; 'threat.indicator.file.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.not_after'?: string | number | undefined; 'threat.indicator.file.x509.not_before'?: string | number | undefined; 'threat.indicator.file.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.file.x509.public_key_curve'?: string | undefined; 'threat.indicator.file.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.file.x509.public_key_size'?: string | number | undefined; 'threat.indicator.file.x509.serial_number'?: string | undefined; 'threat.indicator.file.x509.signature_algorithm'?: string | undefined; 'threat.indicator.file.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.file.x509.subject.country'?: string[] | undefined; 'threat.indicator.file.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.subject.locality'?: string[] | undefined; 'threat.indicator.file.x509.subject.organization'?: string[] | undefined; 'threat.indicator.file.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.version_number'?: string | undefined; 'threat.indicator.first_seen'?: string | number | undefined; 'threat.indicator.geo.city_name'?: string | undefined; 'threat.indicator.geo.continent_code'?: string | undefined; 'threat.indicator.geo.continent_name'?: string | undefined; 'threat.indicator.geo.country_iso_code'?: string | undefined; 'threat.indicator.geo.country_name'?: string | undefined; 'threat.indicator.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'threat.indicator.geo.name'?: string | undefined; 'threat.indicator.geo.postal_code'?: string | undefined; 'threat.indicator.geo.region_iso_code'?: string | undefined; 'threat.indicator.geo.region_name'?: string | undefined; 'threat.indicator.geo.timezone'?: string | undefined; 'threat.indicator.ip'?: string | undefined; 'threat.indicator.last_seen'?: string | number | undefined; 'threat.indicator.marking.tlp'?: string | undefined; 'threat.indicator.marking.tlp_version'?: string | undefined; 'threat.indicator.modified_at'?: string | number | undefined; 'threat.indicator.port'?: string | number | undefined; 'threat.indicator.provider'?: string | undefined; 'threat.indicator.reference'?: string | undefined; 'threat.indicator.registry.data.bytes'?: string | undefined; 'threat.indicator.registry.data.strings'?: string[] | undefined; 'threat.indicator.registry.data.type'?: string | undefined; 'threat.indicator.registry.hive'?: string | undefined; 'threat.indicator.registry.key'?: string | undefined; 'threat.indicator.registry.path'?: string | undefined; 'threat.indicator.registry.value'?: string | undefined; 'threat.indicator.scanner_stats'?: string | number | undefined; 'threat.indicator.sightings'?: string | number | undefined; 'threat.indicator.type'?: string | undefined; 'threat.indicator.url.domain'?: string | undefined; 'threat.indicator.url.extension'?: string | undefined; 'threat.indicator.url.fragment'?: string | undefined; 'threat.indicator.url.full'?: string | undefined; 'threat.indicator.url.original'?: string | undefined; 'threat.indicator.url.password'?: string | undefined; 'threat.indicator.url.path'?: string | undefined; 'threat.indicator.url.port'?: string | number | undefined; 'threat.indicator.url.query'?: string | undefined; 'threat.indicator.url.registered_domain'?: string | undefined; 'threat.indicator.url.scheme'?: string | undefined; 'threat.indicator.url.subdomain'?: string | undefined; 'threat.indicator.url.top_level_domain'?: string | undefined; 'threat.indicator.url.username'?: string | undefined; 'threat.indicator.x509.alternative_names'?: string[] | undefined; 'threat.indicator.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.x509.issuer.country'?: string[] | undefined; 'threat.indicator.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.x509.not_after'?: string | number | undefined; 'threat.indicator.x509.not_before'?: string | number | undefined; 'threat.indicator.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.x509.public_key_curve'?: string | undefined; 'threat.indicator.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.x509.public_key_size'?: string | number | undefined; 'threat.indicator.x509.serial_number'?: string | undefined; 'threat.indicator.x509.signature_algorithm'?: string | undefined; 'threat.indicator.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.x509.subject.country'?: string[] | undefined; 'threat.indicator.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.x509.subject.locality'?: string[] | undefined; 'threat.indicator.x509.subject.organization'?: string[] | undefined; 'threat.indicator.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.x509.version_number'?: string | undefined; 'threat.software.alias'?: string[] | undefined; 'threat.software.id'?: string | undefined; 'threat.software.name'?: string | undefined; 'threat.software.platforms'?: string[] | undefined; 'threat.software.reference'?: string | undefined; 'threat.software.type'?: string | undefined; 'threat.tactic.id'?: string[] | undefined; 'threat.tactic.name'?: string[] | undefined; 'threat.tactic.reference'?: string[] | undefined; 'threat.technique.id'?: string[] | undefined; 'threat.technique.name'?: string[] | undefined; 'threat.technique.reference'?: string[] | undefined; 'threat.technique.subtechnique.id'?: string[] | undefined; 'threat.technique.subtechnique.name'?: string[] | undefined; 'threat.technique.subtechnique.reference'?: string[] | undefined; 'tls.cipher'?: string | undefined; 'tls.client.certificate'?: string | undefined; 'tls.client.certificate_chain'?: string[] | undefined; 'tls.client.hash.md5'?: string | undefined; 'tls.client.hash.sha1'?: string | undefined; 'tls.client.hash.sha256'?: string | undefined; 'tls.client.issuer'?: string | undefined; 'tls.client.ja3'?: string | undefined; 'tls.client.not_after'?: string | number | undefined; 'tls.client.not_before'?: string | number | undefined; 'tls.client.server_name'?: string | undefined; 'tls.client.subject'?: string | undefined; 'tls.client.supported_ciphers'?: string[] | undefined; 'tls.client.x509.alternative_names'?: string[] | undefined; 'tls.client.x509.issuer.common_name'?: string[] | undefined; 'tls.client.x509.issuer.country'?: string[] | undefined; 'tls.client.x509.issuer.distinguished_name'?: string | undefined; 'tls.client.x509.issuer.locality'?: string[] | undefined; 'tls.client.x509.issuer.organization'?: string[] | undefined; 'tls.client.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.client.x509.issuer.state_or_province'?: string[] | undefined; 'tls.client.x509.not_after'?: string | number | undefined; 'tls.client.x509.not_before'?: string | number | undefined; 'tls.client.x509.public_key_algorithm'?: string | undefined; 'tls.client.x509.public_key_curve'?: string | undefined; 'tls.client.x509.public_key_exponent'?: string | number | undefined; 'tls.client.x509.public_key_size'?: string | number | undefined; 'tls.client.x509.serial_number'?: string | undefined; 'tls.client.x509.signature_algorithm'?: string | undefined; 'tls.client.x509.subject.common_name'?: string[] | undefined; 'tls.client.x509.subject.country'?: string[] | undefined; 'tls.client.x509.subject.distinguished_name'?: string | undefined; 'tls.client.x509.subject.locality'?: string[] | undefined; 'tls.client.x509.subject.organization'?: string[] | undefined; 'tls.client.x509.subject.organizational_unit'?: string[] | undefined; 'tls.client.x509.subject.state_or_province'?: string[] | undefined; 'tls.client.x509.version_number'?: string | undefined; 'tls.curve'?: string | undefined; 'tls.established'?: boolean | undefined; 'tls.next_protocol'?: string | undefined; 'tls.resumed'?: boolean | undefined; 'tls.server.certificate'?: string | undefined; 'tls.server.certificate_chain'?: string[] | undefined; 'tls.server.hash.md5'?: string | undefined; 'tls.server.hash.sha1'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.issuer'?: string | undefined; 'tls.server.ja3s'?: string | undefined; 'tls.server.not_after'?: string | number | undefined; 'tls.server.not_before'?: string | number | undefined; 'tls.server.subject'?: string | undefined; 'tls.server.x509.alternative_names'?: string[] | undefined; 'tls.server.x509.issuer.common_name'?: string[] | undefined; 'tls.server.x509.issuer.country'?: string[] | undefined; 'tls.server.x509.issuer.distinguished_name'?: string | undefined; 'tls.server.x509.issuer.locality'?: string[] | undefined; 'tls.server.x509.issuer.organization'?: string[] | undefined; 'tls.server.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.server.x509.issuer.state_or_province'?: string[] | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.public_key_algorithm'?: string | undefined; 'tls.server.x509.public_key_curve'?: string | undefined; 'tls.server.x509.public_key_exponent'?: string | number | undefined; 'tls.server.x509.public_key_size'?: string | number | undefined; 'tls.server.x509.serial_number'?: string | undefined; 'tls.server.x509.signature_algorithm'?: string | undefined; 'tls.server.x509.subject.common_name'?: string[] | undefined; 'tls.server.x509.subject.country'?: string[] | undefined; 'tls.server.x509.subject.distinguished_name'?: string | undefined; 'tls.server.x509.subject.locality'?: string[] | undefined; 'tls.server.x509.subject.organization'?: string[] | undefined; 'tls.server.x509.subject.organizational_unit'?: string[] | undefined; 'tls.server.x509.subject.state_or_province'?: string[] | undefined; 'tls.server.x509.version_number'?: string | undefined; 'tls.version'?: string | undefined; 'tls.version_protocol'?: string | undefined; 'trace.id'?: string | undefined; 'transaction.id'?: string | undefined; 'url.domain'?: string | undefined; 'url.extension'?: string | undefined; 'url.fragment'?: string | undefined; 'url.full'?: string | undefined; 'url.original'?: string | undefined; 'url.password'?: string | undefined; 'url.path'?: string | undefined; 'url.port'?: string | number | undefined; 'url.query'?: string | undefined; 'url.registered_domain'?: string | undefined; 'url.scheme'?: string | undefined; 'url.subdomain'?: string | undefined; 'url.top_level_domain'?: string | undefined; 'url.username'?: string | undefined; 'user.changes.domain'?: string | undefined; 'user.changes.email'?: string | undefined; 'user.changes.full_name'?: string | undefined; 'user.changes.group.domain'?: string | undefined; 'user.changes.group.id'?: string | undefined; 'user.changes.group.name'?: string | undefined; 'user.changes.hash'?: string | undefined; 'user.changes.id'?: string | undefined; 'user.changes.name'?: string | undefined; 'user.changes.roles'?: string[] | undefined; 'user.domain'?: string | undefined; 'user.effective.domain'?: string | undefined; 'user.effective.email'?: string | undefined; 'user.effective.full_name'?: string | undefined; 'user.effective.group.domain'?: string | undefined; 'user.effective.group.id'?: string | undefined; 'user.effective.group.name'?: string | undefined; 'user.effective.hash'?: string | undefined; 'user.effective.id'?: string | undefined; 'user.effective.name'?: string | undefined; 'user.effective.roles'?: string[] | undefined; 'user.email'?: string | undefined; 'user.full_name'?: string | undefined; 'user.group.domain'?: string | undefined; 'user.group.id'?: string | undefined; 'user.group.name'?: string | undefined; 'user.hash'?: string | undefined; 'user.id'?: string | undefined; 'user.name'?: string | undefined; 'user.risk.calculated_level'?: string | undefined; 'user.risk.calculated_score'?: number | undefined; 'user.risk.calculated_score_norm'?: number | undefined; 'user.risk.static_level'?: string | undefined; 'user.risk.static_score'?: number | undefined; 'user.risk.static_score_norm'?: number | undefined; 'user.roles'?: string[] | undefined; 'user.target.domain'?: string | undefined; 'user.target.email'?: string | undefined; 'user.target.full_name'?: string | undefined; 'user.target.group.domain'?: string | undefined; 'user.target.group.id'?: string | undefined; 'user.target.group.name'?: string | undefined; 'user.target.hash'?: string | undefined; 'user.target.id'?: string | undefined; 'user.target.name'?: string | undefined; 'user.target.roles'?: string[] | undefined; 'user_agent.device.name'?: string | undefined; 'user_agent.name'?: string | undefined; 'user_agent.original'?: string | undefined; 'user_agent.os.family'?: string | undefined; 'user_agent.os.full'?: string | undefined; 'user_agent.os.kernel'?: string | undefined; 'user_agent.os.name'?: string | undefined; 'user_agent.os.platform'?: string | undefined; 'user_agent.os.type'?: string | undefined; 'user_agent.os.version'?: string | undefined; 'user_agent.version'?: string | undefined; 'vulnerability.category'?: string[] | undefined; 'vulnerability.classification'?: string | undefined; 'vulnerability.description'?: string | undefined; 'vulnerability.enumeration'?: string | undefined; 'vulnerability.id'?: string | undefined; 'vulnerability.reference'?: string | undefined; 'vulnerability.report_id'?: string | undefined; 'vulnerability.scanner.vendor'?: string | undefined; 'vulnerability.score.base'?: number | undefined; 'vulnerability.score.environmental'?: number | undefined; 'vulnerability.score.temporal'?: number | undefined; 'vulnerability.score.version'?: string | undefined; 'vulnerability.severity'?: string | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }" ], "path": "packages/kbn-alerts-as-data-utils/src/schemas/generated/observability_metrics_schema.ts", "deprecated": false, @@ -367,7 +367,7 @@ "label": "ObservabilitySloAlert", "description": [], "signature": [ - "{} & { 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'slo.id'?: string | undefined; 'slo.instanceId'?: string | undefined; 'slo.revision'?: string | number | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }" + "{} & { 'kibana.alert.context'?: unknown; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'slo.id'?: string | undefined; 'slo.instanceId'?: string | undefined; 'slo.revision'?: string | number | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }" ], "path": "packages/kbn-alerts-as-data-utils/src/schemas/generated/observability_slo_schema.ts", "deprecated": false, @@ -382,7 +382,7 @@ "label": "ObservabilityUptimeAlert", "description": [], "signature": [ - "{} & { 'agent.name'?: string | undefined; 'anomaly.bucket_span.minutes'?: string | undefined; 'anomaly.start'?: string | number | undefined; 'error.message'?: string | undefined; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'monitor.id'?: string | undefined; 'monitor.name'?: string | undefined; 'monitor.type'?: string | undefined; 'observer.geo.name'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.x509.issuer.common_name'?: string | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.subject.common_name'?: string | undefined; 'url.full'?: string | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }" + "{} & { 'agent.name'?: string | undefined; 'anomaly.bucket_span.minutes'?: string | undefined; 'anomaly.start'?: string | number | undefined; 'error.message'?: string | undefined; 'kibana.alert.context'?: unknown; 'kibana.alert.evaluation.threshold'?: string | number | undefined; 'kibana.alert.evaluation.value'?: string | number | undefined; 'kibana.alert.evaluation.values'?: (string | number)[] | undefined; 'kibana.alert.group'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'monitor.id'?: string | undefined; 'monitor.name'?: string | undefined; 'monitor.type'?: string | undefined; 'observer.geo.name'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.x509.issuer.common_name'?: string | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.subject.common_name'?: string | undefined; 'url.full'?: string | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }" ], "path": "packages/kbn-alerts-as-data-utils/src/schemas/generated/observability_uptime_schema.ts", "deprecated": false, @@ -397,7 +397,7 @@ "label": "SecurityAlert", "description": [], "signature": [ - "{ '@timestamp': string | number; 'kibana.alert.ancestors': { depth: string | number; id: string; index: string; type: string; }[]; 'kibana.alert.depth': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.original_event.action': string; 'kibana.alert.original_event.category': string[]; 'kibana.alert.original_event.created': string | number; 'kibana.alert.original_event.dataset': string; 'kibana.alert.original_event.id': string; 'kibana.alert.original_event.ingested': string | number; 'kibana.alert.original_event.kind': string; 'kibana.alert.original_event.module': string; 'kibana.alert.original_event.original': string; 'kibana.alert.original_event.outcome': string; 'kibana.alert.original_event.provider': string; 'kibana.alert.original_event.sequence': string | number; 'kibana.alert.original_event.type': string[]; 'kibana.alert.original_time': string | number; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.false_positives': string[]; 'kibana.alert.rule.max_signals': (string | number)[]; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.threat.framework': string; 'kibana.alert.rule.threat.tactic.id': string; 'kibana.alert.rule.threat.tactic.name': string; 'kibana.alert.rule.threat.tactic.reference': string; 'kibana.alert.rule.threat.technique.id': string; 'kibana.alert.rule.threat.technique.name': string; 'kibana.alert.rule.threat.technique.reference': string; 'kibana.alert.rule.threat.technique.subtechnique.id': string; 'kibana.alert.rule.threat.technique.subtechnique.name': string; 'kibana.alert.rule.threat.technique.subtechnique.reference': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'ecs.version'?: string | undefined; 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.ancestors.rule'?: string | undefined; 'kibana.alert.building_block_type'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.group.id'?: string | undefined; 'kibana.alert.group.index'?: number | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.new_terms'?: string[] | undefined; 'kibana.alert.original_event.agent_id_status'?: string | undefined; 'kibana.alert.original_event.code'?: string | undefined; 'kibana.alert.original_event.duration'?: string | undefined; 'kibana.alert.original_event.end'?: string | number | undefined; 'kibana.alert.original_event.hash'?: string | undefined; 'kibana.alert.original_event.reason'?: string | undefined; 'kibana.alert.original_event.reference'?: string | undefined; 'kibana.alert.original_event.risk_score'?: number | undefined; 'kibana.alert.original_event.risk_score_norm'?: number | undefined; 'kibana.alert.original_event.severity'?: string | number | undefined; 'kibana.alert.original_event.start'?: string | number | undefined; 'kibana.alert.original_event.timezone'?: string | undefined; 'kibana.alert.original_event.url'?: string | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.building_block_type'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.immutable'?: string[] | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.rule.timeline_id'?: string[] | undefined; 'kibana.alert.rule.timeline_title'?: string[] | undefined; 'kibana.alert.rule.timestamp_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.threshold_result.count'?: string | number | undefined; 'kibana.alert.threshold_result.from'?: string | number | undefined; 'kibana.alert.threshold_result.terms'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.alert.workflow_user'?: string | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'ecs.version': string; } & { 'agent.build.original'?: string | undefined; 'agent.ephemeral_id'?: string | undefined; 'agent.id'?: string | undefined; 'agent.name'?: string | undefined; 'agent.type'?: string | undefined; 'agent.version'?: string | undefined; 'client.address'?: string | undefined; 'client.as.number'?: string | number | undefined; 'client.as.organization.name'?: string | undefined; 'client.bytes'?: string | number | undefined; 'client.domain'?: string | undefined; 'client.geo.city_name'?: string | undefined; 'client.geo.continent_code'?: string | undefined; 'client.geo.continent_name'?: string | undefined; 'client.geo.country_iso_code'?: string | undefined; 'client.geo.country_name'?: string | undefined; 'client.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'client.geo.name'?: string | undefined; 'client.geo.postal_code'?: string | undefined; 'client.geo.region_iso_code'?: string | undefined; 'client.geo.region_name'?: string | undefined; 'client.geo.timezone'?: string | undefined; 'client.ip'?: string | undefined; 'client.mac'?: string | undefined; 'client.nat.ip'?: string | undefined; 'client.nat.port'?: string | number | undefined; 'client.packets'?: string | number | undefined; 'client.port'?: string | number | undefined; 'client.registered_domain'?: string | undefined; 'client.subdomain'?: string | undefined; 'client.top_level_domain'?: string | undefined; 'client.user.domain'?: string | undefined; 'client.user.email'?: string | undefined; 'client.user.full_name'?: string | undefined; 'client.user.group.domain'?: string | undefined; 'client.user.group.id'?: string | undefined; 'client.user.group.name'?: string | undefined; 'client.user.hash'?: string | undefined; 'client.user.id'?: string | undefined; 'client.user.name'?: string | undefined; 'client.user.roles'?: string[] | undefined; 'cloud.account.id'?: string | undefined; 'cloud.account.name'?: string | undefined; 'cloud.availability_zone'?: string | undefined; 'cloud.instance.id'?: string | undefined; 'cloud.instance.name'?: string | undefined; 'cloud.machine.type'?: string | undefined; 'cloud.origin.account.id'?: string | undefined; 'cloud.origin.account.name'?: string | undefined; 'cloud.origin.availability_zone'?: string | undefined; 'cloud.origin.instance.id'?: string | undefined; 'cloud.origin.instance.name'?: string | undefined; 'cloud.origin.machine.type'?: string | undefined; 'cloud.origin.project.id'?: string | undefined; 'cloud.origin.project.name'?: string | undefined; 'cloud.origin.provider'?: string | undefined; 'cloud.origin.region'?: string | undefined; 'cloud.origin.service.name'?: string | undefined; 'cloud.project.id'?: string | undefined; 'cloud.project.name'?: string | undefined; 'cloud.provider'?: string | undefined; 'cloud.region'?: string | undefined; 'cloud.service.name'?: string | undefined; 'cloud.target.account.id'?: string | undefined; 'cloud.target.account.name'?: string | undefined; 'cloud.target.availability_zone'?: string | undefined; 'cloud.target.instance.id'?: string | undefined; 'cloud.target.instance.name'?: string | undefined; 'cloud.target.machine.type'?: string | undefined; 'cloud.target.project.id'?: string | undefined; 'cloud.target.project.name'?: string | undefined; 'cloud.target.provider'?: string | undefined; 'cloud.target.region'?: string | undefined; 'cloud.target.service.name'?: string | undefined; 'container.cpu.usage'?: string | number | undefined; 'container.disk.read.bytes'?: string | number | undefined; 'container.disk.write.bytes'?: string | number | undefined; 'container.id'?: string | undefined; 'container.image.hash.all'?: string[] | undefined; 'container.image.name'?: string | undefined; 'container.image.tag'?: string[] | undefined; 'container.memory.usage'?: string | number | undefined; 'container.name'?: string | undefined; 'container.network.egress.bytes'?: string | number | undefined; 'container.network.ingress.bytes'?: string | number | undefined; 'container.runtime'?: string | undefined; 'destination.address'?: string | undefined; 'destination.as.number'?: string | number | undefined; 'destination.as.organization.name'?: string | undefined; 'destination.bytes'?: string | number | undefined; 'destination.domain'?: string | undefined; 'destination.geo.city_name'?: string | undefined; 'destination.geo.continent_code'?: string | undefined; 'destination.geo.continent_name'?: string | undefined; 'destination.geo.country_iso_code'?: string | undefined; 'destination.geo.country_name'?: string | undefined; 'destination.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'destination.geo.name'?: string | undefined; 'destination.geo.postal_code'?: string | undefined; 'destination.geo.region_iso_code'?: string | undefined; 'destination.geo.region_name'?: string | undefined; 'destination.geo.timezone'?: string | undefined; 'destination.ip'?: string | undefined; 'destination.mac'?: string | undefined; 'destination.nat.ip'?: string | undefined; 'destination.nat.port'?: string | number | undefined; 'destination.packets'?: string | number | undefined; 'destination.port'?: string | number | undefined; 'destination.registered_domain'?: string | undefined; 'destination.subdomain'?: string | undefined; 'destination.top_level_domain'?: string | undefined; 'destination.user.domain'?: string | undefined; 'destination.user.email'?: string | undefined; 'destination.user.full_name'?: string | undefined; 'destination.user.group.domain'?: string | undefined; 'destination.user.group.id'?: string | undefined; 'destination.user.group.name'?: string | undefined; 'destination.user.hash'?: string | undefined; 'destination.user.id'?: string | undefined; 'destination.user.name'?: string | undefined; 'destination.user.roles'?: string[] | undefined; 'device.id'?: string | undefined; 'device.manufacturer'?: string | undefined; 'device.model.identifier'?: string | undefined; 'device.model.name'?: string | undefined; 'dll.code_signature.digest_algorithm'?: string | undefined; 'dll.code_signature.exists'?: boolean | undefined; 'dll.code_signature.signing_id'?: string | undefined; 'dll.code_signature.status'?: string | undefined; 'dll.code_signature.subject_name'?: string | undefined; 'dll.code_signature.team_id'?: string | undefined; 'dll.code_signature.timestamp'?: string | number | undefined; 'dll.code_signature.trusted'?: boolean | undefined; 'dll.code_signature.valid'?: boolean | undefined; 'dll.hash.md5'?: string | undefined; 'dll.hash.sha1'?: string | undefined; 'dll.hash.sha256'?: string | undefined; 'dll.hash.sha384'?: string | undefined; 'dll.hash.sha512'?: string | undefined; 'dll.hash.ssdeep'?: string | undefined; 'dll.hash.tlsh'?: string | undefined; 'dll.name'?: string | undefined; 'dll.path'?: string | undefined; 'dll.pe.architecture'?: string | undefined; 'dll.pe.company'?: string | undefined; 'dll.pe.description'?: string | undefined; 'dll.pe.file_version'?: string | undefined; 'dll.pe.imphash'?: string | undefined; 'dll.pe.original_file_name'?: string | undefined; 'dll.pe.pehash'?: string | undefined; 'dll.pe.product'?: string | undefined; 'dns.answers'?: { class?: string | undefined; data?: string | undefined; name?: string | undefined; ttl?: string | number | undefined; type?: string | undefined; }[] | undefined; 'dns.header_flags'?: string[] | undefined; 'dns.id'?: string | undefined; 'dns.op_code'?: string | undefined; 'dns.question.class'?: string | undefined; 'dns.question.name'?: string | undefined; 'dns.question.registered_domain'?: string | undefined; 'dns.question.subdomain'?: string | undefined; 'dns.question.top_level_domain'?: string | undefined; 'dns.question.type'?: string | undefined; 'dns.resolved_ip'?: string[] | undefined; 'dns.response_code'?: string | undefined; 'dns.type'?: string | undefined; 'email.attachments'?: { 'file.extension'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.name'?: string | undefined; 'file.size'?: string | number | undefined; }[] | undefined; 'email.bcc.address'?: string[] | undefined; 'email.cc.address'?: string[] | undefined; 'email.content_type'?: string | undefined; 'email.delivery_timestamp'?: string | number | undefined; 'email.direction'?: string | undefined; 'email.from.address'?: string[] | undefined; 'email.local_id'?: string | undefined; 'email.message_id'?: string | undefined; 'email.origination_timestamp'?: string | number | undefined; 'email.reply_to.address'?: string[] | undefined; 'email.sender.address'?: string | undefined; 'email.subject'?: string | undefined; 'email.to.address'?: string[] | undefined; 'email.x_mailer'?: string | undefined; 'error.code'?: string | undefined; 'error.id'?: string | undefined; 'error.message'?: string | undefined; 'error.stack_trace'?: string | undefined; 'error.type'?: string | undefined; 'event.action'?: string | undefined; 'event.agent_id_status'?: string | undefined; 'event.category'?: string[] | undefined; 'event.code'?: string | undefined; 'event.created'?: string | number | undefined; 'event.dataset'?: string | undefined; 'event.duration'?: string | number | undefined; 'event.end'?: string | number | undefined; 'event.hash'?: string | undefined; 'event.id'?: string | undefined; 'event.ingested'?: string | number | undefined; 'event.kind'?: string | undefined; 'event.module'?: string | undefined; 'event.original'?: string | undefined; 'event.outcome'?: string | undefined; 'event.provider'?: string | undefined; 'event.reason'?: string | undefined; 'event.reference'?: string | undefined; 'event.risk_score'?: number | undefined; 'event.risk_score_norm'?: number | undefined; 'event.sequence'?: string | number | undefined; 'event.severity'?: string | number | undefined; 'event.start'?: string | number | undefined; 'event.timezone'?: string | undefined; 'event.type'?: string[] | undefined; 'event.url'?: string | undefined; 'faas.coldstart'?: boolean | undefined; 'faas.execution'?: string | undefined; 'faas.id'?: string | undefined; 'faas.name'?: string | undefined; 'faas.version'?: string | undefined; 'file.accessed'?: string | number | undefined; 'file.attributes'?: string[] | undefined; 'file.code_signature.digest_algorithm'?: string | undefined; 'file.code_signature.exists'?: boolean | undefined; 'file.code_signature.signing_id'?: string | undefined; 'file.code_signature.status'?: string | undefined; 'file.code_signature.subject_name'?: string | undefined; 'file.code_signature.team_id'?: string | undefined; 'file.code_signature.timestamp'?: string | number | undefined; 'file.code_signature.trusted'?: boolean | undefined; 'file.code_signature.valid'?: boolean | undefined; 'file.created'?: string | number | undefined; 'file.ctime'?: string | number | undefined; 'file.device'?: string | undefined; 'file.directory'?: string | undefined; 'file.drive_letter'?: string | undefined; 'file.elf.architecture'?: string | undefined; 'file.elf.byte_order'?: string | undefined; 'file.elf.cpu_type'?: string | undefined; 'file.elf.creation_date'?: string | number | undefined; 'file.elf.exports'?: unknown[] | undefined; 'file.elf.header.abi_version'?: string | undefined; 'file.elf.header.class'?: string | undefined; 'file.elf.header.data'?: string | undefined; 'file.elf.header.entrypoint'?: string | number | undefined; 'file.elf.header.object_version'?: string | undefined; 'file.elf.header.os_abi'?: string | undefined; 'file.elf.header.type'?: string | undefined; 'file.elf.header.version'?: string | undefined; 'file.elf.imports'?: unknown[] | undefined; 'file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'file.elf.shared_libraries'?: string[] | undefined; 'file.elf.telfhash'?: string | undefined; 'file.extension'?: string | undefined; 'file.fork_name'?: string | undefined; 'file.gid'?: string | undefined; 'file.group'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.inode'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.mode'?: string | undefined; 'file.mtime'?: string | number | undefined; 'file.name'?: string | undefined; 'file.owner'?: string | undefined; 'file.path'?: string | undefined; 'file.pe.architecture'?: string | undefined; 'file.pe.company'?: string | undefined; 'file.pe.description'?: string | undefined; 'file.pe.file_version'?: string | undefined; 'file.pe.imphash'?: string | undefined; 'file.pe.original_file_name'?: string | undefined; 'file.pe.pehash'?: string | undefined; 'file.pe.product'?: string | undefined; 'file.size'?: string | number | undefined; 'file.target_path'?: string | undefined; 'file.type'?: string | undefined; 'file.uid'?: string | undefined; 'file.x509.alternative_names'?: string[] | undefined; 'file.x509.issuer.common_name'?: string[] | undefined; 'file.x509.issuer.country'?: string[] | undefined; 'file.x509.issuer.distinguished_name'?: string | undefined; 'file.x509.issuer.locality'?: string[] | undefined; 'file.x509.issuer.organization'?: string[] | undefined; 'file.x509.issuer.organizational_unit'?: string[] | undefined; 'file.x509.issuer.state_or_province'?: string[] | undefined; 'file.x509.not_after'?: string | number | undefined; 'file.x509.not_before'?: string | number | undefined; 'file.x509.public_key_algorithm'?: string | undefined; 'file.x509.public_key_curve'?: string | undefined; 'file.x509.public_key_exponent'?: string | number | undefined; 'file.x509.public_key_size'?: string | number | undefined; 'file.x509.serial_number'?: string | undefined; 'file.x509.signature_algorithm'?: string | undefined; 'file.x509.subject.common_name'?: string[] | undefined; 'file.x509.subject.country'?: string[] | undefined; 'file.x509.subject.distinguished_name'?: string | undefined; 'file.x509.subject.locality'?: string[] | undefined; 'file.x509.subject.organization'?: string[] | undefined; 'file.x509.subject.organizational_unit'?: string[] | undefined; 'file.x509.subject.state_or_province'?: string[] | undefined; 'file.x509.version_number'?: string | undefined; 'group.domain'?: string | undefined; 'group.id'?: string | undefined; 'group.name'?: string | undefined; 'host.architecture'?: string | undefined; 'host.boot.id'?: string | undefined; 'host.cpu.usage'?: string | number | undefined; 'host.disk.read.bytes'?: string | number | undefined; 'host.disk.write.bytes'?: string | number | undefined; 'host.domain'?: string | undefined; 'host.geo.city_name'?: string | undefined; 'host.geo.continent_code'?: string | undefined; 'host.geo.continent_name'?: string | undefined; 'host.geo.country_iso_code'?: string | undefined; 'host.geo.country_name'?: string | undefined; 'host.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'host.geo.name'?: string | undefined; 'host.geo.postal_code'?: string | undefined; 'host.geo.region_iso_code'?: string | undefined; 'host.geo.region_name'?: string | undefined; 'host.geo.timezone'?: string | undefined; 'host.hostname'?: string | undefined; 'host.id'?: string | undefined; 'host.ip'?: string[] | undefined; 'host.mac'?: string[] | undefined; 'host.name'?: string | undefined; 'host.network.egress.bytes'?: string | number | undefined; 'host.network.egress.packets'?: string | number | undefined; 'host.network.ingress.bytes'?: string | number | undefined; 'host.network.ingress.packets'?: string | number | undefined; 'host.os.family'?: string | undefined; 'host.os.full'?: string | undefined; 'host.os.kernel'?: string | undefined; 'host.os.name'?: string | undefined; 'host.os.platform'?: string | undefined; 'host.os.type'?: string | undefined; 'host.os.version'?: string | undefined; 'host.pid_ns_ino'?: string | undefined; 'host.risk.calculated_level'?: string | undefined; 'host.risk.calculated_score'?: number | undefined; 'host.risk.calculated_score_norm'?: number | undefined; 'host.risk.static_level'?: string | undefined; 'host.risk.static_score'?: number | undefined; 'host.risk.static_score_norm'?: number | undefined; 'host.type'?: string | undefined; 'host.uptime'?: string | number | undefined; 'http.request.body.bytes'?: string | number | undefined; 'http.request.body.content'?: string | undefined; 'http.request.bytes'?: string | number | undefined; 'http.request.id'?: string | undefined; 'http.request.method'?: string | undefined; 'http.request.mime_type'?: string | undefined; 'http.request.referrer'?: string | undefined; 'http.response.body.bytes'?: string | number | undefined; 'http.response.body.content'?: string | undefined; 'http.response.bytes'?: string | number | undefined; 'http.response.mime_type'?: string | undefined; 'http.response.status_code'?: string | number | undefined; 'http.version'?: string | undefined; 'log.file.path'?: string | undefined; 'log.level'?: string | undefined; 'log.logger'?: string | undefined; 'log.origin.file.line'?: string | number | undefined; 'log.origin.file.name'?: string | undefined; 'log.origin.function'?: string | undefined; message?: string | undefined; 'network.application'?: string | undefined; 'network.bytes'?: string | number | undefined; 'network.community_id'?: string | undefined; 'network.direction'?: string | undefined; 'network.forwarded_ip'?: string | undefined; 'network.iana_number'?: string | undefined; 'network.name'?: string | undefined; 'network.packets'?: string | number | undefined; 'network.protocol'?: string | undefined; 'network.transport'?: string | undefined; 'network.type'?: string | undefined; 'network.vlan.id'?: string | undefined; 'network.vlan.name'?: string | undefined; 'observer.geo.city_name'?: string | undefined; 'observer.geo.continent_code'?: string | undefined; 'observer.geo.continent_name'?: string | undefined; 'observer.geo.country_iso_code'?: string | undefined; 'observer.geo.country_name'?: string | undefined; 'observer.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'observer.geo.name'?: string | undefined; 'observer.geo.postal_code'?: string | undefined; 'observer.geo.region_iso_code'?: string | undefined; 'observer.geo.region_name'?: string | undefined; 'observer.geo.timezone'?: string | undefined; 'observer.hostname'?: string | undefined; 'observer.ip'?: string[] | undefined; 'observer.mac'?: string[] | undefined; 'observer.name'?: string | undefined; 'observer.os.family'?: string | undefined; 'observer.os.full'?: string | undefined; 'observer.os.kernel'?: string | undefined; 'observer.os.name'?: string | undefined; 'observer.os.platform'?: string | undefined; 'observer.os.type'?: string | undefined; 'observer.os.version'?: string | undefined; 'observer.product'?: string | undefined; 'observer.serial_number'?: string | undefined; 'observer.type'?: string | undefined; 'observer.vendor'?: string | undefined; 'observer.version'?: string | undefined; 'orchestrator.api_version'?: string | undefined; 'orchestrator.cluster.id'?: string | undefined; 'orchestrator.cluster.name'?: string | undefined; 'orchestrator.cluster.url'?: string | undefined; 'orchestrator.cluster.version'?: string | undefined; 'orchestrator.namespace'?: string | undefined; 'orchestrator.organization'?: string | undefined; 'orchestrator.resource.id'?: string | undefined; 'orchestrator.resource.ip'?: string[] | undefined; 'orchestrator.resource.name'?: string | undefined; 'orchestrator.resource.parent.type'?: string | undefined; 'orchestrator.resource.type'?: string | undefined; 'orchestrator.type'?: string | undefined; 'organization.id'?: string | undefined; 'organization.name'?: string | undefined; 'package.architecture'?: string | undefined; 'package.build_version'?: string | undefined; 'package.checksum'?: string | undefined; 'package.description'?: string | undefined; 'package.install_scope'?: string | undefined; 'package.installed'?: string | number | undefined; 'package.license'?: string | undefined; 'package.name'?: string | undefined; 'package.path'?: string | undefined; 'package.reference'?: string | undefined; 'package.size'?: string | number | undefined; 'package.type'?: string | undefined; 'package.version'?: string | undefined; 'process.args'?: string[] | undefined; 'process.args_count'?: string | number | undefined; 'process.code_signature.digest_algorithm'?: string | undefined; 'process.code_signature.exists'?: boolean | undefined; 'process.code_signature.signing_id'?: string | undefined; 'process.code_signature.status'?: string | undefined; 'process.code_signature.subject_name'?: string | undefined; 'process.code_signature.team_id'?: string | undefined; 'process.code_signature.timestamp'?: string | number | undefined; 'process.code_signature.trusted'?: boolean | undefined; 'process.code_signature.valid'?: boolean | undefined; 'process.command_line'?: string | undefined; 'process.elf.architecture'?: string | undefined; 'process.elf.byte_order'?: string | undefined; 'process.elf.cpu_type'?: string | undefined; 'process.elf.creation_date'?: string | number | undefined; 'process.elf.exports'?: unknown[] | undefined; 'process.elf.header.abi_version'?: string | undefined; 'process.elf.header.class'?: string | undefined; 'process.elf.header.data'?: string | undefined; 'process.elf.header.entrypoint'?: string | number | undefined; 'process.elf.header.object_version'?: string | undefined; 'process.elf.header.os_abi'?: string | undefined; 'process.elf.header.type'?: string | undefined; 'process.elf.header.version'?: string | undefined; 'process.elf.imports'?: unknown[] | undefined; 'process.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.elf.shared_libraries'?: string[] | undefined; 'process.elf.telfhash'?: string | undefined; 'process.end'?: string | number | undefined; 'process.entity_id'?: string | undefined; 'process.entry_leader.args'?: string[] | undefined; 'process.entry_leader.args_count'?: string | number | undefined; 'process.entry_leader.attested_groups.name'?: string | undefined; 'process.entry_leader.attested_user.id'?: string | undefined; 'process.entry_leader.attested_user.name'?: string | undefined; 'process.entry_leader.command_line'?: string | undefined; 'process.entry_leader.entity_id'?: string | undefined; 'process.entry_leader.entry_meta.source.ip'?: string | undefined; 'process.entry_leader.entry_meta.type'?: string | undefined; 'process.entry_leader.executable'?: string | undefined; 'process.entry_leader.group.id'?: string | undefined; 'process.entry_leader.group.name'?: string | undefined; 'process.entry_leader.interactive'?: boolean | undefined; 'process.entry_leader.name'?: string | undefined; 'process.entry_leader.parent.entity_id'?: string | undefined; 'process.entry_leader.parent.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.entity_id'?: string | undefined; 'process.entry_leader.parent.session_leader.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.start'?: string | number | undefined; 'process.entry_leader.parent.start'?: string | number | undefined; 'process.entry_leader.pid'?: string | number | undefined; 'process.entry_leader.real_group.id'?: string | undefined; 'process.entry_leader.real_group.name'?: string | undefined; 'process.entry_leader.real_user.id'?: string | undefined; 'process.entry_leader.real_user.name'?: string | undefined; 'process.entry_leader.same_as_process'?: boolean | undefined; 'process.entry_leader.saved_group.id'?: string | undefined; 'process.entry_leader.saved_group.name'?: string | undefined; 'process.entry_leader.saved_user.id'?: string | undefined; 'process.entry_leader.saved_user.name'?: string | undefined; 'process.entry_leader.start'?: string | number | undefined; 'process.entry_leader.supplemental_groups.id'?: string | undefined; 'process.entry_leader.supplemental_groups.name'?: string | undefined; 'process.entry_leader.user.id'?: string | undefined; 'process.entry_leader.user.name'?: string | undefined; 'process.entry_leader.working_directory'?: string | undefined; 'process.env_vars'?: string[] | undefined; 'process.executable'?: string | undefined; 'process.exit_code'?: string | number | undefined; 'process.group_leader.args'?: string[] | undefined; 'process.group_leader.args_count'?: string | number | undefined; 'process.group_leader.command_line'?: string | undefined; 'process.group_leader.entity_id'?: string | undefined; 'process.group_leader.executable'?: string | undefined; 'process.group_leader.group.id'?: string | undefined; 'process.group_leader.group.name'?: string | undefined; 'process.group_leader.interactive'?: boolean | undefined; 'process.group_leader.name'?: string | undefined; 'process.group_leader.pid'?: string | number | undefined; 'process.group_leader.real_group.id'?: string | undefined; 'process.group_leader.real_group.name'?: string | undefined; 'process.group_leader.real_user.id'?: string | undefined; 'process.group_leader.real_user.name'?: string | undefined; 'process.group_leader.same_as_process'?: boolean | undefined; 'process.group_leader.saved_group.id'?: string | undefined; 'process.group_leader.saved_group.name'?: string | undefined; 'process.group_leader.saved_user.id'?: string | undefined; 'process.group_leader.saved_user.name'?: string | undefined; 'process.group_leader.start'?: string | number | undefined; 'process.group_leader.supplemental_groups.id'?: string | undefined; 'process.group_leader.supplemental_groups.name'?: string | undefined; 'process.group_leader.user.id'?: string | undefined; 'process.group_leader.user.name'?: string | undefined; 'process.group_leader.working_directory'?: string | undefined; 'process.hash.md5'?: string | undefined; 'process.hash.sha1'?: string | undefined; 'process.hash.sha256'?: string | undefined; 'process.hash.sha384'?: string | undefined; 'process.hash.sha512'?: string | undefined; 'process.hash.ssdeep'?: string | undefined; 'process.hash.tlsh'?: string | undefined; 'process.interactive'?: boolean | undefined; 'process.name'?: string | undefined; 'process.parent.args'?: string[] | undefined; 'process.parent.args_count'?: string | number | undefined; 'process.parent.code_signature.digest_algorithm'?: string | undefined; 'process.parent.code_signature.exists'?: boolean | undefined; 'process.parent.code_signature.signing_id'?: string | undefined; 'process.parent.code_signature.status'?: string | undefined; 'process.parent.code_signature.subject_name'?: string | undefined; 'process.parent.code_signature.team_id'?: string | undefined; 'process.parent.code_signature.timestamp'?: string | number | undefined; 'process.parent.code_signature.trusted'?: boolean | undefined; 'process.parent.code_signature.valid'?: boolean | undefined; 'process.parent.command_line'?: string | undefined; 'process.parent.elf.architecture'?: string | undefined; 'process.parent.elf.byte_order'?: string | undefined; 'process.parent.elf.cpu_type'?: string | undefined; 'process.parent.elf.creation_date'?: string | number | undefined; 'process.parent.elf.exports'?: unknown[] | undefined; 'process.parent.elf.header.abi_version'?: string | undefined; 'process.parent.elf.header.class'?: string | undefined; 'process.parent.elf.header.data'?: string | undefined; 'process.parent.elf.header.entrypoint'?: string | number | undefined; 'process.parent.elf.header.object_version'?: string | undefined; 'process.parent.elf.header.os_abi'?: string | undefined; 'process.parent.elf.header.type'?: string | undefined; 'process.parent.elf.header.version'?: string | undefined; 'process.parent.elf.imports'?: unknown[] | undefined; 'process.parent.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.parent.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.parent.elf.shared_libraries'?: string[] | undefined; 'process.parent.elf.telfhash'?: string | undefined; 'process.parent.end'?: string | number | undefined; 'process.parent.entity_id'?: string | undefined; 'process.parent.executable'?: string | undefined; 'process.parent.exit_code'?: string | number | undefined; 'process.parent.group.id'?: string | undefined; 'process.parent.group.name'?: string | undefined; 'process.parent.group_leader.entity_id'?: string | undefined; 'process.parent.group_leader.pid'?: string | number | undefined; 'process.parent.group_leader.start'?: string | number | undefined; 'process.parent.hash.md5'?: string | undefined; 'process.parent.hash.sha1'?: string | undefined; 'process.parent.hash.sha256'?: string | undefined; 'process.parent.hash.sha384'?: string | undefined; 'process.parent.hash.sha512'?: string | undefined; 'process.parent.hash.ssdeep'?: string | undefined; 'process.parent.hash.tlsh'?: string | undefined; 'process.parent.interactive'?: boolean | undefined; 'process.parent.name'?: string | undefined; 'process.parent.pe.architecture'?: string | undefined; 'process.parent.pe.company'?: string | undefined; 'process.parent.pe.description'?: string | undefined; 'process.parent.pe.file_version'?: string | undefined; 'process.parent.pe.imphash'?: string | undefined; 'process.parent.pe.original_file_name'?: string | undefined; 'process.parent.pe.pehash'?: string | undefined; 'process.parent.pe.product'?: string | undefined; 'process.parent.pgid'?: string | number | undefined; 'process.parent.pid'?: string | number | undefined; 'process.parent.real_group.id'?: string | undefined; 'process.parent.real_group.name'?: string | undefined; 'process.parent.real_user.id'?: string | undefined; 'process.parent.real_user.name'?: string | undefined; 'process.parent.saved_group.id'?: string | undefined; 'process.parent.saved_group.name'?: string | undefined; 'process.parent.saved_user.id'?: string | undefined; 'process.parent.saved_user.name'?: string | undefined; 'process.parent.start'?: string | number | undefined; 'process.parent.supplemental_groups.id'?: string | undefined; 'process.parent.supplemental_groups.name'?: string | undefined; 'process.parent.thread.id'?: string | number | undefined; 'process.parent.thread.name'?: string | undefined; 'process.parent.title'?: string | undefined; 'process.parent.uptime'?: string | number | undefined; 'process.parent.user.id'?: string | undefined; 'process.parent.user.name'?: string | undefined; 'process.parent.working_directory'?: string | undefined; 'process.pe.architecture'?: string | undefined; 'process.pe.company'?: string | undefined; 'process.pe.description'?: string | undefined; 'process.pe.file_version'?: string | undefined; 'process.pe.imphash'?: string | undefined; 'process.pe.original_file_name'?: string | undefined; 'process.pe.pehash'?: string | undefined; 'process.pe.product'?: string | undefined; 'process.pgid'?: string | number | undefined; 'process.pid'?: string | number | undefined; 'process.previous.args'?: string[] | undefined; 'process.previous.args_count'?: string | number | undefined; 'process.previous.executable'?: string | undefined; 'process.real_group.id'?: string | undefined; 'process.real_group.name'?: string | undefined; 'process.real_user.id'?: string | undefined; 'process.real_user.name'?: string | undefined; 'process.saved_group.id'?: string | undefined; 'process.saved_group.name'?: string | undefined; 'process.saved_user.id'?: string | undefined; 'process.saved_user.name'?: string | undefined; 'process.session_leader.args'?: string[] | undefined; 'process.session_leader.args_count'?: string | number | undefined; 'process.session_leader.command_line'?: string | undefined; 'process.session_leader.entity_id'?: string | undefined; 'process.session_leader.executable'?: string | undefined; 'process.session_leader.group.id'?: string | undefined; 'process.session_leader.group.name'?: string | undefined; 'process.session_leader.interactive'?: boolean | undefined; 'process.session_leader.name'?: string | undefined; 'process.session_leader.parent.entity_id'?: string | undefined; 'process.session_leader.parent.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.entity_id'?: string | undefined; 'process.session_leader.parent.session_leader.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.start'?: string | number | undefined; 'process.session_leader.parent.start'?: string | number | undefined; 'process.session_leader.pid'?: string | number | undefined; 'process.session_leader.real_group.id'?: string | undefined; 'process.session_leader.real_group.name'?: string | undefined; 'process.session_leader.real_user.id'?: string | undefined; 'process.session_leader.real_user.name'?: string | undefined; 'process.session_leader.same_as_process'?: boolean | undefined; 'process.session_leader.saved_group.id'?: string | undefined; 'process.session_leader.saved_group.name'?: string | undefined; 'process.session_leader.saved_user.id'?: string | undefined; 'process.session_leader.saved_user.name'?: string | undefined; 'process.session_leader.start'?: string | number | undefined; 'process.session_leader.supplemental_groups.id'?: string | undefined; 'process.session_leader.supplemental_groups.name'?: string | undefined; 'process.session_leader.user.id'?: string | undefined; 'process.session_leader.user.name'?: string | undefined; 'process.session_leader.working_directory'?: string | undefined; 'process.start'?: string | number | undefined; 'process.supplemental_groups.id'?: string | undefined; 'process.supplemental_groups.name'?: string | undefined; 'process.thread.id'?: string | number | undefined; 'process.thread.name'?: string | undefined; 'process.title'?: string | undefined; 'process.uptime'?: string | number | undefined; 'process.user.id'?: string | undefined; 'process.user.name'?: string | undefined; 'process.working_directory'?: string | undefined; 'registry.data.bytes'?: string | undefined; 'registry.data.strings'?: string[] | undefined; 'registry.data.type'?: string | undefined; 'registry.hive'?: string | undefined; 'registry.key'?: string | undefined; 'registry.path'?: string | undefined; 'registry.value'?: string | undefined; 'related.hash'?: string[] | undefined; 'related.hosts'?: string[] | undefined; 'related.ip'?: string[] | undefined; 'related.user'?: string[] | undefined; 'rule.author'?: string[] | undefined; 'rule.category'?: string | undefined; 'rule.description'?: string | undefined; 'rule.id'?: string | undefined; 'rule.license'?: string | undefined; 'rule.name'?: string | undefined; 'rule.reference'?: string | undefined; 'rule.ruleset'?: string | undefined; 'rule.uuid'?: string | undefined; 'rule.version'?: string | undefined; 'server.address'?: string | undefined; 'server.as.number'?: string | number | undefined; 'server.as.organization.name'?: string | undefined; 'server.bytes'?: string | number | undefined; 'server.domain'?: string | undefined; 'server.geo.city_name'?: string | undefined; 'server.geo.continent_code'?: string | undefined; 'server.geo.continent_name'?: string | undefined; 'server.geo.country_iso_code'?: string | undefined; 'server.geo.country_name'?: string | undefined; 'server.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'server.geo.name'?: string | undefined; 'server.geo.postal_code'?: string | undefined; 'server.geo.region_iso_code'?: string | undefined; 'server.geo.region_name'?: string | undefined; 'server.geo.timezone'?: string | undefined; 'server.ip'?: string | undefined; 'server.mac'?: string | undefined; 'server.nat.ip'?: string | undefined; 'server.nat.port'?: string | number | undefined; 'server.packets'?: string | number | undefined; 'server.port'?: string | number | undefined; 'server.registered_domain'?: string | undefined; 'server.subdomain'?: string | undefined; 'server.top_level_domain'?: string | undefined; 'server.user.domain'?: string | undefined; 'server.user.email'?: string | undefined; 'server.user.full_name'?: string | undefined; 'server.user.group.domain'?: string | undefined; 'server.user.group.id'?: string | undefined; 'server.user.group.name'?: string | undefined; 'server.user.hash'?: string | undefined; 'server.user.id'?: string | undefined; 'server.user.name'?: string | undefined; 'server.user.roles'?: string[] | undefined; 'service.address'?: string | undefined; 'service.environment'?: string | undefined; 'service.ephemeral_id'?: string | undefined; 'service.id'?: string | undefined; 'service.name'?: string | undefined; 'service.node.name'?: string | undefined; 'service.node.role'?: string | undefined; 'service.node.roles'?: string[] | undefined; 'service.origin.address'?: string | undefined; 'service.origin.environment'?: string | undefined; 'service.origin.ephemeral_id'?: string | undefined; 'service.origin.id'?: string | undefined; 'service.origin.name'?: string | undefined; 'service.origin.node.name'?: string | undefined; 'service.origin.node.role'?: string | undefined; 'service.origin.node.roles'?: string[] | undefined; 'service.origin.state'?: string | undefined; 'service.origin.type'?: string | undefined; 'service.origin.version'?: string | undefined; 'service.state'?: string | undefined; 'service.target.address'?: string | undefined; 'service.target.environment'?: string | undefined; 'service.target.ephemeral_id'?: string | undefined; 'service.target.id'?: string | undefined; 'service.target.name'?: string | undefined; 'service.target.node.name'?: string | undefined; 'service.target.node.role'?: string | undefined; 'service.target.node.roles'?: string[] | undefined; 'service.target.state'?: string | undefined; 'service.target.type'?: string | undefined; 'service.target.version'?: string | undefined; 'service.type'?: string | undefined; 'service.version'?: string | undefined; 'source.address'?: string | undefined; 'source.as.number'?: string | number | undefined; 'source.as.organization.name'?: string | undefined; 'source.bytes'?: string | number | undefined; 'source.domain'?: string | undefined; 'source.geo.city_name'?: string | undefined; 'source.geo.continent_code'?: string | undefined; 'source.geo.continent_name'?: string | undefined; 'source.geo.country_iso_code'?: string | undefined; 'source.geo.country_name'?: string | undefined; 'source.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'source.geo.name'?: string | undefined; 'source.geo.postal_code'?: string | undefined; 'source.geo.region_iso_code'?: string | undefined; 'source.geo.region_name'?: string | undefined; 'source.geo.timezone'?: string | undefined; 'source.ip'?: string | undefined; 'source.mac'?: string | undefined; 'source.nat.ip'?: string | undefined; 'source.nat.port'?: string | number | undefined; 'source.packets'?: string | number | undefined; 'source.port'?: string | number | undefined; 'source.registered_domain'?: string | undefined; 'source.subdomain'?: string | undefined; 'source.top_level_domain'?: string | undefined; 'source.user.domain'?: string | undefined; 'source.user.email'?: string | undefined; 'source.user.full_name'?: string | undefined; 'source.user.group.domain'?: string | undefined; 'source.user.group.id'?: string | undefined; 'source.user.group.name'?: string | undefined; 'source.user.hash'?: string | undefined; 'source.user.id'?: string | undefined; 'source.user.name'?: string | undefined; 'source.user.roles'?: string[] | undefined; 'span.id'?: string | undefined; tags?: string[] | undefined; 'threat.enrichments'?: { 'matched.atomic'?: string | undefined; 'matched.field'?: string | undefined; 'matched.id'?: string | undefined; 'matched.index'?: string | undefined; 'matched.occurred'?: string | number | undefined; 'matched.type'?: string | undefined; }[] | undefined; 'threat.feed.dashboard_id'?: string | undefined; 'threat.feed.description'?: string | undefined; 'threat.feed.name'?: string | undefined; 'threat.feed.reference'?: string | undefined; 'threat.framework'?: string | undefined; 'threat.group.alias'?: string[] | undefined; 'threat.group.id'?: string | undefined; 'threat.group.name'?: string | undefined; 'threat.group.reference'?: string | undefined; 'threat.indicator.as.number'?: string | number | undefined; 'threat.indicator.as.organization.name'?: string | undefined; 'threat.indicator.confidence'?: string | undefined; 'threat.indicator.description'?: string | undefined; 'threat.indicator.email.address'?: string | undefined; 'threat.indicator.file.accessed'?: string | number | undefined; 'threat.indicator.file.attributes'?: string[] | undefined; 'threat.indicator.file.code_signature.digest_algorithm'?: string | undefined; 'threat.indicator.file.code_signature.exists'?: boolean | undefined; 'threat.indicator.file.code_signature.signing_id'?: string | undefined; 'threat.indicator.file.code_signature.status'?: string | undefined; 'threat.indicator.file.code_signature.subject_name'?: string | undefined; 'threat.indicator.file.code_signature.team_id'?: string | undefined; 'threat.indicator.file.code_signature.timestamp'?: string | number | undefined; 'threat.indicator.file.code_signature.trusted'?: boolean | undefined; 'threat.indicator.file.code_signature.valid'?: boolean | undefined; 'threat.indicator.file.created'?: string | number | undefined; 'threat.indicator.file.ctime'?: string | number | undefined; 'threat.indicator.file.device'?: string | undefined; 'threat.indicator.file.directory'?: string | undefined; 'threat.indicator.file.drive_letter'?: string | undefined; 'threat.indicator.file.elf.architecture'?: string | undefined; 'threat.indicator.file.elf.byte_order'?: string | undefined; 'threat.indicator.file.elf.cpu_type'?: string | undefined; 'threat.indicator.file.elf.creation_date'?: string | number | undefined; 'threat.indicator.file.elf.exports'?: unknown[] | undefined; 'threat.indicator.file.elf.header.abi_version'?: string | undefined; 'threat.indicator.file.elf.header.class'?: string | undefined; 'threat.indicator.file.elf.header.data'?: string | undefined; 'threat.indicator.file.elf.header.entrypoint'?: string | number | undefined; 'threat.indicator.file.elf.header.object_version'?: string | undefined; 'threat.indicator.file.elf.header.os_abi'?: string | undefined; 'threat.indicator.file.elf.header.type'?: string | undefined; 'threat.indicator.file.elf.header.version'?: string | undefined; 'threat.indicator.file.elf.imports'?: unknown[] | undefined; 'threat.indicator.file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'threat.indicator.file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'threat.indicator.file.elf.shared_libraries'?: string[] | undefined; 'threat.indicator.file.elf.telfhash'?: string | undefined; 'threat.indicator.file.extension'?: string | undefined; 'threat.indicator.file.fork_name'?: string | undefined; 'threat.indicator.file.gid'?: string | undefined; 'threat.indicator.file.group'?: string | undefined; 'threat.indicator.file.hash.md5'?: string | undefined; 'threat.indicator.file.hash.sha1'?: string | undefined; 'threat.indicator.file.hash.sha256'?: string | undefined; 'threat.indicator.file.hash.sha384'?: string | undefined; 'threat.indicator.file.hash.sha512'?: string | undefined; 'threat.indicator.file.hash.ssdeep'?: string | undefined; 'threat.indicator.file.hash.tlsh'?: string | undefined; 'threat.indicator.file.inode'?: string | undefined; 'threat.indicator.file.mime_type'?: string | undefined; 'threat.indicator.file.mode'?: string | undefined; 'threat.indicator.file.mtime'?: string | number | undefined; 'threat.indicator.file.name'?: string | undefined; 'threat.indicator.file.owner'?: string | undefined; 'threat.indicator.file.path'?: string | undefined; 'threat.indicator.file.pe.architecture'?: string | undefined; 'threat.indicator.file.pe.company'?: string | undefined; 'threat.indicator.file.pe.description'?: string | undefined; 'threat.indicator.file.pe.file_version'?: string | undefined; 'threat.indicator.file.pe.imphash'?: string | undefined; 'threat.indicator.file.pe.original_file_name'?: string | undefined; 'threat.indicator.file.pe.pehash'?: string | undefined; 'threat.indicator.file.pe.product'?: string | undefined; 'threat.indicator.file.size'?: string | number | undefined; 'threat.indicator.file.target_path'?: string | undefined; 'threat.indicator.file.type'?: string | undefined; 'threat.indicator.file.uid'?: string | undefined; 'threat.indicator.file.x509.alternative_names'?: string[] | undefined; 'threat.indicator.file.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.file.x509.issuer.country'?: string[] | undefined; 'threat.indicator.file.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.not_after'?: string | number | undefined; 'threat.indicator.file.x509.not_before'?: string | number | undefined; 'threat.indicator.file.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.file.x509.public_key_curve'?: string | undefined; 'threat.indicator.file.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.file.x509.public_key_size'?: string | number | undefined; 'threat.indicator.file.x509.serial_number'?: string | undefined; 'threat.indicator.file.x509.signature_algorithm'?: string | undefined; 'threat.indicator.file.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.file.x509.subject.country'?: string[] | undefined; 'threat.indicator.file.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.subject.locality'?: string[] | undefined; 'threat.indicator.file.x509.subject.organization'?: string[] | undefined; 'threat.indicator.file.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.version_number'?: string | undefined; 'threat.indicator.first_seen'?: string | number | undefined; 'threat.indicator.geo.city_name'?: string | undefined; 'threat.indicator.geo.continent_code'?: string | undefined; 'threat.indicator.geo.continent_name'?: string | undefined; 'threat.indicator.geo.country_iso_code'?: string | undefined; 'threat.indicator.geo.country_name'?: string | undefined; 'threat.indicator.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'threat.indicator.geo.name'?: string | undefined; 'threat.indicator.geo.postal_code'?: string | undefined; 'threat.indicator.geo.region_iso_code'?: string | undefined; 'threat.indicator.geo.region_name'?: string | undefined; 'threat.indicator.geo.timezone'?: string | undefined; 'threat.indicator.ip'?: string | undefined; 'threat.indicator.last_seen'?: string | number | undefined; 'threat.indicator.marking.tlp'?: string | undefined; 'threat.indicator.marking.tlp_version'?: string | undefined; 'threat.indicator.modified_at'?: string | number | undefined; 'threat.indicator.port'?: string | number | undefined; 'threat.indicator.provider'?: string | undefined; 'threat.indicator.reference'?: string | undefined; 'threat.indicator.registry.data.bytes'?: string | undefined; 'threat.indicator.registry.data.strings'?: string[] | undefined; 'threat.indicator.registry.data.type'?: string | undefined; 'threat.indicator.registry.hive'?: string | undefined; 'threat.indicator.registry.key'?: string | undefined; 'threat.indicator.registry.path'?: string | undefined; 'threat.indicator.registry.value'?: string | undefined; 'threat.indicator.scanner_stats'?: string | number | undefined; 'threat.indicator.sightings'?: string | number | undefined; 'threat.indicator.type'?: string | undefined; 'threat.indicator.url.domain'?: string | undefined; 'threat.indicator.url.extension'?: string | undefined; 'threat.indicator.url.fragment'?: string | undefined; 'threat.indicator.url.full'?: string | undefined; 'threat.indicator.url.original'?: string | undefined; 'threat.indicator.url.password'?: string | undefined; 'threat.indicator.url.path'?: string | undefined; 'threat.indicator.url.port'?: string | number | undefined; 'threat.indicator.url.query'?: string | undefined; 'threat.indicator.url.registered_domain'?: string | undefined; 'threat.indicator.url.scheme'?: string | undefined; 'threat.indicator.url.subdomain'?: string | undefined; 'threat.indicator.url.top_level_domain'?: string | undefined; 'threat.indicator.url.username'?: string | undefined; 'threat.indicator.x509.alternative_names'?: string[] | undefined; 'threat.indicator.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.x509.issuer.country'?: string[] | undefined; 'threat.indicator.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.x509.not_after'?: string | number | undefined; 'threat.indicator.x509.not_before'?: string | number | undefined; 'threat.indicator.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.x509.public_key_curve'?: string | undefined; 'threat.indicator.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.x509.public_key_size'?: string | number | undefined; 'threat.indicator.x509.serial_number'?: string | undefined; 'threat.indicator.x509.signature_algorithm'?: string | undefined; 'threat.indicator.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.x509.subject.country'?: string[] | undefined; 'threat.indicator.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.x509.subject.locality'?: string[] | undefined; 'threat.indicator.x509.subject.organization'?: string[] | undefined; 'threat.indicator.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.x509.version_number'?: string | undefined; 'threat.software.alias'?: string[] | undefined; 'threat.software.id'?: string | undefined; 'threat.software.name'?: string | undefined; 'threat.software.platforms'?: string[] | undefined; 'threat.software.reference'?: string | undefined; 'threat.software.type'?: string | undefined; 'threat.tactic.id'?: string[] | undefined; 'threat.tactic.name'?: string[] | undefined; 'threat.tactic.reference'?: string[] | undefined; 'threat.technique.id'?: string[] | undefined; 'threat.technique.name'?: string[] | undefined; 'threat.technique.reference'?: string[] | undefined; 'threat.technique.subtechnique.id'?: string[] | undefined; 'threat.technique.subtechnique.name'?: string[] | undefined; 'threat.technique.subtechnique.reference'?: string[] | undefined; 'tls.cipher'?: string | undefined; 'tls.client.certificate'?: string | undefined; 'tls.client.certificate_chain'?: string[] | undefined; 'tls.client.hash.md5'?: string | undefined; 'tls.client.hash.sha1'?: string | undefined; 'tls.client.hash.sha256'?: string | undefined; 'tls.client.issuer'?: string | undefined; 'tls.client.ja3'?: string | undefined; 'tls.client.not_after'?: string | number | undefined; 'tls.client.not_before'?: string | number | undefined; 'tls.client.server_name'?: string | undefined; 'tls.client.subject'?: string | undefined; 'tls.client.supported_ciphers'?: string[] | undefined; 'tls.client.x509.alternative_names'?: string[] | undefined; 'tls.client.x509.issuer.common_name'?: string[] | undefined; 'tls.client.x509.issuer.country'?: string[] | undefined; 'tls.client.x509.issuer.distinguished_name'?: string | undefined; 'tls.client.x509.issuer.locality'?: string[] | undefined; 'tls.client.x509.issuer.organization'?: string[] | undefined; 'tls.client.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.client.x509.issuer.state_or_province'?: string[] | undefined; 'tls.client.x509.not_after'?: string | number | undefined; 'tls.client.x509.not_before'?: string | number | undefined; 'tls.client.x509.public_key_algorithm'?: string | undefined; 'tls.client.x509.public_key_curve'?: string | undefined; 'tls.client.x509.public_key_exponent'?: string | number | undefined; 'tls.client.x509.public_key_size'?: string | number | undefined; 'tls.client.x509.serial_number'?: string | undefined; 'tls.client.x509.signature_algorithm'?: string | undefined; 'tls.client.x509.subject.common_name'?: string[] | undefined; 'tls.client.x509.subject.country'?: string[] | undefined; 'tls.client.x509.subject.distinguished_name'?: string | undefined; 'tls.client.x509.subject.locality'?: string[] | undefined; 'tls.client.x509.subject.organization'?: string[] | undefined; 'tls.client.x509.subject.organizational_unit'?: string[] | undefined; 'tls.client.x509.subject.state_or_province'?: string[] | undefined; 'tls.client.x509.version_number'?: string | undefined; 'tls.curve'?: string | undefined; 'tls.established'?: boolean | undefined; 'tls.next_protocol'?: string | undefined; 'tls.resumed'?: boolean | undefined; 'tls.server.certificate'?: string | undefined; 'tls.server.certificate_chain'?: string[] | undefined; 'tls.server.hash.md5'?: string | undefined; 'tls.server.hash.sha1'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.issuer'?: string | undefined; 'tls.server.ja3s'?: string | undefined; 'tls.server.not_after'?: string | number | undefined; 'tls.server.not_before'?: string | number | undefined; 'tls.server.subject'?: string | undefined; 'tls.server.x509.alternative_names'?: string[] | undefined; 'tls.server.x509.issuer.common_name'?: string[] | undefined; 'tls.server.x509.issuer.country'?: string[] | undefined; 'tls.server.x509.issuer.distinguished_name'?: string | undefined; 'tls.server.x509.issuer.locality'?: string[] | undefined; 'tls.server.x509.issuer.organization'?: string[] | undefined; 'tls.server.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.server.x509.issuer.state_or_province'?: string[] | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.public_key_algorithm'?: string | undefined; 'tls.server.x509.public_key_curve'?: string | undefined; 'tls.server.x509.public_key_exponent'?: string | number | undefined; 'tls.server.x509.public_key_size'?: string | number | undefined; 'tls.server.x509.serial_number'?: string | undefined; 'tls.server.x509.signature_algorithm'?: string | undefined; 'tls.server.x509.subject.common_name'?: string[] | undefined; 'tls.server.x509.subject.country'?: string[] | undefined; 'tls.server.x509.subject.distinguished_name'?: string | undefined; 'tls.server.x509.subject.locality'?: string[] | undefined; 'tls.server.x509.subject.organization'?: string[] | undefined; 'tls.server.x509.subject.organizational_unit'?: string[] | undefined; 'tls.server.x509.subject.state_or_province'?: string[] | undefined; 'tls.server.x509.version_number'?: string | undefined; 'tls.version'?: string | undefined; 'tls.version_protocol'?: string | undefined; 'trace.id'?: string | undefined; 'transaction.id'?: string | undefined; 'url.domain'?: string | undefined; 'url.extension'?: string | undefined; 'url.fragment'?: string | undefined; 'url.full'?: string | undefined; 'url.original'?: string | undefined; 'url.password'?: string | undefined; 'url.path'?: string | undefined; 'url.port'?: string | number | undefined; 'url.query'?: string | undefined; 'url.registered_domain'?: string | undefined; 'url.scheme'?: string | undefined; 'url.subdomain'?: string | undefined; 'url.top_level_domain'?: string | undefined; 'url.username'?: string | undefined; 'user.changes.domain'?: string | undefined; 'user.changes.email'?: string | undefined; 'user.changes.full_name'?: string | undefined; 'user.changes.group.domain'?: string | undefined; 'user.changes.group.id'?: string | undefined; 'user.changes.group.name'?: string | undefined; 'user.changes.hash'?: string | undefined; 'user.changes.id'?: string | undefined; 'user.changes.name'?: string | undefined; 'user.changes.roles'?: string[] | undefined; 'user.domain'?: string | undefined; 'user.effective.domain'?: string | undefined; 'user.effective.email'?: string | undefined; 'user.effective.full_name'?: string | undefined; 'user.effective.group.domain'?: string | undefined; 'user.effective.group.id'?: string | undefined; 'user.effective.group.name'?: string | undefined; 'user.effective.hash'?: string | undefined; 'user.effective.id'?: string | undefined; 'user.effective.name'?: string | undefined; 'user.effective.roles'?: string[] | undefined; 'user.email'?: string | undefined; 'user.full_name'?: string | undefined; 'user.group.domain'?: string | undefined; 'user.group.id'?: string | undefined; 'user.group.name'?: string | undefined; 'user.hash'?: string | undefined; 'user.id'?: string | undefined; 'user.name'?: string | undefined; 'user.risk.calculated_level'?: string | undefined; 'user.risk.calculated_score'?: number | undefined; 'user.risk.calculated_score_norm'?: number | undefined; 'user.risk.static_level'?: string | undefined; 'user.risk.static_score'?: number | undefined; 'user.risk.static_score_norm'?: number | undefined; 'user.roles'?: string[] | undefined; 'user.target.domain'?: string | undefined; 'user.target.email'?: string | undefined; 'user.target.full_name'?: string | undefined; 'user.target.group.domain'?: string | undefined; 'user.target.group.id'?: string | undefined; 'user.target.group.name'?: string | undefined; 'user.target.hash'?: string | undefined; 'user.target.id'?: string | undefined; 'user.target.name'?: string | undefined; 'user.target.roles'?: string[] | undefined; 'user_agent.device.name'?: string | undefined; 'user_agent.name'?: string | undefined; 'user_agent.original'?: string | undefined; 'user_agent.os.family'?: string | undefined; 'user_agent.os.full'?: string | undefined; 'user_agent.os.kernel'?: string | undefined; 'user_agent.os.name'?: string | undefined; 'user_agent.os.platform'?: string | undefined; 'user_agent.os.type'?: string | undefined; 'user_agent.os.version'?: string | undefined; 'user_agent.version'?: string | undefined; 'vulnerability.category'?: string[] | undefined; 'vulnerability.classification'?: string | undefined; 'vulnerability.description'?: string | undefined; 'vulnerability.enumeration'?: string | undefined; 'vulnerability.id'?: string | undefined; 'vulnerability.reference'?: string | undefined; 'vulnerability.report_id'?: string | undefined; 'vulnerability.scanner.vendor'?: string | undefined; 'vulnerability.score.base'?: number | undefined; 'vulnerability.score.environmental'?: number | undefined; 'vulnerability.score.temporal'?: number | undefined; 'vulnerability.score.version'?: string | undefined; 'vulnerability.severity'?: string | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }" + "{ '@timestamp': string | number; 'kibana.alert.ancestors': { depth: string | number; id: string; index: string; type: string; }[]; 'kibana.alert.depth': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.original_event.action': string; 'kibana.alert.original_event.category': string[]; 'kibana.alert.original_event.created': string | number; 'kibana.alert.original_event.dataset': string; 'kibana.alert.original_event.id': string; 'kibana.alert.original_event.ingested': string | number; 'kibana.alert.original_event.kind': string; 'kibana.alert.original_event.module': string; 'kibana.alert.original_event.original': string; 'kibana.alert.original_event.outcome': string; 'kibana.alert.original_event.provider': string; 'kibana.alert.original_event.sequence': string | number; 'kibana.alert.original_event.type': string[]; 'kibana.alert.original_time': string | number; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.false_positives': string[]; 'kibana.alert.rule.max_signals': (string | number)[]; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.threat.framework': string; 'kibana.alert.rule.threat.tactic.id': string; 'kibana.alert.rule.threat.tactic.name': string; 'kibana.alert.rule.threat.tactic.reference': string; 'kibana.alert.rule.threat.technique.id': string; 'kibana.alert.rule.threat.technique.name': string; 'kibana.alert.rule.threat.technique.reference': string; 'kibana.alert.rule.threat.technique.subtechnique.id': string; 'kibana.alert.rule.threat.technique.subtechnique.name': string; 'kibana.alert.rule.threat.technique.subtechnique.reference': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'ecs.version'?: string | undefined; 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.ancestors.rule'?: string | undefined; 'kibana.alert.building_block_type'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.group.id'?: string | undefined; 'kibana.alert.group.index'?: number | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.new_terms'?: string[] | undefined; 'kibana.alert.original_event.agent_id_status'?: string | undefined; 'kibana.alert.original_event.code'?: string | undefined; 'kibana.alert.original_event.duration'?: string | undefined; 'kibana.alert.original_event.end'?: string | number | undefined; 'kibana.alert.original_event.hash'?: string | undefined; 'kibana.alert.original_event.reason'?: string | undefined; 'kibana.alert.original_event.reference'?: string | undefined; 'kibana.alert.original_event.risk_score'?: number | undefined; 'kibana.alert.original_event.risk_score_norm'?: number | undefined; 'kibana.alert.original_event.severity'?: string | number | undefined; 'kibana.alert.original_event.start'?: string | number | undefined; 'kibana.alert.original_event.timezone'?: string | undefined; 'kibana.alert.original_event.url'?: string | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.building_block_type'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.immutable'?: string[] | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.rule.timeline_id'?: string[] | undefined; 'kibana.alert.rule.timeline_title'?: string[] | undefined; 'kibana.alert.rule.timestamp_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.threshold_result.cardinality'?: unknown; 'kibana.alert.threshold_result.count'?: string | number | undefined; 'kibana.alert.threshold_result.from'?: string | number | undefined; 'kibana.alert.threshold_result.terms'?: { field?: string | undefined; value?: string | undefined; }[] | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.alert.workflow_user'?: string | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'kibana.alert.instance.id': string; 'kibana.alert.rule.category': string; 'kibana.alert.rule.consumer': string; 'kibana.alert.rule.name': string; 'kibana.alert.rule.producer': string; 'kibana.alert.rule.revision': string | number; 'kibana.alert.rule.rule_type_id': string; 'kibana.alert.rule.uuid': string; 'kibana.alert.status': string; 'kibana.alert.uuid': string; 'kibana.space_ids': string[]; } & { 'event.action'?: string | undefined; 'event.kind'?: string | undefined; 'kibana.alert.action_group'?: string | undefined; 'kibana.alert.case_ids'?: string[] | undefined; 'kibana.alert.duration.us'?: string | number | undefined; 'kibana.alert.end'?: string | number | undefined; 'kibana.alert.flapping'?: boolean | undefined; 'kibana.alert.flapping_history'?: boolean[] | undefined; 'kibana.alert.last_detected'?: string | number | undefined; 'kibana.alert.maintenance_window_ids'?: string[] | undefined; 'kibana.alert.reason'?: string | undefined; 'kibana.alert.rule.execution.uuid'?: string | undefined; 'kibana.alert.rule.parameters'?: unknown; 'kibana.alert.rule.tags'?: string[] | undefined; 'kibana.alert.start'?: string | number | undefined; 'kibana.alert.time_range'?: { gte?: string | number | undefined; lte?: string | number | undefined; } | undefined; 'kibana.alert.url'?: string | undefined; 'kibana.alert.workflow_status'?: string | undefined; 'kibana.alert.workflow_tags'?: string[] | undefined; 'kibana.version'?: string | undefined; tags?: string[] | undefined; } & { '@timestamp': string | number; 'ecs.version': string; } & { 'agent.build.original'?: string | undefined; 'agent.ephemeral_id'?: string | undefined; 'agent.id'?: string | undefined; 'agent.name'?: string | undefined; 'agent.type'?: string | undefined; 'agent.version'?: string | undefined; 'client.address'?: string | undefined; 'client.as.number'?: string | number | undefined; 'client.as.organization.name'?: string | undefined; 'client.bytes'?: string | number | undefined; 'client.domain'?: string | undefined; 'client.geo.city_name'?: string | undefined; 'client.geo.continent_code'?: string | undefined; 'client.geo.continent_name'?: string | undefined; 'client.geo.country_iso_code'?: string | undefined; 'client.geo.country_name'?: string | undefined; 'client.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'client.geo.name'?: string | undefined; 'client.geo.postal_code'?: string | undefined; 'client.geo.region_iso_code'?: string | undefined; 'client.geo.region_name'?: string | undefined; 'client.geo.timezone'?: string | undefined; 'client.ip'?: string | undefined; 'client.mac'?: string | undefined; 'client.nat.ip'?: string | undefined; 'client.nat.port'?: string | number | undefined; 'client.packets'?: string | number | undefined; 'client.port'?: string | number | undefined; 'client.registered_domain'?: string | undefined; 'client.subdomain'?: string | undefined; 'client.top_level_domain'?: string | undefined; 'client.user.domain'?: string | undefined; 'client.user.email'?: string | undefined; 'client.user.full_name'?: string | undefined; 'client.user.group.domain'?: string | undefined; 'client.user.group.id'?: string | undefined; 'client.user.group.name'?: string | undefined; 'client.user.hash'?: string | undefined; 'client.user.id'?: string | undefined; 'client.user.name'?: string | undefined; 'client.user.roles'?: string[] | undefined; 'cloud.account.id'?: string | undefined; 'cloud.account.name'?: string | undefined; 'cloud.availability_zone'?: string | undefined; 'cloud.instance.id'?: string | undefined; 'cloud.instance.name'?: string | undefined; 'cloud.machine.type'?: string | undefined; 'cloud.origin.account.id'?: string | undefined; 'cloud.origin.account.name'?: string | undefined; 'cloud.origin.availability_zone'?: string | undefined; 'cloud.origin.instance.id'?: string | undefined; 'cloud.origin.instance.name'?: string | undefined; 'cloud.origin.machine.type'?: string | undefined; 'cloud.origin.project.id'?: string | undefined; 'cloud.origin.project.name'?: string | undefined; 'cloud.origin.provider'?: string | undefined; 'cloud.origin.region'?: string | undefined; 'cloud.origin.service.name'?: string | undefined; 'cloud.project.id'?: string | undefined; 'cloud.project.name'?: string | undefined; 'cloud.provider'?: string | undefined; 'cloud.region'?: string | undefined; 'cloud.service.name'?: string | undefined; 'cloud.target.account.id'?: string | undefined; 'cloud.target.account.name'?: string | undefined; 'cloud.target.availability_zone'?: string | undefined; 'cloud.target.instance.id'?: string | undefined; 'cloud.target.instance.name'?: string | undefined; 'cloud.target.machine.type'?: string | undefined; 'cloud.target.project.id'?: string | undefined; 'cloud.target.project.name'?: string | undefined; 'cloud.target.provider'?: string | undefined; 'cloud.target.region'?: string | undefined; 'cloud.target.service.name'?: string | undefined; 'container.cpu.usage'?: string | number | undefined; 'container.disk.read.bytes'?: string | number | undefined; 'container.disk.write.bytes'?: string | number | undefined; 'container.id'?: string | undefined; 'container.image.hash.all'?: string[] | undefined; 'container.image.name'?: string | undefined; 'container.image.tag'?: string[] | undefined; 'container.labels'?: unknown; 'container.memory.usage'?: string | number | undefined; 'container.name'?: string | undefined; 'container.network.egress.bytes'?: string | number | undefined; 'container.network.ingress.bytes'?: string | number | undefined; 'container.runtime'?: string | undefined; 'destination.address'?: string | undefined; 'destination.as.number'?: string | number | undefined; 'destination.as.organization.name'?: string | undefined; 'destination.bytes'?: string | number | undefined; 'destination.domain'?: string | undefined; 'destination.geo.city_name'?: string | undefined; 'destination.geo.continent_code'?: string | undefined; 'destination.geo.continent_name'?: string | undefined; 'destination.geo.country_iso_code'?: string | undefined; 'destination.geo.country_name'?: string | undefined; 'destination.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'destination.geo.name'?: string | undefined; 'destination.geo.postal_code'?: string | undefined; 'destination.geo.region_iso_code'?: string | undefined; 'destination.geo.region_name'?: string | undefined; 'destination.geo.timezone'?: string | undefined; 'destination.ip'?: string | undefined; 'destination.mac'?: string | undefined; 'destination.nat.ip'?: string | undefined; 'destination.nat.port'?: string | number | undefined; 'destination.packets'?: string | number | undefined; 'destination.port'?: string | number | undefined; 'destination.registered_domain'?: string | undefined; 'destination.subdomain'?: string | undefined; 'destination.top_level_domain'?: string | undefined; 'destination.user.domain'?: string | undefined; 'destination.user.email'?: string | undefined; 'destination.user.full_name'?: string | undefined; 'destination.user.group.domain'?: string | undefined; 'destination.user.group.id'?: string | undefined; 'destination.user.group.name'?: string | undefined; 'destination.user.hash'?: string | undefined; 'destination.user.id'?: string | undefined; 'destination.user.name'?: string | undefined; 'destination.user.roles'?: string[] | undefined; 'device.id'?: string | undefined; 'device.manufacturer'?: string | undefined; 'device.model.identifier'?: string | undefined; 'device.model.name'?: string | undefined; 'dll.code_signature.digest_algorithm'?: string | undefined; 'dll.code_signature.exists'?: boolean | undefined; 'dll.code_signature.signing_id'?: string | undefined; 'dll.code_signature.status'?: string | undefined; 'dll.code_signature.subject_name'?: string | undefined; 'dll.code_signature.team_id'?: string | undefined; 'dll.code_signature.timestamp'?: string | number | undefined; 'dll.code_signature.trusted'?: boolean | undefined; 'dll.code_signature.valid'?: boolean | undefined; 'dll.hash.md5'?: string | undefined; 'dll.hash.sha1'?: string | undefined; 'dll.hash.sha256'?: string | undefined; 'dll.hash.sha384'?: string | undefined; 'dll.hash.sha512'?: string | undefined; 'dll.hash.ssdeep'?: string | undefined; 'dll.hash.tlsh'?: string | undefined; 'dll.name'?: string | undefined; 'dll.path'?: string | undefined; 'dll.pe.architecture'?: string | undefined; 'dll.pe.company'?: string | undefined; 'dll.pe.description'?: string | undefined; 'dll.pe.file_version'?: string | undefined; 'dll.pe.imphash'?: string | undefined; 'dll.pe.original_file_name'?: string | undefined; 'dll.pe.pehash'?: string | undefined; 'dll.pe.product'?: string | undefined; 'dns.answers'?: { class?: string | undefined; data?: string | undefined; name?: string | undefined; ttl?: string | number | undefined; type?: string | undefined; }[] | undefined; 'dns.header_flags'?: string[] | undefined; 'dns.id'?: string | undefined; 'dns.op_code'?: string | undefined; 'dns.question.class'?: string | undefined; 'dns.question.name'?: string | undefined; 'dns.question.registered_domain'?: string | undefined; 'dns.question.subdomain'?: string | undefined; 'dns.question.top_level_domain'?: string | undefined; 'dns.question.type'?: string | undefined; 'dns.resolved_ip'?: string[] | undefined; 'dns.response_code'?: string | undefined; 'dns.type'?: string | undefined; 'email.attachments'?: { 'file.extension'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.name'?: string | undefined; 'file.size'?: string | number | undefined; }[] | undefined; 'email.bcc.address'?: string[] | undefined; 'email.cc.address'?: string[] | undefined; 'email.content_type'?: string | undefined; 'email.delivery_timestamp'?: string | number | undefined; 'email.direction'?: string | undefined; 'email.from.address'?: string[] | undefined; 'email.local_id'?: string | undefined; 'email.message_id'?: string | undefined; 'email.origination_timestamp'?: string | number | undefined; 'email.reply_to.address'?: string[] | undefined; 'email.sender.address'?: string | undefined; 'email.subject'?: string | undefined; 'email.to.address'?: string[] | undefined; 'email.x_mailer'?: string | undefined; 'error.code'?: string | undefined; 'error.id'?: string | undefined; 'error.message'?: string | undefined; 'error.stack_trace'?: string | undefined; 'error.type'?: string | undefined; 'event.action'?: string | undefined; 'event.agent_id_status'?: string | undefined; 'event.category'?: string[] | undefined; 'event.code'?: string | undefined; 'event.created'?: string | number | undefined; 'event.dataset'?: string | undefined; 'event.duration'?: string | number | undefined; 'event.end'?: string | number | undefined; 'event.hash'?: string | undefined; 'event.id'?: string | undefined; 'event.ingested'?: string | number | undefined; 'event.kind'?: string | undefined; 'event.module'?: string | undefined; 'event.original'?: string | undefined; 'event.outcome'?: string | undefined; 'event.provider'?: string | undefined; 'event.reason'?: string | undefined; 'event.reference'?: string | undefined; 'event.risk_score'?: number | undefined; 'event.risk_score_norm'?: number | undefined; 'event.sequence'?: string | number | undefined; 'event.severity'?: string | number | undefined; 'event.start'?: string | number | undefined; 'event.timezone'?: string | undefined; 'event.type'?: string[] | undefined; 'event.url'?: string | undefined; 'faas.coldstart'?: boolean | undefined; 'faas.execution'?: string | undefined; 'faas.id'?: string | undefined; 'faas.name'?: string | undefined; 'faas.trigger'?: unknown; 'faas.version'?: string | undefined; 'file.accessed'?: string | number | undefined; 'file.attributes'?: string[] | undefined; 'file.code_signature.digest_algorithm'?: string | undefined; 'file.code_signature.exists'?: boolean | undefined; 'file.code_signature.signing_id'?: string | undefined; 'file.code_signature.status'?: string | undefined; 'file.code_signature.subject_name'?: string | undefined; 'file.code_signature.team_id'?: string | undefined; 'file.code_signature.timestamp'?: string | number | undefined; 'file.code_signature.trusted'?: boolean | undefined; 'file.code_signature.valid'?: boolean | undefined; 'file.created'?: string | number | undefined; 'file.ctime'?: string | number | undefined; 'file.device'?: string | undefined; 'file.directory'?: string | undefined; 'file.drive_letter'?: string | undefined; 'file.elf.architecture'?: string | undefined; 'file.elf.byte_order'?: string | undefined; 'file.elf.cpu_type'?: string | undefined; 'file.elf.creation_date'?: string | number | undefined; 'file.elf.exports'?: unknown[] | undefined; 'file.elf.header.abi_version'?: string | undefined; 'file.elf.header.class'?: string | undefined; 'file.elf.header.data'?: string | undefined; 'file.elf.header.entrypoint'?: string | number | undefined; 'file.elf.header.object_version'?: string | undefined; 'file.elf.header.os_abi'?: string | undefined; 'file.elf.header.type'?: string | undefined; 'file.elf.header.version'?: string | undefined; 'file.elf.imports'?: unknown[] | undefined; 'file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'file.elf.shared_libraries'?: string[] | undefined; 'file.elf.telfhash'?: string | undefined; 'file.extension'?: string | undefined; 'file.fork_name'?: string | undefined; 'file.gid'?: string | undefined; 'file.group'?: string | undefined; 'file.hash.md5'?: string | undefined; 'file.hash.sha1'?: string | undefined; 'file.hash.sha256'?: string | undefined; 'file.hash.sha384'?: string | undefined; 'file.hash.sha512'?: string | undefined; 'file.hash.ssdeep'?: string | undefined; 'file.hash.tlsh'?: string | undefined; 'file.inode'?: string | undefined; 'file.mime_type'?: string | undefined; 'file.mode'?: string | undefined; 'file.mtime'?: string | number | undefined; 'file.name'?: string | undefined; 'file.owner'?: string | undefined; 'file.path'?: string | undefined; 'file.pe.architecture'?: string | undefined; 'file.pe.company'?: string | undefined; 'file.pe.description'?: string | undefined; 'file.pe.file_version'?: string | undefined; 'file.pe.imphash'?: string | undefined; 'file.pe.original_file_name'?: string | undefined; 'file.pe.pehash'?: string | undefined; 'file.pe.product'?: string | undefined; 'file.size'?: string | number | undefined; 'file.target_path'?: string | undefined; 'file.type'?: string | undefined; 'file.uid'?: string | undefined; 'file.x509.alternative_names'?: string[] | undefined; 'file.x509.issuer.common_name'?: string[] | undefined; 'file.x509.issuer.country'?: string[] | undefined; 'file.x509.issuer.distinguished_name'?: string | undefined; 'file.x509.issuer.locality'?: string[] | undefined; 'file.x509.issuer.organization'?: string[] | undefined; 'file.x509.issuer.organizational_unit'?: string[] | undefined; 'file.x509.issuer.state_or_province'?: string[] | undefined; 'file.x509.not_after'?: string | number | undefined; 'file.x509.not_before'?: string | number | undefined; 'file.x509.public_key_algorithm'?: string | undefined; 'file.x509.public_key_curve'?: string | undefined; 'file.x509.public_key_exponent'?: string | number | undefined; 'file.x509.public_key_size'?: string | number | undefined; 'file.x509.serial_number'?: string | undefined; 'file.x509.signature_algorithm'?: string | undefined; 'file.x509.subject.common_name'?: string[] | undefined; 'file.x509.subject.country'?: string[] | undefined; 'file.x509.subject.distinguished_name'?: string | undefined; 'file.x509.subject.locality'?: string[] | undefined; 'file.x509.subject.organization'?: string[] | undefined; 'file.x509.subject.organizational_unit'?: string[] | undefined; 'file.x509.subject.state_or_province'?: string[] | undefined; 'file.x509.version_number'?: string | undefined; 'group.domain'?: string | undefined; 'group.id'?: string | undefined; 'group.name'?: string | undefined; 'host.architecture'?: string | undefined; 'host.boot.id'?: string | undefined; 'host.cpu.usage'?: string | number | undefined; 'host.disk.read.bytes'?: string | number | undefined; 'host.disk.write.bytes'?: string | number | undefined; 'host.domain'?: string | undefined; 'host.geo.city_name'?: string | undefined; 'host.geo.continent_code'?: string | undefined; 'host.geo.continent_name'?: string | undefined; 'host.geo.country_iso_code'?: string | undefined; 'host.geo.country_name'?: string | undefined; 'host.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'host.geo.name'?: string | undefined; 'host.geo.postal_code'?: string | undefined; 'host.geo.region_iso_code'?: string | undefined; 'host.geo.region_name'?: string | undefined; 'host.geo.timezone'?: string | undefined; 'host.hostname'?: string | undefined; 'host.id'?: string | undefined; 'host.ip'?: string[] | undefined; 'host.mac'?: string[] | undefined; 'host.name'?: string | undefined; 'host.network.egress.bytes'?: string | number | undefined; 'host.network.egress.packets'?: string | number | undefined; 'host.network.ingress.bytes'?: string | number | undefined; 'host.network.ingress.packets'?: string | number | undefined; 'host.os.family'?: string | undefined; 'host.os.full'?: string | undefined; 'host.os.kernel'?: string | undefined; 'host.os.name'?: string | undefined; 'host.os.platform'?: string | undefined; 'host.os.type'?: string | undefined; 'host.os.version'?: string | undefined; 'host.pid_ns_ino'?: string | undefined; 'host.risk.calculated_level'?: string | undefined; 'host.risk.calculated_score'?: number | undefined; 'host.risk.calculated_score_norm'?: number | undefined; 'host.risk.static_level'?: string | undefined; 'host.risk.static_score'?: number | undefined; 'host.risk.static_score_norm'?: number | undefined; 'host.type'?: string | undefined; 'host.uptime'?: string | number | undefined; 'http.request.body.bytes'?: string | number | undefined; 'http.request.body.content'?: string | undefined; 'http.request.bytes'?: string | number | undefined; 'http.request.id'?: string | undefined; 'http.request.method'?: string | undefined; 'http.request.mime_type'?: string | undefined; 'http.request.referrer'?: string | undefined; 'http.response.body.bytes'?: string | number | undefined; 'http.response.body.content'?: string | undefined; 'http.response.bytes'?: string | number | undefined; 'http.response.mime_type'?: string | undefined; 'http.response.status_code'?: string | number | undefined; 'http.version'?: string | undefined; labels?: unknown; 'log.file.path'?: string | undefined; 'log.level'?: string | undefined; 'log.logger'?: string | undefined; 'log.origin.file.line'?: string | number | undefined; 'log.origin.file.name'?: string | undefined; 'log.origin.function'?: string | undefined; 'log.syslog'?: unknown; message?: string | undefined; 'network.application'?: string | undefined; 'network.bytes'?: string | number | undefined; 'network.community_id'?: string | undefined; 'network.direction'?: string | undefined; 'network.forwarded_ip'?: string | undefined; 'network.iana_number'?: string | undefined; 'network.inner'?: unknown; 'network.name'?: string | undefined; 'network.packets'?: string | number | undefined; 'network.protocol'?: string | undefined; 'network.transport'?: string | undefined; 'network.type'?: string | undefined; 'network.vlan.id'?: string | undefined; 'network.vlan.name'?: string | undefined; 'observer.egress'?: unknown; 'observer.geo.city_name'?: string | undefined; 'observer.geo.continent_code'?: string | undefined; 'observer.geo.continent_name'?: string | undefined; 'observer.geo.country_iso_code'?: string | undefined; 'observer.geo.country_name'?: string | undefined; 'observer.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'observer.geo.name'?: string | undefined; 'observer.geo.postal_code'?: string | undefined; 'observer.geo.region_iso_code'?: string | undefined; 'observer.geo.region_name'?: string | undefined; 'observer.geo.timezone'?: string | undefined; 'observer.hostname'?: string | undefined; 'observer.ingress'?: unknown; 'observer.ip'?: string[] | undefined; 'observer.mac'?: string[] | undefined; 'observer.name'?: string | undefined; 'observer.os.family'?: string | undefined; 'observer.os.full'?: string | undefined; 'observer.os.kernel'?: string | undefined; 'observer.os.name'?: string | undefined; 'observer.os.platform'?: string | undefined; 'observer.os.type'?: string | undefined; 'observer.os.version'?: string | undefined; 'observer.product'?: string | undefined; 'observer.serial_number'?: string | undefined; 'observer.type'?: string | undefined; 'observer.vendor'?: string | undefined; 'observer.version'?: string | undefined; 'orchestrator.api_version'?: string | undefined; 'orchestrator.cluster.id'?: string | undefined; 'orchestrator.cluster.name'?: string | undefined; 'orchestrator.cluster.url'?: string | undefined; 'orchestrator.cluster.version'?: string | undefined; 'orchestrator.namespace'?: string | undefined; 'orchestrator.organization'?: string | undefined; 'orchestrator.resource.id'?: string | undefined; 'orchestrator.resource.ip'?: string[] | undefined; 'orchestrator.resource.name'?: string | undefined; 'orchestrator.resource.parent.type'?: string | undefined; 'orchestrator.resource.type'?: string | undefined; 'orchestrator.type'?: string | undefined; 'organization.id'?: string | undefined; 'organization.name'?: string | undefined; 'package.architecture'?: string | undefined; 'package.build_version'?: string | undefined; 'package.checksum'?: string | undefined; 'package.description'?: string | undefined; 'package.install_scope'?: string | undefined; 'package.installed'?: string | number | undefined; 'package.license'?: string | undefined; 'package.name'?: string | undefined; 'package.path'?: string | undefined; 'package.reference'?: string | undefined; 'package.size'?: string | number | undefined; 'package.type'?: string | undefined; 'package.version'?: string | undefined; 'process.args'?: string[] | undefined; 'process.args_count'?: string | number | undefined; 'process.code_signature.digest_algorithm'?: string | undefined; 'process.code_signature.exists'?: boolean | undefined; 'process.code_signature.signing_id'?: string | undefined; 'process.code_signature.status'?: string | undefined; 'process.code_signature.subject_name'?: string | undefined; 'process.code_signature.team_id'?: string | undefined; 'process.code_signature.timestamp'?: string | number | undefined; 'process.code_signature.trusted'?: boolean | undefined; 'process.code_signature.valid'?: boolean | undefined; 'process.command_line'?: string | undefined; 'process.elf.architecture'?: string | undefined; 'process.elf.byte_order'?: string | undefined; 'process.elf.cpu_type'?: string | undefined; 'process.elf.creation_date'?: string | number | undefined; 'process.elf.exports'?: unknown[] | undefined; 'process.elf.header.abi_version'?: string | undefined; 'process.elf.header.class'?: string | undefined; 'process.elf.header.data'?: string | undefined; 'process.elf.header.entrypoint'?: string | number | undefined; 'process.elf.header.object_version'?: string | undefined; 'process.elf.header.os_abi'?: string | undefined; 'process.elf.header.type'?: string | undefined; 'process.elf.header.version'?: string | undefined; 'process.elf.imports'?: unknown[] | undefined; 'process.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.elf.shared_libraries'?: string[] | undefined; 'process.elf.telfhash'?: string | undefined; 'process.end'?: string | number | undefined; 'process.entity_id'?: string | undefined; 'process.entry_leader.args'?: string[] | undefined; 'process.entry_leader.args_count'?: string | number | undefined; 'process.entry_leader.attested_groups.name'?: string | undefined; 'process.entry_leader.attested_user.id'?: string | undefined; 'process.entry_leader.attested_user.name'?: string | undefined; 'process.entry_leader.command_line'?: string | undefined; 'process.entry_leader.entity_id'?: string | undefined; 'process.entry_leader.entry_meta.source.ip'?: string | undefined; 'process.entry_leader.entry_meta.type'?: string | undefined; 'process.entry_leader.executable'?: string | undefined; 'process.entry_leader.group.id'?: string | undefined; 'process.entry_leader.group.name'?: string | undefined; 'process.entry_leader.interactive'?: boolean | undefined; 'process.entry_leader.name'?: string | undefined; 'process.entry_leader.parent.entity_id'?: string | undefined; 'process.entry_leader.parent.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.entity_id'?: string | undefined; 'process.entry_leader.parent.session_leader.pid'?: string | number | undefined; 'process.entry_leader.parent.session_leader.start'?: string | number | undefined; 'process.entry_leader.parent.start'?: string | number | undefined; 'process.entry_leader.pid'?: string | number | undefined; 'process.entry_leader.real_group.id'?: string | undefined; 'process.entry_leader.real_group.name'?: string | undefined; 'process.entry_leader.real_user.id'?: string | undefined; 'process.entry_leader.real_user.name'?: string | undefined; 'process.entry_leader.same_as_process'?: boolean | undefined; 'process.entry_leader.saved_group.id'?: string | undefined; 'process.entry_leader.saved_group.name'?: string | undefined; 'process.entry_leader.saved_user.id'?: string | undefined; 'process.entry_leader.saved_user.name'?: string | undefined; 'process.entry_leader.start'?: string | number | undefined; 'process.entry_leader.supplemental_groups.id'?: string | undefined; 'process.entry_leader.supplemental_groups.name'?: string | undefined; 'process.entry_leader.tty'?: unknown; 'process.entry_leader.user.id'?: string | undefined; 'process.entry_leader.user.name'?: string | undefined; 'process.entry_leader.working_directory'?: string | undefined; 'process.env_vars'?: string[] | undefined; 'process.executable'?: string | undefined; 'process.exit_code'?: string | number | undefined; 'process.group_leader.args'?: string[] | undefined; 'process.group_leader.args_count'?: string | number | undefined; 'process.group_leader.command_line'?: string | undefined; 'process.group_leader.entity_id'?: string | undefined; 'process.group_leader.executable'?: string | undefined; 'process.group_leader.group.id'?: string | undefined; 'process.group_leader.group.name'?: string | undefined; 'process.group_leader.interactive'?: boolean | undefined; 'process.group_leader.name'?: string | undefined; 'process.group_leader.pid'?: string | number | undefined; 'process.group_leader.real_group.id'?: string | undefined; 'process.group_leader.real_group.name'?: string | undefined; 'process.group_leader.real_user.id'?: string | undefined; 'process.group_leader.real_user.name'?: string | undefined; 'process.group_leader.same_as_process'?: boolean | undefined; 'process.group_leader.saved_group.id'?: string | undefined; 'process.group_leader.saved_group.name'?: string | undefined; 'process.group_leader.saved_user.id'?: string | undefined; 'process.group_leader.saved_user.name'?: string | undefined; 'process.group_leader.start'?: string | number | undefined; 'process.group_leader.supplemental_groups.id'?: string | undefined; 'process.group_leader.supplemental_groups.name'?: string | undefined; 'process.group_leader.tty'?: unknown; 'process.group_leader.user.id'?: string | undefined; 'process.group_leader.user.name'?: string | undefined; 'process.group_leader.working_directory'?: string | undefined; 'process.hash.md5'?: string | undefined; 'process.hash.sha1'?: string | undefined; 'process.hash.sha256'?: string | undefined; 'process.hash.sha384'?: string | undefined; 'process.hash.sha512'?: string | undefined; 'process.hash.ssdeep'?: string | undefined; 'process.hash.tlsh'?: string | undefined; 'process.interactive'?: boolean | undefined; 'process.io'?: unknown; 'process.name'?: string | undefined; 'process.parent.args'?: string[] | undefined; 'process.parent.args_count'?: string | number | undefined; 'process.parent.code_signature.digest_algorithm'?: string | undefined; 'process.parent.code_signature.exists'?: boolean | undefined; 'process.parent.code_signature.signing_id'?: string | undefined; 'process.parent.code_signature.status'?: string | undefined; 'process.parent.code_signature.subject_name'?: string | undefined; 'process.parent.code_signature.team_id'?: string | undefined; 'process.parent.code_signature.timestamp'?: string | number | undefined; 'process.parent.code_signature.trusted'?: boolean | undefined; 'process.parent.code_signature.valid'?: boolean | undefined; 'process.parent.command_line'?: string | undefined; 'process.parent.elf.architecture'?: string | undefined; 'process.parent.elf.byte_order'?: string | undefined; 'process.parent.elf.cpu_type'?: string | undefined; 'process.parent.elf.creation_date'?: string | number | undefined; 'process.parent.elf.exports'?: unknown[] | undefined; 'process.parent.elf.header.abi_version'?: string | undefined; 'process.parent.elf.header.class'?: string | undefined; 'process.parent.elf.header.data'?: string | undefined; 'process.parent.elf.header.entrypoint'?: string | number | undefined; 'process.parent.elf.header.object_version'?: string | undefined; 'process.parent.elf.header.os_abi'?: string | undefined; 'process.parent.elf.header.type'?: string | undefined; 'process.parent.elf.header.version'?: string | undefined; 'process.parent.elf.imports'?: unknown[] | undefined; 'process.parent.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'process.parent.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'process.parent.elf.shared_libraries'?: string[] | undefined; 'process.parent.elf.telfhash'?: string | undefined; 'process.parent.end'?: string | number | undefined; 'process.parent.entity_id'?: string | undefined; 'process.parent.executable'?: string | undefined; 'process.parent.exit_code'?: string | number | undefined; 'process.parent.group.id'?: string | undefined; 'process.parent.group.name'?: string | undefined; 'process.parent.group_leader.entity_id'?: string | undefined; 'process.parent.group_leader.pid'?: string | number | undefined; 'process.parent.group_leader.start'?: string | number | undefined; 'process.parent.hash.md5'?: string | undefined; 'process.parent.hash.sha1'?: string | undefined; 'process.parent.hash.sha256'?: string | undefined; 'process.parent.hash.sha384'?: string | undefined; 'process.parent.hash.sha512'?: string | undefined; 'process.parent.hash.ssdeep'?: string | undefined; 'process.parent.hash.tlsh'?: string | undefined; 'process.parent.interactive'?: boolean | undefined; 'process.parent.name'?: string | undefined; 'process.parent.pe.architecture'?: string | undefined; 'process.parent.pe.company'?: string | undefined; 'process.parent.pe.description'?: string | undefined; 'process.parent.pe.file_version'?: string | undefined; 'process.parent.pe.imphash'?: string | undefined; 'process.parent.pe.original_file_name'?: string | undefined; 'process.parent.pe.pehash'?: string | undefined; 'process.parent.pe.product'?: string | undefined; 'process.parent.pgid'?: string | number | undefined; 'process.parent.pid'?: string | number | undefined; 'process.parent.real_group.id'?: string | undefined; 'process.parent.real_group.name'?: string | undefined; 'process.parent.real_user.id'?: string | undefined; 'process.parent.real_user.name'?: string | undefined; 'process.parent.saved_group.id'?: string | undefined; 'process.parent.saved_group.name'?: string | undefined; 'process.parent.saved_user.id'?: string | undefined; 'process.parent.saved_user.name'?: string | undefined; 'process.parent.start'?: string | number | undefined; 'process.parent.supplemental_groups.id'?: string | undefined; 'process.parent.supplemental_groups.name'?: string | undefined; 'process.parent.thread.id'?: string | number | undefined; 'process.parent.thread.name'?: string | undefined; 'process.parent.title'?: string | undefined; 'process.parent.tty'?: unknown; 'process.parent.uptime'?: string | number | undefined; 'process.parent.user.id'?: string | undefined; 'process.parent.user.name'?: string | undefined; 'process.parent.working_directory'?: string | undefined; 'process.pe.architecture'?: string | undefined; 'process.pe.company'?: string | undefined; 'process.pe.description'?: string | undefined; 'process.pe.file_version'?: string | undefined; 'process.pe.imphash'?: string | undefined; 'process.pe.original_file_name'?: string | undefined; 'process.pe.pehash'?: string | undefined; 'process.pe.product'?: string | undefined; 'process.pgid'?: string | number | undefined; 'process.pid'?: string | number | undefined; 'process.previous.args'?: string[] | undefined; 'process.previous.args_count'?: string | number | undefined; 'process.previous.executable'?: string | undefined; 'process.real_group.id'?: string | undefined; 'process.real_group.name'?: string | undefined; 'process.real_user.id'?: string | undefined; 'process.real_user.name'?: string | undefined; 'process.saved_group.id'?: string | undefined; 'process.saved_group.name'?: string | undefined; 'process.saved_user.id'?: string | undefined; 'process.saved_user.name'?: string | undefined; 'process.session_leader.args'?: string[] | undefined; 'process.session_leader.args_count'?: string | number | undefined; 'process.session_leader.command_line'?: string | undefined; 'process.session_leader.entity_id'?: string | undefined; 'process.session_leader.executable'?: string | undefined; 'process.session_leader.group.id'?: string | undefined; 'process.session_leader.group.name'?: string | undefined; 'process.session_leader.interactive'?: boolean | undefined; 'process.session_leader.name'?: string | undefined; 'process.session_leader.parent.entity_id'?: string | undefined; 'process.session_leader.parent.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.entity_id'?: string | undefined; 'process.session_leader.parent.session_leader.pid'?: string | number | undefined; 'process.session_leader.parent.session_leader.start'?: string | number | undefined; 'process.session_leader.parent.start'?: string | number | undefined; 'process.session_leader.pid'?: string | number | undefined; 'process.session_leader.real_group.id'?: string | undefined; 'process.session_leader.real_group.name'?: string | undefined; 'process.session_leader.real_user.id'?: string | undefined; 'process.session_leader.real_user.name'?: string | undefined; 'process.session_leader.same_as_process'?: boolean | undefined; 'process.session_leader.saved_group.id'?: string | undefined; 'process.session_leader.saved_group.name'?: string | undefined; 'process.session_leader.saved_user.id'?: string | undefined; 'process.session_leader.saved_user.name'?: string | undefined; 'process.session_leader.start'?: string | number | undefined; 'process.session_leader.supplemental_groups.id'?: string | undefined; 'process.session_leader.supplemental_groups.name'?: string | undefined; 'process.session_leader.tty'?: unknown; 'process.session_leader.user.id'?: string | undefined; 'process.session_leader.user.name'?: string | undefined; 'process.session_leader.working_directory'?: string | undefined; 'process.start'?: string | number | undefined; 'process.supplemental_groups.id'?: string | undefined; 'process.supplemental_groups.name'?: string | undefined; 'process.thread.id'?: string | number | undefined; 'process.thread.name'?: string | undefined; 'process.title'?: string | undefined; 'process.tty'?: unknown; 'process.uptime'?: string | number | undefined; 'process.user.id'?: string | undefined; 'process.user.name'?: string | undefined; 'process.working_directory'?: string | undefined; 'registry.data.bytes'?: string | undefined; 'registry.data.strings'?: string[] | undefined; 'registry.data.type'?: string | undefined; 'registry.hive'?: string | undefined; 'registry.key'?: string | undefined; 'registry.path'?: string | undefined; 'registry.value'?: string | undefined; 'related.hash'?: string[] | undefined; 'related.hosts'?: string[] | undefined; 'related.ip'?: string[] | undefined; 'related.user'?: string[] | undefined; 'rule.author'?: string[] | undefined; 'rule.category'?: string | undefined; 'rule.description'?: string | undefined; 'rule.id'?: string | undefined; 'rule.license'?: string | undefined; 'rule.name'?: string | undefined; 'rule.reference'?: string | undefined; 'rule.ruleset'?: string | undefined; 'rule.uuid'?: string | undefined; 'rule.version'?: string | undefined; 'server.address'?: string | undefined; 'server.as.number'?: string | number | undefined; 'server.as.organization.name'?: string | undefined; 'server.bytes'?: string | number | undefined; 'server.domain'?: string | undefined; 'server.geo.city_name'?: string | undefined; 'server.geo.continent_code'?: string | undefined; 'server.geo.continent_name'?: string | undefined; 'server.geo.country_iso_code'?: string | undefined; 'server.geo.country_name'?: string | undefined; 'server.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'server.geo.name'?: string | undefined; 'server.geo.postal_code'?: string | undefined; 'server.geo.region_iso_code'?: string | undefined; 'server.geo.region_name'?: string | undefined; 'server.geo.timezone'?: string | undefined; 'server.ip'?: string | undefined; 'server.mac'?: string | undefined; 'server.nat.ip'?: string | undefined; 'server.nat.port'?: string | number | undefined; 'server.packets'?: string | number | undefined; 'server.port'?: string | number | undefined; 'server.registered_domain'?: string | undefined; 'server.subdomain'?: string | undefined; 'server.top_level_domain'?: string | undefined; 'server.user.domain'?: string | undefined; 'server.user.email'?: string | undefined; 'server.user.full_name'?: string | undefined; 'server.user.group.domain'?: string | undefined; 'server.user.group.id'?: string | undefined; 'server.user.group.name'?: string | undefined; 'server.user.hash'?: string | undefined; 'server.user.id'?: string | undefined; 'server.user.name'?: string | undefined; 'server.user.roles'?: string[] | undefined; 'service.address'?: string | undefined; 'service.environment'?: string | undefined; 'service.ephemeral_id'?: string | undefined; 'service.id'?: string | undefined; 'service.name'?: string | undefined; 'service.node.name'?: string | undefined; 'service.node.role'?: string | undefined; 'service.node.roles'?: string[] | undefined; 'service.origin.address'?: string | undefined; 'service.origin.environment'?: string | undefined; 'service.origin.ephemeral_id'?: string | undefined; 'service.origin.id'?: string | undefined; 'service.origin.name'?: string | undefined; 'service.origin.node.name'?: string | undefined; 'service.origin.node.role'?: string | undefined; 'service.origin.node.roles'?: string[] | undefined; 'service.origin.state'?: string | undefined; 'service.origin.type'?: string | undefined; 'service.origin.version'?: string | undefined; 'service.state'?: string | undefined; 'service.target.address'?: string | undefined; 'service.target.environment'?: string | undefined; 'service.target.ephemeral_id'?: string | undefined; 'service.target.id'?: string | undefined; 'service.target.name'?: string | undefined; 'service.target.node.name'?: string | undefined; 'service.target.node.role'?: string | undefined; 'service.target.node.roles'?: string[] | undefined; 'service.target.state'?: string | undefined; 'service.target.type'?: string | undefined; 'service.target.version'?: string | undefined; 'service.type'?: string | undefined; 'service.version'?: string | undefined; 'source.address'?: string | undefined; 'source.as.number'?: string | number | undefined; 'source.as.organization.name'?: string | undefined; 'source.bytes'?: string | number | undefined; 'source.domain'?: string | undefined; 'source.geo.city_name'?: string | undefined; 'source.geo.continent_code'?: string | undefined; 'source.geo.continent_name'?: string | undefined; 'source.geo.country_iso_code'?: string | undefined; 'source.geo.country_name'?: string | undefined; 'source.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'source.geo.name'?: string | undefined; 'source.geo.postal_code'?: string | undefined; 'source.geo.region_iso_code'?: string | undefined; 'source.geo.region_name'?: string | undefined; 'source.geo.timezone'?: string | undefined; 'source.ip'?: string | undefined; 'source.mac'?: string | undefined; 'source.nat.ip'?: string | undefined; 'source.nat.port'?: string | number | undefined; 'source.packets'?: string | number | undefined; 'source.port'?: string | number | undefined; 'source.registered_domain'?: string | undefined; 'source.subdomain'?: string | undefined; 'source.top_level_domain'?: string | undefined; 'source.user.domain'?: string | undefined; 'source.user.email'?: string | undefined; 'source.user.full_name'?: string | undefined; 'source.user.group.domain'?: string | undefined; 'source.user.group.id'?: string | undefined; 'source.user.group.name'?: string | undefined; 'source.user.hash'?: string | undefined; 'source.user.id'?: string | undefined; 'source.user.name'?: string | undefined; 'source.user.roles'?: string[] | undefined; 'span.id'?: string | undefined; tags?: string[] | undefined; 'threat.enrichments'?: { indicator?: unknown; 'matched.atomic'?: string | undefined; 'matched.field'?: string | undefined; 'matched.id'?: string | undefined; 'matched.index'?: string | undefined; 'matched.occurred'?: string | number | undefined; 'matched.type'?: string | undefined; }[] | undefined; 'threat.feed.dashboard_id'?: string | undefined; 'threat.feed.description'?: string | undefined; 'threat.feed.name'?: string | undefined; 'threat.feed.reference'?: string | undefined; 'threat.framework'?: string | undefined; 'threat.group.alias'?: string[] | undefined; 'threat.group.id'?: string | undefined; 'threat.group.name'?: string | undefined; 'threat.group.reference'?: string | undefined; 'threat.indicator.as.number'?: string | number | undefined; 'threat.indicator.as.organization.name'?: string | undefined; 'threat.indicator.confidence'?: string | undefined; 'threat.indicator.description'?: string | undefined; 'threat.indicator.email.address'?: string | undefined; 'threat.indicator.file.accessed'?: string | number | undefined; 'threat.indicator.file.attributes'?: string[] | undefined; 'threat.indicator.file.code_signature.digest_algorithm'?: string | undefined; 'threat.indicator.file.code_signature.exists'?: boolean | undefined; 'threat.indicator.file.code_signature.signing_id'?: string | undefined; 'threat.indicator.file.code_signature.status'?: string | undefined; 'threat.indicator.file.code_signature.subject_name'?: string | undefined; 'threat.indicator.file.code_signature.team_id'?: string | undefined; 'threat.indicator.file.code_signature.timestamp'?: string | number | undefined; 'threat.indicator.file.code_signature.trusted'?: boolean | undefined; 'threat.indicator.file.code_signature.valid'?: boolean | undefined; 'threat.indicator.file.created'?: string | number | undefined; 'threat.indicator.file.ctime'?: string | number | undefined; 'threat.indicator.file.device'?: string | undefined; 'threat.indicator.file.directory'?: string | undefined; 'threat.indicator.file.drive_letter'?: string | undefined; 'threat.indicator.file.elf.architecture'?: string | undefined; 'threat.indicator.file.elf.byte_order'?: string | undefined; 'threat.indicator.file.elf.cpu_type'?: string | undefined; 'threat.indicator.file.elf.creation_date'?: string | number | undefined; 'threat.indicator.file.elf.exports'?: unknown[] | undefined; 'threat.indicator.file.elf.header.abi_version'?: string | undefined; 'threat.indicator.file.elf.header.class'?: string | undefined; 'threat.indicator.file.elf.header.data'?: string | undefined; 'threat.indicator.file.elf.header.entrypoint'?: string | number | undefined; 'threat.indicator.file.elf.header.object_version'?: string | undefined; 'threat.indicator.file.elf.header.os_abi'?: string | undefined; 'threat.indicator.file.elf.header.type'?: string | undefined; 'threat.indicator.file.elf.header.version'?: string | undefined; 'threat.indicator.file.elf.imports'?: unknown[] | undefined; 'threat.indicator.file.elf.sections'?: { chi2?: string | number | undefined; entropy?: string | number | undefined; flags?: string | undefined; name?: string | undefined; physical_offset?: string | undefined; physical_size?: string | number | undefined; type?: string | undefined; virtual_address?: string | number | undefined; virtual_size?: string | number | undefined; }[] | undefined; 'threat.indicator.file.elf.segments'?: { sections?: string | undefined; type?: string | undefined; }[] | undefined; 'threat.indicator.file.elf.shared_libraries'?: string[] | undefined; 'threat.indicator.file.elf.telfhash'?: string | undefined; 'threat.indicator.file.extension'?: string | undefined; 'threat.indicator.file.fork_name'?: string | undefined; 'threat.indicator.file.gid'?: string | undefined; 'threat.indicator.file.group'?: string | undefined; 'threat.indicator.file.hash.md5'?: string | undefined; 'threat.indicator.file.hash.sha1'?: string | undefined; 'threat.indicator.file.hash.sha256'?: string | undefined; 'threat.indicator.file.hash.sha384'?: string | undefined; 'threat.indicator.file.hash.sha512'?: string | undefined; 'threat.indicator.file.hash.ssdeep'?: string | undefined; 'threat.indicator.file.hash.tlsh'?: string | undefined; 'threat.indicator.file.inode'?: string | undefined; 'threat.indicator.file.mime_type'?: string | undefined; 'threat.indicator.file.mode'?: string | undefined; 'threat.indicator.file.mtime'?: string | number | undefined; 'threat.indicator.file.name'?: string | undefined; 'threat.indicator.file.owner'?: string | undefined; 'threat.indicator.file.path'?: string | undefined; 'threat.indicator.file.pe.architecture'?: string | undefined; 'threat.indicator.file.pe.company'?: string | undefined; 'threat.indicator.file.pe.description'?: string | undefined; 'threat.indicator.file.pe.file_version'?: string | undefined; 'threat.indicator.file.pe.imphash'?: string | undefined; 'threat.indicator.file.pe.original_file_name'?: string | undefined; 'threat.indicator.file.pe.pehash'?: string | undefined; 'threat.indicator.file.pe.product'?: string | undefined; 'threat.indicator.file.size'?: string | number | undefined; 'threat.indicator.file.target_path'?: string | undefined; 'threat.indicator.file.type'?: string | undefined; 'threat.indicator.file.uid'?: string | undefined; 'threat.indicator.file.x509.alternative_names'?: string[] | undefined; 'threat.indicator.file.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.file.x509.issuer.country'?: string[] | undefined; 'threat.indicator.file.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.file.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.not_after'?: string | number | undefined; 'threat.indicator.file.x509.not_before'?: string | number | undefined; 'threat.indicator.file.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.file.x509.public_key_curve'?: string | undefined; 'threat.indicator.file.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.file.x509.public_key_size'?: string | number | undefined; 'threat.indicator.file.x509.serial_number'?: string | undefined; 'threat.indicator.file.x509.signature_algorithm'?: string | undefined; 'threat.indicator.file.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.file.x509.subject.country'?: string[] | undefined; 'threat.indicator.file.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.file.x509.subject.locality'?: string[] | undefined; 'threat.indicator.file.x509.subject.organization'?: string[] | undefined; 'threat.indicator.file.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.file.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.file.x509.version_number'?: string | undefined; 'threat.indicator.first_seen'?: string | number | undefined; 'threat.indicator.geo.city_name'?: string | undefined; 'threat.indicator.geo.continent_code'?: string | undefined; 'threat.indicator.geo.continent_name'?: string | undefined; 'threat.indicator.geo.country_iso_code'?: string | undefined; 'threat.indicator.geo.country_name'?: string | undefined; 'threat.indicator.geo.location'?: string | { type: string; coordinates: number[]; } | { lat: number; lon: number; } | { location: number[]; } | { location: string; } | undefined; 'threat.indicator.geo.name'?: string | undefined; 'threat.indicator.geo.postal_code'?: string | undefined; 'threat.indicator.geo.region_iso_code'?: string | undefined; 'threat.indicator.geo.region_name'?: string | undefined; 'threat.indicator.geo.timezone'?: string | undefined; 'threat.indicator.ip'?: string | undefined; 'threat.indicator.last_seen'?: string | number | undefined; 'threat.indicator.marking.tlp'?: string | undefined; 'threat.indicator.marking.tlp_version'?: string | undefined; 'threat.indicator.modified_at'?: string | number | undefined; 'threat.indicator.port'?: string | number | undefined; 'threat.indicator.provider'?: string | undefined; 'threat.indicator.reference'?: string | undefined; 'threat.indicator.registry.data.bytes'?: string | undefined; 'threat.indicator.registry.data.strings'?: string[] | undefined; 'threat.indicator.registry.data.type'?: string | undefined; 'threat.indicator.registry.hive'?: string | undefined; 'threat.indicator.registry.key'?: string | undefined; 'threat.indicator.registry.path'?: string | undefined; 'threat.indicator.registry.value'?: string | undefined; 'threat.indicator.scanner_stats'?: string | number | undefined; 'threat.indicator.sightings'?: string | number | undefined; 'threat.indicator.type'?: string | undefined; 'threat.indicator.url.domain'?: string | undefined; 'threat.indicator.url.extension'?: string | undefined; 'threat.indicator.url.fragment'?: string | undefined; 'threat.indicator.url.full'?: string | undefined; 'threat.indicator.url.original'?: string | undefined; 'threat.indicator.url.password'?: string | undefined; 'threat.indicator.url.path'?: string | undefined; 'threat.indicator.url.port'?: string | number | undefined; 'threat.indicator.url.query'?: string | undefined; 'threat.indicator.url.registered_domain'?: string | undefined; 'threat.indicator.url.scheme'?: string | undefined; 'threat.indicator.url.subdomain'?: string | undefined; 'threat.indicator.url.top_level_domain'?: string | undefined; 'threat.indicator.url.username'?: string | undefined; 'threat.indicator.x509.alternative_names'?: string[] | undefined; 'threat.indicator.x509.issuer.common_name'?: string[] | undefined; 'threat.indicator.x509.issuer.country'?: string[] | undefined; 'threat.indicator.x509.issuer.distinguished_name'?: string | undefined; 'threat.indicator.x509.issuer.locality'?: string[] | undefined; 'threat.indicator.x509.issuer.organization'?: string[] | undefined; 'threat.indicator.x509.issuer.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.issuer.state_or_province'?: string[] | undefined; 'threat.indicator.x509.not_after'?: string | number | undefined; 'threat.indicator.x509.not_before'?: string | number | undefined; 'threat.indicator.x509.public_key_algorithm'?: string | undefined; 'threat.indicator.x509.public_key_curve'?: string | undefined; 'threat.indicator.x509.public_key_exponent'?: string | number | undefined; 'threat.indicator.x509.public_key_size'?: string | number | undefined; 'threat.indicator.x509.serial_number'?: string | undefined; 'threat.indicator.x509.signature_algorithm'?: string | undefined; 'threat.indicator.x509.subject.common_name'?: string[] | undefined; 'threat.indicator.x509.subject.country'?: string[] | undefined; 'threat.indicator.x509.subject.distinguished_name'?: string | undefined; 'threat.indicator.x509.subject.locality'?: string[] | undefined; 'threat.indicator.x509.subject.organization'?: string[] | undefined; 'threat.indicator.x509.subject.organizational_unit'?: string[] | undefined; 'threat.indicator.x509.subject.state_or_province'?: string[] | undefined; 'threat.indicator.x509.version_number'?: string | undefined; 'threat.software.alias'?: string[] | undefined; 'threat.software.id'?: string | undefined; 'threat.software.name'?: string | undefined; 'threat.software.platforms'?: string[] | undefined; 'threat.software.reference'?: string | undefined; 'threat.software.type'?: string | undefined; 'threat.tactic.id'?: string[] | undefined; 'threat.tactic.name'?: string[] | undefined; 'threat.tactic.reference'?: string[] | undefined; 'threat.technique.id'?: string[] | undefined; 'threat.technique.name'?: string[] | undefined; 'threat.technique.reference'?: string[] | undefined; 'threat.technique.subtechnique.id'?: string[] | undefined; 'threat.technique.subtechnique.name'?: string[] | undefined; 'threat.technique.subtechnique.reference'?: string[] | undefined; 'tls.cipher'?: string | undefined; 'tls.client.certificate'?: string | undefined; 'tls.client.certificate_chain'?: string[] | undefined; 'tls.client.hash.md5'?: string | undefined; 'tls.client.hash.sha1'?: string | undefined; 'tls.client.hash.sha256'?: string | undefined; 'tls.client.issuer'?: string | undefined; 'tls.client.ja3'?: string | undefined; 'tls.client.not_after'?: string | number | undefined; 'tls.client.not_before'?: string | number | undefined; 'tls.client.server_name'?: string | undefined; 'tls.client.subject'?: string | undefined; 'tls.client.supported_ciphers'?: string[] | undefined; 'tls.client.x509.alternative_names'?: string[] | undefined; 'tls.client.x509.issuer.common_name'?: string[] | undefined; 'tls.client.x509.issuer.country'?: string[] | undefined; 'tls.client.x509.issuer.distinguished_name'?: string | undefined; 'tls.client.x509.issuer.locality'?: string[] | undefined; 'tls.client.x509.issuer.organization'?: string[] | undefined; 'tls.client.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.client.x509.issuer.state_or_province'?: string[] | undefined; 'tls.client.x509.not_after'?: string | number | undefined; 'tls.client.x509.not_before'?: string | number | undefined; 'tls.client.x509.public_key_algorithm'?: string | undefined; 'tls.client.x509.public_key_curve'?: string | undefined; 'tls.client.x509.public_key_exponent'?: string | number | undefined; 'tls.client.x509.public_key_size'?: string | number | undefined; 'tls.client.x509.serial_number'?: string | undefined; 'tls.client.x509.signature_algorithm'?: string | undefined; 'tls.client.x509.subject.common_name'?: string[] | undefined; 'tls.client.x509.subject.country'?: string[] | undefined; 'tls.client.x509.subject.distinguished_name'?: string | undefined; 'tls.client.x509.subject.locality'?: string[] | undefined; 'tls.client.x509.subject.organization'?: string[] | undefined; 'tls.client.x509.subject.organizational_unit'?: string[] | undefined; 'tls.client.x509.subject.state_or_province'?: string[] | undefined; 'tls.client.x509.version_number'?: string | undefined; 'tls.curve'?: string | undefined; 'tls.established'?: boolean | undefined; 'tls.next_protocol'?: string | undefined; 'tls.resumed'?: boolean | undefined; 'tls.server.certificate'?: string | undefined; 'tls.server.certificate_chain'?: string[] | undefined; 'tls.server.hash.md5'?: string | undefined; 'tls.server.hash.sha1'?: string | undefined; 'tls.server.hash.sha256'?: string | undefined; 'tls.server.issuer'?: string | undefined; 'tls.server.ja3s'?: string | undefined; 'tls.server.not_after'?: string | number | undefined; 'tls.server.not_before'?: string | number | undefined; 'tls.server.subject'?: string | undefined; 'tls.server.x509.alternative_names'?: string[] | undefined; 'tls.server.x509.issuer.common_name'?: string[] | undefined; 'tls.server.x509.issuer.country'?: string[] | undefined; 'tls.server.x509.issuer.distinguished_name'?: string | undefined; 'tls.server.x509.issuer.locality'?: string[] | undefined; 'tls.server.x509.issuer.organization'?: string[] | undefined; 'tls.server.x509.issuer.organizational_unit'?: string[] | undefined; 'tls.server.x509.issuer.state_or_province'?: string[] | undefined; 'tls.server.x509.not_after'?: string | number | undefined; 'tls.server.x509.not_before'?: string | number | undefined; 'tls.server.x509.public_key_algorithm'?: string | undefined; 'tls.server.x509.public_key_curve'?: string | undefined; 'tls.server.x509.public_key_exponent'?: string | number | undefined; 'tls.server.x509.public_key_size'?: string | number | undefined; 'tls.server.x509.serial_number'?: string | undefined; 'tls.server.x509.signature_algorithm'?: string | undefined; 'tls.server.x509.subject.common_name'?: string[] | undefined; 'tls.server.x509.subject.country'?: string[] | undefined; 'tls.server.x509.subject.distinguished_name'?: string | undefined; 'tls.server.x509.subject.locality'?: string[] | undefined; 'tls.server.x509.subject.organization'?: string[] | undefined; 'tls.server.x509.subject.organizational_unit'?: string[] | undefined; 'tls.server.x509.subject.state_or_province'?: string[] | undefined; 'tls.server.x509.version_number'?: string | undefined; 'tls.version'?: string | undefined; 'tls.version_protocol'?: string | undefined; 'trace.id'?: string | undefined; 'transaction.id'?: string | undefined; 'url.domain'?: string | undefined; 'url.extension'?: string | undefined; 'url.fragment'?: string | undefined; 'url.full'?: string | undefined; 'url.original'?: string | undefined; 'url.password'?: string | undefined; 'url.path'?: string | undefined; 'url.port'?: string | number | undefined; 'url.query'?: string | undefined; 'url.registered_domain'?: string | undefined; 'url.scheme'?: string | undefined; 'url.subdomain'?: string | undefined; 'url.top_level_domain'?: string | undefined; 'url.username'?: string | undefined; 'user.changes.domain'?: string | undefined; 'user.changes.email'?: string | undefined; 'user.changes.full_name'?: string | undefined; 'user.changes.group.domain'?: string | undefined; 'user.changes.group.id'?: string | undefined; 'user.changes.group.name'?: string | undefined; 'user.changes.hash'?: string | undefined; 'user.changes.id'?: string | undefined; 'user.changes.name'?: string | undefined; 'user.changes.roles'?: string[] | undefined; 'user.domain'?: string | undefined; 'user.effective.domain'?: string | undefined; 'user.effective.email'?: string | undefined; 'user.effective.full_name'?: string | undefined; 'user.effective.group.domain'?: string | undefined; 'user.effective.group.id'?: string | undefined; 'user.effective.group.name'?: string | undefined; 'user.effective.hash'?: string | undefined; 'user.effective.id'?: string | undefined; 'user.effective.name'?: string | undefined; 'user.effective.roles'?: string[] | undefined; 'user.email'?: string | undefined; 'user.full_name'?: string | undefined; 'user.group.domain'?: string | undefined; 'user.group.id'?: string | undefined; 'user.group.name'?: string | undefined; 'user.hash'?: string | undefined; 'user.id'?: string | undefined; 'user.name'?: string | undefined; 'user.risk.calculated_level'?: string | undefined; 'user.risk.calculated_score'?: number | undefined; 'user.risk.calculated_score_norm'?: number | undefined; 'user.risk.static_level'?: string | undefined; 'user.risk.static_score'?: number | undefined; 'user.risk.static_score_norm'?: number | undefined; 'user.roles'?: string[] | undefined; 'user.target.domain'?: string | undefined; 'user.target.email'?: string | undefined; 'user.target.full_name'?: string | undefined; 'user.target.group.domain'?: string | undefined; 'user.target.group.id'?: string | undefined; 'user.target.group.name'?: string | undefined; 'user.target.hash'?: string | undefined; 'user.target.id'?: string | undefined; 'user.target.name'?: string | undefined; 'user.target.roles'?: string[] | undefined; 'user_agent.device.name'?: string | undefined; 'user_agent.name'?: string | undefined; 'user_agent.original'?: string | undefined; 'user_agent.os.family'?: string | undefined; 'user_agent.os.full'?: string | undefined; 'user_agent.os.kernel'?: string | undefined; 'user_agent.os.name'?: string | undefined; 'user_agent.os.platform'?: string | undefined; 'user_agent.os.type'?: string | undefined; 'user_agent.os.version'?: string | undefined; 'user_agent.version'?: string | undefined; 'vulnerability.category'?: string[] | undefined; 'vulnerability.classification'?: string | undefined; 'vulnerability.description'?: string | undefined; 'vulnerability.enumeration'?: string | undefined; 'vulnerability.id'?: string | undefined; 'vulnerability.reference'?: string | undefined; 'vulnerability.report_id'?: string | undefined; 'vulnerability.scanner.vendor'?: string | undefined; 'vulnerability.score.base'?: number | undefined; 'vulnerability.score.environmental'?: number | undefined; 'vulnerability.score.temporal'?: number | undefined; 'vulnerability.score.version'?: string | undefined; 'vulnerability.severity'?: string | undefined; } & {} & { 'ecs.version'?: string | undefined; 'kibana.alert.risk_score'?: number | undefined; 'kibana.alert.rule.author'?: string | undefined; 'kibana.alert.rule.created_at'?: string | number | undefined; 'kibana.alert.rule.created_by'?: string | undefined; 'kibana.alert.rule.description'?: string | undefined; 'kibana.alert.rule.enabled'?: string | undefined; 'kibana.alert.rule.from'?: string | undefined; 'kibana.alert.rule.interval'?: string | undefined; 'kibana.alert.rule.license'?: string | undefined; 'kibana.alert.rule.note'?: string | undefined; 'kibana.alert.rule.references'?: string[] | undefined; 'kibana.alert.rule.rule_id'?: string | undefined; 'kibana.alert.rule.rule_name_override'?: string | undefined; 'kibana.alert.rule.to'?: string | undefined; 'kibana.alert.rule.type'?: string | undefined; 'kibana.alert.rule.updated_at'?: string | number | undefined; 'kibana.alert.rule.updated_by'?: string | undefined; 'kibana.alert.rule.version'?: string | undefined; 'kibana.alert.severity'?: string | undefined; 'kibana.alert.suppression.docs_count'?: string | number | undefined; 'kibana.alert.suppression.end'?: string | number | undefined; 'kibana.alert.suppression.start'?: string | number | undefined; 'kibana.alert.suppression.terms.field'?: string[] | undefined; 'kibana.alert.suppression.terms.value'?: string[] | undefined; 'kibana.alert.system_status'?: string | undefined; 'kibana.alert.workflow_reason'?: string | undefined; 'kibana.alert.workflow_user'?: string | undefined; }" ], "path": "packages/kbn-alerts-as-data-utils/src/schemas/generated/security_schema.ts", "deprecated": false, diff --git a/api_docs/kbn_alerts_as_data_utils.mdx b/api_docs/kbn_alerts_as_data_utils.mdx index 9a7f486d2fc2e..e8028497dbe98 100644 --- a/api_docs/kbn_alerts_as_data_utils.mdx +++ b/api_docs/kbn_alerts_as_data_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-as-data-utils title: "@kbn/alerts-as-data-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-as-data-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-as-data-utils'] --- import kbnAlertsAsDataUtilsObj from './kbn_alerts_as_data_utils.devdocs.json'; diff --git a/api_docs/kbn_alerts_ui_shared.mdx b/api_docs/kbn_alerts_ui_shared.mdx index 0545defba3a2d..053b3fc725ff7 100644 --- a/api_docs/kbn_alerts_ui_shared.mdx +++ b/api_docs/kbn_alerts_ui_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-ui-shared title: "@kbn/alerts-ui-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-ui-shared plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-ui-shared'] --- import kbnAlertsUiSharedObj from './kbn_alerts_ui_shared.devdocs.json'; diff --git a/api_docs/kbn_analytics.mdx b/api_docs/kbn_analytics.mdx index 600e80991fa15..1a4f72a48a3b8 100644 --- a/api_docs/kbn_analytics.mdx +++ b/api_docs/kbn_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics title: "@kbn/analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics'] --- import kbnAnalyticsObj from './kbn_analytics.devdocs.json'; diff --git a/api_docs/kbn_analytics_client.mdx b/api_docs/kbn_analytics_client.mdx index b02eacc402536..2fecf03a2a36c 100644 --- a/api_docs/kbn_analytics_client.mdx +++ b/api_docs/kbn_analytics_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics-client title: "@kbn/analytics-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics-client plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics-client'] --- import kbnAnalyticsClientObj from './kbn_analytics_client.devdocs.json'; diff --git a/api_docs/kbn_analytics_shippers_elastic_v3_browser.mdx b/api_docs/kbn_analytics_shippers_elastic_v3_browser.mdx index dd2f6f11ae076..4fe4cd21b8e58 100644 --- a/api_docs/kbn_analytics_shippers_elastic_v3_browser.mdx +++ b/api_docs/kbn_analytics_shippers_elastic_v3_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics-shippers-elastic-v3-browser title: "@kbn/analytics-shippers-elastic-v3-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics-shippers-elastic-v3-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics-shippers-elastic-v3-browser'] --- import kbnAnalyticsShippersElasticV3BrowserObj from './kbn_analytics_shippers_elastic_v3_browser.devdocs.json'; diff --git a/api_docs/kbn_analytics_shippers_elastic_v3_common.mdx b/api_docs/kbn_analytics_shippers_elastic_v3_common.mdx index b42ce7b6db699..b79912d1ce32f 100644 --- a/api_docs/kbn_analytics_shippers_elastic_v3_common.mdx +++ b/api_docs/kbn_analytics_shippers_elastic_v3_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics-shippers-elastic-v3-common title: "@kbn/analytics-shippers-elastic-v3-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics-shippers-elastic-v3-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics-shippers-elastic-v3-common'] --- import kbnAnalyticsShippersElasticV3CommonObj from './kbn_analytics_shippers_elastic_v3_common.devdocs.json'; diff --git a/api_docs/kbn_analytics_shippers_elastic_v3_server.mdx b/api_docs/kbn_analytics_shippers_elastic_v3_server.mdx index 1fd9e36381efa..4087f64c1c580 100644 --- a/api_docs/kbn_analytics_shippers_elastic_v3_server.mdx +++ b/api_docs/kbn_analytics_shippers_elastic_v3_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics-shippers-elastic-v3-server title: "@kbn/analytics-shippers-elastic-v3-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics-shippers-elastic-v3-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics-shippers-elastic-v3-server'] --- import kbnAnalyticsShippersElasticV3ServerObj from './kbn_analytics_shippers_elastic_v3_server.devdocs.json'; diff --git a/api_docs/kbn_analytics_shippers_fullstory.mdx b/api_docs/kbn_analytics_shippers_fullstory.mdx index ca9d7649d4646..3417696fcb8da 100644 --- a/api_docs/kbn_analytics_shippers_fullstory.mdx +++ b/api_docs/kbn_analytics_shippers_fullstory.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics-shippers-fullstory title: "@kbn/analytics-shippers-fullstory" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics-shippers-fullstory plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics-shippers-fullstory'] --- import kbnAnalyticsShippersFullstoryObj from './kbn_analytics_shippers_fullstory.devdocs.json'; diff --git a/api_docs/kbn_analytics_shippers_gainsight.mdx b/api_docs/kbn_analytics_shippers_gainsight.mdx index 6b7fa84fe56b3..e22c3d4894f3e 100644 --- a/api_docs/kbn_analytics_shippers_gainsight.mdx +++ b/api_docs/kbn_analytics_shippers_gainsight.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics-shippers-gainsight title: "@kbn/analytics-shippers-gainsight" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics-shippers-gainsight plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics-shippers-gainsight'] --- import kbnAnalyticsShippersGainsightObj from './kbn_analytics_shippers_gainsight.devdocs.json'; diff --git a/api_docs/kbn_apm_config_loader.mdx b/api_docs/kbn_apm_config_loader.mdx index 85259c64bfc9e..26ed0096fea33 100644 --- a/api_docs/kbn_apm_config_loader.mdx +++ b/api_docs/kbn_apm_config_loader.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-config-loader title: "@kbn/apm-config-loader" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-config-loader plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-config-loader'] --- import kbnApmConfigLoaderObj from './kbn_apm_config_loader.devdocs.json'; diff --git a/api_docs/kbn_apm_synthtrace.mdx b/api_docs/kbn_apm_synthtrace.mdx index e19a70b35efb9..bfd566b88e71d 100644 --- a/api_docs/kbn_apm_synthtrace.mdx +++ b/api_docs/kbn_apm_synthtrace.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-synthtrace title: "@kbn/apm-synthtrace" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-synthtrace plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-synthtrace'] --- import kbnApmSynthtraceObj from './kbn_apm_synthtrace.devdocs.json'; diff --git a/api_docs/kbn_apm_synthtrace_client.mdx b/api_docs/kbn_apm_synthtrace_client.mdx index 1f6fa002fc1d8..699d8295edaba 100644 --- a/api_docs/kbn_apm_synthtrace_client.mdx +++ b/api_docs/kbn_apm_synthtrace_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-synthtrace-client title: "@kbn/apm-synthtrace-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-synthtrace-client plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-synthtrace-client'] --- import kbnApmSynthtraceClientObj from './kbn_apm_synthtrace_client.devdocs.json'; diff --git a/api_docs/kbn_apm_utils.mdx b/api_docs/kbn_apm_utils.mdx index 083aecb32438f..779e5035a0e35 100644 --- a/api_docs/kbn_apm_utils.mdx +++ b/api_docs/kbn_apm_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-utils title: "@kbn/apm-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-utils'] --- import kbnApmUtilsObj from './kbn_apm_utils.devdocs.json'; diff --git a/api_docs/kbn_axe_config.mdx b/api_docs/kbn_axe_config.mdx index de84c1293db60..bc58dff80e89e 100644 --- a/api_docs/kbn_axe_config.mdx +++ b/api_docs/kbn_axe_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-axe-config title: "@kbn/axe-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/axe-config plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/axe-config'] --- import kbnAxeConfigObj from './kbn_axe_config.devdocs.json'; diff --git a/api_docs/kbn_cases_components.mdx b/api_docs/kbn_cases_components.mdx index e2bd1f02bc8e8..8c19da6a9f437 100644 --- a/api_docs/kbn_cases_components.mdx +++ b/api_docs/kbn_cases_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cases-components title: "@kbn/cases-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cases-components plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cases-components'] --- import kbnCasesComponentsObj from './kbn_cases_components.devdocs.json'; diff --git a/api_docs/kbn_cell_actions.mdx b/api_docs/kbn_cell_actions.mdx index b53e1cb30b776..44849724bd099 100644 --- a/api_docs/kbn_cell_actions.mdx +++ b/api_docs/kbn_cell_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cell-actions title: "@kbn/cell-actions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cell-actions plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cell-actions'] --- import kbnCellActionsObj from './kbn_cell_actions.devdocs.json'; diff --git a/api_docs/kbn_chart_expressions_common.mdx b/api_docs/kbn_chart_expressions_common.mdx index 3df9ce29183f1..89d3aabe418d3 100644 --- a/api_docs/kbn_chart_expressions_common.mdx +++ b/api_docs/kbn_chart_expressions_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-chart-expressions-common title: "@kbn/chart-expressions-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/chart-expressions-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/chart-expressions-common'] --- import kbnChartExpressionsCommonObj from './kbn_chart_expressions_common.devdocs.json'; diff --git a/api_docs/kbn_chart_icons.mdx b/api_docs/kbn_chart_icons.mdx index 39dee7afff548..cc464203a2e8e 100644 --- a/api_docs/kbn_chart_icons.mdx +++ b/api_docs/kbn_chart_icons.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-chart-icons title: "@kbn/chart-icons" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/chart-icons plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/chart-icons'] --- import kbnChartIconsObj from './kbn_chart_icons.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_core.mdx b/api_docs/kbn_ci_stats_core.mdx index 89d83f95d1cec..026ff19198a4e 100644 --- a/api_docs/kbn_ci_stats_core.mdx +++ b/api_docs/kbn_ci_stats_core.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-core title: "@kbn/ci-stats-core" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-core plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-core'] --- import kbnCiStatsCoreObj from './kbn_ci_stats_core.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_performance_metrics.mdx b/api_docs/kbn_ci_stats_performance_metrics.mdx index bd1508e1eab5f..dfb14c1e7aaec 100644 --- a/api_docs/kbn_ci_stats_performance_metrics.mdx +++ b/api_docs/kbn_ci_stats_performance_metrics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-performance-metrics title: "@kbn/ci-stats-performance-metrics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-performance-metrics plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-performance-metrics'] --- import kbnCiStatsPerformanceMetricsObj from './kbn_ci_stats_performance_metrics.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_reporter.mdx b/api_docs/kbn_ci_stats_reporter.mdx index 8df87e6da1ad8..52d0024473662 100644 --- a/api_docs/kbn_ci_stats_reporter.mdx +++ b/api_docs/kbn_ci_stats_reporter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-reporter title: "@kbn/ci-stats-reporter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-reporter plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-reporter'] --- import kbnCiStatsReporterObj from './kbn_ci_stats_reporter.devdocs.json'; diff --git a/api_docs/kbn_cli_dev_mode.mdx b/api_docs/kbn_cli_dev_mode.mdx index 992b7e7245132..480c8e6ed6e9e 100644 --- a/api_docs/kbn_cli_dev_mode.mdx +++ b/api_docs/kbn_cli_dev_mode.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cli-dev-mode title: "@kbn/cli-dev-mode" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cli-dev-mode plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cli-dev-mode'] --- import kbnCliDevModeObj from './kbn_cli_dev_mode.devdocs.json'; diff --git a/api_docs/kbn_code_editor.mdx b/api_docs/kbn_code_editor.mdx index cbb4c44ad2ad7..dee66c88d37df 100644 --- a/api_docs/kbn_code_editor.mdx +++ b/api_docs/kbn_code_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-editor title: "@kbn/code-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-editor plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-editor'] --- import kbnCodeEditorObj from './kbn_code_editor.devdocs.json'; diff --git a/api_docs/kbn_code_editor_mocks.mdx b/api_docs/kbn_code_editor_mocks.mdx index c5cab8c0fbe06..71e8c615570fa 100644 --- a/api_docs/kbn_code_editor_mocks.mdx +++ b/api_docs/kbn_code_editor_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-editor-mocks title: "@kbn/code-editor-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-editor-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-editor-mocks'] --- import kbnCodeEditorMocksObj from './kbn_code_editor_mocks.devdocs.json'; diff --git a/api_docs/kbn_coloring.mdx b/api_docs/kbn_coloring.mdx index 73d82f26c4c18..d84d400408e9a 100644 --- a/api_docs/kbn_coloring.mdx +++ b/api_docs/kbn_coloring.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-coloring title: "@kbn/coloring" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/coloring plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/coloring'] --- import kbnColoringObj from './kbn_coloring.devdocs.json'; diff --git a/api_docs/kbn_config.mdx b/api_docs/kbn_config.mdx index e0797539f5634..4e77d6291ead7 100644 --- a/api_docs/kbn_config.mdx +++ b/api_docs/kbn_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config title: "@kbn/config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config'] --- import kbnConfigObj from './kbn_config.devdocs.json'; diff --git a/api_docs/kbn_config_mocks.mdx b/api_docs/kbn_config_mocks.mdx index 29c4e37f18c4b..3fbb09c8411fa 100644 --- a/api_docs/kbn_config_mocks.mdx +++ b/api_docs/kbn_config_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config-mocks title: "@kbn/config-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config-mocks'] --- import kbnConfigMocksObj from './kbn_config_mocks.devdocs.json'; diff --git a/api_docs/kbn_config_schema.mdx b/api_docs/kbn_config_schema.mdx index d25f2d384f919..d3f33522f40af 100644 --- a/api_docs/kbn_config_schema.mdx +++ b/api_docs/kbn_config_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config-schema title: "@kbn/config-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config-schema plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config-schema'] --- import kbnConfigSchemaObj from './kbn_config_schema.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_editor.mdx b/api_docs/kbn_content_management_content_editor.mdx index a7564002e2f80..fd51f342947fa 100644 --- a/api_docs/kbn_content_management_content_editor.mdx +++ b/api_docs/kbn_content_management_content_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-editor title: "@kbn/content-management-content-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-editor plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-editor'] --- import kbnContentManagementContentEditorObj from './kbn_content_management_content_editor.devdocs.json'; diff --git a/api_docs/kbn_content_management_tabbed_table_list_view.mdx b/api_docs/kbn_content_management_tabbed_table_list_view.mdx index 75996f4483896..5040f5a1ce2be 100644 --- a/api_docs/kbn_content_management_tabbed_table_list_view.mdx +++ b/api_docs/kbn_content_management_tabbed_table_list_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-tabbed-table-list-view title: "@kbn/content-management-tabbed-table-list-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-tabbed-table-list-view plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-tabbed-table-list-view'] --- import kbnContentManagementTabbedTableListViewObj from './kbn_content_management_tabbed_table_list_view.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view.mdx b/api_docs/kbn_content_management_table_list_view.mdx index 66ac0d1614cc9..ad0548ef5ca19 100644 --- a/api_docs/kbn_content_management_table_list_view.mdx +++ b/api_docs/kbn_content_management_table_list_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view title: "@kbn/content-management-table-list-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view'] --- import kbnContentManagementTableListViewObj from './kbn_content_management_table_list_view.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view_table.mdx b/api_docs/kbn_content_management_table_list_view_table.mdx index 306267a6abada..ca6aebdfcff09 100644 --- a/api_docs/kbn_content_management_table_list_view_table.mdx +++ b/api_docs/kbn_content_management_table_list_view_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view-table title: "@kbn/content-management-table-list-view-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view-table plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view-table'] --- import kbnContentManagementTableListViewTableObj from './kbn_content_management_table_list_view_table.devdocs.json'; diff --git a/api_docs/kbn_content_management_utils.mdx b/api_docs/kbn_content_management_utils.mdx index 11155b30e699f..f03c127589e1e 100644 --- a/api_docs/kbn_content_management_utils.mdx +++ b/api_docs/kbn_content_management_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-utils title: "@kbn/content-management-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-utils'] --- import kbnContentManagementUtilsObj from './kbn_content_management_utils.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser.mdx b/api_docs/kbn_core_analytics_browser.mdx index 91eb8b10f3a5a..09dae71e9f07f 100644 --- a/api_docs/kbn_core_analytics_browser.mdx +++ b/api_docs/kbn_core_analytics_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser title: "@kbn/core-analytics-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser'] --- import kbnCoreAnalyticsBrowserObj from './kbn_core_analytics_browser.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser_internal.mdx b/api_docs/kbn_core_analytics_browser_internal.mdx index df656ecd61406..c1436b89c5680 100644 --- a/api_docs/kbn_core_analytics_browser_internal.mdx +++ b/api_docs/kbn_core_analytics_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser-internal title: "@kbn/core-analytics-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser-internal'] --- import kbnCoreAnalyticsBrowserInternalObj from './kbn_core_analytics_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser_mocks.mdx b/api_docs/kbn_core_analytics_browser_mocks.mdx index ec53ba8c11877..61f4d3d3de7ad 100644 --- a/api_docs/kbn_core_analytics_browser_mocks.mdx +++ b/api_docs/kbn_core_analytics_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser-mocks title: "@kbn/core-analytics-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser-mocks'] --- import kbnCoreAnalyticsBrowserMocksObj from './kbn_core_analytics_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server.mdx b/api_docs/kbn_core_analytics_server.mdx index 41d955623cb24..354745d4dee41 100644 --- a/api_docs/kbn_core_analytics_server.mdx +++ b/api_docs/kbn_core_analytics_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server title: "@kbn/core-analytics-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server'] --- import kbnCoreAnalyticsServerObj from './kbn_core_analytics_server.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server_internal.mdx b/api_docs/kbn_core_analytics_server_internal.mdx index 9d691f27ce8e1..d9b952bf941b6 100644 --- a/api_docs/kbn_core_analytics_server_internal.mdx +++ b/api_docs/kbn_core_analytics_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server-internal title: "@kbn/core-analytics-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server-internal'] --- import kbnCoreAnalyticsServerInternalObj from './kbn_core_analytics_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server_mocks.mdx b/api_docs/kbn_core_analytics_server_mocks.mdx index aac21b064dc5c..1ffb1318abc8f 100644 --- a/api_docs/kbn_core_analytics_server_mocks.mdx +++ b/api_docs/kbn_core_analytics_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server-mocks title: "@kbn/core-analytics-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server-mocks'] --- import kbnCoreAnalyticsServerMocksObj from './kbn_core_analytics_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser.mdx b/api_docs/kbn_core_application_browser.mdx index b7facaca6d8b2..ada9a02d44443 100644 --- a/api_docs/kbn_core_application_browser.mdx +++ b/api_docs/kbn_core_application_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser title: "@kbn/core-application-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser'] --- import kbnCoreApplicationBrowserObj from './kbn_core_application_browser.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser_internal.mdx b/api_docs/kbn_core_application_browser_internal.mdx index a3465ade3a3d9..862b6ea8cf72a 100644 --- a/api_docs/kbn_core_application_browser_internal.mdx +++ b/api_docs/kbn_core_application_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser-internal title: "@kbn/core-application-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser-internal'] --- import kbnCoreApplicationBrowserInternalObj from './kbn_core_application_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser_mocks.mdx b/api_docs/kbn_core_application_browser_mocks.mdx index 8a552ba93fa44..c9ea7f82325c3 100644 --- a/api_docs/kbn_core_application_browser_mocks.mdx +++ b/api_docs/kbn_core_application_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser-mocks title: "@kbn/core-application-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser-mocks'] --- import kbnCoreApplicationBrowserMocksObj from './kbn_core_application_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_application_common.mdx b/api_docs/kbn_core_application_common.mdx index 3594a96e2f42b..c49650d058ad9 100644 --- a/api_docs/kbn_core_application_common.mdx +++ b/api_docs/kbn_core_application_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-common title: "@kbn/core-application-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-common'] --- import kbnCoreApplicationCommonObj from './kbn_core_application_common.devdocs.json'; diff --git a/api_docs/kbn_core_apps_browser_internal.mdx b/api_docs/kbn_core_apps_browser_internal.mdx index df550f5ea06ba..64dca12fc9a96 100644 --- a/api_docs/kbn_core_apps_browser_internal.mdx +++ b/api_docs/kbn_core_apps_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-browser-internal title: "@kbn/core-apps-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-browser-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-browser-internal'] --- import kbnCoreAppsBrowserInternalObj from './kbn_core_apps_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_apps_browser_mocks.mdx b/api_docs/kbn_core_apps_browser_mocks.mdx index ec7aa6f619889..78a5116838ca2 100644 --- a/api_docs/kbn_core_apps_browser_mocks.mdx +++ b/api_docs/kbn_core_apps_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-browser-mocks title: "@kbn/core-apps-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-browser-mocks'] --- import kbnCoreAppsBrowserMocksObj from './kbn_core_apps_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_apps_server_internal.mdx b/api_docs/kbn_core_apps_server_internal.mdx index 48474b6639288..51aeef44af6cd 100644 --- a/api_docs/kbn_core_apps_server_internal.mdx +++ b/api_docs/kbn_core_apps_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-server-internal title: "@kbn/core-apps-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-server-internal'] --- import kbnCoreAppsServerInternalObj from './kbn_core_apps_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_base_browser_mocks.mdx b/api_docs/kbn_core_base_browser_mocks.mdx index de80610f095b2..0375b57247893 100644 --- a/api_docs/kbn_core_base_browser_mocks.mdx +++ b/api_docs/kbn_core_base_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-browser-mocks title: "@kbn/core-base-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-browser-mocks'] --- import kbnCoreBaseBrowserMocksObj from './kbn_core_base_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_base_common.mdx b/api_docs/kbn_core_base_common.mdx index a2fb258b8ecf0..58b91031843bb 100644 --- a/api_docs/kbn_core_base_common.mdx +++ b/api_docs/kbn_core_base_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-common title: "@kbn/core-base-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-common'] --- import kbnCoreBaseCommonObj from './kbn_core_base_common.devdocs.json'; diff --git a/api_docs/kbn_core_base_server_internal.mdx b/api_docs/kbn_core_base_server_internal.mdx index 1f1a4a10877c4..f4cc5f9dad378 100644 --- a/api_docs/kbn_core_base_server_internal.mdx +++ b/api_docs/kbn_core_base_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-server-internal title: "@kbn/core-base-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-server-internal'] --- import kbnCoreBaseServerInternalObj from './kbn_core_base_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_base_server_mocks.mdx b/api_docs/kbn_core_base_server_mocks.mdx index 26574c1ac8b8e..8300e893c0a75 100644 --- a/api_docs/kbn_core_base_server_mocks.mdx +++ b/api_docs/kbn_core_base_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-server-mocks title: "@kbn/core-base-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-server-mocks'] --- import kbnCoreBaseServerMocksObj from './kbn_core_base_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_browser_mocks.mdx b/api_docs/kbn_core_capabilities_browser_mocks.mdx index 927f7277a4501..cc93642ee28c7 100644 --- a/api_docs/kbn_core_capabilities_browser_mocks.mdx +++ b/api_docs/kbn_core_capabilities_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-browser-mocks title: "@kbn/core-capabilities-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-browser-mocks'] --- import kbnCoreCapabilitiesBrowserMocksObj from './kbn_core_capabilities_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_common.mdx b/api_docs/kbn_core_capabilities_common.mdx index 55909f038034f..d8ad0f16a1074 100644 --- a/api_docs/kbn_core_capabilities_common.mdx +++ b/api_docs/kbn_core_capabilities_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-common title: "@kbn/core-capabilities-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-common'] --- import kbnCoreCapabilitiesCommonObj from './kbn_core_capabilities_common.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_server.mdx b/api_docs/kbn_core_capabilities_server.mdx index 7c95419ad4f7a..593b43b5e6601 100644 --- a/api_docs/kbn_core_capabilities_server.mdx +++ b/api_docs/kbn_core_capabilities_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-server title: "@kbn/core-capabilities-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-server'] --- import kbnCoreCapabilitiesServerObj from './kbn_core_capabilities_server.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_server_mocks.mdx b/api_docs/kbn_core_capabilities_server_mocks.mdx index 1d5474cc18045..f37bea10a5b53 100644 --- a/api_docs/kbn_core_capabilities_server_mocks.mdx +++ b/api_docs/kbn_core_capabilities_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-server-mocks title: "@kbn/core-capabilities-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-server-mocks'] --- import kbnCoreCapabilitiesServerMocksObj from './kbn_core_capabilities_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_chrome_browser.devdocs.json b/api_docs/kbn_core_chrome_browser.devdocs.json index 1761dd7934aa9..cd79a207bdb78 100644 --- a/api_docs/kbn_core_chrome_browser.devdocs.json +++ b/api_docs/kbn_core_chrome_browser.devdocs.json @@ -1502,7 +1502,19 @@ "type": "Interface", "tags": [], "label": "ChromeProjectNavigationNode", - "description": [], + "description": [ + "\n\nChrome project navigation node. This is the tree definition stored in the Chrome service\nthat is generated based on the NodeDefinition below.\nSome of the process that occurs between the 2 are:\n- \"link\" prop get converted to existing ChromNavLink\n- \"path\" is added to each node based on where it is located in the tree\n- \"isActive\" state is set for each node if its URL matches the current location" + ], + "signature": [ + { + "pluginId": "@kbn/core-chrome-browser", + "scope": "common", + "docId": "kibKbnCoreChromeBrowserPluginApi", + "section": "def-common.ChromeProjectNavigationNode", + "text": "ChromeProjectNavigationNode" + }, + " extends NodeDefinitionBase" + ], "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", "deprecated": false, "trackAdoption": false, @@ -1572,38 +1584,6 @@ "deprecated": false, "trackAdoption": false }, - { - "parentPluginId": "@kbn/core-chrome-browser", - "id": "def-common.ChromeProjectNavigationNode.icon", - "type": "string", - "tags": [], - "label": "icon", - "description": [ - "Optional icon for the navigation node. Note: not all navigation depth will render the icon" - ], - "signature": [ - "string | undefined" - ], - "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "@kbn/core-chrome-browser", - "id": "def-common.ChromeProjectNavigationNode.isGroupTitle", - "type": "CompoundType", - "tags": [], - "label": "isGroupTitle", - "description": [ - "Optional flag to indicate if the node must be treated as a group title" - ], - "signature": [ - "boolean | undefined" - ], - "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", - "deprecated": false, - "trackAdoption": false - }, { "parentPluginId": "@kbn/core-chrome-browser", "id": "def-common.ChromeProjectNavigationNode.children", @@ -1611,7 +1591,7 @@ "tags": [], "label": "children", "description": [ - "Optional children of the navigation node" + "\nOptional children of the navigation node. Once a node has \"children\" defined it is\nconsidered a \"group\" node." ], "signature": [ { @@ -1627,22 +1607,6 @@ "deprecated": false, "trackAdoption": false }, - { - "parentPluginId": "@kbn/core-chrome-browser", - "id": "def-common.ChromeProjectNavigationNode.href", - "type": "string", - "tags": [], - "label": "href", - "description": [ - "\nhref for absolute links only. Internal links should use \"link\"." - ], - "signature": [ - "string | undefined" - ], - "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", - "deprecated": false, - "trackAdoption": false - }, { "parentPluginId": "@kbn/core-chrome-browser", "id": "def-common.ChromeProjectNavigationNode.isActive", @@ -1658,57 +1622,6 @@ "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", "deprecated": false, "trackAdoption": false - }, - { - "parentPluginId": "@kbn/core-chrome-browser", - "id": "def-common.ChromeProjectNavigationNode.getIsActive", - "type": "Function", - "tags": [], - "label": "getIsActive", - "description": [ - "\nOptional function to get the active state. This function is called whenever the location changes." - ], - "signature": [ - "GetIsActiveFn", - " | undefined" - ], - "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "@kbn/core-chrome-browser", - "id": "def-common.ChromeProjectNavigationNode.breadcrumbStatus", - "type": "CompoundType", - "tags": [ - "default" - ], - "label": "breadcrumbStatus", - "description": [ - "\nOptional flag to indicate if the breadcrumb should be hidden when this node is active." - ], - "signature": [ - "\"hidden\" | \"visible\" | undefined" - ], - "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "@kbn/core-chrome-browser", - "id": "def-common.ChromeProjectNavigationNode.accordionProps", - "type": "Object", - "tags": [], - "label": "accordionProps", - "description": [], - "signature": [ - "Partial<", - "EuiAccordionProps", - "> | undefined" - ], - "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", - "deprecated": false, - "trackAdoption": false } ], "initialIsOpen": false @@ -2795,6 +2708,26 @@ "trackAdoption": false, "children": [], "returnComment": [] + }, + { + "parentPluginId": "@kbn/core-chrome-browser", + "id": "def-common.ChromeStart.getIsSideNavCollapsed$", + "type": "Function", + "tags": [], + "label": "getIsSideNavCollapsed$", + "description": [ + "\nGet an observable of the current collapsed state of the side nav." + ], + "signature": [ + "() => ", + "Observable", + "" + ], + "path": "packages/core/chrome/core-chrome-browser/src/contracts.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [] } ], "initialIsOpen": false @@ -2866,7 +2799,7 @@ "section": "def-common.NodeDefinition", "text": "NodeDefinition" }, - "" + " extends NodeDefinitionBase" ], "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", "deprecated": false, @@ -2943,49 +2876,16 @@ "deprecated": false, "trackAdoption": false }, - { - "parentPluginId": "@kbn/core-chrome-browser", - "id": "def-common.NodeDefinition.icon", - "type": "string", - "tags": [], - "label": "icon", - "description": [ - "Optional icon for the navigation node. Note: not all navigation depth will render the icon" - ], - "signature": [ - "string | undefined" - ], - "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "@kbn/core-chrome-browser", - "id": "def-common.NodeDefinition.isGroupTitle", - "type": "CompoundType", - "tags": [], - "label": "isGroupTitle", - "description": [ - "\nOptional flag to indicate if the node must be treated as a group title.\nCan not be used with `children`" - ], - "signature": [ - "boolean | undefined" - ], - "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", - "deprecated": false, - "trackAdoption": false - }, { "parentPluginId": "@kbn/core-chrome-browser", "id": "def-common.NodeDefinition.children", - "type": "Object", + "type": "Array", "tags": [], "label": "children", "description": [ "Optional children of the navigation node. Can not be used with `isGroupTitle`" ], "signature": [ - "NonEmptyArray<", { "pluginId": "@kbn/core-chrome-browser", "scope": "common", @@ -2993,74 +2893,7 @@ "section": "def-common.NodeDefinition", "text": "NodeDefinition" }, - "> | undefined" - ], - "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "@kbn/core-chrome-browser", - "id": "def-common.NodeDefinition.href", - "type": "string", - "tags": [], - "label": "href", - "description": [ - "\nUse href for absolute links only. Internal links should use \"link\"." - ], - "signature": [ - "string | undefined" - ], - "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "@kbn/core-chrome-browser", - "id": "def-common.NodeDefinition.getIsActive", - "type": "Function", - "tags": [], - "label": "getIsActive", - "description": [ - "\nOptional function to get the active state. This function is called whenever the location changes." - ], - "signature": [ - "GetIsActiveFn", - " | undefined" - ], - "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "@kbn/core-chrome-browser", - "id": "def-common.NodeDefinition.breadcrumbStatus", - "type": "CompoundType", - "tags": [ - "default" - ], - "label": "breadcrumbStatus", - "description": [ - "\nOptional flag to indicate if the breadcrumb should be hidden when this node is active." - ], - "signature": [ - "\"hidden\" | \"visible\" | undefined" - ], - "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "@kbn/core-chrome-browser", - "id": "def-common.NodeDefinition.accordionProps", - "type": "Object", - "tags": [], - "label": "accordionProps", - "description": [], - "signature": [ - "Partial<", - "EuiAccordionProps", - "> | undefined" + "[] | undefined" ], "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", "deprecated": false, @@ -3351,7 +3184,7 @@ "section": "def-common.NodeDefinition", "text": "NodeDefinition" }, - " & { children: NonEmptyArray<", + " & { children: ", { "pluginId": "@kbn/core-chrome-browser", "scope": "common", @@ -3359,7 +3192,22 @@ "section": "def-common.NodeDefinition", "text": "NodeDefinition" }, - ">; }" + "[]; }" + ], + "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/core-chrome-browser", + "id": "def-common.RenderAs", + "type": "Type", + "tags": [], + "label": "RenderAs", + "description": [], + "signature": [ + "\"block\" | \"item\" | \"accordion\" | \"panelOpener\"" ], "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", "deprecated": false, @@ -3396,6 +3244,21 @@ "deprecated": false, "trackAdoption": false, "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/core-chrome-browser", + "id": "def-common.SideNavNodeStatus", + "type": "Type", + "tags": [], + "label": "SideNavNodeStatus", + "description": [], + "signature": [ + "\"hidden\" | \"visible\"" + ], + "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false } ], "objects": [] diff --git a/api_docs/kbn_core_chrome_browser.mdx b/api_docs/kbn_core_chrome_browser.mdx index 20859d4f6d1da..e52cfa31eb600 100644 --- a/api_docs/kbn_core_chrome_browser.mdx +++ b/api_docs/kbn_core_chrome_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-chrome-browser title: "@kbn/core-chrome-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-chrome-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-chrome-browser'] --- import kbnCoreChromeBrowserObj from './kbn_core_chrome_browser.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sh | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 172 | 0 | 70 | 1 | +| 163 | 0 | 69 | 0 | ## Common diff --git a/api_docs/kbn_core_chrome_browser_mocks.mdx b/api_docs/kbn_core_chrome_browser_mocks.mdx index b1cfb51c5948d..0c191d0b0b35d 100644 --- a/api_docs/kbn_core_chrome_browser_mocks.mdx +++ b/api_docs/kbn_core_chrome_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-chrome-browser-mocks title: "@kbn/core-chrome-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-chrome-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-chrome-browser-mocks'] --- import kbnCoreChromeBrowserMocksObj from './kbn_core_chrome_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_config_server_internal.mdx b/api_docs/kbn_core_config_server_internal.mdx index 673f164bbff2f..837ff13dd1551 100644 --- a/api_docs/kbn_core_config_server_internal.mdx +++ b/api_docs/kbn_core_config_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-config-server-internal title: "@kbn/core-config-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-config-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-config-server-internal'] --- import kbnCoreConfigServerInternalObj from './kbn_core_config_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser.mdx b/api_docs/kbn_core_custom_branding_browser.mdx index 239207b3fe74c..04e1c7dbad034 100644 --- a/api_docs/kbn_core_custom_branding_browser.mdx +++ b/api_docs/kbn_core_custom_branding_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser title: "@kbn/core-custom-branding-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser'] --- import kbnCoreCustomBrandingBrowserObj from './kbn_core_custom_branding_browser.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser_internal.mdx b/api_docs/kbn_core_custom_branding_browser_internal.mdx index 55d77a39b57c6..e84a0bc6c1c7d 100644 --- a/api_docs/kbn_core_custom_branding_browser_internal.mdx +++ b/api_docs/kbn_core_custom_branding_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser-internal title: "@kbn/core-custom-branding-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser-internal'] --- import kbnCoreCustomBrandingBrowserInternalObj from './kbn_core_custom_branding_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser_mocks.mdx b/api_docs/kbn_core_custom_branding_browser_mocks.mdx index 7440d94a14bf4..8983b790e1323 100644 --- a/api_docs/kbn_core_custom_branding_browser_mocks.mdx +++ b/api_docs/kbn_core_custom_branding_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser-mocks title: "@kbn/core-custom-branding-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser-mocks'] --- import kbnCoreCustomBrandingBrowserMocksObj from './kbn_core_custom_branding_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_common.mdx b/api_docs/kbn_core_custom_branding_common.mdx index fb56e91e952a7..a11ce0be45b1e 100644 --- a/api_docs/kbn_core_custom_branding_common.mdx +++ b/api_docs/kbn_core_custom_branding_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-common title: "@kbn/core-custom-branding-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-common'] --- import kbnCoreCustomBrandingCommonObj from './kbn_core_custom_branding_common.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server.mdx b/api_docs/kbn_core_custom_branding_server.mdx index ed28c0d11a862..f07ea7d2480be 100644 --- a/api_docs/kbn_core_custom_branding_server.mdx +++ b/api_docs/kbn_core_custom_branding_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server title: "@kbn/core-custom-branding-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server'] --- import kbnCoreCustomBrandingServerObj from './kbn_core_custom_branding_server.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server_internal.mdx b/api_docs/kbn_core_custom_branding_server_internal.mdx index b6e209392f286..29d22b842f28b 100644 --- a/api_docs/kbn_core_custom_branding_server_internal.mdx +++ b/api_docs/kbn_core_custom_branding_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server-internal title: "@kbn/core-custom-branding-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server-internal'] --- import kbnCoreCustomBrandingServerInternalObj from './kbn_core_custom_branding_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server_mocks.mdx b/api_docs/kbn_core_custom_branding_server_mocks.mdx index f9b96fa733557..cc9ef3a4a7bed 100644 --- a/api_docs/kbn_core_custom_branding_server_mocks.mdx +++ b/api_docs/kbn_core_custom_branding_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server-mocks title: "@kbn/core-custom-branding-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server-mocks'] --- import kbnCoreCustomBrandingServerMocksObj from './kbn_core_custom_branding_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser.mdx b/api_docs/kbn_core_deprecations_browser.mdx index 1caa989923609..8ae7903bbf9dd 100644 --- a/api_docs/kbn_core_deprecations_browser.mdx +++ b/api_docs/kbn_core_deprecations_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser title: "@kbn/core-deprecations-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser'] --- import kbnCoreDeprecationsBrowserObj from './kbn_core_deprecations_browser.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser_internal.mdx b/api_docs/kbn_core_deprecations_browser_internal.mdx index 657907431835f..de55fac3118c7 100644 --- a/api_docs/kbn_core_deprecations_browser_internal.mdx +++ b/api_docs/kbn_core_deprecations_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser-internal title: "@kbn/core-deprecations-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser-internal'] --- import kbnCoreDeprecationsBrowserInternalObj from './kbn_core_deprecations_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser_mocks.mdx b/api_docs/kbn_core_deprecations_browser_mocks.mdx index 0e01f49afc728..0ddc53131cb8c 100644 --- a/api_docs/kbn_core_deprecations_browser_mocks.mdx +++ b/api_docs/kbn_core_deprecations_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser-mocks title: "@kbn/core-deprecations-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser-mocks'] --- import kbnCoreDeprecationsBrowserMocksObj from './kbn_core_deprecations_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_common.mdx b/api_docs/kbn_core_deprecations_common.mdx index 40319fb3b9d71..e43a1db29b22d 100644 --- a/api_docs/kbn_core_deprecations_common.mdx +++ b/api_docs/kbn_core_deprecations_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-common title: "@kbn/core-deprecations-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-common'] --- import kbnCoreDeprecationsCommonObj from './kbn_core_deprecations_common.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server.mdx b/api_docs/kbn_core_deprecations_server.mdx index c972253a1d766..d175bc6f53eba 100644 --- a/api_docs/kbn_core_deprecations_server.mdx +++ b/api_docs/kbn_core_deprecations_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server title: "@kbn/core-deprecations-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server'] --- import kbnCoreDeprecationsServerObj from './kbn_core_deprecations_server.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server_internal.mdx b/api_docs/kbn_core_deprecations_server_internal.mdx index 836e2029f733f..1e7d7e9c9bcb2 100644 --- a/api_docs/kbn_core_deprecations_server_internal.mdx +++ b/api_docs/kbn_core_deprecations_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server-internal title: "@kbn/core-deprecations-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server-internal'] --- import kbnCoreDeprecationsServerInternalObj from './kbn_core_deprecations_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server_mocks.mdx b/api_docs/kbn_core_deprecations_server_mocks.mdx index 850e80b04028d..907052de7716e 100644 --- a/api_docs/kbn_core_deprecations_server_mocks.mdx +++ b/api_docs/kbn_core_deprecations_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server-mocks title: "@kbn/core-deprecations-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server-mocks'] --- import kbnCoreDeprecationsServerMocksObj from './kbn_core_deprecations_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_browser.mdx b/api_docs/kbn_core_doc_links_browser.mdx index ffdd0b653c5c3..f4bfd14312ce1 100644 --- a/api_docs/kbn_core_doc_links_browser.mdx +++ b/api_docs/kbn_core_doc_links_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-browser title: "@kbn/core-doc-links-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-browser'] --- import kbnCoreDocLinksBrowserObj from './kbn_core_doc_links_browser.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_browser_mocks.mdx b/api_docs/kbn_core_doc_links_browser_mocks.mdx index 457f1744e4a46..29ad0ae05a3c0 100644 --- a/api_docs/kbn_core_doc_links_browser_mocks.mdx +++ b/api_docs/kbn_core_doc_links_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-browser-mocks title: "@kbn/core-doc-links-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-browser-mocks'] --- import kbnCoreDocLinksBrowserMocksObj from './kbn_core_doc_links_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_server.mdx b/api_docs/kbn_core_doc_links_server.mdx index cd8ddb2c7fd9e..5b312aa87464b 100644 --- a/api_docs/kbn_core_doc_links_server.mdx +++ b/api_docs/kbn_core_doc_links_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-server title: "@kbn/core-doc-links-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-server'] --- import kbnCoreDocLinksServerObj from './kbn_core_doc_links_server.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_server_mocks.mdx b/api_docs/kbn_core_doc_links_server_mocks.mdx index c89874205e4da..46d76fad5ab9a 100644 --- a/api_docs/kbn_core_doc_links_server_mocks.mdx +++ b/api_docs/kbn_core_doc_links_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-server-mocks title: "@kbn/core-doc-links-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-server-mocks'] --- import kbnCoreDocLinksServerMocksObj from './kbn_core_doc_links_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_client_server_internal.mdx b/api_docs/kbn_core_elasticsearch_client_server_internal.mdx index 640e917ab94f0..d6c0b532ee278 100644 --- a/api_docs/kbn_core_elasticsearch_client_server_internal.mdx +++ b/api_docs/kbn_core_elasticsearch_client_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-client-server-internal title: "@kbn/core-elasticsearch-client-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-client-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-client-server-internal'] --- import kbnCoreElasticsearchClientServerInternalObj from './kbn_core_elasticsearch_client_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx b/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx index 7ebf74b577c8f..bc486588c7e87 100644 --- a/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx +++ b/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-client-server-mocks title: "@kbn/core-elasticsearch-client-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-client-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-client-server-mocks'] --- import kbnCoreElasticsearchClientServerMocksObj from './kbn_core_elasticsearch_client_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server.mdx b/api_docs/kbn_core_elasticsearch_server.mdx index 662163b17bd61..7ed8409c1f254 100644 --- a/api_docs/kbn_core_elasticsearch_server.mdx +++ b/api_docs/kbn_core_elasticsearch_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server title: "@kbn/core-elasticsearch-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server'] --- import kbnCoreElasticsearchServerObj from './kbn_core_elasticsearch_server.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server_internal.mdx b/api_docs/kbn_core_elasticsearch_server_internal.mdx index a586e467e5866..bda31481fad63 100644 --- a/api_docs/kbn_core_elasticsearch_server_internal.mdx +++ b/api_docs/kbn_core_elasticsearch_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server-internal title: "@kbn/core-elasticsearch-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server-internal'] --- import kbnCoreElasticsearchServerInternalObj from './kbn_core_elasticsearch_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server_mocks.mdx b/api_docs/kbn_core_elasticsearch_server_mocks.mdx index 46e6055acad82..305da95d24b84 100644 --- a/api_docs/kbn_core_elasticsearch_server_mocks.mdx +++ b/api_docs/kbn_core_elasticsearch_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server-mocks title: "@kbn/core-elasticsearch-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server-mocks'] --- import kbnCoreElasticsearchServerMocksObj from './kbn_core_elasticsearch_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_environment_server_internal.mdx b/api_docs/kbn_core_environment_server_internal.mdx index f8a4673f8ac76..6163cc6b1630b 100644 --- a/api_docs/kbn_core_environment_server_internal.mdx +++ b/api_docs/kbn_core_environment_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-environment-server-internal title: "@kbn/core-environment-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-environment-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-environment-server-internal'] --- import kbnCoreEnvironmentServerInternalObj from './kbn_core_environment_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_environment_server_mocks.mdx b/api_docs/kbn_core_environment_server_mocks.mdx index 11c8d6a399862..86558bde56884 100644 --- a/api_docs/kbn_core_environment_server_mocks.mdx +++ b/api_docs/kbn_core_environment_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-environment-server-mocks title: "@kbn/core-environment-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-environment-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-environment-server-mocks'] --- import kbnCoreEnvironmentServerMocksObj from './kbn_core_environment_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser.mdx b/api_docs/kbn_core_execution_context_browser.mdx index 6704ea91656ec..214b48f67b5c4 100644 --- a/api_docs/kbn_core_execution_context_browser.mdx +++ b/api_docs/kbn_core_execution_context_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser title: "@kbn/core-execution-context-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser'] --- import kbnCoreExecutionContextBrowserObj from './kbn_core_execution_context_browser.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser_internal.mdx b/api_docs/kbn_core_execution_context_browser_internal.mdx index 5f890c4d06972..1c8698598c665 100644 --- a/api_docs/kbn_core_execution_context_browser_internal.mdx +++ b/api_docs/kbn_core_execution_context_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser-internal title: "@kbn/core-execution-context-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser-internal'] --- import kbnCoreExecutionContextBrowserInternalObj from './kbn_core_execution_context_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser_mocks.mdx b/api_docs/kbn_core_execution_context_browser_mocks.mdx index ec04f75c8aba8..25e34a8cf6b29 100644 --- a/api_docs/kbn_core_execution_context_browser_mocks.mdx +++ b/api_docs/kbn_core_execution_context_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser-mocks title: "@kbn/core-execution-context-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser-mocks'] --- import kbnCoreExecutionContextBrowserMocksObj from './kbn_core_execution_context_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_common.mdx b/api_docs/kbn_core_execution_context_common.mdx index 8b99f3c87ece3..a85f399395ba6 100644 --- a/api_docs/kbn_core_execution_context_common.mdx +++ b/api_docs/kbn_core_execution_context_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-common title: "@kbn/core-execution-context-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-common'] --- import kbnCoreExecutionContextCommonObj from './kbn_core_execution_context_common.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server.mdx b/api_docs/kbn_core_execution_context_server.mdx index ae8a69fab1d8c..1a1ae36a75ebf 100644 --- a/api_docs/kbn_core_execution_context_server.mdx +++ b/api_docs/kbn_core_execution_context_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server title: "@kbn/core-execution-context-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server'] --- import kbnCoreExecutionContextServerObj from './kbn_core_execution_context_server.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server_internal.mdx b/api_docs/kbn_core_execution_context_server_internal.mdx index c14187750d19b..4687801a4814a 100644 --- a/api_docs/kbn_core_execution_context_server_internal.mdx +++ b/api_docs/kbn_core_execution_context_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server-internal title: "@kbn/core-execution-context-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server-internal'] --- import kbnCoreExecutionContextServerInternalObj from './kbn_core_execution_context_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server_mocks.mdx b/api_docs/kbn_core_execution_context_server_mocks.mdx index af850f7922072..b3c814cc8e161 100644 --- a/api_docs/kbn_core_execution_context_server_mocks.mdx +++ b/api_docs/kbn_core_execution_context_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server-mocks title: "@kbn/core-execution-context-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server-mocks'] --- import kbnCoreExecutionContextServerMocksObj from './kbn_core_execution_context_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_fatal_errors_browser.mdx b/api_docs/kbn_core_fatal_errors_browser.mdx index cf518d1280327..d52ef58644020 100644 --- a/api_docs/kbn_core_fatal_errors_browser.mdx +++ b/api_docs/kbn_core_fatal_errors_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-fatal-errors-browser title: "@kbn/core-fatal-errors-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-fatal-errors-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-fatal-errors-browser'] --- import kbnCoreFatalErrorsBrowserObj from './kbn_core_fatal_errors_browser.devdocs.json'; diff --git a/api_docs/kbn_core_fatal_errors_browser_mocks.mdx b/api_docs/kbn_core_fatal_errors_browser_mocks.mdx index 20ac5ecbe9679..9cbacedf9c3b4 100644 --- a/api_docs/kbn_core_fatal_errors_browser_mocks.mdx +++ b/api_docs/kbn_core_fatal_errors_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-fatal-errors-browser-mocks title: "@kbn/core-fatal-errors-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-fatal-errors-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-fatal-errors-browser-mocks'] --- import kbnCoreFatalErrorsBrowserMocksObj from './kbn_core_fatal_errors_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser.mdx b/api_docs/kbn_core_http_browser.mdx index a0ce404c4c0fe..34ae04c13116f 100644 --- a/api_docs/kbn_core_http_browser.mdx +++ b/api_docs/kbn_core_http_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser title: "@kbn/core-http-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser'] --- import kbnCoreHttpBrowserObj from './kbn_core_http_browser.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser_internal.mdx b/api_docs/kbn_core_http_browser_internal.mdx index 4e5a04a6045d5..3ac25be3f1faa 100644 --- a/api_docs/kbn_core_http_browser_internal.mdx +++ b/api_docs/kbn_core_http_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser-internal title: "@kbn/core-http-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser-internal'] --- import kbnCoreHttpBrowserInternalObj from './kbn_core_http_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser_mocks.mdx b/api_docs/kbn_core_http_browser_mocks.mdx index 1f6fe906524af..3fc6f3c488c5e 100644 --- a/api_docs/kbn_core_http_browser_mocks.mdx +++ b/api_docs/kbn_core_http_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser-mocks title: "@kbn/core-http-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser-mocks'] --- import kbnCoreHttpBrowserMocksObj from './kbn_core_http_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_common.mdx b/api_docs/kbn_core_http_common.mdx index 080ad66e8f2e6..c874834561317 100644 --- a/api_docs/kbn_core_http_common.mdx +++ b/api_docs/kbn_core_http_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-common title: "@kbn/core-http-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-common'] --- import kbnCoreHttpCommonObj from './kbn_core_http_common.devdocs.json'; diff --git a/api_docs/kbn_core_http_context_server_mocks.mdx b/api_docs/kbn_core_http_context_server_mocks.mdx index 515e4eb650c33..10c2d7c1877ed 100644 --- a/api_docs/kbn_core_http_context_server_mocks.mdx +++ b/api_docs/kbn_core_http_context_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-context-server-mocks title: "@kbn/core-http-context-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-context-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-context-server-mocks'] --- import kbnCoreHttpContextServerMocksObj from './kbn_core_http_context_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_request_handler_context_server.mdx b/api_docs/kbn_core_http_request_handler_context_server.mdx index b2bdfb6764663..93bf2c2a404eb 100644 --- a/api_docs/kbn_core_http_request_handler_context_server.mdx +++ b/api_docs/kbn_core_http_request_handler_context_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-request-handler-context-server title: "@kbn/core-http-request-handler-context-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-request-handler-context-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-request-handler-context-server'] --- import kbnCoreHttpRequestHandlerContextServerObj from './kbn_core_http_request_handler_context_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server.mdx b/api_docs/kbn_core_http_resources_server.mdx index 11b9583f114d5..64bb018bae401 100644 --- a/api_docs/kbn_core_http_resources_server.mdx +++ b/api_docs/kbn_core_http_resources_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server title: "@kbn/core-http-resources-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server'] --- import kbnCoreHttpResourcesServerObj from './kbn_core_http_resources_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server_internal.mdx b/api_docs/kbn_core_http_resources_server_internal.mdx index f5ad6a24e986e..7d0738acd7691 100644 --- a/api_docs/kbn_core_http_resources_server_internal.mdx +++ b/api_docs/kbn_core_http_resources_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server-internal title: "@kbn/core-http-resources-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server-internal'] --- import kbnCoreHttpResourcesServerInternalObj from './kbn_core_http_resources_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server_mocks.mdx b/api_docs/kbn_core_http_resources_server_mocks.mdx index e34c12e8adf7b..79aeffbe67781 100644 --- a/api_docs/kbn_core_http_resources_server_mocks.mdx +++ b/api_docs/kbn_core_http_resources_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server-mocks title: "@kbn/core-http-resources-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server-mocks'] --- import kbnCoreHttpResourcesServerMocksObj from './kbn_core_http_resources_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_router_server_internal.mdx b/api_docs/kbn_core_http_router_server_internal.mdx index 6a8ae9925b1bd..ddc3bfabbd0bd 100644 --- a/api_docs/kbn_core_http_router_server_internal.mdx +++ b/api_docs/kbn_core_http_router_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-router-server-internal title: "@kbn/core-http-router-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-router-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-router-server-internal'] --- import kbnCoreHttpRouterServerInternalObj from './kbn_core_http_router_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_router_server_mocks.mdx b/api_docs/kbn_core_http_router_server_mocks.mdx index 30258151919d7..9bd7057c1189d 100644 --- a/api_docs/kbn_core_http_router_server_mocks.mdx +++ b/api_docs/kbn_core_http_router_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-router-server-mocks title: "@kbn/core-http-router-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-router-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-router-server-mocks'] --- import kbnCoreHttpRouterServerMocksObj from './kbn_core_http_router_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_server.devdocs.json b/api_docs/kbn_core_http_server.devdocs.json index abeeee5830cd5..183cd33013852 100644 --- a/api_docs/kbn_core_http_server.devdocs.json +++ b/api_docs/kbn_core_http_server.devdocs.json @@ -3599,6 +3599,10 @@ "plugin": "alerting", "path": "x-pack/plugins/alerting/server/routes/maintenance_window/apis/get_active/get_active_maintenance_windows_route.ts" }, + { + "plugin": "alerting", + "path": "x-pack/plugins/alerting/server/routes/rules_settings/apis/get/get_query_delay_settings.ts" + }, { "plugin": "ruleRegistry", "path": "x-pack/plugins/rule_registry/server/routes/get_alert_by_id.ts" @@ -5303,6 +5307,10 @@ "plugin": "alerting", "path": "x-pack/plugins/alerting/server/routes/rule/apis/tags/get_rule_tags.test.ts" }, + { + "plugin": "alerting", + "path": "x-pack/plugins/alerting/server/routes/rules_settings/apis/get/get_query_delay_settings.test.ts" + }, { "plugin": "monitoringCollection", "path": "x-pack/plugins/monitoring_collection/server/routes/api/v1/dynamic_route/get_metrics_by_type.test.ts" @@ -6085,6 +6093,10 @@ "plugin": "alerting", "path": "x-pack/plugins/alerting/server/routes/suggestions/values_suggestion_alerts.ts" }, + { + "plugin": "alerting", + "path": "x-pack/plugins/alerting/server/routes/rules_settings/apis/update/update_query_delay_settings.ts" + }, { "plugin": "ruleRegistry", "path": "x-pack/plugins/rule_registry/server/routes/update_alert_by_id.ts" @@ -7537,6 +7549,10 @@ "plugin": "alerting", "path": "x-pack/plugins/alerting/server/routes/rule/apis/mute_alert/mute_alert.test.ts" }, + { + "plugin": "alerting", + "path": "x-pack/plugins/alerting/server/routes/rules_settings/apis/update/update_query_delay_settings.test.ts" + }, { "plugin": "home", "path": "src/plugins/home/server/plugin.test.ts" diff --git a/api_docs/kbn_core_http_server.mdx b/api_docs/kbn_core_http_server.mdx index a11f782478db8..ea717039d9f51 100644 --- a/api_docs/kbn_core_http_server.mdx +++ b/api_docs/kbn_core_http_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server title: "@kbn/core-http-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server'] --- import kbnCoreHttpServerObj from './kbn_core_http_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_server_internal.mdx b/api_docs/kbn_core_http_server_internal.mdx index e5cec103da6f0..fb97aacfca6df 100644 --- a/api_docs/kbn_core_http_server_internal.mdx +++ b/api_docs/kbn_core_http_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server-internal title: "@kbn/core-http-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server-internal'] --- import kbnCoreHttpServerInternalObj from './kbn_core_http_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_server_mocks.mdx b/api_docs/kbn_core_http_server_mocks.mdx index 1bf6538f0cbc5..f79f7d716e745 100644 --- a/api_docs/kbn_core_http_server_mocks.mdx +++ b/api_docs/kbn_core_http_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server-mocks title: "@kbn/core-http-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server-mocks'] --- import kbnCoreHttpServerMocksObj from './kbn_core_http_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_browser.mdx b/api_docs/kbn_core_i18n_browser.mdx index 350905f033738..b97089a911293 100644 --- a/api_docs/kbn_core_i18n_browser.mdx +++ b/api_docs/kbn_core_i18n_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-browser title: "@kbn/core-i18n-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-browser'] --- import kbnCoreI18nBrowserObj from './kbn_core_i18n_browser.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_browser_mocks.mdx b/api_docs/kbn_core_i18n_browser_mocks.mdx index 402bb38aa2738..d2a14b2d8b467 100644 --- a/api_docs/kbn_core_i18n_browser_mocks.mdx +++ b/api_docs/kbn_core_i18n_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-browser-mocks title: "@kbn/core-i18n-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-browser-mocks'] --- import kbnCoreI18nBrowserMocksObj from './kbn_core_i18n_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server.mdx b/api_docs/kbn_core_i18n_server.mdx index 4584c70c43048..1a16e1a97c692 100644 --- a/api_docs/kbn_core_i18n_server.mdx +++ b/api_docs/kbn_core_i18n_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server title: "@kbn/core-i18n-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server'] --- import kbnCoreI18nServerObj from './kbn_core_i18n_server.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server_internal.mdx b/api_docs/kbn_core_i18n_server_internal.mdx index 701c1ec779aca..b90adb1219cf0 100644 --- a/api_docs/kbn_core_i18n_server_internal.mdx +++ b/api_docs/kbn_core_i18n_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server-internal title: "@kbn/core-i18n-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server-internal'] --- import kbnCoreI18nServerInternalObj from './kbn_core_i18n_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server_mocks.mdx b/api_docs/kbn_core_i18n_server_mocks.mdx index 298c7da21ab88..6ca6958878a92 100644 --- a/api_docs/kbn_core_i18n_server_mocks.mdx +++ b/api_docs/kbn_core_i18n_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server-mocks title: "@kbn/core-i18n-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server-mocks'] --- import kbnCoreI18nServerMocksObj from './kbn_core_i18n_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_injected_metadata_browser_mocks.mdx b/api_docs/kbn_core_injected_metadata_browser_mocks.mdx index ce20518fc04db..e08997c05914a 100644 --- a/api_docs/kbn_core_injected_metadata_browser_mocks.mdx +++ b/api_docs/kbn_core_injected_metadata_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-injected-metadata-browser-mocks title: "@kbn/core-injected-metadata-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-injected-metadata-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-injected-metadata-browser-mocks'] --- import kbnCoreInjectedMetadataBrowserMocksObj from './kbn_core_injected_metadata_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_integrations_browser_internal.mdx b/api_docs/kbn_core_integrations_browser_internal.mdx index 464b6469b51f4..a0ed11667ffcb 100644 --- a/api_docs/kbn_core_integrations_browser_internal.mdx +++ b/api_docs/kbn_core_integrations_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-integrations-browser-internal title: "@kbn/core-integrations-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-integrations-browser-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-integrations-browser-internal'] --- import kbnCoreIntegrationsBrowserInternalObj from './kbn_core_integrations_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_integrations_browser_mocks.mdx b/api_docs/kbn_core_integrations_browser_mocks.mdx index 38b4884d99558..cbfde43842313 100644 --- a/api_docs/kbn_core_integrations_browser_mocks.mdx +++ b/api_docs/kbn_core_integrations_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-integrations-browser-mocks title: "@kbn/core-integrations-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-integrations-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-integrations-browser-mocks'] --- import kbnCoreIntegrationsBrowserMocksObj from './kbn_core_integrations_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_browser.mdx b/api_docs/kbn_core_lifecycle_browser.mdx index ad8f8724d8055..e14e7f08fa6e4 100644 --- a/api_docs/kbn_core_lifecycle_browser.mdx +++ b/api_docs/kbn_core_lifecycle_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-browser title: "@kbn/core-lifecycle-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-browser'] --- import kbnCoreLifecycleBrowserObj from './kbn_core_lifecycle_browser.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_browser_mocks.mdx b/api_docs/kbn_core_lifecycle_browser_mocks.mdx index 6574f66ea8f1d..e5969b668ef35 100644 --- a/api_docs/kbn_core_lifecycle_browser_mocks.mdx +++ b/api_docs/kbn_core_lifecycle_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-browser-mocks title: "@kbn/core-lifecycle-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-browser-mocks'] --- import kbnCoreLifecycleBrowserMocksObj from './kbn_core_lifecycle_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_server.mdx b/api_docs/kbn_core_lifecycle_server.mdx index e93d8bf80d46b..02e5401d3c246 100644 --- a/api_docs/kbn_core_lifecycle_server.mdx +++ b/api_docs/kbn_core_lifecycle_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-server title: "@kbn/core-lifecycle-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-server'] --- import kbnCoreLifecycleServerObj from './kbn_core_lifecycle_server.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_server_mocks.mdx b/api_docs/kbn_core_lifecycle_server_mocks.mdx index c3625e2986d56..ee48d34d4c9f1 100644 --- a/api_docs/kbn_core_lifecycle_server_mocks.mdx +++ b/api_docs/kbn_core_lifecycle_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-server-mocks title: "@kbn/core-lifecycle-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-server-mocks'] --- import kbnCoreLifecycleServerMocksObj from './kbn_core_lifecycle_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_logging_browser_mocks.mdx b/api_docs/kbn_core_logging_browser_mocks.mdx index 1a78a8509f0b6..9553d7d559ba8 100644 --- a/api_docs/kbn_core_logging_browser_mocks.mdx +++ b/api_docs/kbn_core_logging_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-browser-mocks title: "@kbn/core-logging-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-browser-mocks'] --- import kbnCoreLoggingBrowserMocksObj from './kbn_core_logging_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_logging_common_internal.mdx b/api_docs/kbn_core_logging_common_internal.mdx index 814375ab0295b..d9ccc6879a23a 100644 --- a/api_docs/kbn_core_logging_common_internal.mdx +++ b/api_docs/kbn_core_logging_common_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-common-internal title: "@kbn/core-logging-common-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-common-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-common-internal'] --- import kbnCoreLoggingCommonInternalObj from './kbn_core_logging_common_internal.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server.mdx b/api_docs/kbn_core_logging_server.mdx index 2ae4ab4762006..7d6d9b1f6620a 100644 --- a/api_docs/kbn_core_logging_server.mdx +++ b/api_docs/kbn_core_logging_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server title: "@kbn/core-logging-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server'] --- import kbnCoreLoggingServerObj from './kbn_core_logging_server.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server_internal.mdx b/api_docs/kbn_core_logging_server_internal.mdx index 256f03d508c00..9e563bebca125 100644 --- a/api_docs/kbn_core_logging_server_internal.mdx +++ b/api_docs/kbn_core_logging_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server-internal title: "@kbn/core-logging-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server-internal'] --- import kbnCoreLoggingServerInternalObj from './kbn_core_logging_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server_mocks.mdx b/api_docs/kbn_core_logging_server_mocks.mdx index 0c5c6ea1c2013..18e53c041a7ef 100644 --- a/api_docs/kbn_core_logging_server_mocks.mdx +++ b/api_docs/kbn_core_logging_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server-mocks title: "@kbn/core-logging-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server-mocks'] --- import kbnCoreLoggingServerMocksObj from './kbn_core_logging_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_collectors_server_internal.mdx b/api_docs/kbn_core_metrics_collectors_server_internal.mdx index 3c32d8654cda8..4122564cc25a7 100644 --- a/api_docs/kbn_core_metrics_collectors_server_internal.mdx +++ b/api_docs/kbn_core_metrics_collectors_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-collectors-server-internal title: "@kbn/core-metrics-collectors-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-collectors-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-collectors-server-internal'] --- import kbnCoreMetricsCollectorsServerInternalObj from './kbn_core_metrics_collectors_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_collectors_server_mocks.mdx b/api_docs/kbn_core_metrics_collectors_server_mocks.mdx index 42064e79efd02..484e130112e4e 100644 --- a/api_docs/kbn_core_metrics_collectors_server_mocks.mdx +++ b/api_docs/kbn_core_metrics_collectors_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-collectors-server-mocks title: "@kbn/core-metrics-collectors-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-collectors-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-collectors-server-mocks'] --- import kbnCoreMetricsCollectorsServerMocksObj from './kbn_core_metrics_collectors_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server.mdx b/api_docs/kbn_core_metrics_server.mdx index 0406b0483d4e5..b006b5d22b206 100644 --- a/api_docs/kbn_core_metrics_server.mdx +++ b/api_docs/kbn_core_metrics_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server title: "@kbn/core-metrics-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server'] --- import kbnCoreMetricsServerObj from './kbn_core_metrics_server.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server_internal.mdx b/api_docs/kbn_core_metrics_server_internal.mdx index ff772adc17989..228a9c9afd90b 100644 --- a/api_docs/kbn_core_metrics_server_internal.mdx +++ b/api_docs/kbn_core_metrics_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server-internal title: "@kbn/core-metrics-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server-internal'] --- import kbnCoreMetricsServerInternalObj from './kbn_core_metrics_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server_mocks.mdx b/api_docs/kbn_core_metrics_server_mocks.mdx index b661f7823b10e..6d5dfc91c1fa6 100644 --- a/api_docs/kbn_core_metrics_server_mocks.mdx +++ b/api_docs/kbn_core_metrics_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server-mocks title: "@kbn/core-metrics-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server-mocks'] --- import kbnCoreMetricsServerMocksObj from './kbn_core_metrics_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_mount_utils_browser.mdx b/api_docs/kbn_core_mount_utils_browser.mdx index 6a966c5cc8446..208aa1e8bcafc 100644 --- a/api_docs/kbn_core_mount_utils_browser.mdx +++ b/api_docs/kbn_core_mount_utils_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-mount-utils-browser title: "@kbn/core-mount-utils-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-mount-utils-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-mount-utils-browser'] --- import kbnCoreMountUtilsBrowserObj from './kbn_core_mount_utils_browser.devdocs.json'; diff --git a/api_docs/kbn_core_node_server.mdx b/api_docs/kbn_core_node_server.mdx index 51eeb32031b98..430f07c9209a1 100644 --- a/api_docs/kbn_core_node_server.mdx +++ b/api_docs/kbn_core_node_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server title: "@kbn/core-node-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server'] --- import kbnCoreNodeServerObj from './kbn_core_node_server.devdocs.json'; diff --git a/api_docs/kbn_core_node_server_internal.mdx b/api_docs/kbn_core_node_server_internal.mdx index 975cc027213f3..7b5b211ea5db8 100644 --- a/api_docs/kbn_core_node_server_internal.mdx +++ b/api_docs/kbn_core_node_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server-internal title: "@kbn/core-node-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server-internal'] --- import kbnCoreNodeServerInternalObj from './kbn_core_node_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_node_server_mocks.mdx b/api_docs/kbn_core_node_server_mocks.mdx index 151f94dcb9e69..79f2b7848c757 100644 --- a/api_docs/kbn_core_node_server_mocks.mdx +++ b/api_docs/kbn_core_node_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server-mocks title: "@kbn/core-node-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server-mocks'] --- import kbnCoreNodeServerMocksObj from './kbn_core_node_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser.mdx b/api_docs/kbn_core_notifications_browser.mdx index 319d87c359ee5..30e8ca7bb1f8c 100644 --- a/api_docs/kbn_core_notifications_browser.mdx +++ b/api_docs/kbn_core_notifications_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser title: "@kbn/core-notifications-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser'] --- import kbnCoreNotificationsBrowserObj from './kbn_core_notifications_browser.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser_internal.mdx b/api_docs/kbn_core_notifications_browser_internal.mdx index 540b22a0c93bd..9662de0d1ea51 100644 --- a/api_docs/kbn_core_notifications_browser_internal.mdx +++ b/api_docs/kbn_core_notifications_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser-internal title: "@kbn/core-notifications-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser-internal'] --- import kbnCoreNotificationsBrowserInternalObj from './kbn_core_notifications_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser_mocks.mdx b/api_docs/kbn_core_notifications_browser_mocks.mdx index ae67e8b45e10e..6c2b744673b40 100644 --- a/api_docs/kbn_core_notifications_browser_mocks.mdx +++ b/api_docs/kbn_core_notifications_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser-mocks title: "@kbn/core-notifications-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser-mocks'] --- import kbnCoreNotificationsBrowserMocksObj from './kbn_core_notifications_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser.mdx b/api_docs/kbn_core_overlays_browser.mdx index 310141dded650..0e063e30829d8 100644 --- a/api_docs/kbn_core_overlays_browser.mdx +++ b/api_docs/kbn_core_overlays_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser title: "@kbn/core-overlays-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser'] --- import kbnCoreOverlaysBrowserObj from './kbn_core_overlays_browser.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser_internal.mdx b/api_docs/kbn_core_overlays_browser_internal.mdx index 243f9cdafc3c3..628434089e2b4 100644 --- a/api_docs/kbn_core_overlays_browser_internal.mdx +++ b/api_docs/kbn_core_overlays_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser-internal title: "@kbn/core-overlays-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser-internal'] --- import kbnCoreOverlaysBrowserInternalObj from './kbn_core_overlays_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser_mocks.mdx b/api_docs/kbn_core_overlays_browser_mocks.mdx index 4f2563bab174d..0589908f869d5 100644 --- a/api_docs/kbn_core_overlays_browser_mocks.mdx +++ b/api_docs/kbn_core_overlays_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser-mocks title: "@kbn/core-overlays-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser-mocks'] --- import kbnCoreOverlaysBrowserMocksObj from './kbn_core_overlays_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_browser.mdx b/api_docs/kbn_core_plugins_browser.mdx index a21591c04197b..b187adce6d83b 100644 --- a/api_docs/kbn_core_plugins_browser.mdx +++ b/api_docs/kbn_core_plugins_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-browser title: "@kbn/core-plugins-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-browser'] --- import kbnCorePluginsBrowserObj from './kbn_core_plugins_browser.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_browser_mocks.mdx b/api_docs/kbn_core_plugins_browser_mocks.mdx index 5880df1e788c2..88975390b8c05 100644 --- a/api_docs/kbn_core_plugins_browser_mocks.mdx +++ b/api_docs/kbn_core_plugins_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-browser-mocks title: "@kbn/core-plugins-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-browser-mocks'] --- import kbnCorePluginsBrowserMocksObj from './kbn_core_plugins_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_server.mdx b/api_docs/kbn_core_plugins_server.mdx index 571ed3432c2dc..20688e0cf3359 100644 --- a/api_docs/kbn_core_plugins_server.mdx +++ b/api_docs/kbn_core_plugins_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-server title: "@kbn/core-plugins-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-server'] --- import kbnCorePluginsServerObj from './kbn_core_plugins_server.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_server_mocks.mdx b/api_docs/kbn_core_plugins_server_mocks.mdx index 1190111cca9c0..511d746c5342e 100644 --- a/api_docs/kbn_core_plugins_server_mocks.mdx +++ b/api_docs/kbn_core_plugins_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-server-mocks title: "@kbn/core-plugins-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-server-mocks'] --- import kbnCorePluginsServerMocksObj from './kbn_core_plugins_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_preboot_server.mdx b/api_docs/kbn_core_preboot_server.mdx index 42198e233860d..18232494f5218 100644 --- a/api_docs/kbn_core_preboot_server.mdx +++ b/api_docs/kbn_core_preboot_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-preboot-server title: "@kbn/core-preboot-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-preboot-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-preboot-server'] --- import kbnCorePrebootServerObj from './kbn_core_preboot_server.devdocs.json'; diff --git a/api_docs/kbn_core_preboot_server_mocks.mdx b/api_docs/kbn_core_preboot_server_mocks.mdx index 80f08df6bbb46..43c5474fbd762 100644 --- a/api_docs/kbn_core_preboot_server_mocks.mdx +++ b/api_docs/kbn_core_preboot_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-preboot-server-mocks title: "@kbn/core-preboot-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-preboot-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-preboot-server-mocks'] --- import kbnCorePrebootServerMocksObj from './kbn_core_preboot_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_browser_mocks.mdx b/api_docs/kbn_core_rendering_browser_mocks.mdx index a2293deeda203..8d225396432a3 100644 --- a/api_docs/kbn_core_rendering_browser_mocks.mdx +++ b/api_docs/kbn_core_rendering_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-browser-mocks title: "@kbn/core-rendering-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-browser-mocks'] --- import kbnCoreRenderingBrowserMocksObj from './kbn_core_rendering_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_server_internal.mdx b/api_docs/kbn_core_rendering_server_internal.mdx index c89c781f12213..77f4db4d914cb 100644 --- a/api_docs/kbn_core_rendering_server_internal.mdx +++ b/api_docs/kbn_core_rendering_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-server-internal title: "@kbn/core-rendering-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-server-internal'] --- import kbnCoreRenderingServerInternalObj from './kbn_core_rendering_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_server_mocks.mdx b/api_docs/kbn_core_rendering_server_mocks.mdx index 039d838d0c2ea..e2b3ed2079b85 100644 --- a/api_docs/kbn_core_rendering_server_mocks.mdx +++ b/api_docs/kbn_core_rendering_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-server-mocks title: "@kbn/core-rendering-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-server-mocks'] --- import kbnCoreRenderingServerMocksObj from './kbn_core_rendering_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_root_server_internal.mdx b/api_docs/kbn_core_root_server_internal.mdx index e0d7426e3d74e..43a05a4830348 100644 --- a/api_docs/kbn_core_root_server_internal.mdx +++ b/api_docs/kbn_core_root_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-root-server-internal title: "@kbn/core-root-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-root-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-root-server-internal'] --- import kbnCoreRootServerInternalObj from './kbn_core_root_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_browser.mdx b/api_docs/kbn_core_saved_objects_api_browser.mdx index 1e7825ce8078e..a5fdb28ac1a15 100644 --- a/api_docs/kbn_core_saved_objects_api_browser.mdx +++ b/api_docs/kbn_core_saved_objects_api_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-browser title: "@kbn/core-saved-objects-api-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-browser'] --- import kbnCoreSavedObjectsApiBrowserObj from './kbn_core_saved_objects_api_browser.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_server.mdx b/api_docs/kbn_core_saved_objects_api_server.mdx index 8076e2f0a36ff..6ca4187619377 100644 --- a/api_docs/kbn_core_saved_objects_api_server.mdx +++ b/api_docs/kbn_core_saved_objects_api_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-server title: "@kbn/core-saved-objects-api-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-server'] --- import kbnCoreSavedObjectsApiServerObj from './kbn_core_saved_objects_api_server.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_server_mocks.mdx b/api_docs/kbn_core_saved_objects_api_server_mocks.mdx index fa0d2d074a5e4..b778bbe9364bb 100644 --- a/api_docs/kbn_core_saved_objects_api_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_api_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-server-mocks title: "@kbn/core-saved-objects-api-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-server-mocks'] --- import kbnCoreSavedObjectsApiServerMocksObj from './kbn_core_saved_objects_api_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_base_server_internal.mdx b/api_docs/kbn_core_saved_objects_base_server_internal.mdx index 1a371c8ec1903..e18d405d91797 100644 --- a/api_docs/kbn_core_saved_objects_base_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_base_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-base-server-internal title: "@kbn/core-saved-objects-base-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-base-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-base-server-internal'] --- import kbnCoreSavedObjectsBaseServerInternalObj from './kbn_core_saved_objects_base_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_base_server_mocks.mdx b/api_docs/kbn_core_saved_objects_base_server_mocks.mdx index 8b9ecad86b3ad..6245b9f84e2dc 100644 --- a/api_docs/kbn_core_saved_objects_base_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_base_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-base-server-mocks title: "@kbn/core-saved-objects-base-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-base-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-base-server-mocks'] --- import kbnCoreSavedObjectsBaseServerMocksObj from './kbn_core_saved_objects_base_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser.mdx b/api_docs/kbn_core_saved_objects_browser.mdx index 84ee2004c2a08..682786c285bbf 100644 --- a/api_docs/kbn_core_saved_objects_browser.mdx +++ b/api_docs/kbn_core_saved_objects_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser title: "@kbn/core-saved-objects-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser'] --- import kbnCoreSavedObjectsBrowserObj from './kbn_core_saved_objects_browser.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser_internal.mdx b/api_docs/kbn_core_saved_objects_browser_internal.mdx index 506c73cf096e8..4233c1de3f9e7 100644 --- a/api_docs/kbn_core_saved_objects_browser_internal.mdx +++ b/api_docs/kbn_core_saved_objects_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser-internal title: "@kbn/core-saved-objects-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser-internal'] --- import kbnCoreSavedObjectsBrowserInternalObj from './kbn_core_saved_objects_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser_mocks.mdx b/api_docs/kbn_core_saved_objects_browser_mocks.mdx index b4a82df25a195..3612ddf2f46cf 100644 --- a/api_docs/kbn_core_saved_objects_browser_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser-mocks title: "@kbn/core-saved-objects-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser-mocks'] --- import kbnCoreSavedObjectsBrowserMocksObj from './kbn_core_saved_objects_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_common.mdx b/api_docs/kbn_core_saved_objects_common.mdx index 3110041812f7f..aeb0a3e44d6c8 100644 --- a/api_docs/kbn_core_saved_objects_common.mdx +++ b/api_docs/kbn_core_saved_objects_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-common title: "@kbn/core-saved-objects-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-common'] --- import kbnCoreSavedObjectsCommonObj from './kbn_core_saved_objects_common.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx b/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx index 98a5e7a84c76e..d543d8dc3f58b 100644 --- a/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-import-export-server-internal title: "@kbn/core-saved-objects-import-export-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-import-export-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-import-export-server-internal'] --- import kbnCoreSavedObjectsImportExportServerInternalObj from './kbn_core_saved_objects_import_export_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx b/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx index 52040246662ab..cfc0842120a33 100644 --- a/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-import-export-server-mocks title: "@kbn/core-saved-objects-import-export-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-import-export-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-import-export-server-mocks'] --- import kbnCoreSavedObjectsImportExportServerMocksObj from './kbn_core_saved_objects_import_export_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_migration_server_internal.mdx b/api_docs/kbn_core_saved_objects_migration_server_internal.mdx index e22bfc4ecbaa2..b9fb4c04fa15d 100644 --- a/api_docs/kbn_core_saved_objects_migration_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_migration_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-migration-server-internal title: "@kbn/core-saved-objects-migration-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-migration-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-migration-server-internal'] --- import kbnCoreSavedObjectsMigrationServerInternalObj from './kbn_core_saved_objects_migration_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx b/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx index 11ecd6e43744a..00e3dbc431637 100644 --- a/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-migration-server-mocks title: "@kbn/core-saved-objects-migration-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-migration-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-migration-server-mocks'] --- import kbnCoreSavedObjectsMigrationServerMocksObj from './kbn_core_saved_objects_migration_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server.mdx b/api_docs/kbn_core_saved_objects_server.mdx index 7a884888fab7d..67bd3a81c2e87 100644 --- a/api_docs/kbn_core_saved_objects_server.mdx +++ b/api_docs/kbn_core_saved_objects_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server title: "@kbn/core-saved-objects-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server'] --- import kbnCoreSavedObjectsServerObj from './kbn_core_saved_objects_server.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server_internal.mdx b/api_docs/kbn_core_saved_objects_server_internal.mdx index 8a6d3004d3536..69386c22820a6 100644 --- a/api_docs/kbn_core_saved_objects_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server-internal title: "@kbn/core-saved-objects-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server-internal'] --- import kbnCoreSavedObjectsServerInternalObj from './kbn_core_saved_objects_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server_mocks.mdx b/api_docs/kbn_core_saved_objects_server_mocks.mdx index 2247ebd114cc3..f3b6dde182365 100644 --- a/api_docs/kbn_core_saved_objects_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server-mocks title: "@kbn/core-saved-objects-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server-mocks'] --- import kbnCoreSavedObjectsServerMocksObj from './kbn_core_saved_objects_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_utils_server.mdx b/api_docs/kbn_core_saved_objects_utils_server.mdx index 69f38ebde7b95..e09befb9885e3 100644 --- a/api_docs/kbn_core_saved_objects_utils_server.mdx +++ b/api_docs/kbn_core_saved_objects_utils_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-utils-server title: "@kbn/core-saved-objects-utils-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-utils-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-utils-server'] --- import kbnCoreSavedObjectsUtilsServerObj from './kbn_core_saved_objects_utils_server.devdocs.json'; diff --git a/api_docs/kbn_core_status_common.mdx b/api_docs/kbn_core_status_common.mdx index 125534579a6b6..306c3bf4ff04b 100644 --- a/api_docs/kbn_core_status_common.mdx +++ b/api_docs/kbn_core_status_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-common title: "@kbn/core-status-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-common'] --- import kbnCoreStatusCommonObj from './kbn_core_status_common.devdocs.json'; diff --git a/api_docs/kbn_core_status_common_internal.mdx b/api_docs/kbn_core_status_common_internal.mdx index a9747a6cedd65..34172c5daf378 100644 --- a/api_docs/kbn_core_status_common_internal.mdx +++ b/api_docs/kbn_core_status_common_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-common-internal title: "@kbn/core-status-common-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-common-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-common-internal'] --- import kbnCoreStatusCommonInternalObj from './kbn_core_status_common_internal.devdocs.json'; diff --git a/api_docs/kbn_core_status_server.mdx b/api_docs/kbn_core_status_server.mdx index 759f90a84ae3b..7fda07aede57a 100644 --- a/api_docs/kbn_core_status_server.mdx +++ b/api_docs/kbn_core_status_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server title: "@kbn/core-status-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server'] --- import kbnCoreStatusServerObj from './kbn_core_status_server.devdocs.json'; diff --git a/api_docs/kbn_core_status_server_internal.mdx b/api_docs/kbn_core_status_server_internal.mdx index 4dd7efdab47b0..e31826207550b 100644 --- a/api_docs/kbn_core_status_server_internal.mdx +++ b/api_docs/kbn_core_status_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server-internal title: "@kbn/core-status-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server-internal'] --- import kbnCoreStatusServerInternalObj from './kbn_core_status_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_status_server_mocks.mdx b/api_docs/kbn_core_status_server_mocks.mdx index e86cca75f4e74..4c864920b59b1 100644 --- a/api_docs/kbn_core_status_server_mocks.mdx +++ b/api_docs/kbn_core_status_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server-mocks title: "@kbn/core-status-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server-mocks'] --- import kbnCoreStatusServerMocksObj from './kbn_core_status_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_deprecations_getters.mdx b/api_docs/kbn_core_test_helpers_deprecations_getters.mdx index bfa9f231ff89d..9c48bee8a868e 100644 --- a/api_docs/kbn_core_test_helpers_deprecations_getters.mdx +++ b/api_docs/kbn_core_test_helpers_deprecations_getters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-deprecations-getters title: "@kbn/core-test-helpers-deprecations-getters" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-deprecations-getters plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-deprecations-getters'] --- import kbnCoreTestHelpersDeprecationsGettersObj from './kbn_core_test_helpers_deprecations_getters.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_http_setup_browser.mdx b/api_docs/kbn_core_test_helpers_http_setup_browser.mdx index 8f458a1241998..7bfee4ab92378 100644 --- a/api_docs/kbn_core_test_helpers_http_setup_browser.mdx +++ b/api_docs/kbn_core_test_helpers_http_setup_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-http-setup-browser title: "@kbn/core-test-helpers-http-setup-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-http-setup-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-http-setup-browser'] --- import kbnCoreTestHelpersHttpSetupBrowserObj from './kbn_core_test_helpers_http_setup_browser.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_kbn_server.mdx b/api_docs/kbn_core_test_helpers_kbn_server.mdx index 57851b7d2a29b..f00950d3251d2 100644 --- a/api_docs/kbn_core_test_helpers_kbn_server.mdx +++ b/api_docs/kbn_core_test_helpers_kbn_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-kbn-server title: "@kbn/core-test-helpers-kbn-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-kbn-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-kbn-server'] --- import kbnCoreTestHelpersKbnServerObj from './kbn_core_test_helpers_kbn_server.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_model_versions.mdx b/api_docs/kbn_core_test_helpers_model_versions.mdx index 3bebca901cb3b..dd27cea8ebd15 100644 --- a/api_docs/kbn_core_test_helpers_model_versions.mdx +++ b/api_docs/kbn_core_test_helpers_model_versions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-model-versions title: "@kbn/core-test-helpers-model-versions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-model-versions plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-model-versions'] --- import kbnCoreTestHelpersModelVersionsObj from './kbn_core_test_helpers_model_versions.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_so_type_serializer.mdx b/api_docs/kbn_core_test_helpers_so_type_serializer.mdx index 1633bf97e609d..f85991d54381a 100644 --- a/api_docs/kbn_core_test_helpers_so_type_serializer.mdx +++ b/api_docs/kbn_core_test_helpers_so_type_serializer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-so-type-serializer title: "@kbn/core-test-helpers-so-type-serializer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-so-type-serializer plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-so-type-serializer'] --- import kbnCoreTestHelpersSoTypeSerializerObj from './kbn_core_test_helpers_so_type_serializer.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_test_utils.mdx b/api_docs/kbn_core_test_helpers_test_utils.mdx index 5b7c2a28d9f60..b6bcb0a8145c3 100644 --- a/api_docs/kbn_core_test_helpers_test_utils.mdx +++ b/api_docs/kbn_core_test_helpers_test_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-test-utils title: "@kbn/core-test-helpers-test-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-test-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-test-utils'] --- import kbnCoreTestHelpersTestUtilsObj from './kbn_core_test_helpers_test_utils.devdocs.json'; diff --git a/api_docs/kbn_core_theme_browser.mdx b/api_docs/kbn_core_theme_browser.mdx index 9758a42a8bf6d..780b1528a4ea5 100644 --- a/api_docs/kbn_core_theme_browser.mdx +++ b/api_docs/kbn_core_theme_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-theme-browser title: "@kbn/core-theme-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-theme-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-theme-browser'] --- import kbnCoreThemeBrowserObj from './kbn_core_theme_browser.devdocs.json'; diff --git a/api_docs/kbn_core_theme_browser_mocks.mdx b/api_docs/kbn_core_theme_browser_mocks.mdx index 203acc81167ed..bc8d67d4040dc 100644 --- a/api_docs/kbn_core_theme_browser_mocks.mdx +++ b/api_docs/kbn_core_theme_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-theme-browser-mocks title: "@kbn/core-theme-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-theme-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-theme-browser-mocks'] --- import kbnCoreThemeBrowserMocksObj from './kbn_core_theme_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser.mdx b/api_docs/kbn_core_ui_settings_browser.mdx index 68c710ee4d260..7c450f1469102 100644 --- a/api_docs/kbn_core_ui_settings_browser.mdx +++ b/api_docs/kbn_core_ui_settings_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser title: "@kbn/core-ui-settings-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser'] --- import kbnCoreUiSettingsBrowserObj from './kbn_core_ui_settings_browser.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser_internal.mdx b/api_docs/kbn_core_ui_settings_browser_internal.mdx index 45cb836ecd635..c26a722159eb1 100644 --- a/api_docs/kbn_core_ui_settings_browser_internal.mdx +++ b/api_docs/kbn_core_ui_settings_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser-internal title: "@kbn/core-ui-settings-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser-internal'] --- import kbnCoreUiSettingsBrowserInternalObj from './kbn_core_ui_settings_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser_mocks.mdx b/api_docs/kbn_core_ui_settings_browser_mocks.mdx index 64410905062e0..bb4edafd834a1 100644 --- a/api_docs/kbn_core_ui_settings_browser_mocks.mdx +++ b/api_docs/kbn_core_ui_settings_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser-mocks title: "@kbn/core-ui-settings-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser-mocks'] --- import kbnCoreUiSettingsBrowserMocksObj from './kbn_core_ui_settings_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_common.mdx b/api_docs/kbn_core_ui_settings_common.mdx index 04d83683e797b..2aada7290cd12 100644 --- a/api_docs/kbn_core_ui_settings_common.mdx +++ b/api_docs/kbn_core_ui_settings_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-common title: "@kbn/core-ui-settings-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-common'] --- import kbnCoreUiSettingsCommonObj from './kbn_core_ui_settings_common.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server.mdx b/api_docs/kbn_core_ui_settings_server.mdx index c22e8d5c8721c..7feb9ba80933d 100644 --- a/api_docs/kbn_core_ui_settings_server.mdx +++ b/api_docs/kbn_core_ui_settings_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server title: "@kbn/core-ui-settings-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server'] --- import kbnCoreUiSettingsServerObj from './kbn_core_ui_settings_server.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server_internal.mdx b/api_docs/kbn_core_ui_settings_server_internal.mdx index 4f917234096f4..5cc0c32a01b34 100644 --- a/api_docs/kbn_core_ui_settings_server_internal.mdx +++ b/api_docs/kbn_core_ui_settings_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server-internal title: "@kbn/core-ui-settings-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server-internal'] --- import kbnCoreUiSettingsServerInternalObj from './kbn_core_ui_settings_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server_mocks.mdx b/api_docs/kbn_core_ui_settings_server_mocks.mdx index b6c6b9c3d0699..a86be77e7fd40 100644 --- a/api_docs/kbn_core_ui_settings_server_mocks.mdx +++ b/api_docs/kbn_core_ui_settings_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server-mocks title: "@kbn/core-ui-settings-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server-mocks'] --- import kbnCoreUiSettingsServerMocksObj from './kbn_core_ui_settings_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server.mdx b/api_docs/kbn_core_usage_data_server.mdx index 29dfd0acc1cdb..0cf331c177164 100644 --- a/api_docs/kbn_core_usage_data_server.mdx +++ b/api_docs/kbn_core_usage_data_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server title: "@kbn/core-usage-data-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server'] --- import kbnCoreUsageDataServerObj from './kbn_core_usage_data_server.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server_internal.mdx b/api_docs/kbn_core_usage_data_server_internal.mdx index ceff5594fb719..88e2d4ca7ed20 100644 --- a/api_docs/kbn_core_usage_data_server_internal.mdx +++ b/api_docs/kbn_core_usage_data_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server-internal title: "@kbn/core-usage-data-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server-internal'] --- import kbnCoreUsageDataServerInternalObj from './kbn_core_usage_data_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server_mocks.mdx b/api_docs/kbn_core_usage_data_server_mocks.mdx index d9ae19c2b9f08..500fe7daef5a6 100644 --- a/api_docs/kbn_core_usage_data_server_mocks.mdx +++ b/api_docs/kbn_core_usage_data_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server-mocks title: "@kbn/core-usage-data-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server-mocks'] --- import kbnCoreUsageDataServerMocksObj from './kbn_core_usage_data_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server.mdx b/api_docs/kbn_core_user_settings_server.mdx index 22f7d233d1fe3..1a978c80d86de 100644 --- a/api_docs/kbn_core_user_settings_server.mdx +++ b/api_docs/kbn_core_user_settings_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server title: "@kbn/core-user-settings-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server'] --- import kbnCoreUserSettingsServerObj from './kbn_core_user_settings_server.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server_internal.mdx b/api_docs/kbn_core_user_settings_server_internal.mdx index 803005652a87f..d6c253ca4a0aa 100644 --- a/api_docs/kbn_core_user_settings_server_internal.mdx +++ b/api_docs/kbn_core_user_settings_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server-internal title: "@kbn/core-user-settings-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server-internal plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server-internal'] --- import kbnCoreUserSettingsServerInternalObj from './kbn_core_user_settings_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server_mocks.mdx b/api_docs/kbn_core_user_settings_server_mocks.mdx index 62ecfa529b8ff..a5c83424b3815 100644 --- a/api_docs/kbn_core_user_settings_server_mocks.mdx +++ b/api_docs/kbn_core_user_settings_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server-mocks title: "@kbn/core-user-settings-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server-mocks'] --- import kbnCoreUserSettingsServerMocksObj from './kbn_core_user_settings_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_crypto.mdx b/api_docs/kbn_crypto.mdx index 289fa82165a64..f5127acf46b54 100644 --- a/api_docs/kbn_crypto.mdx +++ b/api_docs/kbn_crypto.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-crypto title: "@kbn/crypto" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/crypto plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/crypto'] --- import kbnCryptoObj from './kbn_crypto.devdocs.json'; diff --git a/api_docs/kbn_crypto_browser.mdx b/api_docs/kbn_crypto_browser.mdx index eeeb48b8a2d69..6300db53ad23c 100644 --- a/api_docs/kbn_crypto_browser.mdx +++ b/api_docs/kbn_crypto_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-crypto-browser title: "@kbn/crypto-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/crypto-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/crypto-browser'] --- import kbnCryptoBrowserObj from './kbn_crypto_browser.devdocs.json'; diff --git a/api_docs/kbn_custom_integrations.mdx b/api_docs/kbn_custom_integrations.mdx index 151cc49157c9b..7403676ecbfe3 100644 --- a/api_docs/kbn_custom_integrations.mdx +++ b/api_docs/kbn_custom_integrations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-custom-integrations title: "@kbn/custom-integrations" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/custom-integrations plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/custom-integrations'] --- import kbnCustomIntegrationsObj from './kbn_custom_integrations.devdocs.json'; diff --git a/api_docs/kbn_cypress_config.mdx b/api_docs/kbn_cypress_config.mdx index e7a3a2dbcc9e5..e4eebb28aa278 100644 --- a/api_docs/kbn_cypress_config.mdx +++ b/api_docs/kbn_cypress_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cypress-config title: "@kbn/cypress-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cypress-config plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cypress-config'] --- import kbnCypressConfigObj from './kbn_cypress_config.devdocs.json'; diff --git a/api_docs/kbn_data_service.mdx b/api_docs/kbn_data_service.mdx index 03a71fd9484f3..450d4683381ec 100644 --- a/api_docs/kbn_data_service.mdx +++ b/api_docs/kbn_data_service.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-service title: "@kbn/data-service" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-service plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-service'] --- import kbnDataServiceObj from './kbn_data_service.devdocs.json'; diff --git a/api_docs/kbn_datemath.mdx b/api_docs/kbn_datemath.mdx index 1308b7455d408..5be6e619c00d9 100644 --- a/api_docs/kbn_datemath.mdx +++ b/api_docs/kbn_datemath.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-datemath title: "@kbn/datemath" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/datemath plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/datemath'] --- import kbnDatemathObj from './kbn_datemath.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_analytics.mdx b/api_docs/kbn_deeplinks_analytics.mdx index 4a4998f3ad48c..9ab35491d4f09 100644 --- a/api_docs/kbn_deeplinks_analytics.mdx +++ b/api_docs/kbn_deeplinks_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-analytics title: "@kbn/deeplinks-analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-analytics plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-analytics'] --- import kbnDeeplinksAnalyticsObj from './kbn_deeplinks_analytics.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_devtools.mdx b/api_docs/kbn_deeplinks_devtools.mdx index d72a545ea10c3..ac678cc4db130 100644 --- a/api_docs/kbn_deeplinks_devtools.mdx +++ b/api_docs/kbn_deeplinks_devtools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-devtools title: "@kbn/deeplinks-devtools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-devtools plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-devtools'] --- import kbnDeeplinksDevtoolsObj from './kbn_deeplinks_devtools.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_management.mdx b/api_docs/kbn_deeplinks_management.mdx index f863bcfd7566a..269496e9686a2 100644 --- a/api_docs/kbn_deeplinks_management.mdx +++ b/api_docs/kbn_deeplinks_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-management title: "@kbn/deeplinks-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-management plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-management'] --- import kbnDeeplinksManagementObj from './kbn_deeplinks_management.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_ml.mdx b/api_docs/kbn_deeplinks_ml.mdx index 67a843c745d28..252dee970991b 100644 --- a/api_docs/kbn_deeplinks_ml.mdx +++ b/api_docs/kbn_deeplinks_ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-ml title: "@kbn/deeplinks-ml" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-ml plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-ml'] --- import kbnDeeplinksMlObj from './kbn_deeplinks_ml.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_observability.mdx b/api_docs/kbn_deeplinks_observability.mdx index 0d213c503fa85..56f26e52ef833 100644 --- a/api_docs/kbn_deeplinks_observability.mdx +++ b/api_docs/kbn_deeplinks_observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-observability title: "@kbn/deeplinks-observability" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-observability plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-observability'] --- import kbnDeeplinksObservabilityObj from './kbn_deeplinks_observability.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_search.mdx b/api_docs/kbn_deeplinks_search.mdx index 59d0e76084db4..da17722411f64 100644 --- a/api_docs/kbn_deeplinks_search.mdx +++ b/api_docs/kbn_deeplinks_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-search title: "@kbn/deeplinks-search" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-search plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-search'] --- import kbnDeeplinksSearchObj from './kbn_deeplinks_search.devdocs.json'; diff --git a/api_docs/kbn_default_nav_analytics.devdocs.json b/api_docs/kbn_default_nav_analytics.devdocs.json index 0a3d565d12d10..ed0fc87f7eb63 100644 --- a/api_docs/kbn_default_nav_analytics.devdocs.json +++ b/api_docs/kbn_default_nav_analytics.devdocs.json @@ -61,7 +61,7 @@ "section": "def-common.NavigationID", "text": "NavigationID" }, - "> & { children: NonEmptyArray<", + "> & { children: ", { "pluginId": "@kbn/core-chrome-browser", "scope": "common", @@ -93,7 +93,7 @@ "section": "def-common.NavigationID", "text": "NavigationID" }, - ">>; }" + ">[]; }" ], "path": "packages/default-nav/analytics/default_navigation.ts", "deprecated": false, @@ -167,12 +167,12 @@ { "parentPluginId": "@kbn/default-nav-analytics", "id": "def-common.defaultNavigation.children", - "type": "Object", + "type": "Array", "tags": [], "label": "children", "description": [], "signature": [ - "[{ link: \"discover\"; }, { link: \"dashboards\"; }, { link: \"visualize\"; }]" + "({ link: \"discover\"; } | { link: \"dashboards\"; } | { link: \"visualize\"; })[]" ], "path": "packages/default-nav/analytics/default_navigation.ts", "deprecated": false, diff --git a/api_docs/kbn_default_nav_analytics.mdx b/api_docs/kbn_default_nav_analytics.mdx index 789b32261a3dc..2ee8492f11643 100644 --- a/api_docs/kbn_default_nav_analytics.mdx +++ b/api_docs/kbn_default_nav_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-analytics title: "@kbn/default-nav-analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-analytics plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-analytics'] --- import kbnDefaultNavAnalyticsObj from './kbn_default_nav_analytics.devdocs.json'; diff --git a/api_docs/kbn_default_nav_devtools.devdocs.json b/api_docs/kbn_default_nav_devtools.devdocs.json index c9155ee9f1a89..450d8ef0ed009 100644 --- a/api_docs/kbn_default_nav_devtools.devdocs.json +++ b/api_docs/kbn_default_nav_devtools.devdocs.json @@ -61,7 +61,7 @@ "section": "def-common.NavigationID", "text": "NavigationID" }, - "> & { children: NonEmptyArray<", + "> & { children: ", { "pluginId": "@kbn/core-chrome-browser", "scope": "common", @@ -93,7 +93,7 @@ "section": "def-common.NavigationID", "text": "NavigationID" }, - ">>; }" + ">[]; }" ], "path": "packages/default-nav/devtools/default_navigation.ts", "deprecated": false, @@ -167,12 +167,12 @@ { "parentPluginId": "@kbn/default-nav-devtools", "id": "def-common.defaultNavigation.children", - "type": "Object", + "type": "Array", "tags": [], "label": "children", "description": [], "signature": [ - "[{ link: \"dev_tools:console\"; }, { link: \"dev_tools:searchprofiler\"; }, { link: \"dev_tools:grokdebugger\"; }, { link: \"dev_tools:painless_lab\"; }]" + "({ link: \"dev_tools:console\"; } | { link: \"dev_tools:searchprofiler\"; } | { link: \"dev_tools:grokdebugger\"; } | { link: \"dev_tools:painless_lab\"; })[]" ], "path": "packages/default-nav/devtools/default_navigation.ts", "deprecated": false, diff --git a/api_docs/kbn_default_nav_devtools.mdx b/api_docs/kbn_default_nav_devtools.mdx index f997d6b329962..7ab0d9a6c8bc6 100644 --- a/api_docs/kbn_default_nav_devtools.mdx +++ b/api_docs/kbn_default_nav_devtools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-devtools title: "@kbn/default-nav-devtools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-devtools plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-devtools'] --- import kbnDefaultNavDevtoolsObj from './kbn_default_nav_devtools.devdocs.json'; diff --git a/api_docs/kbn_default_nav_management.devdocs.json b/api_docs/kbn_default_nav_management.devdocs.json index 8a4ab5949e6f5..7f0c46ca01e9a 100644 --- a/api_docs/kbn_default_nav_management.devdocs.json +++ b/api_docs/kbn_default_nav_management.devdocs.json @@ -61,7 +61,7 @@ "section": "def-common.NavigationID", "text": "NavigationID" }, - "> & { children: NonEmptyArray<", + "> & { children: ", { "pluginId": "@kbn/core-chrome-browser", "scope": "common", @@ -93,7 +93,7 @@ "section": "def-common.NavigationID", "text": "NavigationID" }, - ">>; }" + ">[]; }" ], "path": "packages/default-nav/management/default_navigation.ts", "deprecated": false, @@ -167,12 +167,12 @@ { "parentPluginId": "@kbn/default-nav-management", "id": "def-common.defaultNavigation.children", - "type": "Object", + "type": "Array", "tags": [], "label": "children", "description": [], "signature": [ - "[{ link: \"monitoring\"; }, { id: \"integration_management\"; title: string; children: [{ link: \"integrations\"; }, { link: \"fleet\"; }, { link: \"osquery\"; }]; }, { id: \"stack_management\"; title: string; children: [{ id: \"ingest\"; title: string; children: [{ link: \"management:ingest_pipelines\"; }, { link: \"management:pipelines\"; }]; }, { id: \"data\"; title: string; children: [{ link: \"management:index_management\"; }, { link: \"management:transform\"; }]; }, { id: \"alerts_and_insights\"; title: string; children: [{ link: \"management:triggersActions\"; }, { link: \"management:cases\"; }, { link: \"management:triggersActionsConnectors\"; }, { link: \"management:jobsListLink\"; }]; }, { id: \"kibana\"; title: string; children: [{ link: \"management:dataViews\"; }, { link: \"management:objects\"; }, { link: \"management:tags\"; }, { link: \"management:spaces\"; }, { link: \"management:settings\"; }]; }]; }]" + "({ link: \"monitoring\"; } | { id: \"integration_management\"; title: string; children: ({ link: \"integrations\"; } | { link: \"fleet\"; } | { link: \"osquery\"; })[]; } | { id: \"stack_management\"; title: string; children: ({ id: \"ingest\"; title: string; children: ({ link: \"management:ingest_pipelines\"; } | { link: \"management:pipelines\"; })[]; } | { id: \"data\"; title: string; children: ({ link: \"management:index_management\"; } | { link: \"management:transform\"; })[]; } | { id: \"alerts_and_insights\"; title: string; children: ({ link: \"management:triggersActions\"; } | { link: \"management:cases\"; } | { link: \"management:triggersActionsConnectors\"; } | { link: \"management:jobsListLink\"; })[]; } | { id: \"kibana\"; title: string; children: ({ link: \"management:dataViews\"; } | { link: \"management:objects\"; } | { link: \"management:tags\"; } | { link: \"management:spaces\"; } | { link: \"management:settings\"; })[]; })[]; })[]" ], "path": "packages/default-nav/management/default_navigation.ts", "deprecated": false, diff --git a/api_docs/kbn_default_nav_management.mdx b/api_docs/kbn_default_nav_management.mdx index 23089a8c2cdfd..81e6815e53892 100644 --- a/api_docs/kbn_default_nav_management.mdx +++ b/api_docs/kbn_default_nav_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-management title: "@kbn/default-nav-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-management plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-management'] --- import kbnDefaultNavManagementObj from './kbn_default_nav_management.devdocs.json'; diff --git a/api_docs/kbn_default_nav_ml.devdocs.json b/api_docs/kbn_default_nav_ml.devdocs.json index 789fee35acf13..1f8c6a7e60e64 100644 --- a/api_docs/kbn_default_nav_ml.devdocs.json +++ b/api_docs/kbn_default_nav_ml.devdocs.json @@ -61,7 +61,7 @@ "section": "def-common.NavigationID", "text": "NavigationID" }, - "> & { children: NonEmptyArray<", + "> & { children: ", { "pluginId": "@kbn/core-chrome-browser", "scope": "common", @@ -93,7 +93,7 @@ "section": "def-common.NavigationID", "text": "NavigationID" }, - ">>; }" + ">[]; }" ], "path": "packages/default-nav/ml/default_navigation.ts", "deprecated": false, @@ -167,12 +167,12 @@ { "parentPluginId": "@kbn/default-nav-ml", "id": "def-common.defaultNavigation.children", - "type": "Object", + "type": "Array", "tags": [], "label": "children", "description": [], "signature": [ - "[{ link: \"ml:overview\"; }, { link: \"ml:notifications\"; }, { title: string; id: \"anomaly_detection\"; children: [{ title: string; link: \"ml:anomalyDetection\"; }, { link: \"ml:anomalyExplorer\"; }, { link: \"ml:singleMetricViewer\"; }, { link: \"ml:settings\"; }]; }, { id: \"data_frame_analytics\"; title: string; children: [{ title: string; link: \"ml:dataFrameAnalytics\"; }, { link: \"ml:resultExplorer\"; }, { link: \"ml:analyticsMap\"; }]; }, { id: \"model_management\"; title: string; children: [{ link: \"ml:nodesOverview\"; }, { link: \"ml:nodes\"; }]; }, { id: \"data_visualizer\"; title: string; children: [{ title: string; link: \"ml:fileUpload\"; }, { title: string; link: \"ml:indexDataVisualizer\"; }, { title: string; link: \"ml:dataDrift\"; }]; }, { id: \"aiops_labs\"; title: string; children: [{ link: \"ml:logRateAnalysis\"; }, { link: \"ml:logPatternAnalysis\"; }, { link: \"ml:changePointDetections\"; }]; }]" + "({ link: \"ml:overview\"; } | { link: \"ml:notifications\"; } | { title: string; id: \"anomaly_detection\"; children: ({ title: string; link: \"ml:anomalyDetection\"; } | { link: \"ml:anomalyExplorer\"; } | { link: \"ml:singleMetricViewer\"; } | { link: \"ml:settings\"; })[]; } | { id: \"data_frame_analytics\"; title: string; children: ({ title: string; link: \"ml:dataFrameAnalytics\"; } | { link: \"ml:resultExplorer\"; } | { link: \"ml:analyticsMap\"; })[]; } | { id: \"model_management\"; title: string; children: ({ link: \"ml:nodesOverview\"; } | { link: \"ml:nodes\"; })[]; } | { id: \"data_visualizer\"; title: string; children: ({ title: string; link: \"ml:fileUpload\"; } | { title: string; link: \"ml:indexDataVisualizer\"; } | { title: string; link: \"ml:dataDrift\"; })[]; } | { id: \"aiops_labs\"; title: string; children: ({ link: \"ml:logRateAnalysis\"; } | { link: \"ml:logPatternAnalysis\"; } | { link: \"ml:changePointDetections\"; })[]; })[]" ], "path": "packages/default-nav/ml/default_navigation.ts", "deprecated": false, diff --git a/api_docs/kbn_default_nav_ml.mdx b/api_docs/kbn_default_nav_ml.mdx index bde41cb285650..4e42786966ed8 100644 --- a/api_docs/kbn_default_nav_ml.mdx +++ b/api_docs/kbn_default_nav_ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-ml title: "@kbn/default-nav-ml" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-ml plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-ml'] --- import kbnDefaultNavMlObj from './kbn_default_nav_ml.devdocs.json'; diff --git a/api_docs/kbn_dev_cli_errors.mdx b/api_docs/kbn_dev_cli_errors.mdx index 21b0e0cfd841d..7ff6d27362ad3 100644 --- a/api_docs/kbn_dev_cli_errors.mdx +++ b/api_docs/kbn_dev_cli_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-cli-errors title: "@kbn/dev-cli-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-cli-errors plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-cli-errors'] --- import kbnDevCliErrorsObj from './kbn_dev_cli_errors.devdocs.json'; diff --git a/api_docs/kbn_dev_cli_runner.mdx b/api_docs/kbn_dev_cli_runner.mdx index 04025ae09c643..914bc6f5d32ea 100644 --- a/api_docs/kbn_dev_cli_runner.mdx +++ b/api_docs/kbn_dev_cli_runner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-cli-runner title: "@kbn/dev-cli-runner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-cli-runner plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-cli-runner'] --- import kbnDevCliRunnerObj from './kbn_dev_cli_runner.devdocs.json'; diff --git a/api_docs/kbn_dev_proc_runner.mdx b/api_docs/kbn_dev_proc_runner.mdx index 65c1b9041d81a..2cd09c8f99c20 100644 --- a/api_docs/kbn_dev_proc_runner.mdx +++ b/api_docs/kbn_dev_proc_runner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-proc-runner title: "@kbn/dev-proc-runner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-proc-runner plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-proc-runner'] --- import kbnDevProcRunnerObj from './kbn_dev_proc_runner.devdocs.json'; diff --git a/api_docs/kbn_dev_utils.mdx b/api_docs/kbn_dev_utils.mdx index 3bb94a6741819..dd542251be47e 100644 --- a/api_docs/kbn_dev_utils.mdx +++ b/api_docs/kbn_dev_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-utils title: "@kbn/dev-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-utils'] --- import kbnDevUtilsObj from './kbn_dev_utils.devdocs.json'; diff --git a/api_docs/kbn_discover_utils.mdx b/api_docs/kbn_discover_utils.mdx index a173d559d222e..14a219c9f94c5 100644 --- a/api_docs/kbn_discover_utils.mdx +++ b/api_docs/kbn_discover_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-discover-utils title: "@kbn/discover-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/discover-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/discover-utils'] --- import kbnDiscoverUtilsObj from './kbn_discover_utils.devdocs.json'; diff --git a/api_docs/kbn_doc_links.devdocs.json b/api_docs/kbn_doc_links.devdocs.json index cee26cb32e97f..b105c76565fb8 100644 --- a/api_docs/kbn_doc_links.devdocs.json +++ b/api_docs/kbn_doc_links.devdocs.json @@ -546,7 +546,7 @@ "label": "securitySolution", "description": [], "signature": [ - "{ readonly artifactControl: string; readonly trustedApps: string; readonly eventFilters: string; readonly blocklist: string; readonly endpointArtifacts: string; readonly policyResponseTroubleshooting: { full_disk_access: string; macos_system_ext: string; linux_deadlock: string; }; readonly packageActionTroubleshooting: { es_connection: string; }; readonly threatIntelInt: string; readonly responseActions: string; readonly configureEndpointIntegrationPolicy: string; readonly exceptions: { value_lists: string; }; readonly privileges: string; readonly manageDetectionRules: string; }" + "{ readonly artifactControl: string; readonly trustedApps: string; readonly eventFilters: string; readonly blocklist: string; readonly endpointArtifacts: string; readonly policyResponseTroubleshooting: { full_disk_access: string; macos_system_ext: string; linux_deadlock: string; }; readonly packageActionTroubleshooting: { es_connection: string; }; readonly threatIntelInt: string; readonly responseActions: string; readonly configureEndpointIntegrationPolicy: string; readonly exceptions: { value_lists: string; }; readonly privileges: string; readonly manageDetectionRules: string; readonly createEsqlRuleType: string; }" ], "path": "packages/kbn-doc-links/src/types.ts", "deprecated": false, @@ -986,20 +986,6 @@ "deprecated": false, "trackAdoption": false }, - { - "parentPluginId": "@kbn/doc-links", - "id": "def-common.DocLinks.esql", - "type": "Object", - "tags": [], - "label": "esql", - "description": [], - "signature": [ - "{ readonly statsBy: string; }" - ], - "path": "packages/kbn-doc-links/src/types.ts", - "deprecated": false, - "trackAdoption": false - }, { "parentPluginId": "@kbn/doc-links", "id": "def-common.DocLinks.telemetry", diff --git a/api_docs/kbn_doc_links.mdx b/api_docs/kbn_doc_links.mdx index 2e4c7fa347e88..1ed2d52c00ef1 100644 --- a/api_docs/kbn_doc_links.mdx +++ b/api_docs/kbn_doc_links.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-doc-links title: "@kbn/doc-links" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/doc-links plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/doc-links'] --- import kbnDocLinksObj from './kbn_doc_links.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/docs](https://github.com/orgs/elastic/teams/docs) for question | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 76 | 0 | 76 | 2 | +| 75 | 0 | 75 | 2 | ## Common diff --git a/api_docs/kbn_docs_utils.mdx b/api_docs/kbn_docs_utils.mdx index 71b4cbd81c709..d8d56ac0edc37 100644 --- a/api_docs/kbn_docs_utils.mdx +++ b/api_docs/kbn_docs_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-docs-utils title: "@kbn/docs-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/docs-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/docs-utils'] --- import kbnDocsUtilsObj from './kbn_docs_utils.devdocs.json'; diff --git a/api_docs/kbn_dom_drag_drop.mdx b/api_docs/kbn_dom_drag_drop.mdx index 061b47c13e746..71bfc477fec47 100644 --- a/api_docs/kbn_dom_drag_drop.mdx +++ b/api_docs/kbn_dom_drag_drop.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dom-drag-drop title: "@kbn/dom-drag-drop" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dom-drag-drop plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dom-drag-drop'] --- import kbnDomDragDropObj from './kbn_dom_drag_drop.devdocs.json'; diff --git a/api_docs/kbn_ebt_tools.mdx b/api_docs/kbn_ebt_tools.mdx index 0b4cc22b82563..59850f929c36e 100644 --- a/api_docs/kbn_ebt_tools.mdx +++ b/api_docs/kbn_ebt_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ebt-tools title: "@kbn/ebt-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ebt-tools plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ebt-tools'] --- import kbnEbtToolsObj from './kbn_ebt_tools.devdocs.json'; diff --git a/api_docs/kbn_ecs.mdx b/api_docs/kbn_ecs.mdx index 121c9653054c7..23648da4434ef 100644 --- a/api_docs/kbn_ecs.mdx +++ b/api_docs/kbn_ecs.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ecs title: "@kbn/ecs" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ecs plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ecs'] --- import kbnEcsObj from './kbn_ecs.devdocs.json'; diff --git a/api_docs/kbn_ecs_data_quality_dashboard.mdx b/api_docs/kbn_ecs_data_quality_dashboard.mdx index 6670939a4580d..6d5a6474c745f 100644 --- a/api_docs/kbn_ecs_data_quality_dashboard.mdx +++ b/api_docs/kbn_ecs_data_quality_dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ecs-data-quality-dashboard title: "@kbn/ecs-data-quality-dashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ecs-data-quality-dashboard plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ecs-data-quality-dashboard'] --- import kbnEcsDataQualityDashboardObj from './kbn_ecs_data_quality_dashboard.devdocs.json'; diff --git a/api_docs/kbn_elastic_assistant.mdx b/api_docs/kbn_elastic_assistant.mdx index 1b755b46a7084..3a8bd3893f239 100644 --- a/api_docs/kbn_elastic_assistant.mdx +++ b/api_docs/kbn_elastic_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-assistant title: "@kbn/elastic-assistant" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-assistant plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-assistant'] --- import kbnElasticAssistantObj from './kbn_elastic_assistant.devdocs.json'; diff --git a/api_docs/kbn_es.mdx b/api_docs/kbn_es.mdx index 6fe90016c8f9c..927adea2b3c35 100644 --- a/api_docs/kbn_es.mdx +++ b/api_docs/kbn_es.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es title: "@kbn/es" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es'] --- import kbnEsObj from './kbn_es.devdocs.json'; diff --git a/api_docs/kbn_es_archiver.mdx b/api_docs/kbn_es_archiver.mdx index 11e18c47f2283..6858c29a3797c 100644 --- a/api_docs/kbn_es_archiver.mdx +++ b/api_docs/kbn_es_archiver.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-archiver title: "@kbn/es-archiver" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-archiver plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-archiver'] --- import kbnEsArchiverObj from './kbn_es_archiver.devdocs.json'; diff --git a/api_docs/kbn_es_errors.mdx b/api_docs/kbn_es_errors.mdx index c82d160863404..2fba1290264fa 100644 --- a/api_docs/kbn_es_errors.mdx +++ b/api_docs/kbn_es_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-errors title: "@kbn/es-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-errors plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-errors'] --- import kbnEsErrorsObj from './kbn_es_errors.devdocs.json'; diff --git a/api_docs/kbn_es_query.mdx b/api_docs/kbn_es_query.mdx index dce10c7d9cc48..d32a02131189f 100644 --- a/api_docs/kbn_es_query.mdx +++ b/api_docs/kbn_es_query.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-query title: "@kbn/es-query" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-query plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-query'] --- import kbnEsQueryObj from './kbn_es_query.devdocs.json'; diff --git a/api_docs/kbn_es_types.mdx b/api_docs/kbn_es_types.mdx index 75f5dafad9657..b575dbdbbaf36 100644 --- a/api_docs/kbn_es_types.mdx +++ b/api_docs/kbn_es_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-types title: "@kbn/es-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-types plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-types'] --- import kbnEsTypesObj from './kbn_es_types.devdocs.json'; diff --git a/api_docs/kbn_eslint_plugin_imports.mdx b/api_docs/kbn_eslint_plugin_imports.mdx index 37dd013e2e9bf..9b44655b1a1c1 100644 --- a/api_docs/kbn_eslint_plugin_imports.mdx +++ b/api_docs/kbn_eslint_plugin_imports.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-eslint-plugin-imports title: "@kbn/eslint-plugin-imports" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/eslint-plugin-imports plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/eslint-plugin-imports'] --- import kbnEslintPluginImportsObj from './kbn_eslint_plugin_imports.devdocs.json'; diff --git a/api_docs/kbn_event_annotation_common.mdx b/api_docs/kbn_event_annotation_common.mdx index 842da802e8d72..822ff6737fc2e 100644 --- a/api_docs/kbn_event_annotation_common.mdx +++ b/api_docs/kbn_event_annotation_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-event-annotation-common title: "@kbn/event-annotation-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/event-annotation-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/event-annotation-common'] --- import kbnEventAnnotationCommonObj from './kbn_event_annotation_common.devdocs.json'; diff --git a/api_docs/kbn_event_annotation_components.mdx b/api_docs/kbn_event_annotation_components.mdx index a4ed1afd55a0c..aaaf3aaf85110 100644 --- a/api_docs/kbn_event_annotation_components.mdx +++ b/api_docs/kbn_event_annotation_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-event-annotation-components title: "@kbn/event-annotation-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/event-annotation-components plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/event-annotation-components'] --- import kbnEventAnnotationComponentsObj from './kbn_event_annotation_components.devdocs.json'; diff --git a/api_docs/kbn_expandable_flyout.mdx b/api_docs/kbn_expandable_flyout.mdx index 016214c2442c6..80dbbd8f7edcd 100644 --- a/api_docs/kbn_expandable_flyout.mdx +++ b/api_docs/kbn_expandable_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-expandable-flyout title: "@kbn/expandable-flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/expandable-flyout plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/expandable-flyout'] --- import kbnExpandableFlyoutObj from './kbn_expandable_flyout.devdocs.json'; diff --git a/api_docs/kbn_field_types.mdx b/api_docs/kbn_field_types.mdx index 41f15802921c4..e0f654940a0ff 100644 --- a/api_docs/kbn_field_types.mdx +++ b/api_docs/kbn_field_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-field-types title: "@kbn/field-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/field-types plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/field-types'] --- import kbnFieldTypesObj from './kbn_field_types.devdocs.json'; diff --git a/api_docs/kbn_field_utils.devdocs.json b/api_docs/kbn_field_utils.devdocs.json index 811d0c46c9a39..a5c8a7e9fa475 100644 --- a/api_docs/kbn_field_utils.devdocs.json +++ b/api_docs/kbn_field_utils.devdocs.json @@ -81,6 +81,79 @@ ], "initialIsOpen": false }, + { + "parentPluginId": "@kbn/field-utils", + "id": "def-common.fieldNameWildcardMatcher", + "type": "Function", + "tags": [], + "label": "fieldNameWildcardMatcher", + "description": [ + "\nChecks if field displayName or name matches the provided search string.\nThe search string can have wildcard." + ], + "signature": [ + "(field: { name: string; displayName?: string | undefined; }, fieldSearchHighlight: string) => boolean" + ], + "path": "packages/kbn-field-utils/src/utils/field_name_wildcard_matcher.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/field-utils", + "id": "def-common.fieldNameWildcardMatcher.$1", + "type": "Object", + "tags": [], + "label": "field", + "description": [], + "path": "packages/kbn-field-utils/src/utils/field_name_wildcard_matcher.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/field-utils", + "id": "def-common.fieldNameWildcardMatcher.$1.name", + "type": "string", + "tags": [], + "label": "name", + "description": [], + "path": "packages/kbn-field-utils/src/utils/field_name_wildcard_matcher.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/field-utils", + "id": "def-common.fieldNameWildcardMatcher.$1.displayName", + "type": "string", + "tags": [], + "label": "displayName", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "packages/kbn-field-utils/src/utils/field_name_wildcard_matcher.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/field-utils", + "id": "def-common.fieldNameWildcardMatcher.$2", + "type": "string", + "tags": [], + "label": "fieldSearchHighlight", + "description": [], + "signature": [ + "string" + ], + "path": "packages/kbn-field-utils/src/utils/field_name_wildcard_matcher.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/field-utils", "id": "def-common.getFieldIconProps", @@ -174,6 +247,56 @@ "returnComment": [], "initialIsOpen": false }, + { + "parentPluginId": "@kbn/field-utils", + "id": "def-common.getFieldSearchMatchingHighlight", + "type": "Function", + "tags": [], + "label": "getFieldSearchMatchingHighlight", + "description": [ + "\nGet `highlight` string to be used together with `EuiHighlight`" + ], + "signature": [ + "(displayName: string, fieldSearchHighlight: string | undefined) => string" + ], + "path": "packages/kbn-field-utils/src/utils/field_name_wildcard_matcher.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/field-utils", + "id": "def-common.getFieldSearchMatchingHighlight.$1", + "type": "string", + "tags": [], + "label": "displayName", + "description": [], + "signature": [ + "string" + ], + "path": "packages/kbn-field-utils/src/utils/field_name_wildcard_matcher.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + }, + { + "parentPluginId": "@kbn/field-utils", + "id": "def-common.getFieldSearchMatchingHighlight.$2", + "type": "string", + "tags": [], + "label": "fieldSearchHighlight", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "packages/kbn-field-utils/src/utils/field_name_wildcard_matcher.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": false + } + ], + "returnComment": [], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/field-utils", "id": "def-common.getFieldType", diff --git a/api_docs/kbn_field_utils.mdx b/api_docs/kbn_field_utils.mdx index 2dcf45be5d961..6a8b2369b47dc 100644 --- a/api_docs/kbn_field_utils.mdx +++ b/api_docs/kbn_field_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-field-utils title: "@kbn/field-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/field-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/field-utils'] --- import kbnFieldUtilsObj from './kbn_field_utils.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/k | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 28 | 0 | 22 | 1 | +| 36 | 0 | 28 | 1 | ## Common diff --git a/api_docs/kbn_find_used_node_modules.mdx b/api_docs/kbn_find_used_node_modules.mdx index b8300f07fa8c9..38ceeedbcb91f 100644 --- a/api_docs/kbn_find_used_node_modules.mdx +++ b/api_docs/kbn_find_used_node_modules.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-find-used-node-modules title: "@kbn/find-used-node-modules" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/find-used-node-modules plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/find-used-node-modules'] --- import kbnFindUsedNodeModulesObj from './kbn_find_used_node_modules.devdocs.json'; diff --git a/api_docs/kbn_ftr_common_functional_services.mdx b/api_docs/kbn_ftr_common_functional_services.mdx index d9c86fb79b923..b50700c70a112 100644 --- a/api_docs/kbn_ftr_common_functional_services.mdx +++ b/api_docs/kbn_ftr_common_functional_services.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ftr-common-functional-services title: "@kbn/ftr-common-functional-services" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ftr-common-functional-services plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ftr-common-functional-services'] --- import kbnFtrCommonFunctionalServicesObj from './kbn_ftr_common_functional_services.devdocs.json'; diff --git a/api_docs/kbn_generate.mdx b/api_docs/kbn_generate.mdx index 120ce5dd3c1d7..e6a90af8aae9a 100644 --- a/api_docs/kbn_generate.mdx +++ b/api_docs/kbn_generate.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate title: "@kbn/generate" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate'] --- import kbnGenerateObj from './kbn_generate.devdocs.json'; diff --git a/api_docs/kbn_generate_console_definitions.mdx b/api_docs/kbn_generate_console_definitions.mdx index d7c42f6b1177e..e464cd01f352e 100644 --- a/api_docs/kbn_generate_console_definitions.mdx +++ b/api_docs/kbn_generate_console_definitions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-console-definitions title: "@kbn/generate-console-definitions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-console-definitions plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-console-definitions'] --- import kbnGenerateConsoleDefinitionsObj from './kbn_generate_console_definitions.devdocs.json'; diff --git a/api_docs/kbn_generate_csv.mdx b/api_docs/kbn_generate_csv.mdx index 407a581068629..0c591b4eb9e00 100644 --- a/api_docs/kbn_generate_csv.mdx +++ b/api_docs/kbn_generate_csv.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-csv title: "@kbn/generate-csv" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-csv plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-csv'] --- import kbnGenerateCsvObj from './kbn_generate_csv.devdocs.json'; diff --git a/api_docs/kbn_generate_csv_types.mdx b/api_docs/kbn_generate_csv_types.mdx index fb41a7be4951d..5ad7c4bc4b5b2 100644 --- a/api_docs/kbn_generate_csv_types.mdx +++ b/api_docs/kbn_generate_csv_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-csv-types title: "@kbn/generate-csv-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-csv-types plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-csv-types'] --- import kbnGenerateCsvTypesObj from './kbn_generate_csv_types.devdocs.json'; diff --git a/api_docs/kbn_guided_onboarding.mdx b/api_docs/kbn_guided_onboarding.mdx index e6ff63d52d665..f295f25f004e6 100644 --- a/api_docs/kbn_guided_onboarding.mdx +++ b/api_docs/kbn_guided_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-guided-onboarding title: "@kbn/guided-onboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/guided-onboarding plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/guided-onboarding'] --- import kbnGuidedOnboardingObj from './kbn_guided_onboarding.devdocs.json'; diff --git a/api_docs/kbn_handlebars.mdx b/api_docs/kbn_handlebars.mdx index 1edc5f33884b5..5f5496d21029e 100644 --- a/api_docs/kbn_handlebars.mdx +++ b/api_docs/kbn_handlebars.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-handlebars title: "@kbn/handlebars" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/handlebars plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/handlebars'] --- import kbnHandlebarsObj from './kbn_handlebars.devdocs.json'; diff --git a/api_docs/kbn_hapi_mocks.mdx b/api_docs/kbn_hapi_mocks.mdx index bd10bc2d9a904..6e4d8676fc96a 100644 --- a/api_docs/kbn_hapi_mocks.mdx +++ b/api_docs/kbn_hapi_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-hapi-mocks title: "@kbn/hapi-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/hapi-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/hapi-mocks'] --- import kbnHapiMocksObj from './kbn_hapi_mocks.devdocs.json'; diff --git a/api_docs/kbn_health_gateway_server.mdx b/api_docs/kbn_health_gateway_server.mdx index 05f48bf23ee11..c5850d5b4c06e 100644 --- a/api_docs/kbn_health_gateway_server.mdx +++ b/api_docs/kbn_health_gateway_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-health-gateway-server title: "@kbn/health-gateway-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/health-gateway-server plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/health-gateway-server'] --- import kbnHealthGatewayServerObj from './kbn_health_gateway_server.devdocs.json'; diff --git a/api_docs/kbn_home_sample_data_card.mdx b/api_docs/kbn_home_sample_data_card.mdx index 77bcf96808129..1f1175589de84 100644 --- a/api_docs/kbn_home_sample_data_card.mdx +++ b/api_docs/kbn_home_sample_data_card.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-home-sample-data-card title: "@kbn/home-sample-data-card" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/home-sample-data-card plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/home-sample-data-card'] --- import kbnHomeSampleDataCardObj from './kbn_home_sample_data_card.devdocs.json'; diff --git a/api_docs/kbn_home_sample_data_tab.mdx b/api_docs/kbn_home_sample_data_tab.mdx index b4208ba4ec2b2..33c09c3e53089 100644 --- a/api_docs/kbn_home_sample_data_tab.mdx +++ b/api_docs/kbn_home_sample_data_tab.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-home-sample-data-tab title: "@kbn/home-sample-data-tab" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/home-sample-data-tab plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/home-sample-data-tab'] --- import kbnHomeSampleDataTabObj from './kbn_home_sample_data_tab.devdocs.json'; diff --git a/api_docs/kbn_i18n.mdx b/api_docs/kbn_i18n.mdx index e19cdc24528aa..5d748edc8d5b2 100644 --- a/api_docs/kbn_i18n.mdx +++ b/api_docs/kbn_i18n.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-i18n title: "@kbn/i18n" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/i18n plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/i18n'] --- import kbnI18nObj from './kbn_i18n.devdocs.json'; diff --git a/api_docs/kbn_i18n_react.mdx b/api_docs/kbn_i18n_react.mdx index 13abdae24ddb7..2dd81a0c5979b 100644 --- a/api_docs/kbn_i18n_react.mdx +++ b/api_docs/kbn_i18n_react.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-i18n-react title: "@kbn/i18n-react" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/i18n-react plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/i18n-react'] --- import kbnI18nReactObj from './kbn_i18n_react.devdocs.json'; diff --git a/api_docs/kbn_import_resolver.mdx b/api_docs/kbn_import_resolver.mdx index 15bd5a0f10a4d..9837bd6a178b0 100644 --- a/api_docs/kbn_import_resolver.mdx +++ b/api_docs/kbn_import_resolver.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-import-resolver title: "@kbn/import-resolver" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/import-resolver plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/import-resolver'] --- import kbnImportResolverObj from './kbn_import_resolver.devdocs.json'; diff --git a/api_docs/kbn_infra_forge.mdx b/api_docs/kbn_infra_forge.mdx index f16d6856cb0af..89a5d266ee3ca 100644 --- a/api_docs/kbn_infra_forge.mdx +++ b/api_docs/kbn_infra_forge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-infra-forge title: "@kbn/infra-forge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/infra-forge plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/infra-forge'] --- import kbnInfraForgeObj from './kbn_infra_forge.devdocs.json'; diff --git a/api_docs/kbn_interpreter.mdx b/api_docs/kbn_interpreter.mdx index 1c74c25d20736..8f503b7a3af1f 100644 --- a/api_docs/kbn_interpreter.mdx +++ b/api_docs/kbn_interpreter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-interpreter title: "@kbn/interpreter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/interpreter plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/interpreter'] --- import kbnInterpreterObj from './kbn_interpreter.devdocs.json'; diff --git a/api_docs/kbn_io_ts_utils.mdx b/api_docs/kbn_io_ts_utils.mdx index f4e6f4f42405d..d4a531982155b 100644 --- a/api_docs/kbn_io_ts_utils.mdx +++ b/api_docs/kbn_io_ts_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-io-ts-utils title: "@kbn/io-ts-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/io-ts-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/io-ts-utils'] --- import kbnIoTsUtilsObj from './kbn_io_ts_utils.devdocs.json'; diff --git a/api_docs/kbn_jest_serializers.mdx b/api_docs/kbn_jest_serializers.mdx index 48666ddfc9cec..4cec766519bd2 100644 --- a/api_docs/kbn_jest_serializers.mdx +++ b/api_docs/kbn_jest_serializers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-jest-serializers title: "@kbn/jest-serializers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/jest-serializers plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/jest-serializers'] --- import kbnJestSerializersObj from './kbn_jest_serializers.devdocs.json'; diff --git a/api_docs/kbn_journeys.mdx b/api_docs/kbn_journeys.mdx index 848b68a06bd6a..12e1e2f2bfbc4 100644 --- a/api_docs/kbn_journeys.mdx +++ b/api_docs/kbn_journeys.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-journeys title: "@kbn/journeys" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/journeys plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/journeys'] --- import kbnJourneysObj from './kbn_journeys.devdocs.json'; diff --git a/api_docs/kbn_json_ast.mdx b/api_docs/kbn_json_ast.mdx index 2f019fa045986..fc05f13ea765c 100644 --- a/api_docs/kbn_json_ast.mdx +++ b/api_docs/kbn_json_ast.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-json-ast title: "@kbn/json-ast" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/json-ast plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/json-ast'] --- import kbnJsonAstObj from './kbn_json_ast.devdocs.json'; diff --git a/api_docs/kbn_kibana_manifest_schema.mdx b/api_docs/kbn_kibana_manifest_schema.mdx index 05922365f5a79..54176ebe09093 100644 --- a/api_docs/kbn_kibana_manifest_schema.mdx +++ b/api_docs/kbn_kibana_manifest_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-kibana-manifest-schema title: "@kbn/kibana-manifest-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/kibana-manifest-schema plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/kibana-manifest-schema'] --- import kbnKibanaManifestSchemaObj from './kbn_kibana_manifest_schema.devdocs.json'; diff --git a/api_docs/kbn_language_documentation_popover.mdx b/api_docs/kbn_language_documentation_popover.mdx index 1d0d26cfc40b3..f9747b62a0f5d 100644 --- a/api_docs/kbn_language_documentation_popover.mdx +++ b/api_docs/kbn_language_documentation_popover.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-language-documentation-popover title: "@kbn/language-documentation-popover" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/language-documentation-popover plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/language-documentation-popover'] --- import kbnLanguageDocumentationPopoverObj from './kbn_language_documentation_popover.devdocs.json'; diff --git a/api_docs/kbn_lens_embeddable_utils.mdx b/api_docs/kbn_lens_embeddable_utils.mdx index 8f9c991cdecda..a724da3960396 100644 --- a/api_docs/kbn_lens_embeddable_utils.mdx +++ b/api_docs/kbn_lens_embeddable_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-lens-embeddable-utils title: "@kbn/lens-embeddable-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/lens-embeddable-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/lens-embeddable-utils'] --- import kbnLensEmbeddableUtilsObj from './kbn_lens_embeddable_utils.devdocs.json'; diff --git a/api_docs/kbn_logging.mdx b/api_docs/kbn_logging.mdx index 154560575a7f9..6b66ef8e495e6 100644 --- a/api_docs/kbn_logging.mdx +++ b/api_docs/kbn_logging.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-logging title: "@kbn/logging" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/logging plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/logging'] --- import kbnLoggingObj from './kbn_logging.devdocs.json'; diff --git a/api_docs/kbn_logging_mocks.mdx b/api_docs/kbn_logging_mocks.mdx index c3bec508ab7f1..d55a52bb82364 100644 --- a/api_docs/kbn_logging_mocks.mdx +++ b/api_docs/kbn_logging_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-logging-mocks title: "@kbn/logging-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/logging-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/logging-mocks'] --- import kbnLoggingMocksObj from './kbn_logging_mocks.devdocs.json'; diff --git a/api_docs/kbn_managed_vscode_config.mdx b/api_docs/kbn_managed_vscode_config.mdx index 4a87a3188f490..8656037317e02 100644 --- a/api_docs/kbn_managed_vscode_config.mdx +++ b/api_docs/kbn_managed_vscode_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-managed-vscode-config title: "@kbn/managed-vscode-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/managed-vscode-config plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/managed-vscode-config'] --- import kbnManagedVscodeConfigObj from './kbn_managed_vscode_config.devdocs.json'; diff --git a/api_docs/kbn_management_cards_navigation.mdx b/api_docs/kbn_management_cards_navigation.mdx index 8ff5aaf0d9e99..b90069377f625 100644 --- a/api_docs/kbn_management_cards_navigation.mdx +++ b/api_docs/kbn_management_cards_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-cards-navigation title: "@kbn/management-cards-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-cards-navigation plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-cards-navigation'] --- import kbnManagementCardsNavigationObj from './kbn_management_cards_navigation.devdocs.json'; diff --git a/api_docs/kbn_management_settings_application.mdx b/api_docs/kbn_management_settings_application.mdx index 44d2da6fd14cf..db6b72232b58d 100644 --- a/api_docs/kbn_management_settings_application.mdx +++ b/api_docs/kbn_management_settings_application.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-application title: "@kbn/management-settings-application" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-application plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-application'] --- import kbnManagementSettingsApplicationObj from './kbn_management_settings_application.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_category.mdx b/api_docs/kbn_management_settings_components_field_category.mdx index 62c9441a3eb77..b09d0fab4fc15 100644 --- a/api_docs/kbn_management_settings_components_field_category.mdx +++ b/api_docs/kbn_management_settings_components_field_category.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-category title: "@kbn/management-settings-components-field-category" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-category plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-category'] --- import kbnManagementSettingsComponentsFieldCategoryObj from './kbn_management_settings_components_field_category.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_input.mdx b/api_docs/kbn_management_settings_components_field_input.mdx index 6eb634d838a92..9c4215f29ec10 100644 --- a/api_docs/kbn_management_settings_components_field_input.mdx +++ b/api_docs/kbn_management_settings_components_field_input.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-input title: "@kbn/management-settings-components-field-input" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-input plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-input'] --- import kbnManagementSettingsComponentsFieldInputObj from './kbn_management_settings_components_field_input.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_row.mdx b/api_docs/kbn_management_settings_components_field_row.mdx index b6c6f46f5bc92..3503ebbcc4203 100644 --- a/api_docs/kbn_management_settings_components_field_row.mdx +++ b/api_docs/kbn_management_settings_components_field_row.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-row title: "@kbn/management-settings-components-field-row" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-row plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-row'] --- import kbnManagementSettingsComponentsFieldRowObj from './kbn_management_settings_components_field_row.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_form.mdx b/api_docs/kbn_management_settings_components_form.mdx index 46f4605160b0f..50bcd882c3403 100644 --- a/api_docs/kbn_management_settings_components_form.mdx +++ b/api_docs/kbn_management_settings_components_form.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-form title: "@kbn/management-settings-components-form" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-form plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-form'] --- import kbnManagementSettingsComponentsFormObj from './kbn_management_settings_components_form.devdocs.json'; diff --git a/api_docs/kbn_management_settings_field_definition.mdx b/api_docs/kbn_management_settings_field_definition.mdx index f0612772a9130..3425019b1d1f0 100644 --- a/api_docs/kbn_management_settings_field_definition.mdx +++ b/api_docs/kbn_management_settings_field_definition.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-field-definition title: "@kbn/management-settings-field-definition" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-field-definition plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-field-definition'] --- import kbnManagementSettingsFieldDefinitionObj from './kbn_management_settings_field_definition.devdocs.json'; diff --git a/api_docs/kbn_management_settings_ids.mdx b/api_docs/kbn_management_settings_ids.mdx index e5a8c6eb448e5..ddff487042696 100644 --- a/api_docs/kbn_management_settings_ids.mdx +++ b/api_docs/kbn_management_settings_ids.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-ids title: "@kbn/management-settings-ids" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-ids plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-ids'] --- import kbnManagementSettingsIdsObj from './kbn_management_settings_ids.devdocs.json'; diff --git a/api_docs/kbn_management_settings_section_registry.mdx b/api_docs/kbn_management_settings_section_registry.mdx index e6b1e32ab8793..488de3d7e7765 100644 --- a/api_docs/kbn_management_settings_section_registry.mdx +++ b/api_docs/kbn_management_settings_section_registry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-section-registry title: "@kbn/management-settings-section-registry" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-section-registry plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-section-registry'] --- import kbnManagementSettingsSectionRegistryObj from './kbn_management_settings_section_registry.devdocs.json'; diff --git a/api_docs/kbn_management_settings_types.mdx b/api_docs/kbn_management_settings_types.mdx index a353f360102ec..f0a638bb0bee1 100644 --- a/api_docs/kbn_management_settings_types.mdx +++ b/api_docs/kbn_management_settings_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-types title: "@kbn/management-settings-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-types plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-types'] --- import kbnManagementSettingsTypesObj from './kbn_management_settings_types.devdocs.json'; diff --git a/api_docs/kbn_management_settings_utilities.mdx b/api_docs/kbn_management_settings_utilities.mdx index ddbcb477578db..7b9552099b12e 100644 --- a/api_docs/kbn_management_settings_utilities.mdx +++ b/api_docs/kbn_management_settings_utilities.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-utilities title: "@kbn/management-settings-utilities" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-utilities plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-utilities'] --- import kbnManagementSettingsUtilitiesObj from './kbn_management_settings_utilities.devdocs.json'; diff --git a/api_docs/kbn_management_storybook_config.mdx b/api_docs/kbn_management_storybook_config.mdx index e17fd9d2ad089..1d8d4562fa8de 100644 --- a/api_docs/kbn_management_storybook_config.mdx +++ b/api_docs/kbn_management_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-storybook-config title: "@kbn/management-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-storybook-config plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-storybook-config'] --- import kbnManagementStorybookConfigObj from './kbn_management_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_mapbox_gl.mdx b/api_docs/kbn_mapbox_gl.mdx index 8ce869fb39d5f..2a76120d34ebf 100644 --- a/api_docs/kbn_mapbox_gl.mdx +++ b/api_docs/kbn_mapbox_gl.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-mapbox-gl title: "@kbn/mapbox-gl" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/mapbox-gl plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/mapbox-gl'] --- import kbnMapboxGlObj from './kbn_mapbox_gl.devdocs.json'; diff --git a/api_docs/kbn_maps_vector_tile_utils.mdx b/api_docs/kbn_maps_vector_tile_utils.mdx index 53b634d36c7f6..671469edc031a 100644 --- a/api_docs/kbn_maps_vector_tile_utils.mdx +++ b/api_docs/kbn_maps_vector_tile_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-maps-vector-tile-utils title: "@kbn/maps-vector-tile-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/maps-vector-tile-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/maps-vector-tile-utils'] --- import kbnMapsVectorTileUtilsObj from './kbn_maps_vector_tile_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_agg_utils.mdx b/api_docs/kbn_ml_agg_utils.mdx index d6d3ae73c69b2..3feb290ed89ae 100644 --- a/api_docs/kbn_ml_agg_utils.mdx +++ b/api_docs/kbn_ml_agg_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-agg-utils title: "@kbn/ml-agg-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-agg-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-agg-utils'] --- import kbnMlAggUtilsObj from './kbn_ml_agg_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_anomaly_utils.mdx b/api_docs/kbn_ml_anomaly_utils.mdx index c8e93c3ddea8d..e3ecb8e9172c1 100644 --- a/api_docs/kbn_ml_anomaly_utils.mdx +++ b/api_docs/kbn_ml_anomaly_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-anomaly-utils title: "@kbn/ml-anomaly-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-anomaly-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-anomaly-utils'] --- import kbnMlAnomalyUtilsObj from './kbn_ml_anomaly_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_category_validator.mdx b/api_docs/kbn_ml_category_validator.mdx index 4d3fb9af4a8a7..92908dd3f8902 100644 --- a/api_docs/kbn_ml_category_validator.mdx +++ b/api_docs/kbn_ml_category_validator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-category-validator title: "@kbn/ml-category-validator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-category-validator plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-category-validator'] --- import kbnMlCategoryValidatorObj from './kbn_ml_category_validator.devdocs.json'; diff --git a/api_docs/kbn_ml_chi2test.mdx b/api_docs/kbn_ml_chi2test.mdx index 5dc7834d58d59..957ffdf1d2c08 100644 --- a/api_docs/kbn_ml_chi2test.mdx +++ b/api_docs/kbn_ml_chi2test.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-chi2test title: "@kbn/ml-chi2test" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-chi2test plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-chi2test'] --- import kbnMlChi2testObj from './kbn_ml_chi2test.devdocs.json'; diff --git a/api_docs/kbn_ml_data_frame_analytics_utils.mdx b/api_docs/kbn_ml_data_frame_analytics_utils.mdx index 59ab90c0a6adf..aadc8227c6d83 100644 --- a/api_docs/kbn_ml_data_frame_analytics_utils.mdx +++ b/api_docs/kbn_ml_data_frame_analytics_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-data-frame-analytics-utils title: "@kbn/ml-data-frame-analytics-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-data-frame-analytics-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-data-frame-analytics-utils'] --- import kbnMlDataFrameAnalyticsUtilsObj from './kbn_ml_data_frame_analytics_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_data_grid.mdx b/api_docs/kbn_ml_data_grid.mdx index e853c97f1a6b0..302380fb39cb5 100644 --- a/api_docs/kbn_ml_data_grid.mdx +++ b/api_docs/kbn_ml_data_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-data-grid title: "@kbn/ml-data-grid" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-data-grid plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-data-grid'] --- import kbnMlDataGridObj from './kbn_ml_data_grid.devdocs.json'; diff --git a/api_docs/kbn_ml_date_picker.mdx b/api_docs/kbn_ml_date_picker.mdx index 3492660885129..a9ad0b5110991 100644 --- a/api_docs/kbn_ml_date_picker.mdx +++ b/api_docs/kbn_ml_date_picker.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-date-picker title: "@kbn/ml-date-picker" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-date-picker plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-date-picker'] --- import kbnMlDatePickerObj from './kbn_ml_date_picker.devdocs.json'; diff --git a/api_docs/kbn_ml_date_utils.mdx b/api_docs/kbn_ml_date_utils.mdx index b9b793835e67d..0b9ecfc9befc8 100644 --- a/api_docs/kbn_ml_date_utils.mdx +++ b/api_docs/kbn_ml_date_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-date-utils title: "@kbn/ml-date-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-date-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-date-utils'] --- import kbnMlDateUtilsObj from './kbn_ml_date_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_error_utils.mdx b/api_docs/kbn_ml_error_utils.mdx index 04d6919d1b23d..bbea167956a5d 100644 --- a/api_docs/kbn_ml_error_utils.mdx +++ b/api_docs/kbn_ml_error_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-error-utils title: "@kbn/ml-error-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-error-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-error-utils'] --- import kbnMlErrorUtilsObj from './kbn_ml_error_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_in_memory_table.mdx b/api_docs/kbn_ml_in_memory_table.mdx index abc4eaa0cdadd..9bdd1530ae245 100644 --- a/api_docs/kbn_ml_in_memory_table.mdx +++ b/api_docs/kbn_ml_in_memory_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-in-memory-table title: "@kbn/ml-in-memory-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-in-memory-table plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-in-memory-table'] --- import kbnMlInMemoryTableObj from './kbn_ml_in_memory_table.devdocs.json'; diff --git a/api_docs/kbn_ml_is_defined.mdx b/api_docs/kbn_ml_is_defined.mdx index 66e526559a636..99e9310c03ce1 100644 --- a/api_docs/kbn_ml_is_defined.mdx +++ b/api_docs/kbn_ml_is_defined.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-is-defined title: "@kbn/ml-is-defined" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-is-defined plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-is-defined'] --- import kbnMlIsDefinedObj from './kbn_ml_is_defined.devdocs.json'; diff --git a/api_docs/kbn_ml_is_populated_object.mdx b/api_docs/kbn_ml_is_populated_object.mdx index bfe09917244e4..e5f324f60e3f2 100644 --- a/api_docs/kbn_ml_is_populated_object.mdx +++ b/api_docs/kbn_ml_is_populated_object.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-is-populated-object title: "@kbn/ml-is-populated-object" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-is-populated-object plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-is-populated-object'] --- import kbnMlIsPopulatedObjectObj from './kbn_ml_is_populated_object.devdocs.json'; diff --git a/api_docs/kbn_ml_kibana_theme.mdx b/api_docs/kbn_ml_kibana_theme.mdx index 8f3f81cf3c505..b021cbf8837a7 100644 --- a/api_docs/kbn_ml_kibana_theme.mdx +++ b/api_docs/kbn_ml_kibana_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-kibana-theme title: "@kbn/ml-kibana-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-kibana-theme plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-kibana-theme'] --- import kbnMlKibanaThemeObj from './kbn_ml_kibana_theme.devdocs.json'; diff --git a/api_docs/kbn_ml_local_storage.mdx b/api_docs/kbn_ml_local_storage.mdx index ffe74b9f673f4..8c8f0e2ef2a4b 100644 --- a/api_docs/kbn_ml_local_storage.mdx +++ b/api_docs/kbn_ml_local_storage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-local-storage title: "@kbn/ml-local-storage" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-local-storage plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-local-storage'] --- import kbnMlLocalStorageObj from './kbn_ml_local_storage.devdocs.json'; diff --git a/api_docs/kbn_ml_nested_property.mdx b/api_docs/kbn_ml_nested_property.mdx index 2b4aac21cee0c..b5048318245fb 100644 --- a/api_docs/kbn_ml_nested_property.mdx +++ b/api_docs/kbn_ml_nested_property.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-nested-property title: "@kbn/ml-nested-property" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-nested-property plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-nested-property'] --- import kbnMlNestedPropertyObj from './kbn_ml_nested_property.devdocs.json'; diff --git a/api_docs/kbn_ml_number_utils.mdx b/api_docs/kbn_ml_number_utils.mdx index 3a75455a6491d..446e11abcc811 100644 --- a/api_docs/kbn_ml_number_utils.mdx +++ b/api_docs/kbn_ml_number_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-number-utils title: "@kbn/ml-number-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-number-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-number-utils'] --- import kbnMlNumberUtilsObj from './kbn_ml_number_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_query_utils.mdx b/api_docs/kbn_ml_query_utils.mdx index 7250ccecabd5b..12cf2b3dc2d03 100644 --- a/api_docs/kbn_ml_query_utils.mdx +++ b/api_docs/kbn_ml_query_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-query-utils title: "@kbn/ml-query-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-query-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-query-utils'] --- import kbnMlQueryUtilsObj from './kbn_ml_query_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_random_sampler_utils.mdx b/api_docs/kbn_ml_random_sampler_utils.mdx index 1e7856616884c..b15a085064e86 100644 --- a/api_docs/kbn_ml_random_sampler_utils.mdx +++ b/api_docs/kbn_ml_random_sampler_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-random-sampler-utils title: "@kbn/ml-random-sampler-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-random-sampler-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-random-sampler-utils'] --- import kbnMlRandomSamplerUtilsObj from './kbn_ml_random_sampler_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_route_utils.mdx b/api_docs/kbn_ml_route_utils.mdx index 5d706d8a85b72..7278fd4a697bc 100644 --- a/api_docs/kbn_ml_route_utils.mdx +++ b/api_docs/kbn_ml_route_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-route-utils title: "@kbn/ml-route-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-route-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-route-utils'] --- import kbnMlRouteUtilsObj from './kbn_ml_route_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_runtime_field_utils.mdx b/api_docs/kbn_ml_runtime_field_utils.mdx index e52a1837efdec..59de36b5da75b 100644 --- a/api_docs/kbn_ml_runtime_field_utils.mdx +++ b/api_docs/kbn_ml_runtime_field_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-runtime-field-utils title: "@kbn/ml-runtime-field-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-runtime-field-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-runtime-field-utils'] --- import kbnMlRuntimeFieldUtilsObj from './kbn_ml_runtime_field_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_string_hash.mdx b/api_docs/kbn_ml_string_hash.mdx index a853ed0a0b114..0c441c0bd081a 100644 --- a/api_docs/kbn_ml_string_hash.mdx +++ b/api_docs/kbn_ml_string_hash.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-string-hash title: "@kbn/ml-string-hash" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-string-hash plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-string-hash'] --- import kbnMlStringHashObj from './kbn_ml_string_hash.devdocs.json'; diff --git a/api_docs/kbn_ml_trained_models_utils.mdx b/api_docs/kbn_ml_trained_models_utils.mdx index fcb1f56dee9f1..83ce1cd6c5fb6 100644 --- a/api_docs/kbn_ml_trained_models_utils.mdx +++ b/api_docs/kbn_ml_trained_models_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-trained-models-utils title: "@kbn/ml-trained-models-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-trained-models-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-trained-models-utils'] --- import kbnMlTrainedModelsUtilsObj from './kbn_ml_trained_models_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_url_state.mdx b/api_docs/kbn_ml_url_state.mdx index 043732429d6a5..2b17b2e73273f 100644 --- a/api_docs/kbn_ml_url_state.mdx +++ b/api_docs/kbn_ml_url_state.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-url-state title: "@kbn/ml-url-state" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-url-state plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-url-state'] --- import kbnMlUrlStateObj from './kbn_ml_url_state.devdocs.json'; diff --git a/api_docs/kbn_monaco.mdx b/api_docs/kbn_monaco.mdx index 864093ed30dc5..c69e8cd89d2f7 100644 --- a/api_docs/kbn_monaco.mdx +++ b/api_docs/kbn_monaco.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-monaco title: "@kbn/monaco" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/monaco plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/monaco'] --- import kbnMonacoObj from './kbn_monaco.devdocs.json'; diff --git a/api_docs/kbn_object_versioning.mdx b/api_docs/kbn_object_versioning.mdx index e1c511aee3913..341db391df30c 100644 --- a/api_docs/kbn_object_versioning.mdx +++ b/api_docs/kbn_object_versioning.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-object-versioning title: "@kbn/object-versioning" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/object-versioning plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/object-versioning'] --- import kbnObjectVersioningObj from './kbn_object_versioning.devdocs.json'; diff --git a/api_docs/kbn_observability_alert_details.mdx b/api_docs/kbn_observability_alert_details.mdx index 04e01a1073742..9627b99328fbf 100644 --- a/api_docs/kbn_observability_alert_details.mdx +++ b/api_docs/kbn_observability_alert_details.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alert-details title: "@kbn/observability-alert-details" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alert-details plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alert-details'] --- import kbnObservabilityAlertDetailsObj from './kbn_observability_alert_details.devdocs.json'; diff --git a/api_docs/kbn_observability_alerting_test_data.devdocs.json b/api_docs/kbn_observability_alerting_test_data.devdocs.json new file mode 100644 index 0000000000000..71f9df827784d --- /dev/null +++ b/api_docs/kbn_observability_alerting_test_data.devdocs.json @@ -0,0 +1,1348 @@ +{ + "id": "@kbn/observability-alerting-test-data", + "client": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [] + }, + "server": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [] + }, + "common": { + "classes": [], + "functions": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createApmErrorCountRule", + "type": "Function", + "tags": [], + "label": "createApmErrorCountRule", + "description": [], + "signature": [ + "(actionId: string) => Promise<", + "AxiosResponse", + ">" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_apm_error_count_threshold_rule.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createApmErrorCountRule.$1", + "type": "string", + "tags": [], + "label": "actionId", + "description": [], + "signature": [ + "string" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_apm_error_count_threshold_rule.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createApmFailedTransactionRateRule", + "type": "Function", + "tags": [], + "label": "createApmFailedTransactionRateRule", + "description": [], + "signature": [ + "(actionId: string) => Promise<", + "AxiosResponse", + ">" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_apm_failed_transaction_rate_rule.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createApmFailedTransactionRateRule.$1", + "type": "string", + "tags": [], + "label": "actionId", + "description": [], + "signature": [ + "string" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_apm_failed_transaction_rate_rule.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createCustomThresholdRule", + "type": "Function", + "tags": [], + "label": "createCustomThresholdRule", + "description": [], + "signature": [ + "(actionId: string, dataViewId: string, ruleParams: { consumer?: string | undefined; name?: string | undefined; params?: { criteria: any[]; groupBy?: string[] | undefined; searchConfiguration: { query: { query?: string | undefined; }; }; } | undefined; }) => Promise<", + "AxiosResponse", + ">" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_custom_threshold_rule.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createCustomThresholdRule.$1", + "type": "string", + "tags": [], + "label": "actionId", + "description": [], + "signature": [ + "string" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_custom_threshold_rule.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createCustomThresholdRule.$2", + "type": "string", + "tags": [], + "label": "dataViewId", + "description": [], + "signature": [ + "string" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_custom_threshold_rule.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createCustomThresholdRule.$3", + "type": "Object", + "tags": [], + "label": "ruleParams", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/create_custom_threshold_rule.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createCustomThresholdRule.$3.consumer", + "type": "string", + "tags": [], + "label": "consumer", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_custom_threshold_rule.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createCustomThresholdRule.$3.name", + "type": "string", + "tags": [], + "label": "name", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_custom_threshold_rule.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createCustomThresholdRule.$3.params", + "type": "Object", + "tags": [], + "label": "params", + "description": [], + "signature": [ + "{ criteria: any[]; groupBy?: string[] | undefined; searchConfiguration: { query: { query?: string | undefined; }; }; } | undefined" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_custom_threshold_rule.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ], + "returnComment": [], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createDataView", + "type": "Function", + "tags": [], + "label": "createDataView", + "description": [], + "signature": [ + "({ indexPattern, id, }: { indexPattern: string; id: string; }) => Promise<", + "AxiosResponse", + ">" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_data_view.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createDataView.$1", + "type": "Object", + "tags": [], + "label": "{\n indexPattern,\n id,\n}", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/create_data_view.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createDataView.$1.indexPattern", + "type": "string", + "tags": [], + "label": "indexPattern", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/create_data_view.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createDataView.$1.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/create_data_view.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ], + "returnComment": [], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createIndexConnector", + "type": "Function", + "tags": [], + "label": "createIndexConnector", + "description": [], + "signature": [ + "() => Promise<", + "AxiosResponse", + ">" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_index_connector.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createRule", + "type": "Function", + "tags": [], + "label": "createRule", + "description": [], + "signature": [ + "(ruleParams: any) => Promise<", + "AxiosResponse", + ">" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_rule.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.createRule.$1", + "type": "Any", + "tags": [], + "label": "ruleParams", + "description": [], + "signature": [ + "any" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/create_rule.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.run", + "type": "Function", + "tags": [], + "label": "run", + "description": [], + "signature": [ + "() => Promise" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/run.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [], + "initialIsOpen": false + } + ], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1", + "type": "Object", + "tags": [], + "label": "scenario1", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1.dataView", + "type": "Object", + "tags": [], + "label": "dataView", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1.dataView.indexPattern", + "type": "string", + "tags": [], + "label": "indexPattern", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1.dataView.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1.dataView.shouldCreate", + "type": "boolean", + "tags": [], + "label": "shouldCreate", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1.ruleParams", + "type": "Object", + "tags": [], + "label": "ruleParams", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1.ruleParams.consumer", + "type": "string", + "tags": [], + "label": "consumer", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1.ruleParams.name", + "type": "string", + "tags": [], + "label": "name", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1.ruleParams.params", + "type": "Object", + "tags": [], + "label": "params", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1.ruleParams.params.criteria", + "type": "Array", + "tags": [], + "label": "criteria", + "description": [], + "signature": [ + "{ aggType: ", + "Aggregators", + "; comparator: ", + "Comparator", + "; threshold: number[]; timeSize: number; timeUnit: string; metrics: { name: string; filter: string; aggType: ", + "Aggregators", + "; }[]; }[]" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1.ruleParams.params.searchConfiguration", + "type": "Object", + "tags": [], + "label": "searchConfiguration", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1.ruleParams.params.searchConfiguration.query", + "type": "Object", + "tags": [], + "label": "query", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario1.ruleParams.params.searchConfiguration.query.query", + "type": "string", + "tags": [], + "label": "query", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ] + } + ] + } + ] + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2", + "type": "Object", + "tags": [], + "label": "scenario2", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.dataView", + "type": "Object", + "tags": [], + "label": "dataView", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.dataView.indexPattern", + "type": "string", + "tags": [], + "label": "indexPattern", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.dataView.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.dataView.shouldCreate", + "type": "boolean", + "tags": [], + "label": "shouldCreate", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.ruleParams", + "type": "Object", + "tags": [], + "label": "ruleParams", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.ruleParams.consumer", + "type": "string", + "tags": [], + "label": "consumer", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.ruleParams.name", + "type": "string", + "tags": [], + "label": "name", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.ruleParams.params", + "type": "Object", + "tags": [], + "label": "params", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.ruleParams.params.criteria", + "type": "Array", + "tags": [], + "label": "criteria", + "description": [], + "signature": [ + "{ aggType: ", + "Aggregators", + "; comparator: ", + "Comparator", + "; threshold: number[]; timeSize: number; timeUnit: string; metrics: { name: string; filter: string; aggType: ", + "Aggregators", + "; }[]; }[]" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.ruleParams.params.groupBy", + "type": "Array", + "tags": [], + "label": "groupBy", + "description": [], + "signature": [ + "string[]" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.ruleParams.params.searchConfiguration", + "type": "Object", + "tags": [], + "label": "searchConfiguration", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.ruleParams.params.searchConfiguration.query", + "type": "Object", + "tags": [], + "label": "query", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario2.ruleParams.params.searchConfiguration.query.query", + "type": "string", + "tags": [], + "label": "query", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_groupby.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ] + } + ] + } + ] + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3", + "type": "Object", + "tags": [], + "label": "scenario3", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3.dataView", + "type": "Object", + "tags": [], + "label": "dataView", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3.dataView.indexPattern", + "type": "string", + "tags": [], + "label": "indexPattern", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3.dataView.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3.dataView.shouldCreate", + "type": "boolean", + "tags": [], + "label": "shouldCreate", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3.ruleParams", + "type": "Object", + "tags": [], + "label": "ruleParams", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3.ruleParams.consumer", + "type": "string", + "tags": [], + "label": "consumer", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3.ruleParams.name", + "type": "string", + "tags": [], + "label": "name", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3.ruleParams.params", + "type": "Object", + "tags": [], + "label": "params", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3.ruleParams.params.criteria", + "type": "Array", + "tags": [], + "label": "criteria", + "description": [], + "signature": [ + "{ aggType: ", + "Aggregators", + "; comparator: ", + "Comparator", + "; threshold: number[]; timeSize: number; timeUnit: string; metrics: { name: string; filter: string; aggType: ", + "Aggregators", + "; }[]; }[]" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3.ruleParams.params.searchConfiguration", + "type": "Object", + "tags": [], + "label": "searchConfiguration", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3.ruleParams.params.searchConfiguration.query", + "type": "Object", + "tags": [], + "label": "query", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario3.ruleParams.params.searchConfiguration.query.query", + "type": "string", + "tags": [], + "label": "query", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_log_count_nodata.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ] + } + ] + } + ] + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4", + "type": "Object", + "tags": [], + "label": "scenario4", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4.dataView", + "type": "Object", + "tags": [], + "label": "dataView", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4.dataView.indexPattern", + "type": "string", + "tags": [], + "label": "indexPattern", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4.dataView.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4.dataView.shouldCreate", + "type": "boolean", + "tags": [], + "label": "shouldCreate", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4.ruleParams", + "type": "Object", + "tags": [], + "label": "ruleParams", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4.ruleParams.consumer", + "type": "string", + "tags": [], + "label": "consumer", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4.ruleParams.name", + "type": "string", + "tags": [], + "label": "name", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4.ruleParams.params", + "type": "Object", + "tags": [], + "label": "params", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4.ruleParams.params.criteria", + "type": "Array", + "tags": [], + "label": "criteria", + "description": [], + "signature": [ + "{ aggType: ", + "Aggregators", + "; comparator: ", + "Comparator", + "; threshold: number[]; timeSize: number; timeUnit: string; metrics: { name: string; field: string; aggType: ", + "Aggregators", + "; }[]; }[]" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4.ruleParams.params.searchConfiguration", + "type": "Object", + "tags": [], + "label": "searchConfiguration", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4.ruleParams.params.searchConfiguration.query", + "type": "Object", + "tags": [], + "label": "query", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario4.ruleParams.params.searchConfiguration.query.query", + "type": "string", + "tags": [], + "label": "query", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ] + } + ] + } + ] + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5", + "type": "Object", + "tags": [], + "label": "scenario5", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.dataView", + "type": "Object", + "tags": [], + "label": "dataView", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.dataView.indexPattern", + "type": "string", + "tags": [], + "label": "indexPattern", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.dataView.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.dataView.shouldCreate", + "type": "boolean", + "tags": [], + "label": "shouldCreate", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.ruleParams", + "type": "Object", + "tags": [], + "label": "ruleParams", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.ruleParams.consumer", + "type": "string", + "tags": [], + "label": "consumer", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.ruleParams.name", + "type": "string", + "tags": [], + "label": "name", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.ruleParams.params", + "type": "Object", + "tags": [], + "label": "params", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.ruleParams.params.criteria", + "type": "Array", + "tags": [], + "label": "criteria", + "description": [], + "signature": [ + "{ aggType: ", + "Aggregators", + "; comparator: ", + "Comparator", + "; threshold: number[]; timeSize: number; timeUnit: string; metrics: { name: string; field: string; aggType: ", + "Aggregators", + "; }[]; }[]" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.ruleParams.params.groupBy", + "type": "Array", + "tags": [], + "label": "groupBy", + "description": [], + "signature": [ + "string[]" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.ruleParams.params.searchConfiguration", + "type": "Object", + "tags": [], + "label": "searchConfiguration", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.ruleParams.params.searchConfiguration.query", + "type": "Object", + "tags": [], + "label": "query", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario5.ruleParams.params.searchConfiguration.query.query", + "type": "string", + "tags": [], + "label": "query", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_groupby.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ] + } + ] + } + ] + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6", + "type": "Object", + "tags": [], + "label": "scenario6", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6.dataView", + "type": "Object", + "tags": [], + "label": "dataView", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6.dataView.indexPattern", + "type": "string", + "tags": [], + "label": "indexPattern", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6.dataView.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6.dataView.shouldCreate", + "type": "boolean", + "tags": [], + "label": "shouldCreate", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6.ruleParams", + "type": "Object", + "tags": [], + "label": "ruleParams", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6.ruleParams.consumer", + "type": "string", + "tags": [], + "label": "consumer", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6.ruleParams.name", + "type": "string", + "tags": [], + "label": "name", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6.ruleParams.params", + "type": "Object", + "tags": [], + "label": "params", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6.ruleParams.params.criteria", + "type": "Array", + "tags": [], + "label": "criteria", + "description": [], + "signature": [ + "{ aggType: ", + "Aggregators", + "; comparator: ", + "Comparator", + "; threshold: number[]; timeSize: number; timeUnit: string; metrics: { name: string; field: string; aggType: ", + "Aggregators", + "; }[]; }[]" + ], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6.ruleParams.params.searchConfiguration", + "type": "Object", + "tags": [], + "label": "searchConfiguration", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6.ruleParams.params.searchConfiguration.query", + "type": "Object", + "tags": [], + "label": "query", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/observability-alerting-test-data", + "id": "def-common.scenario6.ruleParams.params.searchConfiguration.query.query", + "type": "string", + "tags": [], + "label": "query", + "description": [], + "path": "x-pack/packages/observability/alerting_test_data/src/scenarios/custom_threshold_metric_avg_nodata.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ] + } + ] + } + ] + } + ], + "initialIsOpen": false + } + ] + } +} \ No newline at end of file diff --git a/api_docs/kbn_observability_alerting_test_data.mdx b/api_docs/kbn_observability_alerting_test_data.mdx new file mode 100644 index 0000000000000..0ddb8f19e380a --- /dev/null +++ b/api_docs/kbn_observability_alerting_test_data.mdx @@ -0,0 +1,33 @@ +--- +#### +#### This document is auto-generated and is meant to be viewed inside our experimental, new docs system. +#### Reach out in #docs-engineering for more info. +#### +id: kibKbnObservabilityAlertingTestDataPluginApi +slug: /kibana-dev-docs/api/kbn-observability-alerting-test-data +title: "@kbn/observability-alerting-test-data" +image: https://source.unsplash.com/400x175/?github +description: API docs for the @kbn/observability-alerting-test-data plugin +date: 2023-10-19 +tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alerting-test-data'] +--- +import kbnObservabilityAlertingTestDataObj from './kbn_observability_alerting_test_data.devdocs.json'; + + + +Contact [@elastic/actionable-observability](https://github.com/orgs/elastic/teams/actionable-observability) for questions regarding this plugin. + +**Code health stats** + +| Public API count | Any count | Items lacking comments | Missing exports | +|-------------------|-----------|------------------------|-----------------| +| 99 | 1 | 99 | 0 | + +## Common + +### Objects + + +### Functions + + diff --git a/api_docs/kbn_openapi_generator.mdx b/api_docs/kbn_openapi_generator.mdx index b471610fb0237..b13f78f070d2a 100644 --- a/api_docs/kbn_openapi_generator.mdx +++ b/api_docs/kbn_openapi_generator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-openapi-generator title: "@kbn/openapi-generator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/openapi-generator plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/openapi-generator'] --- import kbnOpenapiGeneratorObj from './kbn_openapi_generator.devdocs.json'; diff --git a/api_docs/kbn_optimizer.mdx b/api_docs/kbn_optimizer.mdx index b79ea3b08a41b..988301984f0c5 100644 --- a/api_docs/kbn_optimizer.mdx +++ b/api_docs/kbn_optimizer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-optimizer title: "@kbn/optimizer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/optimizer plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/optimizer'] --- import kbnOptimizerObj from './kbn_optimizer.devdocs.json'; diff --git a/api_docs/kbn_optimizer_webpack_helpers.mdx b/api_docs/kbn_optimizer_webpack_helpers.mdx index 0de94fe6ca94c..80492407a54ba 100644 --- a/api_docs/kbn_optimizer_webpack_helpers.mdx +++ b/api_docs/kbn_optimizer_webpack_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-optimizer-webpack-helpers title: "@kbn/optimizer-webpack-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/optimizer-webpack-helpers plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/optimizer-webpack-helpers'] --- import kbnOptimizerWebpackHelpersObj from './kbn_optimizer_webpack_helpers.devdocs.json'; diff --git a/api_docs/kbn_osquery_io_ts_types.mdx b/api_docs/kbn_osquery_io_ts_types.mdx index de2a2a89c76a6..e97cab1875f54 100644 --- a/api_docs/kbn_osquery_io_ts_types.mdx +++ b/api_docs/kbn_osquery_io_ts_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-osquery-io-ts-types title: "@kbn/osquery-io-ts-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/osquery-io-ts-types plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/osquery-io-ts-types'] --- import kbnOsqueryIoTsTypesObj from './kbn_osquery_io_ts_types.devdocs.json'; diff --git a/api_docs/kbn_performance_testing_dataset_extractor.mdx b/api_docs/kbn_performance_testing_dataset_extractor.mdx index f7cf3fba50192..bebdd15b15595 100644 --- a/api_docs/kbn_performance_testing_dataset_extractor.mdx +++ b/api_docs/kbn_performance_testing_dataset_extractor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-performance-testing-dataset-extractor title: "@kbn/performance-testing-dataset-extractor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/performance-testing-dataset-extractor plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/performance-testing-dataset-extractor'] --- import kbnPerformanceTestingDatasetExtractorObj from './kbn_performance_testing_dataset_extractor.devdocs.json'; diff --git a/api_docs/kbn_plugin_generator.mdx b/api_docs/kbn_plugin_generator.mdx index 964b3d6380eb6..7e3faf788be66 100644 --- a/api_docs/kbn_plugin_generator.mdx +++ b/api_docs/kbn_plugin_generator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-generator title: "@kbn/plugin-generator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-generator plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-generator'] --- import kbnPluginGeneratorObj from './kbn_plugin_generator.devdocs.json'; diff --git a/api_docs/kbn_plugin_helpers.mdx b/api_docs/kbn_plugin_helpers.mdx index 3bf118f383598..70732d2ceb515 100644 --- a/api_docs/kbn_plugin_helpers.mdx +++ b/api_docs/kbn_plugin_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-helpers title: "@kbn/plugin-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-helpers plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-helpers'] --- import kbnPluginHelpersObj from './kbn_plugin_helpers.devdocs.json'; diff --git a/api_docs/kbn_profiling_utils.mdx b/api_docs/kbn_profiling_utils.mdx index 5b4174c8914fc..75b8119a3767f 100644 --- a/api_docs/kbn_profiling_utils.mdx +++ b/api_docs/kbn_profiling_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-profiling-utils title: "@kbn/profiling-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/profiling-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/profiling-utils'] --- import kbnProfilingUtilsObj from './kbn_profiling_utils.devdocs.json'; diff --git a/api_docs/kbn_random_sampling.mdx b/api_docs/kbn_random_sampling.mdx index 3d9b4ef0ba95f..3f1c1ee908d98 100644 --- a/api_docs/kbn_random_sampling.mdx +++ b/api_docs/kbn_random_sampling.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-random-sampling title: "@kbn/random-sampling" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/random-sampling plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/random-sampling'] --- import kbnRandomSamplingObj from './kbn_random_sampling.devdocs.json'; diff --git a/api_docs/kbn_react_field.mdx b/api_docs/kbn_react_field.mdx index 0d2ecb7e3b1aa..e078bc723a8d5 100644 --- a/api_docs/kbn_react_field.mdx +++ b/api_docs/kbn_react_field.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-field title: "@kbn/react-field" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-field plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-field'] --- import kbnReactFieldObj from './kbn_react_field.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_common.mdx b/api_docs/kbn_react_kibana_context_common.mdx index 6576b0a7ddcff..243a6a1ed6501 100644 --- a/api_docs/kbn_react_kibana_context_common.mdx +++ b/api_docs/kbn_react_kibana_context_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-common title: "@kbn/react-kibana-context-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-common'] --- import kbnReactKibanaContextCommonObj from './kbn_react_kibana_context_common.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_render.mdx b/api_docs/kbn_react_kibana_context_render.mdx index 8fb4687c239d1..7771b6e43e8a0 100644 --- a/api_docs/kbn_react_kibana_context_render.mdx +++ b/api_docs/kbn_react_kibana_context_render.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-render title: "@kbn/react-kibana-context-render" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-render plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-render'] --- import kbnReactKibanaContextRenderObj from './kbn_react_kibana_context_render.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_root.mdx b/api_docs/kbn_react_kibana_context_root.mdx index 43ab49c010d42..0b9c5ce714972 100644 --- a/api_docs/kbn_react_kibana_context_root.mdx +++ b/api_docs/kbn_react_kibana_context_root.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-root title: "@kbn/react-kibana-context-root" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-root plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-root'] --- import kbnReactKibanaContextRootObj from './kbn_react_kibana_context_root.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_styled.mdx b/api_docs/kbn_react_kibana_context_styled.mdx index 5ace3de00d277..8d6d60fff04f8 100644 --- a/api_docs/kbn_react_kibana_context_styled.mdx +++ b/api_docs/kbn_react_kibana_context_styled.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-styled title: "@kbn/react-kibana-context-styled" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-styled plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-styled'] --- import kbnReactKibanaContextStyledObj from './kbn_react_kibana_context_styled.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_theme.mdx b/api_docs/kbn_react_kibana_context_theme.mdx index 985f642480e8f..9faaa68a5fd6b 100644 --- a/api_docs/kbn_react_kibana_context_theme.mdx +++ b/api_docs/kbn_react_kibana_context_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-theme title: "@kbn/react-kibana-context-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-theme plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-theme'] --- import kbnReactKibanaContextThemeObj from './kbn_react_kibana_context_theme.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_mount.mdx b/api_docs/kbn_react_kibana_mount.mdx index b827aec1f27c0..eb71436d8c4a1 100644 --- a/api_docs/kbn_react_kibana_mount.mdx +++ b/api_docs/kbn_react_kibana_mount.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-mount title: "@kbn/react-kibana-mount" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-mount plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-mount'] --- import kbnReactKibanaMountObj from './kbn_react_kibana_mount.devdocs.json'; diff --git a/api_docs/kbn_repo_file_maps.mdx b/api_docs/kbn_repo_file_maps.mdx index 91758cbb04735..420c2f9aec7d7 100644 --- a/api_docs/kbn_repo_file_maps.mdx +++ b/api_docs/kbn_repo_file_maps.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-file-maps title: "@kbn/repo-file-maps" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-file-maps plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-file-maps'] --- import kbnRepoFileMapsObj from './kbn_repo_file_maps.devdocs.json'; diff --git a/api_docs/kbn_repo_linter.mdx b/api_docs/kbn_repo_linter.mdx index 339f64c0bbc50..a35fb329308c2 100644 --- a/api_docs/kbn_repo_linter.mdx +++ b/api_docs/kbn_repo_linter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-linter title: "@kbn/repo-linter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-linter plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-linter'] --- import kbnRepoLinterObj from './kbn_repo_linter.devdocs.json'; diff --git a/api_docs/kbn_repo_path.mdx b/api_docs/kbn_repo_path.mdx index 2d0ea0730a03e..6226f599ef1e5 100644 --- a/api_docs/kbn_repo_path.mdx +++ b/api_docs/kbn_repo_path.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-path title: "@kbn/repo-path" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-path plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-path'] --- import kbnRepoPathObj from './kbn_repo_path.devdocs.json'; diff --git a/api_docs/kbn_repo_source_classifier.mdx b/api_docs/kbn_repo_source_classifier.mdx index e1c5b7b8ebaba..3f095b5579fb7 100644 --- a/api_docs/kbn_repo_source_classifier.mdx +++ b/api_docs/kbn_repo_source_classifier.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-source-classifier title: "@kbn/repo-source-classifier" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-source-classifier plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-source-classifier'] --- import kbnRepoSourceClassifierObj from './kbn_repo_source_classifier.devdocs.json'; diff --git a/api_docs/kbn_reporting_common.mdx b/api_docs/kbn_reporting_common.mdx index 4ccc2b84d469b..a19b42cd464be 100644 --- a/api_docs/kbn_reporting_common.mdx +++ b/api_docs/kbn_reporting_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-common title: "@kbn/reporting-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-common plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-common'] --- import kbnReportingCommonObj from './kbn_reporting_common.devdocs.json'; diff --git a/api_docs/kbn_resizable_layout.mdx b/api_docs/kbn_resizable_layout.mdx index 637a92a201230..6ff678ed53828 100644 --- a/api_docs/kbn_resizable_layout.mdx +++ b/api_docs/kbn_resizable_layout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-resizable-layout title: "@kbn/resizable-layout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/resizable-layout plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/resizable-layout'] --- import kbnResizableLayoutObj from './kbn_resizable_layout.devdocs.json'; diff --git a/api_docs/kbn_rison.mdx b/api_docs/kbn_rison.mdx index 294ebefe9e395..2ebe0f3f07638 100644 --- a/api_docs/kbn_rison.mdx +++ b/api_docs/kbn_rison.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rison title: "@kbn/rison" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rison plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rison'] --- import kbnRisonObj from './kbn_rison.devdocs.json'; diff --git a/api_docs/kbn_rrule.mdx b/api_docs/kbn_rrule.mdx index 6a983ac74ac8a..e151f3e7676a1 100644 --- a/api_docs/kbn_rrule.mdx +++ b/api_docs/kbn_rrule.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rrule title: "@kbn/rrule" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rrule plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rrule'] --- import kbnRruleObj from './kbn_rrule.devdocs.json'; diff --git a/api_docs/kbn_rule_data_utils.mdx b/api_docs/kbn_rule_data_utils.mdx index 073e38d1eabf2..439f09709c3fe 100644 --- a/api_docs/kbn_rule_data_utils.mdx +++ b/api_docs/kbn_rule_data_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rule-data-utils title: "@kbn/rule-data-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rule-data-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rule-data-utils'] --- import kbnRuleDataUtilsObj from './kbn_rule_data_utils.devdocs.json'; diff --git a/api_docs/kbn_saved_objects_settings.mdx b/api_docs/kbn_saved_objects_settings.mdx index f842c0e6a27fd..8d43f037a3c8e 100644 --- a/api_docs/kbn_saved_objects_settings.mdx +++ b/api_docs/kbn_saved_objects_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-saved-objects-settings title: "@kbn/saved-objects-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/saved-objects-settings plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/saved-objects-settings'] --- import kbnSavedObjectsSettingsObj from './kbn_saved_objects_settings.devdocs.json'; diff --git a/api_docs/kbn_search_api_panels.mdx b/api_docs/kbn_search_api_panels.mdx index 80bd8ae63c66b..c25bbacf81bd2 100644 --- a/api_docs/kbn_search_api_panels.mdx +++ b/api_docs/kbn_search_api_panels.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-api-panels title: "@kbn/search-api-panels" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-api-panels plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-api-panels'] --- import kbnSearchApiPanelsObj from './kbn_search_api_panels.devdocs.json'; diff --git a/api_docs/kbn_search_connectors.devdocs.json b/api_docs/kbn_search_connectors.devdocs.json index 8529e76a07783..81a95d502023f 100644 --- a/api_docs/kbn_search_connectors.devdocs.json +++ b/api_docs/kbn_search_connectors.devdocs.json @@ -8333,6 +8333,206 @@ } ] }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security", + "type": "Object", + "tags": [], + "label": "use_document_level_security", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.default_value", + "type": "Uncategorized", + "tags": [], + "label": "default_value", + "description": [], + "signature": [ + "null" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.depends_on", + "type": "Array", + "tags": [], + "label": "depends_on", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.display", + "type": "string", + "tags": [], + "label": "display", + "description": [], + "signature": [ + { + "pluginId": "@kbn/search-connectors", + "scope": "common", + "docId": "kibKbnSearchConnectorsPluginApi", + "section": "def-common.DisplayType", + "text": "DisplayType" + }, + ".TOGGLE" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.label", + "type": "string", + "tags": [], + "label": "label", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.options", + "type": "Array", + "tags": [], + "label": "options", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.order", + "type": "number", + "tags": [], + "label": "order", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.required", + "type": "boolean", + "tags": [], + "label": "required", + "description": [], + "signature": [ + "true" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.sensitive", + "type": "boolean", + "tags": [], + "label": "sensitive", + "description": [], + "signature": [ + "false" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.tooltip", + "type": "string", + "tags": [], + "label": "tooltip", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.type", + "type": "string", + "tags": [], + "label": "type", + "description": [], + "signature": [ + { + "pluginId": "@kbn/search-connectors", + "scope": "common", + "docId": "kibKbnSearchConnectorsPluginApi", + "section": "def-common.FieldType", + "text": "FieldType" + }, + ".BOOLEAN" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.ui_restrictions", + "type": "Array", + "tags": [], + "label": "ui_restrictions", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.validations", + "type": "Array", + "tags": [], + "label": "validations", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_document_level_security.value", + "type": "boolean", + "tags": [], + "label": "value", + "description": [], + "signature": [ + "false" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, { "parentPluginId": "@kbn/search-connectors", "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.confluence.configuration.use_text_extraction_service", @@ -11588,17 +11788,6 @@ "path": "packages/kbn-search-connectors/types/native_connectors.ts", "deprecated": false, "trackAdoption": false - }, - { - "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.github.configuration.retry_count.display_value", - "type": "number", - "tags": [], - "label": "display_value", - "description": [], - "path": "packages/kbn-search-connectors/types/native_connectors.ts", - "deprecated": false, - "trackAdoption": false } ] }, @@ -15750,10 +15939,10 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security", "type": "Object", "tags": [], - "label": "use_text_extraction_service", + "label": "use_document_level_security", "description": [], "path": "packages/kbn-search-connectors/types/native_connectors.ts", "deprecated": false, @@ -15761,13 +15950,13 @@ "children": [ { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.default_value", - "type": "boolean", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.default_value", + "type": "Uncategorized", "tags": [], "label": "default_value", "description": [], "signature": [ - "false" + "null" ], "path": "packages/kbn-search-connectors/types/native_connectors.ts", "deprecated": false, @@ -15775,7 +15964,7 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.depends_on", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.depends_on", "type": "Array", "tags": [], "label": "depends_on", @@ -15789,7 +15978,7 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.display", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.display", "type": "string", "tags": [], "label": "display", @@ -15810,7 +15999,7 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.label", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.label", "type": "string", "tags": [], "label": "label", @@ -15821,7 +16010,7 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.options", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.options", "type": "Array", "tags": [], "label": "options", @@ -15835,7 +16024,7 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.order", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.order", "type": "number", "tags": [], "label": "order", @@ -15846,7 +16035,7 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.required", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.required", "type": "boolean", "tags": [], "label": "required", @@ -15860,7 +16049,7 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.sensitive", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.sensitive", "type": "boolean", "tags": [], "label": "sensitive", @@ -15874,7 +16063,7 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.tooltip", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.tooltip", "type": "string", "tags": [], "label": "tooltip", @@ -15885,7 +16074,7 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.type", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.type", "type": "string", "tags": [], "label": "type", @@ -15906,13 +16095,13 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.ui_restrictions", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.ui_restrictions", "type": "Array", "tags": [], "label": "ui_restrictions", "description": [], "signature": [ - "string[]" + "never[]" ], "path": "packages/kbn-search-connectors/types/native_connectors.ts", "deprecated": false, @@ -15920,7 +16109,7 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.validations", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.validations", "type": "Array", "tags": [], "label": "validations", @@ -15934,7 +16123,7 @@ }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.value", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_document_level_security.value", "type": "boolean", "tags": [], "label": "value", @@ -15947,26 +16136,13 @@ "trackAdoption": false } ] - } - ] - }, - { - "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.features", - "type": "Object", - "tags": [], - "label": "features", - "description": [], - "path": "packages/kbn-search-connectors/types/native_connectors.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ + }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.features.FeatureName.SYNC_RULES", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service", "type": "Object", "tags": [], - "label": "[FeatureName.SYNC_RULES]", + "label": "use_text_extraction_service", "description": [], "path": "packages/kbn-search-connectors/types/native_connectors.ts", "deprecated": false, @@ -15974,24 +16150,237 @@ "children": [ { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.features.FeatureName.SYNC_RULES.advanced", - "type": "Object", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.default_value", + "type": "boolean", "tags": [], - "label": "advanced", + "label": "default_value", "description": [], + "signature": [ + "false" + ], "path": "packages/kbn-search-connectors/types/native_connectors.ts", "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.features.FeatureName.SYNC_RULES.advanced.enabled", - "type": "boolean", - "tags": [], - "label": "enabled", - "description": [], - "signature": [ - "true" + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.depends_on", + "type": "Array", + "tags": [], + "label": "depends_on", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.display", + "type": "string", + "tags": [], + "label": "display", + "description": [], + "signature": [ + { + "pluginId": "@kbn/search-connectors", + "scope": "common", + "docId": "kibKbnSearchConnectorsPluginApi", + "section": "def-common.DisplayType", + "text": "DisplayType" + }, + ".TOGGLE" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.label", + "type": "string", + "tags": [], + "label": "label", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.options", + "type": "Array", + "tags": [], + "label": "options", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.order", + "type": "number", + "tags": [], + "label": "order", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.required", + "type": "boolean", + "tags": [], + "label": "required", + "description": [], + "signature": [ + "true" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.sensitive", + "type": "boolean", + "tags": [], + "label": "sensitive", + "description": [], + "signature": [ + "false" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.tooltip", + "type": "string", + "tags": [], + "label": "tooltip", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.type", + "type": "string", + "tags": [], + "label": "type", + "description": [], + "signature": [ + { + "pluginId": "@kbn/search-connectors", + "scope": "common", + "docId": "kibKbnSearchConnectorsPluginApi", + "section": "def-common.FieldType", + "text": "FieldType" + }, + ".BOOLEAN" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.ui_restrictions", + "type": "Array", + "tags": [], + "label": "ui_restrictions", + "description": [], + "signature": [ + "string[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.validations", + "type": "Array", + "tags": [], + "label": "validations", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.configuration.use_text_extraction_service.value", + "type": "boolean", + "tags": [], + "label": "value", + "description": [], + "signature": [ + "false" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ] + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.features", + "type": "Object", + "tags": [], + "label": "features", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.features.FeatureName.SYNC_RULES", + "type": "Object", + "tags": [], + "label": "[FeatureName.SYNC_RULES]", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.features.FeatureName.SYNC_RULES.advanced", + "type": "Object", + "tags": [], + "label": "advanced", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.jira.features.FeatureName.SYNC_RULES.advanced.enabled", + "type": "boolean", + "tags": [], + "label": "enabled", + "description": [], + "signature": [ + "true" ], "path": "packages/kbn-search-connectors/types/native_connectors.ts", "deprecated": false, @@ -22956,26 +23345,13 @@ "trackAdoption": false } ] - } - ] - }, - { - "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.features", - "type": "Object", - "tags": [], - "label": "features", - "description": [], - "path": "packages/kbn-search-connectors/types/native_connectors.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ + }, { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.features.FeatureName.SYNC_RULES", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security", "type": "Object", "tags": [], - "label": "[FeatureName.SYNC_RULES]", + "label": "use_document_level_security", "description": [], "path": "packages/kbn-search-connectors/types/native_connectors.ts", "deprecated": false, @@ -22983,22 +23359,235 @@ "children": [ { "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.features.FeatureName.SYNC_RULES.advanced", - "type": "Object", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.default_value", + "type": "Uncategorized", "tags": [], - "label": "advanced", + "label": "default_value", "description": [], + "signature": [ + "null" + ], "path": "packages/kbn-search-connectors/types/native_connectors.ts", "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "@kbn/search-connectors", - "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.features.FeatureName.SYNC_RULES.advanced.enabled", - "type": "boolean", - "tags": [], - "label": "enabled", - "description": [], + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.depends_on", + "type": "Array", + "tags": [], + "label": "depends_on", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.display", + "type": "string", + "tags": [], + "label": "display", + "description": [], + "signature": [ + { + "pluginId": "@kbn/search-connectors", + "scope": "common", + "docId": "kibKbnSearchConnectorsPluginApi", + "section": "def-common.DisplayType", + "text": "DisplayType" + }, + ".TOGGLE" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.label", + "type": "string", + "tags": [], + "label": "label", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.options", + "type": "Array", + "tags": [], + "label": "options", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.order", + "type": "number", + "tags": [], + "label": "order", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.required", + "type": "boolean", + "tags": [], + "label": "required", + "description": [], + "signature": [ + "true" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.sensitive", + "type": "boolean", + "tags": [], + "label": "sensitive", + "description": [], + "signature": [ + "false" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.tooltip", + "type": "string", + "tags": [], + "label": "tooltip", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.type", + "type": "string", + "tags": [], + "label": "type", + "description": [], + "signature": [ + { + "pluginId": "@kbn/search-connectors", + "scope": "common", + "docId": "kibKbnSearchConnectorsPluginApi", + "section": "def-common.FieldType", + "text": "FieldType" + }, + ".BOOLEAN" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.ui_restrictions", + "type": "Array", + "tags": [], + "label": "ui_restrictions", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.validations", + "type": "Array", + "tags": [], + "label": "validations", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.configuration.use_document_level_security.value", + "type": "boolean", + "tags": [], + "label": "value", + "description": [], + "signature": [ + "false" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ] + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.features", + "type": "Object", + "tags": [], + "label": "features", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.features.FeatureName.SYNC_RULES", + "type": "Object", + "tags": [], + "label": "[FeatureName.SYNC_RULES]", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.features.FeatureName.SYNC_RULES.advanced", + "type": "Object", + "tags": [], + "label": "advanced", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.network_drive.features.FeatureName.SYNC_RULES.advanced.enabled", + "type": "boolean", + "tags": [], + "label": "enabled", + "description": [], "signature": [ "false" ], @@ -30347,6 +30936,406 @@ "trackAdoption": false } ] + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites", + "type": "Object", + "tags": [], + "label": "enumerate_all_sites", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.default_value", + "type": "boolean", + "tags": [], + "label": "default_value", + "description": [], + "signature": [ + "true" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.depends_on", + "type": "Array", + "tags": [], + "label": "depends_on", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.display", + "type": "string", + "tags": [], + "label": "display", + "description": [], + "signature": [ + { + "pluginId": "@kbn/search-connectors", + "scope": "common", + "docId": "kibKbnSearchConnectorsPluginApi", + "section": "def-common.DisplayType", + "text": "DisplayType" + }, + ".TOGGLE" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.label", + "type": "string", + "tags": [], + "label": "label", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.options", + "type": "Array", + "tags": [], + "label": "options", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.order", + "type": "number", + "tags": [], + "label": "order", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.required", + "type": "boolean", + "tags": [], + "label": "required", + "description": [], + "signature": [ + "false" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.sensitive", + "type": "boolean", + "tags": [], + "label": "sensitive", + "description": [], + "signature": [ + "false" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.tooltip", + "type": "string", + "tags": [], + "label": "tooltip", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.type", + "type": "string", + "tags": [], + "label": "type", + "description": [], + "signature": [ + { + "pluginId": "@kbn/search-connectors", + "scope": "common", + "docId": "kibKbnSearchConnectorsPluginApi", + "section": "def-common.FieldType", + "text": "FieldType" + }, + ".BOOLEAN" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.ui_restrictions", + "type": "Array", + "tags": [], + "label": "ui_restrictions", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.validations", + "type": "Array", + "tags": [], + "label": "validations", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.enumerate_all_sites.value", + "type": "boolean", + "tags": [], + "label": "value", + "description": [], + "signature": [ + "true" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites", + "type": "Object", + "tags": [], + "label": "fetch_subsites", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.default_value", + "type": "boolean", + "tags": [], + "label": "default_value", + "description": [], + "signature": [ + "false" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.depends_on", + "type": "Array", + "tags": [], + "label": "depends_on", + "description": [], + "signature": [ + "{ field: string; value: false; }[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.display", + "type": "string", + "tags": [], + "label": "display", + "description": [], + "signature": [ + { + "pluginId": "@kbn/search-connectors", + "scope": "common", + "docId": "kibKbnSearchConnectorsPluginApi", + "section": "def-common.DisplayType", + "text": "DisplayType" + }, + ".TOGGLE" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.label", + "type": "string", + "tags": [], + "label": "label", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.options", + "type": "Array", + "tags": [], + "label": "options", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.order", + "type": "number", + "tags": [], + "label": "order", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.required", + "type": "boolean", + "tags": [], + "label": "required", + "description": [], + "signature": [ + "false" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.sensitive", + "type": "boolean", + "tags": [], + "label": "sensitive", + "description": [], + "signature": [ + "false" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.tooltip", + "type": "string", + "tags": [], + "label": "tooltip", + "description": [], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.type", + "type": "string", + "tags": [], + "label": "type", + "description": [], + "signature": [ + { + "pluginId": "@kbn/search-connectors", + "scope": "common", + "docId": "kibKbnSearchConnectorsPluginApi", + "section": "def-common.FieldType", + "text": "FieldType" + }, + ".BOOLEAN" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.ui_restrictions", + "type": "Array", + "tags": [], + "label": "ui_restrictions", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.validations", + "type": "Array", + "tags": [], + "label": "validations", + "description": [], + "signature": [ + "never[]" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/search-connectors", + "id": "def-common.NATIVE_CONNECTOR_DEFINITIONS.sharepoint_online.configuration.fetch_subsites.value", + "type": "boolean", + "tags": [], + "label": "value", + "description": [], + "signature": [ + "true" + ], + "path": "packages/kbn-search-connectors/types/native_connectors.ts", + "deprecated": false, + "trackAdoption": false + } + ] } ] }, diff --git a/api_docs/kbn_search_connectors.mdx b/api_docs/kbn_search_connectors.mdx index 839d9f822eab4..fffcb59afcd95 100644 --- a/api_docs/kbn_search_connectors.mdx +++ b/api_docs/kbn_search_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-connectors title: "@kbn/search-connectors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-connectors plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-connectors'] --- import kbnSearchConnectorsObj from './kbn_search_connectors.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/enterprise-search-frontend](https://github.com/orgs/elastic/te | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 2097 | 0 | 2097 | 0 | +| 2166 | 0 | 2166 | 0 | ## Common diff --git a/api_docs/kbn_search_response_warnings.mdx b/api_docs/kbn_search_response_warnings.mdx index 26a2c7dbb4a1b..fb6e519ab1b16 100644 --- a/api_docs/kbn_search_response_warnings.mdx +++ b/api_docs/kbn_search_response_warnings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-response-warnings title: "@kbn/search-response-warnings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-response-warnings plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-response-warnings'] --- import kbnSearchResponseWarningsObj from './kbn_search_response_warnings.devdocs.json'; diff --git a/api_docs/kbn_security_solution_features.mdx b/api_docs/kbn_security_solution_features.mdx index 8d4046d543b16..b22cc56608da3 100644 --- a/api_docs/kbn_security_solution_features.mdx +++ b/api_docs/kbn_security_solution_features.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-features title: "@kbn/security-solution-features" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-features plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-features'] --- import kbnSecuritySolutionFeaturesObj from './kbn_security_solution_features.devdocs.json'; diff --git a/api_docs/kbn_security_solution_navigation.mdx b/api_docs/kbn_security_solution_navigation.mdx index 473fc3184c24c..f7eb5cc4a2284 100644 --- a/api_docs/kbn_security_solution_navigation.mdx +++ b/api_docs/kbn_security_solution_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-navigation title: "@kbn/security-solution-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-navigation plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-navigation'] --- import kbnSecuritySolutionNavigationObj from './kbn_security_solution_navigation.devdocs.json'; diff --git a/api_docs/kbn_security_solution_side_nav.mdx b/api_docs/kbn_security_solution_side_nav.mdx index fb1df2770b543..1e3dbe6549b94 100644 --- a/api_docs/kbn_security_solution_side_nav.mdx +++ b/api_docs/kbn_security_solution_side_nav.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-side-nav title: "@kbn/security-solution-side-nav" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-side-nav plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-side-nav'] --- import kbnSecuritySolutionSideNavObj from './kbn_security_solution_side_nav.devdocs.json'; diff --git a/api_docs/kbn_security_solution_storybook_config.mdx b/api_docs/kbn_security_solution_storybook_config.mdx index 58971a53d23eb..0fd626e4cb96c 100644 --- a/api_docs/kbn_security_solution_storybook_config.mdx +++ b/api_docs/kbn_security_solution_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-storybook-config title: "@kbn/security-solution-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-storybook-config plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-storybook-config'] --- import kbnSecuritySolutionStorybookConfigObj from './kbn_security_solution_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_autocomplete.mdx b/api_docs/kbn_securitysolution_autocomplete.mdx index 581d134caaed0..da94be0011894 100644 --- a/api_docs/kbn_securitysolution_autocomplete.mdx +++ b/api_docs/kbn_securitysolution_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-autocomplete title: "@kbn/securitysolution-autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-autocomplete plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-autocomplete'] --- import kbnSecuritysolutionAutocompleteObj from './kbn_securitysolution_autocomplete.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_data_table.mdx b/api_docs/kbn_securitysolution_data_table.mdx index 820cf495c1182..849bea9ef6a99 100644 --- a/api_docs/kbn_securitysolution_data_table.mdx +++ b/api_docs/kbn_securitysolution_data_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-data-table title: "@kbn/securitysolution-data-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-data-table plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-data-table'] --- import kbnSecuritysolutionDataTableObj from './kbn_securitysolution_data_table.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_ecs.mdx b/api_docs/kbn_securitysolution_ecs.mdx index da901ae0d6284..068cd17a59525 100644 --- a/api_docs/kbn_securitysolution_ecs.mdx +++ b/api_docs/kbn_securitysolution_ecs.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-ecs title: "@kbn/securitysolution-ecs" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-ecs plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-ecs'] --- import kbnSecuritysolutionEcsObj from './kbn_securitysolution_ecs.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_es_utils.mdx b/api_docs/kbn_securitysolution_es_utils.mdx index 29c179a0fecaa..37fd598b9f61f 100644 --- a/api_docs/kbn_securitysolution_es_utils.mdx +++ b/api_docs/kbn_securitysolution_es_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-es-utils title: "@kbn/securitysolution-es-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-es-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-es-utils'] --- import kbnSecuritysolutionEsUtilsObj from './kbn_securitysolution_es_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_exception_list_components.mdx b/api_docs/kbn_securitysolution_exception_list_components.mdx index 248aad26136f0..5863c711009ed 100644 --- a/api_docs/kbn_securitysolution_exception_list_components.mdx +++ b/api_docs/kbn_securitysolution_exception_list_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-exception-list-components title: "@kbn/securitysolution-exception-list-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-exception-list-components plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-exception-list-components'] --- import kbnSecuritysolutionExceptionListComponentsObj from './kbn_securitysolution_exception_list_components.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_grouping.mdx b/api_docs/kbn_securitysolution_grouping.mdx index 23c0ca4621bd8..7b7f2048caeb7 100644 --- a/api_docs/kbn_securitysolution_grouping.mdx +++ b/api_docs/kbn_securitysolution_grouping.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-grouping title: "@kbn/securitysolution-grouping" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-grouping plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-grouping'] --- import kbnSecuritysolutionGroupingObj from './kbn_securitysolution_grouping.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_hook_utils.mdx b/api_docs/kbn_securitysolution_hook_utils.mdx index 3ebd33d10ff7f..a3053608190f3 100644 --- a/api_docs/kbn_securitysolution_hook_utils.mdx +++ b/api_docs/kbn_securitysolution_hook_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-hook-utils title: "@kbn/securitysolution-hook-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-hook-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-hook-utils'] --- import kbnSecuritysolutionHookUtilsObj from './kbn_securitysolution_hook_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx b/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx index 7d24f1cc3d852..d854a377918a3 100644 --- a/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-alerting-types title: "@kbn/securitysolution-io-ts-alerting-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-alerting-types plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-alerting-types'] --- import kbnSecuritysolutionIoTsAlertingTypesObj from './kbn_securitysolution_io_ts_alerting_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_list_types.mdx b/api_docs/kbn_securitysolution_io_ts_list_types.mdx index 7635c96aadd53..d88a8fbee0023 100644 --- a/api_docs/kbn_securitysolution_io_ts_list_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_list_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-list-types title: "@kbn/securitysolution-io-ts-list-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-list-types plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-list-types'] --- import kbnSecuritysolutionIoTsListTypesObj from './kbn_securitysolution_io_ts_list_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_types.mdx b/api_docs/kbn_securitysolution_io_ts_types.mdx index 803cb1949a31f..10deded6edd7b 100644 --- a/api_docs/kbn_securitysolution_io_ts_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-types title: "@kbn/securitysolution-io-ts-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-types plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-types'] --- import kbnSecuritysolutionIoTsTypesObj from './kbn_securitysolution_io_ts_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_utils.mdx b/api_docs/kbn_securitysolution_io_ts_utils.mdx index 8401a1a09bee2..fdf1939b98c2f 100644 --- a/api_docs/kbn_securitysolution_io_ts_utils.mdx +++ b/api_docs/kbn_securitysolution_io_ts_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-utils title: "@kbn/securitysolution-io-ts-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-utils'] --- import kbnSecuritysolutionIoTsUtilsObj from './kbn_securitysolution_io_ts_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_api.mdx b/api_docs/kbn_securitysolution_list_api.mdx index a06b6aacb1d98..a8e403b34c1bd 100644 --- a/api_docs/kbn_securitysolution_list_api.mdx +++ b/api_docs/kbn_securitysolution_list_api.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-api title: "@kbn/securitysolution-list-api" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-api plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-api'] --- import kbnSecuritysolutionListApiObj from './kbn_securitysolution_list_api.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_constants.mdx b/api_docs/kbn_securitysolution_list_constants.mdx index efa8395b4e0f9..9010c7babeaba 100644 --- a/api_docs/kbn_securitysolution_list_constants.mdx +++ b/api_docs/kbn_securitysolution_list_constants.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-constants title: "@kbn/securitysolution-list-constants" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-constants plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-constants'] --- import kbnSecuritysolutionListConstantsObj from './kbn_securitysolution_list_constants.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_hooks.mdx b/api_docs/kbn_securitysolution_list_hooks.mdx index 92b3045410100..d823409bbd191 100644 --- a/api_docs/kbn_securitysolution_list_hooks.mdx +++ b/api_docs/kbn_securitysolution_list_hooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-hooks title: "@kbn/securitysolution-list-hooks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-hooks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-hooks'] --- import kbnSecuritysolutionListHooksObj from './kbn_securitysolution_list_hooks.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_utils.mdx b/api_docs/kbn_securitysolution_list_utils.mdx index db461ea8e0811..f7d6ced8a4781 100644 --- a/api_docs/kbn_securitysolution_list_utils.mdx +++ b/api_docs/kbn_securitysolution_list_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-utils title: "@kbn/securitysolution-list-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-utils'] --- import kbnSecuritysolutionListUtilsObj from './kbn_securitysolution_list_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_rules.mdx b/api_docs/kbn_securitysolution_rules.mdx index 392d9a719ceb7..aa82f2b78a5cf 100644 --- a/api_docs/kbn_securitysolution_rules.mdx +++ b/api_docs/kbn_securitysolution_rules.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-rules title: "@kbn/securitysolution-rules" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-rules plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-rules'] --- import kbnSecuritysolutionRulesObj from './kbn_securitysolution_rules.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_t_grid.mdx b/api_docs/kbn_securitysolution_t_grid.mdx index 0abc7d86c71e9..3bd77d4f2d94b 100644 --- a/api_docs/kbn_securitysolution_t_grid.mdx +++ b/api_docs/kbn_securitysolution_t_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-t-grid title: "@kbn/securitysolution-t-grid" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-t-grid plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-t-grid'] --- import kbnSecuritysolutionTGridObj from './kbn_securitysolution_t_grid.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_utils.mdx b/api_docs/kbn_securitysolution_utils.mdx index a3156b9c180c7..fc0ed326cf3a2 100644 --- a/api_docs/kbn_securitysolution_utils.mdx +++ b/api_docs/kbn_securitysolution_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-utils title: "@kbn/securitysolution-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-utils'] --- import kbnSecuritysolutionUtilsObj from './kbn_securitysolution_utils.devdocs.json'; diff --git a/api_docs/kbn_server_http_tools.mdx b/api_docs/kbn_server_http_tools.mdx index 9c99c4e6df525..a94d5974bbe70 100644 --- a/api_docs/kbn_server_http_tools.mdx +++ b/api_docs/kbn_server_http_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-http-tools title: "@kbn/server-http-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-http-tools plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-http-tools'] --- import kbnServerHttpToolsObj from './kbn_server_http_tools.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository.mdx b/api_docs/kbn_server_route_repository.mdx index 04c4106c8bdb1..0d66653a7314a 100644 --- a/api_docs/kbn_server_route_repository.mdx +++ b/api_docs/kbn_server_route_repository.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository title: "@kbn/server-route-repository" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository'] --- import kbnServerRouteRepositoryObj from './kbn_server_route_repository.devdocs.json'; diff --git a/api_docs/kbn_serverless_common_settings.mdx b/api_docs/kbn_serverless_common_settings.mdx index 611378407b0e4..b51d3f7e47415 100644 --- a/api_docs/kbn_serverless_common_settings.mdx +++ b/api_docs/kbn_serverless_common_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-common-settings title: "@kbn/serverless-common-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-common-settings plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-common-settings'] --- import kbnServerlessCommonSettingsObj from './kbn_serverless_common_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_observability_settings.mdx b/api_docs/kbn_serverless_observability_settings.mdx index 3b478084bb9ca..e181e49ba6ca9 100644 --- a/api_docs/kbn_serverless_observability_settings.mdx +++ b/api_docs/kbn_serverless_observability_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-observability-settings title: "@kbn/serverless-observability-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-observability-settings plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-observability-settings'] --- import kbnServerlessObservabilitySettingsObj from './kbn_serverless_observability_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_project_switcher.mdx b/api_docs/kbn_serverless_project_switcher.mdx index 3946e77a11ddb..2b9404ef9874e 100644 --- a/api_docs/kbn_serverless_project_switcher.mdx +++ b/api_docs/kbn_serverless_project_switcher.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-project-switcher title: "@kbn/serverless-project-switcher" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-project-switcher plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-project-switcher'] --- import kbnServerlessProjectSwitcherObj from './kbn_serverless_project_switcher.devdocs.json'; diff --git a/api_docs/kbn_serverless_search_settings.mdx b/api_docs/kbn_serverless_search_settings.mdx index 5759a779a66b9..c844fec413879 100644 --- a/api_docs/kbn_serverless_search_settings.mdx +++ b/api_docs/kbn_serverless_search_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-search-settings title: "@kbn/serverless-search-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-search-settings plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-search-settings'] --- import kbnServerlessSearchSettingsObj from './kbn_serverless_search_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_security_settings.mdx b/api_docs/kbn_serverless_security_settings.mdx index eaf113619c6f0..1238549566046 100644 --- a/api_docs/kbn_serverless_security_settings.mdx +++ b/api_docs/kbn_serverless_security_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-security-settings title: "@kbn/serverless-security-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-security-settings plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-security-settings'] --- import kbnServerlessSecuritySettingsObj from './kbn_serverless_security_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_storybook_config.mdx b/api_docs/kbn_serverless_storybook_config.mdx index a624134e71bba..d82564298d6a6 100644 --- a/api_docs/kbn_serverless_storybook_config.mdx +++ b/api_docs/kbn_serverless_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-storybook-config title: "@kbn/serverless-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-storybook-config plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-storybook-config'] --- import kbnServerlessStorybookConfigObj from './kbn_serverless_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_shared_svg.mdx b/api_docs/kbn_shared_svg.mdx index a83cb445c1b59..db0142d173ae6 100644 --- a/api_docs/kbn_shared_svg.mdx +++ b/api_docs/kbn_shared_svg.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-svg title: "@kbn/shared-svg" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-svg plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-svg'] --- import kbnSharedSvgObj from './kbn_shared_svg.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_avatar_solution.mdx b/api_docs/kbn_shared_ux_avatar_solution.mdx index e53a2454e120a..f8648f73726a4 100644 --- a/api_docs/kbn_shared_ux_avatar_solution.mdx +++ b/api_docs/kbn_shared_ux_avatar_solution.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-avatar-solution title: "@kbn/shared-ux-avatar-solution" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-avatar-solution plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-avatar-solution'] --- import kbnSharedUxAvatarSolutionObj from './kbn_shared_ux_avatar_solution.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_avatar_user_profile_components.mdx b/api_docs/kbn_shared_ux_avatar_user_profile_components.mdx index a0a9a70e2d492..a0fa0d76750c8 100644 --- a/api_docs/kbn_shared_ux_avatar_user_profile_components.mdx +++ b/api_docs/kbn_shared_ux_avatar_user_profile_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-avatar-user-profile-components title: "@kbn/shared-ux-avatar-user-profile-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-avatar-user-profile-components plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-avatar-user-profile-components'] --- import kbnSharedUxAvatarUserProfileComponentsObj from './kbn_shared_ux_avatar_user_profile_components.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_exit_full_screen.mdx b/api_docs/kbn_shared_ux_button_exit_full_screen.mdx index 6c0bebea78feb..67c7ec1696d99 100644 --- a/api_docs/kbn_shared_ux_button_exit_full_screen.mdx +++ b/api_docs/kbn_shared_ux_button_exit_full_screen.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-exit-full-screen title: "@kbn/shared-ux-button-exit-full-screen" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-exit-full-screen plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-exit-full-screen'] --- import kbnSharedUxButtonExitFullScreenObj from './kbn_shared_ux_button_exit_full_screen.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_exit_full_screen_mocks.mdx b/api_docs/kbn_shared_ux_button_exit_full_screen_mocks.mdx index 89a30741d2683..d8aa2414340b7 100644 --- a/api_docs/kbn_shared_ux_button_exit_full_screen_mocks.mdx +++ b/api_docs/kbn_shared_ux_button_exit_full_screen_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-exit-full-screen-mocks title: "@kbn/shared-ux-button-exit-full-screen-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-exit-full-screen-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-exit-full-screen-mocks'] --- import kbnSharedUxButtonExitFullScreenMocksObj from './kbn_shared_ux_button_exit_full_screen_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_toolbar.mdx b/api_docs/kbn_shared_ux_button_toolbar.mdx index 757cad465eca8..1a0c72bc46f7a 100644 --- a/api_docs/kbn_shared_ux_button_toolbar.mdx +++ b/api_docs/kbn_shared_ux_button_toolbar.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-toolbar title: "@kbn/shared-ux-button-toolbar" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-toolbar plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-toolbar'] --- import kbnSharedUxButtonToolbarObj from './kbn_shared_ux_button_toolbar.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_card_no_data.mdx b/api_docs/kbn_shared_ux_card_no_data.mdx index 03ba2b95898aa..fdd4d46179ad5 100644 --- a/api_docs/kbn_shared_ux_card_no_data.mdx +++ b/api_docs/kbn_shared_ux_card_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-card-no-data title: "@kbn/shared-ux-card-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-card-no-data plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-card-no-data'] --- import kbnSharedUxCardNoDataObj from './kbn_shared_ux_card_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_card_no_data_mocks.mdx b/api_docs/kbn_shared_ux_card_no_data_mocks.mdx index 16c060829c1c3..8d14226871dcf 100644 --- a/api_docs/kbn_shared_ux_card_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_card_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-card-no-data-mocks title: "@kbn/shared-ux-card-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-card-no-data-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-card-no-data-mocks'] --- import kbnSharedUxCardNoDataMocksObj from './kbn_shared_ux_card_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_chrome_navigation.devdocs.json b/api_docs/kbn_shared_ux_chrome_navigation.devdocs.json index dbe91dc51e446..88da635df65c8 100644 --- a/api_docs/kbn_shared_ux_chrome_navigation.devdocs.json +++ b/api_docs/kbn_shared_ux_chrome_navigation.devdocs.json @@ -27,7 +27,7 @@ "label": "DefaultNavigation", "description": [], "signature": [ - "({ projectNavigationTree, navigationTree, dataTestSubj, }: React.PropsWithChildren<", + "({ projectNavigationTree, navigationTree, dataTestSubj, panelContentProvider, }: React.PropsWithChildren<", { "pluginId": "@kbn/shared-ux-chrome-navigation", "scope": "common", @@ -35,7 +35,15 @@ "section": "def-common.ProjectNavigationDefinition", "text": "ProjectNavigationDefinition" }, - " & { dataTestSubj?: string | undefined; }>) => JSX.Element" + "<", + { + "pluginId": "@kbn/core-chrome-browser", + "scope": "common", + "docId": "kibKbnCoreChromeBrowserPluginApi", + "section": "def-common.AppDeepLinkId", + "text": "AppDeepLinkId" + }, + ", string, string> & Props>) => JSX.Element" ], "path": "packages/shared-ux/chrome/navigation/src/ui/default_navigation.tsx", "deprecated": false, @@ -46,7 +54,7 @@ "id": "def-common.DefaultNavigation.$1", "type": "CompoundType", "tags": [], - "label": "{\n projectNavigationTree,\n navigationTree,\n dataTestSubj,\n}", + "label": "{\n projectNavigationTree,\n navigationTree,\n dataTestSubj,\n panelContentProvider,\n}", "description": [], "signature": [ "React.PropsWithChildren<", @@ -57,7 +65,15 @@ "section": "def-common.ProjectNavigationDefinition", "text": "ProjectNavigationDefinition" }, - " & { dataTestSubj?: string | undefined; }>" + "<", + { + "pluginId": "@kbn/core-chrome-browser", + "scope": "common", + "docId": "kibKbnCoreChromeBrowserPluginApi", + "section": "def-common.AppDeepLinkId", + "text": "AppDeepLinkId" + }, + ", string, string> & Props>" ], "path": "packages/shared-ux/chrome/navigation/src/ui/default_navigation.tsx", "deprecated": false, @@ -413,7 +429,7 @@ "label": "Navigation", "description": [], "signature": [ - "({ children, unstyled = false, dataTestSubj }: Props) => JSX.Element" + "({\n children,\n panelContentProvider,\n unstyled = false,\n dataTestSubj,\n}: Props) => JSX.Element" ], "path": "packages/shared-ux/chrome/navigation/src/ui/components/navigation.tsx", "deprecated": false, @@ -424,7 +440,7 @@ "id": "def-common.Navigation.$1", "type": "Object", "tags": [], - "label": "{ children, unstyled = false, dataTestSubj }", + "label": "{\n children,\n panelContentProvider,\n unstyled = false,\n dataTestSubj,\n}", "description": [], "signature": [ "Props" @@ -545,7 +561,7 @@ "section": "def-common.GroupDefinition", "text": "GroupDefinition" }, - " extends ", + " extends Omit<", { "pluginId": "@kbn/core-chrome-browser", "scope": "common", @@ -553,7 +569,7 @@ "section": "def-common.NodeDefinition", "text": "NodeDefinition" }, - "" + ", \"children\">" ], "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", "deprecated": false, @@ -607,20 +623,66 @@ }, { "parentPluginId": "@kbn/shared-ux-chrome-navigation", - "id": "def-common.GroupDefinition.preset", - "type": "CompoundType", + "id": "def-common.GroupDefinition.children", + "type": "Array", "tags": [], - "label": "preset", + "label": "children", "description": [], "signature": [ { - "pluginId": "@kbn/shared-ux-chrome-navigation", + "pluginId": "@kbn/core-chrome-browser", "scope": "common", - "docId": "kibKbnSharedUxChromeNavigationPluginApi", - "section": "def-common.NavigationGroupPreset", - "text": "NavigationGroupPreset" + "docId": "kibKbnCoreChromeBrowserPluginApi", + "section": "def-common.NodeDefinition", + "text": "NodeDefinition" }, - " | undefined" + "[]" + ], + "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.ItemDefinition", + "type": "Interface", + "tags": [], + "label": "ItemDefinition", + "description": [], + "signature": [ + { + "pluginId": "@kbn/shared-ux-chrome-navigation", + "scope": "common", + "docId": "kibKbnSharedUxChromeNavigationPluginApi", + "section": "def-common.ItemDefinition", + "text": "ItemDefinition" + }, + " extends Omit<", + { + "pluginId": "@kbn/core-chrome-browser", + "scope": "common", + "docId": "kibKbnCoreChromeBrowserPluginApi", + "section": "def-common.NodeDefinition", + "text": "NodeDefinition" + }, + ", \"children\">" + ], + "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.ItemDefinition.type", + "type": "string", + "tags": [], + "label": "type", + "description": [], + "signature": [ + "\"navItem\"" ], "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", "deprecated": false, @@ -846,6 +908,17 @@ "path": "packages/shared-ux/chrome/navigation/types/index.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.NavigationServices.isSideNavCollapsed", + "type": "boolean", + "tags": [], + "label": "isSideNavCollapsed", + "description": [], + "path": "packages/shared-ux/chrome/navigation/types/index.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false @@ -857,6 +930,16 @@ "tags": [], "label": "NavigationTreeDefinition", "description": [], + "signature": [ + { + "pluginId": "@kbn/shared-ux-chrome-navigation", + "scope": "common", + "docId": "kibKbnSharedUxChromeNavigationPluginApi", + "section": "def-common.NavigationTreeDefinition", + "text": "NavigationTreeDefinition" + }, + "" + ], "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", "deprecated": false, "trackAdoption": false, @@ -878,15 +961,7 @@ "section": "def-common.RootNavigationItemDefinition", "text": "RootNavigationItemDefinition" }, - "<", - { - "pluginId": "@kbn/core-chrome-browser", - "scope": "common", - "docId": "kibKbnCoreChromeBrowserPluginApi", - "section": "def-common.AppDeepLinkId", - "text": "AppDeepLinkId" - }, - ", string, string>[] | undefined" + "[] | undefined" ], "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", "deprecated": false, @@ -909,15 +984,196 @@ "section": "def-common.RootNavigationItemDefinition", "text": "RootNavigationItemDefinition" }, - "<", + "[] | undefined" + ], + "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.PanelComponentProps", + "type": "Interface", + "tags": [], + "label": "PanelComponentProps", + "description": [], + "path": "packages/shared-ux/chrome/navigation/src/ui/components/panel/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.PanelComponentProps.closePanel", + "type": "Function", + "tags": [], + "label": "closePanel", + "description": [ + "Handler to close the panel" + ], + "signature": [ + "() => void" + ], + "path": "packages/shared-ux/chrome/navigation/src/ui/components/panel/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [] + }, + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.PanelComponentProps.selectedNode", + "type": "CompoundType", + "tags": [], + "label": "selectedNode", + "description": [ + "The node in the main panel that opens the secondary panel" + ], + "signature": [ + "Pick<", { "pluginId": "@kbn/core-chrome-browser", "scope": "common", "docId": "kibKbnCoreChromeBrowserPluginApi", - "section": "def-common.AppDeepLinkId", - "text": "AppDeepLinkId" + "section": "def-common.ChromeProjectNavigationNode", + "text": "ChromeProjectNavigationNode" + }, + ", \"id\" | \"children\" | \"path\" | \"sideNavStatus\"> & { title: React.ReactNode; }" + ], + "path": "packages/shared-ux/chrome/navigation/src/ui/components/panel/types.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.PanelComponentProps.activeNodes", + "type": "Array", + "tags": [], + "label": "activeNodes", + "description": [ + "Jagged array of active nodes that match the current URL location" + ], + "signature": [ + { + "pluginId": "@kbn/core-chrome-browser", + "scope": "common", + "docId": "kibKbnCoreChromeBrowserPluginApi", + "section": "def-common.ChromeProjectNavigationNode", + "text": "ChromeProjectNavigationNode" }, - ", string, string>[] | undefined" + "[][]" + ], + "path": "packages/shared-ux/chrome/navigation/src/ui/components/panel/types.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.PanelContent", + "type": "Interface", + "tags": [], + "label": "PanelContent", + "description": [], + "path": "packages/shared-ux/chrome/navigation/src/ui/components/panel/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.PanelContent.title", + "type": "CompoundType", + "tags": [], + "label": "title", + "description": [], + "signature": [ + "boolean | React.ReactChild | React.ReactFragment | React.ReactPortal | null | undefined" + ], + "path": "packages/shared-ux/chrome/navigation/src/ui/components/panel/types.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.PanelContent.content", + "type": "CompoundType", + "tags": [], + "label": "content", + "description": [], + "signature": [ + "React.ComponentType<", + { + "pluginId": "@kbn/shared-ux-chrome-navigation", + "scope": "common", + "docId": "kibKbnSharedUxChromeNavigationPluginApi", + "section": "def-common.PanelComponentProps", + "text": "PanelComponentProps" + }, + "> | undefined" + ], + "path": "packages/shared-ux/chrome/navigation/src/ui/components/panel/types.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.PresetDefinition", + "type": "Interface", + "tags": [], + "label": "PresetDefinition", + "description": [], + "signature": [ + { + "pluginId": "@kbn/shared-ux-chrome-navigation", + "scope": "common", + "docId": "kibKbnSharedUxChromeNavigationPluginApi", + "section": "def-common.PresetDefinition", + "text": "PresetDefinition" + }, + " extends Omit<", + { + "pluginId": "@kbn/shared-ux-chrome-navigation", + "scope": "common", + "docId": "kibKbnSharedUxChromeNavigationPluginApi", + "section": "def-common.GroupDefinition", + "text": "GroupDefinition" + }, + ", \"type\" | \"children\">" + ], + "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.PresetDefinition.type", + "type": "string", + "tags": [], + "label": "type", + "description": [], + "signature": [ + "\"preset\"" + ], + "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/shared-ux-chrome-navigation", + "id": "def-common.PresetDefinition.preset", + "type": "CompoundType", + "tags": [], + "label": "preset", + "description": [], + "signature": [ + "\"ml\" | \"management\" | \"analytics\" | \"devtools\"" ], "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", "deprecated": false, @@ -933,6 +1189,16 @@ "tags": [], "label": "ProjectNavigationDefinition", "description": [], + "signature": [ + { + "pluginId": "@kbn/shared-ux-chrome-navigation", + "scope": "common", + "docId": "kibKbnSharedUxChromeNavigationPluginApi", + "section": "def-common.ProjectNavigationDefinition", + "text": "ProjectNavigationDefinition" + }, + "" + ], "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", "deprecated": false, "trackAdoption": false, @@ -948,15 +1214,7 @@ ], "signature": [ "ProjectNavigationTreeDefinition", - "<", - { - "pluginId": "@kbn/core-chrome-browser", - "scope": "common", - "docId": "kibKbnCoreChromeBrowserPluginApi", - "section": "def-common.AppDeepLinkId", - "text": "AppDeepLinkId" - }, - ", string, string> | undefined" + " | undefined" ], "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", "deprecated": false, @@ -979,7 +1237,7 @@ "section": "def-common.NavigationTreeDefinition", "text": "NavigationTreeDefinition" }, - " | undefined" + " | undefined" ], "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", "deprecated": false, @@ -1070,6 +1328,22 @@ "section": "def-common.GroupDefinition", "text": "GroupDefinition" }, + " | ", + { + "pluginId": "@kbn/shared-ux-chrome-navigation", + "scope": "common", + "docId": "kibKbnSharedUxChromeNavigationPluginApi", + "section": "def-common.PresetDefinition", + "text": "PresetDefinition" + }, + " | ", + { + "pluginId": "@kbn/shared-ux-chrome-navigation", + "scope": "common", + "docId": "kibKbnSharedUxChromeNavigationPluginApi", + "section": "def-common.ItemDefinition", + "text": "ItemDefinition" + }, "" ], "path": "packages/shared-ux/chrome/navigation/src/ui/types.ts", diff --git a/api_docs/kbn_shared_ux_chrome_navigation.mdx b/api_docs/kbn_shared_ux_chrome_navigation.mdx index 604d9ade9e422..7ebee7876aaa5 100644 --- a/api_docs/kbn_shared_ux_chrome_navigation.mdx +++ b/api_docs/kbn_shared_ux_chrome_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-chrome-navigation title: "@kbn/shared-ux-chrome-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-chrome-navigation plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-chrome-navigation'] --- import kbnSharedUxChromeNavigationObj from './kbn_shared_ux_chrome_navigation.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sh | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 47 | 0 | 38 | 4 | +| 60 | 0 | 48 | 4 | ## Common diff --git a/api_docs/kbn_shared_ux_file_context.mdx b/api_docs/kbn_shared_ux_file_context.mdx index 8f8b48bdb0b4f..8e69f7338f360 100644 --- a/api_docs/kbn_shared_ux_file_context.mdx +++ b/api_docs/kbn_shared_ux_file_context.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-context title: "@kbn/shared-ux-file-context" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-context plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-context'] --- import kbnSharedUxFileContextObj from './kbn_shared_ux_file_context.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_image.mdx b/api_docs/kbn_shared_ux_file_image.mdx index 103c3e199e84c..87285df9ec881 100644 --- a/api_docs/kbn_shared_ux_file_image.mdx +++ b/api_docs/kbn_shared_ux_file_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-image title: "@kbn/shared-ux-file-image" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-image plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-image'] --- import kbnSharedUxFileImageObj from './kbn_shared_ux_file_image.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_image_mocks.mdx b/api_docs/kbn_shared_ux_file_image_mocks.mdx index b93c4501c6567..d2b6658c3c83d 100644 --- a/api_docs/kbn_shared_ux_file_image_mocks.mdx +++ b/api_docs/kbn_shared_ux_file_image_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-image-mocks title: "@kbn/shared-ux-file-image-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-image-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-image-mocks'] --- import kbnSharedUxFileImageMocksObj from './kbn_shared_ux_file_image_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_mocks.mdx b/api_docs/kbn_shared_ux_file_mocks.mdx index e285518fbc89b..c3eb2d85d3a39 100644 --- a/api_docs/kbn_shared_ux_file_mocks.mdx +++ b/api_docs/kbn_shared_ux_file_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-mocks title: "@kbn/shared-ux-file-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-mocks'] --- import kbnSharedUxFileMocksObj from './kbn_shared_ux_file_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_picker.mdx b/api_docs/kbn_shared_ux_file_picker.mdx index a7c692c70dd54..923f3d3057917 100644 --- a/api_docs/kbn_shared_ux_file_picker.mdx +++ b/api_docs/kbn_shared_ux_file_picker.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-picker title: "@kbn/shared-ux-file-picker" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-picker plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-picker'] --- import kbnSharedUxFilePickerObj from './kbn_shared_ux_file_picker.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_types.mdx b/api_docs/kbn_shared_ux_file_types.mdx index b0f7cdcb6c223..aaa1c5083e9dc 100644 --- a/api_docs/kbn_shared_ux_file_types.mdx +++ b/api_docs/kbn_shared_ux_file_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-types title: "@kbn/shared-ux-file-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-types plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-types'] --- import kbnSharedUxFileTypesObj from './kbn_shared_ux_file_types.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_upload.mdx b/api_docs/kbn_shared_ux_file_upload.mdx index aec87195144fb..29607626a0456 100644 --- a/api_docs/kbn_shared_ux_file_upload.mdx +++ b/api_docs/kbn_shared_ux_file_upload.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-upload title: "@kbn/shared-ux-file-upload" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-upload plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-upload'] --- import kbnSharedUxFileUploadObj from './kbn_shared_ux_file_upload.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_util.mdx b/api_docs/kbn_shared_ux_file_util.mdx index 3aab43ab75590..467cd8711245d 100644 --- a/api_docs/kbn_shared_ux_file_util.mdx +++ b/api_docs/kbn_shared_ux_file_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-util title: "@kbn/shared-ux-file-util" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-util plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-util'] --- import kbnSharedUxFileUtilObj from './kbn_shared_ux_file_util.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_link_redirect_app.mdx b/api_docs/kbn_shared_ux_link_redirect_app.mdx index cdec34b509ca8..d01042f629fec 100644 --- a/api_docs/kbn_shared_ux_link_redirect_app.mdx +++ b/api_docs/kbn_shared_ux_link_redirect_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-link-redirect-app title: "@kbn/shared-ux-link-redirect-app" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-link-redirect-app plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-link-redirect-app'] --- import kbnSharedUxLinkRedirectAppObj from './kbn_shared_ux_link_redirect_app.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx b/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx index dafcff0aa1e71..0f6cafd351231 100644 --- a/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx +++ b/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-link-redirect-app-mocks title: "@kbn/shared-ux-link-redirect-app-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-link-redirect-app-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-link-redirect-app-mocks'] --- import kbnSharedUxLinkRedirectAppMocksObj from './kbn_shared_ux_link_redirect_app_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_markdown.mdx b/api_docs/kbn_shared_ux_markdown.mdx index 438f40ee4971e..319f25a00a5c0 100644 --- a/api_docs/kbn_shared_ux_markdown.mdx +++ b/api_docs/kbn_shared_ux_markdown.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-markdown title: "@kbn/shared-ux-markdown" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-markdown plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-markdown'] --- import kbnSharedUxMarkdownObj from './kbn_shared_ux_markdown.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_markdown_mocks.mdx b/api_docs/kbn_shared_ux_markdown_mocks.mdx index cff5cc18e8622..a6c0ff9ccfb0e 100644 --- a/api_docs/kbn_shared_ux_markdown_mocks.mdx +++ b/api_docs/kbn_shared_ux_markdown_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-markdown-mocks title: "@kbn/shared-ux-markdown-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-markdown-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-markdown-mocks'] --- import kbnSharedUxMarkdownMocksObj from './kbn_shared_ux_markdown_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_analytics_no_data.mdx b/api_docs/kbn_shared_ux_page_analytics_no_data.mdx index bacbe59f29a7e..09982700eb79d 100644 --- a/api_docs/kbn_shared_ux_page_analytics_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_analytics_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-analytics-no-data title: "@kbn/shared-ux-page-analytics-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-analytics-no-data plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-analytics-no-data'] --- import kbnSharedUxPageAnalyticsNoDataObj from './kbn_shared_ux_page_analytics_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx index 5a34147e5b2f3..680f4ec8ea0a2 100644 --- a/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-analytics-no-data-mocks title: "@kbn/shared-ux-page-analytics-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-analytics-no-data-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-analytics-no-data-mocks'] --- import kbnSharedUxPageAnalyticsNoDataMocksObj from './kbn_shared_ux_page_analytics_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_no_data.mdx b/api_docs/kbn_shared_ux_page_kibana_no_data.mdx index 2d733c6d4424c..155ff6cd725ec 100644 --- a/api_docs/kbn_shared_ux_page_kibana_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-no-data title: "@kbn/shared-ux-page-kibana-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-no-data plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-no-data'] --- import kbnSharedUxPageKibanaNoDataObj from './kbn_shared_ux_page_kibana_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx index 31bfe6ab032ca..636f5f2e51396 100644 --- a/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-no-data-mocks title: "@kbn/shared-ux-page-kibana-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-no-data-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-no-data-mocks'] --- import kbnSharedUxPageKibanaNoDataMocksObj from './kbn_shared_ux_page_kibana_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_template.mdx b/api_docs/kbn_shared_ux_page_kibana_template.mdx index a928674de2ed9..eca7adff69c61 100644 --- a/api_docs/kbn_shared_ux_page_kibana_template.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_template.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-template title: "@kbn/shared-ux-page-kibana-template" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-template plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-template'] --- import kbnSharedUxPageKibanaTemplateObj from './kbn_shared_ux_page_kibana_template.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx b/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx index e681893812118..1bd50420edc85 100644 --- a/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-template-mocks title: "@kbn/shared-ux-page-kibana-template-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-template-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-template-mocks'] --- import kbnSharedUxPageKibanaTemplateMocksObj from './kbn_shared_ux_page_kibana_template_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data.mdx b/api_docs/kbn_shared_ux_page_no_data.mdx index 3196b3395a923..d893bb0563406 100644 --- a/api_docs/kbn_shared_ux_page_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data title: "@kbn/shared-ux-page-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data'] --- import kbnSharedUxPageNoDataObj from './kbn_shared_ux_page_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_config.mdx b/api_docs/kbn_shared_ux_page_no_data_config.mdx index 163993837ea4e..8d44f98acb437 100644 --- a/api_docs/kbn_shared_ux_page_no_data_config.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-config title: "@kbn/shared-ux-page-no-data-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-config plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-config'] --- import kbnSharedUxPageNoDataConfigObj from './kbn_shared_ux_page_no_data_config.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx b/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx index 6ddfaeb70e28d..fe93cfd508043 100644 --- a/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-config-mocks title: "@kbn/shared-ux-page-no-data-config-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-config-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-config-mocks'] --- import kbnSharedUxPageNoDataConfigMocksObj from './kbn_shared_ux_page_no_data_config_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_no_data_mocks.mdx index 0bcf0ba0d3d6f..1151f21e85a09 100644 --- a/api_docs/kbn_shared_ux_page_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-mocks title: "@kbn/shared-ux-page-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-mocks'] --- import kbnSharedUxPageNoDataMocksObj from './kbn_shared_ux_page_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_solution_nav.mdx b/api_docs/kbn_shared_ux_page_solution_nav.mdx index dd699c2a0d41d..be5e9b7b79724 100644 --- a/api_docs/kbn_shared_ux_page_solution_nav.mdx +++ b/api_docs/kbn_shared_ux_page_solution_nav.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-solution-nav title: "@kbn/shared-ux-page-solution-nav" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-solution-nav plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-solution-nav'] --- import kbnSharedUxPageSolutionNavObj from './kbn_shared_ux_page_solution_nav.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_no_data_views.mdx b/api_docs/kbn_shared_ux_prompt_no_data_views.mdx index 0ddf8229b516b..9ee8125ac1642 100644 --- a/api_docs/kbn_shared_ux_prompt_no_data_views.mdx +++ b/api_docs/kbn_shared_ux_prompt_no_data_views.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-no-data-views title: "@kbn/shared-ux-prompt-no-data-views" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-no-data-views plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-no-data-views'] --- import kbnSharedUxPromptNoDataViewsObj from './kbn_shared_ux_prompt_no_data_views.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx b/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx index fcf82ae723919..aa75e648e0b29 100644 --- a/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx +++ b/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-no-data-views-mocks title: "@kbn/shared-ux-prompt-no-data-views-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-no-data-views-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-no-data-views-mocks'] --- import kbnSharedUxPromptNoDataViewsMocksObj from './kbn_shared_ux_prompt_no_data_views_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_not_found.mdx b/api_docs/kbn_shared_ux_prompt_not_found.mdx index 8115cd2a7b40d..15a29e6c230f3 100644 --- a/api_docs/kbn_shared_ux_prompt_not_found.mdx +++ b/api_docs/kbn_shared_ux_prompt_not_found.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-not-found title: "@kbn/shared-ux-prompt-not-found" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-not-found plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-not-found'] --- import kbnSharedUxPromptNotFoundObj from './kbn_shared_ux_prompt_not_found.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_router.mdx b/api_docs/kbn_shared_ux_router.mdx index 4fe95f038ad9d..3b7cee210ecbd 100644 --- a/api_docs/kbn_shared_ux_router.mdx +++ b/api_docs/kbn_shared_ux_router.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-router title: "@kbn/shared-ux-router" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-router plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-router'] --- import kbnSharedUxRouterObj from './kbn_shared_ux_router.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_router_mocks.mdx b/api_docs/kbn_shared_ux_router_mocks.mdx index 96ac0cea196ae..2f8a6081c14d9 100644 --- a/api_docs/kbn_shared_ux_router_mocks.mdx +++ b/api_docs/kbn_shared_ux_router_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-router-mocks title: "@kbn/shared-ux-router-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-router-mocks plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-router-mocks'] --- import kbnSharedUxRouterMocksObj from './kbn_shared_ux_router_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_storybook_config.mdx b/api_docs/kbn_shared_ux_storybook_config.mdx index 85308bd5904e2..444ceeb69a24b 100644 --- a/api_docs/kbn_shared_ux_storybook_config.mdx +++ b/api_docs/kbn_shared_ux_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-storybook-config title: "@kbn/shared-ux-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-storybook-config plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-storybook-config'] --- import kbnSharedUxStorybookConfigObj from './kbn_shared_ux_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_storybook_mock.mdx b/api_docs/kbn_shared_ux_storybook_mock.mdx index 3e1b629f53858..f2243ea4c0c55 100644 --- a/api_docs/kbn_shared_ux_storybook_mock.mdx +++ b/api_docs/kbn_shared_ux_storybook_mock.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-storybook-mock title: "@kbn/shared-ux-storybook-mock" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-storybook-mock plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-storybook-mock'] --- import kbnSharedUxStorybookMockObj from './kbn_shared_ux_storybook_mock.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_utility.mdx b/api_docs/kbn_shared_ux_utility.mdx index 130e614cef7d8..cc07ef0a434de 100644 --- a/api_docs/kbn_shared_ux_utility.mdx +++ b/api_docs/kbn_shared_ux_utility.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-utility title: "@kbn/shared-ux-utility" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-utility plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-utility'] --- import kbnSharedUxUtilityObj from './kbn_shared_ux_utility.devdocs.json'; diff --git a/api_docs/kbn_slo_schema.mdx b/api_docs/kbn_slo_schema.mdx index 0b94a1c7f0c52..89280a4337b00 100644 --- a/api_docs/kbn_slo_schema.mdx +++ b/api_docs/kbn_slo_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-slo-schema title: "@kbn/slo-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/slo-schema plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/slo-schema'] --- import kbnSloSchemaObj from './kbn_slo_schema.devdocs.json'; diff --git a/api_docs/kbn_some_dev_log.mdx b/api_docs/kbn_some_dev_log.mdx index d3fc2ece66b32..128532751715c 100644 --- a/api_docs/kbn_some_dev_log.mdx +++ b/api_docs/kbn_some_dev_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-some-dev-log title: "@kbn/some-dev-log" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/some-dev-log plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/some-dev-log'] --- import kbnSomeDevLogObj from './kbn_some_dev_log.devdocs.json'; diff --git a/api_docs/kbn_std.mdx b/api_docs/kbn_std.mdx index bccf9dc1abe80..41214f5a5299c 100644 --- a/api_docs/kbn_std.mdx +++ b/api_docs/kbn_std.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-std title: "@kbn/std" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/std plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/std'] --- import kbnStdObj from './kbn_std.devdocs.json'; diff --git a/api_docs/kbn_stdio_dev_helpers.mdx b/api_docs/kbn_stdio_dev_helpers.mdx index 992c81515ae93..70964e7823be9 100644 --- a/api_docs/kbn_stdio_dev_helpers.mdx +++ b/api_docs/kbn_stdio_dev_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-stdio-dev-helpers title: "@kbn/stdio-dev-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/stdio-dev-helpers plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/stdio-dev-helpers'] --- import kbnStdioDevHelpersObj from './kbn_stdio_dev_helpers.devdocs.json'; diff --git a/api_docs/kbn_storybook.mdx b/api_docs/kbn_storybook.mdx index 264d5c829f1d3..f20e1523c831a 100644 --- a/api_docs/kbn_storybook.mdx +++ b/api_docs/kbn_storybook.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-storybook title: "@kbn/storybook" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/storybook plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/storybook'] --- import kbnStorybookObj from './kbn_storybook.devdocs.json'; diff --git a/api_docs/kbn_subscription_tracking.mdx b/api_docs/kbn_subscription_tracking.mdx index 4867e5b701a0a..9edafa1168ad0 100644 --- a/api_docs/kbn_subscription_tracking.mdx +++ b/api_docs/kbn_subscription_tracking.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-subscription-tracking title: "@kbn/subscription-tracking" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/subscription-tracking plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/subscription-tracking'] --- import kbnSubscriptionTrackingObj from './kbn_subscription_tracking.devdocs.json'; diff --git a/api_docs/kbn_telemetry_tools.mdx b/api_docs/kbn_telemetry_tools.mdx index 4529c425422d5..d52cb6d53a23d 100644 --- a/api_docs/kbn_telemetry_tools.mdx +++ b/api_docs/kbn_telemetry_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-telemetry-tools title: "@kbn/telemetry-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/telemetry-tools plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/telemetry-tools'] --- import kbnTelemetryToolsObj from './kbn_telemetry_tools.devdocs.json'; diff --git a/api_docs/kbn_test.mdx b/api_docs/kbn_test.mdx index 6e7f593ae72e8..edba3f1c6a9ba 100644 --- a/api_docs/kbn_test.mdx +++ b/api_docs/kbn_test.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test title: "@kbn/test" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test'] --- import kbnTestObj from './kbn_test.devdocs.json'; diff --git a/api_docs/kbn_test_jest_helpers.mdx b/api_docs/kbn_test_jest_helpers.mdx index 6e6a45e378cc4..7c5e7878b2b30 100644 --- a/api_docs/kbn_test_jest_helpers.mdx +++ b/api_docs/kbn_test_jest_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-jest-helpers title: "@kbn/test-jest-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-jest-helpers plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-jest-helpers'] --- import kbnTestJestHelpersObj from './kbn_test_jest_helpers.devdocs.json'; diff --git a/api_docs/kbn_test_subj_selector.mdx b/api_docs/kbn_test_subj_selector.mdx index 17f6b1cf9dd8a..fe051eed1d105 100644 --- a/api_docs/kbn_test_subj_selector.mdx +++ b/api_docs/kbn_test_subj_selector.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-subj-selector title: "@kbn/test-subj-selector" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-subj-selector plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-subj-selector'] --- import kbnTestSubjSelectorObj from './kbn_test_subj_selector.devdocs.json'; diff --git a/api_docs/kbn_text_based_editor.mdx b/api_docs/kbn_text_based_editor.mdx index e9a094a1089db..55ca69d556656 100644 --- a/api_docs/kbn_text_based_editor.mdx +++ b/api_docs/kbn_text_based_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-text-based-editor title: "@kbn/text-based-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/text-based-editor plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/text-based-editor'] --- import kbnTextBasedEditorObj from './kbn_text_based_editor.devdocs.json'; diff --git a/api_docs/kbn_tooling_log.mdx b/api_docs/kbn_tooling_log.mdx index 4e271207f51fb..350d5a3fa84f7 100644 --- a/api_docs/kbn_tooling_log.mdx +++ b/api_docs/kbn_tooling_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-tooling-log title: "@kbn/tooling-log" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/tooling-log plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/tooling-log'] --- import kbnToolingLogObj from './kbn_tooling_log.devdocs.json'; diff --git a/api_docs/kbn_ts_projects.mdx b/api_docs/kbn_ts_projects.mdx index 2978d71f6f721..1afd26baef2b7 100644 --- a/api_docs/kbn_ts_projects.mdx +++ b/api_docs/kbn_ts_projects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ts-projects title: "@kbn/ts-projects" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ts-projects plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ts-projects'] --- import kbnTsProjectsObj from './kbn_ts_projects.devdocs.json'; diff --git a/api_docs/kbn_typed_react_router_config.mdx b/api_docs/kbn_typed_react_router_config.mdx index 4992931859832..d3b9c4cfb9304 100644 --- a/api_docs/kbn_typed_react_router_config.mdx +++ b/api_docs/kbn_typed_react_router_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-typed-react-router-config title: "@kbn/typed-react-router-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/typed-react-router-config plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/typed-react-router-config'] --- import kbnTypedReactRouterConfigObj from './kbn_typed_react_router_config.devdocs.json'; diff --git a/api_docs/kbn_ui_actions_browser.mdx b/api_docs/kbn_ui_actions_browser.mdx index 95a2a02f71700..d4ea32790d251 100644 --- a/api_docs/kbn_ui_actions_browser.mdx +++ b/api_docs/kbn_ui_actions_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-actions-browser title: "@kbn/ui-actions-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-actions-browser plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-actions-browser'] --- import kbnUiActionsBrowserObj from './kbn_ui_actions_browser.devdocs.json'; diff --git a/api_docs/kbn_ui_shared_deps_src.mdx b/api_docs/kbn_ui_shared_deps_src.mdx index 0589e914d5e0d..d52b45af84a41 100644 --- a/api_docs/kbn_ui_shared_deps_src.mdx +++ b/api_docs/kbn_ui_shared_deps_src.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-shared-deps-src title: "@kbn/ui-shared-deps-src" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-shared-deps-src plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-shared-deps-src'] --- import kbnUiSharedDepsSrcObj from './kbn_ui_shared_deps_src.devdocs.json'; diff --git a/api_docs/kbn_ui_theme.mdx b/api_docs/kbn_ui_theme.mdx index 84ef16967e4f0..bf099f7ca6aac 100644 --- a/api_docs/kbn_ui_theme.mdx +++ b/api_docs/kbn_ui_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-theme title: "@kbn/ui-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-theme plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-theme'] --- import kbnUiThemeObj from './kbn_ui_theme.devdocs.json'; diff --git a/api_docs/kbn_unified_data_table.mdx b/api_docs/kbn_unified_data_table.mdx index aca3f99a69d6c..2ab74ac5b07cb 100644 --- a/api_docs/kbn_unified_data_table.mdx +++ b/api_docs/kbn_unified_data_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-data-table title: "@kbn/unified-data-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-data-table plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-data-table'] --- import kbnUnifiedDataTableObj from './kbn_unified_data_table.devdocs.json'; diff --git a/api_docs/kbn_unified_doc_viewer.mdx b/api_docs/kbn_unified_doc_viewer.mdx index c194966799af7..7fd3307e2ed66 100644 --- a/api_docs/kbn_unified_doc_viewer.mdx +++ b/api_docs/kbn_unified_doc_viewer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-doc-viewer title: "@kbn/unified-doc-viewer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-doc-viewer plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-doc-viewer'] --- import kbnUnifiedDocViewerObj from './kbn_unified_doc_viewer.devdocs.json'; diff --git a/api_docs/kbn_unified_field_list.mdx b/api_docs/kbn_unified_field_list.mdx index 046f2b9b53f0a..b6130eeccae23 100644 --- a/api_docs/kbn_unified_field_list.mdx +++ b/api_docs/kbn_unified_field_list.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-field-list title: "@kbn/unified-field-list" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-field-list plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-field-list'] --- import kbnUnifiedFieldListObj from './kbn_unified_field_list.devdocs.json'; diff --git a/api_docs/kbn_url_state.mdx b/api_docs/kbn_url_state.mdx index 59f1bcf55e22a..90bb0bbaeed25 100644 --- a/api_docs/kbn_url_state.mdx +++ b/api_docs/kbn_url_state.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-url-state title: "@kbn/url-state" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/url-state plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/url-state'] --- import kbnUrlStateObj from './kbn_url_state.devdocs.json'; diff --git a/api_docs/kbn_use_tracked_promise.mdx b/api_docs/kbn_use_tracked_promise.mdx index 3b9f8a91d0cdd..b36b6372735b0 100644 --- a/api_docs/kbn_use_tracked_promise.mdx +++ b/api_docs/kbn_use_tracked_promise.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-use-tracked-promise title: "@kbn/use-tracked-promise" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/use-tracked-promise plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/use-tracked-promise'] --- import kbnUseTrackedPromiseObj from './kbn_use_tracked_promise.devdocs.json'; diff --git a/api_docs/kbn_user_profile_components.mdx b/api_docs/kbn_user_profile_components.mdx index de54339151c02..d2d8ab326160e 100644 --- a/api_docs/kbn_user_profile_components.mdx +++ b/api_docs/kbn_user_profile_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-user-profile-components title: "@kbn/user-profile-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/user-profile-components plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/user-profile-components'] --- import kbnUserProfileComponentsObj from './kbn_user_profile_components.devdocs.json'; diff --git a/api_docs/kbn_utility_types.mdx b/api_docs/kbn_utility_types.mdx index 15497829701cd..800c9e17ec705 100644 --- a/api_docs/kbn_utility_types.mdx +++ b/api_docs/kbn_utility_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utility-types title: "@kbn/utility-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utility-types plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utility-types'] --- import kbnUtilityTypesObj from './kbn_utility_types.devdocs.json'; diff --git a/api_docs/kbn_utility_types_jest.mdx b/api_docs/kbn_utility_types_jest.mdx index bf8b0324e8777..5fb114299a7db 100644 --- a/api_docs/kbn_utility_types_jest.mdx +++ b/api_docs/kbn_utility_types_jest.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utility-types-jest title: "@kbn/utility-types-jest" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utility-types-jest plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utility-types-jest'] --- import kbnUtilityTypesJestObj from './kbn_utility_types_jest.devdocs.json'; diff --git a/api_docs/kbn_utils.mdx b/api_docs/kbn_utils.mdx index aa2a7cf43f270..a5542dcee8f1c 100644 --- a/api_docs/kbn_utils.mdx +++ b/api_docs/kbn_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utils title: "@kbn/utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utils'] --- import kbnUtilsObj from './kbn_utils.devdocs.json'; diff --git a/api_docs/kbn_visualization_ui_components.mdx b/api_docs/kbn_visualization_ui_components.mdx index 4142559044ae1..3f18dd7cbac1a 100644 --- a/api_docs/kbn_visualization_ui_components.mdx +++ b/api_docs/kbn_visualization_ui_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-visualization-ui-components title: "@kbn/visualization-ui-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/visualization-ui-components plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/visualization-ui-components'] --- import kbnVisualizationUiComponentsObj from './kbn_visualization_ui_components.devdocs.json'; diff --git a/api_docs/kbn_xstate_utils.mdx b/api_docs/kbn_xstate_utils.mdx index 6df7e6d4520c2..08dbbb52febc9 100644 --- a/api_docs/kbn_xstate_utils.mdx +++ b/api_docs/kbn_xstate_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-xstate-utils title: "@kbn/xstate-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/xstate-utils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/xstate-utils'] --- import kbnXstateUtilsObj from './kbn_xstate_utils.devdocs.json'; diff --git a/api_docs/kbn_yarn_lock_validator.mdx b/api_docs/kbn_yarn_lock_validator.mdx index b4d528ec71f66..9cd914351bf18 100644 --- a/api_docs/kbn_yarn_lock_validator.mdx +++ b/api_docs/kbn_yarn_lock_validator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-yarn-lock-validator title: "@kbn/yarn-lock-validator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/yarn-lock-validator plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/yarn-lock-validator'] --- import kbnYarnLockValidatorObj from './kbn_yarn_lock_validator.devdocs.json'; diff --git a/api_docs/kibana_overview.mdx b/api_docs/kibana_overview.mdx index f1a1342e4dec1..077f0aa888cb7 100644 --- a/api_docs/kibana_overview.mdx +++ b/api_docs/kibana_overview.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaOverview title: "kibanaOverview" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaOverview plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaOverview'] --- import kibanaOverviewObj from './kibana_overview.devdocs.json'; diff --git a/api_docs/kibana_react.mdx b/api_docs/kibana_react.mdx index 356e6885ddb0e..4a4be0af168b3 100644 --- a/api_docs/kibana_react.mdx +++ b/api_docs/kibana_react.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaReact title: "kibanaReact" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaReact plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaReact'] --- import kibanaReactObj from './kibana_react.devdocs.json'; diff --git a/api_docs/kibana_utils.mdx b/api_docs/kibana_utils.mdx index 00d4e387d403b..7ccb170eedfc4 100644 --- a/api_docs/kibana_utils.mdx +++ b/api_docs/kibana_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaUtils title: "kibanaUtils" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaUtils plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaUtils'] --- import kibanaUtilsObj from './kibana_utils.devdocs.json'; diff --git a/api_docs/kubernetes_security.mdx b/api_docs/kubernetes_security.mdx index 9ec5362ee8f21..ecce939315279 100644 --- a/api_docs/kubernetes_security.mdx +++ b/api_docs/kubernetes_security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kubernetesSecurity title: "kubernetesSecurity" image: https://source.unsplash.com/400x175/?github description: API docs for the kubernetesSecurity plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kubernetesSecurity'] --- import kubernetesSecurityObj from './kubernetes_security.devdocs.json'; diff --git a/api_docs/lens.mdx b/api_docs/lens.mdx index b710772b962fa..7eb05b9d0fece 100644 --- a/api_docs/lens.mdx +++ b/api_docs/lens.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/lens title: "lens" image: https://source.unsplash.com/400x175/?github description: API docs for the lens plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'lens'] --- import lensObj from './lens.devdocs.json'; diff --git a/api_docs/license_api_guard.mdx b/api_docs/license_api_guard.mdx index 8bc9e9b56019b..abb74ef726c05 100644 --- a/api_docs/license_api_guard.mdx +++ b/api_docs/license_api_guard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licenseApiGuard title: "licenseApiGuard" image: https://source.unsplash.com/400x175/?github description: API docs for the licenseApiGuard plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licenseApiGuard'] --- import licenseApiGuardObj from './license_api_guard.devdocs.json'; diff --git a/api_docs/license_management.mdx b/api_docs/license_management.mdx index 6db00695ad97b..79a6400cfd81b 100644 --- a/api_docs/license_management.mdx +++ b/api_docs/license_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licenseManagement title: "licenseManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the licenseManagement plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licenseManagement'] --- import licenseManagementObj from './license_management.devdocs.json'; diff --git a/api_docs/licensing.mdx b/api_docs/licensing.mdx index d52f843a6a51e..ff4197261f8ce 100644 --- a/api_docs/licensing.mdx +++ b/api_docs/licensing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licensing title: "licensing" image: https://source.unsplash.com/400x175/?github description: API docs for the licensing plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licensing'] --- import licensingObj from './licensing.devdocs.json'; diff --git a/api_docs/links.mdx b/api_docs/links.mdx index aa096e4204efe..ba8547a7548e1 100644 --- a/api_docs/links.mdx +++ b/api_docs/links.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/links title: "links" image: https://source.unsplash.com/400x175/?github description: API docs for the links plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'links'] --- import linksObj from './links.devdocs.json'; diff --git a/api_docs/lists.mdx b/api_docs/lists.mdx index 057bc70d4f68c..bb6109da2b362 100644 --- a/api_docs/lists.mdx +++ b/api_docs/lists.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/lists title: "lists" image: https://source.unsplash.com/400x175/?github description: API docs for the lists plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'lists'] --- import listsObj from './lists.devdocs.json'; diff --git a/api_docs/log_explorer.mdx b/api_docs/log_explorer.mdx index ead2caa9109eb..937b4d11247c6 100644 --- a/api_docs/log_explorer.mdx +++ b/api_docs/log_explorer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logExplorer title: "logExplorer" image: https://source.unsplash.com/400x175/?github description: API docs for the logExplorer plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logExplorer'] --- import logExplorerObj from './log_explorer.devdocs.json'; diff --git a/api_docs/logs_shared.mdx b/api_docs/logs_shared.mdx index b97b80a200796..741f76fb31a18 100644 --- a/api_docs/logs_shared.mdx +++ b/api_docs/logs_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsShared title: "logsShared" image: https://source.unsplash.com/400x175/?github description: API docs for the logsShared plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsShared'] --- import logsSharedObj from './logs_shared.devdocs.json'; diff --git a/api_docs/management.devdocs.json b/api_docs/management.devdocs.json index 61f282b25ee2c..6e970de9f2c57 100644 --- a/api_docs/management.devdocs.json +++ b/api_docs/management.devdocs.json @@ -805,38 +805,6 @@ ], "returnComment": [] }, - { - "parentPluginId": "management", - "id": "def-public.ManagementStart.setLandingPageRedirect", - "type": "Function", - "tags": [], - "label": "setLandingPageRedirect", - "description": [], - "signature": [ - "(landingPageRedirect: string) => void" - ], - "path": "src/plugins/management/public/types.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "management", - "id": "def-public.ManagementStart.setLandingPageRedirect.$1", - "type": "string", - "tags": [], - "label": "landingPageRedirect", - "description": [], - "signature": [ - "string" - ], - "path": "src/plugins/management/public/types.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - } - ], - "returnComment": [] - }, { "parentPluginId": "management", "id": "def-public.ManagementStart.setupCardsNavigation", diff --git a/api_docs/management.mdx b/api_docs/management.mdx index ed18839c0f9a5..29c46497e48f6 100644 --- a/api_docs/management.mdx +++ b/api_docs/management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/management title: "management" image: https://source.unsplash.com/400x175/?github description: API docs for the management plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'management'] --- import managementObj from './management.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/platform-deployment-management](https://github.com/orgs/elasti | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 47 | 0 | 47 | 7 | +| 45 | 0 | 45 | 7 | ## Client diff --git a/api_docs/maps.mdx b/api_docs/maps.mdx index 1c82b46486312..ccd1799c31eec 100644 --- a/api_docs/maps.mdx +++ b/api_docs/maps.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/maps title: "maps" image: https://source.unsplash.com/400x175/?github description: API docs for the maps plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'maps'] --- import mapsObj from './maps.devdocs.json'; diff --git a/api_docs/maps_ems.mdx b/api_docs/maps_ems.mdx index c5244b8945b65..940bc2985f8e8 100644 --- a/api_docs/maps_ems.mdx +++ b/api_docs/maps_ems.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/mapsEms title: "mapsEms" image: https://source.unsplash.com/400x175/?github description: API docs for the mapsEms plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'mapsEms'] --- import mapsEmsObj from './maps_ems.devdocs.json'; diff --git a/api_docs/metrics_data_access.mdx b/api_docs/metrics_data_access.mdx index f5aba53735bad..4321ac88da897 100644 --- a/api_docs/metrics_data_access.mdx +++ b/api_docs/metrics_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/metricsDataAccess title: "metricsDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the metricsDataAccess plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'metricsDataAccess'] --- import metricsDataAccessObj from './metrics_data_access.devdocs.json'; diff --git a/api_docs/ml.mdx b/api_docs/ml.mdx index 3556b058709f8..1f48623898b56 100644 --- a/api_docs/ml.mdx +++ b/api_docs/ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ml title: "ml" image: https://source.unsplash.com/400x175/?github description: API docs for the ml plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ml'] --- import mlObj from './ml.devdocs.json'; diff --git a/api_docs/monitoring.mdx b/api_docs/monitoring.mdx index 9a32b39fcbf45..7041525f7b444 100644 --- a/api_docs/monitoring.mdx +++ b/api_docs/monitoring.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/monitoring title: "monitoring" image: https://source.unsplash.com/400x175/?github description: API docs for the monitoring plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'monitoring'] --- import monitoringObj from './monitoring.devdocs.json'; diff --git a/api_docs/monitoring_collection.mdx b/api_docs/monitoring_collection.mdx index 599351943ffb5..2f3524b5e2f6c 100644 --- a/api_docs/monitoring_collection.mdx +++ b/api_docs/monitoring_collection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/monitoringCollection title: "monitoringCollection" image: https://source.unsplash.com/400x175/?github description: API docs for the monitoringCollection plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'monitoringCollection'] --- import monitoringCollectionObj from './monitoring_collection.devdocs.json'; diff --git a/api_docs/navigation.mdx b/api_docs/navigation.mdx index 2ea44d9a80926..b157e87548c8d 100644 --- a/api_docs/navigation.mdx +++ b/api_docs/navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/navigation title: "navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the navigation plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'navigation'] --- import navigationObj from './navigation.devdocs.json'; diff --git a/api_docs/newsfeed.mdx b/api_docs/newsfeed.mdx index 7900fdb4062ad..c5ca5914b94cb 100644 --- a/api_docs/newsfeed.mdx +++ b/api_docs/newsfeed.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/newsfeed title: "newsfeed" image: https://source.unsplash.com/400x175/?github description: API docs for the newsfeed plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'newsfeed'] --- import newsfeedObj from './newsfeed.devdocs.json'; diff --git a/api_docs/no_data_page.mdx b/api_docs/no_data_page.mdx index 817cc99999a6a..69520939e0ab8 100644 --- a/api_docs/no_data_page.mdx +++ b/api_docs/no_data_page.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/noDataPage title: "noDataPage" image: https://source.unsplash.com/400x175/?github description: API docs for the noDataPage plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'noDataPage'] --- import noDataPageObj from './no_data_page.devdocs.json'; diff --git a/api_docs/notifications.mdx b/api_docs/notifications.mdx index e3dd51d87a4b8..7060cdcd13fc6 100644 --- a/api_docs/notifications.mdx +++ b/api_docs/notifications.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/notifications title: "notifications" image: https://source.unsplash.com/400x175/?github description: API docs for the notifications plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'notifications'] --- import notificationsObj from './notifications.devdocs.json'; diff --git a/api_docs/observability.mdx b/api_docs/observability.mdx index a8c34f4991531..0f0cd7b7ee77d 100644 --- a/api_docs/observability.mdx +++ b/api_docs/observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observability title: "observability" image: https://source.unsplash.com/400x175/?github description: API docs for the observability plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observability'] --- import observabilityObj from './observability.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/actionable-observability](https://github.com/orgs/elastic/team | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 578 | 2 | 569 | 14 | +| 578 | 2 | 569 | 16 | ## Client diff --git a/api_docs/observability_a_i_assistant.devdocs.json b/api_docs/observability_a_i_assistant.devdocs.json index ace14702f2d8f..d4d5632963e2b 100644 --- a/api_docs/observability_a_i_assistant.devdocs.json +++ b/api_docs/observability_a_i_assistant.devdocs.json @@ -734,7 +734,7 @@ "text": "Message" }, "[]; connectorId: string; functions: { name: string; description: string; parameters: any; }[]; } & { functionCall?: string | undefined; }; } & { query?: { stream: boolean; } | undefined; }; }) => Promise<", - "IncomingMessage", + "Readable", " | ", "CreateChatCompletionResponse", ">; } & ", @@ -1123,7 +1123,7 @@ "text": "Message" }, "[]; connectorId: string; functions: { name: string; description: string; parameters: any; }[]; } & { functionCall?: string | undefined; }; } & { query?: { stream: boolean; } | undefined; }; }) => Promise<", - "IncomingMessage", + "Readable", " | ", "CreateChatCompletionResponse", ">; } & ", @@ -1618,7 +1618,7 @@ "text": "Message" }, "[]; connectorId: string; functions: { name: string; description: string; parameters: any; }[]; } & { functionCall?: string | undefined; }; } & { query?: { stream: boolean; } | undefined; }; }) => Promise<", - "IncomingMessage", + "Readable", " | ", "CreateChatCompletionResponse", ">; } & ", diff --git a/api_docs/observability_a_i_assistant.mdx b/api_docs/observability_a_i_assistant.mdx index 416537167873a..0c17091f7b6bf 100644 --- a/api_docs/observability_a_i_assistant.mdx +++ b/api_docs/observability_a_i_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAIAssistant title: "observabilityAIAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAIAssistant plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAIAssistant'] --- import observabilityAIAssistantObj from './observability_a_i_assistant.devdocs.json'; diff --git a/api_docs/observability_log_explorer.mdx b/api_docs/observability_log_explorer.mdx index ab026979c2c7c..1bfcf99d622fc 100644 --- a/api_docs/observability_log_explorer.mdx +++ b/api_docs/observability_log_explorer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityLogExplorer title: "observabilityLogExplorer" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityLogExplorer plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityLogExplorer'] --- import observabilityLogExplorerObj from './observability_log_explorer.devdocs.json'; diff --git a/api_docs/observability_onboarding.mdx b/api_docs/observability_onboarding.mdx index 7011f6731c70e..1a769b4004459 100644 --- a/api_docs/observability_onboarding.mdx +++ b/api_docs/observability_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityOnboarding title: "observabilityOnboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityOnboarding plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityOnboarding'] --- import observabilityOnboardingObj from './observability_onboarding.devdocs.json'; diff --git a/api_docs/observability_shared.mdx b/api_docs/observability_shared.mdx index 7f19843924287..1c1c0ad4ed152 100644 --- a/api_docs/observability_shared.mdx +++ b/api_docs/observability_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityShared title: "observabilityShared" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityShared plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityShared'] --- import observabilitySharedObj from './observability_shared.devdocs.json'; diff --git a/api_docs/osquery.mdx b/api_docs/osquery.mdx index 08b6c3de2f400..25b8457821a29 100644 --- a/api_docs/osquery.mdx +++ b/api_docs/osquery.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/osquery title: "osquery" image: https://source.unsplash.com/400x175/?github description: API docs for the osquery plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'osquery'] --- import osqueryObj from './osquery.devdocs.json'; diff --git a/api_docs/painless_lab.mdx b/api_docs/painless_lab.mdx index a6ef5e8abf069..b7b35d63d2bdf 100644 --- a/api_docs/painless_lab.mdx +++ b/api_docs/painless_lab.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/painlessLab title: "painlessLab" image: https://source.unsplash.com/400x175/?github description: API docs for the painlessLab plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'painlessLab'] --- import painlessLabObj from './painless_lab.devdocs.json'; diff --git a/api_docs/plugin_directory.mdx b/api_docs/plugin_directory.mdx index f4d2592ee81bb..8eda77ff712e9 100644 --- a/api_docs/plugin_directory.mdx +++ b/api_docs/plugin_directory.mdx @@ -7,7 +7,7 @@ id: kibDevDocsPluginDirectory slug: /kibana-dev-docs/api-meta/plugin-api-directory title: Directory description: Directory of public APIs available through plugins or packages. -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -15,13 +15,13 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Count | Plugins or Packages with a
public API | Number of teams | |--------------|----------|------------------------| -| 700 | 590 | 40 | +| 701 | 591 | 40 | ### Public API health stats | API Count | Any Count | Missing comments | Missing exports | |--------------|----------|-----------------|--------| -| 75857 | 223 | 64656 | 1584 | +| 76056 | 224 | 64858 | 1585 | ## Plugin Directory @@ -30,7 +30,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 269 | 0 | 263 | 31 | | | [@elastic/appex-sharedux @elastic/platform-deployment-management](https://github.com/orgs/elastic/teams/appex-sharedux ) | - | 17 | 1 | 15 | 2 | | | [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) | AIOps plugin maintained by ML team. | 67 | 1 | 4 | 1 | -| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 785 | 1 | 754 | 50 | +| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 807 | 1 | 776 | 50 | | | [@elastic/apm-ui](https://github.com/orgs/elastic/teams/apm-ui) | The user interface for Elastic APM | 29 | 0 | 29 | 120 | | | [@elastic/apm-ui](https://github.com/orgs/elastic/teams/apm-ui) | - | 9 | 0 | 9 | 0 | | | [@elastic/infra-monitoring-ui](https://github.com/orgs/elastic/teams/infra-monitoring-ui) | Asset manager plugin for entity assets (inventory, topology, etc) | 9 | 0 | 9 | 2 | @@ -126,7 +126,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/infra-monitoring-ui](https://github.com/orgs/elastic/teams/infra-monitoring-ui) | This plugin provides a LogExplorer component using the Discover customization framework, offering several affordances specifically designed for log consumption. | 22 | 0 | 22 | 7 | | | [@elastic/infra-monitoring-ui](https://github.com/orgs/elastic/teams/infra-monitoring-ui) | Exposes the shared components and APIs to access and visualize logs. | 269 | 10 | 256 | 27 | | logstash | [@elastic/logstash](https://github.com/orgs/elastic/teams/logstash) | - | 0 | 0 | 0 | 0 | -| | [@elastic/platform-deployment-management](https://github.com/orgs/elastic/teams/platform-deployment-management) | - | 47 | 0 | 47 | 7 | +| | [@elastic/platform-deployment-management](https://github.com/orgs/elastic/teams/platform-deployment-management) | - | 45 | 0 | 45 | 7 | | | [@elastic/kibana-gis](https://github.com/orgs/elastic/teams/kibana-gis) | - | 259 | 0 | 258 | 28 | | | [@elastic/kibana-gis](https://github.com/orgs/elastic/teams/kibana-gis) | - | 68 | 0 | 68 | 0 | | | [@elastic/infra-monitoring-ui](https://github.com/orgs/elastic/teams/infra-monitoring-ui) | Exposes utilities for accessing metrics data | 16 | 0 | 16 | 0 | @@ -137,7 +137,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 17 | 0 | 17 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 3 | 0 | 3 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 2 | 0 | 2 | 1 | -| | [@elastic/actionable-observability](https://github.com/orgs/elastic/teams/actionable-observability) | - | 578 | 2 | 569 | 14 | +| | [@elastic/actionable-observability](https://github.com/orgs/elastic/teams/actionable-observability) | - | 578 | 2 | 569 | 16 | | | [@elastic/obs-ai-assistant](https://github.com/orgs/elastic/teams/obs-ai-assistant) | - | 42 | 0 | 39 | 7 | | | [@elastic/infra-monitoring-ui](https://github.com/orgs/elastic/teams/infra-monitoring-ui) | This plugin exposes and registers observability log consumption features. | 15 | 0 | 15 | 1 | | | [@elastic/apm-ui](https://github.com/orgs/elastic/teams/apm-ui) | - | 14 | 0 | 14 | 0 | @@ -276,7 +276,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 5 | 0 | 0 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 16 | 0 | 7 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 6 | 0 | 6 | 0 | -| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 172 | 0 | 70 | 1 | +| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 163 | 0 | 69 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 3 | 0 | 3 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 4 | 0 | 4 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 8 | 0 | 8 | 0 | @@ -433,7 +433,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 15 | 0 | 9 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 36 | 2 | 32 | 0 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 59 | 0 | 37 | 4 | -| | [@elastic/docs](https://github.com/orgs/elastic/teams/docs) | - | 76 | 0 | 76 | 2 | +| | [@elastic/docs](https://github.com/orgs/elastic/teams/docs) | - | 75 | 0 | 75 | 2 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 1 | 0 | 1 | 0 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 39 | 0 | 26 | 5 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 19 | 0 | 11 | 0 | @@ -450,7 +450,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 52 | 0 | 52 | 1 | | | [@elastic/security-threat-hunting-investigations](https://github.com/orgs/elastic/teams/security-threat-hunting-investigations) | - | 36 | 0 | 14 | 3 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 20 | 0 | 16 | 0 | -| | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 28 | 0 | 22 | 1 | +| | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 36 | 0 | 28 | 1 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 2 | 0 | 0 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 29 | 0 | 29 | 1 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 1 | 0 | 0 | 0 | @@ -518,6 +518,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 78 | 0 | 76 | 3 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 55 | 1 | 50 | 0 | | | [@elastic/actionable-observability](https://github.com/orgs/elastic/teams/actionable-observability) | - | 13 | 0 | 13 | 3 | +| | [@elastic/actionable-observability](https://github.com/orgs/elastic/teams/actionable-observability) | - | 99 | 1 | 99 | 0 | | | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 7 | 0 | 7 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 45 | 0 | 45 | 10 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 51 | 5 | 34 | 0 | @@ -545,7 +546,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/security-detections-response](https://github.com/orgs/elastic/teams/security-detections-response) | - | 114 | 0 | 111 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 2 | 0 | 2 | 0 | | | [@elastic/enterprise-search-frontend](https://github.com/orgs/elastic/teams/enterprise-search-frontend) | - | 68 | 0 | 68 | 0 | -| | [@elastic/enterprise-search-frontend](https://github.com/orgs/elastic/teams/enterprise-search-frontend) | - | 2097 | 0 | 2097 | 0 | +| | [@elastic/enterprise-search-frontend](https://github.com/orgs/elastic/teams/enterprise-search-frontend) | - | 2166 | 0 | 2166 | 0 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 15 | 0 | 8 | 0 | | | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 14 | 0 | 14 | 6 | | | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 50 | 0 | 47 | 0 | @@ -585,7 +586,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 28 | 0 | 10 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 10 | 0 | 4 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 32 | 0 | 28 | 0 | -| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 47 | 0 | 38 | 4 | +| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 60 | 0 | 48 | 4 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 5 | 0 | 4 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 3 | 0 | 2 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 2 | 0 | 2 | 0 | diff --git a/api_docs/presentation_util.mdx b/api_docs/presentation_util.mdx index 36bea637e3894..4bfd1e5892430 100644 --- a/api_docs/presentation_util.mdx +++ b/api_docs/presentation_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/presentationUtil title: "presentationUtil" image: https://source.unsplash.com/400x175/?github description: API docs for the presentationUtil plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'presentationUtil'] --- import presentationUtilObj from './presentation_util.devdocs.json'; diff --git a/api_docs/profiling.mdx b/api_docs/profiling.mdx index dd5f7f756c786..44eee1045cf71 100644 --- a/api_docs/profiling.mdx +++ b/api_docs/profiling.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/profiling title: "profiling" image: https://source.unsplash.com/400x175/?github description: API docs for the profiling plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'profiling'] --- import profilingObj from './profiling.devdocs.json'; diff --git a/api_docs/profiling_data_access.mdx b/api_docs/profiling_data_access.mdx index 9914e54e13825..7cdc5d0e75d16 100644 --- a/api_docs/profiling_data_access.mdx +++ b/api_docs/profiling_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/profilingDataAccess title: "profilingDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the profilingDataAccess plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'profilingDataAccess'] --- import profilingDataAccessObj from './profiling_data_access.devdocs.json'; diff --git a/api_docs/remote_clusters.mdx b/api_docs/remote_clusters.mdx index 8e5ee24aa5497..bd9a8607ba682 100644 --- a/api_docs/remote_clusters.mdx +++ b/api_docs/remote_clusters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/remoteClusters title: "remoteClusters" image: https://source.unsplash.com/400x175/?github description: API docs for the remoteClusters plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'remoteClusters'] --- import remoteClustersObj from './remote_clusters.devdocs.json'; diff --git a/api_docs/reporting.mdx b/api_docs/reporting.mdx index 2304babb907ab..8e1d5c24c46b2 100644 --- a/api_docs/reporting.mdx +++ b/api_docs/reporting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/reporting title: "reporting" image: https://source.unsplash.com/400x175/?github description: API docs for the reporting plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'reporting'] --- import reportingObj from './reporting.devdocs.json'; diff --git a/api_docs/rollup.mdx b/api_docs/rollup.mdx index 0b48aca31d420..f05798c23ef2c 100644 --- a/api_docs/rollup.mdx +++ b/api_docs/rollup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/rollup title: "rollup" image: https://source.unsplash.com/400x175/?github description: API docs for the rollup plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'rollup'] --- import rollupObj from './rollup.devdocs.json'; diff --git a/api_docs/rule_registry.mdx b/api_docs/rule_registry.mdx index 4bf6ec08ffddc..208c89a5f02d2 100644 --- a/api_docs/rule_registry.mdx +++ b/api_docs/rule_registry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ruleRegistry title: "ruleRegistry" image: https://source.unsplash.com/400x175/?github description: API docs for the ruleRegistry plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ruleRegistry'] --- import ruleRegistryObj from './rule_registry.devdocs.json'; diff --git a/api_docs/runtime_fields.mdx b/api_docs/runtime_fields.mdx index 896ce6fa44bb9..6eaaefffdebd6 100644 --- a/api_docs/runtime_fields.mdx +++ b/api_docs/runtime_fields.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/runtimeFields title: "runtimeFields" image: https://source.unsplash.com/400x175/?github description: API docs for the runtimeFields plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'runtimeFields'] --- import runtimeFieldsObj from './runtime_fields.devdocs.json'; diff --git a/api_docs/saved_objects.mdx b/api_docs/saved_objects.mdx index 439ea2fff556a..0ff7ba0090f3e 100644 --- a/api_docs/saved_objects.mdx +++ b/api_docs/saved_objects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjects title: "savedObjects" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjects plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjects'] --- import savedObjectsObj from './saved_objects.devdocs.json'; diff --git a/api_docs/saved_objects_finder.mdx b/api_docs/saved_objects_finder.mdx index 5f499d7bb62da..76ae75eafb1b2 100644 --- a/api_docs/saved_objects_finder.mdx +++ b/api_docs/saved_objects_finder.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsFinder title: "savedObjectsFinder" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsFinder plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsFinder'] --- import savedObjectsFinderObj from './saved_objects_finder.devdocs.json'; diff --git a/api_docs/saved_objects_management.mdx b/api_docs/saved_objects_management.mdx index 62e05fbc6de9d..5f1a2039279d9 100644 --- a/api_docs/saved_objects_management.mdx +++ b/api_docs/saved_objects_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsManagement title: "savedObjectsManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsManagement plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsManagement'] --- import savedObjectsManagementObj from './saved_objects_management.devdocs.json'; diff --git a/api_docs/saved_objects_tagging.mdx b/api_docs/saved_objects_tagging.mdx index df4caeb535b3a..740d7f6921ca6 100644 --- a/api_docs/saved_objects_tagging.mdx +++ b/api_docs/saved_objects_tagging.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsTagging title: "savedObjectsTagging" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsTagging plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsTagging'] --- import savedObjectsTaggingObj from './saved_objects_tagging.devdocs.json'; diff --git a/api_docs/saved_objects_tagging_oss.mdx b/api_docs/saved_objects_tagging_oss.mdx index 9941d053c1973..76b065624677c 100644 --- a/api_docs/saved_objects_tagging_oss.mdx +++ b/api_docs/saved_objects_tagging_oss.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsTaggingOss title: "savedObjectsTaggingOss" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsTaggingOss plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsTaggingOss'] --- import savedObjectsTaggingOssObj from './saved_objects_tagging_oss.devdocs.json'; diff --git a/api_docs/saved_search.mdx b/api_docs/saved_search.mdx index 08855b04fb4d5..845919c59f3e6 100644 --- a/api_docs/saved_search.mdx +++ b/api_docs/saved_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedSearch title: "savedSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the savedSearch plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedSearch'] --- import savedSearchObj from './saved_search.devdocs.json'; diff --git a/api_docs/screenshot_mode.mdx b/api_docs/screenshot_mode.mdx index 7777811d6bd48..4aec2c64f8d6d 100644 --- a/api_docs/screenshot_mode.mdx +++ b/api_docs/screenshot_mode.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/screenshotMode title: "screenshotMode" image: https://source.unsplash.com/400x175/?github description: API docs for the screenshotMode plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'screenshotMode'] --- import screenshotModeObj from './screenshot_mode.devdocs.json'; diff --git a/api_docs/screenshotting.mdx b/api_docs/screenshotting.mdx index a9000224992a6..91f16ead9d52a 100644 --- a/api_docs/screenshotting.mdx +++ b/api_docs/screenshotting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/screenshotting title: "screenshotting" image: https://source.unsplash.com/400x175/?github description: API docs for the screenshotting plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'screenshotting'] --- import screenshottingObj from './screenshotting.devdocs.json'; diff --git a/api_docs/security.mdx b/api_docs/security.mdx index c6e7131ab9b44..bea377896ceeb 100644 --- a/api_docs/security.mdx +++ b/api_docs/security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/security title: "security" image: https://source.unsplash.com/400x175/?github description: API docs for the security plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'security'] --- import securityObj from './security.devdocs.json'; diff --git a/api_docs/security_solution.mdx b/api_docs/security_solution.mdx index e2ae0f6b77616..31ca69f8106d8 100644 --- a/api_docs/security_solution.mdx +++ b/api_docs/security_solution.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolution title: "securitySolution" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolution plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolution'] --- import securitySolutionObj from './security_solution.devdocs.json'; diff --git a/api_docs/security_solution_ess.mdx b/api_docs/security_solution_ess.mdx index fb12c4740c65a..ac5778093b293 100644 --- a/api_docs/security_solution_ess.mdx +++ b/api_docs/security_solution_ess.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolutionEss title: "securitySolutionEss" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolutionEss plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolutionEss'] --- import securitySolutionEssObj from './security_solution_ess.devdocs.json'; diff --git a/api_docs/security_solution_serverless.mdx b/api_docs/security_solution_serverless.mdx index a94f1a91a3524..820ec881003e4 100644 --- a/api_docs/security_solution_serverless.mdx +++ b/api_docs/security_solution_serverless.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolutionServerless title: "securitySolutionServerless" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolutionServerless plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolutionServerless'] --- import securitySolutionServerlessObj from './security_solution_serverless.devdocs.json'; diff --git a/api_docs/serverless.mdx b/api_docs/serverless.mdx index 03d3ecb8e21e9..4ae2bfb1dfa16 100644 --- a/api_docs/serverless.mdx +++ b/api_docs/serverless.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverless title: "serverless" image: https://source.unsplash.com/400x175/?github description: API docs for the serverless plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverless'] --- import serverlessObj from './serverless.devdocs.json'; diff --git a/api_docs/serverless_observability.mdx b/api_docs/serverless_observability.mdx index 6d566a7dd18eb..683190489b4a8 100644 --- a/api_docs/serverless_observability.mdx +++ b/api_docs/serverless_observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverlessObservability title: "serverlessObservability" image: https://source.unsplash.com/400x175/?github description: API docs for the serverlessObservability plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverlessObservability'] --- import serverlessObservabilityObj from './serverless_observability.devdocs.json'; diff --git a/api_docs/serverless_search.mdx b/api_docs/serverless_search.mdx index 9ce17a4384fb8..ea79ca1a43af5 100644 --- a/api_docs/serverless_search.mdx +++ b/api_docs/serverless_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverlessSearch title: "serverlessSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the serverlessSearch plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverlessSearch'] --- import serverlessSearchObj from './serverless_search.devdocs.json'; diff --git a/api_docs/session_view.mdx b/api_docs/session_view.mdx index 11dd3ed299b86..6fedd5566845f 100644 --- a/api_docs/session_view.mdx +++ b/api_docs/session_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/sessionView title: "sessionView" image: https://source.unsplash.com/400x175/?github description: API docs for the sessionView plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'sessionView'] --- import sessionViewObj from './session_view.devdocs.json'; diff --git a/api_docs/share.mdx b/api_docs/share.mdx index 128e6c80f863a..b3f66c8087896 100644 --- a/api_docs/share.mdx +++ b/api_docs/share.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/share title: "share" image: https://source.unsplash.com/400x175/?github description: API docs for the share plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'share'] --- import shareObj from './share.devdocs.json'; diff --git a/api_docs/snapshot_restore.mdx b/api_docs/snapshot_restore.mdx index 4a0d1e447511d..8169f6cbf33b0 100644 --- a/api_docs/snapshot_restore.mdx +++ b/api_docs/snapshot_restore.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/snapshotRestore title: "snapshotRestore" image: https://source.unsplash.com/400x175/?github description: API docs for the snapshotRestore plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'snapshotRestore'] --- import snapshotRestoreObj from './snapshot_restore.devdocs.json'; diff --git a/api_docs/spaces.mdx b/api_docs/spaces.mdx index 0b88498825239..ae46df48a4674 100644 --- a/api_docs/spaces.mdx +++ b/api_docs/spaces.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/spaces title: "spaces" image: https://source.unsplash.com/400x175/?github description: API docs for the spaces plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'spaces'] --- import spacesObj from './spaces.devdocs.json'; diff --git a/api_docs/stack_alerts.mdx b/api_docs/stack_alerts.mdx index b3f29202870c1..572b011ed33a8 100644 --- a/api_docs/stack_alerts.mdx +++ b/api_docs/stack_alerts.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/stackAlerts title: "stackAlerts" image: https://source.unsplash.com/400x175/?github description: API docs for the stackAlerts plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'stackAlerts'] --- import stackAlertsObj from './stack_alerts.devdocs.json'; diff --git a/api_docs/stack_connectors.mdx b/api_docs/stack_connectors.mdx index e4425b153a248..d734021abe8de 100644 --- a/api_docs/stack_connectors.mdx +++ b/api_docs/stack_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/stackConnectors title: "stackConnectors" image: https://source.unsplash.com/400x175/?github description: API docs for the stackConnectors plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'stackConnectors'] --- import stackConnectorsObj from './stack_connectors.devdocs.json'; diff --git a/api_docs/task_manager.mdx b/api_docs/task_manager.mdx index 6c89d01595531..f383d51a5f122 100644 --- a/api_docs/task_manager.mdx +++ b/api_docs/task_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/taskManager title: "taskManager" image: https://source.unsplash.com/400x175/?github description: API docs for the taskManager plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'taskManager'] --- import taskManagerObj from './task_manager.devdocs.json'; diff --git a/api_docs/telemetry.mdx b/api_docs/telemetry.mdx index b450df0b84cf1..6761e450930f4 100644 --- a/api_docs/telemetry.mdx +++ b/api_docs/telemetry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetry title: "telemetry" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetry plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetry'] --- import telemetryObj from './telemetry.devdocs.json'; diff --git a/api_docs/telemetry_collection_manager.mdx b/api_docs/telemetry_collection_manager.mdx index 54fa854541196..1cb9d4503447d 100644 --- a/api_docs/telemetry_collection_manager.mdx +++ b/api_docs/telemetry_collection_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryCollectionManager title: "telemetryCollectionManager" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryCollectionManager plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryCollectionManager'] --- import telemetryCollectionManagerObj from './telemetry_collection_manager.devdocs.json'; diff --git a/api_docs/telemetry_collection_xpack.mdx b/api_docs/telemetry_collection_xpack.mdx index 3bbf43d16218c..283352eb80070 100644 --- a/api_docs/telemetry_collection_xpack.mdx +++ b/api_docs/telemetry_collection_xpack.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryCollectionXpack title: "telemetryCollectionXpack" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryCollectionXpack plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryCollectionXpack'] --- import telemetryCollectionXpackObj from './telemetry_collection_xpack.devdocs.json'; diff --git a/api_docs/telemetry_management_section.mdx b/api_docs/telemetry_management_section.mdx index 9030dc06710ee..1216d571a1749 100644 --- a/api_docs/telemetry_management_section.mdx +++ b/api_docs/telemetry_management_section.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryManagementSection title: "telemetryManagementSection" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryManagementSection plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryManagementSection'] --- import telemetryManagementSectionObj from './telemetry_management_section.devdocs.json'; diff --git a/api_docs/text_based_languages.mdx b/api_docs/text_based_languages.mdx index 0564eea2132b2..e4144e2d89841 100644 --- a/api_docs/text_based_languages.mdx +++ b/api_docs/text_based_languages.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/textBasedLanguages title: "textBasedLanguages" image: https://source.unsplash.com/400x175/?github description: API docs for the textBasedLanguages plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'textBasedLanguages'] --- import textBasedLanguagesObj from './text_based_languages.devdocs.json'; diff --git a/api_docs/threat_intelligence.mdx b/api_docs/threat_intelligence.mdx index b58ee3df6e625..15a8f7af96410 100644 --- a/api_docs/threat_intelligence.mdx +++ b/api_docs/threat_intelligence.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/threatIntelligence title: "threatIntelligence" image: https://source.unsplash.com/400x175/?github description: API docs for the threatIntelligence plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'threatIntelligence'] --- import threatIntelligenceObj from './threat_intelligence.devdocs.json'; diff --git a/api_docs/timelines.mdx b/api_docs/timelines.mdx index 9314ca84e996d..2093891cad50a 100644 --- a/api_docs/timelines.mdx +++ b/api_docs/timelines.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/timelines title: "timelines" image: https://source.unsplash.com/400x175/?github description: API docs for the timelines plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'timelines'] --- import timelinesObj from './timelines.devdocs.json'; diff --git a/api_docs/transform.mdx b/api_docs/transform.mdx index eafa2122bebbd..0bd80b9ecee3c 100644 --- a/api_docs/transform.mdx +++ b/api_docs/transform.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/transform title: "transform" image: https://source.unsplash.com/400x175/?github description: API docs for the transform plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'transform'] --- import transformObj from './transform.devdocs.json'; diff --git a/api_docs/triggers_actions_ui.devdocs.json b/api_docs/triggers_actions_ui.devdocs.json index 4b5284d402a79..354f6b327834a 100644 --- a/api_docs/triggers_actions_ui.devdocs.json +++ b/api_docs/triggers_actions_ui.devdocs.json @@ -6101,7 +6101,15 @@ "EuiDataGridToolBarVisibilityOptions", " | undefined; shouldHighlightRow?: ((alert: ", "EcsFieldsResponse", - ") => boolean) | undefined; } & Partial boolean) | undefined; featureIds?: ", + { + "pluginId": "@kbn/rule-data-utils", + "scope": "common", + "docId": "kibKbnRuleDataUtilsPluginApi", + "section": "def-common.AlertConsumers", + "text": "AlertConsumers" + }, + "[] | undefined; } & Partial>" ], diff --git a/api_docs/triggers_actions_ui.mdx b/api_docs/triggers_actions_ui.mdx index 5a4bec974db92..d59328f929c44 100644 --- a/api_docs/triggers_actions_ui.mdx +++ b/api_docs/triggers_actions_ui.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/triggersActionsUi title: "triggersActionsUi" image: https://source.unsplash.com/400x175/?github description: API docs for the triggersActionsUi plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'triggersActionsUi'] --- import triggersActionsUiObj from './triggers_actions_ui.devdocs.json'; diff --git a/api_docs/ui_actions.mdx b/api_docs/ui_actions.mdx index 4f5485b484ae5..2d47125e08fd0 100644 --- a/api_docs/ui_actions.mdx +++ b/api_docs/ui_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uiActions title: "uiActions" image: https://source.unsplash.com/400x175/?github description: API docs for the uiActions plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uiActions'] --- import uiActionsObj from './ui_actions.devdocs.json'; diff --git a/api_docs/ui_actions_enhanced.mdx b/api_docs/ui_actions_enhanced.mdx index fb201cb1ffa35..0f114af633566 100644 --- a/api_docs/ui_actions_enhanced.mdx +++ b/api_docs/ui_actions_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uiActionsEnhanced title: "uiActionsEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the uiActionsEnhanced plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uiActionsEnhanced'] --- import uiActionsEnhancedObj from './ui_actions_enhanced.devdocs.json'; diff --git a/api_docs/unified_doc_viewer.mdx b/api_docs/unified_doc_viewer.mdx index eecfa3715e4b9..11cd0685fb9d9 100644 --- a/api_docs/unified_doc_viewer.mdx +++ b/api_docs/unified_doc_viewer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedDocViewer title: "unifiedDocViewer" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedDocViewer plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedDocViewer'] --- import unifiedDocViewerObj from './unified_doc_viewer.devdocs.json'; diff --git a/api_docs/unified_histogram.mdx b/api_docs/unified_histogram.mdx index 1d8886c83fdfe..614642cf3db3e 100644 --- a/api_docs/unified_histogram.mdx +++ b/api_docs/unified_histogram.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedHistogram title: "unifiedHistogram" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedHistogram plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedHistogram'] --- import unifiedHistogramObj from './unified_histogram.devdocs.json'; diff --git a/api_docs/unified_search.mdx b/api_docs/unified_search.mdx index 5bc0db815e546..25627088db5a1 100644 --- a/api_docs/unified_search.mdx +++ b/api_docs/unified_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedSearch title: "unifiedSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedSearch plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedSearch'] --- import unifiedSearchObj from './unified_search.devdocs.json'; diff --git a/api_docs/unified_search_autocomplete.mdx b/api_docs/unified_search_autocomplete.mdx index bc152247c68ee..5ba7bea665748 100644 --- a/api_docs/unified_search_autocomplete.mdx +++ b/api_docs/unified_search_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedSearch-autocomplete title: "unifiedSearch.autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedSearch.autocomplete plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedSearch.autocomplete'] --- import unifiedSearchAutocompleteObj from './unified_search_autocomplete.devdocs.json'; diff --git a/api_docs/uptime.mdx b/api_docs/uptime.mdx index e29055b1b9950..f0bbdb5539145 100644 --- a/api_docs/uptime.mdx +++ b/api_docs/uptime.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uptime title: "uptime" image: https://source.unsplash.com/400x175/?github description: API docs for the uptime plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uptime'] --- import uptimeObj from './uptime.devdocs.json'; diff --git a/api_docs/url_forwarding.mdx b/api_docs/url_forwarding.mdx index 5f0570c3fa0d5..4f2eeecd2b281 100644 --- a/api_docs/url_forwarding.mdx +++ b/api_docs/url_forwarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/urlForwarding title: "urlForwarding" image: https://source.unsplash.com/400x175/?github description: API docs for the urlForwarding plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'urlForwarding'] --- import urlForwardingObj from './url_forwarding.devdocs.json'; diff --git a/api_docs/usage_collection.mdx b/api_docs/usage_collection.mdx index 2004fffdf9203..80e68fc8c199c 100644 --- a/api_docs/usage_collection.mdx +++ b/api_docs/usage_collection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/usageCollection title: "usageCollection" image: https://source.unsplash.com/400x175/?github description: API docs for the usageCollection plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'usageCollection'] --- import usageCollectionObj from './usage_collection.devdocs.json'; diff --git a/api_docs/ux.mdx b/api_docs/ux.mdx index 961badd1a3aa2..8dd8bfb03551f 100644 --- a/api_docs/ux.mdx +++ b/api_docs/ux.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ux title: "ux" image: https://source.unsplash.com/400x175/?github description: API docs for the ux plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ux'] --- import uxObj from './ux.devdocs.json'; diff --git a/api_docs/vis_default_editor.mdx b/api_docs/vis_default_editor.mdx index ebc68f992532d..54ac984cc5b77 100644 --- a/api_docs/vis_default_editor.mdx +++ b/api_docs/vis_default_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visDefaultEditor title: "visDefaultEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the visDefaultEditor plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visDefaultEditor'] --- import visDefaultEditorObj from './vis_default_editor.devdocs.json'; diff --git a/api_docs/vis_type_gauge.mdx b/api_docs/vis_type_gauge.mdx index 6fd5f786330d0..eb5f57380601b 100644 --- a/api_docs/vis_type_gauge.mdx +++ b/api_docs/vis_type_gauge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeGauge title: "visTypeGauge" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeGauge plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeGauge'] --- import visTypeGaugeObj from './vis_type_gauge.devdocs.json'; diff --git a/api_docs/vis_type_heatmap.mdx b/api_docs/vis_type_heatmap.mdx index 4fc7751981ae9..66c5f8150bc2e 100644 --- a/api_docs/vis_type_heatmap.mdx +++ b/api_docs/vis_type_heatmap.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeHeatmap title: "visTypeHeatmap" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeHeatmap plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeHeatmap'] --- import visTypeHeatmapObj from './vis_type_heatmap.devdocs.json'; diff --git a/api_docs/vis_type_pie.mdx b/api_docs/vis_type_pie.mdx index 230f5545c332a..fb4fbcb9d635e 100644 --- a/api_docs/vis_type_pie.mdx +++ b/api_docs/vis_type_pie.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypePie title: "visTypePie" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypePie plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypePie'] --- import visTypePieObj from './vis_type_pie.devdocs.json'; diff --git a/api_docs/vis_type_table.mdx b/api_docs/vis_type_table.mdx index 9477acc939607..40480b47c5dce 100644 --- a/api_docs/vis_type_table.mdx +++ b/api_docs/vis_type_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTable title: "visTypeTable" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTable plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTable'] --- import visTypeTableObj from './vis_type_table.devdocs.json'; diff --git a/api_docs/vis_type_timelion.mdx b/api_docs/vis_type_timelion.mdx index fdcba6bcad8cb..8dec288d097d4 100644 --- a/api_docs/vis_type_timelion.mdx +++ b/api_docs/vis_type_timelion.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTimelion title: "visTypeTimelion" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTimelion plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTimelion'] --- import visTypeTimelionObj from './vis_type_timelion.devdocs.json'; diff --git a/api_docs/vis_type_timeseries.mdx b/api_docs/vis_type_timeseries.mdx index 2fc9b97219976..5312f6fcad713 100644 --- a/api_docs/vis_type_timeseries.mdx +++ b/api_docs/vis_type_timeseries.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTimeseries title: "visTypeTimeseries" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTimeseries plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTimeseries'] --- import visTypeTimeseriesObj from './vis_type_timeseries.devdocs.json'; diff --git a/api_docs/vis_type_vega.mdx b/api_docs/vis_type_vega.mdx index 304bc7edc65b5..0c857a598ccd4 100644 --- a/api_docs/vis_type_vega.mdx +++ b/api_docs/vis_type_vega.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeVega title: "visTypeVega" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeVega plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeVega'] --- import visTypeVegaObj from './vis_type_vega.devdocs.json'; diff --git a/api_docs/vis_type_vislib.mdx b/api_docs/vis_type_vislib.mdx index 2317ed06e02a4..820e67c91f642 100644 --- a/api_docs/vis_type_vislib.mdx +++ b/api_docs/vis_type_vislib.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeVislib title: "visTypeVislib" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeVislib plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeVislib'] --- import visTypeVislibObj from './vis_type_vislib.devdocs.json'; diff --git a/api_docs/vis_type_xy.mdx b/api_docs/vis_type_xy.mdx index b4d84cdd1c6a9..9b5c98e80cf19 100644 --- a/api_docs/vis_type_xy.mdx +++ b/api_docs/vis_type_xy.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeXy title: "visTypeXy" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeXy plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeXy'] --- import visTypeXyObj from './vis_type_xy.devdocs.json'; diff --git a/api_docs/visualizations.mdx b/api_docs/visualizations.mdx index 0df559e04aa93..ec0a742837b9f 100644 --- a/api_docs/visualizations.mdx +++ b/api_docs/visualizations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visualizations title: "visualizations" image: https://source.unsplash.com/400x175/?github description: API docs for the visualizations plugin -date: 2023-10-18 +date: 2023-10-19 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visualizations'] --- import visualizationsObj from './visualizations.devdocs.json'; From 6038f92b1fcaeedf635a0eab68fd9cdadd1103d3 Mon Sep 17 00:00:00 2001 From: Julia Rechkunova Date: Thu, 19 Oct 2023 08:16:25 +0200 Subject: [PATCH 16/50] [OnWeek][Discover] Allow to change current sample size and save it with a saved search (#157269) - Closes https://github.com/elastic/kibana/issues/94140 - https://github.com/elastic/kibana/issues/11758 - https://github.com/elastic/kibana/issues/4060 - https://github.com/elastic/kibana/issues/3220 - https://github.com/elastic/kibana/issues/23307 - Closes https://github.com/elastic/kibana/issues/131130 ## Summary This PR allows to change current sample size right from Discover page, no need to modify the global default value. Saved search panels on Dashboard will also use the saved value to fetch only the requested sample size. This customisation was requested by many customers as it will allow to load Dashboards faster. Current range for the slider: from 10 to 1000 (with a step 10). Screenshot 2023-10-09 at 11 10 52 ### Checklist - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers) --- .../src/components/data_table.test.tsx | 71 ++++++- .../src/components/data_table.tsx | 55 +++-- ...table_additional_display_settings.test.tsx | 111 ++++++++++ ...data_table_additional_display_settings.tsx | 85 ++++++++ .../group2/check_registered_types.test.ts | 2 +- .../context/context_app_content.tsx | 2 +- .../components/layout/discover_documents.tsx | 25 ++- .../components/top_nav/on_save_search.tsx | 12 ++ .../main/hooks/utils/build_state_subscribe.ts | 4 +- .../services/discover_app_state_container.ts | 6 +- .../main/services/load_saved_search.ts | 2 +- .../main/utils/cleanup_url_state.test.ts | 67 +++++- .../main/utils/cleanup_url_state.ts | 20 +- .../main/utils/fetch_documents.test.ts | 1 + .../application/main/utils/fetch_documents.ts | 8 +- .../main/utils/get_state_defaults.test.ts | 2 + .../main/utils/get_state_defaults.ts | 5 +- .../doc_table/create_doc_table_embeddable.tsx | 1 + .../doc_table/doc_table_embeddable.tsx | 11 +- .../doc_table/doc_table_infinite.tsx | 10 +- .../saved_search_embeddable.test.ts | 6 + .../embeddable/saved_search_embeddable.tsx | 25 ++- .../saved_search_embeddable_component.tsx | 4 + .../public/embeddable/saved_search_grid.tsx | 4 +- .../utils/update_search_source.test.ts | 47 ++++- .../embeddable/utils/update_search_source.ts | 4 +- .../utils/get_allowed_sample_size.test.ts | 49 +++++ .../public/utils/get_allowed_sample_size.ts | 30 +++ src/plugins/saved_search/common/constants.ts | 3 + .../content_management/v1/cm_services.ts | 7 + src/plugins/saved_search/common/index.ts | 7 +- .../common/saved_searches_utils.ts | 1 + .../common/service/get_saved_searches.test.ts | 3 + .../service/saved_searches_utils.test.ts | 9 +- .../common/service/saved_searches_utils.ts | 1 + src/plugins/saved_search/common/types.ts | 2 + .../save_saved_searches.test.ts | 3 + .../saved_search_attribute_service.test.ts | 1 + .../public/services/saved_searches/types.ts | 1 + .../saved_search_storage.ts | 1 + .../server/saved_objects/schema.ts | 95 +++++++++ .../server/saved_objects/search.ts | 74 +------ .../discover/group2/_data_grid_row_height.ts | 14 +- .../discover/group2/_data_grid_sample_size.ts | 195 ++++++++++++++++++ test/functional/apps/discover/group2/index.ts | 1 + test/functional/services/data_grid.ts | 23 +++ .../cloud_security_data_table.tsx | 2 +- 47 files changed, 964 insertions(+), 148 deletions(-) create mode 100644 packages/kbn-unified-data-table/src/components/data_table_additional_display_settings.test.tsx create mode 100644 packages/kbn-unified-data-table/src/components/data_table_additional_display_settings.tsx create mode 100644 src/plugins/discover/public/utils/get_allowed_sample_size.test.ts create mode 100644 src/plugins/discover/public/utils/get_allowed_sample_size.ts create mode 100644 src/plugins/saved_search/server/saved_objects/schema.ts create mode 100644 test/functional/apps/discover/group2/_data_grid_sample_size.ts diff --git a/packages/kbn-unified-data-table/src/components/data_table.test.tsx b/packages/kbn-unified-data-table/src/components/data_table.test.tsx index c59149132cdf4..97bcc0e2c6654 100644 --- a/packages/kbn-unified-data-table/src/components/data_table.test.tsx +++ b/packages/kbn-unified-data-table/src/components/data_table.test.tsx @@ -10,6 +10,7 @@ import { ReactWrapper } from 'enzyme'; import { EuiButton, EuiCopy, + EuiDataGrid, EuiDataGridCellValueElementProps, EuiDataGridCustomBodyProps, } from '@elastic/eui'; @@ -52,7 +53,7 @@ function getProps(): UnifiedDataTableProps { onSetColumns: jest.fn(), onSort: jest.fn(), rows: esHitsMock.map((hit) => buildDataTableRecord(hit, dataViewMock)), - sampleSize: 30, + sampleSizeState: 30, searchDescription: '', searchTitle: '', setExpandedDoc: jest.fn(), @@ -301,6 +302,74 @@ describe('UnifiedDataTable', () => { }); }); + describe('display settings', () => { + it('should include additional display settings if onUpdateSampleSize is provided', async () => { + const component = await getComponent({ + ...getProps(), + sampleSizeState: 150, + onUpdateSampleSize: jest.fn(), + onUpdateRowHeight: jest.fn(), + }); + + expect(component.find(EuiDataGrid).prop('toolbarVisibility')).toMatchInlineSnapshot(` + Object { + "additionalControls": , + "showColumnSelector": false, + "showDisplaySelector": Object { + "additionalDisplaySettings": , + "allowDensity": false, + "allowResetButton": false, + "allowRowHeight": true, + }, + "showFullScreenSelector": true, + "showSortSelector": true, + } + `); + }); + + it('should not include additional display settings if onUpdateSampleSize is not provided', async () => { + const component = await getComponent({ + ...getProps(), + sampleSizeState: 200, + onUpdateRowHeight: jest.fn(), + }); + + expect(component.find(EuiDataGrid).prop('toolbarVisibility')).toMatchInlineSnapshot(` + Object { + "additionalControls": , + "showColumnSelector": false, + "showDisplaySelector": Object { + "allowDensity": false, + "allowRowHeight": true, + }, + "showFullScreenSelector": true, + "showSortSelector": true, + } + `); + }); + + it('should hide display settings if no handlers provided', async () => { + const component = await getComponent({ + ...getProps(), + onUpdateRowHeight: undefined, + onUpdateSampleSize: undefined, + }); + + expect(component.find(EuiDataGrid).prop('toolbarVisibility')).toMatchInlineSnapshot(` + Object { + "additionalControls": , + "showColumnSelector": false, + "showDisplaySelector": undefined, + "showFullScreenSelector": true, + "showSortSelector": true, + } + `); + }); + }); + describe('externalControlColumns', () => { it('should render external leading control columns', async () => { const component = await getComponent({ diff --git a/packages/kbn-unified-data-table/src/components/data_table.tsx b/packages/kbn-unified-data-table/src/components/data_table.tsx index a1540e88a5cd6..22a625f479e3b 100644 --- a/packages/kbn-unified-data-table/src/components/data_table.tsx +++ b/packages/kbn-unified-data-table/src/components/data_table.tsx @@ -27,6 +27,7 @@ import { EuiDataGridControlColumn, EuiDataGridCustomBodyProps, EuiDataGridCellValueElementProps, + EuiDataGridToolBarVisibilityDisplaySelectorOptions, EuiDataGridStyle, } from '@elastic/eui'; import type { DataView } from '@kbn/data-views-plugin/public'; @@ -63,6 +64,7 @@ import { toolbarVisibility as toolbarVisibilityDefaults, } from '../constants'; import { UnifiedDataTableFooter } from './data_table_footer'; +import { UnifiedDataTableAdditionalDisplaySettings } from './data_table_additional_display_settings'; export type SortOrder = [string, string]; @@ -137,10 +139,6 @@ export interface UnifiedDataTableProps { * Array of documents provided by Elasticsearch */ rows?: DataTableRecord[]; - /** - * The max size of the documents returned by Elasticsearch - */ - sampleSize: number; /** * Function to set the expanded document, which is displayed in a flyout */ @@ -205,6 +203,18 @@ export interface UnifiedDataTableProps { * Update rows per page state */ onUpdateRowsPerPage?: (rowsPerPage: number) => void; + /** + * Configuration option to limit sample size slider + */ + maxAllowedSampleSize?: number; + /** + * The max size of the documents returned by Elasticsearch + */ + sampleSizeState: number; + /** + * Update rows per page state + */ + onUpdateSampleSize?: (sampleSize: number) => void; /** * Callback to execute on edit runtime field */ @@ -328,7 +338,6 @@ export const UnifiedDataTable = ({ onSetColumns, onSort, rows, - sampleSize, searchDescription, searchTitle, settings, @@ -342,6 +351,9 @@ export const UnifiedDataTable = ({ className, rowHeightState, onUpdateRowHeight, + maxAllowedSampleSize, + sampleSizeState, + onUpdateSampleSize, isPlainRecord = false, rowsPerPageState, onUpdateRowsPerPage, @@ -715,16 +727,27 @@ export const UnifiedDataTable = ({ [usedSelectedDocs, isFilterActive, rows, externalAdditionalControls] ); - const showDisplaySelector = useMemo( - () => - !!onUpdateRowHeight - ? { - allowDensity: false, - allowRowHeight: true, - } - : undefined, - [onUpdateRowHeight] - ); + const showDisplaySelector = useMemo(() => { + const options: EuiDataGridToolBarVisibilityDisplaySelectorOptions = {}; + + if (onUpdateRowHeight) { + options.allowDensity = false; + options.allowRowHeight = true; + } + + if (onUpdateSampleSize) { + options.allowResetButton = false; + options.additionalDisplaySettings = ( + + ); + } + + return Object.keys(options).length ? options : undefined; + }, [maxAllowedSampleSize, sampleSizeState, onUpdateRowHeight, onUpdateSampleSize]); const inMemory = useMemo(() => { return isPlainRecord && columns.length @@ -837,7 +860,7 @@ export const UnifiedDataTable = ({ fn); + +describe('UnifiedDataTableAdditionalDisplaySettings', function () { + describe('sampleSize', function () { + it('should work correctly', async () => { + const onChangeSampleSizeMock = jest.fn(); + + const component = mountWithIntl( + + ); + const input = findTestSubject(component, 'unifiedDataTableSampleSizeInput').last(); + expect(input.prop('value')).toBe(10); + + await act(async () => { + input.simulate('change', { + target: { + value: 100, + }, + }); + }); + + expect(onChangeSampleSizeMock).toHaveBeenCalledWith(100); + + await new Promise((resolve) => setTimeout(resolve, 0)); + component.update(); + + expect( + findTestSubject(component, 'unifiedDataTableSampleSizeInput').last().prop('value') + ).toBe(100); + }); + + it('should not execute the callback for an invalid input', async () => { + const invalidValue = 600; + const onChangeSampleSizeMock = jest.fn(); + + const component = mountWithIntl( + + ); + const input = findTestSubject(component, 'unifiedDataTableSampleSizeInput').last(); + expect(input.prop('value')).toBe(50); + + await act(async () => { + input.simulate('change', { + target: { + value: invalidValue, + }, + }); + }); + + await new Promise((resolve) => setTimeout(resolve, 0)); + component.update(); + + expect( + findTestSubject(component, 'unifiedDataTableSampleSizeInput').last().prop('value') + ).toBe(invalidValue); + + expect(onChangeSampleSizeMock).not.toHaveBeenCalled(); + }); + + it('should render value changes correctly', async () => { + const onChangeSampleSizeMock = jest.fn(); + + const component = mountWithIntl( + + ); + + expect( + findTestSubject(component, 'unifiedDataTableSampleSizeInput').last().prop('value') + ).toBe(200); + + component.setProps({ + sampleSize: 500, + onChangeSampleSize: onChangeSampleSizeMock, + }); + + await new Promise((resolve) => setTimeout(resolve, 0)); + component.update(); + + expect( + findTestSubject(component, 'unifiedDataTableSampleSizeInput').last().prop('value') + ).toBe(500); + + expect(onChangeSampleSizeMock).not.toHaveBeenCalled(); + }); + }); +}); diff --git a/packages/kbn-unified-data-table/src/components/data_table_additional_display_settings.tsx b/packages/kbn-unified-data-table/src/components/data_table_additional_display_settings.tsx new file mode 100644 index 0000000000000..2555c5f253929 --- /dev/null +++ b/packages/kbn-unified-data-table/src/components/data_table_additional_display_settings.tsx @@ -0,0 +1,85 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import React, { useCallback, useEffect, useMemo, useState } from 'react'; +import { EuiFormRow, EuiRange } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import { debounce } from 'lodash'; + +export const DEFAULT_MAX_ALLOWED_SAMPLE_SIZE = 1000; +export const MIN_ALLOWED_SAMPLE_SIZE = 1; +export const RANGE_MIN_SAMPLE_SIZE = 10; // it's necessary to be able to use `step={10}` configuration for EuiRange +export const RANGE_STEP_SAMPLE_SIZE = 10; + +export interface UnifiedDataTableAdditionalDisplaySettingsProps { + maxAllowedSampleSize?: number; + sampleSize: number; + onChangeSampleSize: (sampleSize: number) => void; +} + +export const UnifiedDataTableAdditionalDisplaySettings: React.FC< + UnifiedDataTableAdditionalDisplaySettingsProps +> = ({ + maxAllowedSampleSize = DEFAULT_MAX_ALLOWED_SAMPLE_SIZE, + sampleSize, + onChangeSampleSize, +}) => { + const [activeSampleSize, setActiveSampleSize] = useState(sampleSize); + const minRangeSampleSize = Math.max( + Math.min(RANGE_MIN_SAMPLE_SIZE, sampleSize), + MIN_ALLOWED_SAMPLE_SIZE + ); // flexible: allows to go lower than RANGE_MIN_SAMPLE_SIZE but greater than MIN_ALLOWED_SAMPLE_SIZE + + const debouncedOnChangeSampleSize = useMemo( + () => debounce(onChangeSampleSize, 300, { leading: false, trailing: true }), + [onChangeSampleSize] + ); + + const onChangeActiveSampleSize = useCallback( + (event) => { + if (!event.target.value) { + setActiveSampleSize(''); + return; + } + + const newSampleSize = Number(event.target.value); + + if (newSampleSize >= MIN_ALLOWED_SAMPLE_SIZE) { + setActiveSampleSize(newSampleSize); + if (newSampleSize <= maxAllowedSampleSize) { + debouncedOnChangeSampleSize(newSampleSize); + } + } + }, + [maxAllowedSampleSize, setActiveSampleSize, debouncedOnChangeSampleSize] + ); + + const sampleSizeLabel = i18n.translate('unifiedDataTable.sampleSizeSettings.sampleSizeLabel', { + defaultMessage: 'Sample size', + }); + + useEffect(() => { + setActiveSampleSize(sampleSize); // reset local state + }, [sampleSize, setActiveSampleSize]); + + return ( + + + + ); +}; diff --git a/src/core/server/integration_tests/saved_objects/migrations/group2/check_registered_types.test.ts b/src/core/server/integration_tests/saved_objects/migrations/group2/check_registered_types.test.ts index 62780b66727ef..73fef09887c69 100644 --- a/src/core/server/integration_tests/saved_objects/migrations/group2/check_registered_types.test.ts +++ b/src/core/server/integration_tests/saved_objects/migrations/group2/check_registered_types.test.ts @@ -133,7 +133,7 @@ describe('checking migration metadata changes on all registered SO types', () => "risk-engine-configuration": "b105d4a3c6adce40708d729d12e5ef3c8fbd9508", "rules-settings": "892a2918ebaeba809a612b8d97cec0b07c800b5f", "sample-data-telemetry": "37441b12f5b0159c2d6d5138a494c9f440e950b5", - "search": "8d5184dd5b986d57250b6ffd9ae48a1925e4c7a3", + "search": "2c1ab8a17e6972be2fa8d3880ba2305dfd9a5a6e", "search-session": "b2fcd840e12a45039ada50b1355faeafa39876d1", "search-telemetry": "b568601618744720b5662946d3103e3fb75fe8ee", "security-rule": "07abb4d7e707d91675ec0495c73816394c7b521f", diff --git a/src/plugins/discover/public/application/context/context_app_content.tsx b/src/plugins/discover/public/application/context/context_app_content.tsx index ff99c46816f25..81ca3e6f81b66 100644 --- a/src/plugins/discover/public/application/context/context_app_content.tsx +++ b/src/plugins/discover/public/application/context/context_app_content.tsx @@ -197,7 +197,7 @@ export function ContextAppContent({ dataView={dataView} expandedDoc={expandedDoc} loadingState={isAnchorLoading ? DataLoadingState.loading : DataLoadingState.loaded} - sampleSize={0} + sampleSizeState={0} sort={sort as SortOrder[]} isSortEnabled={false} showTimeCol={showTimeCol} diff --git a/src/plugins/discover/public/application/main/components/layout/discover_documents.tsx b/src/plugins/discover/public/application/main/components/layout/discover_documents.tsx index d1c772e7ec1bf..60367b83d02ed 100644 --- a/src/plugins/discover/public/application/main/components/layout/discover_documents.tsx +++ b/src/plugins/discover/public/application/main/components/layout/discover_documents.tsx @@ -34,7 +34,6 @@ import { HIDE_ANNOUNCEMENTS, MAX_DOC_FIELDS_DISPLAYED, ROW_HEIGHT_OPTION, - SAMPLE_SIZE_SETTING, SEARCH_FIELDS_FROM_SOURCE, SHOW_MULTIFIELDS, SORT_DEFAULT_ORDER_SETTING, @@ -56,6 +55,10 @@ import { DiscoverTourProvider, } from '../../../../components/discover_tour'; import { getRawRecordType } from '../../utils/get_raw_record_type'; +import { + getMaxAllowedSampleSize, + getAllowedSampleSize, +} from '../../../../utils/get_allowed_sample_size'; import { DiscoverGridFlyout } from '../../../../components/discover_grid_flyout'; import { useSavedSearchInitial } from '../../services/discover_state_provider'; import { useFetchMoreRecords } from './use_fetch_more_records'; @@ -103,8 +106,8 @@ function DiscoverDocumentsComponent({ const documents$ = stateContainer.dataState.data$.documents$; const savedSearch = useSavedSearchInitial(); const { dataViews, capabilities, uiSettings, uiActions } = services; - const [query, sort, rowHeight, rowsPerPage, grid, columns, index] = useAppStateSelector( - (state) => { + const [query, sort, rowHeight, rowsPerPage, grid, columns, index, sampleSizeState] = + useAppStateSelector((state) => { return [ state.query, state.sort, @@ -113,9 +116,9 @@ function DiscoverDocumentsComponent({ state.grid, state.columns, state.index, + state.sampleSize, ]; - } - ); + }); const setExpandedDoc = useCallback( (doc: DataTableRecord | undefined) => { stateContainer.internalState.transitions.setExpandedDoc(doc); @@ -128,7 +131,6 @@ function DiscoverDocumentsComponent({ const useNewFieldsApi = useMemo(() => !uiSettings.get(SEARCH_FIELDS_FROM_SOURCE), [uiSettings]); const hideAnnouncements = useMemo(() => uiSettings.get(HIDE_ANNOUNCEMENTS), [uiSettings]); const isLegacy = useMemo(() => uiSettings.get(DOC_TABLE_LEGACY), [uiSettings]); - const sampleSize = useMemo(() => uiSettings.get(SAMPLE_SIZE_SETTING), [uiSettings]); const documentState = useDataState(documents$); const isDataLoading = @@ -183,6 +185,13 @@ function DiscoverDocumentsComponent({ [stateContainer] ); + const onUpdateSampleSize = useCallback( + (newSampleSize: number) => { + stateContainer.appState.update({ sampleSize: newSampleSize }); + }, + [stateContainer] + ); + const onSort = useCallback( (nextSort: string[][]) => { stateContainer.appState.update({ sort: nextSort }); @@ -315,7 +324,6 @@ function DiscoverDocumentsComponent({ } rows={rows} sort={(sort as SortOrder[]) || []} - sampleSize={sampleSize} searchDescription={savedSearch.description} searchTitle={savedSearch.title} setExpandedDoc={setExpandedDoc} @@ -332,6 +340,9 @@ function DiscoverDocumentsComponent({ isPlainRecord={isTextBasedQuery} rowsPerPageState={rowsPerPage ?? getDefaultRowsPerPage(services.uiSettings)} onUpdateRowsPerPage={onUpdateRowsPerPage} + maxAllowedSampleSize={getMaxAllowedSampleSize(services.uiSettings)} + sampleSizeState={getAllowedSampleSize(sampleSizeState, services.uiSettings)} + onUpdateSampleSize={!isTextBasedQuery ? onUpdateSampleSize : undefined} onFieldEdited={onFieldEdited} configRowHeight={uiSettings.get(ROW_HEIGHT_OPTION)} showMultiFields={uiSettings.get(SHOW_MULTIFIELDS)} diff --git a/src/plugins/discover/public/application/main/components/top_nav/on_save_search.tsx b/src/plugins/discover/public/application/main/components/top_nav/on_save_search.tsx index 4d1b9ccbdc22d..abae8e83b41a1 100644 --- a/src/plugins/discover/public/application/main/components/top_nav/on_save_search.tsx +++ b/src/plugins/discover/public/application/main/components/top_nav/on_save_search.tsx @@ -15,6 +15,7 @@ import { SavedSearch, SaveSavedSearchOptions } from '@kbn/saved-search-plugin/pu import { DOC_TABLE_LEGACY } from '@kbn/discover-utils'; import { DiscoverServices } from '../../../../build_services'; import { DiscoverStateContainer } from '../../services/discover_state'; +import { getAllowedSampleSize } from '../../../../utils/get_allowed_sample_size'; async function saveDataSource({ savedSearch, @@ -110,6 +111,7 @@ export async function onSaveSearch({ const currentTitle = savedSearch.title; const currentTimeRestore = savedSearch.timeRestore; const currentRowsPerPage = savedSearch.rowsPerPage; + const currentSampleSize = savedSearch.sampleSize; const currentDescription = savedSearch.description; const currentTags = savedSearch.tags; savedSearch.title = newTitle; @@ -118,6 +120,15 @@ export async function onSaveSearch({ savedSearch.rowsPerPage = uiSettings.get(DOC_TABLE_LEGACY) ? currentRowsPerPage : state.appState.getState().rowsPerPage; + + // save the custom value or reset it if it's invalid + const appStateSampleSize = state.appState.getState().sampleSize; + const allowedSampleSize = getAllowedSampleSize(appStateSampleSize, uiSettings); + savedSearch.sampleSize = + appStateSampleSize && allowedSampleSize === appStateSampleSize + ? appStateSampleSize + : undefined; + if (savedObjectsTagging) { savedSearch.tags = newTags; } @@ -144,6 +155,7 @@ export async function onSaveSearch({ savedSearch.title = currentTitle; savedSearch.timeRestore = currentTimeRestore; savedSearch.rowsPerPage = currentRowsPerPage; + savedSearch.sampleSize = currentSampleSize; savedSearch.description = currentDescription; if (savedObjectsTagging) { savedSearch.tags = currentTags; diff --git a/src/plugins/discover/public/application/main/hooks/utils/build_state_subscribe.ts b/src/plugins/discover/public/application/main/hooks/utils/build_state_subscribe.ts index 40838edd35c35..27407822553bb 100644 --- a/src/plugins/discover/public/application/main/hooks/utils/build_state_subscribe.ts +++ b/src/plugins/discover/public/application/main/hooks/utils/build_state_subscribe.ts @@ -53,7 +53,7 @@ export const buildStateSubscribe = return; } addLog('[appstate] subscribe triggered', nextState); - const { hideChart, interval, breakdownField, sort, index } = prevState; + const { hideChart, interval, breakdownField, sampleSize, sort, index } = prevState; const isTextBasedQueryLang = isTextBasedQuery(nextQuery); if (isTextBasedQueryLang) { @@ -68,6 +68,7 @@ export const buildStateSubscribe = const chartDisplayChanged = Boolean(nextState.hideChart) !== Boolean(hideChart); const chartIntervalChanged = nextState.interval !== interval && !isTextBasedQueryLang; const breakdownFieldChanged = nextState.breakdownField !== breakdownField; + const sampleSizeChanged = nextState.sampleSize !== sampleSize; const docTableSortChanged = !isEqual(nextState.sort, sort) && !isTextBasedQueryLang; const dataViewChanged = !isEqual(nextState.index, index) && !isTextBasedQueryLang; let savedSearchDataView; @@ -101,6 +102,7 @@ export const buildStateSubscribe = chartDisplayChanged || chartIntervalChanged || breakdownFieldChanged || + sampleSizeChanged || docTableSortChanged || dataViewChanged || queryChanged diff --git a/src/plugins/discover/public/application/main/services/discover_app_state_container.ts b/src/plugins/discover/public/application/main/services/discover_app_state_container.ts index 046e8fd6393f1..124c83beda236 100644 --- a/src/plugins/discover/public/application/main/services/discover_app_state_container.ts +++ b/src/plugins/discover/public/application/main/services/discover_app_state_container.ts @@ -134,6 +134,10 @@ export interface DiscoverAppState { * Number of rows in the grid per page */ rowsPerPage?: number; + /** + * Custom sample size + */ + sampleSize?: number; /** * Breakdown field of chart */ @@ -299,7 +303,7 @@ export function getInitialState( ? defaultAppState : { ...defaultAppState, - ...cleanupUrlState(stateStorageURL), + ...cleanupUrlState(stateStorageURL, services.uiSettings), }, services.uiSettings ); diff --git a/src/plugins/discover/public/application/main/services/load_saved_search.ts b/src/plugins/discover/public/application/main/services/load_saved_search.ts index 3631ca876cce6..8b8dcc2beb2f4 100644 --- a/src/plugins/discover/public/application/main/services/load_saved_search.ts +++ b/src/plugins/discover/public/application/main/services/load_saved_search.ts @@ -91,7 +91,7 @@ export const loadSavedSearch = async ( // Update app state container with the next state derived from the next saved search const nextAppState = getInitialState(undefined, nextSavedSearch, services); const mergedAppState = appState - ? { ...nextAppState, ...cleanupUrlState({ ...appState }) } + ? { ...nextAppState, ...cleanupUrlState({ ...appState }, services.uiSettings) } : nextAppState; appStateContainer.resetToState(mergedAppState); diff --git a/src/plugins/discover/public/application/main/utils/cleanup_url_state.test.ts b/src/plugins/discover/public/application/main/utils/cleanup_url_state.test.ts index ea1af49f48e89..2d49639e02884 100644 --- a/src/plugins/discover/public/application/main/utils/cleanup_url_state.test.ts +++ b/src/plugins/discover/public/application/main/utils/cleanup_url_state.test.ts @@ -8,11 +8,14 @@ import { AppStateUrl } from '../services/discover_app_state_container'; import { cleanupUrlState } from './cleanup_url_state'; +import { createDiscoverServicesMock } from '../../../__mocks__/services'; + +const services = createDiscoverServicesMock(); describe('cleanupUrlState', () => { test('cleaning up legacy sort', async () => { const state = { sort: ['batman', 'desc'] } as AppStateUrl; - expect(cleanupUrlState(state)).toMatchInlineSnapshot(` + expect(cleanupUrlState(state, services.uiSettings)).toMatchInlineSnapshot(` Object { "sort": Array [ Array [ @@ -25,7 +28,7 @@ describe('cleanupUrlState', () => { }); test('not cleaning up broken legacy sort', async () => { const state = { sort: ['batman'] } as unknown as AppStateUrl; - expect(cleanupUrlState(state)).toMatchInlineSnapshot(`Object {}`); + expect(cleanupUrlState(state, services.uiSettings)).toMatchInlineSnapshot(`Object {}`); }); test('not cleaning up regular sort', async () => { const state = { @@ -34,7 +37,7 @@ describe('cleanupUrlState', () => { ['robin', 'asc'], ], } as AppStateUrl; - expect(cleanupUrlState(state)).toMatchInlineSnapshot(` + expect(cleanupUrlState(state, services.uiSettings)).toMatchInlineSnapshot(` Object { "sort": Array [ Array [ @@ -53,14 +56,14 @@ describe('cleanupUrlState', () => { const state = { sort: [], } as AppStateUrl; - expect(cleanupUrlState(state)).toMatchInlineSnapshot(`Object {}`); + expect(cleanupUrlState(state, services.uiSettings)).toMatchInlineSnapshot(`Object {}`); }); test('should keep a valid rowsPerPage', async () => { const state = { rowsPerPage: 50, } as AppStateUrl; - expect(cleanupUrlState(state)).toMatchInlineSnapshot(` + expect(cleanupUrlState(state, services.uiSettings)).toMatchInlineSnapshot(` Object { "rowsPerPage": 50, } @@ -71,13 +74,63 @@ describe('cleanupUrlState', () => { const state = { rowsPerPage: -50, } as AppStateUrl; - expect(cleanupUrlState(state)).toMatchInlineSnapshot(`Object {}`); + expect(cleanupUrlState(state, services.uiSettings)).toMatchInlineSnapshot(`Object {}`); }); test('should remove an invalid rowsPerPage', async () => { const state = { rowsPerPage: 'test', } as unknown as AppStateUrl; - expect(cleanupUrlState(state)).toMatchInlineSnapshot(`Object {}`); + expect(cleanupUrlState(state, services.uiSettings)).toMatchInlineSnapshot(`Object {}`); + }); + + describe('sampleSize', function () { + test('should keep a valid sampleSize', async () => { + const state = { + sampleSize: 50, + } as AppStateUrl; + expect(cleanupUrlState(state, services.uiSettings)).toMatchInlineSnapshot(` + Object { + "sampleSize": 50, + } + `); + }); + + test('should remove for ES|QL', async () => { + const state = { + sampleSize: 50, + query: { + esql: 'from test', + }, + } as AppStateUrl; + expect(cleanupUrlState(state, services.uiSettings)).toMatchInlineSnapshot(` + Object { + "query": Object { + "esql": "from test", + }, + } + `); + }); + + test('should remove a negative sampleSize', async () => { + const state = { + sampleSize: -50, + } as AppStateUrl; + expect(cleanupUrlState(state, services.uiSettings)).toMatchInlineSnapshot(`Object {}`); + }); + + test('should remove an invalid sampleSize', async () => { + const state = { + sampleSize: 'test', + } as unknown as AppStateUrl; + expect(cleanupUrlState(state, services.uiSettings)).toMatchInlineSnapshot(`Object {}`); + }); + + test('should remove a too large sampleSize', async () => { + const state = { + sampleSize: 500000, + } as AppStateUrl; + expect(cleanupUrlState(state, services.uiSettings)).toMatchInlineSnapshot(`Object {}`); + }); }); }); diff --git a/src/plugins/discover/public/application/main/utils/cleanup_url_state.ts b/src/plugins/discover/public/application/main/utils/cleanup_url_state.ts index 3abeed97d4cdc..cdfb95d87f134 100644 --- a/src/plugins/discover/public/application/main/utils/cleanup_url_state.ts +++ b/src/plugins/discover/public/application/main/utils/cleanup_url_state.ts @@ -6,14 +6,19 @@ * Side Public License, v 1. */ import { isOfAggregateQueryType } from '@kbn/es-query'; +import type { IUiSettingsClient } from '@kbn/core-ui-settings-browser'; import { DiscoverAppState, AppStateUrl } from '../services/discover_app_state_container'; import { migrateLegacyQuery } from '../../../utils/migrate_legacy_query'; +import { getMaxAllowedSampleSize } from '../../../utils/get_allowed_sample_size'; /** * Takes care of the given url state, migrates legacy props and cleans up empty props * @param appStateFromUrl */ -export function cleanupUrlState(appStateFromUrl: AppStateUrl): DiscoverAppState { +export function cleanupUrlState( + appStateFromUrl: AppStateUrl, + uiSettings: IUiSettingsClient +): DiscoverAppState { if ( appStateFromUrl && appStateFromUrl.query && @@ -46,5 +51,18 @@ export function cleanupUrlState(appStateFromUrl: AppStateUrl): DiscoverAppState delete appStateFromUrl.rowsPerPage; } + if ( + appStateFromUrl?.sampleSize && + (isOfAggregateQueryType(appStateFromUrl.query) || // not supported yet for ES|QL + !( + typeof appStateFromUrl.sampleSize === 'number' && + appStateFromUrl.sampleSize > 0 && + appStateFromUrl.sampleSize <= getMaxAllowedSampleSize(uiSettings) + )) + ) { + // remove the param if it's invalid + delete appStateFromUrl.sampleSize; + } + return appStateFromUrl as DiscoverAppState; } diff --git a/src/plugins/discover/public/application/main/utils/fetch_documents.test.ts b/src/plugins/discover/public/application/main/utils/fetch_documents.test.ts index cbc62a3cd6068..36847a0a08929 100644 --- a/src/plugins/discover/public/application/main/utils/fetch_documents.test.ts +++ b/src/plugins/discover/public/application/main/utils/fetch_documents.test.ts @@ -26,6 +26,7 @@ const getDeps = () => searchSessionId: '123', services: discoverServiceMock, savedSearch: savedSearchMock, + getAppState: () => ({ sampleSize: 100 }), } as unknown as FetchDeps); describe('test fetchDocuments', () => { diff --git a/src/plugins/discover/public/application/main/utils/fetch_documents.ts b/src/plugins/discover/public/application/main/utils/fetch_documents.ts index 99e87f13558a8..b1e18273479bf 100644 --- a/src/plugins/discover/public/application/main/utils/fetch_documents.ts +++ b/src/plugins/discover/public/application/main/utils/fetch_documents.ts @@ -9,10 +9,11 @@ import { i18n } from '@kbn/i18n'; import { filter, map } from 'rxjs/operators'; import { lastValueFrom } from 'rxjs'; import { isRunningResponse, ISearchSource } from '@kbn/data-plugin/public'; -import { SAMPLE_SIZE_SETTING, buildDataTableRecordList } from '@kbn/discover-utils'; +import { buildDataTableRecordList } from '@kbn/discover-utils'; import type { EsHitRecord } from '@kbn/discover-utils/types'; import { getSearchResponseInterceptedWarnings } from '@kbn/search-response-warnings'; import type { RecordsFetchResponse } from '../../types'; +import { getAllowedSampleSize } from '../../../utils/get_allowed_sample_size'; import { FetchDeps } from './fetch_all'; /** @@ -21,9 +22,10 @@ import { FetchDeps } from './fetch_all'; */ export const fetchDocuments = ( searchSource: ISearchSource, - { abortController, inspectorAdapters, searchSessionId, services }: FetchDeps + { abortController, inspectorAdapters, searchSessionId, services, getAppState }: FetchDeps ): Promise => { - searchSource.setField('size', services.uiSettings.get(SAMPLE_SIZE_SETTING)); + const sampleSize = getAppState().sampleSize; + searchSource.setField('size', getAllowedSampleSize(sampleSize, services.uiSettings)); searchSource.setField('trackTotalHits', false); searchSource.setField('highlightAll', true); searchSource.setField('version', true); diff --git a/src/plugins/discover/public/application/main/utils/get_state_defaults.test.ts b/src/plugins/discover/public/application/main/utils/get_state_defaults.test.ts index 19e9f6a64c88b..a659f543f9993 100644 --- a/src/plugins/discover/public/application/main/utils/get_state_defaults.test.ts +++ b/src/plugins/discover/public/application/main/utils/get_state_defaults.test.ts @@ -36,6 +36,7 @@ describe('getStateDefaults', () => { "query": undefined, "rowHeight": undefined, "rowsPerPage": undefined, + "sampleSize": undefined, "savedQuery": undefined, "sort": Array [ Array [ @@ -70,6 +71,7 @@ describe('getStateDefaults', () => { "query": undefined, "rowHeight": undefined, "rowsPerPage": undefined, + "sampleSize": undefined, "savedQuery": undefined, "sort": Array [], "viewMode": undefined, diff --git a/src/plugins/discover/public/application/main/utils/get_state_defaults.ts b/src/plugins/discover/public/application/main/utils/get_state_defaults.ts index 78c8946825374..943d9b4c98cf0 100644 --- a/src/plugins/discover/public/application/main/utils/get_state_defaults.ts +++ b/src/plugins/discover/public/application/main/utils/get_state_defaults.ts @@ -70,6 +70,7 @@ export function getStateDefaults({ savedQuery: undefined, rowHeight: undefined, rowsPerPage: undefined, + sampleSize: undefined, grid: undefined, breakdownField: undefined, }; @@ -94,7 +95,9 @@ export function getStateDefaults({ if (savedSearch.rowsPerPage) { defaultState.rowsPerPage = savedSearch.rowsPerPage; } - + if (savedSearch.sampleSize) { + defaultState.sampleSize = savedSearch.sampleSize; + } if (savedSearch.breakdownField) { defaultState.breakdownField = savedSearch.breakdownField; } diff --git a/src/plugins/discover/public/components/doc_table/create_doc_table_embeddable.tsx b/src/plugins/discover/public/components/doc_table/create_doc_table_embeddable.tsx index e0f24c2839113..a0a55a17a9cba 100644 --- a/src/plugins/discover/public/components/doc_table/create_doc_table_embeddable.tsx +++ b/src/plugins/discover/public/components/doc_table/create_doc_table_embeddable.tsx @@ -17,6 +17,7 @@ export function DiscoverDocTableEmbeddable(renderProps: DocTableEmbeddableProps) columns={renderProps.columns} rows={renderProps.rows} rowsPerPageState={renderProps.rowsPerPageState} + sampleSizeState={renderProps.sampleSizeState} onUpdateRowsPerPage={renderProps.onUpdateRowsPerPage} totalHitCount={renderProps.totalHitCount} dataView={renderProps.dataView} diff --git a/src/plugins/discover/public/components/doc_table/doc_table_embeddable.tsx b/src/plugins/discover/public/components/doc_table/doc_table_embeddable.tsx index fbe8ed083ebc3..36e3629f089aa 100644 --- a/src/plugins/discover/public/components/doc_table/doc_table_embeddable.tsx +++ b/src/plugins/discover/public/components/doc_table/doc_table_embeddable.tsx @@ -10,19 +10,19 @@ import React, { memo, useCallback, useMemo, useRef } from 'react'; import './index.scss'; import { FormattedMessage } from '@kbn/i18n-react'; import { EuiText } from '@elastic/eui'; -import { SAMPLE_SIZE_SETTING, usePager } from '@kbn/discover-utils'; +import { usePager } from '@kbn/discover-utils'; import type { SearchResponseInterceptedWarning } from '@kbn/search-response-warnings'; import { ToolBarPagination, MAX_ROWS_PER_PAGE_OPTION, } from './components/pager/tool_bar_pagination'; import { DocTableProps, DocTableRenderProps, DocTableWrapper } from './doc_table_wrapper'; -import { useDiscoverServices } from '../../hooks/use_discover_services'; import { SavedSearchEmbeddableBase } from '../../embeddable/saved_search_embeddable_base'; export interface DocTableEmbeddableProps extends DocTableProps { totalHitCount?: number; rowsPerPageState?: number; + sampleSizeState: number; interceptedWarnings?: SearchResponseInterceptedWarning[]; onUpdateRowsPerPage?: (rowsPerPage?: number) => void; } @@ -30,7 +30,6 @@ export interface DocTableEmbeddableProps extends DocTableProps { const DocTableWrapperMemoized = memo(DocTableWrapper); export const DocTableEmbeddable = (props: DocTableEmbeddableProps) => { - const services = useDiscoverServices(); const onUpdateRowsPerPage = props.onUpdateRowsPerPage; const tableWrapperRef = useRef(null); const { @@ -83,10 +82,6 @@ export const DocTableEmbeddable = (props: DocTableEmbeddableProps) => { [hasNextPage, props.rows.length, props.totalHitCount] ); - const sampleSize = useMemo(() => { - return services.uiSettings.get(SAMPLE_SIZE_SETTING, 500); - }, [services]); - const renderDocTable = useCallback( (renderProps: DocTableRenderProps) => { return ( @@ -112,7 +107,7 @@ export const DocTableEmbeddable = (props: DocTableEmbeddableProps) => { ) : undefined diff --git a/src/plugins/discover/public/components/doc_table/doc_table_infinite.tsx b/src/plugins/discover/public/components/doc_table/doc_table_infinite.tsx index cb285746963ac..92265f731bf13 100644 --- a/src/plugins/discover/public/components/doc_table/doc_table_infinite.tsx +++ b/src/plugins/discover/public/components/doc_table/doc_table_infinite.tsx @@ -6,16 +6,17 @@ * Side Public License, v 1. */ -import React, { Fragment, memo, useCallback, useEffect, useMemo, useRef, useState } from 'react'; +import React, { Fragment, memo, useCallback, useEffect, useRef, useState } from 'react'; import './index.scss'; import { FormattedMessage } from '@kbn/i18n-react'; import { debounce } from 'lodash'; import { EuiButtonEmpty } from '@elastic/eui'; -import { SAMPLE_SIZE_SETTING } from '@kbn/discover-utils'; import { DocTableProps, DocTableRenderProps, DocTableWrapper } from './doc_table_wrapper'; import { SkipBottomButton } from '../../application/main/components/skip_bottom_button'; import { shouldLoadNextDocPatch } from './utils/should_load_next_doc_patch'; import { useDiscoverServices } from '../../hooks/use_discover_services'; +import { getAllowedSampleSize } from '../../utils/get_allowed_sample_size'; +import { useAppStateSelector } from '../../application/main/services/discover_app_state_container'; const FOOTER_PADDING = { padding: 0 }; @@ -38,8 +39,9 @@ const DocTableInfiniteContent = ({ onBackToTop, }: DocTableInfiniteContentProps) => { const { uiSettings } = useDiscoverServices(); - - const sampleSize = useMemo(() => uiSettings.get(SAMPLE_SIZE_SETTING, 500), [uiSettings]); + const sampleSize = useAppStateSelector((state) => + getAllowedSampleSize(state.sampleSize, uiSettings) + ); const onSkipBottomButton = useCallback(() => { onSetMaxLimit(); diff --git a/src/plugins/discover/public/embeddable/saved_search_embeddable.test.ts b/src/plugins/discover/public/embeddable/saved_search_embeddable.test.ts index 1473d07ba72b6..eaa7680137fe3 100644 --- a/src/plugins/discover/public/embeddable/saved_search_embeddable.test.ts +++ b/src/plugins/discover/public/embeddable/saved_search_embeddable.test.ts @@ -118,6 +118,7 @@ describe('saved search embeddable', () => { columns: ['message', 'extension'], rowHeight: 30, rowsPerPage: 50, + sampleSize: 250, }; const searchInput: SearchInput = byValue ? { ...baseInput, attributes: {} as SavedSearchByValueAttributes } @@ -194,6 +195,11 @@ describe('saved search embeddable', () => { await waitOneTick(); expect(searchProps.rowsPerPageState).toEqual(100); + expect(searchProps.sampleSizeState).toEqual(250); + searchProps.onUpdateSampleSize!(300); + await waitOneTick(); + expect(searchProps.sampleSizeState).toEqual(300); + searchProps.onFilter!({ name: 'customer_id', type: 'string', scripted: false }, [17], '+'); await waitOneTick(); expect(executeTriggerActions).toHaveBeenCalled(); diff --git a/src/plugins/discover/public/embeddable/saved_search_embeddable.tsx b/src/plugins/discover/public/embeddable/saved_search_embeddable.tsx index 34f6043936d92..e5896215e56de 100644 --- a/src/plugins/discover/public/embeddable/saved_search_embeddable.tsx +++ b/src/plugins/discover/public/embeddable/saved_search_embeddable.tsx @@ -53,7 +53,6 @@ import type { DataTableRecord, EsHitRecord } from '@kbn/discover-utils/types'; import { DOC_HIDE_TIME_COLUMN_SETTING, DOC_TABLE_LEGACY, - SAMPLE_SIZE_SETTING, SEARCH_FIELDS_FROM_SOURCE, SHOW_FIELD_STATISTICS, SORT_DEFAULT_ORDER_SETTING, @@ -65,6 +64,7 @@ import { VIEW_MODE, getDefaultRowsPerPage } from '../../common/constants'; import type { ISearchEmbeddable, SearchInput, SearchOutput } from './types'; import type { DiscoverServices } from '../build_services'; import { getSortForEmbeddable, SortPair } from '../utils/sorting'; +import { getMaxAllowedSampleSize, getAllowedSampleSize } from '../utils/get_allowed_sample_size'; import { SEARCH_EMBEDDABLE_TYPE, SEARCH_EMBEDDABLE_CELL_ACTIONS_TRIGGER_ID } from './constants'; import { SavedSearchEmbeddableComponent } from './saved_search_embeddable_component'; import { handleSourceColumnState } from '../utils/state_helpers'; @@ -93,6 +93,7 @@ export type SearchProps = Partial & onMoveColumn?: (column: string, index: number) => void; onUpdateRowHeight?: (rowHeight?: number) => void; onUpdateRowsPerPage?: (rowsPerPage?: number) => void; + onUpdateSampleSize?: (sampleSize?: number) => void; }; export interface SearchEmbeddableConfig { @@ -126,6 +127,7 @@ export class SavedSearchEmbeddable private prevQuery?: Query; private prevSort?: SortOrder[]; private prevSearchSessionId?: string; + private prevSampleSizeInput?: number; private searchProps?: SearchProps; private initialized?: boolean; private node?: HTMLElement; @@ -256,6 +258,10 @@ export class SavedSearchEmbeddable return isTextBasedQuery(query); }; + private getFetchedSampleSize = (searchProps: SearchProps): number => { + return getAllowedSampleSize(searchProps.sampleSizeState, this.services.uiSettings); + }; + private fetch = async () => { const savedSearch = this.savedSearch; const searchProps = this.searchProps; @@ -276,9 +282,9 @@ export class SavedSearchEmbeddable savedSearch.searchSource, searchProps.dataView, searchProps.sort, + this.getFetchedSampleSize(searchProps), useNewFieldsApi, { - sampleSize: this.services.uiSettings.get(SAMPLE_SIZE_SETTING), sortDir: this.services.uiSettings.get(SORT_DEFAULT_ORDER_SETTING), } ); @@ -472,7 +478,6 @@ export class SavedSearchEmbeddable }); this.updateInput({ sort: sortOrderArr }); }, - sampleSize: this.services.uiSettings.get(SAMPLE_SIZE_SETTING), onFilter: async (field, value, operator) => { let filters = generateFilters( this.services.filterManager, @@ -503,6 +508,10 @@ export class SavedSearchEmbeddable onUpdateRowsPerPage: (rowsPerPage) => { this.updateInput({ rowsPerPage }); }, + sampleSizeState: this.input.sampleSize || savedSearch.sampleSize, + onUpdateSampleSize: (sampleSize) => { + this.updateInput({ sampleSize }); + }, cellActionsTriggerId: SEARCH_EMBEDDABLE_CELL_ACTIONS_TRIGGER_ID, }; @@ -547,6 +556,7 @@ export class SavedSearchEmbeddable !isEqual(this.prevQuery, this.input.query) || !isEqual(this.prevTimeRange, this.getTimeRange()) || !isEqual(this.prevSort, this.input.sort) || + this.prevSampleSizeInput !== this.input.sampleSize || this.prevSearchSessionId !== this.input.searchSessionId ); } @@ -557,6 +567,7 @@ export class SavedSearchEmbeddable } return ( this.input.rowsPerPage !== searchProps.rowsPerPageState || + this.input.sampleSize !== searchProps.sampleSizeState || (this.input.columns && !isEqual(this.input.columns, searchProps.columns)) ); } @@ -589,6 +600,8 @@ export class SavedSearchEmbeddable this.input.rowsPerPage || savedSearch.rowsPerPage || getDefaultRowsPerPage(this.services.uiSettings); + searchProps.maxAllowedSampleSize = getMaxAllowedSampleSize(this.services.uiSettings); + searchProps.sampleSizeState = this.input.sampleSize || savedSearch.sampleSize; searchProps.filters = savedSearch.searchSource.getField('filter') as Filter[]; searchProps.savedSearchId = savedSearch.id; @@ -607,6 +620,7 @@ export class SavedSearchEmbeddable this.prevTimeRange = this.getTimeRange(); this.prevSearchSessionId = this.input.searchSessionId; this.prevSort = this.input.sort; + this.prevSampleSizeInput = this.input.sampleSize; this.searchProps = searchProps; await this.fetch(); @@ -692,7 +706,10 @@ export class SavedSearchEmbeddable > - + , diff --git a/src/plugins/discover/public/embeddable/saved_search_embeddable_component.tsx b/src/plugins/discover/public/embeddable/saved_search_embeddable_component.tsx index 6c499a09d4152..43085e3c0902e 100644 --- a/src/plugins/discover/public/embeddable/saved_search_embeddable_component.tsx +++ b/src/plugins/discover/public/embeddable/saved_search_embeddable_component.tsx @@ -16,6 +16,7 @@ import { isTextBasedQuery } from '../application/main/utils/is_text_based_query' import { SearchProps } from './saved_search_embeddable'; interface SavedSearchEmbeddableComponentProps { + fetchedSampleSize: number; searchProps: SearchProps; useLegacyTable: boolean; query?: AggregateQuery | Query; @@ -25,6 +26,7 @@ const DiscoverDocTableEmbeddableMemoized = React.memo(DiscoverDocTableEmbeddable const DiscoverGridEmbeddableMemoized = React.memo(DiscoverGridEmbeddable); export function SavedSearchEmbeddableComponent({ + fetchedSampleSize, searchProps, useLegacyTable, query, @@ -34,6 +36,7 @@ export function SavedSearchEmbeddableComponent({ return ( ); @@ -41,6 +44,7 @@ export function SavedSearchEmbeddableComponent({ return ( { + sampleSizeState: number; // a required prop totalHitCount?: number; query?: AggregateQuery | Query; interceptedWarnings?: SearchResponseInterceptedWarning[]; diff --git a/src/plugins/discover/public/embeddable/utils/update_search_source.test.ts b/src/plugins/discover/public/embeddable/utils/update_search_source.test.ts index 6d440d89cf413..0b56ea8397728 100644 --- a/src/plugins/discover/public/embeddable/utils/update_search_source.test.ts +++ b/src/plugins/discover/public/embeddable/utils/update_search_source.test.ts @@ -22,35 +22,65 @@ const dataViewMockWithTimeField = buildDataViewMock({ describe('updateSearchSource', () => { const defaults = { - sampleSize: 50, sortDir: 'asc', }; + const customSampleSize = 70; + it('updates a given search source', async () => { const searchSource = createSearchSourceMock({}); - updateSearchSource(searchSource, dataViewMock, [] as SortOrder[], false, defaults); + updateSearchSource( + searchSource, + dataViewMock, + [] as SortOrder[], + customSampleSize, + false, + defaults + ); expect(searchSource.getField('fields')).toBe(undefined); // does not explicitly request fieldsFromSource when not using fields API expect(searchSource.getField('fieldsFromSource')).toBe(undefined); + expect(searchSource.getField('size')).toEqual(customSampleSize); }); it('updates a given search source with the usage of the new fields api', async () => { const searchSource = createSearchSourceMock({}); - updateSearchSource(searchSource, dataViewMock, [] as SortOrder[], true, defaults); + updateSearchSource( + searchSource, + dataViewMock, + [] as SortOrder[], + customSampleSize, + true, + defaults + ); expect(searchSource.getField('fields')).toEqual([{ field: '*', include_unmapped: 'true' }]); expect(searchSource.getField('fieldsFromSource')).toBe(undefined); + expect(searchSource.getField('size')).toEqual(customSampleSize); }); it('updates a given search source with sort field', async () => { const searchSource1 = createSearchSourceMock({}); - updateSearchSource(searchSource1, dataViewMock, [] as SortOrder[], true, defaults); + updateSearchSource( + searchSource1, + dataViewMock, + [] as SortOrder[], + customSampleSize, + true, + defaults + ); expect(searchSource1.getField('sort')).toEqual([{ _score: 'asc' }]); const searchSource2 = createSearchSourceMock({}); - updateSearchSource(searchSource2, dataViewMockWithTimeField, [] as SortOrder[], true, { - sampleSize: 50, - sortDir: 'desc', - }); + updateSearchSource( + searchSource2, + dataViewMockWithTimeField, + [] as SortOrder[], + customSampleSize, + true, + { + sortDir: 'desc', + } + ); expect(searchSource2.getField('sort')).toEqual([{ _doc: 'desc' }]); const searchSource3 = createSearchSourceMock({}); @@ -58,6 +88,7 @@ describe('updateSearchSource', () => { searchSource3, dataViewMockWithTimeField, [['bytes', 'desc']] as SortOrder[], + customSampleSize, true, defaults ); diff --git a/src/plugins/discover/public/embeddable/utils/update_search_source.ts b/src/plugins/discover/public/embeddable/utils/update_search_source.ts index 0215a26e649b0..ce2e72664e7d5 100644 --- a/src/plugins/discover/public/embeddable/utils/update_search_source.ts +++ b/src/plugins/discover/public/embeddable/utils/update_search_source.ts @@ -14,13 +14,13 @@ export const updateSearchSource = ( searchSource: ISearchSource, dataView: DataView | undefined, sort: (SortOrder[] & string[][]) | undefined, + sampleSize: number, useNewFieldsApi: boolean, defaults: { - sampleSize: number; sortDir: string; } ) => { - const { sampleSize, sortDir } = defaults; + const { sortDir } = defaults; searchSource.setField('size', sampleSize); searchSource.setField( 'sort', diff --git a/src/plugins/discover/public/utils/get_allowed_sample_size.test.ts b/src/plugins/discover/public/utils/get_allowed_sample_size.test.ts new file mode 100644 index 0000000000000..e7431dab6d478 --- /dev/null +++ b/src/plugins/discover/public/utils/get_allowed_sample_size.test.ts @@ -0,0 +1,49 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import { SAMPLE_SIZE_SETTING } from '@kbn/discover-utils'; +import { getAllowedSampleSize, getMaxAllowedSampleSize } from './get_allowed_sample_size'; +import { IUiSettingsClient } from '@kbn/core-ui-settings-browser'; + +describe('allowed sample size', () => { + function getUiSettingsMock(sampleSize?: number): IUiSettingsClient { + return { + get: (key: string) => { + if (key === SAMPLE_SIZE_SETTING) { + return sampleSize; + } + }, + } as IUiSettingsClient; + } + + const uiSettings = getUiSettingsMock(500); + + describe('getAllowedSampleSize', function () { + test('should work correctly for a valid input', function () { + expect(getAllowedSampleSize(1, uiSettings)).toBe(1); + expect(getAllowedSampleSize(100, uiSettings)).toBe(100); + expect(getAllowedSampleSize(500, uiSettings)).toBe(500); + }); + + test('should work correctly for an invalid input', function () { + expect(getAllowedSampleSize(-10, uiSettings)).toBe(500); + expect(getAllowedSampleSize(undefined, uiSettings)).toBe(500); + expect(getAllowedSampleSize(50_000, uiSettings)).toBe(500); + }); + }); + + describe('getMaxAllowedSampleSize', function () { + test('should work correctly', function () { + expect(getMaxAllowedSampleSize(uiSettings)).toBe(500); + expect(getMaxAllowedSampleSize(getUiSettingsMock(1000))).toBe(1000); + expect(getMaxAllowedSampleSize(getUiSettingsMock(100))).toBe(100); + expect(getMaxAllowedSampleSize(getUiSettingsMock(20_000))).toBe(10_000); + expect(getMaxAllowedSampleSize(getUiSettingsMock(undefined))).toBe(500); + }); + }); +}); diff --git a/src/plugins/discover/public/utils/get_allowed_sample_size.ts b/src/plugins/discover/public/utils/get_allowed_sample_size.ts new file mode 100644 index 0000000000000..588a33545e2a7 --- /dev/null +++ b/src/plugins/discover/public/utils/get_allowed_sample_size.ts @@ -0,0 +1,30 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ +import type { IUiSettingsClient } from '@kbn/core-ui-settings-browser'; +import { SAMPLE_SIZE_SETTING } from '@kbn/discover-utils'; +import { + MIN_SAVED_SEARCH_SAMPLE_SIZE, + MAX_SAVED_SEARCH_SAMPLE_SIZE, +} from '@kbn/saved-search-plugin/common'; + +export const getMaxAllowedSampleSize = (uiSettings: IUiSettingsClient): number => { + return Math.min(uiSettings.get(SAMPLE_SIZE_SETTING) || 500, MAX_SAVED_SEARCH_SAMPLE_SIZE); +}; + +export const getAllowedSampleSize = ( + customSampleSize: number | undefined, + uiSettings: IUiSettingsClient +): number => { + if (!customSampleSize || customSampleSize < 0) { + return uiSettings.get(SAMPLE_SIZE_SETTING); + } + return Math.max( + Math.min(customSampleSize, getMaxAllowedSampleSize(uiSettings)), + MIN_SAVED_SEARCH_SAMPLE_SIZE + ); +}; diff --git a/src/plugins/saved_search/common/constants.ts b/src/plugins/saved_search/common/constants.ts index 57e3cfff51ebb..a980bd40e3e26 100644 --- a/src/plugins/saved_search/common/constants.ts +++ b/src/plugins/saved_search/common/constants.ts @@ -10,4 +10,7 @@ export const SavedSearchType = 'search'; export const LATEST_VERSION = 1; +export const MIN_SAVED_SEARCH_SAMPLE_SIZE = 1; +export const MAX_SAVED_SEARCH_SAMPLE_SIZE = 10000; + export type SavedSearchContentType = typeof SavedSearchType; diff --git a/src/plugins/saved_search/common/content_management/v1/cm_services.ts b/src/plugins/saved_search/common/content_management/v1/cm_services.ts index 781f111b18bfb..0cbbe69c4bfeb 100644 --- a/src/plugins/saved_search/common/content_management/v1/cm_services.ts +++ b/src/plugins/saved_search/common/content_management/v1/cm_services.ts @@ -15,6 +15,7 @@ import { updateOptionsSchema, createResultSchema, } from '@kbn/content-management-utils'; +import { MIN_SAVED_SEARCH_SAMPLE_SIZE, MAX_SAVED_SEARCH_SAMPLE_SIZE } from '../../constants'; const sortSchema = schema.arrayOf(schema.string(), { maxSize: 2 }); @@ -60,6 +61,12 @@ const savedSearchAttributesSchema = schema.object( }) ), rowsPerPage: schema.maybe(schema.number()), + sampleSize: schema.maybe( + schema.number({ + min: MIN_SAVED_SEARCH_SAMPLE_SIZE, + max: MAX_SAVED_SEARCH_SAMPLE_SIZE, + }) + ), breakdownField: schema.maybe(schema.string()), version: schema.maybe(schema.number()), }, diff --git a/src/plugins/saved_search/common/index.ts b/src/plugins/saved_search/common/index.ts index 4669ecd3bd4b9..0ac92232fb3b8 100644 --- a/src/plugins/saved_search/common/index.ts +++ b/src/plugins/saved_search/common/index.ts @@ -21,5 +21,10 @@ export enum VIEW_MODE { AGGREGATED_LEVEL = 'aggregated', } -export { SavedSearchType, LATEST_VERSION } from './constants'; +export { + SavedSearchType, + LATEST_VERSION, + MIN_SAVED_SEARCH_SAMPLE_SIZE, + MAX_SAVED_SEARCH_SAMPLE_SIZE, +} from './constants'; export { getKibanaContextFn } from './expressions/kibana_context'; diff --git a/src/plugins/saved_search/common/saved_searches_utils.ts b/src/plugins/saved_search/common/saved_searches_utils.ts index 324baca435232..d2a179e36817b 100644 --- a/src/plugins/saved_search/common/saved_searches_utils.ts +++ b/src/plugins/saved_search/common/saved_searches_utils.ts @@ -32,5 +32,6 @@ export const fromSavedSearchAttributes = ( timeRange: attributes.timeRange, refreshInterval: attributes.refreshInterval, rowsPerPage: attributes.rowsPerPage, + sampleSize: attributes.sampleSize, breakdownField: attributes.breakdownField, }); diff --git a/src/plugins/saved_search/common/service/get_saved_searches.test.ts b/src/plugins/saved_search/common/service/get_saved_searches.test.ts index 05893f5c36e64..2b26b82eafece 100644 --- a/src/plugins/saved_search/common/service/get_saved_searches.test.ts +++ b/src/plugins/saved_search/common/service/get_saved_searches.test.ts @@ -58,6 +58,7 @@ describe('getSavedSearch', () => { description: 'description', grid: {}, hideChart: false, + sampleSize: 100, }, id: 'ccf1af80-2297-11ec-86e0-1155ffb9c7a7', type: 'search', @@ -103,6 +104,7 @@ describe('getSavedSearch', () => { "refreshInterval": undefined, "rowHeight": undefined, "rowsPerPage": undefined, + "sampleSize": 100, "searchSource": Object { "create": [MockFunction], "createChild": [MockFunction], @@ -208,6 +210,7 @@ describe('getSavedSearch', () => { "refreshInterval": undefined, "rowHeight": undefined, "rowsPerPage": undefined, + "sampleSize": undefined, "searchSource": Object { "create": [MockFunction], "createChild": [MockFunction], diff --git a/src/plugins/saved_search/common/service/saved_searches_utils.test.ts b/src/plugins/saved_search/common/service/saved_searches_utils.test.ts index 67f368637d3f5..b118799858348 100644 --- a/src/plugins/saved_search/common/service/saved_searches_utils.test.ts +++ b/src/plugins/saved_search/common/service/saved_searches_utils.test.ts @@ -25,6 +25,9 @@ describe('saved_searches_utils', () => { hideChart: true, isTextBasedQuery: false, usesAdHocDataView: false, + rowsPerPage: 250, + sampleSize: 1000, + breakdownField: 'extension.keyword', }; expect( @@ -38,7 +41,7 @@ describe('saved_searches_utils', () => { ) ).toMatchInlineSnapshot(` Object { - "breakdownField": undefined, + "breakdownField": "extension.keyword", "columns": Array [ "a", "b", @@ -52,7 +55,8 @@ describe('saved_searches_utils', () => { "references": Array [], "refreshInterval": undefined, "rowHeight": undefined, - "rowsPerPage": undefined, + "rowsPerPage": 250, + "sampleSize": 1000, "searchSource": SearchSource { "dependencies": Object { "aggs": Object { @@ -122,6 +126,7 @@ describe('saved_searches_utils', () => { "refreshInterval": undefined, "rowHeight": undefined, "rowsPerPage": undefined, + "sampleSize": undefined, "sort": Array [ Array [ "a", diff --git a/src/plugins/saved_search/common/service/saved_searches_utils.ts b/src/plugins/saved_search/common/service/saved_searches_utils.ts index ef99a0b87ad5c..ab4720b7802f8 100644 --- a/src/plugins/saved_search/common/service/saved_searches_utils.ts +++ b/src/plugins/saved_search/common/service/saved_searches_utils.ts @@ -46,5 +46,6 @@ export const toSavedSearchAttributes = ( timeRange: savedSearch.timeRange ? pick(savedSearch.timeRange, ['from', 'to']) : undefined, refreshInterval: savedSearch.refreshInterval, rowsPerPage: savedSearch.rowsPerPage, + sampleSize: savedSearch.sampleSize, breakdownField: savedSearch.breakdownField, }); diff --git a/src/plugins/saved_search/common/types.ts b/src/plugins/saved_search/common/types.ts index 3da4276aeb1dd..c47548aebd8d4 100644 --- a/src/plugins/saved_search/common/types.ts +++ b/src/plugins/saved_search/common/types.ts @@ -43,6 +43,7 @@ export interface SavedSearchAttributes { refreshInterval?: RefreshInterval; rowsPerPage?: number; + sampleSize?: number; breakdownField?: string; } @@ -74,6 +75,7 @@ export interface SavedSearch { refreshInterval?: RefreshInterval; rowsPerPage?: number; + sampleSize?: number; breakdownField?: string; references?: SavedObjectReference[]; sharingSavedObjectProps?: { diff --git a/src/plugins/saved_search/public/services/saved_searches/save_saved_searches.test.ts b/src/plugins/saved_search/public/services/saved_searches/save_saved_searches.test.ts index 9c7eb23c98e0a..a04f0af45eb29 100644 --- a/src/plugins/saved_search/public/services/saved_searches/save_saved_searches.test.ts +++ b/src/plugins/saved_search/public/services/saved_searches/save_saved_searches.test.ts @@ -128,6 +128,7 @@ describe('saveSavedSearch', () => { refreshInterval: undefined, rowHeight: undefined, rowsPerPage: undefined, + sampleSize: undefined, sort: [], timeRange: undefined, timeRestore: false, @@ -162,6 +163,7 @@ describe('saveSavedSearch', () => { refreshInterval: undefined, rowHeight: undefined, rowsPerPage: undefined, + sampleSize: undefined, timeRange: undefined, sort: [], title: 'title', @@ -211,6 +213,7 @@ describe('saveSavedSearch', () => { refreshInterval: undefined, rowHeight: undefined, rowsPerPage: undefined, + sampleSize: undefined, sort: [], timeRange: undefined, timeRestore: false, diff --git a/src/plugins/saved_search/public/services/saved_searches/saved_search_attribute_service.test.ts b/src/plugins/saved_search/public/services/saved_searches/saved_search_attribute_service.test.ts index cc6a6ec79ffea..35c35e669bff8 100644 --- a/src/plugins/saved_search/public/services/saved_searches/saved_search_attribute_service.test.ts +++ b/src/plugins/saved_search/public/services/saved_searches/saved_search_attribute_service.test.ts @@ -200,6 +200,7 @@ describe('getSavedSearchAttributeService', () => { "refreshInterval": undefined, "rowHeight": undefined, "rowsPerPage": undefined, + "sampleSize": undefined, "searchSource": Object { "create": [MockFunction], "createChild": [MockFunction], diff --git a/src/plugins/saved_search/public/services/saved_searches/types.ts b/src/plugins/saved_search/public/services/saved_searches/types.ts index 5e0f2637ae2aa..086d71848b6c6 100644 --- a/src/plugins/saved_search/public/services/saved_searches/types.ts +++ b/src/plugins/saved_search/public/services/saved_searches/types.ts @@ -34,6 +34,7 @@ interface SearchBaseInput extends EmbeddableInput { sort?: SortOrder[]; rowHeight?: number; rowsPerPage?: number; + sampleSize?: number; } export type SavedSearchByValueAttributes = Omit & { diff --git a/src/plugins/saved_search/server/content_management/saved_search_storage.ts b/src/plugins/saved_search/server/content_management/saved_search_storage.ts index 797430a159159..0615dbdc3049e 100644 --- a/src/plugins/saved_search/server/content_management/saved_search_storage.ts +++ b/src/plugins/saved_search/server/content_management/saved_search_storage.ts @@ -43,6 +43,7 @@ export class SavedSearchStorage extends SOContentStorage { 'refreshInterval', 'rowsPerPage', 'breakdownField', + 'sampleSize', ], logger, throwOnResultValidationError, diff --git a/src/plugins/saved_search/server/saved_objects/schema.ts b/src/plugins/saved_search/server/saved_objects/schema.ts new file mode 100644 index 0000000000000..19dfdf5e7a11c --- /dev/null +++ b/src/plugins/saved_search/server/saved_objects/schema.ts @@ -0,0 +1,95 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import { schema } from '@kbn/config-schema'; +import { + MIN_SAVED_SEARCH_SAMPLE_SIZE, + MAX_SAVED_SEARCH_SAMPLE_SIZE, + VIEW_MODE, +} from '../../common'; + +const SCHEMA_SEARCH_BASE = { + // General + title: schema.string(), + description: schema.string({ defaultValue: '' }), + + // Data grid + columns: schema.arrayOf(schema.string(), { defaultValue: [] }), + sort: schema.oneOf( + [ + schema.arrayOf(schema.arrayOf(schema.string(), { maxSize: 2 })), + schema.arrayOf(schema.string(), { maxSize: 2 }), + ], + { defaultValue: [] } + ), + grid: schema.object( + { + columns: schema.maybe( + schema.recordOf( + schema.string(), + schema.object({ + width: schema.maybe(schema.number()), + }) + ) + ), + }, + { defaultValue: {} } + ), + rowHeight: schema.maybe(schema.number()), + rowsPerPage: schema.maybe(schema.number()), + + // Chart + hideChart: schema.boolean({ defaultValue: false }), + breakdownField: schema.maybe(schema.string()), + + // Search + kibanaSavedObjectMeta: schema.object({ + searchSourceJSON: schema.string(), + }), + isTextBasedQuery: schema.boolean({ defaultValue: false }), + usesAdHocDataView: schema.maybe(schema.boolean()), + + // Time + timeRestore: schema.maybe(schema.boolean()), + timeRange: schema.maybe( + schema.object({ + from: schema.string(), + to: schema.string(), + }) + ), + refreshInterval: schema.maybe( + schema.object({ + pause: schema.boolean(), + value: schema.number(), + }) + ), + + // Display + viewMode: schema.maybe( + schema.oneOf([ + schema.literal(VIEW_MODE.DOCUMENT_LEVEL), + schema.literal(VIEW_MODE.AGGREGATED_LEVEL), + ]) + ), + hideAggregatedPreview: schema.maybe(schema.boolean()), + + // Legacy + hits: schema.maybe(schema.number()), + version: schema.maybe(schema.number()), +}; + +export const SCHEMA_SEARCH_V8_8_0 = schema.object(SCHEMA_SEARCH_BASE); +export const SCHEMA_SEARCH_V8_12_0 = schema.object({ + ...SCHEMA_SEARCH_BASE, + sampleSize: schema.maybe( + schema.number({ + min: MIN_SAVED_SEARCH_SAMPLE_SIZE, + max: MAX_SAVED_SEARCH_SAMPLE_SIZE, + }) + ), +}); diff --git a/src/plugins/saved_search/server/saved_objects/search.ts b/src/plugins/saved_search/server/saved_objects/search.ts index 9b78f5ea4aecb..2d3844f098c6a 100644 --- a/src/plugins/saved_search/server/saved_objects/search.ts +++ b/src/plugins/saved_search/server/saved_objects/search.ts @@ -6,12 +6,11 @@ * Side Public License, v 1. */ -import { schema } from '@kbn/config-schema'; import { ANALYTICS_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; import { SavedObjectsType } from '@kbn/core/server'; import { MigrateFunctionsObject } from '@kbn/kibana-utils-plugin/common'; -import { VIEW_MODE } from '../../common'; import { getAllMigrations } from './search_migrations'; +import { SCHEMA_SEARCH_V8_8_0, SCHEMA_SEARCH_V8_12_0 } from './schema'; export function getSavedSearchObjectType( getSearchSourceMigrations: () => MigrateFunctionsObject @@ -44,75 +43,8 @@ export function getSavedSearchObjectType( }, }, schemas: { - '8.8.0': schema.object({ - // General - title: schema.string(), - description: schema.string({ defaultValue: '' }), - - // Data grid - columns: schema.arrayOf(schema.string(), { defaultValue: [] }), - sort: schema.oneOf( - [ - schema.arrayOf(schema.arrayOf(schema.string(), { maxSize: 2 })), - schema.arrayOf(schema.string(), { maxSize: 2 }), - ], - { defaultValue: [] } - ), - grid: schema.object( - { - columns: schema.maybe( - schema.recordOf( - schema.string(), - schema.object({ - width: schema.maybe(schema.number()), - }) - ) - ), - }, - { defaultValue: {} } - ), - rowHeight: schema.maybe(schema.number()), - rowsPerPage: schema.maybe(schema.number()), - - // Chart - hideChart: schema.boolean({ defaultValue: false }), - breakdownField: schema.maybe(schema.string()), - - // Search - kibanaSavedObjectMeta: schema.object({ - searchSourceJSON: schema.string(), - }), - isTextBasedQuery: schema.boolean({ defaultValue: false }), - usesAdHocDataView: schema.maybe(schema.boolean()), - - // Time - timeRestore: schema.maybe(schema.boolean()), - timeRange: schema.maybe( - schema.object({ - from: schema.string(), - to: schema.string(), - }) - ), - refreshInterval: schema.maybe( - schema.object({ - pause: schema.boolean(), - value: schema.number(), - }) - ), - - // Display - viewMode: schema.maybe( - schema.oneOf([ - schema.literal(VIEW_MODE.DOCUMENT_LEVEL), - schema.literal(VIEW_MODE.AGGREGATED_LEVEL), - ]) - ), - hideAggregatedPreview: schema.maybe(schema.boolean()), - - // Legacy - hits: schema.maybe(schema.number()), - version: schema.maybe(schema.number()), - }), + '8.8.0': SCHEMA_SEARCH_V8_8_0, + '8.12.0': SCHEMA_SEARCH_V8_12_0, }, migrations: () => getAllMigrations(getSearchSourceMigrations()), }; diff --git a/test/functional/apps/discover/group2/_data_grid_row_height.ts b/test/functional/apps/discover/group2/_data_grid_row_height.ts index 2c385b67aaa02..84574655cb406 100644 --- a/test/functional/apps/discover/group2/_data_grid_row_height.ts +++ b/test/functional/apps/discover/group2/_data_grid_row_height.ts @@ -14,6 +14,7 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { const esArchiver = getService('esArchiver'); const kibanaServer = getService('kibanaServer'); const dataGrid = getService('dataGrid'); + const testSubjects = getService('testSubjects'); const PageObjects = getPageObjects(['settings', 'common', 'discover', 'header', 'timePicker']); const defaultSettings = { defaultIndex: 'logstash-*' }; const security = getService('security'); @@ -47,7 +48,7 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { expect(await dataGrid.getCurrentRowHeightValue()).to.be('Auto fit'); }); - it('should allow to change row height and reset it', async () => { + it('should allow to change row height', async () => { await dataGrid.clickGridSettings(); expect(await dataGrid.getCurrentRowHeightValue()).to.be('Auto fit'); @@ -59,13 +60,16 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { expect(await dataGrid.getCurrentRowHeightValue()).to.be('Single'); - await dataGrid.resetRowHeightValue(); - - expect(await dataGrid.getCurrentRowHeightValue()).to.be('Auto fit'); + // we hide "Reset to default" action in Discover + await testSubjects.missingOrFail('resetDisplaySelector'); await dataGrid.changeRowHeightValue('Custom'); - await dataGrid.resetRowHeightValue(); + expect(await dataGrid.getCurrentRowHeightValue()).to.be('Custom'); + + await testSubjects.missingOrFail('resetDisplaySelector'); + + await dataGrid.changeRowHeightValue('Auto fit'); expect(await dataGrid.getCurrentRowHeightValue()).to.be('Auto fit'); }); diff --git a/test/functional/apps/discover/group2/_data_grid_sample_size.ts b/test/functional/apps/discover/group2/_data_grid_sample_size.ts new file mode 100644 index 0000000000000..891363f0868db --- /dev/null +++ b/test/functional/apps/discover/group2/_data_grid_sample_size.ts @@ -0,0 +1,195 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import expect from '@kbn/expect'; +import { FtrProviderContext } from '../ftr_provider_context'; + +const DEFAULT_ROWS_PER_PAGE = 100; +const DEFAULT_SAMPLE_SIZE = 500; +const CUSTOM_SAMPLE_SIZE = 250; +const CUSTOM_SAMPLE_SIZE_FOR_SAVED_SEARCH = 150; +const CUSTOM_SAMPLE_SIZE_FOR_DASHBOARD_PANEL = 10; +const FOOTER_SELECTOR = 'unifiedDataTableFooter'; +const SAVED_SEARCH_NAME = 'With sample size'; + +export default function ({ getService, getPageObjects }: FtrProviderContext) { + const browser = getService('browser'); + const esArchiver = getService('esArchiver'); + const kibanaServer = getService('kibanaServer'); + const dataGrid = getService('dataGrid'); + const testSubjects = getService('testSubjects'); + const retry = getService('retry'); + const dashboardAddPanel = getService('dashboardAddPanel'); + const PageObjects = getPageObjects([ + 'settings', + 'common', + 'discover', + 'header', + 'timePicker', + 'dashboard', + ]); + const security = getService('security'); + const defaultSettings = { + defaultIndex: 'logstash-*', + 'discover:sampleSize': DEFAULT_SAMPLE_SIZE, + 'discover:rowHeightOption': 0, // single line + 'discover:sampleRowsPerPage': DEFAULT_ROWS_PER_PAGE, + hideAnnouncements: true, + }; + + describe('discover data grid sample size', function describeIndexTests() { + before(async () => { + await security.testUser.setRoles(['kibana_admin', 'test_logstash_reader']); + await esArchiver.loadIfNeeded('test/functional/fixtures/es_archiver/logstash_functional'); + await kibanaServer.importExport.load('test/functional/fixtures/kbn_archiver/discover'); + }); + + after(async () => { + await kibanaServer.importExport.unload('test/functional/fixtures/kbn_archiver/discover'); + await kibanaServer.uiSettings.replace({}); + await kibanaServer.savedObjects.cleanStandardList(); + }); + + beforeEach(async function () { + await PageObjects.timePicker.setDefaultAbsoluteRangeViaUiSettings(); + await kibanaServer.uiSettings.update(defaultSettings); + await PageObjects.common.navigateToApp('discover'); + await PageObjects.header.waitUntilLoadingHasFinished(); + await PageObjects.discover.waitUntilSearchingHasFinished(); + }); + + async function goToLastPageAndCheckFooterMessage(sampleSize: number) { + const lastPageNumber = Math.ceil(sampleSize / DEFAULT_ROWS_PER_PAGE) - 1; + + // go to the last page + await testSubjects.click(`pagination-button-${lastPageNumber}`); + // footer is shown now + await retry.try(async function () { + await testSubjects.existOrFail(FOOTER_SELECTOR); + }); + expect( + (await testSubjects.getVisibleText(FOOTER_SELECTOR)).includes(String(sampleSize)) + ).to.be(true); + } + + it('should use the default sample size', async () => { + await dataGrid.clickGridSettings(); + expect(await dataGrid.getCurrentSampleSizeValue()).to.be(DEFAULT_SAMPLE_SIZE); + await goToLastPageAndCheckFooterMessage(DEFAULT_SAMPLE_SIZE); + }); + + it('should allow to change sample size', async () => { + await dataGrid.clickGridSettings(); + expect(await dataGrid.getCurrentSampleSizeValue()).to.be(DEFAULT_SAMPLE_SIZE); + + await dataGrid.changeSampleSizeValue(CUSTOM_SAMPLE_SIZE); + + await PageObjects.header.waitUntilLoadingHasFinished(); + await PageObjects.discover.waitUntilSearchingHasFinished(); + + expect(await dataGrid.getCurrentSampleSizeValue()).to.be(CUSTOM_SAMPLE_SIZE); + await goToLastPageAndCheckFooterMessage(CUSTOM_SAMPLE_SIZE); + }); + + it('should persist the selection after reloading the page', async () => { + await dataGrid.clickGridSettings(); + expect(await dataGrid.getCurrentSampleSizeValue()).to.be(DEFAULT_SAMPLE_SIZE); + + await dataGrid.changeSampleSizeValue(CUSTOM_SAMPLE_SIZE); + + await PageObjects.header.waitUntilLoadingHasFinished(); + await PageObjects.discover.waitUntilSearchingHasFinished(); + + await browser.refresh(); + + await PageObjects.discover.waitUntilSearchingHasFinished(); + await dataGrid.clickGridSettings(); + + expect(await dataGrid.getCurrentSampleSizeValue()).to.be(CUSTOM_SAMPLE_SIZE); + await goToLastPageAndCheckFooterMessage(CUSTOM_SAMPLE_SIZE); + }); + + it('should save a custom sample size with a search', async () => { + await dataGrid.clickGridSettings(); + expect(await dataGrid.getCurrentSampleSizeValue()).to.be(DEFAULT_SAMPLE_SIZE); + + await dataGrid.changeSampleSizeValue(CUSTOM_SAMPLE_SIZE_FOR_SAVED_SEARCH); + + await PageObjects.header.waitUntilLoadingHasFinished(); + await PageObjects.discover.waitUntilSearchingHasFinished(); + + await PageObjects.discover.saveSearch(SAVED_SEARCH_NAME); + + await PageObjects.discover.waitUntilSearchingHasFinished(); + await dataGrid.clickGridSettings(); + + expect(await dataGrid.getCurrentSampleSizeValue()).to.be(CUSTOM_SAMPLE_SIZE_FOR_SAVED_SEARCH); + await goToLastPageAndCheckFooterMessage(CUSTOM_SAMPLE_SIZE_FOR_SAVED_SEARCH); + + // reset to the default value + await PageObjects.discover.clickNewSearchButton(); + await dataGrid.clickGridSettings(); + expect(await dataGrid.getCurrentSampleSizeValue()).to.be(DEFAULT_SAMPLE_SIZE); + await goToLastPageAndCheckFooterMessage(DEFAULT_SAMPLE_SIZE); + + // load the saved search again + await PageObjects.discover.loadSavedSearch(SAVED_SEARCH_NAME); + await dataGrid.clickGridSettings(); + expect(await dataGrid.getCurrentSampleSizeValue()).to.be(CUSTOM_SAMPLE_SIZE_FOR_SAVED_SEARCH); + await goToLastPageAndCheckFooterMessage(CUSTOM_SAMPLE_SIZE_FOR_SAVED_SEARCH); + + // load another saved search without a custom sample size + await PageObjects.discover.loadSavedSearch('A Saved Search'); + await dataGrid.clickGridSettings(); + expect(await dataGrid.getCurrentSampleSizeValue()).to.be(DEFAULT_SAMPLE_SIZE); + await goToLastPageAndCheckFooterMessage(DEFAULT_SAMPLE_SIZE); + }); + + it('should use the default sample size on Dashboard', async () => { + await PageObjects.common.navigateToApp('dashboard'); + await PageObjects.dashboard.clickNewDashboard(); + await dashboardAddPanel.clickOpenAddPanel(); + await dashboardAddPanel.addSavedSearch('A Saved Search'); + + await dataGrid.clickGridSettings(); + expect(await dataGrid.getCurrentSampleSizeValue()).to.be(DEFAULT_SAMPLE_SIZE); + await goToLastPageAndCheckFooterMessage(DEFAULT_SAMPLE_SIZE); + }); + + it('should use custom sample size on Dashboard when specified', async () => { + await PageObjects.common.navigateToApp('dashboard'); + await PageObjects.dashboard.clickNewDashboard(); + await dashboardAddPanel.clickOpenAddPanel(); + await dashboardAddPanel.addSavedSearch(SAVED_SEARCH_NAME); + + await dataGrid.clickGridSettings(); + expect(await dataGrid.getCurrentSampleSizeValue()).to.be(CUSTOM_SAMPLE_SIZE_FOR_SAVED_SEARCH); + + await dataGrid.changeSampleSizeValue(CUSTOM_SAMPLE_SIZE_FOR_DASHBOARD_PANEL); + + await PageObjects.header.waitUntilLoadingHasFinished(); + + await dataGrid.clickGridSettings(); + expect(await dataGrid.getCurrentSampleSizeValue()).to.be( + CUSTOM_SAMPLE_SIZE_FOR_DASHBOARD_PANEL + ); + await goToLastPageAndCheckFooterMessage(CUSTOM_SAMPLE_SIZE_FOR_DASHBOARD_PANEL); + + await PageObjects.dashboard.saveDashboard('test'); + + await browser.refresh(); + await PageObjects.header.waitUntilLoadingHasFinished(); + + await dataGrid.clickGridSettings(); + expect(await dataGrid.getCurrentSampleSizeValue()).to.be( + CUSTOM_SAMPLE_SIZE_FOR_DASHBOARD_PANEL + ); + await goToLastPageAndCheckFooterMessage(CUSTOM_SAMPLE_SIZE_FOR_DASHBOARD_PANEL); + }); + }); +} diff --git a/test/functional/apps/discover/group2/index.ts b/test/functional/apps/discover/group2/index.ts index 8174e3ef93aba..6b35f6707bb78 100644 --- a/test/functional/apps/discover/group2/index.ts +++ b/test/functional/apps/discover/group2/index.ts @@ -28,6 +28,7 @@ export default function ({ getService, loadTestFile }: FtrProviderContext) { loadTestFile(require.resolve('./_data_grid_doc_table')); loadTestFile(require.resolve('./_data_grid_copy_to_clipboard')); loadTestFile(require.resolve('./_data_grid_row_height')); + loadTestFile(require.resolve('./_data_grid_sample_size')); loadTestFile(require.resolve('./_data_grid_pagination')); loadTestFile(require.resolve('./_data_grid_footer')); loadTestFile(require.resolve('./_data_grid_field_tokens')); diff --git a/test/functional/services/data_grid.ts b/test/functional/services/data_grid.ts index 337fea7c3ff45..df5ba570cfc51 100644 --- a/test/functional/services/data_grid.ts +++ b/test/functional/services/data_grid.ts @@ -7,6 +7,7 @@ */ import { chunk } from 'lodash'; +import { Key } from 'selenium-webdriver'; import { FtrService } from '../ftr_provider_context'; import { WebElementWrapper } from './lib/web_element_wrapper'; @@ -366,6 +367,28 @@ export class DataGridService extends FtrService { await this.testSubjects.click('resetDisplaySelector'); } + private async findSampleSizeInput() { + return await this.find.byCssSelector( + 'input[type="number"][data-test-subj="unifiedDataTableSampleSizeInput"]' + ); + } + + public async getCurrentSampleSizeValue() { + const sampleSizeInput = await this.findSampleSizeInput(); + return Number(await sampleSizeInput.getAttribute('value')); + } + + public async changeSampleSizeValue(newValue: number) { + const sampleSizeInput = await this.findSampleSizeInput(); + await sampleSizeInput.focus(); + // replacing the input values with a new one + await sampleSizeInput.pressKeys([ + Key[process.platform === 'darwin' ? 'COMMAND' : 'CONTROL'], + 'a', + ]); + await sampleSizeInput.type(String(newValue)); + } + public async getDetailsRow(): Promise { const detailRows = await this.getDetailsRows(); return detailRows[0]; diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx index 12afa013aed18..e988a169219ea 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx @@ -250,7 +250,7 @@ export const CloudSecurityDataTable = ({ onSetColumns={onSetColumns} onSort={onSort} rows={rows} - sampleSize={MAX_FINDINGS_TO_LOAD} + sampleSizeState={MAX_FINDINGS_TO_LOAD} setExpandedDoc={setExpandedDoc} renderDocumentView={renderDocumentView} sort={sort} From b7b1ea9b23566823e6195d6bff8aa49e3eb019f2 Mon Sep 17 00:00:00 2001 From: Julia Rechkunova Date: Thu, 19 Oct 2023 08:20:47 +0200 Subject: [PATCH 17/50] [Discover] Restore unifiedDataTable translations (#169231) ## Summary This PR restores `unifiedDataTable` translations which were accidentally deleted by https://github.com/elastic/kibana/pull/165590 --- .../translations/translations/fr-FR.json | 19 +++++++++++++++++++ .../translations/translations/ja-JP.json | 19 +++++++++++++++++++ .../translations/translations/zh-CN.json | 19 +++++++++++++++++++ 3 files changed, 57 insertions(+) diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json index 3f6db08f7b178..f591e4e4cd68a 100644 --- a/x-pack/plugins/translations/translations/fr-FR.json +++ b/x-pack/plugins/translations/translations/fr-FR.json @@ -2442,6 +2442,25 @@ "fieldUtils.fieldNameDescription.textField": "Texte intégral tel que le corps d'un e-mail ou la description d'un produit.", "fieldUtils.fieldNameDescription.unknownField": "Champ inconnu", "fieldUtils.fieldNameDescription.versionField": "Versions des logiciels. Prend en charge les règles de priorité de la Gestion sémantique des versions.", + "unifiedDataTable.tableHeader.timeFieldIconTooltipAriaLabel": "{timeFieldName} – Ce champ représente l'heure à laquelle les événements se sont produits.", + "unifiedDataTable.searchGenerationWithDescription": "Tableau généré par la recherche {searchTitle}", + "unifiedDataTable.searchGenerationWithDescriptionGrid": "Tableau généré par la recherche {searchTitle} ({searchDescription})", + "unifiedDataTable.selectedDocumentsNumber": "{nr} documents sélectionnés", + "unifiedDataTable.clearSelection": "Effacer la sélection", + "unifiedDataTable.controlColumnHeader": "Colonne de commande", + "unifiedDataTable.copyToClipboardJSON": "Copier les documents dans le presse-papiers (JSON)", + "unifiedDataTable.tableHeader.timeFieldIconTooltip": "Ce champ représente l'heure à laquelle les événements se sont produits.", + "unifiedDataTable.grid.copyColumnNameToClipBoardButton": "Copier le nom", + "unifiedDataTable.grid.copyColumnValuesToClipBoardButton": "Copier la colonne", + "unifiedDataTable.grid.documentHeader": "Document", + "unifiedDataTable.grid.editFieldButton": "Modifier le champ de la vue de données", + "unifiedDataTable.grid.selectDoc": "Sélectionner le document \"{rowNumber}\"", + "unifiedDataTable.loadingResults": "Chargement des résultats", + "unifiedDataTable.noResultsFound": "Résultat introuvable", + "unifiedDataTable.removeColumnLabel": "Supprimer la colonne", + "unifiedDataTable.selectColumnHeader": "Sélectionner la colonne", + "unifiedDataTable.showAllDocuments": "Afficher tous les documents", + "unifiedDataTable.showSelectedDocumentsOnly": "Afficher uniquement les documents sélectionnés", "unifiedDocViewer.docView.table.actions.label": "Actions", "unifiedDocViewer.docView.table.actions.open": "Actions ouvertes", "unifiedDocViewer.docView.table.ignored.multiAboveTooltip": "Une ou plusieurs valeurs dans ce champ sont trop longues et ne peuvent pas être recherchées ni filtrées.", diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 3e2165795ded9..b995191642521 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -2457,6 +2457,25 @@ "fieldUtils.fieldNameDescription.textField": "電子メール本文や製品説明などの全文テキスト。", "fieldUtils.fieldNameDescription.unknownField": "不明なフィールド", "fieldUtils.fieldNameDescription.versionField": "ソフトウェアバージョン。「セマンティックバージョニング」優先度ルールをサポートします。", + "unifiedDataTable.tableHeader.timeFieldIconTooltipAriaLabel": "{timeFieldName} - このフィールドはイベントの発生時刻を表します。", + "unifiedDataTable.searchGenerationWithDescription": "検索{searchTitle}で生成されたテーブル", + "unifiedDataTable.searchGenerationWithDescriptionGrid": "検索{searchTitle}で生成されたテーブル({searchDescription})", + "unifiedDataTable.selectedDocumentsNumber": "{nr}個のドキュメントが選択されました", + "unifiedDataTable.clearSelection": "選択した項目をクリア", + "unifiedDataTable.controlColumnHeader": "列の制御", + "unifiedDataTable.copyToClipboardJSON": "ドキュメントをクリップボードにコピー(JSON)", + "unifiedDataTable.tableHeader.timeFieldIconTooltip": "このフィールドはイベントの発生時刻を表します。", + "unifiedDataTable.grid.copyColumnNameToClipBoardButton": "名前をコピー", + "unifiedDataTable.grid.copyColumnValuesToClipBoardButton": "列をコピー", + "unifiedDataTable.grid.documentHeader": "ドキュメント", + "unifiedDataTable.grid.editFieldButton": "データビューフィールドを編集", + "unifiedDataTable.grid.selectDoc": "ドキュメント'{rowNumber}'を選択", + "unifiedDataTable.loadingResults": "結果を読み込み中", + "unifiedDataTable.noResultsFound": "結果が見つかりませんでした", + "unifiedDataTable.removeColumnLabel": "列を削除", + "unifiedDataTable.selectColumnHeader": "列を選択", + "unifiedDataTable.showAllDocuments": "すべてのドキュメントを表示", + "unifiedDataTable.showSelectedDocumentsOnly": "選択したドキュメントのみを表示", "unifiedDocViewer.docView.table.actions.label": "アクション", "unifiedDocViewer.docView.table.actions.open": "アクションを開く", "unifiedDocViewer.docView.table.ignored.multiAboveTooltip": "このフィールドの1つ以上の値が長すぎるため、検索またはフィルタリングできません。", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 6172231f9a2d1..fbef44d66792e 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -2457,6 +2457,25 @@ "fieldUtils.fieldNameDescription.textField": "全文本,如电子邮件正文或产品描述。", "fieldUtils.fieldNameDescription.unknownField": "未知字段", "fieldUtils.fieldNameDescription.versionField": "软件版本。支持“语义版本控制”优先规则。", + "unifiedDataTable.tableHeader.timeFieldIconTooltipAriaLabel": "{timeFieldName} - 此字段表示事件发生的时间。", + "unifiedDataTable.searchGenerationWithDescription": "搜索 {searchTitle} 生成的表", + "unifiedDataTable.searchGenerationWithDescriptionGrid": "搜索 {searchTitle} 生成的表({searchDescription})", + "unifiedDataTable.selectedDocumentsNumber": "{nr} 个文档已选择", + "unifiedDataTable.clearSelection": "清除所选内容", + "unifiedDataTable.controlColumnHeader": "控制列", + "unifiedDataTable.copyToClipboardJSON": "将文档复制到剪贴板 (JSON)", + "unifiedDataTable.tableHeader.timeFieldIconTooltip": "此字段表示事件发生的时间。", + "unifiedDataTable.grid.copyColumnNameToClipBoardButton": "复制名称", + "unifiedDataTable.grid.copyColumnValuesToClipBoardButton": "复制列", + "unifiedDataTable.grid.documentHeader": "文档", + "unifiedDataTable.grid.editFieldButton": "编辑数据视图字段", + "unifiedDataTable.grid.selectDoc": "选择文档“{rowNumber}”", + "unifiedDataTable.loadingResults": "正在加载结果", + "unifiedDataTable.noResultsFound": "找不到结果", + "unifiedDataTable.removeColumnLabel": "移除列", + "unifiedDataTable.selectColumnHeader": "选择列", + "unifiedDataTable.showAllDocuments": "显示所有文档", + "unifiedDataTable.showSelectedDocumentsOnly": "仅显示选定的文档", "unifiedDocViewer.docView.table.actions.label": "操作", "unifiedDocViewer.docView.table.actions.open": "打开操作", "unifiedDocViewer.docView.table.ignored.multiAboveTooltip": "此字段中的一个或多个值过长,无法搜索或筛选。", From 326933a3e5087b3066324859e270a23de7c82614 Mon Sep 17 00:00:00 2001 From: Maxim Palenov Date: Thu, 19 Oct 2023 09:10:34 +0200 Subject: [PATCH 18/50] [Security Solution] Unskip urls/not_found Serverless Cypress tests (#169243) **Addresses:** https://github.com/elastic/kibana/issues/161540 ## Summary This PR unskips `urls/not_found.cy.ts` Serverless Cypress tests. ## Flaky test runner `urls/not_found.cy.ts` [150 runs](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/3590) --- .../security_solution_cypress/cypress/e2e/urls/not_found.cy.ts | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/urls/not_found.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/urls/not_found.cy.ts index b257e340bd7cb..329e0b33144bf 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/urls/not_found.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/urls/not_found.cy.ts @@ -25,8 +25,7 @@ import { editRuleUrl } from '../../urls/edit_rule'; const mockRuleId = '5a4a0460-d822-11eb-8962-bfd4aff0a9b3'; -// FLAKY: https://github.com/elastic/kibana/issues/165710 -describe('Display not found page', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => { +describe('Display not found page', { tags: ['@ess', '@serverless'] }, () => { beforeEach(() => { login(); visitWithTimeRange(TIMELINES_URL); From 662265dc50fd59eb77110c67eb2a23b94130b038 Mon Sep 17 00:00:00 2001 From: Stratoula Kalafateli Date: Thu, 19 Oct 2023 10:21:58 +0300 Subject: [PATCH 19/50] [Discover] Fixes sorting for ES|QL columns that do not exist on a dataview (#169240) ## Summary Closes https://github.com/elastic/kibana/issues/168118 Fixes the broken sorting of columns that are created from the query and they do not exist on the dataview. This was working correctly so I assume is a regression from a refactoring. image ### Checklist - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Julia Rechkunova --- .../data_table_columns.test.tsx.snap | 4 +- .../components/data_table_columns.test.tsx | 60 +++++++++++++++++++ .../src/components/data_table_columns.tsx | 4 +- 3 files changed, 65 insertions(+), 3 deletions(-) diff --git a/packages/kbn-unified-data-table/src/components/__snapshots__/data_table_columns.test.tsx.snap b/packages/kbn-unified-data-table/src/components/__snapshots__/data_table_columns.test.tsx.snap index 253289db87177..d5cbd1a0d408e 100644 --- a/packages/kbn-unified-data-table/src/components/__snapshots__/data_table_columns.test.tsx.snap +++ b/packages/kbn-unified-data-table/src/components/__snapshots__/data_table_columns.test.tsx.snap @@ -956,7 +956,7 @@ Array [ "displayAsText": "extension", "id": "extension", "isSortable": false, - "schema": "string", + "schema": "numeric", "visibleCellActions": undefined, }, Object { @@ -1272,7 +1272,7 @@ Array [ "displayAsText": "message", "id": "message", "isSortable": false, - "schema": "string", + "schema": "kibana-json", "visibleCellActions": undefined, }, ] diff --git a/packages/kbn-unified-data-table/src/components/data_table_columns.test.tsx b/packages/kbn-unified-data-table/src/components/data_table_columns.test.tsx index c46c676b48baa..38cbdb5aeb63a 100644 --- a/packages/kbn-unified-data-table/src/components/data_table_columns.test.tsx +++ b/packages/kbn-unified-data-table/src/components/data_table_columns.test.tsx @@ -159,4 +159,64 @@ describe('Data table columns', function () { expect(actual).toMatchSnapshot(); }); }); + + describe('Textbased languages grid columns', () => { + it('returns eui grid with in memory sorting for text based languages and columns on the dataview', async () => { + const columnsNotInDataview = getVisibleColumns( + ['extension'], + dataViewWithTimefieldMock, + true + ) as string[]; + const gridColumns = getEuiGridColumns({ + columns: columnsNotInDataview, + settings: {}, + dataView: dataViewWithTimefieldMock, + defaultColumns: false, + isSortEnabled: true, + isPlainRecord: true, + valueToStringConverter: dataTableContextMock.valueToStringConverter, + rowsCount: 100, + services: { + uiSettings: servicesMock.uiSettings, + toastNotifications: servicesMock.toastNotifications, + }, + hasEditDataViewPermission: () => + servicesMock.dataViewFieldEditor.userPermissions.editIndexPattern(), + onFilter: () => {}, + columnTypes: { + var_test: 'number', + }, + }); + expect(gridColumns[1].schema).toBe('string'); + }); + + it('returns eui grid with in memory sorting for text based languages and columns not on the columnTypes', async () => { + const columnsNotInDataview = getVisibleColumns( + ['var_test'], + dataViewWithTimefieldMock, + true + ) as string[]; + const gridColumns = getEuiGridColumns({ + columns: columnsNotInDataview, + settings: {}, + dataView: dataViewWithTimefieldMock, + defaultColumns: false, + isSortEnabled: true, + isPlainRecord: true, + valueToStringConverter: dataTableContextMock.valueToStringConverter, + rowsCount: 100, + services: { + uiSettings: servicesMock.uiSettings, + toastNotifications: servicesMock.toastNotifications, + }, + hasEditDataViewPermission: () => + servicesMock.dataViewFieldEditor.userPermissions.editIndexPattern(), + onFilter: () => {}, + columnTypes: { + var_test: 'number', + }, + }); + expect(gridColumns[1].schema).toBe('numeric'); + }); + }); }); diff --git a/packages/kbn-unified-data-table/src/components/data_table_columns.tsx b/packages/kbn-unified-data-table/src/components/data_table_columns.tsx index 13b740a0bc703..274b1148df4eb 100644 --- a/packages/kbn-unified-data-table/src/components/data_table_columns.tsx +++ b/packages/kbn-unified-data-table/src/components/data_table_columns.tsx @@ -125,9 +125,11 @@ function buildEuiGridColumn({ : []; } + const columnType = columnTypes?.[columnName] ?? dataViewField?.type; + const column: EuiDataGridColumn = { id: columnName, - schema: getSchemaByKbnType(dataViewField?.type), + schema: getSchemaByKbnType(columnType), isSortable: isSortEnabled && (isPlainRecord || dataViewField?.sortable === true), display: showColumnTokens ? ( Date: Thu, 19 Oct 2023 09:31:35 +0200 Subject: [PATCH 20/50] [Infra UI] Add Features section to Infra settings (#168712) Closes https://github.com/elastic/kibana/issues/167062 ## Summary * Adds "Features" section to Infra settings screen * Hooks changes to `uiSettings` into existing form in order to use the current "Discard" and "Apply" buttons logic * Replaces usage of `uiSettings` with `settings.client` as `uiSettings` seems to be [deprecated](https://github.com/elastic/kibana/pull/154710. Observables exposed by `uiSettings` do not seem to work anymore. * Deletes the Hosts landing screen * Revives the logic for showing/hiding Hosts nav item depending on the settings toggle https://github.com/elastic/kibana/assets/793851/767e69cc-98b1-4fe9-93d9-f39c08ac5c83 ## How to test * Checkout locally and run in stateful mode * Go to Infra Setttings screen and make sure Features section is present * Make sure that the "Infrastructure Hosts view" toggle shows/hides the Hosts nav item * Make sure that "Infrastructure Hosts view" in "Anvanced Settings" is synced with the the one in Infra settings --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> --- x-pack/plugins/infra/kibana.jsonc | 3 +- .../enable_hosts_view_page.tsx | 86 ----------- .../hosts_landing_beta_dark.svg | 9 -- .../hosts_landing_beta_light.svg | 9 -- .../metrics/hosts/hosts_landing_page.tsx | 92 ------------ .../infra/public/pages/metrics/index.tsx | 8 +- .../settings/features_configuration_panel.tsx | 57 +++++++ .../source_configuration_settings.tsx | 47 ++++-- x-pack/plugins/infra/public/plugin.ts | 139 +++++++++++------- x-pack/plugins/infra/tsconfig.json | 3 +- .../public/hooks/use_editable_settings.tsx | 13 +- .../translations/translations/fr-FR.json | 7 - .../translations/translations/ja-JP.json | 7 - .../translations/translations/zh-CN.json | 7 - .../test/functional/apps/infra/hosts_view.ts | 101 ------------- .../page_objects/infra_hosts_view.ts | 22 --- 16 files changed, 190 insertions(+), 420 deletions(-) delete mode 100644 x-pack/plugins/infra/public/pages/metrics/hosts/components/enable_hosts_view_page/enable_hosts_view_page.tsx delete mode 100644 x-pack/plugins/infra/public/pages/metrics/hosts/components/enable_hosts_view_page/hosts_landing_beta_dark.svg delete mode 100644 x-pack/plugins/infra/public/pages/metrics/hosts/components/enable_hosts_view_page/hosts_landing_beta_light.svg delete mode 100644 x-pack/plugins/infra/public/pages/metrics/hosts/hosts_landing_page.tsx create mode 100644 x-pack/plugins/infra/public/pages/metrics/settings/features_configuration_panel.tsx diff --git a/x-pack/plugins/infra/kibana.jsonc b/x-pack/plugins/infra/kibana.jsonc index 439ccd061f0a4..a23b6eb9e8df1 100644 --- a/x-pack/plugins/infra/kibana.jsonc +++ b/x-pack/plugins/infra/kibana.jsonc @@ -45,7 +45,8 @@ "kibanaReact", "ml", "embeddable", - "controls" + "controls", + "advancedSettings" ] } } diff --git a/x-pack/plugins/infra/public/pages/metrics/hosts/components/enable_hosts_view_page/enable_hosts_view_page.tsx b/x-pack/plugins/infra/public/pages/metrics/hosts/components/enable_hosts_view_page/enable_hosts_view_page.tsx deleted file mode 100644 index eb7c5567397fd..0000000000000 --- a/x-pack/plugins/infra/public/pages/metrics/hosts/components/enable_hosts_view_page/enable_hosts_view_page.tsx +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React, { ReactNode } from 'react'; -import { EuiPageTemplate, EuiImage, EuiSpacer } from '@elastic/eui'; -import { css } from '@emotion/react'; -import { useEuiBackgroundColor } from '@elastic/eui'; -import { i18n } from '@kbn/i18n'; -import { useTrackPageview } from '@kbn/observability-shared-plugin/public'; -import { useIsDarkMode } from '../../../../../hooks/use_is_dark_mode'; -import { MetricsPageTemplate } from '../../../page_template'; -import hostsLandingBetaLight from './hosts_landing_beta_light.svg'; -import hostsLandingBetaDark from './hosts_landing_beta_dark.svg'; -import { BetaBadge } from '../../../../../components/beta_badge'; - -interface Props { - actions?: ReactNode; -} - -export const EnableHostsViewPage = ({ actions }: Props) => { - const backgroundColor = useEuiBackgroundColor('subdued'); - const isDarkMode = useIsDarkMode(); - - useTrackPageview({ app: 'infra_metrics', path: 'hosts_feature_enable_landing_page' }); - useTrackPageview({ - app: 'infra_metrics', - path: 'hosts_feature_enable_landing_page', - delay: 15000, - }); - - return ( - - - {i18n.translate('xpack.infra.hostsViewPage.landing.introTitle', { - defaultMessage: 'Host Analysis', - })} - - } - alignment="center" - icon={ - - } - color="plain" - layout="horizontal" - body={ - <> - - -

- {i18n.translate('xpack.infra.hostsViewPage.landing.introMessage', { - defaultMessage: `Welcome to the 'Hosts' feature, now available in beta! With this powerful tool, - you can easily view and analyse your hosts and identify any issues so you address them quickly. - Get a detailed view of metrics for your hosts, see which ones are triggering the most alerts and filter - the hosts you want to analyse using any KQL filter and easy breakdowns such as cloud provider and - operating system.`, - })} -

-

- {i18n.translate('xpack.infra.hostsViewPage.landing.tryTheFeatureMessage', { - defaultMessage: `This is a beta version of the feature and we would love your - feedback as we continue to develop and improve it. To access the feature, - simply enable below (or reach out to your internal administrator if not available). - Don't miss out on this powerful feature - try it out today!`, - })} -

- - } - css={css` - background-color: ${backgroundColor}; - `} - actions={actions} - /> -
- ); -}; diff --git a/x-pack/plugins/infra/public/pages/metrics/hosts/components/enable_hosts_view_page/hosts_landing_beta_dark.svg b/x-pack/plugins/infra/public/pages/metrics/hosts/components/enable_hosts_view_page/hosts_landing_beta_dark.svg deleted file mode 100644 index 221076d4fe290..0000000000000 --- a/x-pack/plugins/infra/public/pages/metrics/hosts/components/enable_hosts_view_page/hosts_landing_beta_dark.svg +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - diff --git a/x-pack/plugins/infra/public/pages/metrics/hosts/components/enable_hosts_view_page/hosts_landing_beta_light.svg b/x-pack/plugins/infra/public/pages/metrics/hosts/components/enable_hosts_view_page/hosts_landing_beta_light.svg deleted file mode 100644 index 00d5aa123db8e..0000000000000 --- a/x-pack/plugins/infra/public/pages/metrics/hosts/components/enable_hosts_view_page/hosts_landing_beta_light.svg +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - diff --git a/x-pack/plugins/infra/public/pages/metrics/hosts/hosts_landing_page.tsx b/x-pack/plugins/infra/public/pages/metrics/hosts/hosts_landing_page.tsx deleted file mode 100644 index efb170ff174a9..0000000000000 --- a/x-pack/plugins/infra/public/pages/metrics/hosts/hosts_landing_page.tsx +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { EuiButton, EuiCallOut } from '@elastic/eui'; -import { useKibana } from '@kbn/kibana-react-plugin/public'; -import { EuiLink } from '@elastic/eui'; -import { FormattedMessage } from '@kbn/i18n-react'; -import { i18n } from '@kbn/i18n'; -import { enableInfrastructureHostsView } from '@kbn/observability-plugin/public'; -import useObservable from 'react-use/lib/useObservable'; -import { Observable } from 'rxjs'; -import { InfraClientStartDeps } from '../../../types'; -import { EnableHostsViewPage } from './components/enable_hosts_view_page/enable_hosts_view_page'; -import { HostsPage } from '.'; - -export const HostsLandingPage = () => { - const { - services: { uiSettings, application }, - } = useKibana(); - const canEditAdvancedSettings = application?.capabilities.advancedSettings.save; - const isHostViewEnabled = useObservable( - uiSettings?.get$(enableInfrastructureHostsView) ?? - new Observable((subs) => subs.next(false)) - ); - - if (isHostViewEnabled) { - return ; - } - - if (canEditAdvancedSettings) { - return ( - { - uiSettings?.set(enableInfrastructureHostsView, true); - }} - > - {i18n.translate('xpack.infra.hostsViewPage.landing.enableHostsView', { - defaultMessage: 'Enable hosts view', - })} - - } - /> - ); - } - - return ( - -

- {i18n.translate( - 'xpack.infra.hostsViewPage.landing.calloutReachOutToYourKibanaAdministrator', - { - defaultMessage: `Your user role doesn’t have sufficient privileges to enable this feature - please - reach out to your Kibana Administrator and ask them to visit this page to enable this feature.`, - } - )} -

-

- - {i18n.translate('xpack.infra.hostsViewPage.landing.learnMore', { - defaultMessage: 'Learn more', - })} - - ), - }} - /> -

-
- } - /> - ); -}; diff --git a/x-pack/plugins/infra/public/pages/metrics/index.tsx b/x-pack/plugins/infra/public/pages/metrics/index.tsx index d0e41a68446a6..4f270758d6fd1 100644 --- a/x-pack/plugins/infra/public/pages/metrics/index.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/index.tsx @@ -11,9 +11,10 @@ import React, { useContext } from 'react'; import { Routes, Route } from '@kbn/shared-ux-router'; import { EuiErrorBoundary, EuiHeaderLinks, EuiHeaderLink } from '@elastic/eui'; -import { useKibana } from '@kbn/kibana-react-plugin/public'; +import { useKibana, useUiSetting } from '@kbn/kibana-react-plugin/public'; import { HeaderMenuPortal, useLinkProps } from '@kbn/observability-shared-plugin/public'; import { ObservabilityAIAssistantActionMenuItem } from '@kbn/observability-ai-assistant-plugin/public'; +import { enableInfrastructureHostsView } from '@kbn/observability-plugin/common'; import { MetricsSourceConfigurationProperties } from '../../../common/metrics_sources'; import { HelpCenterContent } from '../../components/help_center_content'; import { useReadOnlyBadge } from '../../hooks/use_readonly_badge'; @@ -23,7 +24,6 @@ import { MetricsExplorerPage } from './metrics_explorer'; import { SnapshotPage } from './inventory_view'; import { NodeDetail } from './metric_detail'; import { MetricsSettingsPage } from './settings'; -import { HostsLandingPage } from './hosts/hosts_landing_page'; import { SourceLoadingPage } from '../../components/source_loading_page'; import { WaffleOptionsProvider } from './inventory_view/hooks/use_waffle_options'; import { WaffleTimeProvider } from './inventory_view/hooks/use_waffle_time'; @@ -37,6 +37,7 @@ import { CreateDerivedIndexPattern, useSourceContext } from '../../containers/me import { NotFoundPage } from '../404'; import { ReactQueryProvider } from '../../containers/react_query_provider'; import { usePluginConfig } from '../../containers/plugin_config_context'; +import { HostsPage } from './hosts'; const ADD_DATA_LABEL = i18n.translate('xpack.infra.metricsHeaderAddDataButtonLabel', { defaultMessage: 'Add data', @@ -46,6 +47,7 @@ export const InfrastructurePage = () => { const config = usePluginConfig(); const uiCapabilities = useKibana().services.application?.capabilities; const { setHeaderActionMenu, theme$ } = useContext(HeaderActionMenuContext); + const isHostsViewEnabled = useUiSetting(enableInfrastructureHostsView); const settingsTabTitle = i18n.translate('xpack.infra.metrics.settingsTabTitle', { defaultMessage: 'Settings', @@ -113,7 +115,7 @@ export const InfrastructurePage = () => { )} - + {isHostsViewEnabled && } } /> diff --git a/x-pack/plugins/infra/public/pages/metrics/settings/features_configuration_panel.tsx b/x-pack/plugins/infra/public/pages/metrics/settings/features_configuration_panel.tsx new file mode 100644 index 0000000000000..19d7392fb7ca1 --- /dev/null +++ b/x-pack/plugins/infra/public/pages/metrics/settings/features_configuration_panel.tsx @@ -0,0 +1,57 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { EuiTitle } from '@elastic/eui'; +import { EuiSpacer } from '@elastic/eui'; +import { EuiForm } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n-react'; +import React from 'react'; +import { enableInfrastructureHostsView } from '@kbn/observability-plugin/common'; +import { useEditableSettings } from '@kbn/observability-shared-plugin/public'; +import { LazyField } from '@kbn/advanced-settings-plugin/public'; +import { useKibanaContextForPlugin } from '../../../hooks/use_kibana'; + +type Props = Pick< + ReturnType, + 'handleFieldChange' | 'settingsEditableConfig' | 'unsavedChanges' +> & { + readOnly: boolean; +}; + +export function FeaturesConfigurationPanel({ + readOnly, + handleFieldChange, + settingsEditableConfig, + unsavedChanges, +}: Props) { + const { + services: { docLinks, notifications }, + } = useKibanaContextForPlugin(); + + return ( + + +

+ +

+
+ + +
+ ); +} diff --git a/x-pack/plugins/infra/public/pages/metrics/settings/source_configuration_settings.tsx b/x-pack/plugins/infra/public/pages/metrics/settings/source_configuration_settings.tsx index 55287a71d3112..5769f861234c4 100644 --- a/x-pack/plugins/infra/public/pages/metrics/settings/source_configuration_settings.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/settings/source_configuration_settings.tsx @@ -16,7 +16,8 @@ import { import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n-react'; import React, { useCallback } from 'react'; -import { Prompt } from '@kbn/observability-shared-plugin/public'; +import { Prompt, useEditableSettings } from '@kbn/observability-shared-plugin/public'; +import { enableInfrastructureHostsView } from '@kbn/observability-plugin/common'; import { SourceLoadingPage } from '../../../components/source_loading_page'; import { useSourceContext } from '../../../containers/metrics_source'; import { useInfraMLCapabilitiesContext } from '../../../containers/ml/infra_ml_capabilities'; @@ -28,6 +29,7 @@ import { useMetricsBreadcrumbs } from '../../../hooks/use_metrics_breadcrumbs'; import { settingsTitle } from '../../../translations'; import { MetricsPageTemplate } from '../page_template'; +import { FeaturesConfigurationPanel } from './features_configuration_panel'; interface SourceConfigurationSettingsProps { shouldAllowEdit: boolean; } @@ -59,22 +61,33 @@ export const SourceConfigurationSettings = ({ formState, formStateChanges, } = useSourceConfigurationFormState(source && source.configuration); + const infraUiSettings = useEditableSettings('infra_metrics', [enableInfrastructureHostsView]); + + const resetAllUnsavedChanges = useCallback(() => { + resetForm(); + infraUiSettings.cleanUnsavedChanges(); + }, [infraUiSettings, resetForm]); + const persistUpdates = useCallback(async () => { - if (sourceExists) { - await updateSourceConfiguration(formStateChanges); - } else { - await createSourceConfiguration(formState); - } + await Promise.all([ + sourceExists + ? updateSourceConfiguration(formStateChanges) + : createSourceConfiguration(formState), + infraUiSettings.saveAll(), + ]); resetForm(); }, [ sourceExists, + resetForm, updateSourceConfiguration, + formStateChanges, + infraUiSettings, createSourceConfiguration, - resetForm, formState, - formStateChanges, ]); + const hasUnsavedChanges = isFormDirty || Object.keys(infraUiSettings.unsavedChanges).length > 0; + const isWriteable = shouldAllowEdit && (!Boolean(source) || source?.origin !== 'internal'); const { metricIndicesExist, remoteClustersExist } = source?.status ?? {}; @@ -132,6 +145,10 @@ export const SourceConfigurationSettings = ({ )} + + + + {errors.length > 0 ? ( <> @@ -148,7 +165,7 @@ export const SourceConfigurationSettings = ({ {isWriteable && ( - {isLoading ? ( + {isLoading || infraUiSettings.isSaving ? ( - Loading + {i18n.translate('xpack.infra.sourceConfiguration.loadingButtonLabel', { + defaultMessage: 'Loading', + })} @@ -169,10 +188,8 @@ export const SourceConfigurationSettings = ({ data-test-subj="discardSettingsButton" color="danger" iconType="cross" - isDisabled={isLoading || !isFormDirty} - onClick={() => { - resetForm(); - }} + isDisabled={!hasUnsavedChanges} + onClick={resetAllUnsavedChanges} > diff --git a/x-pack/plugins/infra/public/plugin.ts b/x-pack/plugins/infra/public/plugin.ts index 1d08484546506..c501108cd0bf6 100644 --- a/x-pack/plugins/infra/public/plugin.ts +++ b/x-pack/plugins/infra/public/plugin.ts @@ -106,7 +106,7 @@ export class Plugin implements InfraClientPluginClass { const startDep$AndHostViewFlag$ = combineLatest([ from(core.getStartServices()), - core.uiSettings.get$(enableInfrastructureHostsView), + core.settings.client.get$(enableInfrastructureHostsView), ]); /** !! Need to be kept in sync with the deepLinks in x-pack/plugins/infra/public/plugin.ts */ @@ -119,46 +119,58 @@ export class Plugin implements InfraClientPluginClass { application: { capabilities }, }, ], - ]) => [ - ...(capabilities.logs.show - ? [ - { - label: 'Logs', - sortKey: 200, - entries: [ - { - label: 'Explorer', - app: 'observability-log-explorer', - path: '/', - isBetaFeature: true, - }, - ...(this.config.featureFlags.logsUIEnabled - ? [ - { label: 'Stream', app: 'logs', path: '/stream' }, - { label: 'Anomalies', app: 'logs', path: '/anomalies' }, - { label: 'Categories', app: 'logs', path: '/log-categories' }, - ] - : []), - ], - }, - ] - : []), - ...(capabilities.infrastructure.show - ? [ - { - label: 'Infrastructure', - sortKey: 300, - entries: [ - { label: 'Inventory', app: 'metrics', path: '/inventory' }, - ...(this.config.featureFlags.metricsExplorerEnabled - ? [{ label: 'Metrics Explorer', app: 'metrics', path: '/explorer' }] - : []), - { label: 'Hosts', isBetaFeature: true, app: 'metrics', path: '/hosts' }, - ], - }, - ] - : []), - ] + isInfrastructureHostsViewEnabled, + ]) => { + return [ + ...(capabilities.logs.show + ? [ + { + label: 'Logs', + sortKey: 200, + entries: [ + { + label: 'Explorer', + app: 'observability-log-explorer', + path: '/', + isBetaFeature: true, + }, + ...(this.config.featureFlags.logsUIEnabled + ? [ + { label: 'Stream', app: 'logs', path: '/stream' }, + { label: 'Anomalies', app: 'logs', path: '/anomalies' }, + { label: 'Categories', app: 'logs', path: '/log-categories' }, + ] + : []), + ], + }, + ] + : []), + ...(capabilities.infrastructure.show + ? [ + { + label: 'Infrastructure', + sortKey: 300, + entries: [ + { label: 'Inventory', app: 'metrics', path: '/inventory' }, + ...(this.config.featureFlags.metricsExplorerEnabled + ? [{ label: 'Metrics Explorer', app: 'metrics', path: '/explorer' }] + : []), + ...(isInfrastructureHostsViewEnabled + ? [ + { + label: 'Hosts', + isBetaFeature: true, + app: 'metrics', + path: '/hosts', + }, + ] + : []), + ], + }, + ] + : []), + ]; + } ) ) ); @@ -230,7 +242,13 @@ export class Plugin implements InfraClientPluginClass { } // !! Need to be kept in sync with the routes in x-pack/plugins/infra/public/pages/metrics/index.tsx - const infraDeepLinks: AppDeepLink[] = [ + const getInfraDeepLinks = ({ + hostsEnabled, + metricsExplorerEnabled, + }: { + hostsEnabled: boolean; + metricsExplorerEnabled: boolean; + }): AppDeepLink[] => [ { id: 'inventory', title: i18n.translate('xpack.infra.homePage.inventoryTabTitle', { @@ -239,15 +257,19 @@ export class Plugin implements InfraClientPluginClass { path: '/inventory', navLinkStatus: AppNavLinkStatus.visible, }, - { - id: 'hosts', - title: i18n.translate('xpack.infra.homePage.metricsHostsTabTitle', { - defaultMessage: 'Hosts', - }), - path: '/hosts', - navLinkStatus: AppNavLinkStatus.visible, - }, - ...(this.config.featureFlags.metricsExplorerEnabled + ...(hostsEnabled + ? [ + { + id: 'hosts', + title: i18n.translate('xpack.infra.homePage.metricsHostsTabTitle', { + defaultMessage: 'Hosts', + }), + path: '/hosts', + navLinkStatus: AppNavLinkStatus.visible, + }, + ] + : []), + ...(metricsExplorerEnabled ? [ { id: 'metrics-explorer', @@ -277,7 +299,10 @@ export class Plugin implements InfraClientPluginClass { appRoute: '/app/metrics', category: DEFAULT_APP_CATEGORIES.observability, updater$: this.appUpdater$, - deepLinks: infraDeepLinks, + deepLinks: getInfraDeepLinks({ + hostsEnabled: core.settings.client.get(enableInfrastructureHostsView), + metricsExplorerEnabled: this.config.featureFlags.metricsExplorerEnabled, + }), mount: async (params: AppMountParameters) => { // mount callback should not use setup dependencies, get start dependencies instead const [coreStart, plugins, pluginStart] = await core.getStartServices(); @@ -308,9 +333,15 @@ export class Plugin implements InfraClientPluginClass { }); startDep$AndHostViewFlag$.subscribe( - ([_startServices]: [[CoreStart, InfraClientStartDeps, InfraClientStartExports], boolean]) => { + ([_startServices, isInfrastructureHostsViewEnabled]: [ + [CoreStart, InfraClientStartDeps, InfraClientStartExports], + boolean + ]) => { this.appUpdater$.next(() => ({ - deepLinks: infraDeepLinks, + deepLinks: getInfraDeepLinks({ + hostsEnabled: isInfrastructureHostsViewEnabled, + metricsExplorerEnabled: this.config.featureFlags.metricsExplorerEnabled, + }), })); } ); diff --git a/x-pack/plugins/infra/tsconfig.json b/x-pack/plugins/infra/tsconfig.json index 2166ae9c7b4c6..0fa2c7c9f6964 100644 --- a/x-pack/plugins/infra/tsconfig.json +++ b/x-pack/plugins/infra/tsconfig.json @@ -71,7 +71,8 @@ "@kbn/aiops-utils", "@kbn/lens-embeddable-utils", "@kbn/metrics-data-access-plugin", - "@kbn/expressions-plugin" + "@kbn/expressions-plugin", + "@kbn/advanced-settings-plugin" ], "exclude": ["target/**/*"] } diff --git a/x-pack/plugins/observability_shared/public/hooks/use_editable_settings.tsx b/x-pack/plugins/observability_shared/public/hooks/use_editable_settings.tsx index 460bb50f57bc7..6be1d28554b48 100644 --- a/x-pack/plugins/observability_shared/public/hooks/use_editable_settings.tsx +++ b/x-pack/plugins/observability_shared/public/hooks/use_editable_settings.tsx @@ -42,19 +42,20 @@ function getEditableConfig({ } export function useEditableSettings(app: ObservabilityApp, settingsKeys: string[]) { - const { services } = useKibana(); + const { + services: { settings }, + } = useKibana(); - const { uiSettings } = services; const [isSaving, setIsSaving] = useState(false); const [forceReloadSettings, setForceReloadSettings] = useState(0); const [unsavedChanges, setUnsavedChanges] = useState>({}); const settingsEditableConfig = useMemo( () => { - return getEditableConfig({ settingsKeys, uiSettings }); + return getEditableConfig({ settingsKeys, uiSettings: settings?.client }); }, // eslint-disable-next-line react-hooks/exhaustive-deps - [uiSettings, settingsKeys, forceReloadSettings] + [settings, settingsKeys, forceReloadSettings] ); function handleFieldChange(key: string, fieldState: FieldState) { @@ -77,11 +78,11 @@ export function useEditableSettings(app: ObservabilityApp, settingsKeys: string[ } async function saveAll() { - if (uiSettings && !isEmpty(unsavedChanges)) { + if (settings && !isEmpty(unsavedChanges)) { try { setIsSaving(true); const arr = Object.entries(unsavedChanges).map(([key, fieldState]) => - uiSettings.set(key, fieldState.value) + settings.client.set(key, fieldState.value) ); await Promise.all(arr); diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json index f591e4e4cd68a..6ed84d45aff89 100644 --- a/x-pack/plugins/translations/translations/fr-FR.json +++ b/x-pack/plugins/translations/translations/fr-FR.json @@ -18439,7 +18439,6 @@ "xpack.infra.deprecations.timestampAdjustIndexing": "Ajustez votre indexation pour utiliser \"{field}\" comme horodatage.", "xpack.infra.homePage.toolbar.showingLastOneMinuteDataText": "Dernières {duration} de données pour l'heure sélectionnée", "xpack.infra.hostsViewPage.errorOnCreateOrLoadDataview": "Une erreur s’est produite lors de la création d’une vue de données : {metricAlias}. Essayez de recharger la page.", - "xpack.infra.hostsViewPage.landing.calloutRoleClarificationWithDocsLink": "Un rôle avec accès aux paramètres avancés dans Kibana sera nécessaire. {docsLink}", "xpack.infra.hostsViewPage.kpi.subtitle.average.limit": "Moyenne (de {limit} hôtes)", "xpack.infra.hostsViewPage.kpi.subtitle.hostCount.limit": "Limité à {limit}", "xpack.infra.hostsViewPage.table.selectedHostsButton": "Sélection effectuée de {selectedHostsCount} {selectedHostsCount, plural, =1 {hôte} one {hôtes} many {hôtes} other {hôtes}}", @@ -18667,12 +18666,6 @@ "xpack.infra.hostsViewPage.hostLimit": "Limite de l'hôte", "xpack.infra.hostsViewPage.hostLimit.tooltip": "Pour garantir des performances de recherche plus rapides, le nombre d'hôtes retournés est limité.", "xpack.infra.hostsViewPage.kpi.hostCount.title": "Hôtes", - "xpack.infra.hostsViewPage.landing.calloutReachOutToYourKibanaAdministrator": "Votre rôle d'utilisateur ne dispose pas des privilèges suffisants pour activer cette fonctionnalité - veuillez \n contacter votre administrateur Kibana et lui demander de visiter cette page pour activer la fonctionnalité.", - "xpack.infra.hostsViewPage.landing.enableHostsView": "Activer la vue des hôtes", - "xpack.infra.hostsViewPage.landing.introMessage": "Bienvenue sur la fonctionnalité \"Hôtes\", désormais disponible en version bêta. Avec ce puissant outil, \n vous pouvez facilement voir et analyser vos hôtes et identifier tout problème afin de les corriger rapidement. \n Obtenez une vue détaillée des indicateurs pour vos hôtes afin de savoir lesquels déclenchent le plus d’alertes, et filtrez \n les hôtes que vous voulez analyser à l'aide de tout filtre KQL ainsi que de répartitions simples comme le fournisseur cloud et \n le système d'exploitation.", - "xpack.infra.hostsViewPage.landing.introTitle": "Analyse de l'hôte", - "xpack.infra.hostsViewPage.landing.learnMore": "En savoir plus", - "xpack.infra.hostsViewPage.landing.tryTheFeatureMessage": "Ceci est une version bêta de la fonctionnalité, donc nous apprécierions recevoir vos \n commentaires tandis que nous continuons à la développer et à l'améliorer. Pour accéder à la fonctionnalité, \n activez-la simplement ci-dessous (ou contactez votre administrateur interne si indisponible). \n Ne passez pas à côté de cette puissante fonctionnalité : essayez-là dès aujourd'hui !", "xpack.infra.hostsViewPage.metrics.tooltip.cpuUsage": "Pourcentage de temps CPU utilisé dans les états autres que Inactif et IOWait, normalisée par le nombre de cœurs de processeur. Cela inclut le temps passé à la fois sur l'espace utilisateur et sur l'espace du noyau.", "xpack.infra.hostsViewPage.metrics.tooltip.diskLatency": "Temps passé à gérer les requêtes de disque.", "xpack.infra.hostsViewPage.metrics.tooltip.diskSpaceUsage": "Pourcentage d’espace disque utilisé.", diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index b995191642521..15d66275a00ba 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -18453,7 +18453,6 @@ "xpack.infra.deprecations.timestampAdjustIndexing": "インデックスを調整し、\"{field}\"をタイムスタンプとして使用します。", "xpack.infra.homePage.toolbar.showingLastOneMinuteDataText": "指定期間のデータの最後の{duration}", "xpack.infra.hostsViewPage.errorOnCreateOrLoadDataview": "データビューの作成中にエラーが発生しました:{metricAlias}。ページを再読み込みしてください。", - "xpack.infra.hostsViewPage.landing.calloutRoleClarificationWithDocsLink": "Kibanaの高度な設定にアクセスできるロールが必要です。{docsLink}", "xpack.infra.hostsViewPage.kpi.subtitle.average.limit": "({limit}ホストの)平均", "xpack.infra.hostsViewPage.kpi.subtitle.hostCount.limit": "{limit}に制限", "xpack.infra.hostsViewPage.table.selectedHostsButton": "{selectedHostsCount}件の{selectedHostsCount, plural, =1 {ホスト} other {ホスト}}が選択済み", @@ -18681,12 +18680,6 @@ "xpack.infra.hostsViewPage.hostLimit": "ホスト制限", "xpack.infra.hostsViewPage.hostLimit.tooltip": "クエリパフォーマンスを確実に高めるために、返されるホスト数には制限があります", "xpack.infra.hostsViewPage.kpi.hostCount.title": "ホスト", - "xpack.infra.hostsViewPage.landing.calloutReachOutToYourKibanaAdministrator": "ユーザーロールには、この機能を有効にするための十分な権限がありません。 \n この機能を有効にするために、Kibana管理者に連絡して、このページにアクセスするように依頼してください。", - "xpack.infra.hostsViewPage.landing.enableHostsView": "ホストビューを有効化", - "xpack.infra.hostsViewPage.landing.introMessage": "「ホスト」機能へようこそ!ベータ版でご利用いただけるようになりました。この強力なツールを使用すると、\n ホストを簡単に表示、分析し、あらゆる問題を特定して、迅速に対処できます。\n ホストのメトリックを詳細に表示し、どのメトリックが最も多くのアラートをトリガーしているかを確認し、 \n 任意のKQLフィルターを使用して分析したいホストや、クラウドプロバイダーやオペレーティングシステムといった簡単な内訳をフィルターできます \n 。", - "xpack.infra.hostsViewPage.landing.introTitle": "ホスト分析", - "xpack.infra.hostsViewPage.landing.learnMore": "詳細", - "xpack.infra.hostsViewPage.landing.tryTheFeatureMessage": "この機能はベータ版です。ご意見をお聞かせください。 \n 機能の開発と改善に役立てます。この機能を使用するには、\n 以下で有効化します(あるいは、使用できない場合は、社内管理者に問い合わせてください)。\n この強力な機能をぜひご利用ください。今すぐお試しください。", "xpack.infra.hostsViewPage.metrics.tooltip.cpuUsage": "アイドルおよびIOWait以外の状態で費やされたCPU時間の割合を、CPUコア数で正規化したもの。これにはユーザースペースとカーネルスペースの両方で費やされた時間が含まれます。", "xpack.infra.hostsViewPage.metrics.tooltip.diskLatency": "ディスクリクエストの処理に費やされた時間。", "xpack.infra.hostsViewPage.metrics.tooltip.diskSpaceUsage": "使用済みディスク容量の割合。", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index fbef44d66792e..b3ee160e83978 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -18453,7 +18453,6 @@ "xpack.infra.deprecations.timestampAdjustIndexing": "调整索引以将“{field}”用作时间戳。", "xpack.infra.homePage.toolbar.showingLastOneMinuteDataText": "选定时间过去 {duration}的数据", "xpack.infra.hostsViewPage.errorOnCreateOrLoadDataview": "尝试创建以下数据视图时出错:{metricAlias}。尝试重新加载该页面。", - "xpack.infra.hostsViewPage.landing.calloutRoleClarificationWithDocsLink": "他们将需要有权访问 Kibana 中的高级设置的角色。{docsLink}", "xpack.infra.hostsViewPage.kpi.subtitle.average.limit": "平均值(属于 {limit} 台主机)", "xpack.infra.hostsViewPage.kpi.subtitle.hostCount.limit": "限定为 {limit}", "xpack.infra.hostsViewPage.table.selectedHostsButton": "已选定 {selectedHostsCount} 个{selectedHostsCount, plural, =1 {主机} other {主机}}", @@ -18681,12 +18680,6 @@ "xpack.infra.hostsViewPage.hostLimit": "主机限制", "xpack.infra.hostsViewPage.hostLimit.tooltip": "为确保更快的查询性能,对返回的主机数量实施了限制", "xpack.infra.hostsViewPage.kpi.hostCount.title": "主机", - "xpack.infra.hostsViewPage.landing.calloutReachOutToYourKibanaAdministrator": "您的用户角色权限不足,无法启用此功能 - 请 \n 联系您的 Kibana 管理员,要求他们访问此页面以启用该功能。", - "xpack.infra.hostsViewPage.landing.enableHostsView": "启用主机视图", - "xpack.infra.hostsViewPage.landing.introMessage": "欢迎使用“主机”功能,该功能现在为公测版!使用这个强大的工具,\n 您可以轻松查看并分析主机,并确定任何问题以便快速予以解决。\n 获取您主机的详细指标视图,了解哪些指标触发了大多数告警, \n 并使用任何 KQL 筛选以及云提供商和操作系统等常见细目筛选 \n 您要分析的主机。", - "xpack.infra.hostsViewPage.landing.introTitle": "主机分析", - "xpack.infra.hostsViewPage.landing.learnMore": "了解详情", - "xpack.infra.hostsViewPage.landing.tryTheFeatureMessage": "这是公测版功能,我们乐于收到您的反馈, \n 以便我们继续开发和改进该功能。要访问该功能,\n 只需在下面直接启用即可(或在不可用时联系您的内部管理员)。\n 不要错过这个强大的功能 - 立即试用!", "xpack.infra.hostsViewPage.metrics.tooltip.cpuUsage": "CPU 在空闲和 IOWait 状态以外所花费时间的百分比,按 CPU 核心数进行标准化。这包括在用户空间和内核空间上花费的时间。", "xpack.infra.hostsViewPage.metrics.tooltip.diskLatency": "处理磁盘请求所花费的时间。", "xpack.infra.hostsViewPage.metrics.tooltip.diskSpaceUsage": "已用磁盘空间百分比。", diff --git a/x-pack/test/functional/apps/infra/hosts_view.ts b/x-pack/test/functional/apps/infra/hosts_view.ts index e8f7730522f42..fa9008bf5cc24 100644 --- a/x-pack/test/functional/apps/infra/hosts_view.ts +++ b/x-pack/test/functional/apps/infra/hosts_view.ts @@ -94,7 +94,6 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { const kibanaServer = getService('kibanaServer'); const observability = getService('observability'); const retry = getService('retry'); - const security = getService('security'); const testSubjects = getService('testSubjects'); const pageObjects = getPageObjects([ 'assetDetails', @@ -111,47 +110,6 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { const setHostViewEnabled = (value: boolean = true) => kibanaServer.uiSettings.update({ [enableInfrastructureHostsView]: value }); - const loginWithReadOnlyUser = async () => { - const roleCreation = await security.role.create('global_hosts_read_privileges_role', { - elasticsearch: { - indices: [{ names: ['metricbeat-*'], privileges: ['read', 'view_index_metadata'] }], - }, - kibana: [ - { - feature: { - infrastructure: ['read'], - advancedSettings: ['read'], - }, - spaces: ['*'], - }, - ], - }); - - const userCreation = security.user.create('global_hosts_read_privileges_user', { - password: 'global_hosts_read_privileges_user-password', - roles: ['global_hosts_read_privileges_role'], - full_name: 'test user', - }); - - await Promise.all([roleCreation, userCreation]); - - await pageObjects.security.forceLogout(); - await pageObjects.security.login( - 'global_hosts_read_privileges_user', - 'global_hosts_read_privileges_user-password', - { - expectSpaceSelector: false, - } - ); - }; - - const logoutAndDeleteReadOnlyUser = () => - Promise.all([ - pageObjects.security.forceLogout(), - security.role.delete('global_hosts_read_privileges_role'), - security.user.delete('global_hosts_read_privileges_user'), - ]); - const returnTo = async (path: string, timeout = 2000) => retry.waitForWithTimeout('returned to hosts view', timeout, async () => { await browser.goBack(); @@ -200,65 +158,6 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { expect(pageUrl).to.contain(HOSTS_VIEW_PATH); }); - describe('#Landing page', () => { - beforeEach(async () => { - await setHostViewEnabled(false); - }); - - afterEach(async () => { - await setHostViewEnabled(true); - }); - - describe('User with read permission', () => { - beforeEach(async () => { - await loginWithReadOnlyUser(); - await pageObjects.common.navigateToApp(HOSTS_VIEW_PATH); - await pageObjects.header.waitUntilLoadingHasFinished(); - }); - - afterEach(async () => { - await logoutAndDeleteReadOnlyUser(); - }); - - it('Should show hosts landing page with callout when the hosts view is disabled', async () => { - await pageObjects.infraHostsView.getBetaBadgeExists(); - const landingPageDisabled = - await pageObjects.infraHostsView.getHostsLandingPageDisabled(); - const learnMoreDocsUrl = await pageObjects.infraHostsView.getHostsLandingPageDocsLink(); - const parsedUrl = new URL(learnMoreDocsUrl); - - expect(parsedUrl.host).to.be('www.elastic.co'); - expect(parsedUrl.pathname).to.be('/guide/en/kibana/current/kibana-privileges.html'); - expect(landingPageDisabled).to.contain( - 'Your user role doesn’t have sufficient privileges to enable this feature' - ); - }); - }); - - describe('Admin user', () => { - beforeEach(async () => { - await pageObjects.common.navigateToApp(HOSTS_VIEW_PATH); - await pageObjects.header.waitUntilLoadingHasFinished(); - }); - - it('as an admin, should see an enable button when the hosts view is disabled', async () => { - const landingPageEnableButton = - await pageObjects.infraHostsView.getHostsLandingPageEnableButton(); - const landingPageEnableButtonText = await landingPageEnableButton.getVisibleText(); - expect(landingPageEnableButtonText).to.eql('Enable hosts view'); - }); - - it('as an admin, should be able to enable the hosts view feature', async () => { - await pageObjects.infraHostsView.clickEnableHostViewButton(); - - const titleElement = await find.byCssSelector('h1'); - const title = await titleElement.getVisibleText(); - - expect(title).to.contain('Hosts'); - }); - }); - }); - describe('#Single Host Flyout', () => { before(async () => { await setHostViewEnabled(true); diff --git a/x-pack/test/functional/page_objects/infra_hosts_view.ts b/x-pack/test/functional/page_objects/infra_hosts_view.ts index 83628e1eae02a..3d37fc4da913f 100644 --- a/x-pack/test/functional/page_objects/infra_hosts_view.ts +++ b/x-pack/test/functional/page_objects/infra_hosts_view.ts @@ -46,28 +46,6 @@ export function InfraHostsViewProvider({ getService }: FtrProviderContext) { return await testSubjects.click('inventory-hostsView-link-badge'); }, - // Splash screen - - async getHostsLandingPageDisabled() { - const container = await testSubjects.find('hostView-no-enable-access'); - const containerText = await container.getVisibleText(); - return containerText; - }, - - async getHostsLandingPageDocsLink() { - const container = await testSubjects.find('hostsView-docs-link'); - const containerText = await container.getAttribute('href'); - return containerText; - }, - - async getHostsLandingPageEnableButton() { - return testSubjects.find('hostsView-enable-feature-button'); - }, - - async clickEnableHostViewButton() { - return testSubjects.click('hostsView-enable-feature-button'); - }, - // Table async getHostsTable() { From ba6fef2b4de938cdf3abe68f0432e0a7757493cb Mon Sep 17 00:00:00 2001 From: Khristinin Nikita Date: Thu, 19 Oct 2023 09:41:10 +0200 Subject: [PATCH 21/50] Risk score error message (#169216) ## Risk score error message includes info about needed privileges Error panel for risk engine API requests always will include a section, `Check privileges` with information about all privileges they need to have. We are not checking for missing one here, we just list all of that needed, as a quick fix. ### Default view: Screenshot 2023-10-18 at 11 55 09 ### Expanded view: Screenshot 2023-10-18 at 11 55 01 ### This callout was removed because it's not related to the risk engine: Screenshot 2023-10-16 at 20 02 01 --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> --- .../components/risk_score_enable_section.tsx | 44 ++++++++++++++++++- .../entity_analytics_management_page.tsx | 2 - .../public/entity_analytics/translations.ts | 18 +++++++- .../entity_analytics_management_page.cy.ts | 2 +- 4 files changed, 60 insertions(+), 6 deletions(-) diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/risk_score_enable_section.tsx b/x-pack/plugins/security_solution/public/entity_analytics/components/risk_score_enable_section.tsx index 0e48603421406..0eead8683e4f2 100644 --- a/x-pack/plugins/security_solution/public/entity_analytics/components/risk_score_enable_section.tsx +++ b/x-pack/plugins/security_solution/public/entity_analytics/components/risk_score_enable_section.tsx @@ -28,6 +28,7 @@ import { EuiCallOut, EuiAccordion, } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n-react'; import { DETECTION_ENTITY_DASHBOARD, RISKY_HOSTS_DOC_LINK, @@ -68,7 +69,7 @@ const RiskScoreErrorPanel = ({ errors }: { errors: string[] }) => ( >

{i18n.ERROR_PANEL_MESSAGE}

- + <> {errors.map((error) => (
@@ -78,6 +79,47 @@ const RiskScoreErrorPanel = ({ errors }: { errors: string[] }) => ( ))} + + +

+ {i18n.NEED_TO_HAVE} +

    +
  • + {'all'}, + index: {'risk-score.risk-score-*'}, + }} + /> +
  • +
  • + + {'manage_index_templates'} + {','} {'manage_transform'} + + ), + }} + /> +
  • +
  • + {'Saved Objects Management'}, + }} + /> +
  • +
+

+
); diff --git a/x-pack/plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx b/x-pack/plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx index 16521b065c2a0..4f2bacf97f02b 100644 --- a/x-pack/plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx +++ b/x-pack/plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx @@ -10,14 +10,12 @@ import { EuiBetaBadge, EuiFlexGroup, EuiFlexItem, EuiPageHeader, EuiSpacer } fro import { RiskScorePreviewSection } from '../components/risk_score_preview_section'; import { RiskScoreEnableSection } from '../components/risk_score_enable_section'; -import { MissingPrivilegesCallOut } from '../../detections/components/callouts/missing_privileges_callout'; import { ENTITY_ANALYTICS_RISK_SCORE } from '../../app/translations'; import { BETA } from '../../common/translations'; export const EntityAnalyticsManagementPage = () => { return ( <> - { From 1c4573d74cfb74db221bbf45713e471de8d95437 Mon Sep 17 00:00:00 2001 From: Marco Antonio Ghiani Date: Thu, 19 Oct 2023 09:53:47 +0200 Subject: [PATCH 22/50] [Log Explorer] Add link to feedback survey (#169079) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## 📓 Summary Closes https://github.com/elastic/observability-dev/issues/2824 We want to gather feedback on the new features introduced with Log Explorer. This PR adds a link to open a survey on a new tab. Screenshot 2023-10-17 at 12 05 04 --------- Co-authored-by: Marco Antonio Ghiani Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> --- packages/kbn-optimizer/limits.yml | 2 +- .../common/translations.ts | 7 +++ .../components/log_explorer_top_nav_menu.tsx | 43 +++++++++++++++---- .../observability_log_explorer/tsconfig.json | 3 +- .../observability_shared/common/index.ts | 1 + 5 files changed, 46 insertions(+), 10 deletions(-) diff --git a/packages/kbn-optimizer/limits.yml b/packages/kbn-optimizer/limits.yml index 5395d6cce3643..d796ccfc82ab0 100644 --- a/packages/kbn-optimizer/limits.yml +++ b/packages/kbn-optimizer/limits.yml @@ -101,7 +101,7 @@ pageLoadAssetSize: noDataPage: 5000 observability: 115443 observabilityAIAssistant: 25000 - observabilityLogExplorer: 23686 + observabilityLogExplorer: 46650 observabilityOnboarding: 19573 observabilityShared: 52256 osquery: 107090 diff --git a/x-pack/plugins/observability_log_explorer/common/translations.ts b/x-pack/plugins/observability_log_explorer/common/translations.ts index c7a63e4f9866e..d5b1811f51955 100644 --- a/x-pack/plugins/observability_log_explorer/common/translations.ts +++ b/x-pack/plugins/observability_log_explorer/common/translations.ts @@ -35,3 +35,10 @@ export const onboardingLinkTitle = i18n.translate( defaultMessage: 'Add data', } ); + +export const feedbackLinkTitle = i18n.translate( + 'xpack.observabilityLogExplorer.feedbackLinkTitle', + { + defaultMessage: 'Give feedback', + } +); diff --git a/x-pack/plugins/observability_log_explorer/public/components/log_explorer_top_nav_menu.tsx b/x-pack/plugins/observability_log_explorer/public/components/log_explorer_top_nav_menu.tsx index 5c22096301111..205fc824e409f 100644 --- a/x-pack/plugins/observability_log_explorer/public/components/log_explorer_top_nav_menu.tsx +++ b/x-pack/plugins/observability_log_explorer/public/components/log_explorer_top_nav_menu.tsx @@ -9,6 +9,7 @@ import React, { useEffect, useState } from 'react'; import deepEqual from 'fast-deep-equal'; import useObservable from 'react-use/lib/useObservable'; import { type BehaviorSubject, distinctUntilChanged, filter, take } from 'rxjs'; +import styled from '@emotion/styled'; import { HeaderMenuPortal } from '@kbn/observability-shared-plugin/public'; import { EuiBetaBadge, @@ -18,7 +19,6 @@ import { EuiHeaderLinks, EuiHeaderSection, EuiHeaderSectionItem, - useEuiTheme, } from '@elastic/eui'; import { LogExplorerStateContainer } from '@kbn/log-explorer-plugin/public'; import { @@ -28,11 +28,14 @@ import { import { KibanaReactContextValue } from '@kbn/kibana-react-plugin/public'; import { toMountPoint } from '@kbn/react-kibana-mount'; import { css } from '@emotion/react'; +import { LOG_EXPLORER_FEEDBACK_LINK } from '@kbn/observability-shared-plugin/common'; +import { euiThemeVars } from '@kbn/ui-theme'; import { PluginKibanaContextValue } from '../utils/use_kibana'; import { betaBadgeDescription, betaBadgeTitle, discoverLinkTitle, + feedbackLinkTitle, onboardingLinkTitle, } from '../../common/translations'; import { getRouterLinkProps } from '../utils/get_router_link_props'; @@ -69,8 +72,6 @@ const ServerlessTopNav = ({ services, state$, }: Pick) => { - const { euiTheme } = useEuiTheme(); - return ( @@ -83,7 +84,7 @@ const ServerlessTopNav = ({ @@ -95,6 +96,10 @@ const ServerlessTopNav = ({ alignment="middle" /> + + + + @@ -109,8 +114,6 @@ const StatefulTopNav = ({ state$, theme$, }: LogExplorerTopNavMenuProps) => { - const { euiTheme } = useEuiTheme(); - /** * Since the breadcrumbsAppendExtension might be set only during a plugin start (e.g. search session) * we retrieve the latest valid extension in order to restore it once we unmount the beta badge. @@ -130,7 +133,7 @@ const StatefulTopNav = ({ @@ -142,6 +145,9 @@ const StatefulTopNav = ({ alignment="middle" /> + + + , { theme, i18n } ), @@ -153,7 +159,7 @@ const StatefulTopNav = ({ chrome.setBreadcrumbsAppendExtension(previousAppendExtension); } }; - }, [euiTheme, services, previousAppendExtension]); + }, [services, previousAppendExtension]); return ( @@ -248,3 +254,24 @@ const OnboardingLink = React.memo(({ services }: Pick ); }); + +const FeedbackLink = React.memo(() => { + return ( + + {feedbackLinkTitle} + + ); +}); + +const VerticalRule = styled.span` + width: 1px; + height: 20px; + background-color: ${euiThemeVars.euiColorLightShade}; +`; diff --git a/x-pack/plugins/observability_log_explorer/tsconfig.json b/x-pack/plugins/observability_log_explorer/tsconfig.json index a789445599923..7266e097dae62 100644 --- a/x-pack/plugins/observability_log_explorer/tsconfig.json +++ b/x-pack/plugins/observability_log_explorer/tsconfig.json @@ -32,7 +32,8 @@ "@kbn/core-notifications-browser", "@kbn/core-mount-utils-browser-internal", "@kbn/xstate-utils", - "@kbn/shared-ux-utility" + "@kbn/shared-ux-utility", + "@kbn/ui-theme" ], "exclude": [ "target/**/*" diff --git a/x-pack/plugins/observability_shared/common/index.ts b/x-pack/plugins/observability_shared/common/index.ts index c25eee3e0b02b..ca34cf3ecee99 100644 --- a/x-pack/plugins/observability_shared/common/index.ts +++ b/x-pack/plugins/observability_shared/common/index.ts @@ -139,3 +139,4 @@ export { ObservabilityTriggerId } from './trigger_ids'; export { getInspectResponse } from './utils/get_inspect_response'; export const LOGS_ONBOARDING_FEEDBACK_LINK = 'https://ela.st/logs-onboarding-feedback'; +export const LOG_EXPLORER_FEEDBACK_LINK = 'https://ela.st/explorer-feedback'; From 0366351bd59ee05d2ffc3e4bd62e272ad388720a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cau=C3=AA=20Marcondes?= <55978943+cauemarcondes@users.noreply.github.com> Date: Thu, 19 Oct 2023 09:12:36 +0100 Subject: [PATCH 23/50] [Profiling] Displaying inline frames (#169212) Flamegraph: Screenshot 2023-10-18 at 10 23 15 Traces: https://github.com/elastic/kibana/assets/55978943/e67267cf-102d-48d6-83a9-3c59769053a9 --- .../kbn-profiling-utils/common/profiling.ts | 9 +- .../flamegraph/flamegraph_tooltip.tsx | 36 +++++- .../public/components/flamegraph/index.tsx | 11 +- .../profiling/public/components/subchart.tsx | 107 ++++++++++++++---- .../utils/get_flamegraph_model/index.ts | 30 ++--- 5 files changed, 151 insertions(+), 42 deletions(-) diff --git a/packages/kbn-profiling-utils/common/profiling.ts b/packages/kbn-profiling-utils/common/profiling.ts index 955be2e1485e6..a8786224b2231 100644 --- a/packages/kbn-profiling-utils/common/profiling.ts +++ b/packages/kbn-profiling-utils/common/profiling.ts @@ -241,14 +241,15 @@ function getExeFileName(metadata: StackFrameMetadata) { * @returns string */ export function getCalleeLabel(metadata: StackFrameMetadata) { + const inlineLabel = metadata.Inline ? '-> ' : ''; if (metadata.FunctionName !== '') { const sourceFilename = metadata.SourceFilename; const sourceURL = sourceFilename ? sourceFilename.split('/').pop() : ''; - return `${getExeFileName(metadata)}: ${getFunctionName(metadata)} in ${sourceURL}#${ - metadata.SourceLine - }`; + return `${inlineLabel}${getExeFileName(metadata)}: ${getFunctionName( + metadata + )} in ${sourceURL}#${metadata.SourceLine}`; } - return getExeFileName(metadata); + return `${inlineLabel}${getExeFileName(metadata)}`; } /** * Get callee function name diff --git a/x-pack/plugins/profiling/public/components/flamegraph/flamegraph_tooltip.tsx b/x-pack/plugins/profiling/public/components/flamegraph/flamegraph_tooltip.tsx index 9d00900c1e192..2f33170e44fcf 100644 --- a/x-pack/plugins/profiling/public/components/flamegraph/flamegraph_tooltip.tsx +++ b/x-pack/plugins/profiling/public/components/flamegraph/flamegraph_tooltip.tsx @@ -7,23 +7,26 @@ import { TooltipContainer } from '@elastic/charts'; import { EuiButtonEmpty, + EuiCallOut, EuiFlexGroup, EuiFlexItem, EuiHorizontalRule, EuiIcon, EuiPanel, EuiText, + EuiTitle, useEuiTheme, } from '@elastic/eui'; +import { css } from '@emotion/react'; import { i18n } from '@kbn/i18n'; import { isNumber } from 'lodash'; import React from 'react'; +import { useCalculateImpactEstimate } from '../../hooks/use_calculate_impact_estimates'; import { asCost } from '../../utils/formatters/as_cost'; import { asPercentage } from '../../utils/formatters/as_percentage'; import { asWeight } from '../../utils/formatters/as_weight'; import { CPULabelWithHint } from '../cpu_label_with_hint'; import { TooltipRow } from './tooltip_row'; -import { useCalculateImpactEstimate } from '../../hooks/use_calculate_impact_estimates'; interface Props { isRoot: boolean; @@ -39,6 +42,8 @@ interface Props { comparisonTotalSamples?: number; comparisonTotalSeconds?: number; onShowMoreClick?: () => void; + inline: boolean; + parentLabel?: string; } export function FlameGraphTooltip({ @@ -55,6 +60,8 @@ export function FlameGraphTooltip({ comparisonTotalSamples, comparisonTotalSeconds, onShowMoreClick, + inline, + parentLabel, }: Props) { const theme = useEuiTheme(); const calculateImpactEstimates = useCalculateImpactEstimate(); @@ -83,8 +90,33 @@ export function FlameGraphTooltip({ - {label} + + + {label} + + + + {inline && ( + + {i18n.translate('xpack.profiling.flameGraphTooltip.inlineCallout', { + defaultMessage: 'This function has been inlined by {parentLabel}', + values: { parentLabel }, + })} + + } + size="s" + iconType="iInCircle" + /> + )} {isRoot === false && ( <> edge.includes(valueIndex)) + ] + : undefined; + return ( ); }} diff --git a/x-pack/plugins/profiling/public/components/subchart.tsx b/x-pack/plugins/profiling/public/components/subchart.tsx index dbb3db5caa343..4aaf0e683d839 100644 --- a/x-pack/plugins/profiling/public/components/subchart.tsx +++ b/x-pack/plugins/profiling/public/components/subchart.tsx @@ -19,6 +19,7 @@ import { Tooltip, } from '@elastic/charts'; import { + EuiAccordion, EuiBadge, EuiButton, EuiFlexGroup, @@ -28,11 +29,14 @@ import { EuiLink, EuiSpacer, EuiText, + EuiToolTip, useEuiTheme, } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import React from 'react'; import type { StackFrameMetadata } from '@kbn/profiling-utils'; +import { groupBy } from 'lodash'; +import React, { Fragment } from 'react'; +import { css } from '@emotion/react'; import { CountPerTime, OTHER_BUCKET_LABEL, TopNSample } from '../../common/topn'; import { useKibanaTimeZoneSetting } from '../hooks/use_kibana_timezone_setting'; import { useProfilingChartsTheme } from '../hooks/use_profiling_charts_theme'; @@ -40,8 +44,8 @@ import { useProfilingParams } from '../hooks/use_profiling_params'; import { useProfilingRouter } from '../hooks/use_profiling_router'; import { asNumber } from '../utils/formatters/as_number'; import { asPercentage } from '../utils/formatters/as_percentage'; -import { StackFrameSummary } from './stack_frame_summary'; import { getTracesViewRouteParams } from '../views/stack_traces_view/utils'; +import { StackFrameSummary } from './stack_frame_summary'; export interface SubChartProps { index: number; @@ -63,6 +67,19 @@ export interface SubChartProps { const NUM_DISPLAYED_FRAMES = 5; +function renderFrameItem(frame: StackFrameMetadata, parentIndex: number | string) { + return ( + + + {parentIndex} + + + + + + ); +} + export function SubChart({ index, color, @@ -97,9 +114,14 @@ export function SubChart({ const compact = !!onShowMoreClick; + const groupedMetadata = groupBy(metadata, 'AddressOrLine'); + const parentsMetadata = Object.values(groupedMetadata) + .map((items) => items.shift()) + .filter((_) => _) as StackFrameMetadata[]; + const displayedFrames = compact - ? metadata.concat().reverse().slice(0, NUM_DISPLAYED_FRAMES) - : metadata.concat().reverse(); + ? parentsMetadata.concat().reverse().slice(0, NUM_DISPLAYED_FRAMES) + : parentsMetadata.concat().reverse(); const hasMoreFrames = displayedFrames.length < metadata.length; @@ -115,23 +137,68 @@ export function SubChart({ }} > - {displayedFrames.map((frame, frameIndex) => ( - <> - - - {metadata.indexOf(frame) + 1} - - + {displayedFrames.map((frame, frameIndex) => { + const parentIndex = parentsMetadata.indexOf(frame) + 1; + const children = groupedMetadata[frame.AddressOrLine].concat().reverse(); + + return ( + <> + {children.length > 0 ? ( + + {`-> ${children.length}`} + + } + > + + {children.map((child, childIndex) => { + return ( + + {renderFrameItem( + child, + `${parentIndex}.${children.length - childIndex} ->` + )} + + ); + })} + + + ) : ( + renderFrameItem(frame, parentIndex) + )} + {frameIndex < displayedFrames.length - 1 || hasMoreFrames ? ( + + - - - {frameIndex < displayedFrames.length - 1 || hasMoreFrames ? ( - - - - ) : null} - - ))} + ) : null} + + ); + })} {hasMoreFrames && !!onShowMoreClick && ( diff --git a/x-pack/plugins/profiling/public/utils/get_flamegraph_model/index.ts b/x-pack/plugins/profiling/public/utils/get_flamegraph_model/index.ts index 32ae0471dd8d5..16d2b6a7a1644 100644 --- a/x-pack/plugins/profiling/public/utils/get_flamegraph_model/index.ts +++ b/x-pack/plugins/profiling/public/utils/get_flamegraph_model/index.ts @@ -65,21 +65,7 @@ export function getFlamegraphModel({ let legendItems: Array<{ label: string; color: string }>; - if (!comparisonFlamegraph) { - const usedFrameTypes = new Set([...primaryFlamegraph.FrameType]); - legendItems = compact( - Object.entries(FRAME_TYPE_COLOR_MAP).map(([frameTypeKey, colors]) => { - const frameType = Number(frameTypeKey) as FrameType; - - return usedFrameTypes.has(frameType) - ? { - color: `#${colors[0].toString(16)}`, - label: describeFrameType(frameType), - } - : undefined; - }) - ); - } else { + if (comparisonFlamegraph) { const positiveChangeInterpolator = d3.interpolateRgb(colorNeutral, colorSuccess); const negativeChangeInterpolator = d3.interpolateRgb(colorNeutral, colorDanger); @@ -162,6 +148,20 @@ export function getFlamegraphModel({ const rgba = rgbToRGBA(Number(nodeColor.replace('#', '0x'))); viewModel.color.set(rgba, 4 * index); }); + } else { + const usedFrameTypes = new Set([...primaryFlamegraph.FrameType]); + legendItems = compact( + Object.entries(FRAME_TYPE_COLOR_MAP).map(([frameTypeKey, colors]) => { + const frameType = Number(frameTypeKey) as FrameType; + + return usedFrameTypes.has(frameType) + ? { + color: `#${colors[0].toString(16)}`, + label: describeFrameType(frameType), + } + : undefined; + }) + ); } return { From e1f554b172a28ad92219d5fea5be14159530f9f4 Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 19 Oct 2023 03:45:52 -0500 Subject: [PATCH 24/50] [kbn-es] Increase ready timeout to two minutes (#169331) Average start times of serverless ES are near one minute, and in [some cases exceeding the limit](https://buildkite.com/elastic/kibana-on-merge/builds/37049#018b44ec-832c-48be-a5b9-93e9c42e1db7/243-1554). This increases the limit to two minutes --- packages/kbn-es/src/utils/wait_until_cluster_ready.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/kbn-es/src/utils/wait_until_cluster_ready.ts b/packages/kbn-es/src/utils/wait_until_cluster_ready.ts index 093d6192775ba..e3d5fec0e6f61 100644 --- a/packages/kbn-es/src/utils/wait_until_cluster_ready.ts +++ b/packages/kbn-es/src/utils/wait_until_cluster_ready.ts @@ -9,7 +9,7 @@ import { Client } from '@elastic/elasticsearch'; import { HealthStatus } from '@elastic/elasticsearch/lib/api/types'; import { ToolingLog } from '@kbn/tooling-log'; -const DEFAULT_READY_TIMEOUT = 60 * 1000; // 1 minute +const DEFAULT_READY_TIMEOUT = 120 * 1000; // 2 minutes export type ClusterReadyStatus = 'green' | 'yellow'; export interface WaitOptions { From e25ae7bc00d63f04b1c797fbee7eaf658832479b Mon Sep 17 00:00:00 2001 From: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Date: Thu, 19 Oct 2023 05:44:45 -0400 Subject: [PATCH 25/50] skip failing test suite (#169320) --- .../cypress/e2e/automated_response_actions/no_license.cy.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/no_license.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/no_license.cy.ts index 192a4fd853bd5..2cc2d96a9e6d5 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/no_license.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/no_license.cy.ts @@ -15,7 +15,8 @@ import type { ReturnTypeFromChainable } from '../../types'; import { indexEndpointHosts } from '../../tasks/index_endpoint_hosts'; import { indexEndpointRuleAlerts } from '../../tasks/index_endpoint_rule_alerts'; -describe('No License', { tags: '@ess', env: { ftrConfig: { license: 'basic' } } }, () => { +// Failing: See https://github.com/elastic/kibana/issues/169320 +describe.skip('No License', { tags: '@ess', env: { ftrConfig: { license: 'basic' } } }, () => { describe('User cannot use endpoint action in form', () => { const [ruleName, ruleDescription] = generateRandomStringName(2); From cc6db271fc1a7c554a9bcf735751b617a9650240 Mon Sep 17 00:00:00 2001 From: Tomasz Ciecierski Date: Thu, 19 Oct 2023 11:56:44 +0200 Subject: [PATCH 26/50] [EDR Workflows] Bring back 8.11.0 agent (#169335) --- x-pack/test/osquery_cypress/artifact_manager.ts | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/x-pack/test/osquery_cypress/artifact_manager.ts b/x-pack/test/osquery_cypress/artifact_manager.ts index 0f5ca38d74978..54b9a70d37aff 100644 --- a/x-pack/test/osquery_cypress/artifact_manager.ts +++ b/x-pack/test/osquery_cypress/artifact_manager.ts @@ -6,6 +6,5 @@ */ export async function getLatestVersion(): Promise { - // temporary solution until newer agents work fine with Docker - return '8.10.4'; + return '8.11.0-SNAPSHOT'; } From c99f6aa5575aab598763a5d4f8ac5e7547888cbf Mon Sep 17 00:00:00 2001 From: Dario Gieselaar Date: Thu, 19 Oct 2023 12:16:17 +0200 Subject: [PATCH 27/50] [Obs AI Assistant] Remove refresh_interval (#169220) --- .../plugins/observability_ai_assistant/server/service/index.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/x-pack/plugins/observability_ai_assistant/server/service/index.ts b/x-pack/plugins/observability_ai_assistant/server/service/index.ts index e2f6354725f1a..7a268fb7eb3d7 100644 --- a/x-pack/plugins/observability_ai_assistant/server/service/index.ts +++ b/x-pack/plugins/observability_ai_assistant/server/service/index.ts @@ -118,7 +118,6 @@ export class ObservabilityAIAssistantService { settings: { number_of_shards: 1, auto_expand_replicas: '0-1', - refresh_interval: '1s', hidden: true, }, }, @@ -176,7 +175,6 @@ export class ObservabilityAIAssistantService { settings: { number_of_shards: 1, auto_expand_replicas: '0-1', - refresh_interval: '1s', hidden: true, }, }, From e12cfc157ec255a2d3655168c0ec0a08182ac444 Mon Sep 17 00:00:00 2001 From: Pablo Machado Date: Thu, 19 Oct 2023 12:30:28 +0200 Subject: [PATCH 28/50] [Security Solutions] Update risk score tables to filter by timerange (#168826) issue: https://github.com/elastic/kibana/issues/162451 ## Summary * Update Entity analytics dashboard to filter by timerange and to display timestamp field * Update Users risk score tab to filter by timerange and to display timestamp field * Update Hosts risk score tab to filter by timerange and to display timestamp field * Delete tooltip that used to warn users that risk tables din't filter by timerange Screenshot 2023-10-13 at 11 54 19 Screenshot 2023-10-13 at 11 54 38 Screenshot 2023-10-13 at 11 54 53 ### How to test * Create alerts and enable the risk engine * Check if the Entity analytics dashboard filters by timerange * Check if the Users risk score tab filters by timerange * Check if the Hosts risk score tab filters by timerange * Check if the risk score on top of the user details page does NOT filter by timerange * Check if the risk score inside flyouts (Alerts, users and hosts) does NOT filter by timerange * Check if the info tooltips about the timerange filter were removed ### Checklist - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --- .../security_solution/risk_score/all/index.ts | 2 + .../security_solution/users/common/index.ts | 1 + .../risk_score_no_data_detected.tsx | 11 +---- .../containers/risk_score/all/index.tsx | 10 +---- .../containers/risk_score/kpi/index.tsx | 31 +++++++------- .../host_risk_score_table/columns.test.tsx | 2 +- .../host_risk_score_table/columns.tsx | 17 +++++++- .../host_risk_score_table/index.tsx | 2 +- .../host_risk_score_table/translations.ts | 15 ++++--- .../user_risk_score_table/columns.test.tsx | 7 ++-- .../user_risk_score_table/columns.tsx | 17 +++++++- .../user_risk_score_table/index.tsx | 2 +- .../user_risk_score_table/translations.ts | 10 ++--- .../entity_analytics/common/translations.ts | 16 -------- .../entity_analytics/risk_score/columns.tsx | 19 ++++++++- .../entity_analytics/risk_score/index.tsx | 6 --- .../risk_score/translations.ts | 15 ++----- .../components/host_overview/index.tsx | 10 ----- .../components/user_overview/index.tsx | 12 ------ .../kpi/query.kpi_risk_score.dsl.ts | 13 ++++++ .../translations/translations/fr-FR.json | 6 --- .../translations/translations/ja-JP.json | 6 --- .../translations/translations/zh-CN.json | 6 --- .../explore/dashboards/entity_analytics.cy.ts | 40 ++++++++++++++++--- .../e2e/explore/hosts/host_risk_tab.cy.ts | 14 ++++--- .../cypress/e2e/inspect/inspect_button.cy.ts | 4 +- .../cypress/screens/inspect.ts | 1 - 27 files changed, 148 insertions(+), 147 deletions(-) diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/risk_score/all/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/risk_score/all/index.ts index 28058b29eaada..1214a17c85867 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/risk_score/all/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/risk_score/all/index.ts @@ -74,6 +74,8 @@ export interface RiskScoreItem { [RiskScoreFields.hostName]: Maybe; [RiskScoreFields.userName]: Maybe; + [RiskScoreFields.timestamp]: Maybe; + [RiskScoreFields.hostRisk]: Maybe; [RiskScoreFields.userRisk]: Maybe; diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/users/common/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/users/common/index.ts index 9f526309e2c5a..cfd2347a374d4 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/users/common/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/users/common/index.ts @@ -11,6 +11,7 @@ import type { CommonFields, Maybe, RiskScoreFields, RiskSeverity, SortField } fr export interface UserRiskScoreItem { _id?: Maybe; [RiskScoreFields.userName]: Maybe; + [RiskScoreFields.timestamp]: Maybe; [RiskScoreFields.userRisk]: Maybe; [RiskScoreFields.userRiskScore]: Maybe; } diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/risk_score_no_data_detected.tsx b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/risk_score_no_data_detected.tsx index e98d626c95672..533a7d00729cd 100644 --- a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/risk_score_no_data_detected.tsx +++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/risk_score_no_data_detected.tsx @@ -14,7 +14,6 @@ import * as i18n from './translations'; import { RiskScoreHeaderTitle } from './risk_score_header_title'; import { RiskScoreRestartButton } from './risk_score_restart_button'; import type { inputsModel } from '../../../../common/store'; -import * as overviewI18n from '../../../../overview/components/entity_analytics/common/translations'; import { useIsNewRiskScoreModuleInstalled } from '../../../../entity_analytics/api/hooks/use_risk_engine_status'; const RiskScoresNoDataDetectedComponent = ({ @@ -37,15 +36,7 @@ const RiskScoresNoDataDetectedComponent = ({ return ( - } - titleSize="s" - tooltip={ - entityType === RiskScoreEntity.user - ? overviewI18n.USER_RISK_TABLE_TOOLTIP - : overviewI18n.HOST_RISK_TABLE_TOOLTIP - } - /> + } titleSize="s" /> {translations.title}} body={translations.body} diff --git a/x-pack/plugins/security_solution/public/explore/containers/risk_score/all/index.tsx b/x-pack/plugins/security_solution/public/explore/containers/risk_score/all/index.tsx index f49879ecf4754..b2be80f74ab71 100644 --- a/x-pack/plugins/security_solution/public/explore/containers/risk_score/all/index.tsx +++ b/x-pack/plugins/security_solution/public/explore/containers/risk_score/all/index.tsx @@ -125,13 +125,6 @@ export const useRiskScore = { - refetchAll(); - // eslint-disable-next-line react-hooks/exhaustive-deps - }, [timerange?.to, timerange?.from]); - const riskScoreResponse = useMemo( () => ({ data: response.data, @@ -168,7 +161,7 @@ export const useRiskScore = (timerange ? { to: timerange.to, from: timerange.from, interval: '' } : undefined), + [timerange] + ); + useEffect(() => { if ( !skip && @@ -92,32 +97,28 @@ export const useRiskScoreKpi = ({ filterQuery, defaultIndex: [defaultIndex], entity: riskEntity, + timerange: requestTimerange, }); } }, [ - isEnabled, - isDeprecated, - isAuthorized, - isDeprecatedLoading, - skip, defaultIndex, search, filterQuery, + skip, riskEntity, + requestTimerange, + isEnabled, + isDeprecated, + isAuthorized, + isDeprecatedLoading, ]); const refetchAll = useCallback(() => { if (defaultIndex) { - refetchDeprecated(defaultIndex); + refetchFeatureStatus(defaultIndex); refetch(); } - }, [defaultIndex, refetch, refetchDeprecated]); - - // since query does not take timerange arg, we need to manually refetch when time range updates - useEffect(() => { - refetchAll(); - // eslint-disable-next-line react-hooks/exhaustive-deps - }, [timerange?.to, timerange?.from]); + }, [defaultIndex, refetch, refetchFeatureStatus]); useEffect(() => { if (error) { @@ -141,5 +142,5 @@ export const useRiskScoreKpi = ({ }; }, [result, loading, error]); - return { error, severityCount, loading, isModuleDisabled, refetch, inspect }; + return { error, severityCount, loading, isModuleDisabled, refetch: refetchAll, inspect }; }; diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/columns.test.tsx b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/columns.test.tsx index f1bf397637617..98cfa4895fbd4 100644 --- a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/columns.test.tsx +++ b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/columns.test.tsx @@ -17,7 +17,7 @@ describe('getHostRiskScoreColumns', () => { }); const riskScore = 10.11111111; - const riskScoreColumn = columns[1]; + const riskScoreColumn = columns[2]; const renderedColumn = riskScoreColumn.render!(riskScore, null); const { queryByTestId } = render({renderedColumn}); diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/columns.tsx b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/columns.tsx index de66a5bca1110..af6c0d502351e 100644 --- a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/columns.tsx +++ b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/columns.tsx @@ -17,11 +17,12 @@ import { HostDetailsLink } from '../../../../common/components/links'; import type { HostRiskScoreColumns } from '.'; import * as i18n from './translations'; import { HostsTableType } from '../../store/model'; -import type { RiskSeverity } from '../../../../../common/search_strategy'; +import type { Maybe, RiskSeverity } from '../../../../../common/search_strategy'; import { RiskScoreFields, RiskScoreEntity } from '../../../../../common/search_strategy'; import { RiskScoreLevel } from '../../../components/risk_score/severity/common'; import { ENTITY_RISK_LEVEL } from '../../../components/risk_score/translations'; import { CELL_ACTIONS_TELEMETRY } from '../../../components/risk_score/constants'; +import { FormattedRelativePreferenceDate } from '../../../../common/components/formatted_date'; export const getHostRiskScoreColumns = ({ dispatchSeverityUpdate, @@ -34,6 +35,7 @@ export const getHostRiskScoreColumns = ({ truncateText: false, mobileOptions: { show: true }, sortable: true, + width: '35%', render: (hostName) => { if (hostName != null && hostName.length > 0) { return ( @@ -57,6 +59,19 @@ export const getHostRiskScoreColumns = ({ return getEmptyTagValue(); }, }, + { + field: RiskScoreFields.timestamp, + name: i18n.LAST_UPDATED, + truncateText: false, + mobileOptions: { show: true }, + sortable: true, + render: (lastSeen: Maybe) => { + if (lastSeen != null) { + return ; + } + return getEmptyTagValue(); + }, + }, { field: RiskScoreFields.hostRiskScore, name: i18n.HOST_RISK_SCORE, diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/index.tsx b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/index.tsx index 497c21e8f9dec..9c486c96fdece 100644 --- a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/index.tsx +++ b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/index.tsx @@ -60,6 +60,7 @@ interface HostRiskScoreTableProps { export type HostRiskScoreColumns = [ Columns, + Columns, Columns, Columns ]; @@ -191,7 +192,6 @@ const HostRiskScoreTableComponent: React.FC = ({ headerSupplement={risk} headerTitle={i18nHosts.HOST_RISK_TITLE} headerUnit={i18n.UNIT(totalCount)} - headerTooltip={i18nHosts.HOST_RISK_TABLE_TOOLTIP} id={id} isInspect={isInspect} itemsPerRow={rowItems} diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/translations.ts b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/translations.ts index 08c685720a2e4..8ccb7addbcc30 100644 --- a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/translations.ts +++ b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/translations.ts @@ -28,16 +28,15 @@ export const HOST_RISK_TITLE = i18n.translate( } ); -export const HOST_RISK_TABLE_TOOLTIP = i18n.translate( - 'xpack.securitySolution.hostsRiskTable.hostsTableTooltip', - { - defaultMessage: - 'The host risk table is not affected by the KQL time range. This table shows the latest recorded risk score for each host.', - } -); - export const VIEW_HOSTS_BY_SEVERITY = (severity: string) => i18n.translate('xpack.securitySolution.hostsRiskTable.filteredHostsTitle', { values: { severity }, defaultMessage: 'View {severity} risk hosts', }); + +export const LAST_UPDATED = i18n.translate( + 'xpack.securitySolution.hostsRiskTable.lastUpdatedTitle', + { + defaultMessage: 'Last updated', + } +); diff --git a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/columns.test.tsx b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/columns.test.tsx index d28513800f221..3f9fe12981509 100644 --- a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/columns.test.tsx +++ b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/columns.test.tsx @@ -20,8 +20,9 @@ describe('getUserRiskScoreColumns', () => { const columns = getUserRiskScoreColumns(defaultProps); expect(columns[0].field).toBe('user.name'); - expect(columns[1].field).toBe(RiskScoreFields.userRiskScore); - expect(columns[2].field).toBe(RiskScoreFields.userRisk); + expect(columns[1].field).toBe(RiskScoreFields.timestamp); + expect(columns[2].field).toBe(RiskScoreFields.userRiskScore); + expect(columns[3].field).toBe(RiskScoreFields.userRisk); columns.forEach((column) => { expect(column).toHaveProperty('name'); @@ -45,7 +46,7 @@ describe('getUserRiskScoreColumns', () => { const columns: UserRiskScoreColumns = getUserRiskScoreColumns(defaultProps); const riskScore = 10.11111111; - const riskScoreColumn = columns[1]; + const riskScoreColumn = columns[2]; const renderedColumn = riskScoreColumn.render!(riskScore, null); const { queryByTestId } = render({renderedColumn}); diff --git a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/columns.tsx b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/columns.tsx index 6de43c4dbe2fc..a23d62d0e83d5 100644 --- a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/columns.tsx +++ b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/columns.tsx @@ -17,12 +17,13 @@ import { getEmptyTagValue } from '../../../../common/components/empty_value'; import type { UserRiskScoreColumns } from '.'; import * as i18n from './translations'; import { RiskScoreLevel } from '../../../components/risk_score/severity/common'; -import type { RiskSeverity } from '../../../../../common/search_strategy'; +import type { Maybe, RiskSeverity } from '../../../../../common/search_strategy'; import { RiskScoreEntity, RiskScoreFields } from '../../../../../common/search_strategy'; import { UserDetailsLink } from '../../../../common/components/links'; import { UsersTableType } from '../../store/model'; import { ENTITY_RISK_LEVEL } from '../../../components/risk_score/translations'; import { CELL_ACTIONS_TELEMETRY } from '../../../components/risk_score/constants'; +import { FormattedRelativePreferenceDate } from '../../../../common/components/formatted_date'; export const getUserRiskScoreColumns = ({ dispatchSeverityUpdate, @@ -35,6 +36,7 @@ export const getUserRiskScoreColumns = ({ truncateText: false, mobileOptions: { show: true }, sortable: true, + width: '35%', render: (userName) => { if (userName != null && userName.length > 0) { const id = escapeDataProviderId(`user-risk-score-table-userName-${userName}`); @@ -60,6 +62,19 @@ export const getUserRiskScoreColumns = ({ return getEmptyTagValue(); }, }, + { + field: RiskScoreFields.timestamp, + name: i18n.LAST_UPDATED, + truncateText: false, + mobileOptions: { show: true }, + sortable: true, + render: (lastSeen: Maybe) => { + if (lastSeen != null) { + return ; + } + return getEmptyTagValue(); + }, + }, { field: RiskScoreFields.userRiskScore, name: i18n.USER_RISK_SCORE, diff --git a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/index.tsx b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/index.tsx index 5dc1c3c6bd08e..01a2df82b40c9 100644 --- a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/index.tsx +++ b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/index.tsx @@ -60,6 +60,7 @@ interface UserRiskScoreTableProps { export type UserRiskScoreColumns = [ Columns, + Columns, Columns, Columns ]; @@ -191,7 +192,6 @@ const UserRiskScoreTableComponent: React.FC = ({ } headerSupplement={risk} headerTitle={i18nUsers.NAVIGATION_RISK_TITLE} - headerTooltip={i18n.USER_RISK_TABLE_TOOLTIP} headerUnit={i18n.UNIT(totalCount)} id={id} isInspect={isInspect} diff --git a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/translations.ts b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/translations.ts index d0cf95dea6c23..b9913bd7275cd 100644 --- a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/translations.ts +++ b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/translations.ts @@ -39,10 +39,6 @@ export const ROWS_10 = i18n.translate('xpack.securitySolution.usersTable.rows', defaultMessage: '{numRows} {numRows, plural, =0 {rows} =1 {row} other {rows}}', }); -export const USER_RISK_TABLE_TOOLTIP = i18n.translate( - 'xpack.securitySolution.hostsRiskTable.usersTableTooltip', - { - defaultMessage: - 'The user risk table is not affected by the KQL time range. This table shows the latest recorded risk score for each user.', - } -); +export const LAST_UPDATED = i18n.translate('xpack.securitySolution.usersTable.lastUpdatedTitle', { + defaultMessage: 'Last updated', +}); diff --git a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/common/translations.ts b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/common/translations.ts index a1d35310b6bfe..cc538bedae1ea 100644 --- a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/common/translations.ts +++ b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/common/translations.ts @@ -24,19 +24,3 @@ export const USER_RISK_TITLE = i18n.translate( defaultMessage: 'User Risk Scores', } ); - -export const HOST_RISK_TABLE_TOOLTIP = i18n.translate( - 'xpack.securitySolution.entityAnalytics.hostsRiskDashboard.hostsTableTooltip', - { - defaultMessage: - 'The host risk table is not affected by the time range. This table shows the latest recorded risk score for each host.', - } -); - -export const USER_RISK_TABLE_TOOLTIP = i18n.translate( - 'xpack.securitySolution.entityAnalytics.usersRiskDashboard.usersTableTooltip', - { - defaultMessage: - 'The user risk table is not affected by the time range. This table shows the latest recorded risk score for each user.', - } -); diff --git a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/columns.tsx b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/columns.tsx index cdebe0042d777..120a4cf3d4c7f 100644 --- a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/columns.tsx +++ b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/columns.tsx @@ -17,6 +17,7 @@ import { RiskScoreLevel } from '../../../../explore/components/risk_score/severi import { CELL_ACTIONS_TELEMETRY } from '../../../../explore/components/risk_score/constants'; import type { HostRiskScore, + Maybe, RiskSeverity, UserRiskScore, } from '../../../../../common/search_strategy'; @@ -29,6 +30,7 @@ import { SecurityCellActionsTrigger, SecurityCellActionType, } from '../../../../common/components/cell_actions'; +import { FormattedRelativePreferenceDate } from '../../../../common/components/formatted_date'; type HostRiskScoreColumns = Array>; @@ -91,6 +93,21 @@ export const getRiskScoreColumns = ( return getEmptyTagValue(); }, }, + + { + field: RiskScoreFields.timestamp, + name: i18n.LAST_UPDATED, + truncateText: false, + mobileOptions: { show: true }, + sortable: true, + width: '20%', + render: (lastSeen: Maybe) => { + if (lastSeen != null) { + return ; + } + return getEmptyTagValue(); + }, + }, { field: riskEntity === RiskScoreEntity.host @@ -114,7 +131,7 @@ export const getRiskScoreColumns = ( { field: riskEntity === RiskScoreEntity.host ? RiskScoreFields.hostRisk : RiskScoreFields.userRisk, - width: '30%', + width: '25%', name: i18n.ENTITY_RISK_LEVEL(riskEntity), truncateText: false, mobileOptions: { show: true }, diff --git a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/index.tsx b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/index.tsx index 982d68952a5c0..97cf4363f690d 100644 --- a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/index.tsx +++ b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/index.tsx @@ -26,7 +26,6 @@ import { RiskScoresNoDataDetected } from '../../../../explore/components/risk_sc import { useRefetchQueries } from '../../../../common/hooks/use_refetch_queries'; import { Loader } from '../../../../common/components/loader'; import { Panel } from '../../../../common/components/panel'; -import * as i18n from './translations'; import { useEntityInfo } from './use_entity'; import { RiskScoreHeaderContent } from './header_content'; import { ChartContent } from './chart_content'; @@ -175,11 +174,6 @@ const EntityAnalyticsRiskScoresComponent = ({ riskEntity }: { riskEntity: RiskSc id={entity.tableQueryId} toggleStatus={toggleStatus} toggleQuery={setToggleStatus} - tooltip={ - riskEntity === RiskScoreEntity.host - ? i18n.HOST_RISK_TABLE_TOOLTIP - : i18n.USER_RISK_TABLE_TOOLTIP - } > }, }); -export const HOST_RISK_TABLE_TOOLTIP = i18n.translate( - 'xpack.securitySolution.entityAnalytics.riskDashboard.hostsTableTooltip', +export const LAST_UPDATED = i18n.translate( + 'xpack.securitySolution.entityAnalytics.riskDashboard.lastUpdatedTitle', { - defaultMessage: - 'The Host Risk Score panel displays the list of risky hosts and their latest risk score. You may filter this list using global filters in the KQL search bar. The time-range picker filter will display Alerts within the selected time range only and does not filter the list of risky hosts.', - } -); - -export const USER_RISK_TABLE_TOOLTIP = i18n.translate( - 'xpack.securitySolution.entityAnalytics.riskDashboard.usersTableTooltip', - { - defaultMessage: - 'The User Risk Score panel displays the list of risky users and their latest risk score. You may filter this list using global filters in the KQL search bar. The time-range picker filter will display Alerts within the selected time range only and does not filter the list of risky users.', + defaultMessage: 'Last updated', } ); diff --git a/x-pack/plugins/security_solution/public/overview/components/host_overview/index.tsx b/x-pack/plugins/security_solution/public/overview/components/host_overview/index.tsx index 2a32874a044bc..686828412977a 100644 --- a/x-pack/plugins/security_solution/public/overview/components/host_overview/index.tsx +++ b/x-pack/plugins/security_solution/public/overview/components/host_overview/index.tsx @@ -10,7 +10,6 @@ import { euiDarkVars as darkTheme, euiLightVars as lightTheme } from '@kbn/ui-th import { getOr } from 'lodash/fp'; import React, { useCallback, useMemo } from 'react'; import styled from 'styled-components'; -import { useGlobalTime } from '../../../common/containers/use_global_time'; import type { HostItem } from '../../../../common/search_strategy'; import { buildHostNamesFilter, RiskScoreEntity } from '../../../../common/search_strategy'; import { DEFAULT_DARK_MODE } from '../../../../common/constants'; @@ -90,20 +89,11 @@ export const HostOverview = React.memo( () => (hostName ? buildHostNamesFilter([hostName]) : undefined), [hostName] ); - const { from, to } = useGlobalTime(); - const timerange = useMemo( - () => ({ - from, - to, - }), - [from, to] - ); const { data: hostRisk, isAuthorized } = useRiskScore({ filterQuery, riskEntity: RiskScoreEntity.host, skip: hostName == null, - timerange, }); const getDefaultRenderer = useCallback( diff --git a/x-pack/plugins/security_solution/public/overview/components/user_overview/index.tsx b/x-pack/plugins/security_solution/public/overview/components/user_overview/index.tsx index 812c3f9340b0a..446fe215a695a 100644 --- a/x-pack/plugins/security_solution/public/overview/components/user_overview/index.tsx +++ b/x-pack/plugins/security_solution/public/overview/components/user_overview/index.tsx @@ -10,7 +10,6 @@ import { euiDarkVars as darkTheme, euiLightVars as lightTheme } from '@kbn/ui-th import { getOr } from 'lodash/fp'; import React, { useCallback, useMemo } from 'react'; import styled from 'styled-components'; -import { useGlobalTime } from '../../../common/containers/use_global_time'; import { buildUserNamesFilter, RiskScoreEntity } from '../../../../common/search_strategy'; import { DEFAULT_DARK_MODE } from '../../../../common/constants'; import type { DescriptionList } from '../../../../common/utility_types'; @@ -89,20 +88,9 @@ export const UserOverview = React.memo( [userName] ); - const { from, to } = useGlobalTime(); - - const timerange = useMemo( - () => ({ - from, - to, - }), - [from, to] - ); - const { data: userRisk, isAuthorized } = useRiskScore({ filterQuery, skip: userName == null, - timerange, riskEntity: RiskScoreEntity.user, }); diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/risk_score/kpi/query.kpi_risk_score.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/risk_score/kpi/query.kpi_risk_score.dsl.ts index 4a98089eb239c..4dfb6896ffbc9 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/risk_score/kpi/query.kpi_risk_score.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/risk_score/kpi/query.kpi_risk_score.dsl.ts @@ -13,9 +13,22 @@ export const buildKpiRiskScoreQuery = ({ defaultIndex, filterQuery, entity, + timerange, }: RiskScoreKpiRequestOptions) => { const filter = [...createQueryFilterClauses(filterQuery)]; + if (timerange) { + filter.push({ + range: { + '@timestamp': { + gte: timerange.from, + lte: timerange.to, + format: 'strict_date_optional_time', + }, + }, + }); + } + const dslQuery = { index: defaultIndex, allow_no_indices: false, diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json index 6ed84d45aff89..44c924ae33673 100644 --- a/x-pack/plugins/translations/translations/fr-FR.json +++ b/x-pack/plugins/translations/translations/fr-FR.json @@ -32371,15 +32371,11 @@ "xpack.securitySolution.entityAnalytics.header.anomalies": "Anomalies", "xpack.securitySolution.entityAnalytics.header.criticalHosts": "Hôtes critiques", "xpack.securitySolution.entityAnalytics.header.criticalUsers": "Utilisateurs critiques", - "xpack.securitySolution.entityAnalytics.hostsRiskDashboard.hostsTableTooltip": "Le tableau des risques de l'hôte n'est pas affecté par la plage temporelle. Ce tableau montre le dernier score de risque enregistré pour chaque hôte.", "xpack.securitySolution.entityAnalytics.hostsRiskDashboard.title": "Scores de risque de l'hôte", - "xpack.securitySolution.entityAnalytics.riskDashboard.hostsTableTooltip": "Le panneau de Score de risque de l'hôte affiche la liste des hôtes à risque ainsi que leur dernier score de risque. Vous pouvez filtrer cette liste à l’aide de filtres globaux dans la barre de recherche KQL. Le filtre de sélecteur de plage temporelle affiche les alertes dans l’intervalle de temps sélectionné uniquement et ne filtre pas la liste des hôtes à risque.", - "xpack.securitySolution.entityAnalytics.riskDashboard.usersTableTooltip": "Le panneau de score de risque de l'utilisateur affiche la liste des utilisateurs à risque et leur dernier score de risque. Vous pouvez filtrer cette liste à l’aide de filtres globaux dans la barre de recherche KQL. Le filtre de sélecteur de plage temporelle affiche uniquement les alertes dans l’intervalle de temps sélectionné et ne filtre pas la liste des utilisateurs à risque.", "xpack.securitySolution.entityAnalytics.riskDashboard.viewAllLabel": "Afficher tout", "xpack.securitySolution.entityAnalytics.technicalPreviewLabel": "Version d'évaluation technique", "xpack.securitySolution.entityAnalytics.totalLabel": "Total", "xpack.securitySolution.entityAnalytics.usersRiskDashboard.title": "Scores de risque de l'utilisateur", - "xpack.securitySolution.entityAnalytics.usersRiskDashboard.usersTableTooltip": "Le tableau des risques de l'utilisateur n'est pas affecté par la plage temporelle. Ce tableau montre le dernier score de risque enregistré pour chaque utilisateur.", "xpack.securitySolution.event.module.linkToElasticEndpointSecurityDescription": "Ouvrir dans Endpoint Security", "xpack.securitySolution.event.summary.threat_indicator.modal.allMatches": "Toutes les correspondances d'indicateur", "xpack.securitySolution.event.summary.threat_indicator.modal.close": "Fermer", @@ -32787,10 +32783,8 @@ "xpack.securitySolution.hostsRiskTable.hostNameTitle": "Nom d'hôte", "xpack.securitySolution.hostsRiskTable.hostRiskScoreTitle": "Score de risque de l'hôte", "xpack.securitySolution.hostsRiskTable.hostRiskTitle": "Risque de l'hôte", - "xpack.securitySolution.hostsRiskTable.hostsTableTooltip": "Le tableau des risques de l'hôte n'est pas affecté par la plage temporelle KQL. Ce tableau montre le dernier score de risque enregistré pour chaque hôte.", "xpack.securitySolution.hostsRiskTable.riskTitle": "Classification de risque de l'hôte", "xpack.securitySolution.hostsRiskTable.tableTitle": "Risque de l'hôte", - "xpack.securitySolution.hostsRiskTable.usersTableTooltip": "Le tableau des risques de l'utilisateur n'est pas affecté par la plage temporelle KQL. Ce tableau montre le dernier score de risque enregistré pour chaque utilisateur.", "xpack.securitySolution.hostsTable.firstLastSeenToolTip": "Par rapport à la plage de dates sélectionnée", "xpack.securitySolution.hostsTable.hostsTitle": "Tous les hôtes", "xpack.securitySolution.hostsTable.lastSeenTitle": "Vu en dernier", diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 15d66275a00ba..6c2a4d6e6d279 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -32370,15 +32370,11 @@ "xpack.securitySolution.entityAnalytics.header.anomalies": "異常", "xpack.securitySolution.entityAnalytics.header.criticalHosts": "重要なホスト", "xpack.securitySolution.entityAnalytics.header.criticalUsers": "重要なユーザー", - "xpack.securitySolution.entityAnalytics.hostsRiskDashboard.hostsTableTooltip": "ホストリスク表は時間範囲の影響を受けません。この表は、各ホストの最後に記録されたリスクスコアを示します。", "xpack.securitySolution.entityAnalytics.hostsRiskDashboard.title": "ホストリスクスコア", - "xpack.securitySolution.entityAnalytics.riskDashboard.hostsTableTooltip": "ホストリスクスコアパネルには、リスクのあるホストの一覧と最新のリスクスコアが表示されます。KQL検索バーのグローバルフィルターを使って、この一覧をフィルタリングできます。時間範囲ピッカーフィルターは、選択した時間範囲内のアラートのみを表示し、リスクのあるホストの一覧をフィルタリングしません。", - "xpack.securitySolution.entityAnalytics.riskDashboard.usersTableTooltip": "ユーザーリスクスコアパネルには、リスクのあるユーザーの一覧と最新のリスクスコアが表示されます。KQL検索バーのグローバルフィルターを使って、この一覧をフィルタリングできます。時間範囲ピッカーフィルターは、選択した時間範囲内のアラートのみを表示し、リスクのあるユーザーの一覧をフィルタリングしません。", "xpack.securitySolution.entityAnalytics.riskDashboard.viewAllLabel": "すべて表示", "xpack.securitySolution.entityAnalytics.technicalPreviewLabel": "テクニカルプレビュー", "xpack.securitySolution.entityAnalytics.totalLabel": "合計", "xpack.securitySolution.entityAnalytics.usersRiskDashboard.title": "ユーザーリスクスコア", - "xpack.securitySolution.entityAnalytics.usersRiskDashboard.usersTableTooltip": "ユーザーリスク表は時間範囲の影響を受けません。この表は、各ユーザーの最後に記録されたリスクスコアを示します。", "xpack.securitySolution.event.module.linkToElasticEndpointSecurityDescription": "Endpoint Securityで開く", "xpack.securitySolution.event.summary.threat_indicator.modal.allMatches": "すべてのインジケーター一致", "xpack.securitySolution.event.summary.threat_indicator.modal.close": "閉じる", @@ -32786,10 +32782,8 @@ "xpack.securitySolution.hostsRiskTable.hostNameTitle": "ホスト名", "xpack.securitySolution.hostsRiskTable.hostRiskScoreTitle": "ホストリスクスコア", "xpack.securitySolution.hostsRiskTable.hostRiskTitle": "ホストリスク", - "xpack.securitySolution.hostsRiskTable.hostsTableTooltip": "ホストリスク表はKQL時間範囲の影響を受けません。この表は、各ホストの最後に記録されたリスクスコアを示します。", "xpack.securitySolution.hostsRiskTable.riskTitle": "ホストリスク分類", "xpack.securitySolution.hostsRiskTable.tableTitle": "ホストリスク", - "xpack.securitySolution.hostsRiskTable.usersTableTooltip": "ユーザーリスク表はKQL時間範囲の影響を受けません。この表は、各ユーザーの最後に記録されたリスクスコアを示します。", "xpack.securitySolution.hostsTable.firstLastSeenToolTip": "選択された日付範囲との相関付けです", "xpack.securitySolution.hostsTable.hostsTitle": "すべてのホスト", "xpack.securitySolution.hostsTable.lastSeenTitle": "前回の認識", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index b3ee160e83978..9eb8008a7f19d 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -32366,15 +32366,11 @@ "xpack.securitySolution.entityAnalytics.header.anomalies": "异常", "xpack.securitySolution.entityAnalytics.header.criticalHosts": "关键主机", "xpack.securitySolution.entityAnalytics.header.criticalUsers": "关键用户", - "xpack.securitySolution.entityAnalytics.hostsRiskDashboard.hostsTableTooltip": "主机风险表不受时间范围影响。本表显示每台主机最新记录的风险分数。", "xpack.securitySolution.entityAnalytics.hostsRiskDashboard.title": "主机风险分数", - "xpack.securitySolution.entityAnalytics.riskDashboard.hostsTableTooltip": "“主机风险分数”面板显示有风险主机及其最新风险分数的列表。可以在 KQL 搜索栏中使用全局筛选来筛选此列表。时间范围选取器筛选将仅显示选定时间范围内的告警,并且不筛选有风险主机列表。", - "xpack.securitySolution.entityAnalytics.riskDashboard.usersTableTooltip": "“用户风险分数”面板显示有风险用户及其最新风险分数的列表。可以在 KQL 搜索栏中使用全局筛选来筛选此列表。时间范围选取器筛选将仅显示选定时间范围内的告警,并且不筛选有风险用户列表。", "xpack.securitySolution.entityAnalytics.riskDashboard.viewAllLabel": "查看全部", "xpack.securitySolution.entityAnalytics.technicalPreviewLabel": "技术预览", "xpack.securitySolution.entityAnalytics.totalLabel": "合计", "xpack.securitySolution.entityAnalytics.usersRiskDashboard.title": "用户风险分数", - "xpack.securitySolution.entityAnalytics.usersRiskDashboard.usersTableTooltip": "用户风险表不受时间范围影响。本表显示每个用户最新记录的风险分数。", "xpack.securitySolution.event.module.linkToElasticEndpointSecurityDescription": "在 Endpoint Security 中打开", "xpack.securitySolution.event.summary.threat_indicator.modal.allMatches": "所有指标匹配", "xpack.securitySolution.event.summary.threat_indicator.modal.close": "关闭", @@ -32782,10 +32778,8 @@ "xpack.securitySolution.hostsRiskTable.hostNameTitle": "主机名", "xpack.securitySolution.hostsRiskTable.hostRiskScoreTitle": "主机风险分数", "xpack.securitySolution.hostsRiskTable.hostRiskTitle": "主机风险", - "xpack.securitySolution.hostsRiskTable.hostsTableTooltip": "主机风险表不受 KQL 时间范围影响。本表显示每台主机最新记录的风险分数。", "xpack.securitySolution.hostsRiskTable.riskTitle": "主机风险分类", "xpack.securitySolution.hostsRiskTable.tableTitle": "主机风险", - "xpack.securitySolution.hostsRiskTable.usersTableTooltip": "用户风险表不受 KQL 时间范围影响。本表显示每个用户最新记录的风险分数。", "xpack.securitySolution.hostsTable.firstLastSeenToolTip": "相对于选定日期范围", "xpack.securitySolution.hostsTable.hostsTitle": "所有主机", "xpack.securitySolution.hostsTable.lastSeenTitle": "最后看到时间", diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/entity_analytics.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/entity_analytics.cy.ts index 3cc088f53d301..e5ef69188a8ba 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/entity_analytics.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/entity_analytics.cy.ts @@ -5,6 +5,7 @@ * 2.0. */ +import moment from 'moment'; import { login } from '../../../tasks/login'; import { visitWithTimeRange } from '../../../tasks/navigation'; @@ -47,7 +48,7 @@ import { clickOnFirstHostsAlerts, clickOnFirstUsersAlerts } from '../../../tasks import { OPTION_LIST_LABELS, OPTION_LIST_VALUES } from '../../../screens/common/filter_group'; import { setRowsPerPageTo } from '../../../tasks/table_pagination'; import { kqlSearch } from '../../../tasks/security_header'; -import { setEndDate, updateDates } from '../../../tasks/date_picker'; +import { setEndDate, setStartDate, updateDates } from '../../../tasks/date_picker'; import { enableJob, navigateToNextPage, @@ -60,7 +61,9 @@ const TEST_USER_ALERTS = 2; const TEST_USER_NAME = 'test'; const SIEM_KIBANA_HOST_ALERTS = 2; const SIEM_KIBANA_HOST_NAME = 'siem-kibana'; -const END_DATE = 'Jan 19, 2019 @ 20:33:29.186'; +const DATE_FORMAT = 'MMM D, YYYY @ HH:mm:ss.SSS'; +const DATE_BEFORE_ALERT_CREATION = moment().format(DATE_FORMAT); +const OLDEST_DATE = moment('2019-01-19T16:22:56.217Z').format(DATE_FORMAT); describe('Entity Analytics Dashboard', { tags: ['@ess', '@serverless'] }, () => { before(() => { @@ -200,7 +203,8 @@ describe('Entity Analytics Dashboard', { tags: ['@ess', '@serverless'] }, () => }); it('filters the alerts count with time range', () => { - setEndDate(END_DATE); + setEndDate(DATE_BEFORE_ALERT_CREATION); + updateDates(); cy.get(HOSTS_TABLE_ALERT_CELL).first().should('include.text', 0); @@ -282,7 +286,7 @@ describe('Entity Analytics Dashboard', { tags: ['@ess', '@serverless'] }, () => }); it('filters the alerts count with time range', () => { - setEndDate(END_DATE); + setEndDate(DATE_BEFORE_ALERT_CREATION); updateDates(); cy.get(USERS_TABLE_ALERT_CELL).first().should('include.text', 0); @@ -409,12 +413,24 @@ describe('Entity Analytics Dashboard', { tags: ['@ess', '@serverless'] }, () => }); it('filters the alerts count with time range', () => { - setEndDate(END_DATE); + setEndDate(DATE_BEFORE_ALERT_CREATION); updateDates(); cy.get(HOSTS_TABLE_ALERT_CELL).first().should('include.text', 0); }); + it('filters risk scores with time range', () => { + const now = moment().format(DATE_FORMAT); + setStartDate(now); + updateDates(); + + cy.get(HOST_RISK_SCORE_NO_DATA_DETECTED).should('be.visible'); + + // CLEAR DATES + setStartDate(OLDEST_DATE); + updateDates(); + }); + it('opens alerts page when alerts count is clicked', () => { clickOnFirstHostsAlerts(); cy.url().should('include', ALERTS_URL); @@ -496,12 +512,24 @@ describe('Entity Analytics Dashboard', { tags: ['@ess', '@serverless'] }, () => }); it('filters the alerts count with time range', () => { - setEndDate(END_DATE); + setEndDate(DATE_BEFORE_ALERT_CREATION); updateDates(); cy.get(USERS_TABLE_ALERT_CELL).first().should('include.text', 0); }); + it('filters risk scores with time range', () => { + const now = moment().format(DATE_FORMAT); + setStartDate(now); + updateDates(); + + cy.get(USER_RISK_SCORE_NO_DATA_DETECTED).should('be.visible'); + + // CLEAR DATES + setStartDate(OLDEST_DATE); + updateDates(); + }); + it('opens alerts page when alerts count is clicked', () => { clickOnFirstUsersAlerts(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/host_risk_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/host_risk_tab.cy.ts index 6a11e27bcc81a..9fcc16406793f 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/host_risk_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/host_risk_tab.cy.ts @@ -49,9 +49,10 @@ describe('risk tab', { tags: ['@ess', '@serverless'] }, () => { it('renders the table', () => { kqlSearch('host.name: "siem-kibana" {enter}'); - cy.get(HOST_BY_RISK_TABLE_CELL).eq(3).should('have.text', 'siem-kibana'); - cy.get(HOST_BY_RISK_TABLE_CELL).eq(4).should('have.text', '21'); - cy.get(HOST_BY_RISK_TABLE_CELL).eq(5).should('have.text', 'Low'); + cy.get(HOST_BY_RISK_TABLE_CELL).eq(4).should('have.text', 'siem-kibana'); + cy.get(HOST_BY_RISK_TABLE_CELL).eq(5).should('have.text', 'Mar 10, 2021 @ 14:51:05.766'); + cy.get(HOST_BY_RISK_TABLE_CELL).eq(6).should('have.text', '21'); + cy.get(HOST_BY_RISK_TABLE_CELL).eq(7).should('have.text', 'Low'); }); it.skip('filters the table', () => { @@ -99,9 +100,10 @@ describe('risk tab', { tags: ['@ess', '@serverless'] }, () => { it('renders the table', () => { kqlSearch('host.name: "siem-kibana" {enter}'); - cy.get(HOST_BY_RISK_TABLE_CELL).eq(3).should('have.text', 'siem-kibana'); - cy.get(HOST_BY_RISK_TABLE_CELL).eq(4).should('have.text', '90'); - cy.get(HOST_BY_RISK_TABLE_CELL).eq(5).should('have.text', 'Critical'); + cy.get(HOST_BY_RISK_TABLE_CELL).eq(4).should('have.text', 'siem-kibana'); + cy.get(HOST_BY_RISK_TABLE_CELL).eq(5).should('have.text', 'Mar 10, 2021 @ 14:51:05.766'); + cy.get(HOST_BY_RISK_TABLE_CELL).eq(6).should('have.text', '90'); + cy.get(HOST_BY_RISK_TABLE_CELL).eq(7).should('have.text', 'Critical'); }); it.skip('filters the table', () => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/inspect/inspect_button.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/inspect/inspect_button.cy.ts index 78ead35a49327..30a3704879f36 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/inspect/inspect_button.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/inspect/inspect_button.cy.ts @@ -17,7 +17,7 @@ import { openTableInspectModal, } from '../../tasks/inspect'; import { login } from '../../tasks/login'; -import { visit } from '../../tasks/navigation'; +import { visitWithTimeRange } from '../../tasks/navigation'; import { postDataView, waitForWelcomePanelToBeLoaded } from '../../tasks/common'; import { selectDataView } from '../../tasks/sourcerer'; @@ -46,7 +46,7 @@ describe('Inspect Explore pages', { tags: ['@ess', '@serverless', '@brokenInServ it(`inspect ${pageName} page`, () => { login(); - visit(url, { + visitWithTimeRange(url, { visitOptions: { onLoad: () => { waitForWelcomePanelToBeLoaded(); diff --git a/x-pack/test/security_solution_cypress/cypress/screens/inspect.ts b/x-pack/test/security_solution_cypress/cypress/screens/inspect.ts index 0759fb1e4924c..ba511883c05b6 100644 --- a/x-pack/test/security_solution_cypress/cypress/screens/inspect.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/inspect.ts @@ -86,7 +86,6 @@ export const INSPECT_BUTTONS_IN_SECURITY: InspectButtonMetadata[] = [ altInspectId: '[data-test-subj="events-viewer-panel"]', id: EVENT_CONTAINER_TABLE_NOT_LOADING, }, - { title: 'Host risk', tab: RISK_DETAILS_NAV, From 62049dc6c545dc4bc5f9c5af8be4b74c765986dd Mon Sep 17 00:00:00 2001 From: Carlos Crespo Date: Thu, 19 Oct 2023 12:32:05 +0200 Subject: [PATCH 29/50] [Infra UI] Asset details auto refresh support (#168232) closes https://github.com/elastic/kibana/issues/167397 ## Summary This PR adds the auto-refresh feature in the Asset Details component. **NOTE:** This feature will only be available when the flyout is opened in the Inventory UI. In order to achieve a smooth experience when activating the auto-refresh, a few key things had to be changed: 1. Metadata section loading in the Overview tab https://github.com/elastic/kibana/assets/2767137/1b9bd8cc-0d3f-4451-8c0f-12855543f614 2. Processes tab loading https://github.com/elastic/kibana/assets/2767137/8ac7e074-114a-4770-8ce8-ce9c31ee2e03 3. LogStream streaming support https://github.com/elastic/kibana/assets/2767137/9c3f8d2c-7465-4d6a-a6e8-161c35ebc237 With the above implemented, this is what the auto-refresh in the asset details flyout looks like https://github.com/elastic/kibana/assets/2767137/0f509315-a75b-4b9c-acf5-ec5747f18270 ### Additional changes I've also fixed small responsiveness problems in the UI: Now | Then :-------------------------:|:-------------------------: ![](https://github.com/elastic/kibana/assets/2767137/1bcc1c3f-0e97-4b2b-b659-2f6b3c897fe2) | ![](https://github.com/elastic/kibana/assets/2767137/30287401-1a23-443d-a18b-d9984596bba6) I've changed some components to stop passing complex objects to their props. ### How to test **Inventory** - Setup a local Kibana instance - Navigate to `Infrastructure` - Enable `Auto Refresh` - Click on a waffle node for hosts to open the flyout - Check if the auto-refresh works - Disable the auto-refresh and check if the tabs stop reloading - Navigate from the flyout to the node details page - Auto Refresh must not be available nor activated **Hosts View** - Navigate to `Infrastructure` > `Hosts` - Click on a host to open the flyout - Check if the flyout opens without the possibility of enabling the auto-refresh **Logs tab** - Test the logs tab both with and without auto-refresh enabled --------- Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../context/fixtures/asset_details_props.ts | 6 +- .../asset_details/__stories__/decorator.tsx | 11 +-- .../asset_details/asset_details.tsx | 11 +-- .../asset_details_embeddable.tsx | 5 +- .../components/metadata_explanation.tsx | 4 +- .../components/section_titles.tsx | 2 +- .../asset_details/context_providers.tsx | 30 ++++--- .../asset_details/date_picker/date_picker.tsx | 88 +++++++++++++++++-- .../hooks/use_asset_details_render_props.ts | 23 +++-- .../hooks/use_asset_details_url_state.ts | 4 + .../asset_details/hooks/use_date_range.ts | 38 +++++--- .../hooks/use_intersecting_state.ts | 39 ++++++++ .../asset_details/hooks/use_metadata.ts | 5 +- .../asset_details/hooks/use_metadata_state.ts | 6 +- .../asset_details/hooks/use_page_header.tsx | 32 +++---- .../asset_details/hooks/use_process_list.ts | 5 +- .../hooks/use_process_list_row_chart.ts | 5 +- .../links/link_to_node_details.tsx | 14 +-- .../tabs/anomalies/anomalies.tsx | 25 ++++-- .../asset_details/tabs/logs/logs.tsx | 40 ++++++--- .../tabs/metadata/metadata.test.tsx | 30 +++---- .../asset_details/tabs/metadata/table.tsx | 2 +- .../asset_details/tabs/osquery/osquery.tsx | 48 ++++++---- .../asset_details/tabs/overview/alerts.tsx | 2 +- .../metadata_summary/metadata_header.tsx | 2 +- .../metadata_summary_list.tsx | 73 +++++++-------- .../asset_details/tabs/overview/overview.tsx | 28 +++--- .../tabs/processes/processes.tsx | 46 ++++++---- .../tabs/processes/processes_table.tsx | 47 +++++----- .../tabs/processes/summary_table.tsx | 38 +++----- .../asset_details/template/flyout.tsx | 9 +- .../asset_details/template/page.tsx | 10 +-- .../public/components/asset_details/types.ts | 14 +-- .../link_to/use_node_details_redirect.ts | 2 +- .../host_details_flyout/flyout_wrapper.tsx | 3 +- .../inventory_view/components/layout.tsx | 5 +- .../anomalies_table/anomalies_table.tsx | 25 ++++-- .../components/nodes_overview.tsx | 10 ++- .../waffle/asset_details_flyout.tsx | 35 ++++++-- .../inventory_view/components/waffle/map.tsx | 2 - .../hooks/use_metrics_hosts_anomalies.ts | 65 ++++++++++---- .../hooks/use_metrics_k8s_anomalies.ts | 22 ++++- .../inventory_view/hooks/use_waffle_time.ts | 2 +- .../metric_detail/asset_detail_page.tsx | 4 +- .../components/log_stream/log_stream.tsx | 70 ++++++++++++--- .../test/functional/apps/infra/home_page.ts | 7 ++ 46 files changed, 656 insertions(+), 338 deletions(-) create mode 100644 x-pack/plugins/infra/public/components/asset_details/hooks/use_intersecting_state.ts diff --git a/x-pack/plugins/infra/public/components/asset_details/__stories__/context/fixtures/asset_details_props.ts b/x-pack/plugins/infra/public/components/asset_details/__stories__/context/fixtures/asset_details_props.ts index b6e35dbf51773..601c064471078 100644 --- a/x-pack/plugins/infra/public/components/asset_details/__stories__/context/fixtures/asset_details_props.ts +++ b/x-pack/plugins/infra/public/components/asset_details/__stories__/context/fixtures/asset_details_props.ts @@ -49,10 +49,8 @@ const tabs: Tab[] = [ ]; export const assetDetailsProps: AssetDetailsProps = { - asset: { - name: 'host1', - id: 'host1', - }, + assetName: 'host1', + assetId: 'host1', overrides: { metadata: { showActionsColumn: true, diff --git a/x-pack/plugins/infra/public/components/asset_details/__stories__/decorator.tsx b/x-pack/plugins/infra/public/components/asset_details/__stories__/decorator.tsx index e553c405bc86f..11401bd256feb 100644 --- a/x-pack/plugins/infra/public/components/asset_details/__stories__/decorator.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/__stories__/decorator.tsx @@ -159,13 +159,10 @@ export const DecorateWithKibanaContext: DecoratorFn = (story) => { export const DecorateWithAssetDetailsStateContext: DecoratorFn = (story) => { return ( {story()} diff --git a/x-pack/plugins/infra/public/components/asset_details/asset_details.tsx b/x-pack/plugins/infra/public/components/asset_details/asset_details.tsx index 8b3a4b2c706d8..3ffb5222e6511 100644 --- a/x-pack/plugins/infra/public/components/asset_details/asset_details.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/asset_details.tsx @@ -14,13 +14,14 @@ import { TabSwitcherProvider } from './hooks/use_tab_switcher'; import { DataViewsProvider } from './hooks/use_data_views'; const ContentTemplate = ({ - header, + tabs, + links, renderMode, }: ContentTemplateProps & { renderMode: RenderMode }) => { return renderMode.mode === 'flyout' ? ( - + ) : ( - + ); }; @@ -32,10 +33,10 @@ export const AssetDetails = ({ ...props }: AssetDetailsProps) => { return ( - + - + diff --git a/x-pack/plugins/infra/public/components/asset_details/asset_details_embeddable.tsx b/x-pack/plugins/infra/public/components/asset_details/asset_details_embeddable.tsx index 45bfb7d46a59f..1ce996901be32 100644 --- a/x-pack/plugins/infra/public/components/asset_details/asset_details_embeddable.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/asset_details_embeddable.tsx @@ -71,9 +71,10 @@ export class AssetDetailsEmbeddable extends Embeddable
{ export const MetadataExplanationMessage = () => { const { metadata, loading } = useMetadataStateProviderContext(); - return loading ? ( + return loading && !metadata ? ( ) : metadata?.info?.timestamp ? ( - + { return ( - + diff --git a/x-pack/plugins/infra/public/components/asset_details/context_providers.tsx b/x-pack/plugins/infra/public/components/asset_details/context_providers.tsx index a275849e18edf..8d6b81f436f89 100644 --- a/x-pack/plugins/infra/public/components/asset_details/context_providers.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/context_providers.tsx @@ -12,22 +12,30 @@ import { MetadataStateProvider } from './hooks/use_metadata_state'; import { AssetDetailsProps } from './types'; export const ContextProviders = ({ - props, children, -}: { props: Omit } & { + ...props +}: Omit & { children: React.ReactNode; }) => { - const { asset, dateRange, overrides, assetType = 'host', renderMode } = props; + const { + assetId, + assetName, + autoRefresh, + dateRange, + overrides, + assetType = 'host', + renderMode, + } = props; + return ( - - + + {children} diff --git a/x-pack/plugins/infra/public/components/asset_details/date_picker/date_picker.tsx b/x-pack/plugins/infra/public/components/asset_details/date_picker/date_picker.tsx index c7a90a3601c6c..f061e296fe25e 100644 --- a/x-pack/plugins/infra/public/components/asset_details/date_picker/date_picker.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/date_picker/date_picker.tsx @@ -5,13 +5,64 @@ * 2.0. */ -import { EuiSuperDatePicker, type OnTimeChangeProps } from '@elastic/eui'; +import { EuiSuperDatePickerProps } from '@elastic/eui'; +import { EuiSuperDatePicker, type OnTimeChangeProps, type OnRefreshProps } from '@elastic/eui'; +import type { + OnRefreshChangeProps, + DurationRange, +} from '@elastic/eui/src/components/date_picker/types'; +import { i18n } from '@kbn/i18n'; import React, { useCallback } from 'react'; import { useDateRangeProviderContext } from '../hooks/use_date_range'; +const COMMONLY_USED_RANGES: DurationRange[] = [ + { + start: 'now-15m', + end: 'now', + label: i18n.translate('xpack.infra.assetDetails.datePicker.commonlyUsedRanges.last15Minutes', { + defaultMessage: 'Last 15 minutes', + }), + }, + { + start: 'now-1h', + end: 'now', + label: i18n.translate('xpack.infra.assetDetails.datePicker.commonlyUsedRanges.last1Hour', { + defaultMessage: 'Last 1 hour', + }), + }, + { + start: 'now-3h', + end: 'now', + label: i18n.translate('xpack.infra.assetDetails.datePicker.commonlyUsedRanges.last3Hours', { + defaultMessage: 'Last 3 hours', + }), + }, + { + start: 'now-24h', + end: 'now', + label: i18n.translate('xpack.infra.assetDetails.datePicker.commonlyUsedRanges.last24Hours', { + defaultMessage: 'Last 24 hours', + }), + }, + { + start: 'now-7d', + end: 'now', + label: i18n.translate('xpack.infra.assetDetails.datePicker.commonlyUsedRanges.last7Days', { + defaultMessage: 'Last 7 days', + }), + }, +]; + export const DatePicker = () => { - const { dateRange, setDateRange } = useDateRangeProviderContext(); - const onTimeChange = useCallback( + const { dateRange, autoRefresh, setDateRange, setAutoRefresh } = useDateRangeProviderContext(); + + const handleRefresh = useCallback( + ({ start, end }: OnRefreshProps) => { + setDateRange({ from: start, to: end }); + }, + [setDateRange] + ); + const handleTimeChange = useCallback( ({ start, end, isInvalid }: OnTimeChangeProps) => { if (!isInvalid) { setDateRange({ from: start, to: end }); @@ -20,13 +71,38 @@ export const DatePicker = () => { [setDateRange] ); + const handleAutoRefreshChange = useCallback( + ({ isPaused, refreshInterval }: OnRefreshChangeProps) => { + setAutoRefresh({ + isPaused, + interval: refreshInterval, + }); + + if (!isPaused) { + // when auto refresh is enabled, we need to force the end range to `now` in order for it to work automatically + // otherwise, users have to manually set `now` in the date picker + setDateRange({ from: dateRange.from, to: 'now' }); + } + }, + [dateRange.from, setAutoRefresh, setDateRange] + ); + return ( - ); }; + +// Memo EuiSuperDatePicker to prevent re-renders from resetting the auto-refresh cycle +const MemoEuiSuperDatePicker = React.memo((props: EuiSuperDatePickerProps) => ( + +)); diff --git a/x-pack/plugins/infra/public/components/asset_details/hooks/use_asset_details_render_props.ts b/x-pack/plugins/infra/public/components/asset_details/hooks/use_asset_details_render_props.ts index b8b857ae5ab94..857732f9425a5 100644 --- a/x-pack/plugins/infra/public/components/asset_details/hooks/use_asset_details_render_props.ts +++ b/x-pack/plugins/infra/public/components/asset_details/hooks/use_asset_details_render_props.ts @@ -10,27 +10,26 @@ import type { AssetDetailsProps } from '../types'; import { useAssetDetailsUrlState } from './use_asset_details_url_state'; import { useMetadataStateProviderContext } from './use_metadata_state'; -export interface UseAssetDetailsRenderProps { - props: Pick; -} +export type UseAssetDetailsRenderProps = Pick< + AssetDetailsProps, + 'assetId' | 'assetName' | 'assetType' | 'overrides' | 'renderMode' +>; -export function useAssetDetailsRenderProps({ props }: UseAssetDetailsRenderProps) { +export function useAssetDetailsRenderProps(props: UseAssetDetailsRenderProps) { const [urlState] = useAssetDetailsUrlState(); const { metadata } = useMetadataStateProviderContext(); - const { asset, assetType, overrides, renderMode } = props; + const { assetId, assetName, assetType, ...rest } = props; // When the asset asset.name is known we can load the page faster // Otherwise we need to use metadata response. - const loading = !asset.name && !urlState?.name && !metadata?.name; - + const loading = !assetName && !urlState?.name && !metadata?.name; return { + ...rest, asset: { - ...asset, - name: asset.name || urlState?.name || metadata?.name || '', + id: assetId, + name: assetName || urlState?.name || metadata?.name || '', + type: assetType, }, - assetType, - overrides, - renderMode, loading, }; } diff --git a/x-pack/plugins/infra/public/components/asset_details/hooks/use_asset_details_url_state.ts b/x-pack/plugins/infra/public/components/asset_details/hooks/use_asset_details_url_state.ts index 305e934c59dce..4b5ec03b3300b 100644 --- a/x-pack/plugins/infra/public/components/asset_details/hooks/use_asset_details_url_state.ts +++ b/x-pack/plugins/infra/public/components/asset_details/hooks/use_asset_details_url_state.ts @@ -55,6 +55,10 @@ const TabIdRT = rt.union([ ]); const AssetDetailsUrlStateRT = rt.partial({ + autoRefresh: rt.partial({ + isPaused: rt.boolean, + interval: rt.number, + }), dateRange: rt.type({ from: rt.string, to: rt.string, diff --git a/x-pack/plugins/infra/public/components/asset_details/hooks/use_date_range.ts b/x-pack/plugins/infra/public/components/asset_details/hooks/use_date_range.ts index 3f3e89f7c9a23..c27a2e569ffb7 100644 --- a/x-pack/plugins/infra/public/components/asset_details/hooks/use_date_range.ts +++ b/x-pack/plugins/infra/public/components/asset_details/hooks/use_date_range.ts @@ -10,26 +10,31 @@ import createContainer from 'constate'; import { useCallback, useState } from 'react'; import useEffectOnce from 'react-use/lib/useEffectOnce'; import { parseDateRange } from '../../../utils/datemath'; +import { AssetDetailsProps } from '../types'; import { getDefaultDateRange, toTimestampRange } from '../utils'; import { useAssetDetailsUrlState } from './use_asset_details_url_state'; -export interface UseDateRangeProviderProps { - initialDateRange?: TimeRange; -} +export type UseDateRangeProviderProps = Pick; export function useDateRangeProvider({ - initialDateRange = getDefaultDateRange(), + dateRange = getDefaultDateRange(), + autoRefresh, }: UseDateRangeProviderProps) { const [urlState, setUrlState] = useAssetDetailsUrlState(); - const dateRange: TimeRange = urlState?.dateRange ?? initialDateRange; - const [parsedDateRange, setParsedDateRange] = useState(parseDateRange(dateRange)); + const [parsedDateRange, setParsedDateRange] = useState( + parseDateRange(urlState?.dateRange ?? dateRange) + ); const [refreshTs, setRefreshTs] = useState(Date.now()); useEffectOnce(() => { - const { from, to } = getParsedDateRange(); - - // forces the date picker to initialize with absolute dates. - setUrlState({ dateRange: { from, to } }); + setUrlState({ + ...(!urlState?.dateRange + ? { + dateRange, + } + : undefined), + ...(!urlState?.autoRefresh ? { autoRefresh } : undefined), + }); }); const setDateRange = useCallback( @@ -41,6 +46,15 @@ export function useDateRangeProvider({ [setUrlState] ); + const setAutoRefresh = useCallback( + (newAutoRefresh: AssetDetailsProps['autoRefresh']) => { + setUrlState({ + autoRefresh: newAutoRefresh, + }); + }, + [setUrlState] + ); + const getParsedDateRange = useCallback(() => { const defaultDateRange = getDefaultDateRange(); const { from = defaultDateRange.from, to = defaultDateRange.to } = parsedDateRange; @@ -54,10 +68,12 @@ export function useDateRangeProvider({ ); return { - dateRange, + autoRefresh: urlState?.autoRefresh ?? autoRefresh, + dateRange: urlState?.dateRange ?? dateRange, getDateRangeInTimestamp, getParsedDateRange, refreshTs, + setAutoRefresh, setDateRange, }; } diff --git a/x-pack/plugins/infra/public/components/asset_details/hooks/use_intersecting_state.ts b/x-pack/plugins/infra/public/components/asset_details/hooks/use_intersecting_state.ts new file mode 100644 index 0000000000000..a9e7fba7d4447 --- /dev/null +++ b/x-pack/plugins/infra/public/components/asset_details/hooks/use_intersecting_state.ts @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { useEffect, useState, useRef, RefObject } from 'react'; + +export const useIntersectingState = (ref: RefObject, currentState: T) => { + const [intersectionObserverEntry, setIntersectionObserverEntry] = + useState(); + + const curState = useRef(currentState); + + const observerRef = useRef( + new IntersectionObserver(([value]) => setIntersectionObserverEntry(value), { + root: ref.current, + }) + ); + + useEffect(() => { + const { current: currentObserver } = observerRef; + currentObserver.disconnect(); + const { current } = ref; + + if (current) { + currentObserver.observe(current); + } + + return () => currentObserver.disconnect(); + }, [ref]); + + if (intersectionObserverEntry?.isIntersecting) { + curState.current = currentState; + } + + return curState.current; +}; diff --git a/x-pack/plugins/infra/public/components/asset_details/hooks/use_metadata.ts b/x-pack/plugins/infra/public/components/asset_details/hooks/use_metadata.ts index c06344270c2f0..ccb9ea41ab51f 100644 --- a/x-pack/plugins/infra/public/components/asset_details/hooks/use_metadata.ts +++ b/x-pack/plugins/infra/public/components/asset_details/hooks/use_metadata.ts @@ -44,7 +44,10 @@ export function useMetadata({ sourceId, timeRange, }), - decodeResponse + decodeResponse, + undefined, + undefined, + true ); useEffect(() => { diff --git a/x-pack/plugins/infra/public/components/asset_details/hooks/use_metadata_state.ts b/x-pack/plugins/infra/public/components/asset_details/hooks/use_metadata_state.ts index 0df9ae9a152dd..847ce1f748676 100644 --- a/x-pack/plugins/infra/public/components/asset_details/hooks/use_metadata_state.ts +++ b/x-pack/plugins/infra/public/components/asset_details/hooks/use_metadata_state.ts @@ -13,15 +13,15 @@ import { AssetDetailsProps } from '../types'; import { useDateRangeProviderContext } from './use_date_range'; import { useAssetDetailsUrlState } from './use_asset_details_url_state'; -export type UseMetadataProviderProps = Pick; +export type UseMetadataProviderProps = Pick; -export function useMetadataProvider({ asset, assetType }: UseMetadataProviderProps) { +export function useMetadataProvider({ assetId, assetType }: UseMetadataProviderProps) { const [, setUrlState] = useAssetDetailsUrlState(); const { getDateRangeInTimestamp } = useDateRangeProviderContext(); const { sourceId } = useSourceContext(); const { loading, error, metadata, reload } = useMetadata({ - assetId: asset.id, + assetId, assetType, sourceId, timeRange: getDateRangeInTimestamp(), diff --git a/x-pack/plugins/infra/public/components/asset_details/hooks/use_page_header.tsx b/x-pack/plugins/infra/public/components/asset_details/hooks/use_page_header.tsx index bff9cc1ea17e2..a7e0b311d3343 100644 --- a/x-pack/plugins/infra/public/components/asset_details/hooks/use_page_header.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/hooks/use_page_header.tsx @@ -5,14 +5,12 @@ * 2.0. */ import { - useEuiTheme, EuiIcon, type EuiPageHeaderProps, type EuiBreadcrumbsProps, EuiFlexGroup, EuiFlexItem, } from '@elastic/eui'; -import { css } from '@emotion/react'; import { useLinkProps } from '@kbn/observability-shared-plugin/public'; import React, { useCallback, useMemo } from 'react'; import { capitalize } from 'lodash'; @@ -64,7 +62,7 @@ export const useTemplateHeaderBreadcrumbs = () => { ? [ { text: ( - + @@ -89,15 +87,17 @@ export const useTemplateHeaderBreadcrumbs = () => { }; const useRightSideItems = (links?: LinkOptions[]) => { - const { asset, assetType, overrides } = useAssetDetailsRenderPropsContext(); + const { asset } = useAssetDetailsRenderPropsContext(); const topCornerLinkComponents: Record = useMemo( () => ({ - nodeDetails: , - alertRule: , + nodeDetails: ( + + ), + alertRule: , apmServices: , }), - [asset, assetType, overrides?.alertRule?.onCreateRuleClick] + [asset.id, asset.name, asset.type] ); const rightSideItems = useMemo( @@ -132,7 +132,6 @@ const useFeatureFlagTabs = () => { const useTabs = (tabs: Tab[]) => { const { showTab, activeTabId } = useTabSwitcherContext(); const { asset } = useAssetDetailsRenderPropsContext(); - const { euiTheme } = useEuiTheme(); const { isTabEnabled } = useFeatureFlagTabs(); const onTabClick = useCallback( @@ -155,18 +154,15 @@ const useTabs = (tabs: Tab[]) => { ...apmTracesMenuItemLinkProps, 'data-test-subj': 'infraAssetDetailsApmServicesLinkTab', label: ( - <> - - {name} - + + + + + {name} + ), }), - [apmTracesMenuItemLinkProps, euiTheme.size.xs] + [apmTracesMenuItemLinkProps] ); const tabEntries: TabItem[] = useMemo( diff --git a/x-pack/plugins/infra/public/components/asset_details/hooks/use_process_list.ts b/x-pack/plugins/infra/public/components/asset_details/hooks/use_process_list.ts index 97d567bb7066c..a9d5cb772b380 100644 --- a/x-pack/plugins/infra/public/components/asset_details/hooks/use_process_list.ts +++ b/x-pack/plugins/infra/public/components/asset_details/hooks/use_process_list.ts @@ -54,7 +54,10 @@ export function useProcessList( sortBy: parsedSortBy, searchFilter, }), - decodeResponse + decodeResponse, + undefined, + undefined, + true ); useEffect(() => { diff --git a/x-pack/plugins/infra/public/components/asset_details/hooks/use_process_list_row_chart.ts b/x-pack/plugins/infra/public/components/asset_details/hooks/use_process_list_row_chart.ts index f964167b8eb18..19c1f8defbf6a 100644 --- a/x-pack/plugins/infra/public/components/asset_details/hooks/use_process_list_row_chart.ts +++ b/x-pack/plugins/infra/public/components/asset_details/hooks/use_process_list_row_chart.ts @@ -36,7 +36,10 @@ export function useProcessListRowChart(command: string) { to, command, }), - decodeResponse + decodeResponse, + undefined, + undefined, + true ); useEffect(() => setInErrorState(true), [error]); diff --git a/x-pack/plugins/infra/public/components/asset_details/links/link_to_node_details.tsx b/x-pack/plugins/infra/public/components/asset_details/links/link_to_node_details.tsx index 2670af9272a31..212b19753f80f 100644 --- a/x-pack/plugins/infra/public/components/asset_details/links/link_to_node_details.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/links/link_to_node_details.tsx @@ -10,28 +10,30 @@ import { EuiButtonEmpty } from '@elastic/eui'; import { useLinkProps } from '@kbn/observability-shared-plugin/public'; import { parse } from '@kbn/datemath'; import { useNodeDetailsRedirect } from '../../../pages/link_to'; -import { Asset } from '../types'; + import type { InventoryItemType } from '../../../../common/inventory_models/types'; import { useAssetDetailsUrlState } from '../hooks/use_asset_details_url_state'; export interface LinkToNodeDetailsProps { - asset: Asset; + assetId: string; + assetName?: string; assetType: InventoryItemType; } -export const LinkToNodeDetails = ({ asset, assetType }: LinkToNodeDetailsProps) => { +export const LinkToNodeDetails = ({ assetId, assetName, assetType }: LinkToNodeDetailsProps) => { const [state] = useAssetDetailsUrlState(); const { getNodeDetailUrl } = useNodeDetailsRedirect(); - const { dateRange, ...assetDetails } = state ?? {}; + // don't propagate the autoRefresh to the details page + const { dateRange, autoRefresh: _, ...assetDetails } = state ?? {}; const nodeDetailMenuItemLinkProps = useLinkProps({ ...getNodeDetailUrl({ assetType, - assetId: asset.id, + assetId, search: { - name: asset.name, ...assetDetails, + name: assetName, from: parse(dateRange?.from ?? '')?.valueOf(), to: parse(dateRange?.to ?? '')?.valueOf(), }, diff --git a/x-pack/plugins/infra/public/components/asset_details/tabs/anomalies/anomalies.tsx b/x-pack/plugins/infra/public/components/asset_details/tabs/anomalies/anomalies.tsx index 7d6cabc54c3ab..19ca58ea2dd73 100644 --- a/x-pack/plugins/infra/public/components/asset_details/tabs/anomalies/anomalies.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/tabs/anomalies/anomalies.tsx @@ -5,22 +5,31 @@ * 2.0. */ -import React from 'react'; +import React, { useMemo, useRef } from 'react'; import { AnomaliesTable } from '../../../../pages/metrics/inventory_view/components/ml/anomaly_detection/anomalies_table/anomalies_table'; import { useAssetDetailsRenderPropsContext } from '../../hooks/use_asset_details_render_props'; import { useDateRangeProviderContext } from '../../hooks/use_date_range'; +import { useIntersectingState } from '../../hooks/use_intersecting_state'; export const Anomalies = () => { - const { dateRange } = useDateRangeProviderContext(); + const ref = useRef(null); + const { getParsedDateRange } = useDateRangeProviderContext(); const { asset, overrides } = useAssetDetailsRenderPropsContext(); const { onClose = () => {} } = overrides?.anomalies ?? {}; + const parsedDateRange = useMemo(() => getParsedDateRange(), [getParsedDateRange]); + const state = useIntersectingState(ref, { + parsedDateRange, + }); + return ( - +
+ +
); }; diff --git a/x-pack/plugins/infra/public/components/asset_details/tabs/logs/logs.tsx b/x-pack/plugins/infra/public/components/asset_details/tabs/logs/logs.tsx index a19861968335c..107cbfdb7aa68 100644 --- a/x-pack/plugins/infra/public/components/asset_details/tabs/logs/logs.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/tabs/logs/logs.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import React, { useCallback, useMemo, useState } from 'react'; +import React, { useCallback, useMemo, useRef, useState } from 'react'; import useDebounce from 'react-use/lib/useDebounce'; import { FormattedMessage } from '@kbn/i18n-react'; import { i18n } from '@kbn/i18n'; @@ -20,13 +20,15 @@ import { useAssetDetailsRenderPropsContext } from '../../hooks/use_asset_details import { useDataViewsProviderContext } from '../../hooks/use_data_views'; import { useDateRangeProviderContext } from '../../hooks/use_date_range'; import { useAssetDetailsUrlState } from '../../hooks/use_asset_details_url_state'; +import { useIntersectingState } from '../../hooks/use_intersecting_state'; const TEXT_QUERY_THROTTLE_INTERVAL_MS = 500; export const Logs = () => { - const { getDateRangeInTimestamp } = useDateRangeProviderContext(); + const ref = useRef(null); + const { getDateRangeInTimestamp, dateRange, autoRefresh } = useDateRangeProviderContext(); const [urlState, setUrlState] = useAssetDetailsUrlState(); - const { asset, assetType } = useAssetDetailsRenderPropsContext(); + const { asset } = useAssetDetailsRenderPropsContext(); const { logs } = useDataViewsProviderContext(); const { loading: logViewLoading, reference: logViewReference } = logs ?? {}; @@ -37,7 +39,12 @@ export const Logs = () => { const [textQueryDebounced, setTextQueryDebounced] = useState(urlState?.logsSearch ?? ''); const currentTimestamp = getDateRangeInTimestamp().to; - const startTimestamp = currentTimestamp - 60 * 60 * 1000; // 60 minutes + const state = useIntersectingState(ref, { + currentTimestamp, + startTimestamp: currentTimestamp - 60 * 60 * 1000, + dateRange, + autoRefresh, + }); useDebounce( () => { @@ -50,7 +57,7 @@ export const Logs = () => { const filter = useMemo(() => { const query = [ - `${findInventoryFields(assetType).id}: "${asset.name}"`, + `${findInventoryFields(asset.type).id}: "${asset.name}"`, ...(textQueryDebounced !== '' ? [textQueryDebounced] : []), ].join(' and '); @@ -58,7 +65,7 @@ export const Logs = () => { language: 'kuery', query, }; - }, [assetType, asset.name, textQueryDebounced]); + }, [asset.type, asset.name, textQueryDebounced]); const onQueryChange = useCallback((e: React.ChangeEvent) => { setTextQuery(e.target.value); @@ -71,23 +78,23 @@ export const Logs = () => { const logsUrl = useMemo(() => { return locators.nodeLogsLocator.getRedirectUrl({ - nodeType: assetType, + nodeType: asset.type, nodeId: asset.name, - time: startTimestamp, + time: state.startTimestamp, filter: textQueryDebounced, logView, }); }, [ locators.nodeLogsLocator, asset.name, - assetType, - startTimestamp, + asset.type, + state.startTimestamp, textQueryDebounced, logView, ]); return ( - + @@ -135,11 +142,18 @@ export const Logs = () => { ) : ( )} diff --git a/x-pack/plugins/infra/public/components/asset_details/tabs/metadata/metadata.test.tsx b/x-pack/plugins/infra/public/components/asset_details/tabs/metadata/metadata.test.tsx index 291f9911a3f85..d62557654ad6c 100644 --- a/x-pack/plugins/infra/public/components/asset_details/tabs/metadata/metadata.test.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/tabs/metadata/metadata.test.tsx @@ -21,25 +21,21 @@ const renderHostMetadata = () => render( diff --git a/x-pack/plugins/infra/public/components/asset_details/tabs/metadata/table.tsx b/x-pack/plugins/infra/public/components/asset_details/tabs/metadata/table.tsx index 8355713d14d97..ceb2773486d1f 100644 --- a/x-pack/plugins/infra/public/components/asset_details/tabs/metadata/table.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/tabs/metadata/table.tsx @@ -172,7 +172,7 @@ export const Table = ({ loading, rows, onSearchChange, search, showActionsColumn return ( { + const { metadata, loading } = useMetadataStateProviderContext(); + const agentId = useRef(undefined); + + // When a host has multiple agents reporting metrics, it's possible that one of them may not report an agent id. + // This ensures that once an agent id is found, it won't be replaced. + if (metadata?.info?.agent?.id && !agentId.current) { + agentId.current = metadata.info.agent.id; + } + const { featureFlags } = usePluginConfig(); - const { metadata, loading: metadataLoading } = useMetadataStateProviderContext(); + if (!featureFlags.osqueryEnabled) { + return null; + } + + const isLoading = loading && !metadata; + return isLoading ? ( + + ) : ( + // Osquery must receive an agent id for it to function in infra. There may be incomplete metric documents without this information, causing the metadata endpoint to return incomplete data. + // To prevent incorrect Osquery form rendering, we're passing an invalid agent id. This ensures the user sees the 'not available' message instead of the form. + + ); +}; + +const MemoOsQueryAction = React.memo(({ agentId }: { agentId?: string }) => { const { services: { osquery }, } = useKibanaContextForPlugin(); @@ -22,18 +45,9 @@ export const Osquery = () => { // @ts-expect-error const OsqueryAction = osquery?.OsqueryAction; - // avoids component rerender when resizing the popover - const content = useMemo(() => { - if (!featureFlags.osqueryEnabled) { - return null; - } - // TODO: Add info when Osquery plugin is not available - if (metadataLoading || !OsqueryAction) { - return ; - } - - return ; - }, [featureFlags.osqueryEnabled, metadataLoading, OsqueryAction, metadata?.info?.agent?.id]); - - return content; -}; + return !OsqueryAction ? ( + + ) : ( + + ); +}); diff --git a/x-pack/plugins/infra/public/components/asset_details/tabs/overview/alerts.tsx b/x-pack/plugins/infra/public/components/asset_details/tabs/overview/alerts.tsx index 1dda6d6ac7a46..195ca67196b3c 100644 --- a/x-pack/plugins/infra/public/components/asset_details/tabs/overview/alerts.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/tabs/overview/alerts.tsx @@ -49,7 +49,7 @@ export const AlertsSummaryContent = ({ return ( <> - + diff --git a/x-pack/plugins/infra/public/components/asset_details/tabs/overview/metadata_summary/metadata_header.tsx b/x-pack/plugins/infra/public/components/asset_details/tabs/overview/metadata_summary/metadata_header.tsx index 7132587588f24..7599dbacef3f5 100644 --- a/x-pack/plugins/infra/public/components/asset_details/tabs/overview/metadata_summary/metadata_header.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/tabs/overview/metadata_summary/metadata_header.tsx @@ -51,7 +51,7 @@ export const MetadataHeader = ({ metadataValue }: MetadataSummaryProps) => { white-space: nowrap; `} > - + {columnTitles[metadataValue.field as MetadataFields]} diff --git a/x-pack/plugins/infra/public/components/asset_details/tabs/overview/metadata_summary/metadata_summary_list.tsx b/x-pack/plugins/infra/public/components/asset_details/tabs/overview/metadata_summary/metadata_summary_list.tsx index 0a3b29a75ad16..b5ea906fa3a9d 100644 --- a/x-pack/plugins/infra/public/components/asset_details/tabs/overview/metadata_summary/metadata_summary_list.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/tabs/overview/metadata_summary/metadata_summary_list.tsx @@ -14,7 +14,6 @@ import { EuiDescriptionList, EuiDescriptionListDescription, EuiLoadingSpinner, - EuiSpacer, } from '@elastic/eui'; import type { InfraMetadata } from '../../../../../../common/http_api'; import { NOT_AVAILABLE_LABEL } from '../../../translations'; @@ -27,11 +26,11 @@ import { MetadataSectionTitle } from '../../../components/section_titles'; interface MetadataSummaryProps { metadata: InfraMetadata | null; - metadataLoading: boolean; + loading: boolean; } interface MetadataSummaryWrapperProps { visibleMetadata: MetadataData[]; - metadataLoading: boolean; + loading: boolean; } export interface MetadataData { @@ -70,7 +69,7 @@ const metadataData = (metadataInfo: InfraMetadata['info']): MetadataData[] => [ ]; const MetadataSummaryListWrapper = ({ - metadataLoading, + loading: metadataLoading, visibleMetadata, }: MetadataSummaryWrapperProps) => { const { showTab } = useTabSwitcherContext(); @@ -80,38 +79,43 @@ const MetadataSummaryListWrapper = ({ }; return ( - <> - - - + + + + + + + + + + + + + + + + - - - - - - - - + {visibleMetadata.map( (metadataValue) => metadataValue && ( - + - {metadataLoading ? ( + {metadataLoading && !metadataValue.value ? ( ) : ( @@ -122,19 +126,16 @@ const MetadataSummaryListWrapper = ({ ) )} - + ); }; -export const MetadataSummaryList = ({ metadata, metadataLoading }: MetadataSummaryProps) => ( +export const MetadataSummaryList = ({ metadata, loading }: MetadataSummaryProps) => ( ); -export const MetadataSummaryListCompact = ({ metadata, metadataLoading }: MetadataSummaryProps) => ( - +export const MetadataSummaryListCompact = ({ metadata, loading }: MetadataSummaryProps) => ( + ); diff --git a/x-pack/plugins/infra/public/components/asset_details/tabs/overview/overview.tsx b/x-pack/plugins/infra/public/components/asset_details/tabs/overview/overview.tsx index 229470f5bb894..5ec6ce182f55a 100644 --- a/x-pack/plugins/infra/public/components/asset_details/tabs/overview/overview.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/tabs/overview/overview.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import React, { useMemo } from 'react'; +import React, { useMemo, useRef } from 'react'; import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; import { MetadataSummaryList, @@ -20,10 +20,12 @@ import { useDataViewsProviderContext } from '../../hooks/use_data_views'; import { useDateRangeProviderContext } from '../../hooks/use_date_range'; import { SectionSeparator } from './section_separator'; import { MetadataErrorCallout } from '../../components/metadata_error_callout'; +import { useIntersectingState } from '../../hooks/use_intersecting_state'; export const Overview = () => { + const ref = useRef(null); const { getParsedDateRange } = useDateRangeProviderContext(); - const { asset, assetType, renderMode } = useAssetDetailsRenderPropsContext(); + const { asset, renderMode } = useAssetDetailsRenderPropsContext(); const { metadata, loading: metadataLoading, @@ -34,31 +36,37 @@ export const Overview = () => { const parsedDateRange = useMemo(() => getParsedDateRange(), [getParsedDateRange]); const isFullPageView = renderMode.mode !== 'flyout'; + const state = useIntersectingState(ref, { parsedDateRange }); + const metricsSection = isFullPageView ? ( ) : ( ); const metadataSummarySection = isFullPageView ? ( - + ) : ( - + ); return ( - + - + {fetchMetadataError && !metadataLoading ? : metadataSummarySection} @@ -67,8 +75,8 @@ export const Overview = () => { diff --git a/x-pack/plugins/infra/public/components/asset_details/tabs/processes/processes.tsx b/x-pack/plugins/infra/public/components/asset_details/tabs/processes/processes.tsx index dfaf227dc10df..8881c30e00e05 100644 --- a/x-pack/plugins/infra/public/components/asset_details/tabs/processes/processes.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/tabs/processes/processes.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import React, { useMemo, useState, useCallback } from 'react'; +import React, { useMemo, useState, useCallback, useRef } from 'react'; import { debounce } from 'lodash'; import { i18n } from '@kbn/i18n'; import { @@ -30,6 +30,7 @@ import { useDateRangeProviderContext } from '../../hooks/use_date_range'; import { ProcessesExplanationMessage } from '../../components/processes_explanation'; import { useAssetDetailsUrlState } from '../../hooks/use_asset_details_url_state'; import { TopProcessesTooltip } from '../../components/top_processes_tooltip'; +import { useIntersectingState } from '../../hooks/use_intersecting_state'; const options = Object.entries(STATE_NAMES).map(([value, view]: [string, string]) => ({ value, @@ -37,17 +38,20 @@ const options = Object.entries(STATE_NAMES).map(([value, view]: [string, string] })); export const Processes = () => { + const ref = useRef(null); const { getDateRangeInTimestamp } = useDateRangeProviderContext(); const [urlState, setUrlState] = useAssetDetailsUrlState(); - const { asset, assetType } = useAssetDetailsRenderPropsContext(); - + const { asset } = useAssetDetailsRenderPropsContext(); const [searchText, setSearchText] = useState(urlState?.processSearch ?? ''); const [searchQueryError, setSearchQueryError] = useState(null); const [searchBarState, setSearchBarState] = useState(() => searchText ? Query.parse(searchText) : Query.MATCH_ALL ); - const currentTimestamp = getDateRangeInTimestamp().to; + const toTimestamp = useMemo(() => getDateRangeInTimestamp().to, [getDateRangeInTimestamp]); + const state = useIntersectingState(ref, { + currentTimestamp: toTimestamp, + }); const [sortBy, setSortBy] = useState({ name: 'cpu', @@ -55,16 +59,16 @@ export const Processes = () => { }); const hostTerm = useMemo(() => { - const field = getFieldByType(assetType) ?? assetType; + const field = getFieldByType(asset.type) ?? asset.type; return { [field]: asset.name }; - }, [asset.name, assetType]); + }, [asset.name, asset.type]); const { loading, error, response, makeRequest: reload, - } = useProcessList(hostTerm, currentTimestamp, sortBy, parseSearchString(searchText)); + } = useProcessList(hostTerm, state.currentTimestamp, sortBy, parseSearchString(searchText)); const debouncedSearchOnChange = useMemo(() => { return debounce<(queryText: string) => void>((queryText) => { @@ -94,15 +98,15 @@ export const Processes = () => { }, [setUrlState]); return ( - - + + - + @@ -118,12 +122,18 @@ export const Processes = () => { - - {loading ? ( - - ) : ( - !error && (response?.processList ?? []).length > 0 && - )} + {!error && ( + + + {loading && !response ? ( + + ) : ( + (response?.processList ?? []).length > 0 && + )} + + + )} + { {!error ? ( ; - - if (currentItems.length === 0) + if (!isLoading && currentItems.length === 0) return ( ))} + + {isLoading && } + {isLoading && currentItems.length === 0 && !error && ( + + + + )} + {error ? ( - + + {error} + ) : ( )} @@ -196,28 +208,11 @@ export const ProcessesTable = ({ ); }; -const LoadingPlaceholder = () => { - return ( -
- -
- ); -}; - -interface ProcessesTableErrorProps { - error: string; +interface ProcessesTableMessageProps { + children: React.ReactNode; } -const ProcessesTableError = ({ error }: ProcessesTableErrorProps) => { +const ProcessesTableMessage = ({ children }: ProcessesTableMessageProps) => { const { euiTheme } = useEuiTheme(); return ( @@ -233,7 +228,7 @@ const ProcessesTableError = ({ error }: ProcessesTableErrorProps) => { mobileOptions={{ width: '100%' }} textOnly={true} > - {error} + {children} ); diff --git a/x-pack/plugins/infra/public/components/asset_details/tabs/processes/summary_table.tsx b/x-pack/plugins/infra/public/components/asset_details/tabs/processes/summary_table.tsx index 6b097275d9f62..8a9fda34eaba2 100644 --- a/x-pack/plugins/infra/public/components/asset_details/tabs/processes/summary_table.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/tabs/processes/summary_table.tsx @@ -6,7 +6,6 @@ */ import React, { useMemo } from 'react'; -import { mapValues } from 'lodash'; import { i18n } from '@kbn/i18n'; import { EuiLoadingSpinner, @@ -28,8 +27,8 @@ interface Props { } type SummaryRecord = { - total: number; -} & Record; + total: number | string; +} & Record; const processSummaryNotAvailable = { total: NOT_AVAILABLE_LABEL, @@ -43,21 +42,18 @@ const processSummaryNotAvailable = { }; export const SummaryTable = ({ processSummary, isLoading }: Props) => { - const summary = !processSummary?.total ? processSummaryNotAvailable : processSummary; - - const processCount = useMemo( - () => - ({ - total: isLoading ? -1 : summary.total, - ...mapValues(STATE_NAMES, () => (isLoading ? -1 : 0)), - ...(isLoading ? {} : summary), - } as SummaryRecord), - [summary, isLoading] + const mergedSummary: SummaryRecord = useMemo( + () => ({ + ...processSummaryNotAvailable, + ...Object.fromEntries(Object.entries(processSummary).filter(([_, v]) => !!v)), + }), + [processSummary] ); + return ( <> - - {Object.entries(processCount).map(([field, value]) => ( + + {Object.entries(mergedSummary).map(([field, value]) => ( { {columnTitles[field as keyof SummaryRecord]} - {value === -1 ? ( - - ) : ( - value - )} + {isLoading ? : value} diff --git a/x-pack/plugins/infra/public/components/asset_details/template/flyout.tsx b/x-pack/plugins/infra/public/components/asset_details/template/flyout.tsx index d7d80c1117ca2..898ce873e49ec 100644 --- a/x-pack/plugins/infra/public/components/asset_details/template/flyout.tsx +++ b/x-pack/plugins/infra/public/components/asset_details/template/flyout.tsx @@ -21,11 +21,12 @@ import { useTabSwitcherContext } from '../hooks/use_tab_switcher'; import type { ContentTemplateProps } from '../types'; export const Flyout = ({ - header: { tabs = [], links = [] }, + tabs = [], + links = [], closeFlyout, }: ContentTemplateProps & { closeFlyout: () => void }) => { const [, setUrlState] = useAssetDetailsUrlState(); - const { asset, assetType, loading } = useAssetDetailsRenderPropsContext(); + const { asset, loading } = useAssetDetailsRenderPropsContext(); const { rightSideItems, tabEntries } = usePageHeader(tabs, links); const { activeTabId } = useTabSwitcherContext(); const { @@ -35,7 +36,7 @@ export const Flyout = ({ useEffectOnce(() => { telemetry.reportAssetDetailsFlyoutViewed({ componentName: ASSET_DETAILS_FLYOUT_COMPONENT_NAME, - assetType, + assetType: asset.type, tabId: activeTabId, }); }); @@ -50,7 +51,7 @@ export const Flyout = ({ onClose={handleOnClose} ownFocus={false} data-component-name={ASSET_DETAILS_FLYOUT_COMPONENT_NAME} - data-asset-type={assetType} + data-asset-type={asset.type} > {loading ? ( { +export const Page = ({ tabs = [], links = [] }: ContentTemplateProps) => { const { loading } = useAssetDetailsRenderPropsContext(); const { metadata, loading: metadataLoading } = useMetadataStateProviderContext(); const { rightSideItems, tabEntries, breadcrumbs } = usePageHeader(tabs, links); - const { asset, assetType } = useAssetDetailsRenderPropsContext(); + const { asset } = useAssetDetailsRenderPropsContext(); const { actionMenuHeight } = useKibanaHeader(); const trackOnlyOnce = React.useRef(false); @@ -42,7 +42,7 @@ export const Page = ({ header: { tabs = [], links = [] } }: ContentTemplateProps const integrations = getIntegrationsAvailable(metadata); const telemetryParams = { componentName: ASSET_DETAILS_PAGE_COMPONENT_NAME, - assetType, + assetType: asset.type, tabId: activeTabId, }; @@ -56,7 +56,7 @@ export const Page = ({ header: { tabs = [], links = [] } }: ContentTemplateProps ); trackOnlyOnce.current = true; } - }, [activeTabId, assetType, metadata, metadataLoading, telemetry]); + }, [activeTabId, asset.type, metadata, metadataLoading, telemetry]); const heightWithOffset = useMemo( () => `calc(100vh - var(--euiFixedHeadersOffset, 0) - ${actionMenuHeight}px)`, @@ -88,7 +88,7 @@ export const Page = ({ header: { tabs = [], links = [] } }: ContentTemplateProps minBlockSize: heightWithOffset, }} data-component-name={ASSET_DETAILS_PAGE_COMPONENT_NAME} - data-asset-type={assetType} + data-asset-type={asset.type} > void; }; alertRule?: { - onCreateRuleClick?: () => void; - options?: Partial; + options?: Partial>; }; } @@ -65,8 +64,13 @@ export interface Tab { export type LinkOptions = 'alertRule' | 'nodeDetails' | 'apmServices'; export interface AssetDetailsProps { - asset: Asset; + assetId: string; + assetName?: string; assetType: InventoryItemType; + autoRefresh?: { + isPaused?: boolean; + interval?: number; + }; dateRange?: TimeRange; tabs: Tab[]; overrides?: OverridableTabState; @@ -79,9 +83,7 @@ export interface AssetDetailsProps { export type TabsStateChangeFn = (state: TabState) => void; -export interface ContentTemplateProps { - header: Pick; -} +export type ContentTemplateProps = Pick; export interface RouteState { originAppId: string; diff --git a/x-pack/plugins/infra/public/pages/link_to/use_node_details_redirect.ts b/x-pack/plugins/infra/public/pages/link_to/use_node_details_redirect.ts index 22412fa2064a1..6b6f2fda8a1f5 100644 --- a/x-pack/plugins/infra/public/pages/link_to/use_node_details_redirect.ts +++ b/x-pack/plugins/infra/public/pages/link_to/use_node_details_redirect.ts @@ -25,7 +25,7 @@ export interface MetricDetailsQueryParams { } export type AssetDetailsQueryParams = MetricDetailsQueryParams & - Omit; + Omit; type SearchParams = T extends 'host' ? AssetDetailsQueryParams diff --git a/x-pack/plugins/infra/public/pages/metrics/hosts/components/host_details_flyout/flyout_wrapper.tsx b/x-pack/plugins/infra/public/pages/metrics/hosts/components/host_details_flyout/flyout_wrapper.tsx index 4015e536a786e..c377eb5043c79 100644 --- a/x-pack/plugins/infra/public/pages/metrics/hosts/components/host_details_flyout/flyout_wrapper.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/hosts/components/host_details_flyout/flyout_wrapper.tsx @@ -23,7 +23,8 @@ export const FlyoutWrapper = ({ node: { name }, closeFlyout }: Props) => { return source ? ( (hostsLinkClicked); + const AUTO_REFRESH_INTERVAL = 5 * 1000; const options = { formatter: InfraFormatterType.percent, @@ -94,7 +95,7 @@ export const Layout = React.memo(({ currentView, reload, interval, nodes, loadin jumpToTime(Date.now()); } }, - isAutoReloading ? 5000 : null + isAutoReloading ? AUTO_REFRESH_INTERVAL : null ); const dataBounds = calculateBoundsFromNodes(nodes); @@ -211,6 +212,8 @@ export const Layout = React.memo(({ currentView, reload, interval, nodes, loadin boundsOverride={boundsOverride} formatter={formatter} bottomMargin={height} + isAutoReloading={isAutoReloading} + refreshInterval={AUTO_REFRESH_INTERVAL} /> )} diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/ml/anomaly_detection/anomalies_table/anomalies_table.tsx b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/ml/anomaly_detection/anomalies_table/anomalies_table.tsx index f2dc777ba792b..1effc203084c6 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/ml/anomaly_detection/anomalies_table/anomalies_table.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/ml/anomaly_detection/anomalies_table/anomalies_table.tsx @@ -255,20 +255,31 @@ export const AnomaliesTable = ({ [] ); - const anomalyParams = useMemo( - () => ({ + const getTimeRange = useCallback(() => { + if (hideDatePicker) { + return { + start: datemathToEpochMillis(dateRange.from) || 0, + end: datemathToEpochMillis(dateRange.to, 'up') || 0, + }; + } else { + return timeRange; + } + }, [dateRange.from, dateRange.to, hideDatePicker, timeRange]); + + const anomalyParams = useMemo(() => { + const { start, end } = getTimeRange(); + return { sourceId: 'default', anomalyThreshold: anomalyThreshold || 0, - startTime: timeRange.start, - endTime: timeRange.end, + startTime: start, + endTime: end, defaultSortOptions: { direction: sorting?.direction || 'desc', field: (sorting?.field || 'startTime') as SortField, }, defaultPaginationOptions: { pageSize: 10 }, - }), - [timeRange.start, timeRange.end, sorting?.field, sorting?.direction, anomalyThreshold] - ); + }; + }, [getTimeRange, anomalyThreshold, sorting?.direction, sorting?.field]); const { metricsHostsAnomalies, getMetricsHostsAnomalies, diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/nodes_overview.tsx b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/nodes_overview.tsx index 858b68a4b646d..fee52b3b4a8a7 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/nodes_overview.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/nodes_overview.tsx @@ -8,7 +8,6 @@ import { i18n } from '@kbn/i18n'; import React, { useCallback } from 'react'; import { useCurrentEuiBreakpoint } from '@elastic/eui'; - import { euiStyled } from '@kbn/kibana-react-plugin/common'; import { InventoryItemType } from '../../../../../common/inventory_models/types'; import { InfraWaffleMapBounds, InfraWaffleMapOptions, InfraFormatter } from '../../../../lib/lib'; @@ -41,6 +40,8 @@ interface Props { formatter: InfraFormatter; bottomMargin: number; showLoading: boolean; + isAutoReloading?: boolean; + refreshInterval?: number; } export const NodesOverview = ({ @@ -57,6 +58,8 @@ export const NodesOverview = ({ onDrilldown, bottomMargin, showLoading, + refreshInterval, + isAutoReloading, }: Props) => { const currentBreakpoint = useCurrentEuiBreakpoint(); const [{ detailsItemId }, setFlyoutUrlState] = useAssetDetailsFlyoutState(); @@ -137,17 +140,18 @@ export const NodesOverview = ({ currentTime={currentTime} onFilter={handleDrilldown} bounds={bounds} - dataBounds={dataBounds} bottomMargin={bottomMargin} staticHeight={isStatic} /> {nodeType === 'host' && detailsItemId && ( )} void; currentTime: number; - options?: InfraWaffleMapOptions; + options?: Pick; + isAutoReloading?: boolean; + refreshInterval?: number; } -const ONE_HOUR = 60 * 60 * 1000; - const flyoutTabs = [ ...commonFlyoutTabs, { @@ -34,18 +34,36 @@ const flyoutTabs = [ }, ]; +const ONE_HOUR = 60 * 60 * 1000; + export const AssetDetailsFlyout = ({ assetName, assetType, closeFlyout, currentTime, options, + refreshInterval, + isAutoReloading = false, }: Props) => { const { source } = useSourceContext(); + const dateRange = useMemo(() => { + // forces relative dates when auto-refresh is active + return isAutoReloading + ? { + from: 'now-1h', + to: 'now', + } + : { + from: new Date(currentTime - ONE_HOUR).toISOString(), + to: new Date(currentTime).toISOString(), + }; + }, [currentTime, isAutoReloading]); + return source ? ( ) : null; diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/waffle/map.tsx b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/waffle/map.tsx index ceff6663fd7c3..920e893f5a4f7 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/waffle/map.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/waffle/map.tsx @@ -27,7 +27,6 @@ interface Props { currentTime: number; onFilter: (filter: string) => void; bounds: InfraWaffleMapBounds; - dataBounds: InfraWaffleMapBounds; bottomMargin: number; staticHeight: boolean; detailsItemId: string | null; @@ -41,7 +40,6 @@ export const Map: React.FC = ({ formatter, bounds, nodeType, - dataBounds, bottomMargin, staticHeight, detailsItemId, diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_metrics_hosts_anomalies.ts b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_metrics_hosts_anomalies.ts index ce2c05c103811..59f1c22890e6d 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_metrics_hosts_anomalies.ts +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_metrics_hosts_anomalies.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { useMemo, useState, useCallback, useEffect, useReducer } from 'react'; +import { useMemo, useState, useCallback, useEffect, useReducer, useRef } from 'react'; import { HttpHandler } from '@kbn/core/public'; import { INFA_ML_GET_METRICS_HOSTS_ANOMALIES_PATH, @@ -134,6 +134,27 @@ const STATE_DEFAULTS: ReducerStateDefaults = { hasNextPage: false, }; +const initStateReducer = + ( + endTime: number, + startTime: number, + defaultSortOptions: Sort, + defaultPaginationOptions: Pick, + filteredDatasets?: string[] + ) => + (stateDefaults: ReducerStateDefaults): ReducerState => { + return { + ...stateDefaults, + paginationOptions: defaultPaginationOptions, + sortOptions: defaultSortOptions, + filteredDatasets, + timeRange: { + start: startTime, + end: endTime, + }, + }; + }; + export const useMetricsHostsAnomaliesResults = ({ endTime, startTime, @@ -154,23 +175,29 @@ export const useMetricsHostsAnomaliesResults = ({ filteredDatasets?: string[]; }) => { const { services } = useKibanaContextForPlugin(); - const initStateReducer = (stateDefaults: ReducerStateDefaults): ReducerState => { - return { - ...stateDefaults, - paginationOptions: defaultPaginationOptions, - sortOptions: defaultSortOptions, - filteredDatasets, - timeRange: { - start: startTime, - end: endTime, - }, - }; - }; - const [reducerState, dispatch] = useReducer(stateReducer, STATE_DEFAULTS, initStateReducer); + const abortController = useRef(new AbortController()); + const [reducerState, dispatch] = useReducer( + stateReducer, + STATE_DEFAULTS, + initStateReducer( + endTime, + startTime, + defaultSortOptions, + defaultPaginationOptions, + filteredDatasets + ) + ); const [metricsHostsAnomalies, setMetricsHostsAnomalies] = useState([]); + useEffect(() => { + const current = abortController?.current; + return () => { + current.abort(); + }; + }, []); + const [getMetricsHostsAnomaliesRequest, getMetricsHostsAnomalies] = useTrackedPromise( { cancelPreviousOn: 'creation', @@ -182,6 +209,9 @@ export const useMetricsHostsAnomaliesResults = ({ paginationCursor, } = reducerState; + abortController.current.abort(); + abortController.current = new AbortController(); + return await callGetMetricHostsAnomaliesAPI( { sourceId, @@ -197,7 +227,8 @@ export const useMetricsHostsAnomaliesResults = ({ }, hostName, }, - services.http.fetch + services.http.fetch, + abortController.current.signal ); }, onResolve: ({ data: { anomalies, paginationCursors: requestCursors, hasMoreEntries } }) => { @@ -318,7 +349,8 @@ interface RequestArgs { export const callGetMetricHostsAnomaliesAPI = async ( requestArgs: RequestArgs, - fetch: HttpHandler + fetch: HttpHandler, + signal?: AbortSignal | null ) => { const { sourceId, @@ -350,6 +382,7 @@ export const callGetMetricHostsAnomaliesAPI = async ( }, }) ), + signal, }); return decodeOrThrow(getMetricsHostsAnomaliesSuccessReponsePayloadRT)(response); diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_metrics_k8s_anomalies.ts b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_metrics_k8s_anomalies.ts index 0545c98656652..cb75bbea23421 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_metrics_k8s_anomalies.ts +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_metrics_k8s_anomalies.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { useMemo, useState, useCallback, useEffect, useReducer } from 'react'; +import { useMemo, useState, useCallback, useEffect, useReducer, useRef } from 'react'; import { HttpHandler } from '@kbn/core/public'; import { Sort, @@ -154,6 +154,7 @@ export const useMetricsK8sAnomaliesResults = ({ filteredDatasets?: string[]; }) => { const { services } = useKibanaContextForPlugin(); + const abortController = useRef(new AbortController()); const initStateReducer = (stateDefaults: ReducerStateDefaults): ReducerState => { return { ...stateDefaults, @@ -171,6 +172,13 @@ export const useMetricsK8sAnomaliesResults = ({ const [metricsK8sAnomalies, setMetricsK8sAnomalies] = useState([]); + useEffect(() => { + const current = abortController?.current; + return () => { + current.abort(); + }; + }, []); + const [getMetricsK8sAnomaliesRequest, getMetricsK8sAnomalies] = useTrackedPromise( { cancelPreviousOn: 'creation', @@ -181,6 +189,11 @@ export const useMetricsK8sAnomaliesResults = ({ paginationOptions, paginationCursor, } = reducerState; + + abortController.current.abort(); + + abortController.current = new AbortController(); + return await callGetMetricsK8sAnomaliesAPI( { sourceId, @@ -195,7 +208,8 @@ export const useMetricsK8sAnomaliesResults = ({ cursor: paginationCursor, }, }, - services.http.fetch + services.http.fetch, + abortController.current.signal ); }, onResolve: ({ data: { anomalies, paginationCursors: requestCursors, hasMoreEntries } }) => { @@ -313,7 +327,8 @@ interface RequestArgs { export const callGetMetricsK8sAnomaliesAPI = async ( requestArgs: RequestArgs, - fetch: HttpHandler + fetch: HttpHandler, + signal?: AbortSignal | null ) => { const { sourceId, anomalyThreshold, startTime, endTime, metric, query, sort, pagination } = requestArgs; @@ -335,6 +350,7 @@ export const callGetMetricsK8sAnomaliesAPI = async ( }, }) ), + signal, }); return decodeOrThrow(getMetricsK8sAnomaliesSuccessReponsePayloadRT)(response); diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_time.ts b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_time.ts index 5bbc55dd0f48e..05236a818cce4 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_time.ts +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_time.ts @@ -42,7 +42,7 @@ export const useWaffleTime = () => { const { currentTime, isAutoReloading } = urlState; const startAutoReload = useCallback(() => { - setState((previous) => ({ ...previous, isAutoReloading: true })); + setState((previous) => ({ ...previous, isAutoReloading: true, currentTime: Date.now() })); }, [setState]); const stopAutoReload = useCallback(() => { diff --git a/x-pack/plugins/infra/public/pages/metrics/metric_detail/asset_detail_page.tsx b/x-pack/plugins/infra/public/pages/metrics/metric_detail/asset_detail_page.tsx index f5809c0857353..216c32abaa0b1 100644 --- a/x-pack/plugins/infra/public/pages/metrics/metric_detail/asset_detail_page.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/metric_detail/asset_detail_page.tsx @@ -47,9 +47,7 @@ export const AssetDetailPage = () => { }} > { @@ -94,7 +98,10 @@ export const LogStreamContent = ({ center, highlight, columns, + startDateExpression = '', + endDateExpression = '', showFlyoutAction = false, + isStreaming = false, }: LogStreamProps) => { const customColumns = useMemo( () => (columns ? convertLogColumnDefinitionToLogSourceColumnDefinition(columns) : undefined), @@ -153,10 +160,12 @@ Read more at https://github.com/elastic/kibana/blob/main/src/plugins/kibana_reac const { entries, fetchEntries, + fetchNewestEntries, fetchNextEntries, fetchPreviousEntries, hasMoreAfter, hasMoreBefore, + lastLoadedTime, isLoadingMore, isReloading: isLoadingEntries, } = useLogStream({ @@ -168,28 +177,64 @@ Read more at https://github.com/elastic/kibana/blob/main/src/plugins/kibana_reac columns: customColumns, }); + const isReloading = useMemo( + () => isLoadingLogView || isLoadingEntries, + [isLoadingEntries, isLoadingLogView] + ); + const columnConfigurations = useMemo(() => { return resolvedLogView ? customColumns ?? resolvedLogView.columns : []; }, [resolvedLogView, customColumns]); const streamItems = useMemo( () => - entries.map((entry) => ({ - kind: 'logEntry' as const, - logEntry: entry, - highlights: [], - })), - [entries] + isReloading + ? [] + : entries.map((entry) => ({ + kind: 'logEntry' as const, + logEntry: entry, + highlights: [], + })), + [entries, isReloading] ); + const prevStartTimestamp = usePrevious(startTimestamp); + const prevEndTimestamp = usePrevious(endTimestamp); + const prevFilterQuery = usePrevious(parsedQuery); + // Component lifetime useEffect(() => { loadLogView(); }, [loadLogView]); useEffect(() => { - fetchEntries(); - }, [fetchEntries]); + const isFirstLoad = !prevStartTimestamp || !prevEndTimestamp; + const hasQueryChanged = parsedQuery !== prevFilterQuery; + const timerangeChanged = + prevStartTimestamp !== startTimestamp || prevEndTimestamp !== endTimestamp; + + if (isFirstLoad || hasQueryChanged) { + fetchEntries(); + } + + if (timerangeChanged) { + if (isStreaming) { + fetchNewestEntries(); + } else { + fetchEntries(); + } + } + }, [ + endTimestamp, + fetchEntries, + fetchNewestEntries, + isStreaming, + parsedQuery, + prevEndTimestamp, + prevFilterQuery, + prevStartTimestamp, + startTimestamp, + ]); // Pagination handler const handlePagination = useCallback( @@ -218,19 +263,20 @@ Read more at https://github.com/elastic/kibana/blob/main/src/plugins/kibana_reac items={streamItems} scale="medium" wrap={true} - isReloading={isLoadingLogView || isLoadingEntries} + isReloading={isReloading} isLoadingMore={isLoadingMore} + isStreaming={isStreaming} hasMoreBeforeStart={hasMoreBefore} hasMoreAfterEnd={hasMoreAfter} - isStreaming={false} + lastLoadedTime={lastLoadedTime} jumpToTarget={noop} reportVisibleInterval={handlePagination} reloadItems={fetchEntries} onOpenLogEntryFlyout={showFlyoutAction ? openLogEntryFlyout : undefined} highlightedItem={highlight ?? null} currentHighlightKey={null} - startDateExpression={''} - endDateExpression={''} + startDateExpression={startDateExpression} + endDateExpression={endDateExpression} updateDateRange={noop} startLiveStreaming={noop} hideScrollbar={false} diff --git a/x-pack/test/functional/apps/infra/home_page.ts b/x-pack/test/functional/apps/infra/home_page.ts index 74cc8a1951cb4..4bada627d2dff 100644 --- a/x-pack/test/functional/apps/infra/home_page.ts +++ b/x-pack/test/functional/apps/infra/home_page.ts @@ -210,6 +210,13 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { await returnTo(INVENTORY_PATH); }); }); + + it('Should show auto-refresh option', async () => { + const kibanaRefreshConfig = await pageObjects.timePicker.getRefreshConfig(); + expect(kibanaRefreshConfig.interval).to.equal('5'); + expect(kibanaRefreshConfig.units).to.equal('Seconds'); + expect(kibanaRefreshConfig.isPaused).to.equal(true); + }); }); it('shows query suggestions', async () => { From 94080fded21b317342774ea0da45f883d856a33b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20S=C3=A1nchez?= Date: Thu, 19 Oct 2023 13:31:17 +0200 Subject: [PATCH 30/50] [Security Solution][Endpoint] Adds new e2e tests for agent tamper protection with real agent (#167954) ## Summary - Agent tamper protection e2e automation with test cases: - [x] Uninstall with/without agent tamper protection enabled. - [x] Unenroll with/without agent tamper protection enabled. Includes new methods and tasks to uninstall agent from host and unenroll agent from fleet. It uses API's to update agent policy (enable agent tamper protection) and unenroll agent for test performance purposes. --------- Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../public/management/cypress/cypress.d.ts | 14 + .../management/cypress/cypress_base.config.ts | 3 + .../unenroll_agent_from_fleet.cy.ts | 114 ++++++++ ...oll_agent_from_fleet_changing_policy.cy.ts | 175 ++++++++++++ .../uninstall_agent_from_host.cy.ts | 140 ++++++++++ ...tall_agent_from_host_changing_policy.cy.ts | 256 ++++++++++++++++++ .../cypress/support/agent_actions.ts | 90 ++++++ .../public/management/cypress/tasks/fleet.ts | 150 +++++++++- .../public/management/cypress/types.ts | 9 + 9 files changed, 950 insertions(+), 1 deletion(-) create mode 100644 x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/unenroll_agent_from_fleet.cy.ts create mode 100644 x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/unenroll_agent_from_fleet_changing_policy.cy.ts create mode 100644 x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/uninstall_agent_from_host.cy.ts create mode 100644 x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/uninstall_agent_from_host_changing_policy.cy.ts create mode 100644 x-pack/plugins/security_solution/public/management/cypress/support/agent_actions.ts diff --git a/x-pack/plugins/security_solution/public/management/cypress/cypress.d.ts b/x-pack/plugins/security_solution/public/management/cypress/cypress.d.ts index a4037e32632a5..bd4c34b36de59 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/cypress.d.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/cypress.d.ts @@ -22,6 +22,8 @@ import type { IndexEndpointHostsCyTaskOptions, LoadUserAndRoleCyTaskOptions, CreateUserAndRoleCyTaskOptions, + UninstallAgentFromHostTaskOptions, + IsAgentAndEndpointUninstalledFromHostTaskOptions, } from './types'; import type { DeleteIndexedFleetEndpointPoliciesResponse, @@ -203,6 +205,18 @@ declare global { arg: CreateUserAndRoleCyTaskOptions, options?: Partial ): Chainable; + + task( + name: 'uninstallAgentFromHost', + arg: UninstallAgentFromHostTaskOptions, + options?: Partial + ): Chainable; + + task( + name: 'isAgentAndEndpointUninstalledFromHost', + arg: IsAgentAndEndpointUninstalledFromHostTaskOptions, + options?: Partial + ): Chainable; } } } diff --git a/x-pack/plugins/security_solution/public/management/cypress/cypress_base.config.ts b/x-pack/plugins/security_solution/public/management/cypress/cypress_base.config.ts index e861c5927d3fd..f235600e40340 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/cypress_base.config.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/cypress_base.config.ts @@ -8,6 +8,7 @@ import { merge } from 'lodash'; import { dataLoaders, dataLoadersForRealEndpoints } from './support/data_loaders'; import { responseActionTasks } from './support/response_actions'; +import { agentActions } from './support/agent_actions'; export const getCypressBaseConfig = ( overrides: Cypress.ConfigOptions = {} @@ -66,6 +67,8 @@ export const getCypressBaseConfig = ( // Data loaders specific to "real" Endpoint testing dataLoadersForRealEndpoints(on, config); + agentActions(on); + responseActionTasks(on, config); // eslint-disable-next-line @typescript-eslint/no-var-requires diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/unenroll_agent_from_fleet.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/unenroll_agent_from_fleet.cy.ts new file mode 100644 index 0000000000000..cdcef05822594 --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/unenroll_agent_from_fleet.cy.ts @@ -0,0 +1,114 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { PolicyData } from '../../../../../common/endpoint/types'; +import type { CreateAndEnrollEndpointHostResponse } from '../../../../../scripts/endpoint/common/endpoint_host_services'; +import { waitForEndpointListPageToBeLoaded } from '../../tasks/response_console'; +import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; +import { + getEndpointIntegrationVersion, + createAgentPolicyTask, + enableAgentTamperProtectionFeatureFlagInPolicy, + unenrollAgent, +} from '../../tasks/fleet'; + +import { login } from '../../tasks/login'; +import { enableAllPolicyProtections } from '../../tasks/endpoint_policy'; +import { createEndpointHost } from '../../tasks/create_endpoint_host'; +import { deleteAllLoadedEndpointData } from '../../tasks/delete_all_endpoint_data'; + +describe('Unenroll agent from fleet', { tags: ['@ess'] }, () => { + let indexedPolicy: IndexedFleetEndpointPolicyResponse; + let policy: PolicyData; + let indexedPolicyWithAgentTamperEnabled: IndexedFleetEndpointPolicyResponse; + let policyWithAgentTamperProtectionEnabled: PolicyData; + + before(() => { + getEndpointIntegrationVersion().then((version) => { + createAgentPolicyTask(version).then((data) => { + indexedPolicy = data; + policy = indexedPolicy.integrationPolicies[0]; + return enableAllPolicyProtections(policy.id); + }); + createAgentPolicyTask(version).then((dataForProtectedPolicy) => { + indexedPolicyWithAgentTamperEnabled = dataForProtectedPolicy; + policyWithAgentTamperProtectionEnabled = + indexedPolicyWithAgentTamperEnabled.integrationPolicies[0]; + + return enableAgentTamperProtectionFeatureFlagInPolicy( + indexedPolicyWithAgentTamperEnabled.agentPolicies[0].id + ); + }); + }); + }); + beforeEach(() => { + login(); + }); + + after(() => { + if (indexedPolicy) { + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicy); + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicyWithAgentTamperEnabled); + } + }); + + describe('When agent tamper protection is disabled', () => { + let createdHost: CreateAndEnrollEndpointHostResponse; + + beforeEach(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policy.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + + afterEach(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + it('should unenroll from fleet without issues', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + unenrollAgent(createdHost.agentId).then((isUnenrolled) => { + expect(isUnenrolled).to.eql(true); + }); + }); + }); + + describe('When agent tamper protection is enabled', () => { + let createdHost: CreateAndEnrollEndpointHostResponse; + + beforeEach(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policyWithAgentTamperProtectionEnabled.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + + afterEach(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + it('should unenroll from fleet without issues', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + unenrollAgent(createdHost.agentId).then((isUnenrolled) => { + expect(isUnenrolled).to.eql(true); + }); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/unenroll_agent_from_fleet_changing_policy.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/unenroll_agent_from_fleet_changing_policy.cy.ts new file mode 100644 index 0000000000000..e4157f7b7eea7 --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/unenroll_agent_from_fleet_changing_policy.cy.ts @@ -0,0 +1,175 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { PolicyData } from '../../../../../common/endpoint/types'; +import type { CreateAndEnrollEndpointHostResponse } from '../../../../../scripts/endpoint/common/endpoint_host_services'; +import { waitForEndpointListPageToBeLoaded } from '../../tasks/response_console'; +import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; +import { + getEndpointIntegrationVersion, + createAgentPolicyTask, + enableAgentTamperProtectionFeatureFlagInPolicy, + unenrollAgent, + changeAgentPolicy, +} from '../../tasks/fleet'; + +import { login } from '../../tasks/login'; +import { enableAllPolicyProtections } from '../../tasks/endpoint_policy'; +import { createEndpointHost } from '../../tasks/create_endpoint_host'; +import { deleteAllLoadedEndpointData } from '../../tasks/delete_all_endpoint_data'; + +describe('Unenroll agent from fleet changing agent policy', { tags: ['@ess'] }, () => { + let indexedPolicy: IndexedFleetEndpointPolicyResponse; + let policy: PolicyData; + let indexedPolicyWithAgentTamperEnabled: IndexedFleetEndpointPolicyResponse; + let policyWithAgentTamperProtectionEnabled: PolicyData; + let secondIndexedPolicyWithAgentTamperEnabled: IndexedFleetEndpointPolicyResponse; + let secondPolicyWithAgentTamperProtectionEnabled: PolicyData; + + before(() => { + getEndpointIntegrationVersion().then((version) => { + createAgentPolicyTask(version).then((data) => { + indexedPolicy = data; + policy = indexedPolicy.integrationPolicies[0]; + return enableAllPolicyProtections(policy.id); + }); + createAgentPolicyTask(version).then((dataForProtectedPolicy) => { + indexedPolicyWithAgentTamperEnabled = dataForProtectedPolicy; + policyWithAgentTamperProtectionEnabled = + indexedPolicyWithAgentTamperEnabled.integrationPolicies[0]; + + return enableAgentTamperProtectionFeatureFlagInPolicy( + indexedPolicyWithAgentTamperEnabled.agentPolicies[0].id + ); + }); + createAgentPolicyTask(version).then((dataForProtectedPolicy) => { + secondIndexedPolicyWithAgentTamperEnabled = dataForProtectedPolicy; + secondPolicyWithAgentTamperProtectionEnabled = + secondIndexedPolicyWithAgentTamperEnabled.integrationPolicies[0]; + + return enableAgentTamperProtectionFeatureFlagInPolicy( + secondIndexedPolicyWithAgentTamperEnabled.agentPolicies[0].id + ); + }); + }); + }); + beforeEach(() => { + login(); + }); + + after(() => { + if (indexedPolicy) { + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicy); + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicyWithAgentTamperEnabled); + cy.task('deleteIndexedFleetEndpointPolicies', secondIndexedPolicyWithAgentTamperEnabled); + } + }); + + describe('When agent tamper protection is disabled but then is switched to a policy with it enabled', () => { + let createdHost: CreateAndEnrollEndpointHostResponse; + + beforeEach(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policy.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + + afterEach(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + it('should unenroll from fleet without issues', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + // Change agent policy and wait for action to be completed + changeAgentPolicy( + createdHost.agentId, + policyWithAgentTamperProtectionEnabled.policy_id, + 3 + ).then((hasChanged) => { + expect(hasChanged).to.eql(true); + unenrollAgent(createdHost.agentId).then((isUnenrolled) => { + expect(isUnenrolled).to.eql(true); + }); + }); + }); + }); + + describe('When agent tamper protection is enabled but then is switched to a policy with it disabled', () => { + let createdHost: CreateAndEnrollEndpointHostResponse; + + beforeEach(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policyWithAgentTamperProtectionEnabled.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + + afterEach(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + it('should unenroll from fleet without issues', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + // Change agent policy and wait for action to be completed + changeAgentPolicy(createdHost.agentId, policy.policy_id, 3).then((hasChanged) => { + expect(hasChanged).to.eql(true); + unenrollAgent(createdHost.agentId).then((isUnenrolled) => { + expect(isUnenrolled).to.eql(true); + }); + }); + }); + }); + + describe('When agent tamper protection is enabled but then is switched to a policy with it also enabled', () => { + let createdHost: CreateAndEnrollEndpointHostResponse; + + beforeEach(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policyWithAgentTamperProtectionEnabled.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + + afterEach(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + it('should unenroll from fleet without issues', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + // Change agent policy and wait for action to be completed + changeAgentPolicy( + createdHost.agentId, + secondPolicyWithAgentTamperProtectionEnabled.policy_id, + 3 + ).then((hasChanged) => { + expect(hasChanged).to.eql(true); + unenrollAgent(createdHost.agentId).then((isUnenrolled) => { + expect(isUnenrolled).to.eql(true); + }); + }); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/uninstall_agent_from_host.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/uninstall_agent_from_host.cy.ts new file mode 100644 index 0000000000000..778cc510e2a37 --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/uninstall_agent_from_host.cy.ts @@ -0,0 +1,140 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { PolicyData } from '../../../../../common/endpoint/types'; +import type { CreateAndEnrollEndpointHostResponse } from '../../../../../scripts/endpoint/common/endpoint_host_services'; +import { waitForEndpointListPageToBeLoaded } from '../../tasks/response_console'; +import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; +import { + getEndpointIntegrationVersion, + createAgentPolicyTask, + enableAgentTamperProtectionFeatureFlagInPolicy, + getUninstallToken, + isAgentAndEndpointUninstalledFromHost, + uninstallAgentFromHost, +} from '../../tasks/fleet'; + +import { login } from '../../tasks/login'; +import { enableAllPolicyProtections } from '../../tasks/endpoint_policy'; +import { createEndpointHost } from '../../tasks/create_endpoint_host'; +import { deleteAllLoadedEndpointData } from '../../tasks/delete_all_endpoint_data'; + +describe('Uninstall agent from host', { tags: ['@ess'] }, () => { + let indexedPolicy: IndexedFleetEndpointPolicyResponse; + let policy: PolicyData; + let indexedPolicyWithAgentTamperEnabled: IndexedFleetEndpointPolicyResponse; + let policyWithAgentTamperProtectionEnabled: PolicyData; + + before(() => { + getEndpointIntegrationVersion().then((version) => { + createAgentPolicyTask(version).then((data) => { + indexedPolicy = data; + policy = indexedPolicy.integrationPolicies[0]; + return enableAllPolicyProtections(policy.id); + }); + createAgentPolicyTask(version).then((dataForProtectedPolicy) => { + indexedPolicyWithAgentTamperEnabled = dataForProtectedPolicy; + policyWithAgentTamperProtectionEnabled = + indexedPolicyWithAgentTamperEnabled.integrationPolicies[0]; + + return enableAgentTamperProtectionFeatureFlagInPolicy( + indexedPolicyWithAgentTamperEnabled.agentPolicies[0].id + ); + }); + }); + }); + beforeEach(() => { + login(); + }); + + after(() => { + if (indexedPolicy) { + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicy); + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicyWithAgentTamperEnabled); + } + }); + + describe('When agent tamper protection is disabled', () => { + let createdHost: CreateAndEnrollEndpointHostResponse; + + beforeEach(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policy.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + + afterEach(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + it('should uninstall from host without issues', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + uninstallAgentFromHost(createdHost.hostname).then((response) => { + expect(response).to.not.match(/(.*)Invalid uninstall token(.*)/); + expect(response).to.match(/(.*)Elastic Agent has been uninstalled(.*)/); + isAgentAndEndpointUninstalledFromHost(createdHost.hostname).then((isUninstalled) => { + expect(isUninstalled).to.eql(true); + }); + }); + }); + }); + + describe('When agent tamper protection is enabled', () => { + let createdHost: CreateAndEnrollEndpointHostResponse; + + beforeEach(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policyWithAgentTamperProtectionEnabled.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + + afterEach(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + it('should not uninstall from host without the uninstall token', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + uninstallAgentFromHost(createdHost.hostname).then((response) => { + expect(response).to.match(/(.*)Invalid uninstall token(.*)/); + expect(response).to.not.match(/(.*)Elastic Agent has been uninstalled(.*)/); + isAgentAndEndpointUninstalledFromHost(createdHost.hostname).then((isUninstalled) => { + expect(isUninstalled).to.eql(false); + }); + }); + }); + + it('should uninstall from host with the uninstall token', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + getUninstallToken(policyWithAgentTamperProtectionEnabled.policy_id).then((uninstallToken) => { + uninstallAgentFromHost(createdHost.hostname, uninstallToken.body.item.token).then( + (response) => { + expect(response).to.not.match(/(.*)Invalid uninstall token(.*)/); + expect(response).to.match(/(.*)Elastic Agent has been uninstalled(.*)/); + + isAgentAndEndpointUninstalledFromHost(createdHost.hostname).then((isUninstalled) => { + expect(isUninstalled).to.eql(true); + }); + } + ); + }); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/uninstall_agent_from_host_changing_policy.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/uninstall_agent_from_host_changing_policy.cy.ts new file mode 100644 index 0000000000000..84a15051bd3c9 --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/tamper_protection/uninstall_agent_from_host_changing_policy.cy.ts @@ -0,0 +1,256 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { PolicyData } from '../../../../../common/endpoint/types'; +import type { CreateAndEnrollEndpointHostResponse } from '../../../../../scripts/endpoint/common/endpoint_host_services'; +import { waitForEndpointListPageToBeLoaded } from '../../tasks/response_console'; +import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; +import { + getEndpointIntegrationVersion, + createAgentPolicyTask, + enableAgentTamperProtectionFeatureFlagInPolicy, + getUninstallToken, + changeAgentPolicy, + isAgentAndEndpointUninstalledFromHost, + uninstallAgentFromHost, +} from '../../tasks/fleet'; + +import { login } from '../../tasks/login'; +import { enableAllPolicyProtections } from '../../tasks/endpoint_policy'; +import { createEndpointHost } from '../../tasks/create_endpoint_host'; +import { deleteAllLoadedEndpointData } from '../../tasks/delete_all_endpoint_data'; + +describe('Uninstall agent from host changing agent policy', { tags: ['@ess'] }, () => { + let indexedPolicy: IndexedFleetEndpointPolicyResponse; + let policy: PolicyData; + let indexedPolicyWithAgentTamperEnabled: IndexedFleetEndpointPolicyResponse; + let policyWithAgentTamperProtectionEnabled: PolicyData; + let secondIndexedPolicyWithAgentTamperEnabled: IndexedFleetEndpointPolicyResponse; + let secondPolicyWithAgentTamperProtectionEnabled: PolicyData; + + before(() => { + getEndpointIntegrationVersion().then((version) => { + createAgentPolicyTask(version).then((data) => { + indexedPolicy = data; + policy = indexedPolicy.integrationPolicies[0]; + return enableAllPolicyProtections(policy.id); + }); + createAgentPolicyTask(version).then((dataForProtectedPolicy) => { + indexedPolicyWithAgentTamperEnabled = dataForProtectedPolicy; + policyWithAgentTamperProtectionEnabled = + indexedPolicyWithAgentTamperEnabled.integrationPolicies[0]; + + return enableAgentTamperProtectionFeatureFlagInPolicy( + indexedPolicyWithAgentTamperEnabled.agentPolicies[0].id + ); + }); + createAgentPolicyTask(version).then((dataForProtectedPolicy) => { + secondIndexedPolicyWithAgentTamperEnabled = dataForProtectedPolicy; + secondPolicyWithAgentTamperProtectionEnabled = + secondIndexedPolicyWithAgentTamperEnabled.integrationPolicies[0]; + + return enableAgentTamperProtectionFeatureFlagInPolicy( + secondIndexedPolicyWithAgentTamperEnabled.agentPolicies[0].id + ); + }); + }); + }); + beforeEach(() => { + login(); + }); + + after(() => { + if (indexedPolicy) { + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicy); + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicyWithAgentTamperEnabled); + cy.task('deleteIndexedFleetEndpointPolicies', secondIndexedPolicyWithAgentTamperEnabled); + } + }); + + describe('When agent tamper protection is disabled but then is switched to a policy with it enabled', () => { + let createdHost: CreateAndEnrollEndpointHostResponse; + + beforeEach(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policy.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + + afterEach(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + it('should uninstall from host without issues', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + + // Change agent policy and wait for action to be completed + changeAgentPolicy( + createdHost.agentId, + policyWithAgentTamperProtectionEnabled.policy_id, + 3 + ).then((hasChanged) => { + expect(hasChanged).to.eql(true); + + // Try to uninstall agent from host without the uninstall token + uninstallAgentFromHost(createdHost.hostname).then((responseWithoutToken) => { + expect(responseWithoutToken).to.match(/(.*)Invalid uninstall token(.*)/); + expect(responseWithoutToken).to.not.match(/(.*)Elastic Agent has been uninstalled(.*)/); + isAgentAndEndpointUninstalledFromHost(createdHost.hostname).then( + (isUninstalledWithoutToken) => { + expect(isUninstalledWithoutToken).to.eql(false); + + // Get the uninstall token from that agent policy + getUninstallToken(policyWithAgentTamperProtectionEnabled.policy_id).then( + (uninstallToken) => { + // Try to uninstall agent from host using the retrieved uninstall token + uninstallAgentFromHost(createdHost.hostname, uninstallToken.body.item.token).then( + (responseWithToken) => { + expect(responseWithToken).to.not.match(/(.*)Invalid uninstall token(.*)/); + expect(responseWithToken).to.match( + /(.*)Elastic Agent has been uninstalled(.*)/ + ); + + isAgentAndEndpointUninstalledFromHost(createdHost.hostname).then( + (isUninstalledWithToken) => { + expect(isUninstalledWithToken).to.eql(true); + } + ); + } + ); + } + ); + } + ); + }); + }); + }); + }); + + describe('When agent tamper protection is enabled but then is switched to a policy with it disabled', () => { + let createdHost: CreateAndEnrollEndpointHostResponse; + + beforeEach(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policyWithAgentTamperProtectionEnabled.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + + afterEach(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + it('should uninstall from host without issues', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + + changeAgentPolicy(createdHost.agentId, policy.policy_id, 3).then((hasChanged) => { + expect(hasChanged).to.eql(true); + uninstallAgentFromHost(createdHost.hostname).then((responseWithoutToken) => { + expect(responseWithoutToken).to.not.match(/(.*)Invalid uninstall token(.*)/); + expect(responseWithoutToken).to.match(/(.*)Elastic Agent has been uninstalled(.*)/); + isAgentAndEndpointUninstalledFromHost(createdHost.hostname).then( + (isUninstalledWithoutToken) => { + expect(isUninstalledWithoutToken).to.eql(true); + } + ); + }); + }); + }); + }); + + describe('When agent tamper protection is enabled but then is switched to a policy with it also enabled', () => { + let createdHost: CreateAndEnrollEndpointHostResponse; + + beforeEach(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policyWithAgentTamperProtectionEnabled.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + + afterEach(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + it('should uninstall from host without issues', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + + // Change agent policy and wait for action to be completed + changeAgentPolicy( + createdHost.agentId, + secondPolicyWithAgentTamperProtectionEnabled.policy_id, + 3 + ).then((hasChanged) => { + expect(hasChanged).to.eql(true); + + // Get the uninstall token from old agent policy + getUninstallToken(policyWithAgentTamperProtectionEnabled.policy_id).then( + (oldUninstallToken) => { + // Try to uninstall agent from host using old retrieved uninstall token + uninstallAgentFromHost(createdHost.hostname, oldUninstallToken.body.item.token).then( + (responseWithOldToken) => { + expect(responseWithOldToken).to.match(/(.*)Invalid uninstall token(.*)/); + expect(responseWithOldToken).to.not.match( + /(.*)Elastic Agent has been uninstalled(.*)/ + ); + + isAgentAndEndpointUninstalledFromHost(createdHost.hostname).then( + (isUninstalledWithOldToken) => { + expect(isUninstalledWithOldToken).to.eql(false); + + // Get the uninstall token from new agent policy + getUninstallToken(secondPolicyWithAgentTamperProtectionEnabled.policy_id).then( + (newUninstallToken) => { + // Try to uninstall agent from host using new retrieved uninstall token + uninstallAgentFromHost( + createdHost.hostname, + newUninstallToken.body.item.token + ).then((responseWithNewToken) => { + expect(responseWithNewToken).to.not.match( + /(.*)Invalid uninstall token(.*)/ + ); + expect(responseWithNewToken).to.match( + /(.*)Elastic Agent has been uninstalled(.*)/ + ); + + isAgentAndEndpointUninstalledFromHost(createdHost.hostname).then( + (isUninstalledWithNewToken) => { + expect(isUninstalledWithNewToken).to.eql(true); + } + ); + }); + } + ); + } + ); + } + ); + } + ); + }); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/public/management/cypress/support/agent_actions.ts b/x-pack/plugins/security_solution/public/management/cypress/support/agent_actions.ts new file mode 100644 index 0000000000000..11a8b30a5e187 --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/cypress/support/agent_actions.ts @@ -0,0 +1,90 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +// / +import type { ExecaReturnValue } from 'execa'; +import execa from 'execa'; + +import { VAGRANT_CWD } from '../../../../scripts/endpoint/common/endpoint_host_services'; + +export const agentActions = (on: Cypress.PluginEvents): void => { + on('task', { + uninstallAgentFromHost: async ({ + hostname, + uninstallToken, + }: { + hostname: string; + uninstallToken?: string; + }): Promise => { + let result; + try { + if (process.env.CI) { + result = await execa( + 'vagrant', + [ + 'ssh', + '--', + `sudo elastic-agent uninstall -f ${ + uninstallToken ? `--uninstall-token ${uninstallToken}` : '' + }`, + ], + { + env: { + VAGRANT_CWD, + }, + } + ); + } else { + result = await execa(`multipass`, [ + 'exec', + hostname, + '--', + 'sh', + '-c', + `sudo elastic-agent uninstall -f ${ + uninstallToken ? `--uninstall-token ${uninstallToken}` : '' + }`, + ]); + } + } catch (err) { + return err.stderr; + } + return result.stdout; + }, + + isAgentAndEndpointUninstalledFromHost: async ({ + hostname, + }: { + hostname: string; + uninstallToken?: string; + }): Promise => { + let execaReturnValue: ExecaReturnValue; + if (process.env.CI) { + execaReturnValue = await execa('vagrant', ['ssh', '--', `ls /opt/Elastic`], { + env: { + VAGRANT_CWD, + }, + }); + } else { + execaReturnValue = await execa(`multipass`, [ + 'exec', + hostname, + '--', + 'sh', + '-c', + `ls /opt/Elastic`, + ]); + } + + if (execaReturnValue.stdout === '') { + return true; + } + + return false; + }, + }); +}; diff --git a/x-pack/plugins/security_solution/public/management/cypress/tasks/fleet.ts b/x-pack/plugins/security_solution/public/management/cypress/tasks/fleet.ts index bd6edbea158ce..8f1da4a0ec020 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/tasks/fleet.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/tasks/fleet.ts @@ -16,8 +16,16 @@ import { epmRouteService, packagePolicyRouteService, API_VERSIONS, + agentPolicyRouteService, } from '@kbn/fleet-plugin/common'; -import type { PutAgentReassignResponse } from '@kbn/fleet-plugin/common/types'; +import type { + GetOneAgentResponse, + PutAgentReassignResponse, + UpdateAgentPolicyResponse, +} from '@kbn/fleet-plugin/common/types'; +import { uninstallTokensRouteService } from '@kbn/fleet-plugin/common/services/routes'; +import type { GetUninstallTokensMetadataResponse } from '@kbn/fleet-plugin/common/types/rest_spec/uninstall_token'; +import type { UninstallToken } from '@kbn/fleet-plugin/common/types/models/uninstall_token'; import type { IndexedFleetEndpointPolicyResponse } from '../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; import { request } from './common'; @@ -83,3 +91,143 @@ export const createAgentPolicyTask = ( agentPolicyName: policyName, }); }; + +export const enableAgentTamperProtectionFeatureFlagInPolicy = (agentPolicyId: string) => { + return request({ + method: 'PUT', + url: agentPolicyRouteService.getUpdatePath(agentPolicyId), + body: { + name: `With agent tamper protection enabled ${Math.random().toString(36).substring(2, 7)}`, + agent_features: [{ name: 'tamper_protection', enabled: true }], // TODO: this can be removed once FF code is removed + is_protected: true, + description: 'test', + namespace: 'default', + monitoring_enabled: ['logs', 'metrics'], + inactivity_timeout: 1209600, + }, + headers: { 'Elastic-Api-Version': API_VERSIONS.public.v1 }, + }); +}; + +export const getUninstallToken = (agentPolicyId: string) => { + return request({ + method: 'GET', + url: `${uninstallTokensRouteService.getListPath()}?policyId=${agentPolicyId}`, + headers: { 'Elastic-Api-Version': API_VERSIONS.public.v1 }, + }).then((uninstallTokenResponse) => { + return request<{ item: UninstallToken }>({ + method: 'GET', + url: uninstallTokensRouteService.getInfoPath(uninstallTokenResponse.body.items[0].id), + headers: { 'Elastic-Api-Version': API_VERSIONS.public.v1 }, + }); + }); +}; + +export const unenrollAgent = (agentId: string): Cypress.Chainable => { + return request({ + method: 'POST', + url: agentRouteService.getUnenrollPath(agentId), + headers: { 'Elastic-Api-Version': API_VERSIONS.public.v1 }, + }).then(() => { + return waitForIsAgentUnenrolled(agentId); + }); +}; + +export const changeAgentPolicy = ( + agentId: string, + policyId: string, + policyRevision: number +): Cypress.Chainable => { + return request({ + method: 'POST', + url: agentRouteService.getReassignPath(agentId), + body: { + policy_id: policyId, + }, + headers: { 'Elastic-Api-Version': API_VERSIONS.public.v1 }, + }).then(() => { + return waitForHasAgentPolicyChanged(agentId, policyId, policyRevision); + }); +}; + +// only used in "real" endpoint tests not in mocked ones +export const uninstallAgentFromHost = ( + hostname: string, + uninstallToken?: string +): Cypress.Chainable => { + return cy.task('uninstallAgentFromHost', { + hostname, + uninstallToken, + }); +}; + +// only used in "real" endpoint tests not in mocked ones +export const isAgentAndEndpointUninstalledFromHost = ( + hostname: string +): Cypress.Chainable => { + return cy.task('isAgentAndEndpointUninstalledFromHost', { + hostname, + }); +}; + +const waitForIsAgentUnenrolled = (agentId: string): Cypress.Chainable => { + let isUnenrolled = false; + return cy + .waitUntil( + () => { + return request({ + method: 'GET', + url: agentRouteService.getInfoPath(agentId), + headers: { + 'elastic-api-version': API_VERSIONS.public.v1, + }, + }).then((response) => { + if (response.body.item.status === 'unenrolled' && !response.body.item.active) { + isUnenrolled = true; + return true; + } + + return false; + }); + }, + { timeout: 120000 } + ) + .then(() => { + return isUnenrolled; + }); +}; + +const waitForHasAgentPolicyChanged = ( + agentId: string, + policyId: string, + policyRevision: number +): Cypress.Chainable => { + let isPolicyUpdated = false; + return cy + .waitUntil( + () => { + return request({ + method: 'GET', + url: agentRouteService.getInfoPath(agentId), + headers: { + 'elastic-api-version': API_VERSIONS.public.v1, + }, + }).then((response) => { + if ( + response.body.item.status !== 'updating' && + response.body.item?.policy_revision === policyRevision && + response.body.item?.policy_id === policyId + ) { + isPolicyUpdated = true; + return true; + } + + return false; + }); + }, + { timeout: 120000 } + ) + .then(() => { + return isPolicyUpdated; + }); +}; diff --git a/x-pack/plugins/security_solution/public/management/cypress/types.ts b/x-pack/plugins/security_solution/public/management/cypress/types.ts index aee97723c7d51..6c5dae16100de 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/types.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/types.ts @@ -66,3 +66,12 @@ export interface LoadUserAndRoleCyTaskOptions { export interface CreateUserAndRoleCyTaskOptions { role: Role; } + +export interface UninstallAgentFromHostTaskOptions { + hostname: string; + uninstallToken: string; +} + +export interface IsAgentAndEndpointUninstalledFromHostTaskOptions { + hostname: string; +} From 6a97a4b6b866470620dfd37048b66162c886efd2 Mon Sep 17 00:00:00 2001 From: Walter Rafelsberger Date: Thu, 19 Oct 2023 13:45:18 +0200 Subject: [PATCH 31/50] [ML] Transform: Reenable/Fix cloning tests (#169072) ## Summary Fixes #165883. Reenables/fixes the cloning tests. Stabilises table assertions by bringing the code in line with the assertions done in the `ml` plugin (taken from here #141775). ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --- .../apps/transform/edit_clone/cloning.ts | 2 +- .../services/transform/transform_table.ts | 44 ++++++++++++++++--- 2 files changed, 38 insertions(+), 8 deletions(-) diff --git a/x-pack/test/functional/apps/transform/edit_clone/cloning.ts b/x-pack/test/functional/apps/transform/edit_clone/cloning.ts index 0ec4ef0b67b9e..caa6552024e14 100644 --- a/x-pack/test/functional/apps/transform/edit_clone/cloning.ts +++ b/x-pack/test/functional/apps/transform/edit_clone/cloning.ts @@ -190,7 +190,7 @@ export default function ({ getService }: FtrProviderContext) { const transform = getService('transform'); // Failing: See https://github.com/elastic/kibana/issues/165883 - describe.skip('cloning', function () { + describe('cloning', function () { const transformConfigWithPivot = getTransformConfig(); const transformConfigWithRuntimeMapping = getTransformConfigWithRuntimeMappings(); const transformConfigWithBoolFilterAgg = getTransformConfigWithBoolFilterAgg(); diff --git a/x-pack/test/functional/services/transform/transform_table.ts b/x-pack/test/functional/services/transform/transform_table.ts index 2af0d129ed51c..665b04b058106 100644 --- a/x-pack/test/functional/services/transform/transform_table.ts +++ b/x-pack/test/functional/services/transform/transform_table.ts @@ -7,6 +7,8 @@ import expect from '@kbn/expect'; +import { WebElementWrapper } from '../../../../../test/functional/services/lib/web_element_wrapper'; + import { FtrProviderContext } from '../../ftr_provider_context'; type TransformRowActionName = @@ -19,10 +21,11 @@ type TransformRowActionName = | 'Stop' | 'Reauthorize'; -export function TransformTableProvider({ getService }: FtrProviderContext) { +export function TransformTableProvider({ getPageObject, getService }: FtrProviderContext) { const find = getService('find'); const retry = getService('retry'); const testSubjects = getService('testSubjects'); + const commonPage = getPageObject('common'); const browser = getService('browser'); const ml = getService('ml'); @@ -89,20 +92,47 @@ export function TransformTableProvider({ getService }: FtrProviderContext) { await this.waitForRefreshButtonLoaded(); await testSubjects.click('~transformRefreshTransformListButton'); await this.waitForRefreshButtonLoaded(); - await this.waitForTransformsToLoad(); + await this.waitForTransformsTableToLoad(); + } + + public async waitForTransformsTableToStartLoading() { + await testSubjects.existOrFail(`~transformListTable`, { timeout: 60 * 1000 }); + + // After invoking an action that caused the table to start loading, the loading + // should start quickly after the table exists. Sometimes it is even so quick that + // the loading is already done when we try to check for it, so we're not failing + // in that case and just move on. + await testSubjects.exists(`transformListTable loading`, { timeout: 3 * 1000 }); } - public async waitForTransformsToLoad() { + public async waitForTransformsTableToLoad() { await testSubjects.existOrFail('~transformListTable', { timeout: 60 * 1000 }); await testSubjects.existOrFail('transformListTable loaded', { timeout: 30 * 1000 }); } - public async filterWithSearchString(filter: string, expectedRowCount: number = 1) { - await this.waitForTransformsToLoad(); + async getSearchInput(): Promise { const tableListContainer = await testSubjects.find('transformListTableContainer'); - const searchBarInput = await tableListContainer.findByClassName('euiFieldSearch'); + return await tableListContainer.findByClassName('euiFieldSearch'); + } + + public async assertSearchInputValue(expectedSearchValue: string) { + const searchBarInput = await this.getSearchInput(); + const actualSearchValue = await searchBarInput.getAttribute('value'); + expect(actualSearchValue).to.eql( + expectedSearchValue, + `Search input value should be '${expectedSearchValue}' (got '${actualSearchValue}')` + ); + } + + public async filterWithSearchString(filter: string, expectedRowCount: number = 1) { + await this.waitForTransformsTableToLoad(); + const searchBarInput = await this.getSearchInput(); await searchBarInput.clearValueWithKeyboard(); await searchBarInput.type(filter); + await commonPage.pressEnterKey(); + await this.assertSearchInputValue(filter); + await this.waitForTransformsTableToStartLoading(); + await this.waitForTransformsTableToLoad(); const rows = await this.parseTransformTable(); const filteredRows = rows.filter((row) => row.id === filter); @@ -113,7 +143,7 @@ export function TransformTableProvider({ getService }: FtrProviderContext) { } public async clearSearchString(expectedRowCount: number = 1) { - await this.waitForTransformsToLoad(); + await this.waitForTransformsTableToLoad(); const tableListContainer = await testSubjects.find('transformListTableContainer'); const searchBarInput = await tableListContainer.findByClassName('euiFieldSearch'); await searchBarInput.clearValueWithKeyboard(); From f931fd87917a52cda98d9532d7243556b35ffff8 Mon Sep 17 00:00:00 2001 From: Ignacio Rivas Date: Thu, 19 Oct 2023 13:45:42 +0200 Subject: [PATCH 32/50] [Index Management] Change default action for create enrich policy (#169336) --- .../enrich_policy_create/steps/create.tsx | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/x-pack/plugins/index_management/public/application/sections/enrich_policy_create/steps/create.tsx b/x-pack/plugins/index_management/public/application/sections/enrich_policy_create/steps/create.tsx index 5d50e0cc3edbe..d2226a0adf371 100644 --- a/x-pack/plugins/index_management/public/application/sections/enrich_policy_create/steps/create.tsx +++ b/x-pack/plugins/index_management/public/application/sections/enrich_policy_create/steps/create.tsx @@ -234,13 +234,13 @@ export const CreateStep = ({ onBack, onSubmit, isLoading }: Props) => { onSubmit(CREATE_AND_EXECUTE_POLICY)} + onClick={() => onSubmit()} isDisabled={isLoading} - data-test-subj="createAndExecuteButton" + data-test-subj="createButton" > @@ -249,13 +249,13 @@ export const CreateStep = ({ onBack, onSubmit, isLoading }: Props) => { onSubmit()} + onClick={() => onSubmit(CREATE_AND_EXECUTE_POLICY)} isDisabled={isLoading} - data-test-subj="createButton" + data-test-subj="createAndExecuteButton" >
From 7676cc4eb4a63eef661def685b498142f9cfa3cb Mon Sep 17 00:00:00 2001 From: Coen Warmer Date: Thu, 19 Oct 2023 14:17:25 +0200 Subject: [PATCH 33/50] Make sure ESLint that should only work on TSX are set to only trigger on TSX files (#169361) ## Summary This makes the newly created i18n ESLint rule actually activate on paths, and narrows the use of the Telemetry ESLint rule to only activate on .tsx files. This is done because the rule only makes sense in the context of JSX. ## More words Noticed that this: ``` 'x-pack/plugins/aiops/**/*.{tsx}', 'x-pack/plugins/apm/**/*.{tsx}', 'x-pack/plugins/exploratory_view/**/*.{tsx}', ``` does not work. This: ``` 'x-pack/plugins/aiops/**/*.tsx', 'x-pack/plugins/apm/**/*.tsx', 'x-pack/plugins/exploratory_view/**/*.tsx', ``` does. --- .eslintrc.js | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/.eslintrc.js b/.eslintrc.js index 700a9de2a5a76..bd34b1d915f74 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -910,17 +910,17 @@ module.exports = { }, { files: [ - 'x-pack/plugins/aiops/**/*.{js,mjs,ts,tsx}', - 'x-pack/plugins/apm/**/*.{js,mjs,ts,tsx}', - 'x-pack/plugins/exploratory_view/**/*.{js,mjs,ts,tsx}', - 'x-pack/plugins/infra/**/*.{js,mjs,ts,tsx}', - 'x-pack/plugins/observability/**/*.{js,mjs,ts,tsx}', - 'x-pack/plugins/observability_ai_assistant/**/*.{js,mjs,ts,tsx}', - 'x-pack/plugins/observability_onboarding/**/*.{js,mjs,ts,tsx}', - 'x-pack/plugins/observability_shared/**/*.{js,mjs,ts,tsx}', - 'x-pack/plugins/profiling/**/*.{js,mjs,ts,tsx}', - 'x-pack/plugins/synthetics/**/*.{js,mjs,ts,tsx}', - 'x-pack/plugins/ux/**/*.{js,mjs,ts,tsx}', + 'x-pack/plugins/aiops/**/*.tsx', + 'x-pack/plugins/apm/**/*.tsx', + 'x-pack/plugins/exploratory_view/**/*.tsx', + 'x-pack/plugins/infra/**/*.tsx', + 'x-pack/plugins/observability/**/*.tsx', + 'x-pack/plugins/observability_ai_assistant/**/*.tsx', + 'x-pack/plugins/observability_onboarding/**/*.tsx', + 'x-pack/plugins/observability_shared/**/*.tsx', + 'x-pack/plugins/profiling/**/*.tsx', + 'x-pack/plugins/synthetics/**/*.tsx', + 'x-pack/plugins/ux/**/*.tsx', ], rules: { '@kbn/telemetry/event_generating_elements_should_be_instrumented': 'error', @@ -928,17 +928,17 @@ module.exports = { }, { files: [ - 'x-pack/plugins/aiops/**/*.{tsx}', - 'x-pack/plugins/apm/**/*.{tsx}', - 'x-pack/plugins/exploratory_view/**/*.{tsx}', - 'x-pack/plugins/infra/**/*.{tsx}', - 'x-pack/plugins/observability/**/*.{tsx}', - 'x-pack/plugins/observability_ai_assistant/**/*.{tsx}', - 'x-pack/plugins/observability_onboarding/**/*.{tsx}', - 'x-pack/plugins/observability_shared/**/*.{tsx}', - 'x-pack/plugins/profiling/**/*.{tsx}', - 'x-pack/plugins/synthetics/**/*.{tsx}', - 'x-pack/plugins/ux/**/*.{tsx}', + 'x-pack/plugins/aiops/**/*.tsx', + 'x-pack/plugins/apm/**/*.tsx', + 'x-pack/plugins/exploratory_view/**/*.tsx', + 'x-pack/plugins/infra/**/*.tsx', + 'x-pack/plugins/observability/**/*.tsx', + 'x-pack/plugins/observability_ai_assistant/**/*.tsx', + 'x-pack/plugins/observability_onboarding/**/*.tsx', + 'x-pack/plugins/observability_shared/**/*.tsx', + 'x-pack/plugins/profiling/**/*.tsx', + 'x-pack/plugins/synthetics/**/*.tsx', + 'x-pack/plugins/ux/**/*.tsx', ], rules: { '@kbn/i18n/strings_should_be_translated_with_i18n': 'warn', From 60a41ae19b3c06ce4b9fe0ae12a3c962da60aceb Mon Sep 17 00:00:00 2001 From: Matthew Kime Date: Thu, 19 Oct 2023 07:50:02 -0500 Subject: [PATCH 34/50] [data views] Initial creation of abstract data views class (#161611) ## Summary Creation of `AbstractDataView` class which provides all functionality that doesn't expect a full field list upon object creation. The code remaining in the `DataView` class either loads the field list or depends upon the loaded field list. --------- Co-authored-by: Davis McPhee --- .../__snapshots__/field_editor.test.tsx.snap | 10 + .../field_editor/field_editor.test.tsx | 4 + .../components/field_editor/field_editor.tsx | 11 +- .../__snapshots__/data_view.test.ts.snap | 15 +- .../common/data_views/abstract_data_views.ts | 411 ++++++++++++++++++ .../common/data_views/data_view.test.ts | 30 +- .../data_views/common/data_views/data_view.ts | 382 ++-------------- .../scripted_fields/create_scripted_field.ts | 2 +- .../scripted_fields/delete_scripted_field.ts | 2 +- .../scripted_fields/put_scripted_field.ts | 8 +- .../scripted_fields/update_scripted_field.ts | 4 +- .../log_views/log_views_client.test.ts | 4 + 12 files changed, 504 insertions(+), 379 deletions(-) create mode 100644 src/plugins/data_views/common/data_views/abstract_data_views.ts diff --git a/src/plugins/data_view_management/public/components/field_editor/__snapshots__/field_editor.test.tsx.snap b/src/plugins/data_view_management/public/components/field_editor/__snapshots__/field_editor.test.tsx.snap index 32304ef596a72..5d67cd1e17608 100644 --- a/src/plugins/data_view_management/public/components/field_editor/__snapshots__/field_editor.test.tsx.snap +++ b/src/plugins/data_view_management/public/components/field_editor/__snapshots__/field_editor.test.tsx.snap @@ -31,6 +31,8 @@ exports[`FieldEditor should render create new scripted field correctly 1`] = ` }, "getFormatterForField": [Function], "getFormatterForFieldNoDefault": [Function], + "setFieldCustomLabel": [Function], + "upsertScriptedField": [Function], } } isVisible={false} @@ -285,6 +287,8 @@ exports[`FieldEditor should render edit scripted field correctly 1`] = ` }, "getFormatterForField": [Function], "getFormatterForFieldNoDefault": [Function], + "setFieldCustomLabel": [Function], + "upsertScriptedField": [Function], } } isVisible={false} @@ -538,6 +542,8 @@ exports[`FieldEditor should show conflict field warning 1`] = ` }, "getFormatterForField": [Function], "getFormatterForFieldNoDefault": [Function], + "setFieldCustomLabel": [Function], + "upsertScriptedField": [Function], } } isVisible={false} @@ -821,6 +827,8 @@ exports[`FieldEditor should show deprecated lang warning 1`] = ` }, "getFormatterForField": [Function], "getFormatterForFieldNoDefault": [Function], + "setFieldCustomLabel": [Function], + "upsertScriptedField": [Function], } } isVisible={false} @@ -1167,6 +1175,8 @@ exports[`FieldEditor should show multiple type field warning with a table contai }, "getFormatterForField": [Function], "getFormatterForFieldNoDefault": [Function], + "setFieldCustomLabel": [Function], + "upsertScriptedField": [Function], } } isVisible={false} diff --git a/src/plugins/data_view_management/public/components/field_editor/field_editor.test.tsx b/src/plugins/data_view_management/public/components/field_editor/field_editor.test.tsx index f3b533b7d8290..3ba5945e3e535 100644 --- a/src/plugins/data_view_management/public/components/field_editor/field_editor.test.tsx +++ b/src/plugins/data_view_management/public/components/field_editor/field_editor.test.tsx @@ -119,6 +119,10 @@ describe('FieldEditor', () => { fields, getFormatterForField: () => ({ params: () => ({}) }), getFormatterForFieldNoDefault: () => ({ params: () => ({}) }), + upsertScriptedField: () => undefined, + setFieldCustomLabel: (name: string, label: string) => { + indexPattern.fields.getByName(name)!.customLabel = label; + }, } as unknown as DataView; }); diff --git a/src/plugins/data_view_management/public/components/field_editor/field_editor.tsx b/src/plugins/data_view_management/public/components/field_editor/field_editor.tsx index 7b12aeda30609..b8d77c41a634c 100644 --- a/src/plugins/data_view_management/public/components/field_editor/field_editor.tsx +++ b/src/plugins/data_view_management/public/components/field_editor/field_editor.tsx @@ -822,16 +822,9 @@ export class FieldEditor extends PureComponent; + /** + * Prevents errors when index pattern exists before indices + */ + public readonly allowNoIndex: boolean = false; + /** + * Name of the data view. Human readable name used to differentiate data view. + */ + public name: string = ''; + + /* + * list of indices that the index pattern matched + */ + public matchedIndices: string[] = []; + + protected scriptedFields: DataViewFieldBase[]; + + constructor(config: AbstractDataViewDeps) { + const { spec = {}, fieldFormats, shortDotsEnable = false, metaFields = [] } = config; + + const extractedFieldAttrs = spec?.fields + ? Object.entries(spec.fields).reduce((acc, [key, value]) => { + const attrs: FieldAttrSet = {}; + let hasAttrs = false; + + if (value.count) { + attrs.count = value.count; + hasAttrs = true; + } + + if (value.customLabel) { + attrs.customLabel = value.customLabel; + hasAttrs = true; + } + + if (hasAttrs) { + acc[key] = attrs; + } + return acc; + }, {} as Record) + : []; + + this.allowNoIndex = spec?.allowNoIndex || false; + // CRUD operations on scripted fields need to be examined + this.scriptedFields = spec?.fields + ? Object.values(spec.fields).filter((field) => field.scripted) + : []; + + // set dependencies + this.fieldFormats = { ...fieldFormats }; + // set config + this.shortDotsEnable = shortDotsEnable; + this.metaFields = metaFields; + + // set values + this.id = spec.id; + this.fieldFormatMap = { ...spec.fieldFormats }; + + this.version = spec.version; + + this.title = spec.title || ''; + this.timeFieldName = spec.timeFieldName; + this.sourceFilters = [...(spec.sourceFilters || [])]; + this.type = spec.type; + this.typeMeta = spec.typeMeta; + this.fieldAttrs = cloneDeep(merge({}, extractedFieldAttrs, spec.fieldAttrs)) || {}; + this.runtimeFieldMap = cloneDeep(spec.runtimeFieldMap) || {}; + this.namespaces = spec.namespaces || []; + this.name = spec.name || ''; + } + + /** + * Get name of Data View + */ + getName = () => (this.name ? this.name : this.title); + + /** + * Get index pattern + * @returns index pattern string + */ + + getIndexPattern = () => this.title; + + /** + * Set index pattern + * @param string index pattern string + */ + + setIndexPattern = (indexPattern: string) => { + this.title = indexPattern; + }; + + /** + * Get last saved saved object fields + */ + getOriginalSavedObjectBody = () => ({ ...this.originalSavedObjectBody }); + + /** + * Reset last saved saved object fields. Used after saving. + */ + resetOriginalSavedObjectBody = () => { + this.originalSavedObjectBody = this.getAsSavedObjectBody(); + }; + + isPersisted() { + return typeof this.version === 'string'; + } + + /** + * Get the source filtering configuration for that index. + */ + getSourceFiltering() { + return { + excludes: (this.sourceFilters && this.sourceFilters.map((filter) => filter.value)) || [], + }; + } + + /** + * Get aggregation restrictions. Rollup fields can only perform a subset of aggregations. + */ + + getAggregationRestrictions() { + return this.typeMeta?.aggs; + } + + /** + * Provide a field, get its formatter + * @param field field to get formatter for + */ + getFormatterForField(field: DataViewField | DataViewField['spec']): FieldFormat { + const fieldFormat = this.getFormatterForFieldNoDefault(field.name); + if (fieldFormat) { + return fieldFormat; + } + + return this.fieldFormats.getDefaultInstance( + field.type as KBN_FIELD_TYPES, + field.esTypes as ES_FIELD_TYPES[] + ); + } + + /** + * Get formatter for a given field name. Return undefined if none exists. + * @param fieldname name of field to get formatter for + */ + getFormatterForFieldNoDefault(fieldname: string) { + const formatSpec = this.fieldFormatMap[fieldname]; + if (formatSpec?.id) { + return this.fieldFormats.getInstance(formatSpec.id, formatSpec.params); + } + } + + /** + * Set field attribute + * @param fieldName name of field to set attribute on + * @param attrName name of attribute to set + * @param value value of attribute + */ + + protected setFieldAttrs( + fieldName: string, + attrName: K, + value: FieldAttrSet[K] + ) { + if (!this.fieldAttrs[fieldName]) { + this.fieldAttrs[fieldName] = {} as FieldAttrSet; + } + this.fieldAttrs[fieldName][attrName] = value; + } + + /** + * Set field custom label + * @param fieldName name of field to set custom label on + * @param customLabel custom label value. If undefined, custom label is removed + */ + + protected setFieldCustomLabelInternal(fieldName: string, customLabel: string | undefined | null) { + this.setFieldAttrs(fieldName, 'customLabel', customLabel === null ? undefined : customLabel); + } + + /** + * Set field formatter + * @param fieldName name of field to set format on + * @param format field format in serialized form + */ + public readonly setFieldFormat = (fieldName: string, format: SerializedFieldFormat) => { + this.fieldFormatMap[fieldName] = format; + }; + + /** + * Remove field format from the field format map. + * @param fieldName field name associated with the format for removal + */ + + public readonly deleteFieldFormat = (fieldName: string) => { + delete this.fieldFormatMap[fieldName]; + }; + + /** + * Returns index pattern as saved object body for saving + */ + getAsSavedObjectBody(): DataViewAttributes { + const stringifyOrUndefined = (obj: any) => (obj ? JSON.stringify(obj) : undefined); + + return { + fieldAttrs: stringifyOrUndefined(this.fieldAttrs), + title: this.getIndexPattern(), + timeFieldName: this.timeFieldName, + sourceFilters: stringifyOrUndefined(this.sourceFilters), + fields: stringifyOrUndefined(this.scriptedFields), + fieldFormatMap: stringifyOrUndefined(this.fieldFormatMap), + type: this.type!, + typeMeta: stringifyOrUndefined(this.typeMeta), + allowNoIndex: this.allowNoIndex ? this.allowNoIndex : undefined, + runtimeFieldMap: stringifyOrUndefined(this.runtimeFieldMap), + name: this.name, + }; + } + + protected upsertScriptedFieldInternal = (field: FieldSpec) => { + // search for scriped field with same name + const findByName = (f: DataViewFieldBase) => f.name === field.name; + + const fieldIndex = findIndex(this.scriptedFields, findByName); + + const scriptedField: DataViewFieldBase = { + name: field.name, + script: field.script, + lang: field.lang, + type: field.type, + scripted: field.scripted, + }; + + if (fieldIndex === -1) { + this.scriptedFields.push(scriptedField); + } else { + this.scriptedFields[fieldIndex] = scriptedField; + } + }; + + protected deleteScriptedFieldInternal = (fieldName: string) => { + this.scriptedFields = this.scriptedFields.filter((field) => field.name !== fieldName); + }; + + /** + * Checks if runtime field exists + * @param name field name + */ + hasRuntimeField(name: string): boolean { + return !!this.runtimeFieldMap[name]; + } + + /** + * Returns runtime field if exists + * @param name Runtime field name + */ + getRuntimeField(name: string): RuntimeField | null { + if (!this.runtimeFieldMap[name]) { + return null; + } + + const { type, script, fields } = { ...this.runtimeFieldMap[name] }; + const runtimeField: RuntimeField = { + type, + script, + }; + + if (type === 'composite') { + runtimeField.fields = fields; + } + + return runtimeField; + } + + /** + * Get all runtime field definitions. + * NOTE: this does not strip out runtime fields that match mapped field names + * @returns map of runtime field definitions by field name + */ + + getAllRuntimeFields(): Record { + return Object.keys(this.runtimeFieldMap).reduce>( + (acc, fieldName) => ({ + ...acc, + [fieldName]: this.getRuntimeField(fieldName)!, + }), + {} + ); + } + + protected removeRuntimeFieldInteral(name: string) { + delete this.runtimeFieldMap[name]; + } + + protected addRuntimeFieldInteral(name: string, runtimeField: RuntimeField) { + this.runtimeFieldMap[name] = removeFieldAttrs(runtimeField); + } + + getFieldAttrs = () => cloneDeep(this.fieldAttrs); +} diff --git a/src/plugins/data_views/common/data_views/data_view.test.ts b/src/plugins/data_views/common/data_views/data_view.test.ts index 2f663ac480ba5..18ab045d81ddf 100644 --- a/src/plugins/data_views/common/data_views/data_view.test.ts +++ b/src/plugins/data_views/common/data_views/data_view.test.ts @@ -8,7 +8,7 @@ import { FieldFormat } from '@kbn/field-formats-plugin/common'; -import { RuntimeField, RuntimePrimitiveTypes, FieldSpec } from '../types'; +import { RuntimeField, RuntimePrimitiveTypes, FieldSpec, DataViewSpec } from '../types'; import { stubLogstashFields } from '../field.stub'; import { fieldFormatsMock } from '@kbn/field-formats-plugin/common/mocks'; import { CharacterNotAllowedInField } from '@kbn/kibana-utils-plugin/common'; @@ -41,7 +41,7 @@ const runtimeField = { fieldFormatsMock.getInstance = jest.fn().mockImplementation(() => new MockFieldFormatter()); // helper function to create index patterns -function create(id: string, spec?: object) { +function create(id: string, spec?: DataViewSpec) { const { type, version, @@ -315,11 +315,9 @@ describe('IndexPattern', () => { id: 'bytes', }); expect(field.customLabel).toEqual('custom name'); - expect(indexPattern.toSpec().fieldAttrs).toEqual({ - '@tags': { - customLabel: 'custom name', - count: 5, - }, + expect(indexPattern.toSpec().fieldAttrs!['@tags']).toEqual({ + customLabel: 'custom name', + count: 5, }); indexPattern.removeRuntimeField('@tags'); @@ -393,15 +391,13 @@ describe('IndexPattern', () => { expect(indexPattern.getRuntimeField('new_field')).toMatchSnapshot(); expect(indexPattern.toSpec()!.fields!['new_field.a']).toBeDefined(); expect(indexPattern.toSpec()!.fields!['new_field.b']).toBeDefined(); - expect(indexPattern.toSpec()!.fieldAttrs).toEqual({ - 'new_field.a': { - count: 3, - customLabel: 'custom name a', - }, - 'new_field.b': { - count: 4, - customLabel: 'custom name b', - }, + expect(indexPattern.toSpec().fieldAttrs!['new_field.a']).toEqual({ + count: 3, + customLabel: 'custom name a', + }); + expect(indexPattern.toSpec().fieldAttrs!['new_field.b']).toEqual({ + count: 4, + customLabel: 'custom name b', }); indexPattern.removeRuntimeField('new_field'); @@ -485,7 +481,7 @@ describe('IndexPattern', () => { }); test('creating from spec does not contain references to spec', () => { - const sourceFilters = ['test']; + const sourceFilters = [{ value: 'test' }]; const spec = { sourceFilters }; const dataView1 = create('test1', spec); const dataView2 = create('test2', spec); diff --git a/src/plugins/data_views/common/data_views/data_view.ts b/src/plugins/data_views/common/data_views/data_view.ts index ffda65af2a895..27681021757ff 100644 --- a/src/plugins/data_views/common/data_views/data_view.ts +++ b/src/plugins/data_views/common/data_views/data_view.ts @@ -7,31 +7,25 @@ */ import type * as estypes from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; -import type { DataViewBase } from '@kbn/es-query'; -import type { - FieldFormat, - FieldFormatsStartCommon, - SerializedFieldFormat, -} from '@kbn/field-formats-plugin/common'; -import { castEsToKbnFieldTypeName, ES_FIELD_TYPES, KBN_FIELD_TYPES } from '@kbn/field-types'; +import type { FieldFormatsStartCommon } from '@kbn/field-formats-plugin/common'; +import { castEsToKbnFieldTypeName } from '@kbn/field-types'; import { CharacterNotAllowedInField } from '@kbn/kibana-utils-plugin/common'; +import type { DataViewBase } from '@kbn/es-query'; import { cloneDeep, each, mapValues, omit, pickBy, reject } from 'lodash'; -import type { DataViewAttributes, FieldAttrs, FieldAttrSet } from '..'; import type { DataViewField, IIndexPatternFieldList } from '../fields'; import { fieldList } from '../fields'; import type { DataViewFieldMap, DataViewSpec, FieldConfiguration, - FieldFormatMap, RuntimeField, RuntimeFieldSpec, RuntimeType, - SourceFilter, - TypeMeta, + FieldSpec, } from '../types'; -import { flattenHitWrapper } from './flatten_hit'; import { removeFieldAttrs } from './utils'; +import { AbstractDataView } from './abstract_data_views'; +import { flattenHitWrapper } from './flatten_hit'; interface DataViewDeps { spec?: DataViewSpec; @@ -40,17 +34,6 @@ interface DataViewDeps { metaFields?: string[]; } -interface SavedObjectBody { - fieldAttrs?: string; - title?: string; - timeFieldName?: string; - fields?: string; - sourceFilters?: string; - fieldFormatMap?: string; - typeMeta?: string; - type?: string; -} - /** * An interface representing a data view that is time based. */ @@ -68,89 +51,15 @@ export interface TimeBasedDataView extends DataView { /** * Data view class. Central kibana abstraction around multiple indices. */ -export class DataView implements DataViewBase { - /** - * Saved object id - */ - public id?: string; - /** - * Title of data view - * @deprecated use getIndexPattern instead - */ - public title: string = ''; - /** - * Map of field formats by field name - */ - public fieldFormatMap: FieldFormatMap; - /** - * Only used by rollup indices, used by rollup specific endpoint to load field list. - */ - public typeMeta?: TypeMeta; +export class DataView extends AbstractDataView implements DataViewBase { /** * Field list, in extended array format */ public fields: IIndexPatternFieldList & { toSpec: () => DataViewFieldMap }; - /** - * Timestamp field name - */ - public timeFieldName: string | undefined; - /** - * Type is used to identify rollup index patterns. - */ - public type: string | undefined; /** * @deprecated Use `flattenHit` utility method exported from data plugin instead. */ public flattenHit: (hit: Record, deep?: boolean) => Record; - /** - * List of meta fields by name - */ - public metaFields: string[]; - /** - * SavedObject version - */ - public version: string | undefined; - /** - * Array of filters - hides fields in discover - */ - public sourceFilters?: SourceFilter[]; - /** - * Array of namespace ids - */ - public namespaces: string[]; - /** - * Original saved object body. Used to check for saved object changes. - */ - private originalSavedObjectBody: SavedObjectBody = {}; - /** - * Returns true if short dot notation is enabled - */ - private shortDotsEnable: boolean = false; - /** - * FieldFormats service interface - */ - private fieldFormats: FieldFormatsStartCommon; - /** - * Map of field attributes by field name. Currently count and customLabel. - */ - private fieldAttrs: FieldAttrs; - /** - * Map of runtime field definitions by field name - */ - private runtimeFieldMap: Record; - /** - * Prevents errors when index pattern exists before indices - */ - public readonly allowNoIndex: boolean = false; - /** - * Name of the data view. Human readable name used to differentiate data view. - */ - public name: string = ''; - - /* - * list of indices that the index pattern matched - */ - public matchedIndices: string[] = []; /** * constructor @@ -158,98 +67,16 @@ export class DataView implements DataViewBase { */ constructor(config: DataViewDeps) { - const { spec = {}, fieldFormats, shortDotsEnable = false, metaFields = [] } = config; - - // set dependencies - this.fieldFormats = { ...fieldFormats }; - // set config - this.shortDotsEnable = shortDotsEnable; - this.metaFields = metaFields; - // initialize functionality - this.fields = fieldList([], this.shortDotsEnable); + super(config); + const { spec = {}, metaFields } = config; + this.fields = fieldList([], this.shortDotsEnable); this.flattenHit = flattenHitWrapper(this, metaFields); // set values - this.id = spec.id; - this.fieldFormatMap = { ...spec.fieldFormats }; - - this.version = spec.version; - - this.title = spec.title || ''; - this.timeFieldName = spec.timeFieldName; - this.sourceFilters = [...(spec.sourceFilters || [])]; this.fields.replaceAll(Object.values(spec.fields || {})); - this.type = spec.type; - this.typeMeta = spec.typeMeta; - this.fieldAttrs = cloneDeep(spec.fieldAttrs) || {}; - this.allowNoIndex = spec.allowNoIndex || false; - this.runtimeFieldMap = cloneDeep(spec.runtimeFieldMap) || {}; - this.namespaces = spec.namespaces || []; - this.name = spec.name || ''; } - /** - * Get name of Data View - */ - getName = () => (this.name ? this.name : this.title); - - /** - * Get index pattern - * @returns index pattern string - */ - - getIndexPattern = () => this.title; - - /** - * Set index pattern - * @param string index pattern string - */ - - setIndexPattern = (indexPattern: string) => { - this.title = indexPattern; - }; - - /** - * Get last saved saved object fields - */ - getOriginalSavedObjectBody = () => ({ ...this.originalSavedObjectBody }); - - /** - * Reset last saved saved object fields. Used after saving. - */ - resetOriginalSavedObjectBody = () => { - this.originalSavedObjectBody = this.getAsSavedObjectBody(); - }; - - /** - * Returns field attributes map - */ - getFieldAttrs = () => { - const newFieldAttrs = { ...this.fieldAttrs }; - - this.fields.forEach((field) => { - const attrs: FieldAttrSet = {}; - let hasAttr = false; - if (field.customLabel) { - attrs.customLabel = field.customLabel; - hasAttr = true; - } - if (field.count) { - attrs.count = field.count; - hasAttr = true; - } - - if (hasAttr) { - newFieldAttrs[field.name] = attrs; - } else { - delete newFieldAttrs[field.name]; - } - }); - - return newFieldAttrs; - }; - /** * Returns scripted fields */ @@ -297,10 +124,6 @@ export class DataView implements DataViewBase { }; } - isPersisted() { - return typeof this.version === 'string'; - } - /** * Creates static representation of the data view. * @param includeFields Whether or not to include the `fields` list as part of this spec. If not included, the list @@ -312,6 +135,17 @@ export class DataView implements DataViewBase { ? this.fields.toSpec({ getFormatterForField: this.getFormatterForField.bind(this) }) : undefined; + // if fields aren't included, don't include count + const fieldAttrs = cloneDeep(this.fieldAttrs); + if (!includeFields) { + Object.keys(fieldAttrs).forEach((key) => { + delete fieldAttrs[key].count; + if (Object.keys(fieldAttrs[key]).length === 0) { + delete fieldAttrs[key]; + } + }); + } + const spec: DataViewSpec = { id: this.id, version: this.version, @@ -323,7 +157,7 @@ export class DataView implements DataViewBase { type: this.type, fieldFormats: { ...this.fieldFormatMap }, runtimeFieldMap: cloneDeep(this.runtimeFieldMap), - fieldAttrs: cloneDeep(this.fieldAttrs), + fieldAttrs, allowNoIndex: this.allowNoIndex, name: this.name, }; @@ -354,15 +188,6 @@ export class DataView implements DataViewBase { return dataViewSpec; } - /** - * Get the source filtering configuration for that index. - */ - getSourceFiltering() { - return { - excludes: (this.sourceFilters && this.sourceFilters.map((filter) => filter.value)) || [], - }; - } - /** * Removes scripted field from field list. * @param fieldName name of scripted field to remove @@ -370,9 +195,12 @@ export class DataView implements DataViewBase { */ removeScriptedField(fieldName: string) { + this.deleteScriptedFieldInternal(fieldName); const field = this.fields.getByName(fieldName); - if (field) { + if (field && field.scripted) { this.fields.remove(field); + } else { + throw new Error(`Scripted field ${fieldName} does not exist in data view ${this.getName()}`); } } @@ -434,52 +262,6 @@ export class DataView implements DataViewBase { return this.fields.getByName(name); } - /** - * Get aggregation restrictions. Rollup fields can only perform a subset of aggregations. - */ - - getAggregationRestrictions() { - return this.typeMeta?.aggs; - } - - /** - * Returns index pattern as saved object body for saving - */ - getAsSavedObjectBody(): DataViewAttributes { - const fieldAttrs = this.getFieldAttrs(); - const runtimeFieldMap = this.runtimeFieldMap; - - return { - fieldAttrs: fieldAttrs ? JSON.stringify(fieldAttrs) : undefined, - title: this.getIndexPattern(), - timeFieldName: this.timeFieldName, - sourceFilters: this.sourceFilters ? JSON.stringify(this.sourceFilters) : undefined, - fields: JSON.stringify(this.fields?.filter((field) => field.scripted) ?? []), - fieldFormatMap: this.fieldFormatMap ? JSON.stringify(this.fieldFormatMap) : undefined, - type: this.type!, - typeMeta: JSON.stringify(this.typeMeta ?? {}), - allowNoIndex: this.allowNoIndex ? this.allowNoIndex : undefined, - runtimeFieldMap: runtimeFieldMap ? JSON.stringify(runtimeFieldMap) : undefined, - name: this.name, - }; - } - - /** - * Provide a field, get its formatter - * @param field field to get formatter for - */ - getFormatterForField(field: DataViewField | DataViewField['spec']): FieldFormat { - const fieldFormat = this.getFormatterForFieldNoDefault(field.name); - if (fieldFormat) { - return fieldFormat; - } - - return this.fieldFormats.getDefaultInstance( - field.type as KBN_FIELD_TYPES, - field.esTypes as ES_FIELD_TYPES[] - ); - } - /** * Add a runtime field - Appended to existing mapped field or a new field is * created as appropriate. @@ -497,7 +279,7 @@ export class DataView implements DataViewBase { return this.addCompositeRuntimeField(name, runtimeField); } - this.runtimeFieldMap[name] = removeFieldAttrs(runtimeField); + this.addRuntimeFieldInteral(name, runtimeField); const field = this.updateOrAddRuntimeField( name, type, @@ -512,52 +294,6 @@ export class DataView implements DataViewBase { return [field]; } - /** - * Checks if runtime field exists - * @param name field name - */ - hasRuntimeField(name: string): boolean { - return !!this.runtimeFieldMap[name]; - } - - /** - * Returns runtime field if exists - * @param name Runtime field name - */ - getRuntimeField(name: string): RuntimeField | null { - if (!this.runtimeFieldMap[name]) { - return null; - } - - const { type, script, fields } = { ...this.runtimeFieldMap[name] }; - const runtimeField: RuntimeField = { - type, - script, - }; - - if (type === 'composite') { - runtimeField.fields = fields; - } - - return runtimeField; - } - - /** - * Get all runtime field definitions. - * NOTE: this does not strip out runtime fields that match mapped field names - * @returns map of runtime field definitions by field name - */ - - getAllRuntimeFields(): Record { - return Object.keys(this.runtimeFieldMap).reduce>( - (acc, fieldName) => ({ - ...acc, - [fieldName]: this.getRuntimeField(fieldName)!, - }), - {} - ); - } - /** * Returns data view fields backed by runtime fields. * @param name runtime field name @@ -624,7 +360,7 @@ export class DataView implements DataViewBase { this.fields.remove(field); }); } - delete this.runtimeFieldMap[name]; + this.removeRuntimeFieldInteral(name); } /** @@ -646,35 +382,6 @@ export class DataView implements DataViewBase { return records as estypes.MappingRuntimeFields; } - /** - * Get formatter for a given field name. Return undefined if none exists. - * @param fieldname name of field to get formatter for - */ - getFormatterForFieldNoDefault(fieldname: string) { - const formatSpec = this.fieldFormatMap[fieldname]; - if (formatSpec?.id) { - return this.fieldFormats.getInstance(formatSpec.id, formatSpec.params); - } - } - - /** - * Set field attribute - * @param fieldName name of field to set attribute on - * @param attrName name of attribute to set - * @param value value of attribute - */ - - protected setFieldAttrs( - fieldName: string, - attrName: K, - value: FieldAttrSet[K] - ) { - if (!this.fieldAttrs[fieldName]) { - this.fieldAttrs[fieldName] = {} as FieldAttrSet; - } - this.fieldAttrs[fieldName][attrName] = value; - } - /** * Set field custom label * @param fieldName name of field to set custom label on @@ -689,7 +396,7 @@ export class DataView implements DataViewBase { fieldObject.customLabel = newCustomLabel; } - this.setFieldAttrs(fieldName, 'customLabel', newCustomLabel); + this.setFieldCustomLabelInternal(fieldName, customLabel); } /** @@ -709,24 +416,6 @@ export class DataView implements DataViewBase { this.setFieldAttrs(fieldName, 'count', newCount); } - /** - * Set field formatter - * @param fieldName name of field to set format on - * @param format field format in serialized form - */ - public readonly setFieldFormat = (fieldName: string, format: SerializedFieldFormat) => { - this.fieldFormatMap[fieldName] = format; - }; - - /** - * Remove field format from the field format map. - * @param fieldName field name associated with the format for removal - */ - - public readonly deleteFieldFormat = (fieldName: string) => { - delete this.fieldFormatMap[fieldName]; - }; - private getMappedFieldNames() { return this.fields.getAll().reduce((acc, dataViewField) => { if (dataViewField.isMapped) { @@ -776,7 +465,7 @@ export class DataView implements DataViewBase { }) ); - this.runtimeFieldMap[name] = removeFieldAttrs(runtimeField); + this.addRuntimeFieldInteral(name, runtimeField); return dataViewFields; } @@ -826,4 +515,15 @@ export class DataView implements DataViewBase { return createdField ?? existingField!; } + + upsertScriptedField = (field: FieldSpec) => { + this.upsertScriptedFieldInternal(field); + const fieldExists = !!this.fields.getByName(field.name); + + if (fieldExists) { + this.fields.update(field); + } else { + this.fields.add(field); + } + }; } diff --git a/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/create_scripted_field.ts b/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/create_scripted_field.ts index d977333aab07e..ac33e1be0e4d3 100644 --- a/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/create_scripted_field.ts +++ b/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/create_scripted_field.ts @@ -76,7 +76,7 @@ export const registerCreateScriptedFieldRoute = ( throw new Error(`Field [name = ${field.name}] already exists.`); } - indexPattern.fields.add({ + indexPattern.upsertScriptedField({ ...field, runtimeField: undefined, aggregatable: true, diff --git a/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/delete_scripted_field.ts b/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/delete_scripted_field.ts index fc7dc17c69569..f631440544d48 100644 --- a/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/delete_scripted_field.ts +++ b/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/delete_scripted_field.ts @@ -79,7 +79,7 @@ export const registerDeleteScriptedFieldRoute = ( throw new Error('Only scripted fields can be deleted.'); } - indexPattern.fields.remove(field); + indexPattern.removeScriptedField(name); await indexPatternsService.updateSavedObject(indexPattern); diff --git a/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/put_scripted_field.ts b/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/put_scripted_field.ts index 868ec935e0f95..4d3e772bf8c8a 100644 --- a/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/put_scripted_field.ts +++ b/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/put_scripted_field.ts @@ -71,13 +71,7 @@ export const registerPutScriptedFieldRoute = ( } const indexPattern = await indexPatternsService.get(id); - - const oldFieldObject = indexPattern.fields.getByName(field.name); - if (!!oldFieldObject) { - indexPattern.fields.remove(oldFieldObject); - } - - indexPattern.fields.add({ + indexPattern.upsertScriptedField({ ...field, runtimeField: undefined, // make sure not creating runttime field with scripted field endpoint aggregatable: true, diff --git a/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/update_scripted_field.ts b/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/update_scripted_field.ts index aa52c0eea8c86..08b587e53003c 100644 --- a/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/update_scripted_field.ts +++ b/src/plugins/data_views/server/rest_api_routes/public/scripted_fields/update_scripted_field.ts @@ -104,10 +104,10 @@ export const registerUpdateScriptedFieldRoute = ( const oldSpec = fieldObject.toSpec(); - indexPattern.fields.remove(fieldObject); - indexPattern.fields.add({ + indexPattern.upsertScriptedField({ ...oldSpec, ...field, + name: field.name, }); await indexPatternsService.updateSavedObject(indexPattern); diff --git a/x-pack/plugins/logs_shared/server/services/log_views/log_views_client.test.ts b/x-pack/plugins/logs_shared/server/services/log_views/log_views_client.test.ts index 5efdf9e125deb..125167d6deea8 100644 --- a/x-pack/plugins/logs_shared/server/services/log_views/log_views_client.test.ts +++ b/x-pack/plugins/logs_shared/server/services/log_views/log_views_client.test.ts @@ -251,6 +251,7 @@ describe('LogViewsClient class', () => { "dataViewReference": DataView { "allowNoIndex": false, "deleteFieldFormat": [Function], + "deleteScriptedFieldInternal": [Function], "fieldAttrs": Object {}, "fieldFormatMap": Object {}, "fieldFormats": Object { @@ -296,6 +297,7 @@ describe('LogViewsClient class', () => { "type": "keyword", }, }, + "scriptedFields": Array [], "setFieldFormat": [Function], "setIndexPattern": [Function], "shortDotsEnable": false, @@ -304,6 +306,8 @@ describe('LogViewsClient class', () => { "title": "log-indices-*", "type": undefined, "typeMeta": undefined, + "upsertScriptedField": [Function], + "upsertScriptedFieldInternal": [Function], "version": "1", }, "description": "LOG VIEW DESCRIPTION", From e811b624ff5e706a283949a406af31bf090e963c Mon Sep 17 00:00:00 2001 From: "Christiane (Tina) Heiligers" Date: Thu, 19 Oct 2023 06:03:24 -0700 Subject: [PATCH 35/50] unskips application leave confirm & application deep links tests (#168741) fix https://github.com/elastic/kibana/issues/166838 fix https://github.com/elastic/kibana/issues/166893 fix https://github.com/elastic/kibana/issues/75963 I modified the deep links tests because the side nav was overlaying the in-app nav. While, theoretically, the side nav should work for the tests, it tends to be flaky. I added logs for the url so that if these tests do fail, we'll have a bit more data to go on for debugging. These tests pass on local test runs. latest flaky test runs (50): https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/3604 - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- test/functional/page_objects/common_page.ts | 13 ++- test/functional/services/apps_menu.ts | 1 + .../core_plugin_appleave/public/plugin.tsx | 8 +- .../public/application.tsx | 4 +- .../core_plugin_deep_links/public/plugin.tsx | 6 +- .../core_plugins/application_deep_links.ts | 30 ++++-- .../core_plugins/application_leave_confirm.ts | 92 ++++++++++++++++--- 7 files changed, 122 insertions(+), 32 deletions(-) diff --git a/test/functional/page_objects/common_page.ts b/test/functional/page_objects/common_page.ts index 9e48ac1ea7e36..215d552d07f7d 100644 --- a/test/functional/page_objects/common_page.ts +++ b/test/functional/page_objects/common_page.ts @@ -411,9 +411,18 @@ export class CommonPageObject extends FtrService { * Clicks cancel button on modal * @param overlayWillStay pass in true if your test will show multiple modals in succession */ - async clickCancelOnModal(overlayWillStay = true) { + async clickCancelOnModal(overlayWillStay = true, ignorePageLeaveWarning = false) { this.log.debug('Clicking modal cancel'); - await this.testSubjects.click('confirmModalCancelButton'); + await this.testSubjects.exists('confirmModalTitleText'); + + await this.retry.try(async () => { + const warning = await this.testSubjects.exists('confirmModalTitleText'); + if (warning) { + await this.testSubjects.click( + ignorePageLeaveWarning ? 'confirmModalConfirmButton' : 'confirmModalCancelButton' + ); + } + }); if (!overlayWillStay) { await this.ensureModalOverlayHidden(); } diff --git a/test/functional/services/apps_menu.ts b/test/functional/services/apps_menu.ts index 9fb8e36476f3e..0f63166477883 100644 --- a/test/functional/services/apps_menu.ts +++ b/test/functional/services/apps_menu.ts @@ -59,6 +59,7 @@ export class AppsMenuService extends FtrService { if (!(await this.testSubjects.exists('collapsibleNav'))) { await this.testSubjects.click('toggleNavButton'); } + await this.testSubjects.exists('collapsibleNav'); } /** diff --git a/test/plugin_functional/plugins/core_plugin_appleave/public/plugin.tsx b/test/plugin_functional/plugins/core_plugin_appleave/public/plugin.tsx index aab64fc657696..a5107a375d8a0 100644 --- a/test/plugin_functional/plugins/core_plugin_appleave/public/plugin.tsx +++ b/test/plugin_functional/plugins/core_plugin_appleave/public/plugin.tsx @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -import { Plugin, CoreSetup } from '@kbn/core/public'; +import { Plugin, CoreSetup, DEFAULT_APP_CATEGORIES } from '@kbn/core/public'; export class CoreAppLeavePlugin implements Plugin @@ -15,6 +15,8 @@ export class CoreAppLeavePlugin core.application.register({ id: 'appleave1', title: 'AppLeave 1', + appRoute: '/app/appleave1', + category: DEFAULT_APP_CATEGORIES.kibana, async mount(params) { const { renderApp } = await import('./application'); params.onAppLeave((actions) => actions.confirm('confirm-message', 'confirm-title')); @@ -24,9 +26,11 @@ export class CoreAppLeavePlugin core.application.register({ id: 'appleave2', title: 'AppLeave 2', + appRoute: '/app/appleave2', + category: DEFAULT_APP_CATEGORIES.kibana, async mount(params) { const { renderApp } = await import('./application'); - params.onAppLeave((actions) => actions.default()); + params.onAppLeave((actions) => actions.confirm('confirm-message', 'confirm-title')); return renderApp('AppLeave 2', params); }, }); diff --git a/test/plugin_functional/plugins/core_plugin_deep_links/public/application.tsx b/test/plugin_functional/plugins/core_plugin_deep_links/public/application.tsx index 345ffbd5b47d2..d816254dbf39b 100644 --- a/test/plugin_functional/plugins/core_plugin_deep_links/public/application.tsx +++ b/test/plugin_functional/plugins/core_plugin_deep_links/public/application.tsx @@ -50,7 +50,7 @@ const PageA = () => ( -

DL Page A

+

DL page A

@@ -70,7 +70,7 @@ const PageB = () => ( -

DL Page B

+

DL page B

diff --git a/test/plugin_functional/plugins/core_plugin_deep_links/public/plugin.tsx b/test/plugin_functional/plugins/core_plugin_deep_links/public/plugin.tsx index f7e3102f0b230..2c1af49e7eb6b 100644 --- a/test/plugin_functional/plugins/core_plugin_deep_links/public/plugin.tsx +++ b/test/plugin_functional/plugins/core_plugin_deep_links/public/plugin.tsx @@ -29,7 +29,7 @@ export class CorePluginDeepLinksPlugin }, { id: 'pageA', - title: 'DL Page A', + title: 'DL page A', path: '/page-a', navLinkStatus: AppNavLinkStatus.visible, }, @@ -39,7 +39,7 @@ export class CorePluginDeepLinksPlugin deepLinks: [ { id: 'pageB', - title: 'DL Page B', + title: 'DL page B', path: '/page-b', navLinkStatus: AppNavLinkStatus.visible, }, @@ -47,7 +47,7 @@ export class CorePluginDeepLinksPlugin }, { id: 'pageC', - title: 'DL Page C', + title: 'DL page C', path: '/page-c', // navLinkStatus hidden by default }, diff --git a/test/plugin_functional/test_suites/core_plugins/application_deep_links.ts b/test/plugin_functional/test_suites/core_plugins/application_deep_links.ts index 8d558dafa68f5..98a824c007a62 100644 --- a/test/plugin_functional/test_suites/core_plugins/application_deep_links.ts +++ b/test/plugin_functional/test_suites/core_plugins/application_deep_links.ts @@ -18,6 +18,7 @@ export default function ({ getService, getPageObjects }: PluginFunctionalProvide const testSubjects = getService('testSubjects'); const retry = getService('retry'); const esArchiver = getService('esArchiver'); + const log = getService('log'); const loadingScreenNotShown = async () => expect(await testSubjects.exists('kbnLoadingMessage')).to.be(false); @@ -35,12 +36,20 @@ export default function ({ getService, getPageObjects }: PluginFunctionalProvide const waitForUrlToBe = (pathname?: string, search?: string) => { const expectedUrl = getKibanaUrl(pathname, search); return retry.waitFor(`Url to be ${expectedUrl}`, async () => { - return (await browser.getCurrentUrl()) === expectedUrl; + const currentUrl = await browser.getCurrentUrl(); + log?.debug(`waiting for currentUrl ${currentUrl} to be expectedUrl ${expectedUrl}`); + return currentUrl === expectedUrl; }); }; - // Failing: See https://github.com/elastic/kibana/issues/166893 - describe.skip('application deep links navigation', function describeDeepLinksTests() { + const navigateToAppLinks = async (subject: string) => { + if (!(await testSubjects.exists(subject))) { + log.debug(`side nav in app not in DOM`); + } + await testSubjects.click(subject); + }; + + describe('application deep links navigation', function describeDeepLinksTests() { before(async () => { await esArchiver.emptyKibanaIndex(); await PageObjects.common.navigateToApp('dl'); @@ -51,28 +60,29 @@ export default function ({ getService, getPageObjects }: PluginFunctionalProvide }); it('should navigate to page A when navlink is clicked', async () => { - await appsMenu.clickLink('DL Page A'); + await navigateToAppLinks('dlNavPageA'); await waitForUrlToBe('/app/dl/page-a'); await loadingScreenNotShown(); - await testSubjects.existOrFail('dlAppPageA'); + await testSubjects.existOrFail('dlNavPageA'); }); it('should be able to use the back button to navigate back to previous deep link', async () => { await browser.goBack(); await waitForUrlToBe('/app/dl/home'); await loadingScreenNotShown(); - await testSubjects.existOrFail('dlAppHome'); + await testSubjects.existOrFail('dlNavHome'); }); it('should navigate to nested page B when navlink is clicked', async () => { - await appsMenu.clickLink('DL Page B'); + await navigateToAppLinks('dlNavDeepPageB'); await waitForUrlToBe('/app/dl/page-b'); await loadingScreenNotShown(); - await testSubjects.existOrFail('dlAppPageB'); + await testSubjects.existOrFail('dlNavDeepPageB'); }); it('should navigate to Home when navlink is clicked inside the defined category group', async () => { await appsMenu.clickLink('DL Home', { category: 'securitySolution' }); + await navigateToAppLinks('dlAppHome'); await waitForUrlToBe('/app/dl/home'); await loadingScreenNotShown(); await testSubjects.existOrFail('dlAppHome'); @@ -82,14 +92,14 @@ export default function ({ getService, getPageObjects }: PluginFunctionalProvide await testSubjects.click('dlNavDeepPageB'); await waitForUrlToBe('/app/dl/page-b'); await loadingScreenNotShown(); - await testSubjects.existOrFail('dlAppPageB'); + await testSubjects.existOrFail('dlNavDeepPageB'); }); it('should navigate to nested page A using navigateToApp deepLinkId', async () => { await testSubjects.click('dlNavDeepPageAById'); await waitForUrlToBe('/app/dl/page-a'); await loadingScreenNotShown(); - await testSubjects.existOrFail('dlAppPageA'); + await testSubjects.existOrFail('dlNavPageA'); }); it('should not display hidden deep links', async () => { diff --git a/test/plugin_functional/test_suites/core_plugins/application_leave_confirm.ts b/test/plugin_functional/test_suites/core_plugins/application_leave_confirm.ts index 987796be3a6a7..4d0f837108b73 100644 --- a/test/plugin_functional/test_suites/core_plugins/application_leave_confirm.ts +++ b/test/plugin_functional/test_suites/core_plugins/application_leave_confirm.ts @@ -6,8 +6,8 @@ * Side Public License, v 1. */ -import url from 'url'; import expect from '@kbn/expect'; +import url from 'url'; import { PluginFunctionalProviderContext } from '../../services'; const getKibanaUrl = (pathname?: string, search?: string) => @@ -20,30 +20,96 @@ const getKibanaUrl = (pathname?: string, search?: string) => }); export default function ({ getService, getPageObjects }: PluginFunctionalProviderContext) { - const PageObjects = getPageObjects(['common']); + const PageObjects = getPageObjects(['common', 'header']); const browser = getService('browser'); const appsMenu = getService('appsMenu'); + const log = getService('log'); + const retry = getService('retry'); const testSubjects = getService('testSubjects'); + const config = getService('config'); + + const waitForUrlToBe = async (pathname?: string, search?: string) => { + const expectedUrl = getKibanaUrl(pathname, search); + return await retry.waitFor(`Url to be ${expectedUrl}`, async () => { + const currentUrl = await browser.getCurrentUrl(); + log.debug(`waiting for currentUrl ${currentUrl} to be expectedUrl ${expectedUrl}`); + return currentUrl === expectedUrl; + }); + }; + + const ensureModalOpen = async ( + defaultTryTimeout: number, + attempts: number, + timeMultiplier: number, + action: 'cancel' | 'confirm', + linkText: string = 'home' + ): Promise => { + let isConfirmCancelModalOpenState = false; - // Failing: See https://github.com/elastic/kibana/issues/75963 - // Failing: See https://github.com/elastic/kibana/issues/166838 - describe.skip('application using leave confirmation', () => { + await retry.tryForTime(defaultTryTimeout * timeMultiplier, async () => { + await appsMenu.clickLink(linkText); + isConfirmCancelModalOpenState = await testSubjects.exists('confirmModalTitleText', { + allowHidden: true, + timeout: defaultTryTimeout * timeMultiplier, + }); + }); + if (isConfirmCancelModalOpenState) { + log.debug(`defaultTryTimeout * ${timeMultiplier} is long enough`); + return action === 'cancel' + ? await PageObjects.common.clickCancelOnModal(true, false) + : await PageObjects.common.clickConfirmOnModal(); + } else { + log.debug(`defaultTryTimeout * ${timeMultiplier} is not long enough`); + return await ensureModalOpen( + defaultTryTimeout, + (attempts = attempts > 0 ? attempts - 1 : 0), + (timeMultiplier = timeMultiplier < 10 ? timeMultiplier + 1 : 10), + action, + linkText + ); + } + }; + + describe('application using leave confirmation', () => { + const defaultTryTimeout = config.get('timeouts.try'); + const attempts = 5; describe('when navigating to another app', () => { + const timeMultiplier = 10; + beforeEach(async () => { + await PageObjects.common.navigateToApp('home'); + }); it('prevents navigation if user click cancel on the confirmation dialog', async () => { await PageObjects.common.navigateToApp('appleave1'); - await appsMenu.clickLink('AppLeave 2'); + await PageObjects.header.waitUntilLoadingHasFinished(); + await waitForUrlToBe('/app/appleave1'); - await testSubjects.existOrFail('appLeaveConfirmModal'); - await PageObjects.common.clickCancelOnModal(false); - expect(await browser.getCurrentUrl()).to.eql(getKibanaUrl('/app/appleave1')); + await ensureModalOpen(defaultTryTimeout, attempts, timeMultiplier, 'cancel', 'AppLeave 2'); + await PageObjects.header.waitUntilLoadingHasFinished(); + await retry.waitFor('navigate to appleave1', async () => { + const currentUrl = await browser.getCurrentUrl(); + log.debug(`currentUrl ${currentUrl}`); + return currentUrl.includes('appleave1'); + }); + const currentUrl = await browser.getCurrentUrl(); + expect(currentUrl).to.contain('appleave1'); + await PageObjects.common.navigateToApp('home'); }); + it('allows navigation if user click confirm on the confirmation dialog', async () => { await PageObjects.common.navigateToApp('appleave1'); - await appsMenu.clickLink('AppLeave 2'); + await PageObjects.header.waitUntilLoadingHasFinished(); + await waitForUrlToBe('/app/appleave1'); - await testSubjects.existOrFail('appLeaveConfirmModal'); - await PageObjects.common.clickConfirmOnModal(); - expect(await browser.getCurrentUrl()).to.eql(getKibanaUrl('/app/appleave2')); + await ensureModalOpen(defaultTryTimeout, attempts, timeMultiplier, 'confirm', 'AppLeave 2'); + await PageObjects.header.waitUntilLoadingHasFinished(); + await retry.waitFor('navigate to appleave1', async () => { + const currentUrl = await browser.getCurrentUrl(); + log.debug(`currentUrl ${currentUrl}`); + return currentUrl.includes('appleave2'); + }); + const currentUrl = await browser.getCurrentUrl(); + expect(currentUrl).to.contain('appleave2'); + await PageObjects.common.navigateToApp('home'); }); }); }); From edb676306e92659959a4f923d31750863f6ee185 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Efe=20G=C3=BCrkan=20YALAMAN?= Date: Thu, 19 Oct 2023 15:27:27 +0200 Subject: [PATCH 36/50] [Enterprise Search] Update Auth realm text for Enterprise Search. (#169359) ## Summary Update misleading text for Authentication issues. ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) --- .../shared/error_state/error_state_prompt.tsx | 10 ++-------- x-pack/plugins/translations/translations/fr-FR.json | 2 -- x-pack/plugins/translations/translations/ja-JP.json | 2 -- x-pack/plugins/translations/translations/zh-CN.json | 2 -- 4 files changed, 2 insertions(+), 14 deletions(-) diff --git a/x-pack/plugins/enterprise_search/public/applications/shared/error_state/error_state_prompt.tsx b/x-pack/plugins/enterprise_search/public/applications/shared/error_state/error_state_prompt.tsx index 2776b5292e756..b78fed89b557f 100644 --- a/x-pack/plugins/enterprise_search/public/applications/shared/error_state/error_state_prompt.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/shared/error_state/error_state_prompt.tsx @@ -161,14 +161,8 @@ const nonCloudError = () => {
  • -
  • -
  • -
diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json index 44c924ae33673..f12c565dc7293 100644 --- a/x-pack/plugins/translations/translations/fr-FR.json +++ b/x-pack/plugins/translations/translations/fr-FR.json @@ -14070,8 +14070,6 @@ "xpack.enterpriseSearch.errorConnectingState.setupGuideCta": "Consulter le guide de configuration", "xpack.enterpriseSearch.errorConnectingState.title": "Impossible d'établir une connexion", "xpack.enterpriseSearch.errorConnectingState.troubleshootAuth": "Vérifiez votre authentification utilisateur :", - "xpack.enterpriseSearch.errorConnectingState.troubleshootAuthNative": "Vous devez vous authentifier à l'aide d'une authentification native d'Elasticsearch, de SSO/SAML ou d'OpenID Connect.", - "xpack.enterpriseSearch.errorConnectingState.troubleshootAuthSAML": "Si vous utilisez un fournisseur de SSO externe, tel que SAML ou OpenID Connect, votre domaine SAML/OIDC doit également être configuré sur Enterprise Search.", "xpack.enterpriseSearch.aiSearch.description": "Le kit d’outils permettant aux développeurs de créer des applications d’IA optimisées pour la recherche à l’aide de la plateforme Elastic.", "xpack.enterpriseSearch.aiSearch.elser.description.elserLinkText": "Elastic Learned Sparse Encoder v2", "xpack.enterpriseSearch.aiSearch.elserAccordion.description": "Fonctionnalités de recherche sémantique instantanée", diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 6c2a4d6e6d279..a08fadcf5bebc 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -14084,8 +14084,6 @@ "xpack.enterpriseSearch.errorConnectingState.setupGuideCta": "セットアップガイドを確認", "xpack.enterpriseSearch.errorConnectingState.title": "接続できません", "xpack.enterpriseSearch.errorConnectingState.troubleshootAuth": "ユーザー認証を確認してください。", - "xpack.enterpriseSearch.errorConnectingState.troubleshootAuthNative": "Elasticsearchネイティブ認証、SSO/SAML、またはOpenID Connectを使用して認証する必要があります。", - "xpack.enterpriseSearch.errorConnectingState.troubleshootAuthSAML": "SAMLやOpenID Connectなどの外部SSOプロバイダーを使用している場合は、エンタープライズ サーチでSAML/OIDCレルムを設定できる必要があります。", "xpack.enterpriseSearch.aiSearch.description": "開発者がElasticプラットフォームを使ってAI検索エンジンを搭載したアプリケーションを構築するためのツールキット。", "xpack.enterpriseSearch.aiSearch.elser.description.elserLinkText": "Elastic Learned Sparse Encoder v2", "xpack.enterpriseSearch.aiSearch.elserAccordion.description": "即時セマンティック検索機能", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 9eb8008a7f19d..cdcbd17d43d3f 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -14084,8 +14084,6 @@ "xpack.enterpriseSearch.errorConnectingState.setupGuideCta": "阅读设置指南", "xpack.enterpriseSearch.errorConnectingState.title": "无法连接", "xpack.enterpriseSearch.errorConnectingState.troubleshootAuth": "检查您的用户身份验证:", - "xpack.enterpriseSearch.errorConnectingState.troubleshootAuthNative": "必须使用 Elasticsearch 本机身份验证、SSO/SAML 或 OpenID Connect 执行身份验证。", - "xpack.enterpriseSearch.errorConnectingState.troubleshootAuthSAML": "如果使用外部 SSO 提供程序,如 SAML 或 OpenID Connect,还必须在 Enterprise Search 上设置 SAML/OIDC Realm。", "xpack.enterpriseSearch.aiSearch.description": "工具套件,供开发者使用 Elastic 平台构建 AI 搜索驱动型应用程序。", "xpack.enterpriseSearch.aiSearch.elser.description.elserLinkText": "Elastic Learned Sparse Encoder v2", "xpack.enterpriseSearch.aiSearch.elserAccordion.description": "即时语义搜索功能", From 6f8f0b696b58404359d2b870877201b1159b8f8f Mon Sep 17 00:00:00 2001 From: Jon Date: Thu, 19 Oct 2023 08:31:51 -0500 Subject: [PATCH 37/50] [ci] Add image for kibana-serverless:latest (#169144) After creating a new serverless image off the main branch, in addition to pushing an image tagged with `git-` this also pushes `docker.elastic.co/kibana-ci/kibana-serverless:latest`. --- .../scripts/steps/artifacts/docker_image.sh | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/.buildkite/scripts/steps/artifacts/docker_image.sh b/.buildkite/scripts/steps/artifacts/docker_image.sh index 6a0c23384ef65..85df443af08b5 100755 --- a/.buildkite/scripts/steps/artifacts/docker_image.sh +++ b/.buildkite/scripts/steps/artifacts/docker_image.sh @@ -13,7 +13,8 @@ else KIBANA_IMAGE_TAG="pr-$BUILDKITE_PULL_REQUEST-$GIT_ABBREV_COMMIT" fi -KIBANA_IMAGE="docker.elastic.co/kibana-ci/kibana-serverless:$KIBANA_IMAGE_TAG" +KIBANA_BASE_IMAGE="docker.elastic.co/kibana-ci/kibana-serverless" +KIBANA_IMAGE="$KIBANA_BASE_IMAGE:$KIBANA_IMAGE_TAG" echo "--- Verify manifest does not already exist" echo "$KIBANA_DOCKER_PASSWORD" | docker login -u "$KIBANA_DOCKER_USERNAME" --password-stdin docker.elastic.co @@ -51,14 +52,21 @@ echo "--- Push images" docker image push "$KIBANA_IMAGE-arm64" docker image push "$KIBANA_IMAGE-amd64" -echo "--- Create manifest" +echo "--- Create and push manifests" docker manifest create \ "$KIBANA_IMAGE" \ --amend "$KIBANA_IMAGE-arm64" \ --amend "$KIBANA_IMAGE-amd64" - -echo "--- Push manifest" docker manifest push "$KIBANA_IMAGE" + +if [[ "$BUILDKITE_BRANCH" == "$KIBANA_BASE_BRANCH" ]] && [[ "${BUILDKITE_PULL_REQUEST:-false}" == "false" ]]; then + docker manifest create \ + "$KIBANA_BASE_IMAGE:latest" \ + --amend "$KIBANA_IMAGE-arm64" \ + --amend "$KIBANA_IMAGE-amd64" + docker manifest push "$KIBANA_BASE_IMAGE:latest" +fi + docker logout docker.elastic.co cat << EOF | buildkite-agent annotate --style "info" --context image From 3c53d128aad683aa742c55e1384682f150529efb Mon Sep 17 00:00:00 2001 From: Tomasz Ciecierski Date: Thu, 19 Oct 2023 15:38:09 +0200 Subject: [PATCH 38/50] [EDR Workflows] Use specific roles in Osquery serverless tests (#168939) --- .../cypress/e2e/all/add_integration.cy.ts | 3 +- .../all/alerts_automated_action_results.cy.ts | 188 +++-- .../cypress/e2e/all/custom_space.cy.ts | 4 +- .../cypress/e2e/all/packs_create_edit.cy.ts | 113 +-- .../cypress/e2e/all/packs_integration.cy.ts | 4 +- .../cypress/e2e/roles/t1_and_t2_analyst.cy.ts | 2 +- x-pack/plugins/osquery/cypress/support/e2e.ts | 24 +- .../project_controller_osquery_roles.yml | 10 +- .../osquery/cypress/tasks/api_fixtures.ts | 12 +- .../osquery/cypress/tasks/live_query.ts | 7 +- .../osquery/cypress/tasks/serverless.ts | 8 + x-pack/plugins/osquery/cypress/tsconfig.json | 1 + .../public/management/cypress/support/e2e.ts | 2 +- .../lib/security/kibana_roles/kibana_roles.ts | 50 +- .../project_controller_security_roles.yml | 651 ++++++++---------- .../lib/security/kibana_roles/role_loader.ts | 1 - .../shared/lib/security/types.ts | 2 + 17 files changed, 518 insertions(+), 564 deletions(-) create mode 100644 x-pack/plugins/osquery/cypress/tasks/serverless.ts diff --git a/x-pack/plugins/osquery/cypress/e2e/all/add_integration.cy.ts b/x-pack/plugins/osquery/cypress/e2e/all/add_integration.cy.ts index d11b517bd022f..b26e9b1787abe 100644 --- a/x-pack/plugins/osquery/cypress/e2e/all/add_integration.cy.ts +++ b/x-pack/plugins/osquery/cypress/e2e/all/add_integration.cy.ts @@ -29,6 +29,7 @@ import { policyContainsIntegration, } from '../../tasks/integrations'; import { findAndClickButton, findFormFieldByRowsLabelAndType } from '../../tasks/live_query'; +import { ServerlessRoleName } from '../../support/roles'; describe('ALL - Add Integration', { tags: ['@ess', '@serverless'] }, () => { let savedQueryId: string; @@ -40,7 +41,7 @@ describe('ALL - Add Integration', { tags: ['@ess', '@serverless'] }, () => { }); beforeEach(() => { - cy.login('elastic'); + cy.login(ServerlessRoleName.PLATFORM_ENGINEER); }); after(() => { diff --git a/x-pack/plugins/osquery/cypress/e2e/all/alerts_automated_action_results.cy.ts b/x-pack/plugins/osquery/cypress/e2e/all/alerts_automated_action_results.cy.ts index 4505af882da94..e0cf74688db42 100644 --- a/x-pack/plugins/osquery/cypress/e2e/all/alerts_automated_action_results.cy.ts +++ b/x-pack/plugins/osquery/cypress/e2e/all/alerts_automated_action_results.cy.ts @@ -10,110 +10,104 @@ import { checkActionItemsInResults, loadRuleAlerts } from '../../tasks/live_quer const UUID_REGEX = '[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}'; -describe( - 'Alert Flyout Automated Action Results', - { - tags: ['@ess', '@serverless'], - }, - () => { - let ruleId: string; +describe('Alert Flyout Automated Action Results', () => { + let ruleId: string; - beforeEach(() => { - loadRule(true).then((data) => { - ruleId = data.id; - loadRuleAlerts(data.name); - }); + beforeEach(() => { + loadRule(true).then((data) => { + ruleId = data.id; + loadRuleAlerts(data.name); }); + }); - afterEach(() => { - cleanupRule(ruleId); - }); + afterEach(() => { + cleanupRule(ruleId); + }); - it('can visit discover from response action results', () => { - const discoverRegex = new RegExp(`action_id: ${UUID_REGEX}`); - cy.getBySel('expand-event').first().click(); - cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click(); - cy.getBySel('securitySolutionFlyoutResponseButton').click(); - cy.getBySel('responseActionsViewWrapper').should('exist'); - checkActionItemsInResults({ - lens: true, - discover: true, - cases: true, - timeline: true, - }); - cy.contains('View in Discover') - .should('exist') - .should('have.attr', 'href') - .then(($href) => { - // @ts-expect-error-next-line href string - check types - cy.visit($href); - cy.getBySel('discoverDocTable', { timeout: 60000 }).within(() => { - cy.contains('action_data{ "query":'); - }); - cy.contains(discoverRegex); - }); + it('can visit discover from response action results', { tags: ['@ess'] }, () => { + const discoverRegex = new RegExp(`action_id: ${UUID_REGEX}`); + cy.getBySel('expand-event').first().click(); + cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click(); + cy.getBySel('securitySolutionFlyoutResponseButton').click(); + cy.getBySel('responseActionsViewWrapper').should('exist'); + checkActionItemsInResults({ + lens: true, + discover: true, + cases: true, + timeline: true, }); - - it('can visit lens from response action results', () => { - const lensRegex = new RegExp(`Action ${UUID_REGEX} results`); - cy.getBySel('expand-event').first().click(); - cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click(); - cy.getBySel('securitySolutionFlyoutResponseButton').click(); - cy.getBySel('responseActionsViewWrapper').should('exist'); - checkActionItemsInResults({ - lens: true, - discover: true, - cases: true, - timeline: true, - }); - cy.getBySel('osquery-results-comment') - .first() - .within(() => { - let lensUrl = ''; - cy.window().then((win) => { - cy.stub(win, 'open') - .as('windowOpen') - .callsFake((url) => { - lensUrl = url; - }); - }); - cy.get(`[aria-label="View in Lens"]`).click(); - cy.window() - .its('open') - .then(() => { - cy.visit(lensUrl); - }); + cy.contains('View in Discover') + .should('exist') + .should('have.attr', 'href') + .then(($href) => { + // @ts-expect-error-next-line href string - check types + cy.visit($href); + cy.getBySel('discoverDocTable', { timeout: 60000 }).within(() => { + cy.contains('action_data{ "query":'); }); - cy.getBySel('lnsWorkspace').should('exist'); - cy.getBySel('breadcrumbs').contains(lensRegex); - }); - - it('can add to timeline from response action results', () => { - const timelineRegex = new RegExp(`Added ${UUID_REGEX} to timeline`); - const filterRegex = new RegExp(`action_id: "${UUID_REGEX}"`); - cy.getBySel('expand-event').first().click(); - cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click(); - cy.getBySel('securitySolutionFlyoutResponseButton').click(); - cy.getBySel('responseActionsViewWrapper').should('exist'); - checkActionItemsInResults({ - lens: true, - discover: true, - cases: true, - timeline: true, + cy.contains(discoverRegex); }); - cy.getBySel('osquery-results-comment') - .first() - .within(() => { - cy.get('.euiTableRow') - .first() - .within(() => { - cy.getBySel('add-to-timeline').click(); + }); + + it('can visit lens from response action results', { tags: ['@ess'] }, () => { + const lensRegex = new RegExp(`Action ${UUID_REGEX} results`); + cy.getBySel('expand-event').first().click(); + cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click(); + cy.getBySel('securitySolutionFlyoutResponseButton').click(); + cy.getBySel('responseActionsViewWrapper').should('exist'); + checkActionItemsInResults({ + lens: true, + discover: true, + cases: true, + timeline: true, + }); + cy.getBySel('osquery-results-comment') + .first() + .within(() => { + let lensUrl = ''; + cy.window().then((win) => { + cy.stub(win, 'open') + .as('windowOpen') + .callsFake((url) => { + lensUrl = url; }); }); - cy.contains(timelineRegex); - cy.getBySel('securitySolutionFlyoutHeaderCollapseDetailButton').click(); - cy.getBySel('flyoutBottomBar').contains('Untitled timeline').click(); - cy.contains(filterRegex); + cy.get(`[aria-label="View in Lens"]`).click(); + cy.window() + .its('open') + .then(() => { + cy.visit(lensUrl); + }); + }); + cy.getBySel('lnsWorkspace').should('exist'); + cy.getBySel('breadcrumbs').contains(lensRegex); + }); + + it('can add to timeline from response action results', { tags: ['@ess', '@serverless'] }, () => { + const timelineRegex = new RegExp(`Added ${UUID_REGEX} to timeline`); + const filterRegex = new RegExp(`action_id: "${UUID_REGEX}"`); + cy.getBySel('expand-event').first().click(); + cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click(); + cy.getBySel('securitySolutionFlyoutResponseButton').click(); + cy.getBySel('responseActionsViewWrapper').should('exist'); + checkActionItemsInResults({ + lens: true, + discover: true, + cases: true, + timeline: true, }); - } -); + cy.getBySel('osquery-results-comment') + .first() + .within(() => { + cy.get('.euiTableRow') + .first() + .within(() => { + cy.getBySel('add-to-timeline').click(); + }); + }); + cy.contains(timelineRegex); + cy.getBySel('securitySolutionFlyoutHeaderCollapseDetailButton').click(); + cy.getBySel('flyoutBottomBar').contains('Untitled timeline').click(); + cy.contains(filterRegex); + }); +}); diff --git a/x-pack/plugins/osquery/cypress/e2e/all/custom_space.cy.ts b/x-pack/plugins/osquery/cypress/e2e/all/custom_space.cy.ts index 0c46fbf074966..edee4bdb0c8b1 100644 --- a/x-pack/plugins/osquery/cypress/e2e/all/custom_space.cy.ts +++ b/x-pack/plugins/osquery/cypress/e2e/all/custom_space.cy.ts @@ -17,7 +17,7 @@ import { loadSpace, loadPack, cleanupPack, cleanupSpace } from '../../tasks/api_ import { ServerlessRoleName } from '../../support/roles'; const testSpaces = [ - { name: 'default', tags: ['@ess', '@serverless'] }, + { name: 'default', tags: ['@ess', '@serverless', '@brokenInServerless'] }, { name: 'custom-spaces', tags: ['@ess'] }, ]; describe('ALL - Custom space', () => { @@ -71,7 +71,7 @@ describe('ALL - Custom space', () => { } }); - it('Discover should be opened in new tab in results table', { tags: ['@ess'] }, () => { + it('Discover should be opened in new tab in results table', { tags: testSpace.tags }, () => { cy.contains('New live query').click(); selectAllAgents(); inputQuery('select * from uptime;'); diff --git a/x-pack/plugins/osquery/cypress/e2e/all/packs_create_edit.cy.ts b/x-pack/plugins/osquery/cypress/e2e/all/packs_create_edit.cy.ts index 8599cbf65b156..de71f491cf213 100644 --- a/x-pack/plugins/osquery/cypress/e2e/all/packs_create_edit.cy.ts +++ b/x-pack/plugins/osquery/cypress/e2e/all/packs_create_edit.cy.ts @@ -28,8 +28,7 @@ import { loadSavedQuery, cleanupSavedQuery, cleanupPack, loadPack } from '../../ import { request } from '../../tasks/common'; import { ServerlessRoleName } from '../../support/roles'; -// FLAKY -describe.skip('Packs - Create and Edit', { tags: ['@ess', '@serverless'] }, () => { +describe('Packs - Create and Edit', { tags: ['@ess', '@serverless'] }, () => { let savedQueryId: string; let savedQueryName: string; let nomappingSavedQueryId: string; @@ -366,7 +365,7 @@ describe.skip('Packs - Create and Edit', { tags: ['@ess', '@serverless'] }, () = } ); - describe('should open lens in new tab', { tags: ['@ess'] }, () => { + describe('should open lens in new tab', { tags: ['@ess', '@brokenInServerless'] }, () => { let packId: string; let packName: string; @@ -399,7 +398,7 @@ describe.skip('Packs - Create and Edit', { tags: ['@ess', '@serverless'] }, () = cleanupPack(packId); }); - it('', () => { + it('', { tags: ['@ess', '@brokenInServerless'] }, () => { let lensUrl = ''; cy.window().then((win) => { cy.stub(win, 'open') @@ -422,58 +421,66 @@ describe.skip('Packs - Create and Edit', { tags: ['@ess', '@serverless'] }, () = }); }); - describe.skip('should open discover in new tab', () => { - let packId: string; - let packName: string; + describe.skip( + 'should open discover in new tab', + { tags: ['@ess', '@brokenInServerless'] }, + () => { + let packId: string; + let packName: string; - before(() => { - request<{ items: PackagePolicy[] }>({ - url: '/internal/osquery/fleet_wrapper/package_policies', - headers: { - 'Elastic-Api-Version': API_VERSIONS.internal.v1, - }, - }) - .then((response) => - loadPack({ - policy_ids: [response.body.items[0].policy_id], - queries: { - [savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' }, - }, - }) - ) - .then((pack) => { - packId = pack.saved_object_id; - packName = pack.name; - }); - }); + before(() => { + request<{ items: PackagePolicy[] }>({ + url: '/internal/osquery/fleet_wrapper/package_policies', + headers: { + 'Elastic-Api-Version': API_VERSIONS.internal.v1, + }, + }) + .then((response) => + loadPack({ + policy_ids: [response.body.items[0].policy_id], + queries: { + [savedQueryName]: { + ecs_mapping: {}, + interval: 3600, + query: 'select * from uptime;', + }, + }, + }) + ) + .then((pack) => { + packId = pack.saved_object_id; + packName = pack.name; + }); + }); - after(() => { - cleanupPack(packId); - }); + after(() => { + cleanupPack(packId); + }); - it('', () => { - preparePack(packName); - cy.react('CustomItemAction', { - props: { index: 0, item: { id: savedQueryName } }, - }) - .should('exist') - .within(() => { - cy.get('a') - .should('have.attr', 'href') - .then(($href) => { - // @ts-expect-error-next-line href string - check types - cy.visit($href); - cy.getBySel('breadcrumbs').contains('Discover').should('exist'); - cy.contains(`action_id: pack_${PACK_NAME}_${savedQueryName}`); - cy.getBySel('superDatePickerToggleQuickMenuButton').click(); - cy.getBySel('superDatePickerCommonlyUsed_Today').click(); - cy.getBySel('discoverDocTable', { timeout: 60000 }).contains( - `pack_${PACK_NAME}_${savedQueryName}` - ); - }); - }); - }); - }); + it('', () => { + preparePack(packName); + cy.react('CustomItemAction', { + props: { index: 0, item: { id: savedQueryName } }, + }) + .should('exist') + .within(() => { + cy.get('a') + .should('have.attr', 'href') + .then(($href) => { + // @ts-expect-error-next-line href string - check types + cy.visit($href); + cy.getBySel('breadcrumbs').contains('Discover').should('exist'); + cy.contains(`action_id: pack_${PACK_NAME}_${savedQueryName}`); + cy.getBySel('superDatePickerToggleQuickMenuButton').click(); + cy.getBySel('superDatePickerCommonlyUsed_Today').click(); + cy.getBySel('discoverDocTable', { timeout: 60000 }).contains( + `pack_${PACK_NAME}_${savedQueryName}` + ); + }); + }); + }); + } + ); describe('deactivate and activate pack', { tags: ['@ess', '@serverless'] }, () => { let packId: string; diff --git a/x-pack/plugins/osquery/cypress/e2e/all/packs_integration.cy.ts b/x-pack/plugins/osquery/cypress/e2e/all/packs_integration.cy.ts index 49e01b5524ab3..0ae0663dbbdb9 100644 --- a/x-pack/plugins/osquery/cypress/e2e/all/packs_integration.cy.ts +++ b/x-pack/plugins/osquery/cypress/e2e/all/packs_integration.cy.ts @@ -44,7 +44,7 @@ describe('ALL - Packs', { tags: ['@ess', '@serverless'] }, () => { let REMOVING_PACK: string; beforeEach(() => { - cy.login('elastic'); + cy.login(ServerlessRoleName.PLATFORM_ENGINEER); AGENT_POLICY_NAME = `PackTest` + generateRandomStringName(1)[0]; REMOVING_PACK = 'removing-pack' + generateRandomStringName(1)[0]; }); @@ -179,7 +179,7 @@ describe('ALL - Packs', { tags: ['@ess', '@serverless'] }, () => { describe('Global packs', { tags: ['@ess', '@serverless'] }, () => { beforeEach(() => { - cy.login('elastic'); + cy.login(ServerlessRoleName.PLATFORM_ENGINEER); navigateTo('/app/osquery/packs'); }); diff --git a/x-pack/plugins/osquery/cypress/e2e/roles/t1_and_t2_analyst.cy.ts b/x-pack/plugins/osquery/cypress/e2e/roles/t1_and_t2_analyst.cy.ts index 3a72415dce69e..94a5fcfde70d3 100644 --- a/x-pack/plugins/osquery/cypress/e2e/roles/t1_and_t2_analyst.cy.ts +++ b/x-pack/plugins/osquery/cypress/e2e/roles/t1_and_t2_analyst.cy.ts @@ -23,7 +23,7 @@ import { } from '../../tasks/api_fixtures'; import type { ServerlessRoleName } from '../../support/roles'; -describe(`T1 and T2 analysts`, { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => { +describe(`T1 and T2 analysts`, { tags: ['@ess', '@serverless'] }, () => { ['t1_analyst', 't2_analyst'].forEach((role: string) => { describe(`${role}- READ + runSavedQueries `, () => { let savedQueryName: string; diff --git a/x-pack/plugins/osquery/cypress/support/e2e.ts b/x-pack/plugins/osquery/cypress/support/e2e.ts index 3a3d32f4d0954..56bcab0e700ad 100644 --- a/x-pack/plugins/osquery/cypress/support/e2e.ts +++ b/x-pack/plugins/osquery/cypress/support/e2e.ts @@ -31,11 +31,13 @@ import registerCypressGrep from '@cypress/grep'; registerCypressGrep(); import type { SecuritySolutionDescribeBlockFtrConfig } from '@kbn/security-solution-plugin/scripts/run_cypress/utils'; -import type { ServerlessRoleName } from './roles'; +import { login } from '@kbn/security-solution-plugin/public/management/cypress/tasks/login'; + +import { ServerlessRoleName } from './roles'; import 'cypress-react-selector'; -import { login } from '../../../../test_serverless/functional/test_suites/security/cypress/tasks/login'; import { waitUntil } from '../tasks/wait_until'; +import { isServerless } from '../tasks/serverless'; declare global { // eslint-disable-next-line @typescript-eslint/no-namespace @@ -55,7 +57,7 @@ declare global { clickOutside(): Chainable>; - login(role?: ServerlessRoleName | 'elastic'): void; + login(role: ServerlessRoleName): void; waitUntil(fn: () => Cypress.Chainable): Cypress.Chainable | undefined; } @@ -77,14 +79,11 @@ Cypress.Commands.add( ); Cypress.Commands.add('login', (role) => { - // TODO Temporary approach to login until login with role is supported in serverless - // Cypress.Commands.add('login', login); - const isServerless = Cypress.env().IS_SERVERLESS; - if (isServerless) { - return login.with('system_indices_superuser', 'changeme'); + return login.with(role, 'changeme'); } + // @ts-expect-error hackish way to provide a new role in Osquery ESS only (Reader) return login(role); }); @@ -93,3 +92,12 @@ Cypress.Commands.add('waitUntil', waitUntil); // Alternatively you can use CommonJS syntax: // require('./commands') Cypress.on('uncaught:exception', () => false); + +// Login as a SOC_MANAGER to properly initialize Security Solution App +before(() => { + cy.login(ServerlessRoleName.SOC_MANAGER); + cy.visit('/app/security/alerts'); + cy.getBySel('globalLoadingIndicator').should('exist'); + cy.getBySel('globalLoadingIndicator').should('not.exist'); + cy.getBySel('manage-alert-detection-rules').should('exist'); +}); diff --git a/x-pack/plugins/osquery/cypress/support/project_controller_osquery_roles.yml b/x-pack/plugins/osquery/cypress/support/project_controller_osquery_roles.yml index b811316b2d9de..30c7ad430efbc 100644 --- a/x-pack/plugins/osquery/cypress/support/project_controller_osquery_roles.yml +++ b/x-pack/plugins/osquery/cypress/support/project_controller_osquery_roles.yml @@ -1,12 +1,12 @@ # add more functionalities just for ESS environment soc_manager: applications: - - application: observabilityCases + - application: "kibana-.kibana" privileges: - - all + - feature_observabilityCases.all resources: "*" -# custom roles for osquery lack of permission testing +## custom roles for osquery lack of permission testing - reader extends viewer in ESS, but we cannot use viewer directly reader: indices: - names: @@ -15,7 +15,7 @@ reader: - read - write applications: - - application: osquery + - application: "kibana-.kibana" privileges: - - read + - feature_osquery.read resources: "*" diff --git a/x-pack/plugins/osquery/cypress/tasks/api_fixtures.ts b/x-pack/plugins/osquery/cypress/tasks/api_fixtures.ts index be716d7effe64..d7b9f7d43ce43 100644 --- a/x-pack/plugins/osquery/cypress/tasks/api_fixtures.ts +++ b/x-pack/plugins/osquery/cypress/tasks/api_fixtures.ts @@ -18,7 +18,6 @@ import type { PackSavedObject, PackItem } from '../../public/packs/types'; import type { SavedQuerySO } from '../../public/routes/saved_queries/list'; import { generateRandomStringName } from './integrations'; import { request } from './common'; -import { ServerlessRoleName } from '../support/roles'; export const savedQueryFixture = { id: generateRandomStringName(1)[0], @@ -137,14 +136,8 @@ export const loadLiveQuery = ( }, }).then((response) => response.body.data); -export const loadRule = (includeResponseActions = false) => { - cy.login('elastic'); - cy.visit('/app/security/rules'); - cy.getBySel('globalLoadingIndicator').should('exist'); - cy.getBySel('globalLoadingIndicator').should('not.exist'); - cy.login(ServerlessRoleName.SOC_MANAGER); - - return request({ +export const loadRule = (includeResponseActions = false) => + request({ method: 'POST', body: { type: 'query', @@ -234,7 +227,6 @@ export const loadRule = (includeResponseActions = false) => { 'Elastic-Api-Version': API_VERSIONS.public.v1, }, }).then((response) => response.body); -}; export const cleanupRule = (id: string) => { request({ diff --git a/x-pack/plugins/osquery/cypress/tasks/live_query.ts b/x-pack/plugins/osquery/cypress/tasks/live_query.ts index efcb3687b320b..2530eeaf45c7b 100644 --- a/x-pack/plugins/osquery/cypress/tasks/live_query.ts +++ b/x-pack/plugins/osquery/cypress/tasks/live_query.ts @@ -7,6 +7,7 @@ import { LIVE_QUERY_EDITOR, OSQUERY_FLYOUT_BODY_EDITOR } from '../screens/live_query'; import { ServerlessRoleName } from '../support/roles'; +import { isServerless } from './serverless'; import { waitForAlertsToPopulate } from '../../../../test/security_solution_cypress/cypress/tasks/create_new_rule'; export const DEFAULT_QUERY = 'select * from processes;'; @@ -145,8 +146,10 @@ export const checkActionItemsInResults = ({ cases: boolean; timeline: boolean; }) => { - cy.contains('View in Discover').should(discover ? 'exist' : 'not.exist'); - cy.contains('View in Lens').should(lens ? 'exist' : 'not.exist'); + cy.contains('View in Discover').should( + isServerless ? 'not.exist' : discover ? 'exist' : 'not.exist' + ); + cy.contains('View in Lens').should(isServerless ? 'not.exist' : lens ? 'exist' : 'not.exist'); cy.contains('Add to Case').should(cases ? 'exist' : 'not.exist'); cy.contains('Add to timeline investigation').should(timeline ? 'exist' : 'not.exist'); }; diff --git a/x-pack/plugins/osquery/cypress/tasks/serverless.ts b/x-pack/plugins/osquery/cypress/tasks/serverless.ts new file mode 100644 index 0000000000000..723982a62ce7d --- /dev/null +++ b/x-pack/plugins/osquery/cypress/tasks/serverless.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const isServerless = Cypress.env().IS_SERVERLESS; diff --git a/x-pack/plugins/osquery/cypress/tsconfig.json b/x-pack/plugins/osquery/cypress/tsconfig.json index 5b797830caae6..4142a60edc776 100644 --- a/x-pack/plugins/osquery/cypress/tsconfig.json +++ b/x-pack/plugins/osquery/cypress/tsconfig.json @@ -37,5 +37,6 @@ "@kbn/security-solution-plugin", "@kbn/fleet-plugin", "@kbn/cases-plugin", + "@kbn/security-solution-plugin/public/management/cypress", ] } diff --git a/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts b/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts index 67c2a3ef0375e..e3f1c084843fe 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts @@ -102,7 +102,7 @@ Cypress.Commands.add( Cypress.on('uncaught:exception', () => false); -// Login as a Platform Engineer to properly initialize Security Solution App +// Login as a SOC_MANAGER to properly initialize Security Solution App before(() => { login(ROLE.soc_manager); loadPage('/app/security/alerts'); diff --git a/x-pack/test_serverless/shared/lib/security/kibana_roles/kibana_roles.ts b/x-pack/test_serverless/shared/lib/security/kibana_roles/kibana_roles.ts index ddfeef06c6a2e..a2d244072de87 100644 --- a/x-pack/test_serverless/shared/lib/security/kibana_roles/kibana_roles.ts +++ b/x-pack/test_serverless/shared/lib/security/kibana_roles/kibana_roles.ts @@ -16,16 +16,17 @@ const ROLES_YAML_FILE_PATH = path.join(__dirname, 'project_controller_security_r const ROLE_NAMES = Object.values(ServerlessRoleName); +interface IApplication { + application: string; + privileges: string[]; + resources: string; +} export type YamlRoleDefinitions = Record< ServerlessRoleName, { cluster: string[] | null; indices: RoleIndexPrivilege[]; - applications: Array<{ - application: string; - privileges: string[]; - resources: string; - }>; + applications: IApplication[]; } >; @@ -48,6 +49,34 @@ export const getServerlessSecurityKibanaRoleDefinitions = ( `Un-expected role [${roleName}] found in YAML file [${ROLES_YAML_FILE_PATH}]` ); } + const mapApplicationToKibanaFeaturePrivileges = ( + application: IApplication + ): FeaturesPrivileges => { + if (application.resources !== '*') { + throw new Error( + `YAML role definition parser does not currently support 'application.resource = ${application.resources}' for ${application.application} ` + ); + } + + const features: FeaturesPrivileges = {}; + + application.privileges.forEach((value) => { + const [feature, permission] = value.split('.'); + const featureKey = feature.split('_')[1]; + + if (!features[featureKey]) { + features[featureKey] = []; + } + + if (permission) { + features[featureKey].push(permission); + } + }); + + return features; + }; + + const feature = mapApplicationToKibanaFeaturePrivileges(definition.applications[0]); const kibanaRole: Role = { name: roleName, @@ -60,16 +89,7 @@ export const getServerlessSecurityKibanaRoleDefinitions = ( { base: [], spaces: ['*'], - feature: definition.applications.reduce((features, application) => { - if (application.resources !== '*') { - throw new Error( - `YAML role definition parser does not currently support 'application.resource = ${application.resources}' for ${application.application} ` - ); - } - - features[application.application] = application.privileges; - return features; - }, {} as FeaturesPrivileges), + feature, }, ], }; diff --git a/x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml b/x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml index 13a8d07a79502..1444b818b10ee 100644 --- a/x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml +++ b/x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml @@ -1,6 +1,116 @@ # ----- # Source: https://github.com/elastic/project-controller/blob/main/internal/project/security/config/roles.yml -# ----- + +# modeled after the t1_analyst minus osquery run saved queries privilege +viewer: + cluster: [] + indices: + - names: + - ".siem-signals*" + - ".lists-*" + - ".items-*" + privileges: + - "read" + - "view_index_metadata" + allow_restricted_indices: false + - names: + - ".alerts*" + - ".preview.alerts*" + privileges: + - "read" + - "view_index_metadata" + allow_restricted_indices: false + - names: + - apm-*-transaction* + - traces-apm* + - auditbeat-* + - endgame-* + - filebeat-* + - logs-* + - packetbeat-* + - winlogbeat-* + - metrics-endpoint.metadata_current_* + - ".fleet-agents*" + - ".fleet-actions*" + - "risk-score.risk-score-*" + privileges: + - read + applications: + - application: "kibana-.kibana" + privileges: + - feature_ml.read + - feature_siem.read + - feature_siem.read_alerts + - feature_siem.endpoint_list_read + - feature_securitySolutionCases.read + - feature_actions.read + - feature_builtInAlerts.read + - feature_osquery.read + resources: "*" + run_as: [] + +# modeled after t3_analyst +editor: + cluster: [] + indices: + - names: + - ".siem-signals*" + - ".lists-*" + - ".items-*" + privileges: + - "read" + - "view_index_metadata" + - "write" + - "maintenance" + allow_restricted_indices: false + - names: + - apm-*-transaction* + - traces-apm* + - auditbeat-* + - endgame-* + - filebeat-* + - logs-* + - packetbeat-* + - winlogbeat-* + privileges: + - read + - write + - names: + - ".internal.alerts*" + - ".alerts*" + - ".internal.preview.alerts*" + - ".preview.alerts*" + - "risk-score.risk-score-*" + privileges: + - "read" + - "view_index_metadata" + - "write" + - "maintenance" + allow_restricted_indices: false + applications: + - application: "kibana-.kibana" + privileges: + - feature_ml.read + - feature_siem.all + - feature_siem.read_alerts + - feature_siem.crud_alerts + - feature_siem.endpoint_list_all + - feature_siem.trusted_applications_all + - feature_siem.event_filters_all + - feature_siem.host_isolation_exceptions_all + - feature_siem.blocklist_all + - feature_siem.policy_management_read # Elastic Defend Policy Management + - feature_siem.host_isolation_all + - feature_siem.process_operations_all + - feature_siem.actions_log_management_all # Response actions history + - feature_siem.file_operations_all + - feature_securitySolutionCases.all + - feature_actions.read + - feature_builtInAlerts.all + - feature_osquery.all + resources: "*" + run_as: [] + t1_analyst: cluster: indices: @@ -23,39 +133,21 @@ t1_analyst: - metrics-endpoint.metadata_current_* - ".fleet-agents*" - ".fleet-actions*" + - risk-score.risk-score-* privileges: - read applications: - - application: ml - privileges: - - read - resources: "*" - - application: siem - privileges: - - read - - read_alerts - - endpoint_list_read - resources: "*" - - application: securitySolutionCases - privileges: - - read - resources: "*" - - application: actions - privileges: - - read - resources: "*" - - application: builtInAlerts - privileges: - - read - resources: "*" - - application: spaces - privileges: - - all - resources: "*" - - application: osquery - privileges: - - read - - run_saved_queries + - application: "kibana-.kibana" + privileges: + - feature_ml.read + - feature_siem.read + - feature_siem.read_alerts + - feature_siem.endpoint_list_read + - feature_securitySolutionCases.read + - feature_actions.read + - feature_builtInAlerts.read + - feature_osquery.read + - feature_osquery.run_saved_queries resources: "*" t2_analyst: @@ -82,39 +174,21 @@ t2_analyst: - metrics-endpoint.metadata_current_* - .fleet-agents* - .fleet-actions* + - risk-score.risk-score-* privileges: - read applications: - - application: ml - privileges: - - read - resources: "*" - - application: siem - privileges: - - read - - read_alerts - - endpoint_list_read - resources: "*" - - application: securitySolutionCases - privileges: - - all - resources: "*" - - application: actions - privileges: - - read - resources: "*" - - application: builtInAlerts - privileges: - - read - resources: "*" - - application: spaces - privileges: - - all - resources: "*" - - application: osquery - privileges: - - read - - run_saved_queries + - application: "kibana-.kibana" + privileges: + - feature_ml.read + - feature_siem.read + - feature_siem.read_alerts + - feature_siem.endpoint_list_read + - feature_securitySolutionCases.all + - feature_actions.read + - feature_builtInAlerts.read + - feature_osquery.read + - feature_osquery.run_saved_queries resources: "*" t3_analyst: @@ -148,48 +222,30 @@ t3_analyst: - metrics-endpoint.metadata_current_* - .fleet-agents* - .fleet-actions* + - risk-score.risk-score-* privileges: - read applications: - - application: ml - privileges: - - read - resources: "*" - - application: siem - privileges: - - all - - read_alerts - - crud_alerts - - endpoint_list_all - - trusted_applications_all - - event_filters_all - - host_isolation_exceptions_all - - blocklist_all - - policy_management_read # Elastic Defend Policy Management - - host_isolation_all - - process_operations_all - - actions_log_management_all # Response actions history - - file_operations_all - resources: "*" - - application: securitySolutionCases - privileges: - - all - resources: "*" - - application: actions - privileges: - - read - resources: "*" - - application: builtInAlerts - privileges: - - all - resources: "*" - - application: osquery - privileges: - - all - resources: "*" - - application: spaces - privileges: - - all + - application: "kibana-.kibana" + privileges: + - feature_ml.read + - feature_siem.all + - feature_siem.read_alerts + - feature_siem.crud_alerts + - feature_siem.endpoint_list_all + - feature_siem.trusted_applications_all + - feature_siem.event_filters_all + - feature_siem.host_isolation_exceptions_all + - feature_siem.blocklist_all + - feature_siem.policy_management_read # Elastic Defend Policy Management + - feature_siem.host_isolation_all + - feature_siem.process_operations_all + - feature_siem.actions_log_management_all # Response actions history + - feature_siem.file_operations_all + - feature_securitySolutionCases.all + - feature_actions.read + - feature_builtInAlerts.all + - feature_osquery.all resources: "*" threat_intelligence_analyst: @@ -219,39 +275,21 @@ threat_intelligence_analyst: - metrics-endpoint.metadata_current_* - .fleet-agents* - .fleet-actions* + - risk-score.risk-score-* privileges: - read applications: - - application: ml - privileges: - - read - resources: "*" - - application: siem - privileges: - - read - - read_alerts - - endpoint_list_read - - blocklist_all - resources: "*" - - application: securitySolutionCases - privileges: - - all - resources: "*" - - application: actions - privileges: - - read - resources: "*" - - application: builtInAlerts - privileges: - - read - resources: "*" - - application: spaces - privileges: - - all - resources: "*" - - application: osquery - privileges: - - all + - application: "kibana-.kibana" + privileges: + - feature_ml.read + - feature_siem.read + - feature_siem.read_alerts + - feature_siem.endpoint_list_read + - feature_siem.blocklist_all + - feature_securitySolutionCases.all + - feature_actions.read + - feature_builtInAlerts.read + - feature_osquery.all resources: "*" rule_author: @@ -289,41 +327,27 @@ rule_author: - metrics-endpoint.metadata_current_* - .fleet-agents* - .fleet-actions* + - risk-score.risk-score-* privileges: - read applications: - - application: ml - privileges: - - read - resources: "*" - - application: siem - privileges: - - all - - read_alerts - - crud_alerts - - policy_management_all - - endpoint_list_all - - trusted_applications_all - - event_filters_all - - host_isolation_exceptions_read - - blocklist_all - - actions_log_management_read - resources: "*" - - application: securitySolutionCases - privileges: - - all - resources: "*" - - application: actions - privileges: - - read - resources: "*" - - application: builtInAlerts - privileges: - - all - resources: "*" - - application: spaces - privileges: - - all + - application: "kibana-.kibana" + privileges: + - feature_ml.read + - feature_siem.all + - feature_siem.read_alerts + - feature_siem.crud_alerts + - feature_siem.policy_management_all + - feature_siem.endpoint_list_all + - feature_siem.trusted_applications_all + - feature_siem.event_filters_all + - feature_siem.host_isolation_exceptions_read + - feature_siem.blocklist_all # Elastic Defend Policy Management + - feature_siem.actions_log_management_read + - feature_securitySolutionCases.all + - feature_actions.read + - feature_builtInAlerts.all + - feature_osquery.all resources: "*" soc_manager: @@ -355,59 +379,41 @@ soc_manager: - .items* privileges: - read - - maintenance - write - names: - metrics-endpoint.metadata_current_* - .fleet-agents* - .fleet-actions* + - risk-score.risk-score-* privileges: - read applications: - - application: ml - privileges: - - read - resources: "*" - - application: siem - privileges: - - all - - read_alerts - - crud_alerts - - policy_management_all - - endpoint_list_all - - trusted_applications_all - - event_filters_all - - host_isolation_exceptions_all - - blocklist_all - - host_isolation_all - - process_operations_all - - actions_log_management_all - - file_operations_all - - execute_operations_all - resources: "*" - - application: securitySolutionCases - privileges: - - all - resources: "*" - - application: actions - privileges: - - all - resources: "*" - - application: builtInAlerts - privileges: - - all - resources: "*" - - application: spaces - privileges: - - all - resources: "*" - - application: osquery - privileges: - - all + - application: "kibana-.kibana" + privileges: + - feature_ml.read + - feature_siem.all + - feature_siem.read_alerts + - feature_siem.crud_alerts + - feature_siem.policy_management_all + - feature_siem.endpoint_list_all + - feature_siem.trusted_applications_all + - feature_siem.event_filters_all + - feature_siem.host_isolation_exceptions_all + - feature_siem.blocklist_all + - feature_siem.host_isolation_all + - feature_siem.process_operations_all + - feature_siem.actions_log_management_all + - feature_siem.file_operations_all + - feature_siem.execute_operations_all + - feature_securitySolutionCases.all + - feature_actions.all + - feature_builtInAlerts.all + - feature_osquery.all + - feature_indexPatterns.all resources: "*" detections_admin: - cluster: + cluster: ["manage_index_templates", "manage_transform"] indices: - names: - apm-*-transaction* @@ -434,36 +440,21 @@ detections_admin: - .fleet-actions* privileges: - read - applications: - - application: ml - privileges: - - all - resources: "*" - - application: siem - privileges: - - all - - read_alerts - - crud_alerts - resources: "*" - - application: securitySolutionCases - privileges: - - all - resources: "*" - - application: actions - privileges: - - read - resources: "*" - - application: builtInAlerts - privileges: - - all - resources: "*" - - application: dev_tools + - names: + - risk-score.risk-score-* privileges: - all - resources: "*" - - application: spaces + applications: + - application: "kibana-.kibana" privileges: - - all + - feature_ml.all + - feature_siem.all + - feature_siem.read_alerts + - feature_siem.crud_alerts + - feature_securitySolutionCases.all + - feature_actions.all + - feature_builtInAlerts.all + - feature_dev_tools.all resources: "*" platform_engineer: @@ -485,53 +476,30 @@ platform_engineer: - .siem-signals-* - .preview.alerts-security* - .internal.preview.alerts-security* + - risk-score.risk-score-* privileges: - all applications: - - application: ml - privileges: - - all - resources: "*" - - application: siem - privileges: - - all - - read_alerts - - crud_alerts - - policy_management_all - - endpoint_list_all - - trusted_applications_all - - event_filters_all - - host_isolation_exceptions_all - - blocklist_all - - actions_log_management_read - resources: "*" - - application: securitySolutionCases - privileges: - - all - resources: "*" - - application: actions - privileges: - - all - resources: "*" - - application: builtInAlerts - privileges: - - all - resources: "*" - - application: fleet - privileges: - - all - resources: "*" - - application: fleetv2 - privileges: - - all - resources: "*" - - application: spaces - privileges: - - all - resources: "*" - - application: osquery - privileges: - - all + - application: "kibana-.kibana" + privileges: + - feature_ml.all + - feature_siem.all + - feature_siem.read_alerts + - feature_siem.crud_alerts + - feature_siem.policy_management_all + - feature_siem.endpoint_list_all + - feature_siem.trusted_applications_all + - feature_siem.event_filters_all + - feature_siem.host_isolation_exceptions_all + - feature_siem.blocklist_all # Elastic Defend Policy Management + - feature_siem.actions_log_management_read + - feature_securitySolutionCases.all + - feature_actions.all + - feature_builtInAlerts.all + - feature_fleet.all + - feature_fleetv2.all + - feature_osquery.all + - feature_indexPatterns.all resources: "*" endpoint_operations_analyst: @@ -554,6 +522,7 @@ endpoint_operations_analyst: - winlogbeat-* - .lists* - .items* + - risk-score.risk-score-* privileges: - read - names: @@ -565,53 +534,28 @@ endpoint_operations_analyst: - read - write applications: - - application: ml - privileges: - - read - resources: "*" - - application: siem - privileges: - - all - - read_alerts - - policy_management_all - - endpoint_list_all - - trusted_applications_all - - event_filters_all - - host_isolation_exceptions_all - - blocklist_all - - host_isolation_all - - process_operations_all - - actions_log_management_all # Response History - - file_operations_all - - execute_operations_all # Execute - resources: "*" - - application: securitySolutionCases - privileges: - - all - resources: "*" - - application: actions - privileges: - - all - resources: "*" - - application: builtInAlerts - privileges: - - all - resources: "*" - - application: osquery - privileges: - - all - resources: "*" - - application: fleet - privileges: - - all - resources: "*" - - application: fleetv2 - privileges: - - all - resources: "*" - - application: spaces - privileges: - - all + - application: "kibana-.kibana" + privileges: + - feature_ml.read + - feature_siem.all + - feature_siem.read_alerts + - feature_siem.policy_management_all + - feature_siem.endpoint_list_all + - feature_siem.trusted_applications_all + - feature_siem.event_filters_all + - feature_siem.host_isolation_exceptions_all + - feature_siem.blocklist_all + - feature_siem.host_isolation_all + - feature_siem.process_operations_all + - feature_siem.actions_log_management_all # Response History + - feature_siem.file_operations_all + - feature_siem.execute_operations_all # Execute + - feature_securitySolutionCases.all + - feature_actions.all + - feature_builtInAlerts.all + - feature_osquery.all + - feature_fleet.all + - feature_fleetv2.all resources: "*" endpoint_policy_manager: @@ -634,6 +578,7 @@ endpoint_policy_manager: - winlogbeat-* - .lists* - .items* + - risk-score.risk-score-* privileges: - read - names: @@ -646,48 +591,22 @@ endpoint_policy_manager: - write - manage applications: - - application: ml - privileges: - - read - resources: "*" - - application: siem - privileges: - - all - - read_alerts - - crud_alerts - - policy_management_all - - trusted_applications_all - - event_filters_all - - host_isolation_exceptions_all - - blocklist_all - - endpoint_list_all - resources: "*" - - application: securitySolutionCases - privileges: - - all - resources: "*" - - application: actions - privileges: - - all + - application: "kibana-.kibana" + privileges: + - feature_ml.all + - feature_siem.all + - feature_siem.read_alerts + - feature_siem.crud_alerts + - feature_siem.policy_management_all + - feature_siem.endpoint_list_all + - feature_siem.trusted_applications_all + - feature_siem.event_filters_all + - feature_siem.host_isolation_exceptions_all + - feature_siem.blocklist_all # Elastic Defend Policy Management + - feature_securitySolutionCases.all + - feature_actions.all + - feature_builtInAlerts.all + - feature_osquery.all + - feature_fleet.all + - feature_fleetv2.all resources: "*" - - application: builtInAlerts - privileges: - - all - resources: "*" - - application: osquery - privileges: - - all - resources: "*" - - application: fleet - privileges: - - all - resources: "*" - - application: fleetv2 - privileges: - - all - resources: "*" - - application: spaces - privileges: - - all - resources: "*" - diff --git a/x-pack/test_serverless/shared/lib/security/kibana_roles/role_loader.ts b/x-pack/test_serverless/shared/lib/security/kibana_roles/role_loader.ts index a0f0f447955a6..806d6244fe90a 100644 --- a/x-pack/test_serverless/shared/lib/security/kibana_roles/role_loader.ts +++ b/x-pack/test_serverless/shared/lib/security/kibana_roles/role_loader.ts @@ -55,7 +55,6 @@ export class RoleAndUserLoader = Record Date: Thu, 19 Oct 2023 15:49:52 +0200 Subject: [PATCH 39/50] [EDR Workflows] Unskip no_license.cy.ts (#169352) With introduction of global `before` that logs us in with role `soc_manager` we should explicitly login with `beforeEach` to prevent cookies mixup when using user that is not `soc_manager` - https://github.com/elastic/kibana/blame/54d4e181c38b63bffea7b4d8a216fa12fbb35984/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts#L107 Closes https://github.com/elastic/kibana/issues/169320 Closes https://github.com/elastic/kibana/issues/169334 --- .../e2e/automated_response_actions/form.cy.ts | 23 +++++++++---------- .../no_license.cy.ts | 5 ++-- 2 files changed, 13 insertions(+), 15 deletions(-) diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/form.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/form.cy.ts index 7205601b06493..1f12cbbbe0d55 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/form.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/form.cy.ts @@ -20,7 +20,7 @@ import { login, ROLE } from '../../tasks/login'; describe('Form', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => { describe('User with no access can not create an endpoint response action', () => { - before(() => { + beforeEach(() => { login(ROLE.endpoint_response_actions_no_access); }); @@ -35,10 +35,10 @@ describe('Form', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => let ruleId: string; const [ruleName, ruleDescription] = generateRandomStringName(2); - before(() => { + beforeEach(() => { login(ROLE.endpoint_response_actions_access); }); - after(() => { + afterEach(() => { cleanupRule(ruleId); }); @@ -87,16 +87,14 @@ describe('Form', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => const testedCommand = 'isolate'; const newDescription = 'Example isolate host description'; - before(() => { + beforeEach(() => { + login(ROLE.endpoint_response_actions_access); loadRule().then((res) => { ruleId = res.id; ruleName = res.name; }); }); - beforeEach(() => { - login(ROLE.endpoint_response_actions_access); - }); - after(() => { + afterEach(() => { cleanupRule(ruleId); }); @@ -145,7 +143,7 @@ describe('Form', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => describe('User should not see endpoint action when no rbac', () => { const [ruleName, ruleDescription] = generateRandomStringName(2); - before(() => { + beforeEach(() => { login(ROLE.endpoint_response_actions_no_access); }); @@ -162,13 +160,14 @@ describe('Form', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => describe('User without access can not edit, add nor delete an endpoint response action', () => { let ruleId: string; - before(() => { + beforeEach(() => { + login(ROLE.endpoint_response_actions_no_access); loadRule().then((res) => { ruleId = res.id; }); - login(ROLE.endpoint_response_actions_no_access); }); - after(() => { + + afterEach(() => { cleanupRule(ruleId); }); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/no_license.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/no_license.cy.ts index 2cc2d96a9e6d5..d3c940b869835 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/no_license.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/no_license.cy.ts @@ -15,12 +15,11 @@ import type { ReturnTypeFromChainable } from '../../types'; import { indexEndpointHosts } from '../../tasks/index_endpoint_hosts'; import { indexEndpointRuleAlerts } from '../../tasks/index_endpoint_rule_alerts'; -// Failing: See https://github.com/elastic/kibana/issues/169320 -describe.skip('No License', { tags: '@ess', env: { ftrConfig: { license: 'basic' } } }, () => { +describe('No License', { tags: '@ess', env: { ftrConfig: { license: 'basic' } } }, () => { describe('User cannot use endpoint action in form', () => { const [ruleName, ruleDescription] = generateRandomStringName(2); - before(() => { + beforeEach(() => { login(ROLE.endpoint_response_actions_access); }); From a92ec33e7dda10436c6fc28bb59ac740411f7853 Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Thu, 19 Oct 2023 15:02:52 +0100 Subject: [PATCH 40/50] skip flaky suite (#169363) --- .../cypress/e2e/investigations/timelines/fields_browser.cy.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/fields_browser.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/fields_browser.cy.ts index d4301853029a6..5620fb953e0d3 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/fields_browser.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/fields_browser.cy.ts @@ -51,7 +51,8 @@ const defaultHeaders = [ ]; // Flaky in serverless tests -describe('Fields Browser', { tags: ['@ess', '@serverless'] }, () => { +// FLAKY: https://github.com/elastic/kibana/issues/169363 +describe.skip('Fields Browser', { tags: ['@ess', '@serverless'] }, () => { before(() => { cleanKibana(); }); From 1fcdd3428ce6188e8456f0f4d14abe95487401b6 Mon Sep 17 00:00:00 2001 From: Stratoula Kalafateli Date: Thu, 19 Oct 2023 17:24:57 +0300 Subject: [PATCH 41/50] [TSVB] Try to stabilize the test (#169254) ## Summary Hopefully stabilizes this flakiness Closes https://github.com/elastic/kibana/issues/167728 Run 100 times: https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/3593 --- test/functional/page_objects/visual_builder_page.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/test/functional/page_objects/visual_builder_page.ts b/test/functional/page_objects/visual_builder_page.ts index 6f106d143627a..e20249f362b03 100644 --- a/test/functional/page_objects/visual_builder_page.ts +++ b/test/functional/page_objects/visual_builder_page.ts @@ -667,6 +667,7 @@ export class VisualBuilderPageObject extends FtrService { const fieldEl = await this.getFieldForAggregation(aggNth); await this.comboBox.setElement(fieldEl, field); + await this.header.waitUntilLoadingHasFinished(); } public async setFieldForAggregateBy(field: string): Promise { From 27fcb77e4a70b73ef88c42d600352131018072e8 Mon Sep 17 00:00:00 2001 From: Melissa Alvarez Date: Thu, 19 Oct 2023 08:36:23 -0600 Subject: [PATCH 42/50] [ML] Data Frame Analytics creation: ensure form state persists after switch to editor (#169186) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## Summary This PR: - ensures the form state is correctly persisted when switching back to form state from the editor - fixes the issue where the 'Create index pattern' checkbox would no longer be checked by default when switching back from the editor - adds functional tests for the data frame analytics wizard covering the case of switching to json editor and back to form Flaky test runner [build](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/3558) ✅ 100/100 runs passed ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../advanced_step/advanced_step_form.tsx | 1 + .../create_analytics_advanced_editor.tsx | 64 ++++++++++--------- .../use_create_analytics_form/reducer.ts | 5 +- .../classification_creation.ts | 13 ++++ .../outlier_detection_creation.ts | 13 ++++ .../regression_creation.ts | 13 ++++ .../ml/data_frame_analytics_creation.ts | 34 +++++++++- 7 files changed, 109 insertions(+), 34 deletions(-) diff --git a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/advanced_step/advanced_step_form.tsx b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/advanced_step/advanced_step_form.tsx index 2521138a542d5..46351707a43c5 100644 --- a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/advanced_step/advanced_step_form.tsx +++ b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/advanced_step/advanced_step_form.tsx @@ -248,6 +248,7 @@ export const AdvancedStepForm: FC = ({ randomizeSeed, softTreeDepthLimit, softTreeDepthTolerance, + useEstimatedMml, ]); const outlierDetectionAdvancedConfig = ( diff --git a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/create_analytics_advanced_editor/create_analytics_advanced_editor.tsx b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/create_analytics_advanced_editor/create_analytics_advanced_editor.tsx index c809597ed1208..dab0359457786 100644 --- a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/create_analytics_advanced_editor/create_analytics_advanced_editor.tsx +++ b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/create_analytics_advanced_editor/create_analytics_advanced_editor.tsx @@ -139,38 +139,40 @@ export const CreateAnalyticsAdvancedEditor: FC = (prop )} style={{ maxWidth: '100%' }} > - + + wordWrap: 'on', + wrappingIndent: 'indent', + }} + /> +
{advancedEditorMessages.map((advancedEditorMessage, i) => ( diff --git a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/reducer.ts b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/reducer.ts index 5a3f26a63975e..69eececeba129 100644 --- a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/reducer.ts +++ b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/reducer.ts @@ -577,7 +577,9 @@ export function reducer(state: State, action: Action): State { const { jobConfig: config } = state; const { jobId } = state.form; // @ts-ignore - const formState = getFormStateFromJobConfig(config, false); + const formStateFromJobConfig = getFormStateFromJobConfig(config, false); + // Ensure previous form settings are persisted. Form state does not include any nested attributes. + const formState = { ...formStateFromJobConfig, ...state.form }; if (typeof jobId === 'string' && jobId.trim() !== '') { formState.jobId = jobId; @@ -605,7 +607,6 @@ export function reducer(state: State, action: Action): State { return validateForm({ ...state, - // @ts-ignore form: formState, isAdvancedEditorEnabled: false, advancedEditorRawString: JSON.stringify(config, null, 2), diff --git a/x-pack/test/functional/apps/ml/data_frame_analytics/classification_creation.ts b/x-pack/test/functional/apps/ml/data_frame_analytics/classification_creation.ts index 52da33a14c5ac..6dd953a84e4d0 100644 --- a/x-pack/test/functional/apps/ml/data_frame_analytics/classification_creation.ts +++ b/x-pack/test/functional/apps/ml/data_frame_analytics/classification_creation.ts @@ -89,6 +89,11 @@ export default function ({ getService }: FtrProviderContext) { isDependentVariableInput: true, }, ], + advancedEditorContent: [ + '{', + ` "description": "Classification job based on 'ft_bank_marketing' dataset with dependentVariable 'y' and trainingPercent '20'",`, + ' "source": {', + ], expected: { rocCurveColorState: [ // tick/grid/axis @@ -321,6 +326,14 @@ export default function ({ getService }: FtrProviderContext) { // - ⚠ Analysis fields await ml.dataFrameAnalyticsCreation.assertAllValidationCalloutsPresent(4); + // switch to json editor and back + await ml.testExecution.logTestStep('switches to advanced editor then back to form'); + await ml.dataFrameAnalyticsCreation.openAdvancedEditor(); + await ml.dataFrameAnalyticsCreation.assertAdvancedEditorCodeEditorContent( + testData.advancedEditorContent + ); + await ml.dataFrameAnalyticsCreation.closeAdvancedEditor(); + await ml.testExecution.logTestStep('continues to the create step'); await ml.dataFrameAnalyticsCreation.continueToCreateStep(); diff --git a/x-pack/test/functional/apps/ml/data_frame_analytics/outlier_detection_creation.ts b/x-pack/test/functional/apps/ml/data_frame_analytics/outlier_detection_creation.ts index e7a14abbebb65..8b4514add92cb 100644 --- a/x-pack/test/functional/apps/ml/data_frame_analytics/outlier_detection_creation.ts +++ b/x-pack/test/functional/apps/ml/data_frame_analytics/outlier_detection_creation.ts @@ -84,6 +84,11 @@ export default function ({ getService }: FtrProviderContext) { }, modelMemory: '5mb', createIndexPattern: true, + advancedEditorContent: [ + '{', + ' "description": "Outlier detection job based on ft_ihp_outlier dataset with runtime fields",', + ' "source": {', + ], expected: { histogramCharts: [ { chartAvailable: true, id: '1stFlrSF', legend: '334 - 4692' }, @@ -307,6 +312,14 @@ export default function ({ getService }: FtrProviderContext) { await ml.dataFrameAnalyticsCreation.assertValidationCalloutsExists(); await ml.dataFrameAnalyticsCreation.assertAllValidationCalloutsPresent(1); + // switch to json editor and back + await ml.testExecution.logTestStep('switches to advanced editor then back to form'); + await ml.dataFrameAnalyticsCreation.openAdvancedEditor(); + await ml.dataFrameAnalyticsCreation.assertAdvancedEditorCodeEditorContent( + testData.advancedEditorContent + ); + await ml.dataFrameAnalyticsCreation.closeAdvancedEditor(); + await ml.testExecution.logTestStep('continues to the create step'); await ml.dataFrameAnalyticsCreation.continueToCreateStep(); diff --git a/x-pack/test/functional/apps/ml/data_frame_analytics/regression_creation.ts b/x-pack/test/functional/apps/ml/data_frame_analytics/regression_creation.ts index fe4010264c621..b4ed75c35043a 100644 --- a/x-pack/test/functional/apps/ml/data_frame_analytics/regression_creation.ts +++ b/x-pack/test/functional/apps/ml/data_frame_analytics/regression_creation.ts @@ -91,6 +91,11 @@ export default function ({ getService }: FtrProviderContext) { trainingPercent: 20, modelMemory: '20mb', createIndexPattern: true, + advancedEditorContent: [ + '{', + ' "description": "Regression job based on ft_egs_regression dataset with runtime fields",', + ' "source": {', + ], expected: { scatterplotMatrixColorStats: [ // some marker colors of the continuous color scale @@ -322,6 +327,14 @@ export default function ({ getService }: FtrProviderContext) { await ml.dataFrameAnalyticsCreation.assertValidationCalloutsExists(); await ml.dataFrameAnalyticsCreation.assertAllValidationCalloutsPresent(3); + // switch to json editor and back + await ml.testExecution.logTestStep('switches to advanced editor then back to form'); + await ml.dataFrameAnalyticsCreation.openAdvancedEditor(); + await ml.dataFrameAnalyticsCreation.assertAdvancedEditorCodeEditorContent( + testData.advancedEditorContent + ); + await ml.dataFrameAnalyticsCreation.closeAdvancedEditor(); + await ml.testExecution.logTestStep('continues to the create step'); await ml.dataFrameAnalyticsCreation.continueToCreateStep(); diff --git a/x-pack/test/functional/services/ml/data_frame_analytics_creation.ts b/x-pack/test/functional/services/ml/data_frame_analytics_creation.ts index 43bb799a5a759..beedbb145dce4 100644 --- a/x-pack/test/functional/services/ml/data_frame_analytics_creation.ts +++ b/x-pack/test/functional/services/ml/data_frame_analytics_creation.ts @@ -54,8 +54,40 @@ export function MachineLearningDataFrameAnalyticsCreationProvider( await headerPage.waitUntilLoadingHasFinished(); }, + async assertAdvancedEditorCodeEditorExists() { + await testSubjects.existOrFail('mlAnalyticsCreateJobWizardAdvancedEditorCodeEditor', { + allowHidden: true, + }); + }, + + async assertAdvancedEditorCodeEditorContent(expectedContent: string[]) { + await this.assertAdvancedEditorCodeEditorExists(); + const wrapper = await testSubjects.find('mlAnalyticsCreateJobWizardAdvancedEditorCodeEditor'); + const editor = await wrapper.findByCssSelector('.monaco-editor .view-lines'); + const editorContentString = await editor.getVisibleText(); + const splicedAdvancedEditorValue = editorContentString.split('\n').splice(0, 3); + expect(splicedAdvancedEditorValue).to.eql( + expectedContent, + `Expected the first editor lines to be '${expectedContent}' (got '${splicedAdvancedEditorValue}')` + ); + }, + + async openAdvancedEditor() { + this.assertAdvancedEditorSwitchExists(); + await testSubjects.click('mlAnalyticsCreateJobWizardAdvancedEditorSwitch'); + this.assertAdvancedEditorSwitchCheckState(true); + this.assertAdvancedEditorCodeEditorExists(); + }, + + async closeAdvancedEditor() { + this.assertAdvancedEditorSwitchExists(); + await testSubjects.click('mlAnalyticsCreateJobWizardAdvancedEditorSwitch'); + this.assertAdvancedEditorSwitchCheckState(false); + await testSubjects.missingOrFail('mlAnalyticsCreateJobWizardAdvancedEditorCodeEditor'); + }, + async assertAdvancedEditorSwitchExists() { - await testSubjects.existOrFail(`mlAnalyticsCreateJobWizardAdvancedEditorSwitch`, { + await testSubjects.existOrFail('mlAnalyticsCreateJobWizardAdvancedEditorSwitch', { allowHidden: true, }); }, From 7b0d842096500ef569f8d879d8fb913ac29cf318 Mon Sep 17 00:00:00 2001 From: Colleen McGinnis Date: Thu, 19 Oct 2023 09:42:45 -0500 Subject: [PATCH 43/50] [DOCS] Clean up APM UI docs (#169269) Closes https://github.com/elastic/observability-docs/issues/3292 ## Summary Updates documentation related to the APM UI based on issues found during the Observability docs bug bash last week. ### Checklist Delete any items that are not applicable to this PR. - [x] @colleenmcginnis [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials: - [x] Clarify that distributed traces aren't the only colorful traces in [Trace sample timeline](https://www.elastic.co/guide/en/kibana/current/spans.html#distributed-tracing) (https://github.com/elastic/kibana/commit/b707c3936bbf6fd3dcf2651653d5fa527a085171) - [x] Clarify the implications of the traces table only showing root transactions in [Traces](https://www.elastic.co/guide/en/kibana/current/traces.html) (https://github.com/elastic/kibana/commit/c1de678f912c03159926119aead13912a6d9239b) - [x] Add beta admonition to APM [Infrastucture](https://www.elastic.co/guide/en/kibana/current/infrastructure.html) page (https://github.com/elastic/kibana/commit/d3bc4a972d3066485f9c6feb747af64298758f59) - [x] @bmorelli25 review --- docs/apm/infrastructure.asciidoc | 2 ++ docs/apm/spans.asciidoc | 5 +++-- docs/apm/traces.asciidoc | 4 ++++ 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/docs/apm/infrastructure.asciidoc b/docs/apm/infrastructure.asciidoc index f9cf45aa490c2..8ca919ffca6c4 100644 --- a/docs/apm/infrastructure.asciidoc +++ b/docs/apm/infrastructure.asciidoc @@ -2,6 +2,8 @@ [[infrastructure]] === Infrastructure +beta::[] + The *Infrastructure* tab provides information about the containers, pods, and hosts, that the selected service is linked to. diff --git a/docs/apm/spans.asciidoc b/docs/apm/spans.asciidoc index 5b23e69b18c6b..40af80cb864a9 100644 --- a/docs/apm/spans.asciidoc +++ b/docs/apm/spans.asciidoc @@ -43,8 +43,9 @@ For example, quickly view: [[distributed-tracing]] ==== Distributed tracing -If your trace sample timeline is colorful, it's indicative of a distributed trace. -Services in a distributed trace are separated by color and listed in the order they occur. +When a trace travels through multiple services it is known as a _distributed trace_. +In APM, the colors in a distributed trace represent different services and +are listed in the order they occur. [role="screenshot"] image::apm/images/apm-services-trace.png[Example of distributed trace colors in the APM app in Kibana] diff --git a/docs/apm/traces.asciidoc b/docs/apm/traces.asciidoc index 1269781e7798e..4c912a03dcf64 100644 --- a/docs/apm/traces.asciidoc +++ b/docs/apm/traces.asciidoc @@ -17,6 +17,10 @@ it's the collective amount of pain a specific endpoint is causing your users. If there's a particular endpoint you're worried about, select it to view its <>. +You can also use queries to filter and search the transactions shown on this page. +Note that only properties available on root transactions are searchable. +For example, you can't search for `label.tier: 'high'`, as that field is only available on non-root transactions. + [role="screenshot"] image::apm/images/apm-traces.png[Example view of the Traces overview in APM app in Kibana] From 32ba81778bcbd07b9e0233a6a6e2d5fb37cd57e3 Mon Sep 17 00:00:00 2001 From: Kevin Delemme Date: Thu, 19 Oct 2023 11:07:31 -0400 Subject: [PATCH 44/50] chore(slo): prefill slo edit form on update error (#168760) --- .../observability/common/locators/paths.ts | 2 + .../public/hooks/slo/use_create_slo.ts | 2 + .../public/hooks/slo/use_update_slo.ts | 24 +- .../slo_edit/components/slo_edit_form.tsx | 10 +- .../process_slo_form_values.test.ts.snap | 273 +++++++++ .../helpers/process_slo_form_values.test.ts | 124 ++--- .../helpers/process_slo_form_values.ts | 55 +- .../slo_edit/hooks/use_parse_url_state.ts | 6 +- .../public/pages/slo_edit/slo_edit.test.tsx | 526 ++++-------------- 9 files changed, 508 insertions(+), 514 deletions(-) create mode 100644 x-pack/plugins/observability/public/pages/slo_edit/helpers/__snapshots__/process_slo_form_values.test.ts.snap diff --git a/x-pack/plugins/observability/common/locators/paths.ts b/x-pack/plugins/observability/common/locators/paths.ts index a69062321dd29..dcd3c361c0e36 100644 --- a/x-pack/plugins/observability/common/locators/paths.ts +++ b/x-pack/plugins/observability/common/locators/paths.ts @@ -35,6 +35,8 @@ export const paths = { sloCreateWithEncodedForm: (encodedParams: string) => `${OBSERVABILITY_BASE_PATH}${SLO_CREATE_PATH}?_a=${encodedParams}`, sloEdit: (sloId: string) => `${OBSERVABILITY_BASE_PATH}${SLOS_PATH}/edit/${encodeURI(sloId)}`, + sloEditWithEncodedForm: (sloId: string, encodedParams: string) => + `${OBSERVABILITY_BASE_PATH}${SLOS_PATH}/edit/${encodeURI(sloId)}?_a=${encodedParams}`, sloDetails: (sloId: string, instanceId?: string) => !!instanceId ? `${OBSERVABILITY_BASE_PATH}${SLOS_PATH}/${encodeURI(sloId)}?instanceId=${encodeURI( diff --git a/x-pack/plugins/observability/public/hooks/slo/use_create_slo.ts b/x-pack/plugins/observability/public/hooks/slo/use_create_slo.ts index a1a79d51f5af5..15ba63d780913 100644 --- a/x-pack/plugins/observability/public/hooks/slo/use_create_slo.ts +++ b/x-pack/plugins/observability/public/hooks/slo/use_create_slo.ts @@ -69,6 +69,8 @@ export function useCreateSlo() { values: { name: slo.name }, }) ); + + queryClient.invalidateQueries({ queryKey: sloKeys.lists(), exact: false }); }, onError: (error, { slo }, context) => { if (context?.previousData && context?.queryKey) { diff --git a/x-pack/plugins/observability/public/hooks/slo/use_update_slo.ts b/x-pack/plugins/observability/public/hooks/slo/use_update_slo.ts index 07f6991b9e82b..8f81075f0f2df 100644 --- a/x-pack/plugins/observability/public/hooks/slo/use_update_slo.ts +++ b/x-pack/plugins/observability/public/hooks/slo/use_update_slo.ts @@ -9,13 +9,16 @@ import { IHttpFetchError, ResponseErrorBody } from '@kbn/core/public'; import { i18n } from '@kbn/i18n'; import type { FindSLOResponse, UpdateSLOInput, UpdateSLOResponse } from '@kbn/slo-schema'; import { QueryKey, useMutation, useQueryClient } from '@tanstack/react-query'; +import { encode } from '@kbn/rison'; import { useKibana } from '../../utils/kibana_react'; +import { paths } from '../../../common/locators/paths'; import { sloKeys } from './query_key_factory'; type ServerError = IHttpFetchError; export function useUpdateSlo() { const { + application: { navigateToUrl }, http, notifications: { toasts }, } = useKibana().services; @@ -25,7 +28,7 @@ export function useUpdateSlo() { UpdateSLOResponse, ServerError, { sloId: string; slo: UpdateSLOInput }, - { previousData?: FindSLOResponse; queryKey?: QueryKey } + { previousData?: FindSLOResponse; queryKey?: QueryKey; sloId: string } >( ['updateSlo'], ({ sloId, slo }) => { @@ -57,7 +60,7 @@ export function useUpdateSlo() { queryClient.setQueryData(queryKey, optimisticUpdate); } - return { previousData, queryKey }; + return { previousData, queryKey, sloId }; }, onSuccess: (_data, { slo: { name } }) => { toasts.addSuccess( @@ -66,8 +69,10 @@ export function useUpdateSlo() { values: { name }, }) ); + + queryClient.invalidateQueries({ queryKey: sloKeys.lists(), exact: false }); }, - onError: (error, { slo: { name } }, context) => { + onError: (error, { slo }, context) => { if (context?.previousData && context?.queryKey) { queryClient.setQueryData(context.queryKey, context.previousData); } @@ -75,12 +80,17 @@ export function useUpdateSlo() { toasts.addError(new Error(error.body?.message ?? error.message), { title: i18n.translate('xpack.observability.slo.update.errorNotification', { defaultMessage: 'Something went wrong when updating {name}', - values: { name }, + values: { name: slo.name }, }), }); - }, - onSettled: () => { - queryClient.invalidateQueries({ queryKey: sloKeys.lists(), exact: false }); + + if (context?.sloId) { + navigateToUrl( + http.basePath.prepend( + paths.observability.sloEditWithEncodedForm(context.sloId, encode(slo)) + ) + ); + } }, } ); diff --git a/x-pack/plugins/observability/public/pages/slo_edit/components/slo_edit_form.tsx b/x-pack/plugins/observability/public/pages/slo_edit/components/slo_edit_form.tsx index 0fb29d5980ccb..b8fc9bdaa0a02 100644 --- a/x-pack/plugins/observability/public/pages/slo_edit/components/slo_edit_form.tsx +++ b/x-pack/plugins/observability/public/pages/slo_edit/components/slo_edit_form.tsx @@ -15,7 +15,7 @@ import { EuiSteps, } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import type { SLOWithSummaryResponse } from '@kbn/slo-schema'; +import type { GetSLOResponse } from '@kbn/slo-schema'; import React, { useCallback, useEffect, useState } from 'react'; import { FormProvider, useForm } from 'react-hook-form'; import { sloFeatureId } from '../../../../common'; @@ -45,7 +45,7 @@ import { SloEditFormIndicatorSection } from './slo_edit_form_indicator_section'; import { SloEditFormObjectiveSection } from './slo_edit_form_objective_section'; export interface Props { - slo: SLOWithSummaryResponse | undefined; + slo?: GetSLOResponse; } export const maxWidth = 775; @@ -63,6 +63,8 @@ export function SloEditForm({ slo }: Props) { }); const sloFormValuesFromUrlState = useParseUrlState(); + const sloFormValuesFromSloResponse = transformSloResponseToCreateSloForm(slo); + const isAddRuleFlyoutOpen = useAddRuleFlyoutState(isEditMode); const [isCreateRuleCheckboxChecked, setIsCreateRuleCheckboxChecked] = useState(true); @@ -73,8 +75,8 @@ export function SloEditForm({ slo }: Props) { }, [isEditMode, rules, slo]); const methods = useForm({ - defaultValues: Object.assign({}, SLO_EDIT_FORM_DEFAULT_VALUES, sloFormValuesFromUrlState), - values: transformSloResponseToCreateSloForm(slo), + defaultValues: SLO_EDIT_FORM_DEFAULT_VALUES, + values: sloFormValuesFromUrlState ? sloFormValuesFromUrlState : sloFormValuesFromSloResponse, mode: 'all', }); const { watch, getFieldState, getValues, formState, trigger } = methods; diff --git a/x-pack/plugins/observability/public/pages/slo_edit/helpers/__snapshots__/process_slo_form_values.test.ts.snap b/x-pack/plugins/observability/public/pages/slo_edit/helpers/__snapshots__/process_slo_form_values.test.ts.snap new file mode 100644 index 0000000000000..6f1197f32c157 --- /dev/null +++ b/x-pack/plugins/observability/public/pages/slo_edit/helpers/__snapshots__/process_slo_form_values.test.ts.snap @@ -0,0 +1,273 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`Transform partial URL state into form state handles partial Custom Histogram state 1`] = ` +Object { + "budgetingMethod": "occurrences", + "description": "", + "groupBy": "*", + "indicator": Object { + "params": Object { + "filter": "", + "good": Object { + "aggregation": "value_count", + "field": "", + }, + "index": "override-index", + "timestampField": "", + "total": Object { + "aggregation": "value_count", + "field": "", + }, + }, + "type": "sli.histogram.custom", + }, + "name": "", + "objective": Object { + "target": 99, + }, + "tags": Array [], + "timeWindow": Object { + "duration": "30d", + "type": "rolling", + }, +} +`; + +exports[`Transform partial URL state into form state handles partial Custom Metric state 1`] = ` +Object { + "budgetingMethod": "occurrences", + "description": "", + "groupBy": "*", + "indicator": Object { + "params": Object { + "filter": "", + "good": Object { + "equation": "A", + "metrics": Array [ + Object { + "aggregation": "sum", + "field": "", + "name": "A", + }, + ], + }, + "index": "override-index", + "timestampField": "", + "total": Object { + "equation": "A", + "metrics": Array [ + Object { + "aggregation": "sum", + "field": "", + "name": "A", + }, + ], + }, + }, + "type": "sli.metric.custom", + }, + "name": "", + "objective": Object { + "target": 99, + }, + "tags": Array [], + "timeWindow": Object { + "duration": "30d", + "type": "rolling", + }, +} +`; + +exports[`Transform partial URL state into form state handles the 'budgetingMethod' URL state 1`] = ` +Object { + "budgetingMethod": "timeslices", + "description": "", + "groupBy": "*", + "indicator": Object { + "params": Object { + "filter": "", + "good": "", + "index": "", + "timestampField": "", + "total": "", + }, + "type": "sli.kql.custom", + }, + "name": "", + "objective": Object { + "target": 99, + }, + "tags": Array [], + "timeWindow": Object { + "duration": "30d", + "type": "rolling", + }, +} +`; + +exports[`Transform partial URL state into form state handles the 'objective' URL state 1`] = ` +Object { + "budgetingMethod": "occurrences", + "description": "", + "groupBy": "*", + "indicator": Object { + "params": Object { + "filter": "", + "good": "", + "index": "", + "timestampField": "", + "total": "", + }, + "type": "sli.kql.custom", + }, + "name": "", + "objective": Object { + "target": 94.5, + "timesliceTarget": 95, + "timesliceWindow": "2", + }, + "tags": Array [], + "timeWindow": Object { + "duration": "30d", + "type": "rolling", + }, +} +`; + +exports[`Transform partial URL state into form state handles the 'timeWindow' URL state 1`] = ` +Object { + "budgetingMethod": "occurrences", + "description": "", + "groupBy": "*", + "indicator": Object { + "params": Object { + "filter": "", + "good": "", + "index": "", + "timestampField": "", + "total": "", + }, + "type": "sli.kql.custom", + }, + "name": "", + "objective": Object { + "target": 99, + }, + "tags": Array [], + "timeWindow": Object { + "duration": "1M", + "type": "calendarAligned", + }, +} +`; + +exports[`Transform partial URL state into form state with 'indicator' in URL state handles partial APM Availability state 1`] = ` +Object { + "budgetingMethod": "occurrences", + "description": "", + "groupBy": "*", + "indicator": Object { + "params": Object { + "environment": "", + "filter": "", + "index": "", + "service": "override-service", + "transactionName": "", + "transactionType": "", + }, + "type": "sli.apm.transactionErrorRate", + }, + "name": "", + "objective": Object { + "target": 99, + }, + "tags": Array [], + "timeWindow": Object { + "duration": "30d", + "type": "rolling", + }, +} +`; + +exports[`Transform partial URL state into form state with 'indicator' in URL state handles partial APM Latency state 1`] = ` +Object { + "budgetingMethod": "occurrences", + "description": "", + "groupBy": "*", + "indicator": Object { + "params": Object { + "environment": "", + "filter": "", + "index": "", + "service": "override-service", + "threshold": 250, + "transactionName": "", + "transactionType": "", + }, + "type": "sli.apm.transactionDuration", + }, + "name": "", + "objective": Object { + "target": 99, + }, + "tags": Array [], + "timeWindow": Object { + "duration": "30d", + "type": "rolling", + }, +} +`; + +exports[`Transform partial URL state into form state with 'indicator' in URL state handles partial Custom KQL state 1`] = ` +Object { + "budgetingMethod": "occurrences", + "description": "", + "groupBy": "*", + "indicator": Object { + "params": Object { + "filter": "", + "good": "some.override.filter:'foo'", + "index": "override-index", + "timestampField": "", + "total": "", + }, + "type": "sli.kql.custom", + }, + "name": "", + "objective": Object { + "target": 99, + }, + "tags": Array [], + "timeWindow": Object { + "duration": "30d", + "type": "rolling", + }, +} +`; + +exports[`Transform partial URL state into form state with 'indicator' in URL state returns default form values when no indicator type is specified 1`] = ` +Object { + "budgetingMethod": "occurrences", + "description": "", + "groupBy": "*", + "indicator": Object { + "params": Object { + "filter": "", + "good": "", + "index": "", + "timestampField": "", + "total": "", + }, + "type": "sli.kql.custom", + }, + "name": "", + "objective": Object { + "target": 99, + }, + "tags": Array [], + "timeWindow": Object { + "duration": "30d", + "type": "rolling", + }, +} +`; diff --git a/x-pack/plugins/observability/public/pages/slo_edit/helpers/process_slo_form_values.test.ts b/x-pack/plugins/observability/public/pages/slo_edit/helpers/process_slo_form_values.test.ts index 475dfb01b1998..dce74002baca7 100644 --- a/x-pack/plugins/observability/public/pages/slo_edit/helpers/process_slo_form_values.test.ts +++ b/x-pack/plugins/observability/public/pages/slo_edit/helpers/process_slo_form_values.test.ts @@ -7,10 +7,10 @@ import { transformPartialUrlStateToFormState as transform } from './process_slo_form_values'; -describe('Transform Partial URL State into partial State Form', () => { - describe('indicators', () => { - it("returns an empty '{}' when no indicator type is specified", () => { - expect(transform({ indicator: { params: { index: 'my-index' } } })).toEqual({}); +describe('Transform partial URL state into form state', () => { + describe("with 'indicator' in URL state", () => { + it('returns default form values when no indicator type is specified', () => { + expect(transform({ indicator: { params: { index: 'my-index' } } })).toMatchSnapshot(); }); it('handles partial APM Availability state', () => { @@ -23,19 +23,7 @@ describe('Transform Partial URL State into partial State Form', () => { }, }, }) - ).toEqual({ - indicator: { - type: 'sli.apm.transactionErrorRate', - params: { - service: 'override-service', - environment: '', - filter: '', - index: '', - transactionName: '', - transactionType: '', - }, - }, - }); + ).toMatchSnapshot(); }); it('handles partial APM Latency state', () => { @@ -48,20 +36,7 @@ describe('Transform Partial URL State into partial State Form', () => { }, }, }) - ).toEqual({ - indicator: { - type: 'sli.apm.transactionDuration', - params: { - service: 'override-service', - environment: '', - filter: '', - index: '', - transactionName: '', - transactionType: '', - threshold: 250, - }, - }, - }); + ).toMatchSnapshot(); }); it('handles partial Custom KQL state', () => { @@ -75,78 +50,49 @@ describe('Transform Partial URL State into partial State Form', () => { }, }, }) - ).toEqual({ - indicator: { - type: 'sli.kql.custom', - params: { - index: 'override-index', - timestampField: '', - filter: '', - good: "some.override.filter:'foo'", - total: '', - }, - }, - }); + ).toMatchSnapshot(); }); + }); - it('handles partial Custom Metric state', () => { - expect( - transform({ - indicator: { - type: 'sli.metric.custom', - params: { - index: 'override-index', - }, - }, - }) - ).toEqual({ + it('handles partial Custom Metric state', () => { + expect( + transform({ indicator: { type: 'sli.metric.custom', params: { index: 'override-index', - filter: '', - timestampField: '', - good: { - equation: 'A', - metrics: [{ aggregation: 'sum', field: '', name: 'A' }], - }, - total: { - equation: 'A', - metrics: [{ aggregation: 'sum', field: '', name: 'A' }], - }, }, }, - }); - }); + }) + ).toMatchSnapshot(); + }); - it('handles partial Custom Histogram state', () => { - expect( - transform({ - indicator: { - type: 'sli.histogram.custom', - params: { - index: 'override-index', - }, - }, - }) - ).toEqual({ + it('handles partial Custom Histogram state', () => { + expect( + transform({ indicator: { type: 'sli.histogram.custom', params: { index: 'override-index', - filter: '', - timestampField: '', - good: { - aggregation: 'value_count', - field: '', - }, - total: { - aggregation: 'value_count', - field: '', - }, }, }, - }); - }); + }) + ).toMatchSnapshot(); + }); + + it("handles the 'budgetingMethod' URL state", () => { + expect(transform({ budgetingMethod: 'timeslices' })).toMatchSnapshot(); + }); + + it("handles the 'timeWindow' URL state", () => { + expect( + transform({ timeWindow: { duration: '1M', type: 'calendarAligned' } }) + ).toMatchSnapshot(); + }); + + it("handles the 'objective' URL state", () => { + expect( + transform({ objective: { target: 0.945, timesliceTarget: 0.95, timesliceWindow: '2m' } }) + ).toMatchSnapshot(); }); }); diff --git a/x-pack/plugins/observability/public/pages/slo_edit/helpers/process_slo_form_values.ts b/x-pack/plugins/observability/public/pages/slo_edit/helpers/process_slo_form_values.ts index f523cc1ce1ce1..2238d7848feeb 100644 --- a/x-pack/plugins/observability/public/pages/slo_edit/helpers/process_slo_form_values.ts +++ b/x-pack/plugins/observability/public/pages/slo_edit/helpers/process_slo_form_values.ts @@ -5,9 +5,10 @@ * 2.0. */ -import { CreateSLOInput, Indicator, SLOWithSummaryResponse, UpdateSLOInput } from '@kbn/slo-schema'; +import { CreateSLOInput, GetSLOResponse, Indicator, UpdateSLOInput } from '@kbn/slo-schema'; import { assertNever } from '@kbn/std'; import { RecursivePartial } from '@kbn/utility-types'; +import { cloneDeep } from 'lodash'; import { toDuration } from '../../../utils/slo/duration'; import { APM_AVAILABILITY_DEFAULT_VALUES, @@ -15,12 +16,13 @@ import { CUSTOM_KQL_DEFAULT_VALUES, CUSTOM_METRIC_DEFAULT_VALUES, HISTOGRAM_DEFAULT_VALUES, + SLO_EDIT_FORM_DEFAULT_VALUES, TIMESLICE_METRIC_DEFAULT_VALUES, } from '../constants'; import { CreateSLOForm } from '../types'; export function transformSloResponseToCreateSloForm( - values: SLOWithSummaryResponse | undefined + values?: GetSLOResponse ): CreateSLOForm | undefined { if (!values) return undefined; @@ -144,12 +146,51 @@ function transformPartialIndicatorState( } export function transformPartialUrlStateToFormState( - values: RecursivePartial> -): Partial | {} { - const state: Partial = {}; + values: RecursivePartial +): CreateSLOForm { + const state: CreateSLOForm = cloneDeep(SLO_EDIT_FORM_DEFAULT_VALUES); - const parsedIndicator = transformPartialIndicatorState(values.indicator); - if (parsedIndicator !== undefined) state.indicator = parsedIndicator; + const indicator = transformPartialIndicatorState(values.indicator); + if (indicator !== undefined) { + state.indicator = indicator; + } + + if (values.name) { + state.name = values.name; + } + if (values.description) { + state.description = values.description; + } + if (!!values.tags) { + state.tags = values.tags as string[]; + } + + if (values.objective) { + if (values.objective.target) { + state.objective = { + target: values.objective.target * 100, + }; + + if (values.objective.timesliceTarget && values.objective.timesliceWindow) { + state.objective.timesliceTarget = values.objective.timesliceTarget * 100; + state.objective.timesliceWindow = String( + toDuration(values.objective.timesliceWindow).value + ); + } + } + } + + if (values.budgetingMethod) { + state.budgetingMethod = values.budgetingMethod; + } + + if (values.groupBy) { + state.groupBy = values.groupBy; + } + + if (values.timeWindow?.duration && values.timeWindow?.type) { + state.timeWindow = { duration: values.timeWindow.duration, type: values.timeWindow.type }; + } return state; } diff --git a/x-pack/plugins/observability/public/pages/slo_edit/hooks/use_parse_url_state.ts b/x-pack/plugins/observability/public/pages/slo_edit/hooks/use_parse_url_state.ts index f8354ae030403..16edf6df757c1 100644 --- a/x-pack/plugins/observability/public/pages/slo_edit/hooks/use_parse_url_state.ts +++ b/x-pack/plugins/observability/public/pages/slo_edit/hooks/use_parse_url_state.ts @@ -12,7 +12,7 @@ import { useHistory } from 'react-router-dom'; import { transformPartialUrlStateToFormState } from '../helpers/process_slo_form_values'; import { CreateSLOForm } from '../types'; -export function useParseUrlState(): Partial | null { +export function useParseUrlState(): CreateSLOForm | undefined { const history = useHistory(); const urlStateStorage = createKbnUrlStateStorage({ history, @@ -20,7 +20,7 @@ export function useParseUrlState(): Partial | null { useHashQuery: false, }); - const urlParams = urlStateStorage.get>('_a'); + const urlState = urlStateStorage.get>('_a'); - return !!urlParams ? transformPartialUrlStateToFormState(urlParams) : null; + return !!urlState ? transformPartialUrlStateToFormState(urlState) : undefined; } diff --git a/x-pack/plugins/observability/public/pages/slo_edit/slo_edit.test.tsx b/x-pack/plugins/observability/public/pages/slo_edit/slo_edit.test.tsx index b158094a67aab..64e6552a78980 100644 --- a/x-pack/plugins/observability/public/pages/slo_edit/slo_edit.test.tsx +++ b/x-pack/plugins/observability/public/pages/slo_edit/slo_edit.test.tsx @@ -5,27 +5,28 @@ * 2.0. */ +import { fireEvent, waitFor } from '@testing-library/dom'; +import { cleanup } from '@testing-library/react'; +import { createBrowserHistory } from 'history'; import React from 'react'; import Router from 'react-router-dom'; -import { createBrowserHistory } from 'history'; -import { waitFor, fireEvent, screen } from '@testing-library/dom'; -import { cleanup } from '@testing-library/react'; -import userEvent from '@testing-library/user-event'; -import { render } from '../../utils/test_helper'; -import { useKibana } from '../../utils/kibana_react'; -import { useLicense } from '../../hooks/use_license'; -import { useFetchIndices } from '../../hooks/use_fetch_indices'; -import { useFetchDataViews } from '../../hooks/use_fetch_data_views'; -import { useFetchSloDetails } from '../../hooks/slo/use_fetch_slo_details'; +import { paths } from '../../../common/locators/paths'; +import { buildSlo } from '../../data/slo/slo'; +import { useCapabilities } from '../../hooks/slo/use_capabilities'; import { useCreateSlo } from '../../hooks/slo/use_create_slo'; -import { useUpdateSlo } from '../../hooks/slo/use_update_slo'; import { useFetchApmSuggestions } from '../../hooks/slo/use_fetch_apm_suggestions'; +import { useFetchIndexPatternFields } from '../../hooks/slo/use_fetch_index_pattern_fields'; +import { useFetchSloDetails } from '../../hooks/slo/use_fetch_slo_details'; +import { useUpdateSlo } from '../../hooks/slo/use_update_slo'; +import { useFetchDataViews } from '../../hooks/use_fetch_data_views'; +import { useFetchIndices } from '../../hooks/use_fetch_indices'; +import { useLicense } from '../../hooks/use_license'; +import { useKibana } from '../../utils/kibana_react'; import { kibanaStartMock } from '../../utils/kibana_react.mock'; -import { buildSlo } from '../../data/slo/slo'; -import { paths } from '../../../common/locators/paths'; +import { render } from '../../utils/test_helper'; +import { SLO_EDIT_FORM_DEFAULT_VALUES } from './constants'; import { SloEditPage } from './slo_edit'; -import { useCapabilities } from '../../hooks/slo/use_capabilities'; jest.mock('react-router-dom', () => ({ ...jest.requireActual('react-router-dom'), @@ -41,6 +42,7 @@ jest.mock('../../hooks/slo/use_create_slo'); jest.mock('../../hooks/slo/use_update_slo'); jest.mock('../../hooks/slo/use_fetch_apm_suggestions'); jest.mock('../../hooks/slo/use_capabilities'); +jest.mock('../../hooks/slo/use_fetch_index_pattern_fields'); const mockUseKibanaReturnValue = kibanaStartMock.startContract(); @@ -56,6 +58,7 @@ const useFetchSloMock = useFetchSloDetails as jest.Mock; const useCreateSloMock = useCreateSlo as jest.Mock; const useUpdateSloMock = useUpdateSlo as jest.Mock; const useFetchApmSuggestionsMock = useFetchApmSuggestions as jest.Mock; +const useFetchIndexPatternFieldsMock = useFetchIndexPatternFields as jest.Mock; const useCapabilitiesMock = useCapabilities as jest.Mock; const mockAddSuccess = jest.fn(); @@ -122,12 +125,50 @@ const mockKibana = () => { }; describe('SLO Edit Page', () => { + const mockCreate = jest.fn(); + const mockUpdate = jest.fn(); + beforeEach(() => { jest.clearAllMocks(); mockKibana(); // Silence all the ref errors in Eui components. + jest.spyOn(console, 'warn').mockImplementation(() => {}); jest.spyOn(console, 'error').mockImplementation(() => {}); + + const history = createBrowserHistory(); + history.replace(''); + jest.spyOn(Router, 'useHistory').mockReturnValueOnce(history); + + useFetchDataViewsMock.mockReturnValue({ + isLoading: false, + data: [{ getName: () => 'dataview', getIndexPattern: () => '.dataview-index' }], + }); + useFetchIndicesMock.mockReturnValue({ + isLoading: false, + data: ['some-index', 'index-2'], + }); + useFetchIndexPatternFieldsMock.mockReturnValue({ + isLoading: false, + data: [ + { name: 'field', type: 'date', aggregatable: false, searchable: false }, + { name: 'field_text', type: 'text', aggregatable: true, searchable: true }, + ], + }); + + useCreateSloMock.mockReturnValue({ + isLoading: false, + isSuccess: false, + isError: false, + mutateAsync: mockCreate, + }); + + useUpdateSloMock.mockReturnValue({ + isLoading: false, + isSuccess: false, + isError: false, + mutateAsync: mockUpdate, + }); }); afterEach(cleanup); @@ -149,28 +190,6 @@ describe('SLO Edit Page', () => { useFetchSloMock.mockReturnValue({ isLoading: false, data: undefined }); - useFetchIndicesMock.mockReturnValue({ - isLoading: false, - data: ['some-index'], - }); - useFetchDataViewsMock.mockReturnValue({ isLoading: false, data: [] }); - - useCreateSloMock.mockReturnValue({ - isLoading: false, - isSuccess: false, - isError: false, - mutate: jest.fn(), - mutateAsync: jest.fn(), - }); - - useUpdateSloMock.mockReturnValue({ - isLoading: false, - isSuccess: false, - isError: false, - mutate: jest.fn(), - mutateAsync: jest.fn(), - }); - render(); expect(mockNavigate).toBeCalledWith(mockBasePathPrepend(paths.observability.slos)); @@ -184,7 +203,6 @@ describe('SLO Edit Page', () => { hasReadCapabilities: true, }); useLicenseMock.mockReturnValue({ hasAtLeast: () => true }); - useFetchDataViewsMock.mockReturnValue({ isLoading: false, data: [] }); }); describe('with no write permission', () => { @@ -203,27 +221,6 @@ describe('SLO Edit Page', () => { useFetchSloMock.mockReturnValue({ isLoading: false, data: undefined }); - useFetchIndicesMock.mockReturnValue({ - isLoading: false, - data: ['some-index'], - }); - - useCreateSloMock.mockReturnValue({ - isLoading: false, - isSuccess: false, - isError: false, - mutate: jest.fn(), - mutateAsync: jest.fn(), - }); - - useUpdateSloMock.mockReturnValue({ - isLoading: false, - isSuccess: false, - isError: false, - mutate: jest.fn(), - mutateAsync: jest.fn(), - }); - render(); expect(mockNavigate).toBeCalledWith(mockBasePathPrepend(paths.observability.slos)); @@ -231,308 +228,119 @@ describe('SLO Edit Page', () => { }); describe('when no sloId route param is provided', () => { - it('renders the SLO Edit page in pristine state', async () => { - jest.spyOn(Router, 'useParams').mockReturnValue({ sloId: undefined }); - jest - .spyOn(Router, 'useLocation') - .mockReturnValue({ pathname: 'foo', search: '', state: '', hash: '' }); - + beforeEach(() => { useFetchSloMock.mockReturnValue({ isLoading: false, data: undefined }); - - useFetchIndicesMock.mockReturnValue({ - isLoading: false, - data: ['some-index'], - }); - - useCreateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - useUpdateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - render(); - - expect(screen.queryByTestId('slosEditPage')).toBeTruthy(); - expect(screen.queryByTestId('sloForm')).toBeTruthy(); - - expect(screen.queryByTestId('sloEditFormIndicatorSection')).toBeTruthy(); - // Show default values from the kql indicator - expect(screen.queryByTestId('sloFormIndicatorTypeSelect')).toHaveValue('sli.kql.custom'); - expect(screen.queryByTestId('indexSelectionSelectedValue')).toBeNull(); - expect(screen.queryByTestId('customKqlIndicatorFormQueryFilterInput')).toHaveValue(''); - expect(screen.queryByTestId('customKqlIndicatorFormGoodQueryInput')).toHaveValue(''); - expect(screen.queryByTestId('customKqlIndicatorFormTotalQueryInput')).toHaveValue(''); - - // other sections are hidden - expect(screen.queryByTestId('sloEditFormObjectiveSection')).toBeNull(); - expect(screen.queryByTestId('sloEditFormDescriptionSection')).toBeNull(); }); - it.skip('calls the createSlo hook if all required values are filled in', async () => { + it('renders the SLO Edit page in pristine state', async () => { jest.spyOn(Router, 'useParams').mockReturnValue({ sloId: undefined }); jest .spyOn(Router, 'useLocation') .mockReturnValue({ pathname: 'foo', search: '', state: '', hash: '' }); - useFetchIndicesMock.mockReturnValue({ - isLoading: false, - data: ['some-index'], - }); - - useFetchSloMock.mockReturnValue({ isLoading: false, data: undefined }); - - const mockCreate = jest.fn(); - const mockUpdate = jest.fn(); + const { queryByTestId } = render(); - useCreateSloMock.mockReturnValue({ - mutateAsync: mockCreate, - isLoading: false, - isSuccess: false, - isError: false, - }); + expect(queryByTestId('slosEditPage')).toBeTruthy(); + expect(queryByTestId('sloForm')).toBeTruthy(); - useUpdateSloMock.mockReturnValue({ - mutateAsync: mockUpdate, - isLoading: false, - isSuccess: false, - isError: false, - }); - - render(); - - userEvent.type(screen.getByTestId('indexSelection'), 'some-index'); - userEvent.type(screen.getByTestId('customKqlIndicatorFormQueryFilterInput'), 'irrelevant'); - userEvent.type(screen.getByTestId('customKqlIndicatorFormGoodQueryInput'), 'irrelevant'); - userEvent.type(screen.getByTestId('customKqlIndicatorFormTotalQueryInput'), 'irrelevant'); - userEvent.selectOptions(screen.getByTestId('sloFormBudgetingMethodSelect'), 'occurrences'); - userEvent.selectOptions(screen.getByTestId('sloFormTimeWindowDurationSelect'), '7d'); - userEvent.clear(screen.getByTestId('sloFormObjectiveTargetInput')); - userEvent.type(screen.getByTestId('sloFormObjectiveTargetInput'), '98.5'); - userEvent.type(screen.getByTestId('sloFormNameInput'), 'irrelevant'); - userEvent.type(screen.getByTestId('sloFormDescriptionTextArea'), 'irrelevant'); + expect(queryByTestId('sloEditFormIndicatorSection')).toBeTruthy(); + // Show default values from the kql indicator + expect(queryByTestId('sloFormIndicatorTypeSelect')).toHaveValue('sli.kql.custom'); + expect(queryByTestId('indexSelectionSelectedValue')).toBeNull(); - // all sections are visible - expect(screen.queryByTestId('sloEditFormIndicatorSection')).toBeTruthy(); - expect(screen.queryByTestId('sloEditFormObjectiveSection')).toBeTruthy(); - expect(screen.queryByTestId('sloEditFormDescriptionSection')).toBeTruthy(); - - expect(screen.getByTestId('sloFormSubmitButton')).toBeEnabled(); - - fireEvent.click(screen.getByTestId('sloFormSubmitButton')!); - - expect(mockCreate).toMatchInlineSnapshot(` - [MockFunction] { - "calls": Array [ - Array [ - Object { - "budgetingMethod": "occurrences", - "description": "irrelevant", - "indicator": Object { - "params": Object { - "filter": "irrelevant", - "good": "irrelevant", - "index": "some-index", - "total": "irrelevant", - }, - "type": "sli.kql.custom", - }, - "name": "irrelevant", - "objective": Object { - "target": 0.985, - }, - "timeWindow": Object { - "duration": "7d", - "type": "rolling", - }, - }, - ], - ], - "results": Array [ - Object { - "type": "return", - "value": undefined, - }, - ], - } - `); + // other sections are hidden + expect(queryByTestId('sloEditFormObjectiveSection')).toBeNull(); + expect(queryByTestId('sloEditFormDescriptionSection')).toBeNull(); }); - it('prefills the form with values when URL Search parameters are passed', () => { + it('prefills the form with values from URL', () => { jest.spyOn(Router, 'useParams').mockReturnValue({ sloId: undefined }); const history = createBrowserHistory(); - history.push( + history.replace( '/slos/create?_a=(indicator:(params:(environment:prod,service:cartService),type:sli.apm.transactionDuration))' ); - jest.spyOn(Router, 'useHistory').mockReturnValue(history); + jest.spyOn(Router, 'useHistory').mockReturnValueOnce(history); jest .spyOn(Router, 'useLocation') .mockReturnValue({ pathname: 'foo', search: '', state: '', hash: '' }); - useFetchSloMock.mockReturnValue({ isLoading: false, data: undefined }); - useFetchApmSuggestionsMock.mockReturnValue({ suggestions: ['cartService'], isLoading: false, }); - useFetchIndicesMock.mockReturnValue({ - isLoading: false, - data: ['some-index'], - }); + const { queryByTestId } = render(); - useCreateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - useUpdateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - render(); - - expect(screen.queryByTestId('slosEditPage')).toBeTruthy(); - expect(screen.queryByTestId('sloForm')).toBeTruthy(); + expect(queryByTestId('slosEditPage')).toBeTruthy(); + expect(queryByTestId('sloForm')).toBeTruthy(); - expect(screen.queryByTestId('sloEditFormIndicatorSection')).toBeTruthy(); - expect(screen.queryByTestId('sloFormIndicatorTypeSelect')).toHaveValue( + expect(queryByTestId('sloEditFormIndicatorSection')).toBeTruthy(); + expect(queryByTestId('sloFormIndicatorTypeSelect')).toHaveValue( 'sli.apm.transactionDuration' ); - expect(screen.queryByTestId('apmLatencyServiceSelector')).toHaveTextContent('cartService'); - expect(screen.queryByTestId('apmLatencyEnvironmentSelector')).toHaveTextContent('prod'); + expect(queryByTestId('apmLatencyServiceSelector')).toHaveTextContent('cartService'); + expect(queryByTestId('apmLatencyEnvironmentSelector')).toHaveTextContent('prod'); - expect(screen.queryByTestId('sloEditFormObjectiveSection')).toBeFalsy(); - expect(screen.queryByTestId('sloEditFormDescriptionSection')).toBeFalsy(); + expect(queryByTestId('sloEditFormObjectiveSection')).toBeFalsy(); + expect(queryByTestId('sloEditFormDescriptionSection')).toBeFalsy(); }); }); describe('when a sloId route param is provided', () => { - it('renders the SLO Edit page with prefilled form values', async () => { - const slo = buildSlo({ id: '123' }); - jest.spyOn(Router, 'useParams').mockReturnValue({ sloId: '123' }); + it('prefills the form with the SLO values', async () => { + const slo = buildSlo({ id: '123Foo' }); + useFetchSloMock.mockReturnValue({ isLoading: false, isInitialLoading: false, data: slo }); + jest.spyOn(Router, 'useParams').mockReturnValue({ sloId: '123Foo' }); + jest .spyOn(Router, 'useLocation') .mockReturnValue({ pathname: 'foo', search: '', state: '', hash: '' }); - useFetchSloMock.mockReturnValue({ isLoading: false, data: slo }); - - useFetchIndicesMock.mockReturnValue({ - isLoading: false, - data: ['some-index'], - }); - - useCreateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - useUpdateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - render(); + const { queryByTestId } = render(); - expect(screen.queryByTestId('slosEditPage')).toBeTruthy(); - expect(screen.queryByTestId('sloForm')).toBeTruthy(); + expect(queryByTestId('slosEditPage')).toBeTruthy(); + expect(queryByTestId('sloForm')).toBeTruthy(); // all sections are visible - expect(screen.queryByTestId('sloEditFormIndicatorSection')).toBeTruthy(); - expect(screen.queryByTestId('sloEditFormObjectiveSection')).toBeTruthy(); - expect(screen.queryByTestId('sloEditFormDescriptionSection')).toBeTruthy(); + expect(queryByTestId('sloEditFormIndicatorSection')).toBeTruthy(); + expect(queryByTestId('sloEditFormObjectiveSection')).toBeTruthy(); + expect(queryByTestId('sloEditFormDescriptionSection')).toBeTruthy(); - expect(screen.queryByTestId('indexSelectionSelectedValue')).toHaveTextContent( - slo.indicator.params.index! - ); - expect(screen.queryByTestId('customKqlIndicatorFormQueryFilterInput')).toHaveValue( - slo.indicator.type === 'sli.kql.custom' ? slo.indicator.params.filter : '' - ); - expect(screen.queryByTestId('customKqlIndicatorFormGoodQueryInput')).toHaveValue( - slo.indicator.type === 'sli.kql.custom' ? slo.indicator.params.good : '' - ); - expect(screen.queryByTestId('customKqlIndicatorFormTotalQueryInput')).toHaveValue( - slo.indicator.type === 'sli.kql.custom' ? slo.indicator.params.total : '' - ); - - expect(screen.queryByTestId('sloFormBudgetingMethodSelect')).toHaveValue( - slo.budgetingMethod - ); - expect(screen.queryByTestId('sloFormTimeWindowDurationSelect')).toHaveValue( + expect(queryByTestId('sloFormBudgetingMethodSelect')).toHaveValue(slo.budgetingMethod); + expect(queryByTestId('sloFormTimeWindowDurationSelect')).toHaveValue( slo.timeWindow.duration ); - expect(screen.queryByTestId('sloFormObjectiveTargetInput')).toHaveValue( + expect(queryByTestId('sloFormObjectiveTargetInput')).toHaveValue( slo.objective.target * 100 ); - expect(screen.queryByTestId('sloFormNameInput')).toHaveValue(slo.name); - expect(screen.queryByTestId('sloFormDescriptionTextArea')).toHaveValue(slo.description); + expect(queryByTestId('sloFormNameInput')).toHaveValue(slo.name); + expect(queryByTestId('sloFormDescriptionTextArea')).toHaveValue(slo.description); }); it('calls the updateSlo hook if all required values are filled in', async () => { const slo = buildSlo({ id: '123' }); - jest.spyOn(Router, 'useParams').mockReturnValue({ sloId: '123' }); - - useFetchIndicesMock.mockReturnValue({ - isLoading: false, - data: ['some-index'], - }); - useFetchSloMock.mockReturnValue({ isLoading: false, data: slo }); - const mockCreate = jest.fn(); - const mockUpdate = jest.fn(); + const { queryByTestId } = render(); - useCreateSloMock.mockReturnValue({ - mutateAsync: mockCreate, - isLoading: false, - isSuccess: false, - isError: false, - }); - - useUpdateSloMock.mockReturnValue({ - mutateAsync: mockUpdate, - isLoading: false, - isSuccess: false, - isError: false, - }); - - render(); - - expect(screen.queryByTestId('sloFormSubmitButton')).toBeEnabled(); - fireEvent.click(screen.queryByTestId('sloFormSubmitButton')!); + expect(queryByTestId('sloFormSubmitButton')).toBeEnabled(); + fireEvent.click(queryByTestId('sloFormSubmitButton')!); expect(mockUpdate).toMatchInlineSnapshot(`[MockFunction]`); }); - it('does not prefill the form with URL Search parameters when they are passed', () => { + it('prefills the form with the provided URL values and the default values', () => { const slo = buildSlo({ id: '123' }); - jest.spyOn(Router, 'useParams').mockReturnValue({ sloId: '123' }); const history = createBrowserHistory(); history.push( - '/slos/create?_a=(name:%27prefilledSloName%27,indicator:(params:(environment:prod,service:cartService),type:sli.apm.transactionDuration))' + '/slos/123/edit?_a=(name:%27updated-name%27,indicator:(params:(environment:prod,service:cartService),type:sli.apm.transactionDuration),objective:(target:0.92))' ); - jest.spyOn(Router, 'useHistory').mockReturnValue(history); + jest.spyOn(Router, 'useHistory').mockReturnValueOnce(history); jest .spyOn(Router, 'useLocation') .mockReturnValue({ pathname: 'foo', search: '', state: '', hash: '' }); @@ -544,57 +352,24 @@ describe('SLO Edit Page', () => { isLoading: false, }); - useFetchIndicesMock.mockReturnValue({ - isLoading: false, - data: ['some-index'], - }); - - useCreateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - useUpdateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - render(); + const { queryByTestId } = render(); // all sections are visible - expect(screen.queryByTestId('sloEditFormIndicatorSection')).toBeTruthy(); - expect(screen.queryByTestId('sloEditFormObjectiveSection')).toBeTruthy(); - expect(screen.queryByTestId('sloEditFormDescriptionSection')).toBeTruthy(); + expect(queryByTestId('sloEditFormIndicatorSection')).toBeTruthy(); + expect(queryByTestId('sloEditFormObjectiveSection')).toBeTruthy(); + expect(queryByTestId('sloEditFormDescriptionSection')).toBeTruthy(); - expect(screen.queryByTestId('indexSelectionSelectedValue')).toHaveTextContent( - slo.indicator.params.index! - ); - expect(screen.queryByTestId('customKqlIndicatorFormQueryFilterInput')).toHaveValue( - slo.indicator.type === 'sli.kql.custom' ? slo.indicator.params.filter : '' - ); - expect(screen.queryByTestId('customKqlIndicatorFormGoodQueryInput')).toHaveValue( - slo.indicator.type === 'sli.kql.custom' ? slo.indicator.params.good : '' + expect(queryByTestId('indexSelectionSelectedValue')).toBeNull(); + expect(queryByTestId('sloFormBudgetingMethodSelect')).toHaveValue( + SLO_EDIT_FORM_DEFAULT_VALUES.budgetingMethod ); - expect(screen.queryByTestId('customKqlIndicatorFormTotalQueryInput')).toHaveValue( - slo.indicator.type === 'sli.kql.custom' ? slo.indicator.params.total : '' + expect(queryByTestId('sloFormTimeWindowDurationSelect')).toHaveValue( + SLO_EDIT_FORM_DEFAULT_VALUES.timeWindow.duration ); + expect(queryByTestId('sloFormObjectiveTargetInput')).toHaveValue(92); - expect(screen.queryByTestId('sloFormBudgetingMethodSelect')).toHaveValue( - slo.budgetingMethod - ); - expect(screen.queryByTestId('sloFormTimeWindowDurationSelect')).toHaveValue( - slo.timeWindow.duration - ); - expect(screen.queryByTestId('sloFormObjectiveTargetInput')).toHaveValue( - slo.objective.target * 100 - ); - - expect(screen.queryByTestId('sloFormNameInput')).toHaveValue(slo.name); - expect(screen.queryByTestId('sloFormDescriptionTextArea')).toHaveValue(slo.description); + expect(queryByTestId('sloFormNameInput')).toHaveValue('updated-name'); + expect(queryByTestId('sloFormDescriptionTextArea')).toHaveValue(''); }); }); @@ -609,31 +384,12 @@ describe('SLO Edit Page', () => { useFetchSloMock.mockReturnValue({ isLoading: false, data: slo }); - useFetchIndicesMock.mockReturnValue({ - isLoading: false, - data: ['some-index'], - }); + const { getByTestId } = render(); - useCreateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - useUpdateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - render(); - - expect(screen.queryByTestId('sloFormSubmitButton')).toBeEnabled(); + expect(getByTestId('sloFormSubmitButton')).toBeEnabled(); await waitFor(() => { - fireEvent.click(screen.getByTestId('sloFormSubmitButton')); + fireEvent.click(getByTestId('sloFormSubmitButton')); }); await waitFor(() => { expect(mockNavigate).toBeCalledWith(mockBasePathPrepend(paths.observability.slos)); @@ -650,32 +406,13 @@ describe('SLO Edit Page', () => { useFetchSloMock.mockReturnValue({ isLoading: false, data: slo }); - useFetchIndicesMock.mockReturnValue({ - isLoading: false, - data: ['some-index'], - }); - - useCreateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - useUpdateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - render(); + const { getByTestId } = render(); - expect(screen.queryByTestId('sloFormSubmitButton')).toBeEnabled(); + expect(getByTestId('sloFormSubmitButton')).toBeEnabled(); await waitFor(() => { - fireEvent.click(screen.getByTestId('createNewRuleCheckbox')); - fireEvent.click(screen.getByTestId('sloFormSubmitButton')); + fireEvent.click(getByTestId('createNewRuleCheckbox')); + fireEvent.click(getByTestId('sloFormSubmitButton')); }); await waitFor(() => { @@ -695,29 +432,10 @@ describe('SLO Edit Page', () => { useFetchSloMock.mockReturnValue({ isLoading: false, data: slo }); - useFetchIndicesMock.mockReturnValue({ - isLoading: false, - data: ['some-index'], - }); - - useCreateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - useUpdateSloMock.mockReturnValue({ - mutateAsync: jest.fn(), - isLoading: false, - isSuccess: false, - isError: false, - }); - - render(); + const { getByTestId } = render(); await waitFor(() => { - expect(screen.getByTestId('add-rule-flyout')).toBeTruthy(); + expect(getByTestId('add-rule-flyout')).toBeTruthy(); }); }); }); From 24fd9517cf2983ac92f07a7dea59c2a8956af366 Mon Sep 17 00:00:00 2001 From: Lukas Olson Date: Thu, 19 Oct 2023 08:21:37 -0700 Subject: [PATCH 45/50] [data.search.bsearch] Forward request abortSignal to search strategy (#169041) ## Summary Creates an `abortSignal` from the request disconnected event that is forwarded to the search strategy. In practice this means that when a bsearch call is disconnected (either due to client disconnect or server timeout) the corresponding call to ES is also cancelled. ### Checklist Delete any items that are not applicable to this PR. - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] Any UI touched in this PR is usable by keyboard only (learn more about [keyboard accessibility](https://webaim.org/techniques/keyboard/)) - [ ] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US)) - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) - [ ] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [ ] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers) --------- Co-authored-by: Stratoula Kalafateli Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- src/plugins/data/common/search/utils.ts | 4 +- .../data/server/search/routes/bsearch.ts | 4 +- .../ese_search/ese_search_strategy.test.ts | 70 +++++++++++++++++++ .../ese_search/ese_search_strategy.ts | 2 +- 4 files changed, 77 insertions(+), 3 deletions(-) diff --git a/src/plugins/data/common/search/utils.ts b/src/plugins/data/common/search/utils.ts index a369501981328..eeb65c04ecc58 100644 --- a/src/plugins/data/common/search/utils.ts +++ b/src/plugins/data/common/search/utils.ts @@ -23,7 +23,9 @@ export const isAbortResponse = (response?: IKibanaSearchResponse) => { /** * @returns true if request is still running */ -export const isRunningResponse = (response?: IKibanaSearchResponse) => response?.isRunning ?? false; +export const isRunningResponse = (response?: IKibanaSearchResponse) => { + return response?.isRunning ?? false; +}; export const getUserTimeZone = ( getConfig: AggTypesDependencies['getConfig'], diff --git a/src/plugins/data/server/search/routes/bsearch.ts b/src/plugins/data/server/search/routes/bsearch.ts index 581920feef89d..95b094a3793cc 100644 --- a/src/plugins/data/server/search/routes/bsearch.ts +++ b/src/plugins/data/server/search/routes/bsearch.ts @@ -11,6 +11,7 @@ import { catchError } from 'rxjs/operators'; import { BfetchServerSetup } from '@kbn/bfetch-plugin/server'; import type { ExecutionContextSetup } from '@kbn/core/server'; import apm from 'elastic-apm-node'; +import { getRequestAbortedSignal } from '../..'; import { IKibanaSearchRequest, IKibanaSearchResponse, @@ -28,6 +29,7 @@ export function registerBsearchRoute( IKibanaSearchResponse >('/internal/bsearch', (request) => { const search = getScoped(request); + const abortSignal = getRequestAbortedSignal(request.events.aborted$); return { /** * @param requestOptions @@ -39,7 +41,7 @@ export function registerBsearchRoute( apm.addLabels(executionContextService.getAsLabels()); return firstValueFrom( - search.search(requestData, restOptions).pipe( + search.search(requestData, { ...restOptions, abortSignal }).pipe( catchError((err) => { // Re-throw as object, to get attributes passed to the client // eslint-disable-next-line no-throw-literal diff --git a/src/plugins/data/server/search/strategies/ese_search/ese_search_strategy.test.ts b/src/plugins/data/server/search/strategies/ese_search/ese_search_strategy.test.ts index 627bb5fe29293..96e401204978f 100644 --- a/src/plugins/data/server/search/strategies/ese_search/ese_search_strategy.test.ts +++ b/src/plugins/data/server/search/strategies/ese_search/ese_search_strategy.test.ts @@ -259,6 +259,38 @@ describe('ES search strategy', () => { expect(mockApiCaller).toBeCalledTimes(0); }); + + it('should delete when aborted', async () => { + mockSubmitCaller.mockResolvedValueOnce({ + ...mockAsyncResponse, + body: { + ...mockAsyncResponse.body, + is_running: true, + }, + }); + + const params = { index: 'logstash-*', body: { query: {} } }; + const esSearch = await enhancedEsSearchStrategyProvider( + mockLegacyConfig$, + mockSearchConfig, + mockLogger + ); + const abortController = new AbortController(); + const abortSignal = abortController.signal; + + // Abort after an incomplete first response is returned + setTimeout(() => abortController.abort(), 100); + + let err: KbnServerError | undefined; + try { + await esSearch.search({ params }, { abortSignal }, mockDeps).toPromise(); + } catch (e) { + err = e; + } + expect(mockSubmitCaller).toBeCalled(); + expect(err).not.toBeUndefined(); + expect(mockDeleteCaller).toBeCalled(); + }); }); describe('with sessionId', () => { @@ -366,6 +398,44 @@ describe('ES search strategy', () => { expect(request).toHaveProperty('wait_for_completion_timeout'); expect(request).not.toHaveProperty('keep_alive'); }); + + it('should not delete a saved session when aborted', async () => { + mockSubmitCaller.mockResolvedValueOnce({ + ...mockAsyncResponse, + body: { + ...mockAsyncResponse.body, + is_running: true, + }, + }); + + const params = { index: 'logstash-*', body: { query: {} } }; + const esSearch = await enhancedEsSearchStrategyProvider( + mockLegacyConfig$, + mockSearchConfig, + mockLogger + ); + const abortController = new AbortController(); + const abortSignal = abortController.signal; + + // Abort after an incomplete first response is returned + setTimeout(() => abortController.abort(), 100); + + let err: KbnServerError | undefined; + try { + await esSearch + .search( + { params }, + { abortSignal, sessionId: '1', isSearchStored: true, isStored: true }, + mockDeps + ) + .toPromise(); + } catch (e) { + err = e; + } + expect(mockSubmitCaller).toBeCalled(); + expect(err).not.toBeUndefined(); + expect(mockDeleteCaller).not.toBeCalled(); + }); }); it('throws normalized error if ResponseError is thrown', async () => { diff --git a/src/plugins/data/server/search/strategies/ese_search/ese_search_strategy.ts b/src/plugins/data/server/search/strategies/ese_search/ese_search_strategy.ts index 298933907b8bb..88d1606935562 100644 --- a/src/plugins/data/server/search/strategies/ese_search/ese_search_strategy.ts +++ b/src/plugins/data/server/search/strategies/ese_search/ese_search_strategy.ts @@ -82,7 +82,7 @@ export const enhancedEsSearchStrategyProvider = ( }; const cancel = async () => { - if (id) { + if (id && !options.isStored) { await cancelAsyncSearch(id, esClient); } }; From 4a93ab9d91137963094124b741743a2ed436be44 Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Thu, 19 Oct 2023 17:15:14 +0100 Subject: [PATCH 46/50] skip flaky suite (#169369) --- x-pack/plugins/osquery/cypress/e2e/all/metrics.cy.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/osquery/cypress/e2e/all/metrics.cy.ts b/x-pack/plugins/osquery/cypress/e2e/all/metrics.cy.ts index d19e43867b5c0..40762e6dab174 100644 --- a/x-pack/plugins/osquery/cypress/e2e/all/metrics.cy.ts +++ b/x-pack/plugins/osquery/cypress/e2e/all/metrics.cy.ts @@ -11,7 +11,8 @@ import { loadSavedQuery, cleanupSavedQuery } from '../../tasks/api_fixtures'; import { triggerLoadData } from '../../tasks/inventory'; import { ServerlessRoleName } from '../../support/roles'; -describe('ALL - Inventory', { tags: ['@ess'] }, () => { +// FLAKY: https://github.com/elastic/kibana/issues/169369 +describe.skip('ALL - Inventory', { tags: ['@ess'] }, () => { let savedQueryName: string; let savedQueryId: string; From 8632f2130750fb52d0be1b8f357cbe27230c2010 Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Thu, 19 Oct 2023 17:16:12 +0100 Subject: [PATCH 47/50] skip flaky suite (#169370) --- x-pack/plugins/osquery/cypress/e2e/all/metrics.cy.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/x-pack/plugins/osquery/cypress/e2e/all/metrics.cy.ts b/x-pack/plugins/osquery/cypress/e2e/all/metrics.cy.ts index 40762e6dab174..3322f1551ef93 100644 --- a/x-pack/plugins/osquery/cypress/e2e/all/metrics.cy.ts +++ b/x-pack/plugins/osquery/cypress/e2e/all/metrics.cy.ts @@ -12,6 +12,7 @@ import { triggerLoadData } from '../../tasks/inventory'; import { ServerlessRoleName } from '../../support/roles'; // FLAKY: https://github.com/elastic/kibana/issues/169369 +// FLAKY: https://github.com/elastic/kibana/issues/169370 describe.skip('ALL - Inventory', { tags: ['@ess'] }, () => { let savedQueryName: string; let savedQueryId: string; From 8626bff89ca98ff5d41e2417d6b47cc37a802dc1 Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Thu, 19 Oct 2023 17:17:12 +0100 Subject: [PATCH 48/50] skip flaky suite (#169334) --- .../cypress/e2e/automated_response_actions/form.cy.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/form.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/form.cy.ts index 1f12cbbbe0d55..92289a6109d0e 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/form.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/form.cy.ts @@ -19,7 +19,8 @@ import { RESPONSE_ACTION_TYPES } from '../../../../../common/api/detection_engin import { login, ROLE } from '../../tasks/login'; describe('Form', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => { - describe('User with no access can not create an endpoint response action', () => { + // FLAKY: https://github.com/elastic/kibana/issues/169334 + describe.skip('User with no access can not create an endpoint response action', () => { beforeEach(() => { login(ROLE.endpoint_response_actions_no_access); }); From ca81b33c9084c0f9c6b1ad119ab74f81f659b022 Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Thu, 19 Oct 2023 17:18:07 +0100 Subject: [PATCH 49/50] skip flaky suite (#53356) --- .../plugin_functional/test_suites/core_plugins/applications.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/plugin_functional/test_suites/core_plugins/applications.ts b/test/plugin_functional/test_suites/core_plugins/applications.ts index d8ad792c6e5bc..b780ef125b71b 100644 --- a/test/plugin_functional/test_suites/core_plugins/applications.ts +++ b/test/plugin_functional/test_suites/core_plugins/applications.ts @@ -63,7 +63,8 @@ export default function ({ getService, getPageObjects }: PluginFunctionalProvide const navigateTo = async (path: string) => await browser.navigateTo(`${deployment.getHostPort()}${path}`); - describe('ui applications', function describeIndexTests() { + // FLAKY: https://github.com/elastic/kibana/issues/53356 + describe.skip('ui applications', function describeIndexTests() { before(async () => { await esArchiver.emptyKibanaIndex(); await PageObjects.common.navigateToApp('foo'); From 68af52083761335803cf77694e138208ea781618 Mon Sep 17 00:00:00 2001 From: Alex Szabo Date: Thu, 19 Oct 2023 18:23:09 +0200 Subject: [PATCH 50/50] skip flaky defend workflows suite (#169419) ## Summary In several cases, this test was failing recently: - https://buildkite.com/elastic/kibana-on-merge/builds/37074 - https://buildkite.com/elastic/kibana-on-merge/builds/37077 - https://buildkite.com/elastic/kibana-on-merge/builds/37083 - https://buildkite.com/elastic/kibana-on-merge/builds/37073 --- .../cypress/e2e/policy/policy_details_mocked_data.cy.ts | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/policy/policy_details_mocked_data.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/policy/policy_details_mocked_data.cy.ts index 11800441fc035..c824360497d1c 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/policy/policy_details_mocked_data.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/policy/policy_details_mocked_data.cy.ts @@ -17,7 +17,10 @@ import type { CyIndexEndpointHosts } from '../../tasks/index_endpoint_hosts'; import { indexEndpointHosts } from '../../tasks/index_endpoint_hosts'; import { login } from '../../tasks/login'; -describe('Policy Details', { tags: ['@ess', '@serverless'] }, () => { +// Skipped due to flakiness: +// https://buildkite.com/elastic/kibana-on-merge/builds/37074 +// https://buildkite.com/elastic/kibana-on-merge/builds/37077 +describe.skip('Policy Details', { tags: ['@ess', '@serverless'] }, () => { const packagePolicyBackupHelper = new PackagePolicyBackupHelper(); let indexedHostsData: CyIndexEndpointHosts;