The alert identifier. It is required only when type is alert. If it is an array, index must also be an array with the same length or number of elements. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
+
The alert identifiers. It is required only when type is alert. You can use an array of strings to add multiple alerts to a case, provided that they all relate to the same rule; index must also be an array with the same length or number of elements. Adding multiple alerts in this manner is recommended rather than calling the API multiple times. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
The alert index. It is required only when type is alert. If it is an array, alertId must also be an array with the same length or number of elements. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
+
The alert indices. It is required only when type is alert. If you are adding multiple alerts to a case, use an array of strings; the position of each index name in the array must match the position of the corresponding alert identifier in the alertId array. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
@@ -2663,7 +2663,7 @@ Any modifications made to this file will be overwritten.
The rule that is associated with the alert. It is required only when type is alert. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
+
The rule that is associated with the alerts. It is required only when type is alert. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
diff --git a/docs/api/actions-and-connectors.asciidoc b/docs/api/actions-and-connectors.asciidoc
index 991dfb5ade1d4..1e8b5d426e310 100644
--- a/docs/api/actions-and-connectors.asciidoc
+++ b/docs/api/actions-and-connectors.asciidoc
@@ -1,27 +1,26 @@
[[actions-and-connectors-api]]
== Action and connector APIs
-Manage Actions and Connectors.
-
The following connector APIs are available:
-* <> to retrieve a single connector by ID
+* <> to retrieve a single connector by ID
-* <> to retrieve all connectors
+* <> to retrieve all connectors
-* <> to retrieve a list of all connector types
+* <> to retrieve a list of all connector types
-* <> to create connectors
+* <> to create connectors
-* <> to update the attributes for an existing connector
+* <> to update the attributes for an existing connector
-* <> to execute a connector by ID
+* <> to execute a connector by ID
-* <> to delete a connector by ID
+* <> to delete a connector by ID
For deprecated APIs, refer to <>.
-For information about the actions and connectors that {kib} supports, refer to <>.
+For information about the actions and connectors that {kib} supports, refer to
+<>.
include::actions-and-connectors/create.asciidoc[leveloffset=+1]
include::actions-and-connectors/delete.asciidoc[leveloffset=+1]
diff --git a/docs/api/actions-and-connectors/create.asciidoc b/docs/api/actions-and-connectors/create.asciidoc
index b277a49d43723..cdaab61e5581e 100644
--- a/docs/api/actions-and-connectors/create.asciidoc
+++ b/docs/api/actions-and-connectors/create.asciidoc
@@ -15,9 +15,8 @@ Creates a connector.
=== {api-prereq-title}
-You must have `all` privileges for the *Actions and Connectors* feature in the
-*Management* section of the
-<>.
+You must have `all` privileges for the *{connectors-feature}* feature in the
+*Management* section of the <>.
[[create-connector-api-path-params]]
=== {api-path-parms-title}
diff --git a/docs/api/actions-and-connectors/delete.asciidoc b/docs/api/actions-and-connectors/delete.asciidoc
index 1ef917f58d24f..fcf3ca3e8b69e 100644
--- a/docs/api/actions-and-connectors/delete.asciidoc
+++ b/docs/api/actions-and-connectors/delete.asciidoc
@@ -19,7 +19,7 @@ WARNING: When you delete a connector, _it cannot be recovered_.
[discrete]
=== {api-prereq-title}
-You must have `all` privileges for the *Actions and Connectors* feature in the
+You must have `all` privileges for the *{connectors-feature}* feature in the
*Management* section of the
<>.
diff --git a/docs/api/actions-and-connectors/execute.asciidoc b/docs/api/actions-and-connectors/execute.asciidoc
index b5c59bb86bc70..a3e10efc5720b 100644
--- a/docs/api/actions-and-connectors/execute.asciidoc
+++ b/docs/api/actions-and-connectors/execute.asciidoc
@@ -16,7 +16,7 @@ Runs a connector by ID.
[[execute-connector-api-prereq]]
=== {api-prereq-title}
-You must have `read` privileges for the *Actions and Connectors* feature in the
+You must have `read` privileges for the *{connectors-feature}* feature in the
*Management* section of the
<>.
@@ -60,8 +60,7 @@ refer to <>.
`documents`::
(Required, array of objects) The documents to index in JSON format.
-For more information, refer to
-{kibana-ref}/index-action-type.html[Index connector and action].
+For more information, refer to <>.
=====
.Jira connectors
@@ -158,10 +157,124 @@ the knowledge base.
=======
======
-For more information, refer to
-{kibana-ref}/jira-action-type.html[{jira} connector and action].
+For more information, refer to <>.
=====
+.{opsgenie} connectors
+[%collapsible%open]
+=====
+`subAction`::
+(Required, string) The action to test. Valid values include: `createAlert` and
+`closeAlert`.
+
+`subActionParams`::
+(Required, object) The set of configuration properties, which vary depending on
+the `subAction` value.
++
+.Properties when `subAction` is `createAlert`
+[%collapsible%open]
+======
+`actions`::::
+(Optional, array of strings) The custom actions available to the alert.
+
+`alias`::::
+(Optional, string) The unique identifier used for alert de-duplication in {opsgenie}.
+
+`description`::::
+(Optional, string) A description that provides detailed information about the alert.
+
+`details`::::
+(Optional, object) The custom properties of the alert. For example:
+`{"key1":"value1","key2":"value2"}`.
+
+`entity`::::
+(Optional, string) The domain of the alert. For example, the application or server
+name.
+
+`message`::::
+(Required, string) The alert message.
+
+`note`::::
+(Optional, string) Additional information for the alert.
+
+`priority`::::
+(Optional, string) The priority level for the alert. Valid values are: `P1`,
+`P2`, `P3`, `P4`, and `P5`.
+
+`responders`::::
+(Optional, array of objects) The entities to receive notifications about the
+alert. If `type` is `user`, either `id` or `username` is required. If `type` is
+`team`, either `id` or `name` is required.
++
+.Properties of `responders` objects
+[%collapsible%open]
+=======
+`id`::::
+(Required^*^, string) The identifier for the entity.
+
+`name`::::
+(Required^*^, string) The name of the entity.
+
+`type`::::
+(Required, string) Valid values are `escalation`, `schedule`, `team`, and `user`.
+
+`username`::::
+(Required^*^, string) A valid email address for the user.
+=======
+
+`source`::::
+(Optional, string) The display name for the source of the alert.
+
+`tags`::::
+(Optional, array of strings) The tags for the alert.
+
+`user`::::
+(Optional, string) The display name for the owner.
+
+`visibleTo`::::
+(Optional, array of objects) The teams and users that the alert will be visible
+to without sending a notification. Only one of `id`, `name`, or `username` is
+required.
++
+.Properties of `visibleTo` objects
+[%collapsible%open]
+=======
+`id`::::
+(Required^*^, string) The identifier for the entity.
+
+`name`::::
+(Required^*^, string) The name of the entity.
+
+`type`::::
+(Required, string) Valid values are `team` and `user`.
+
+`username`::::
+(Required^*^, string) The user name. This property is required only when the
+`type` is `user`.
+=======
+======
++
+.Properties when `subAction` is `closeAlert`
+[%collapsible%open]
+======
+`alias`::::
+(Required, string) The unique identifier used for alert de-duplication in {opsgenie}.
+The alias must match the value used when creating the alert.
+
+`note`::::
+(Optional, string) Additional information for the alert.
+
+`source`::::
+(Optional, string) The display name for the source of the alert.
+
+`user`::::
+(Optional, string) The display name for the owner.
+======
+
+For more information, refer to <>.
+=====
+
+
.{sn-itom} connectors
[%collapsible%open]
=====
diff --git a/docs/api/actions-and-connectors/get.asciidoc b/docs/api/actions-and-connectors/get.asciidoc
index 2d5cc4edd4276..23266e1351d07 100644
--- a/docs/api/actions-and-connectors/get.asciidoc
+++ b/docs/api/actions-and-connectors/get.asciidoc
@@ -17,7 +17,7 @@ Retrieves a connector by ID.
[discrete]
=== {api-prereq-title}
-You must have `read` privileges for the *Actions and Connectors* feature in the
+You must have `read` privileges for the *{connectors-feature}* feature in the
*Management* section of the
<>.
diff --git a/docs/api/actions-and-connectors/get_all.asciidoc b/docs/api/actions-and-connectors/get_all.asciidoc
index b2ebe316fc5b2..aced6e91914fa 100644
--- a/docs/api/actions-and-connectors/get_all.asciidoc
+++ b/docs/api/actions-and-connectors/get_all.asciidoc
@@ -17,7 +17,7 @@ Retrieves all connectors.
[discrete]
=== {api-prereq-title}
-You must have `read` privileges for the *Actions and Connectors* feature in the
+You must have `read` privileges for the *{connectors-feature}* feature in the
*Management* section of the
<>.
diff --git a/docs/api/actions-and-connectors/update.asciidoc b/docs/api/actions-and-connectors/update.asciidoc
index 58056cb8085f9..16fb327e61931 100644
--- a/docs/api/actions-and-connectors/update.asciidoc
+++ b/docs/api/actions-and-connectors/update.asciidoc
@@ -16,7 +16,7 @@ Updates the attributes for a connector.
[discrete]
=== {api-prereq-title}
-You must have `all` privileges for the *Actions and Connectors* feature in the
+You must have `all` privileges for the *{connectors-feature}* feature in the
*Management* section of the
<>.
diff --git a/docs/api/alerting/create_rule.asciidoc b/docs/api/alerting/create_rule.asciidoc
index 24abf15d02dea..b7c27b75c1801 100644
--- a/docs/api/alerting/create_rule.asciidoc
+++ b/docs/api/alerting/create_rule.asciidoc
@@ -21,7 +21,7 @@ the `consumer` and `rule_type_id` of the rules you're creating. For example, the
*Management* > *Stack Rules* feature, *Analytics* > *Discover* and *{ml-app}*
features, *{observability}*, and *Security* features. If the rule has `actions`,
you must also have `read` privileges for the *Management* >
-*Actions and Connectors* feature. For more details, refer to
+*{connectors-feature}* feature. For more details, refer to
<>.
=== {api-description-title}
diff --git a/docs/api/alerting/mute_alert.asciidoc b/docs/api/alerting/mute_alert.asciidoc
index 4feb03f72afdc..92c42e1be682c 100644
--- a/docs/api/alerting/mute_alert.asciidoc
+++ b/docs/api/alerting/mute_alert.asciidoc
@@ -20,7 +20,7 @@ the `consumer` and `rule_type_id` of the rules you're creating. For example, the
*Management* > *Stack Rules* feature, *Analytics* > *Discover* and *{ml-app}*
features, *{observability}*, and *Security* features. If the rule has `actions`,
you must also have `read` privileges for the *Management* >
-*Actions and Connectors* feature. For more details, refer to
+*{connectors-feature}* feature. For more details, refer to
<>.
[[mute-alert-api-path-params]]
diff --git a/docs/api/alerting/mute_all_alerts.asciidoc b/docs/api/alerting/mute_all_alerts.asciidoc
index 329d05257d4f5..043b329a14dd4 100644
--- a/docs/api/alerting/mute_all_alerts.asciidoc
+++ b/docs/api/alerting/mute_all_alerts.asciidoc
@@ -20,7 +20,7 @@ the `consumer` and `rule_type_id` of the rules you're creating. For example, the
*Management* > *Stack Rules* feature, *Analytics* > *Discover* and *{ml-app}*
features, *{observability}*, and *Security* features. If the rule has `actions`,
you must also have `read` privileges for the *Management* >
-*Actions and Connectors* feature. For more details, refer to
+*{connectors-feature}* feature. For more details, refer to
<>.
=== {api-description-title}
diff --git a/docs/api/alerting/unmute_alert.asciidoc b/docs/api/alerting/unmute_alert.asciidoc
index d962b480b3ab8..6bda4cb5c039a 100644
--- a/docs/api/alerting/unmute_alert.asciidoc
+++ b/docs/api/alerting/unmute_alert.asciidoc
@@ -20,7 +20,7 @@ the `consumer` and `rule_type_id` of the rules you're creating. For example, the
*Management* > *Stack Rules* feature, *Analytics* > *Discover* and *{ml-app}*
features, *{observability}*, and *Security* features. If the rule has `actions`,
you must also have `read` privileges for the *Management* >
-*Actions and Connectors* feature. For more details, refer to
+*{connectors-feature}* feature. For more details, refer to
<>.
[[unmute-alert-api-path-params]]
diff --git a/docs/api/alerting/unmute_all_alerts.asciidoc b/docs/api/alerting/unmute_all_alerts.asciidoc
index ea10b9434e918..7c0972bb0c53b 100644
--- a/docs/api/alerting/unmute_all_alerts.asciidoc
+++ b/docs/api/alerting/unmute_all_alerts.asciidoc
@@ -20,7 +20,7 @@ the `consumer` and `rule_type_id` of the rules you're creating. For example, the
*Management* > *Stack Rules* feature, *Analytics* > *Discover* and *{ml-app}*
features, *{observability}*, and *Security* features. If the rule has `actions`,
you must also have `read` privileges for the *Management* >
-*Actions and Connectors* feature. For more details, refer to
+*{connectors-feature}* feature. For more details, refer to
<>.
=== {api-description-title}
diff --git a/docs/api/alerting/update_rule.asciidoc b/docs/api/alerting/update_rule.asciidoc
index 19a9c7c0144b0..fe5e91212d7d1 100644
--- a/docs/api/alerting/update_rule.asciidoc
+++ b/docs/api/alerting/update_rule.asciidoc
@@ -20,7 +20,7 @@ the `consumer` and `rule_type_id` of the rule you're updating. For example, the
*Management* > *Stack Rules* feature, *Analytics* > *Discover* and *{ml-app}*
features, *{observability}*, or *Security* features. If the rule has
`actions`, you must also have `read` privileges for the *Management* >
-*Actions and Connectors* feature. For more details, refer to
+*{connectors-feature}* feature. For more details, refer to
<>.
=== {api-description-title}
diff --git a/docs/api/cases/cases-api-add-comment.asciidoc b/docs/api/cases/cases-api-add-comment.asciidoc
index 918f579f1c0de..ea2c54cb49f1d 100644
--- a/docs/api/cases/cases-api-add-comment.asciidoc
+++ b/docs/api/cases/cases-api-add-comment.asciidoc
@@ -39,22 +39,28 @@ default space is used.
=== {api-request-body-title}
`alertId`::
-(Required*, string or array of strings) The alert identifier. It is required
-only when `type` is `alert`. If it is an array, `index` must also be an array. preview:[]
+(Required*, string or array of strings) The alert identifiers. It is required
+only when `type` is `alert`. You can use an array of strings to add multiple
+alerts to a case, provided that they all relate to the same rule; `index` must
+also be an array with the same length or number of elements. Adding multiple
+alerts in this manner is recommended rather than calling the API multiple times.
+preview:[]
`comment`::
(Required*, string) The new comment. It is required only when `type` is `user`.
`index`::
-(Required*, string or array of strings) The alert index. It is required only
-when `type` is `alert`. If it is an array, `alertId` must also be an array. preview:[]
+(Required*, string or array of strings) The alert indices. It is required only
+when `type` is `alert`. If you are adding multiple alerts to a case, use an array
+of strings; the position of each index name in the array must match the position
+of the corresponding alert identifier in the `alertId` array. preview:[]
`owner`::
(Required, string) The application that owns the case. Valid values are:
`cases`, `observability`, or `securitySolution`.
`rule`::
-(Required*, object) The rule that is associated with the alert. It is required
+(Required*, object) The rule that is associated with the alerts. It is required
only when `type` is `alert`. preview:[]
+
.Properties of `rule`
diff --git a/docs/api/cases/cases-api-find-connectors.asciidoc b/docs/api/cases/cases-api-find-connectors.asciidoc
index aee6900155726..6968bc55d88bb 100644
--- a/docs/api/cases/cases-api-find-connectors.asciidoc
+++ b/docs/api/cases/cases-api-find-connectors.asciidoc
@@ -24,7 +24,7 @@ For the most up-to-date API details, refer to the
=== {api-prereq-title}
-You must have `read` privileges for the *Actions and Connectors* feature in the
+You must have `read` privileges for the *{connectors-feature}* feature in the
*Management* section of the
<>.
diff --git a/docs/api/cases/cases-api-push.asciidoc b/docs/api/cases/cases-api-push.asciidoc
index 2eb8d70e4634e..5f7a0c268ff1c 100644
--- a/docs/api/cases/cases-api-push.asciidoc
+++ b/docs/api/cases/cases-api-push.asciidoc
@@ -20,7 +20,7 @@ For the most up-to-date API details, refer to the
=== {api-prereq-title}
-You must have `all` privileges for the *Actions and Connectors* feature in the
+You must have `all` privileges for the *{connectors-feature}* feature in the
*Management* section of the
<>. You must also have `all`
privileges for the *Cases* feature in the *Management*, *{observability}*, or
diff --git a/docs/api/cases/cases-api-update-comment.asciidoc b/docs/api/cases/cases-api-update-comment.asciidoc
index 4f2e89a7997ea..13adb2218029e 100644
--- a/docs/api/cases/cases-api-update-comment.asciidoc
+++ b/docs/api/cases/cases-api-update-comment.asciidoc
@@ -39,9 +39,11 @@ default space is used.
=== {api-request-body-title}
`alertId`::
-(Required*, string or array of strings) The identifier for the alert. It is
-required only when `type` is `alert`. If it is an array, `index` must also be an
-array.preview:[]
+(Required*, string or array of strings) The alert identifiers. It is
+required only when `type` is `alert`. If you are adding multiple alerts to a
+case, use an array of strings; `index` must also be an array with the same
+length or number of elements in that case. Addings multiple alerts in this manner
+is recommended rather than calling the API multiple times.
`comment`::
(Required*, string) The updated comment. It is required only when `type` is
@@ -52,9 +54,10 @@ array.preview:[]
<>.
`index`::
-(Required*, string or array of strings) The alert index. It is required only
-when `type` is `alert`. If it is an array, `alertId` must also be an array.
-preview:[]
+(Required*, string or array of strings) The alert indices. It is required only
+when `type` is `alert`. If you are adding multiple alerts to a case, use an
+array of strings; `alertId` must also be an array with the same length or number
+of elements. preview:[]
`owner`::
(Required, string) The application that owns the case. It can be `cases`,
diff --git a/docs/apm/apm-alerts.asciidoc b/docs/apm/apm-alerts.asciidoc
index d8ce1fafc783c..102a31be4c4a9 100644
--- a/docs/apm/apm-alerts.asciidoc
+++ b/docs/apm/apm-alerts.asciidoc
@@ -100,7 +100,8 @@ Click **Save**. The alert has been created and is now active!
[[apm-alert-manage]]
=== Manage alerts and rules
-From the APM app, select **Alerts and rules** > **Manage rules** to be taken to the Kibana **Rules and Connectors** page.
+From the APM app, select **Alerts and rules** > **Manage rules** to be taken to
+the {kib} *{rules-ui}* page.
From this page, you can disable, mute, and delete APM alerts.
[float]
diff --git a/docs/developer/best-practices/index.asciidoc b/docs/developer/best-practices/index.asciidoc
index c3f8239e9af91..c610c787d2b8d 100644
--- a/docs/developer/best-practices/index.asciidoc
+++ b/docs/developer/best-practices/index.asciidoc
@@ -22,7 +22,7 @@ Are you planning with scalability in mind?
Did you know {kib} makes a public statement about our commitment to
creating an accessible product for people with disabilities?
-https://www.elastic.co/guide/en/kibana/master/accessibility.html[We do]!
+<>!
It’s very important all of our apps are accessible.
* Learn how https://elastic.github.io/eui/#/guidelines/accessibility[EUI
diff --git a/docs/management/action-types.asciidoc b/docs/management/action-types.asciidoc
index 74738a8fddeb1..9a48f3c9b9ae4 100644
--- a/docs/management/action-types.asciidoc
+++ b/docs/management/action-types.asciidoc
@@ -87,10 +87,11 @@ For a comparison of the Elastic subscription levels, go to
[[connector-management]]
=== Managing connectors
-Rules use connectors to route actions to different destinations like log files, ticketing systems, and messaging tools. While each {kib} app can offer their own types of rules, they typically share connectors. The *Connectors* tab offers a central place to view and manage all the connectors in the current space.
+Rules use connectors to route actions to different destinations like log files, ticketing systems, and messaging tools. While each {kib} app can offer their own types of rules, they typically share connectors. *{stack-manage-app} > {connectors-ui}* offers a central place to view and manage all the connectors in the current space.
[role="screenshot"]
image::images/connector-listing.png[Example connector listing in the {rules-ui} UI]
+// NOTE: This is an autogenerated screenshot. Do not edit it directly.
[float]
=== Required permissions
@@ -101,15 +102,16 @@ features. For more information, go to <>.
[float]
=== Connector networking configuration
-Use the <> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
+Use the <> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[connectors-list]]
=== Connector list
-The *Connectors* tab lists all connectors in the current space. The search bar
-can be used to find specific connectors by name and type. The *Type* dropdown
-also enables you to filter to a subset of connector types.
+In *{stack-manage-app} > {connectors-ui}*, you can find a list of the connectors
+in the current space. You can use the search bar to find specific connectors by
+name and type. The *Type* dropdown also enables you to filter to a subset of
+connector types.
[role="screenshot"]
image::images/connector-filter-by-type.png[Filtering the connector list by types of connectors]
@@ -150,7 +152,7 @@ To import and export connectors, use the
image::images/connectors-import-banner.png[Connectors import banner, width=50%]
If a connector is missing sensitive information after the import, a **Fix**
-button appears in *{rules-ui}*.
+button appears in *{connectors-ui}*.
[role="screenshot"]
image::images/connectors-with-missing-secrets.png[Connectors with missing secrets]
diff --git a/docs/management/cases/add-connectors.asciidoc b/docs/management/cases/add-connectors.asciidoc
index 49176e5e8c035..dac588b99950d 100644
--- a/docs/management/cases/add-connectors.asciidoc
+++ b/docs/management/cases/add-connectors.asciidoc
@@ -20,9 +20,9 @@ appropriate {kib} feature privileges. Refer to <>.
[[create-case-connectors]]
== Create connectors
-You can create connectors in *Management > {stack-manage-app} > {rules-ui}*, as
-described in <>. Alternatively, you can create them in
-*Management > {stack-manage-app} > Cases*:
+You can create connectors in *{stack-manage-app} > {connectors-ui}*,
+as described in <>. Alternatively, you can create them in
+*{stack-manage-app} > Cases*:
. Click *Edit external connection*.
+
@@ -47,7 +47,7 @@ configuration details.
You can create additional connectors, update existing connectors, change
the default connector, and change case closure options.
-. Go to *Management > {stack-manage-app} > Cases*, click *Edit external connection*.
+. Go to *{stack-manage-app} > Cases*, click *Edit external connection*.
. To change whether cases are automatically closed after they are sent to an
external system, update the case closure options.
diff --git a/docs/management/cases/setup-cases.asciidoc b/docs/management/cases/setup-cases.asciidoc
index 51165cd7c4691..9131a92e7049d 100644
--- a/docs/management/cases/setup-cases.asciidoc
+++ b/docs/management/cases/setup-cases.asciidoc
@@ -13,11 +13,11 @@ privileges:
| Give full access to manage cases
a|
* `All` for the *Cases* feature under *Management*.
-* `All` for the *Actions and Connectors* feature under *Management*.
+* `All` for the *{connectors-feature}* feature under *Management*.
[NOTE]
====
-The *Actions and Connectors* feature privilege is required to create, add,
+The *{connectors-feature}* feature privilege is required to create, add,
delete, and modify case connectors and to send updates to external systems.
By default, `All` for the *Cases* feature includes authority to delete cases
diff --git a/docs/management/connectors/action-types/email.asciidoc b/docs/management/connectors/action-types/email.asciidoc
index f926d86e7767f..d348ede2f84e1 100644
--- a/docs/management/connectors/action-types/email.asciidoc
+++ b/docs/management/connectors/action-types/email.asciidoc
@@ -170,7 +170,7 @@ A string that corresponds to *Client Secret*. Should be stored in the
[float]
[[define-email-ui]]
-==== Define connector in Stack Management
+==== Define connector in {stack-manage-app}
Define email connector properties.
diff --git a/docs/management/connectors/action-types/index.asciidoc b/docs/management/connectors/action-types/index.asciidoc
index 6bc2d7dac6983..87751a10328b7 100644
--- a/docs/management/connectors/action-types/index.asciidoc
+++ b/docs/management/connectors/action-types/index.asciidoc
@@ -59,7 +59,7 @@ A string that corresponds to *Execution time field*.
[float]
[[define-index-ui]]
-==== Define connector in Stack Management
+==== Define connector in {stack-manage-app}
Define Index connector properties.
diff --git a/docs/management/connectors/action-types/jira.asciidoc b/docs/management/connectors/action-types/jira.asciidoc
index aa6e92f965e82..b85e1361844e2 100644
--- a/docs/management/connectors/action-types/jira.asciidoc
+++ b/docs/management/connectors/action-types/jira.asciidoc
@@ -13,7 +13,7 @@ The Jira connector uses the https://developer.atlassian.com/cloud/jira/platform/
Jira connectors have the following configuration properties.
-Name:: The name of the connector. The name is used to identify a connector in the **Stack Management** UI connector listing, and in the connector list when configuring an action.
+Name:: The name of the connector.
URL:: Jira instance URL.
Project key:: Jira project key.
Email:: The account email for HTTP Basic authentication.
@@ -54,7 +54,7 @@ Secrets defines sensitive information for the connector type.
[float]
[[define-jira-ui]]
-==== Define connector in Stack Management
+==== Define connector in {stack-manage-app}
Define Jira connector properties.
diff --git a/docs/management/connectors/action-types/opsgenie.asciidoc b/docs/management/connectors/action-types/opsgenie.asciidoc
index 9ca081b1e55f1..384595be2fae8 100644
--- a/docs/management/connectors/action-types/opsgenie.asciidoc
+++ b/docs/management/connectors/action-types/opsgenie.asciidoc
@@ -156,8 +156,6 @@ User:: The display name of the owner (optional).
After obtaining an Opsgenie instance, configure the API integration. For details, refer to the https://support.atlassian.com/opsgenie/docs/create-a-default-api-integration/[Opsgenie documentation].
-After creating an Opsgenie instance, https://support.atlassian.com/opsgenie/docs/create-a-default-api-integration/[configure the API integration].
-
If you're using a free trial, go to the `Teams` dashboard and select the appropriate team.
image::management/connectors/images/opsgenie-teams.png[Opsgenie teams dashboard]
diff --git a/docs/management/connectors/action-types/pagerduty.asciidoc b/docs/management/connectors/action-types/pagerduty.asciidoc
index 5e12eddaa5c77..aba9db8f997f7 100644
--- a/docs/management/connectors/action-types/pagerduty.asciidoc
+++ b/docs/management/connectors/action-types/pagerduty.asciidoc
@@ -48,7 +48,7 @@ Secrets defines sensitive information for the connector type.
[float]
[[define-pagerduty-ui]]
-==== Define connector in Stack Management
+==== Define connector in {stack-manage-app}
Define PagerDuty connector properties.
@@ -128,20 +128,20 @@ image::images/pagerduty-integration.png[PagerDuty Integrations tab]
[[pagerduty-in-elastic]]
*In Elastic*
-. Create a PagerDuty Connector in Kibana. You can:
+. Create a PagerDuty connector in Kibana. You can:
+
* Create a connector as part of creating an rule by selecting PagerDuty in the *Actions*
section of the rule configuration and selecting *Add new*.
-* Alternatively, create a connector. To create a connector, open the main menu, click *Stack Management > Rules and Connectors*, select *Connectors*, click *Create connector*, then select the PagerDuty option.
+* Alternatively, create a connector. To create a connector, go to *{stack-manage-app} > {connectors-ui}*, click *Create connector*, then select the PagerDuty option.
. Configure the connector by giving it a name and entering the Integration Key, optionally entering a custom API URL.
+
-See <> for how to obtain the endpoint and key information from PagerDuty and
-<> for more details.
+See <> for how to obtain the endpoint and key information from PagerDuty and
+<> for more details.
-. Save the Connector.
+. Save the connector.
-. To create a rule, open the main menu, then click *Stack Management > Rules and Connectors* or the application of your choice.
+. To create a rule, go to *{stack-manage-app} > {rules-ui}* or the application of your choice.
. Set up an action using your PagerDuty connector, by determining:
+
@@ -151,5 +151,5 @@ See <> for how to obtain the endpoint and
Depending on your custom needs, assign them variables from the rule context.
To see the available context variables, click on the *Add variable* icon next
to each corresponding field. For more details on these parameters, see the
-<> and the PagerDuty
+<> and the PagerDuty
https://v2.developer.pagerduty.com/v2/docs/send-an-event-events-api-v2[API v2 documentation].
diff --git a/docs/management/connectors/action-types/resilient.asciidoc b/docs/management/connectors/action-types/resilient.asciidoc
index ef8196bea0aab..3ba0e8e701dfd 100644
--- a/docs/management/connectors/action-types/resilient.asciidoc
+++ b/docs/management/connectors/action-types/resilient.asciidoc
@@ -13,7 +13,7 @@ The IBM Resilient connector uses the https://developer.ibm.com/security/resilien
IBM Resilient connectors have the following configuration properties.
-Name:: The name of the connector. The name is used to identify a connector in the **Stack Management** UI connector listing, and in the connector list when configuring an action.
+Name:: The name of the connector.
URL:: IBM Resilient instance URL.
Organization ID:: IBM Resilient organization ID.
API key ID:: The authentication key ID for HTTP Basic authentication.
@@ -54,7 +54,7 @@ Secrets defines sensitive information for the connector type.
[float]
[[define-resilient-ui]]
-==== Define connector in Stack Management
+==== Define connector in {stack-manage-app}
Define IBM Resilient connector properties.
diff --git a/docs/management/connectors/action-types/server-log.asciidoc b/docs/management/connectors/action-types/server-log.asciidoc
index 0810724d39ead..7d9171ca99ed8 100644
--- a/docs/management/connectors/action-types/server-log.asciidoc
+++ b/docs/management/connectors/action-types/server-log.asciidoc
@@ -13,7 +13,7 @@ This connector writes an entry to the {kib} server log.
Server log connectors have the following configuration properties.
-Name:: The name of the connector. The name is used to identify a connector in the management UI connector listing, or in the connector list when configuring an action.
+Name:: The name of the connector.
[float]
[[Preconfigured-server-log-configuration]]
@@ -28,7 +28,7 @@ Name:: The name of the connector. The name is used to identify a connector
[float]
[[define-serverlog-ui]]
-==== Define connector in Stack Management
+==== Define connector in {stack-manage-app}
Define Server log connector properties.
diff --git a/docs/management/connectors/action-types/servicenow-itom.asciidoc b/docs/management/connectors/action-types/servicenow-itom.asciidoc
index 609ac85c931b6..6016ee3d6f8c7 100644
--- a/docs/management/connectors/action-types/servicenow-itom.asciidoc
+++ b/docs/management/connectors/action-types/servicenow-itom.asciidoc
@@ -54,7 +54,7 @@ include::servicenow.asciidoc[tag=servicenow-endpoint]
{sn-itom} connectors have the following configuration properties.
-Name:: The name of the connector. The name is used to identify a connector in the **Stack Management** connector listing, and in the connector list when configuring an action.
+Name:: The name of the connector.
Is OAuth:: The type of authentication to use.
URL:: {sn} instance URL.
Username:: Username for HTTP Basic authentication.
@@ -125,7 +125,7 @@ Secrets defines sensitive information for the connector type.
[float]
[[define-servicenow-itom-ui]]
-=== Define connector in Stack Management
+=== Define connector in {stack-manage-app}
Define {sn-itom} connector properties. Choose whether to use OAuth for authentication.
diff --git a/docs/management/connectors/action-types/servicenow-sir.asciidoc b/docs/management/connectors/action-types/servicenow-sir.asciidoc
index 44c034cd35f61..e9a9c80b13a45 100644
--- a/docs/management/connectors/action-types/servicenow-sir.asciidoc
+++ b/docs/management/connectors/action-types/servicenow-sir.asciidoc
@@ -82,7 +82,7 @@ IMPORTANT: Deprecated connectors will continue to function with the rules they w
To update a deprecated connector:
-. Open the main menu and go to *Stack Management -> Rules and connectors -> Connectors*.
+. Open the main menu and go to *{stack-manage-app} > {connectors-ui}*.
. Select the deprecated connector to open the *Edit connector* flyout.
. In the warning message, click *Update this connector*.
. Complete the guided steps in the *Edit connector* flyout.
@@ -97,7 +97,7 @@ To update a deprecated connector:
{sn-sir} connectors have the following configuration properties.
-Name:: The name of the connector. The name is used to identify a connector in the **Stack Management** UI connector listing, and in the connector list when configuring an action.
+Name:: The name of the connector.
Is OAuth:: The type of authentication to use.
URL:: {sn} instance URL.
Username:: Username for HTTP Basic authentication.
@@ -173,7 +173,7 @@ Secrets defines sensitive information for the connector type.
[float]
[[define-servicenow-sir-ui]]
-=== Define connector in Stack Management
+=== Define connector in {stack-manage-app}
Define {sn} SecOps connector properties. Choose whether to use OAuth for authentication.
diff --git a/docs/management/connectors/action-types/servicenow.asciidoc b/docs/management/connectors/action-types/servicenow.asciidoc
index 658532d1226f9..b5c5bcecc1800 100644
--- a/docs/management/connectors/action-types/servicenow.asciidoc
+++ b/docs/management/connectors/action-types/servicenow.asciidoc
@@ -166,7 +166,7 @@ IMPORTANT: Deprecated connectors will continue to function with the rules they w
To update a deprecated connector:
-. Open the main menu and go to *Stack Management -> Rules and connectors -> Connectors*.
+. Open the main menu and go to *{stack-manage-app} > {connectors-ui}*.
. Select the deprecated connector to open the *Edit connector* flyout.
. In the warning message, click *Update this connector*.
. Complete the guided steps in the *Edit connector* flyout.
@@ -181,7 +181,7 @@ To update a deprecated connector:
{sn-itsm} connectors have the following configuration properties.
-Name:: The name of the connector. The name is used to identify a connector in the **Stack Management** UI connector listing, and in the connector list when configuring an action.
+Name:: The name of the connector.
Is OAuth:: The type of authentication to use.
URL:: {sn} instance URL.
Username:: Username for HTTP Basic authentication.
@@ -257,7 +257,7 @@ Secrets defines sensitive information for the connector type.
[float]
[[define-servicenow-ui]]
-=== Define connector in Stack Management
+=== Define connector in {stack-manage-app}
Define {sn-itsm} connector properties. Choose whether to use OAuth for authentication.
diff --git a/docs/management/connectors/action-types/slack.asciidoc b/docs/management/connectors/action-types/slack.asciidoc
index 19abf9119b837..cd6860d6d3027 100644
--- a/docs/management/connectors/action-types/slack.asciidoc
+++ b/docs/management/connectors/action-types/slack.asciidoc
@@ -13,14 +13,14 @@ The Slack connector uses https://api.slack.com/incoming-webhooks[Slack Incoming
Slack connectors have the following configuration properties.
-Name:: The name of the connector. The name is used to identify a connector in the management UI connector listing, or in the connector list when configuring an action.
+Name:: The name of the connector.
Webhook URL:: The URL of the incoming webhook. See https://api.slack.com/messaging/webhooks#getting_started[Slack Incoming Webhooks] for instructions on generating this URL. If you are using the <> setting, make sure the hostname is added to the allowed hosts.
[float]
[[slack-connector-networking-configuration]]
==== Connector networking configuration
-Use the <> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
+Use the <> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-slack-configuration]]
@@ -41,7 +41,7 @@ Secrets defines sensitive information for the connector type.
[float]
[[define-slack-ui]]
-==== Define connector in Stack Management
+==== Define connector in {stack-manage-app}
Define Slack connector properties.
diff --git a/docs/management/connectors/action-types/swimlane.asciidoc b/docs/management/connectors/action-types/swimlane.asciidoc
index 88447bb496a86..ff4f1bcb05fe0 100644
--- a/docs/management/connectors/action-types/swimlane.asciidoc
+++ b/docs/management/connectors/action-types/swimlane.asciidoc
@@ -13,7 +13,7 @@ The Swimlane connector uses the https://swimlane.com/knowledge-center/docs/devel
Swimlane connectors have the following configuration properties.
-Name:: The name of the connector. The name is used to identify a connector in the **Stack Management** UI connector listing, and in the connector list when configuring an action.
+Name:: The name of the connector.
URL:: Swimlane instance URL.
Application ID:: Swimlane application ID.
API token:: Swimlane API authentication token for HTTP Basic authentication.
@@ -81,7 +81,7 @@ Secrets defines sensitive information for the connector type.
[float]
[[define-swimlane-ui]]
-==== Define connector in Stack Management
+==== Define connector in {stack-manage-app}
Define Swimlane connector properties.
diff --git a/docs/management/connectors/action-types/teams.asciidoc b/docs/management/connectors/action-types/teams.asciidoc
index 32cfaaf801d70..f80e3e010f995 100644
--- a/docs/management/connectors/action-types/teams.asciidoc
+++ b/docs/management/connectors/action-types/teams.asciidoc
@@ -13,7 +13,7 @@ The Microsoft Teams connector uses https://docs.microsoft.com/en-us/microsofttea
Microsoft Teams connectors have the following configuration properties.
-Name:: The name of the connector. The name is used to identify a connector in the management UI connector listing, or in the connector list when configuring an action.
+Name:: The name of the connector.
Webhook URL:: The URL of the incoming webhook. See https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook#add-an-incoming-webhook-to-a-teams-channel[Add Incoming Webhooks] for instructions on generating this URL. If you are using the <> setting, make sure the hostname is added to the allowed hosts.
[float]
@@ -41,7 +41,7 @@ Secrets defines sensitive information for the connector type.
[float]
[[define-teams-ui]]
-==== Define connector in Stack Management
+==== Define connector in {stack-manage-app}
Define Teams connector properties.
diff --git a/docs/management/connectors/action-types/webhook.asciidoc b/docs/management/connectors/action-types/webhook.asciidoc
index 4c001920f716c..9f6d41c8cb85b 100644
--- a/docs/management/connectors/action-types/webhook.asciidoc
+++ b/docs/management/connectors/action-types/webhook.asciidoc
@@ -13,7 +13,7 @@ The Webhook connector uses https://github.com/axios/axios[axios] to send a POST
Webhook connectors have the following configuration properties.
-Name:: The name of the connector. The name is used to identify a connector in the management UI connector listing, or in the connector list when configuring an action.
+Name:: The name of the connector.
URL:: The request URL. If you are using the <> setting, make sure the hostname is added to the allowed hosts.
Method:: HTTP request method, either `post`(default) or `put`.
Headers:: A set of key-value pairs sent as headers with the request
@@ -60,7 +60,7 @@ Secrets defines sensitive information for the connector type.
[float]
[[define-webhook-ui]]
-==== Define connector in Stack Management
+==== Define connector in {stack-manage-app}
Define Webhook connector properties.
diff --git a/docs/management/connectors/action-types/xmatters.asciidoc b/docs/management/connectors/action-types/xmatters.asciidoc
index 8eae305d9f92d..e4ad978dc35dd 100644
--- a/docs/management/connectors/action-types/xmatters.asciidoc
+++ b/docs/management/connectors/action-types/xmatters.asciidoc
@@ -12,7 +12,7 @@ The xMatters connector uses the https://help.xmatters.com/integrations/#cshid=El
xMatters connectors have the following configuration properties:
-Name:: The name of the connector. The name is used to identify a connector in the management UI connector listing, or in the connector list when configuring an action.
+Name:: The name of the connector.
Authentication Type:: The type of authentication used in the request made to xMatters.
URL:: The request URL for the Elastic Alerts trigger in xMatters. If you are using the <> setting, make sure the hostname is added to the allowed hosts.
Username:: Username for HTTP Basic Authentication.
@@ -22,7 +22,7 @@ Password:: Password for HTTP Basic Authentication.
[[xmatters-connector-networking-configuration]]
==== Connector networking configuration
-Use the <> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
+Use the <> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-xmatters-configuration]]
@@ -70,7 +70,7 @@ Secrets defines sensitive information for the connector type:
[float]
[[define-xmatters-ui]]
-==== Define connector in Stack Management
+==== Define connector in {stack-manage-app}
Define xMatters connector properties. Choose between basic and URL authentication for the requests:
diff --git a/docs/management/connectors/images/connector-delete.png b/docs/management/connectors/images/connector-delete.png
index 0791bb86b5e31..fb86f58e0e7dc 100644
Binary files a/docs/management/connectors/images/connector-delete.png and b/docs/management/connectors/images/connector-delete.png differ
diff --git a/docs/management/connectors/images/connector-filter-by-type.png b/docs/management/connectors/images/connector-filter-by-type.png
index b9383c189256d..fec610e48050e 100644
Binary files a/docs/management/connectors/images/connector-filter-by-type.png and b/docs/management/connectors/images/connector-filter-by-type.png differ
diff --git a/docs/management/connectors/images/connector-listing.png b/docs/management/connectors/images/connector-listing.png
index 52217b31331f2..aef38f84d4b54 100644
Binary files a/docs/management/connectors/images/connector-listing.png and b/docs/management/connectors/images/connector-listing.png differ
diff --git a/docs/management/connectors/images/connectors-with-missing-secrets.png b/docs/management/connectors/images/connectors-with-missing-secrets.png
index e20973b5640de..fbbdbcc5fd789 100644
Binary files a/docs/management/connectors/images/connectors-with-missing-secrets.png and b/docs/management/connectors/images/connectors-with-missing-secrets.png differ
diff --git a/docs/management/connectors/images/pre-configured-connectors-managing.png b/docs/management/connectors/images/pre-configured-connectors-managing.png
index b7fe88ccf2fa9..772bafab4c791 100644
Binary files a/docs/management/connectors/images/pre-configured-connectors-managing.png and b/docs/management/connectors/images/pre-configured-connectors-managing.png differ
diff --git a/docs/management/connectors/index.asciidoc b/docs/management/connectors/index.asciidoc
index fe65120e4b2b9..b443ffd967a6f 100644
--- a/docs/management/connectors/index.asciidoc
+++ b/docs/management/connectors/index.asciidoc
@@ -3,6 +3,7 @@ include::action-types/resilient.asciidoc[]
include::action-types/index.asciidoc[]
include::action-types/jira.asciidoc[]
include::action-types/teams.asciidoc[]
+include::action-types/opsgenie.asciidoc[]
include::action-types/pagerduty.asciidoc[]
include::action-types/server-log.asciidoc[]
include::action-types/servicenow.asciidoc[leveloffset=+1]
@@ -10,9 +11,8 @@ include::action-types/servicenow-sir.asciidoc[leveloffset=+1]
include::action-types/servicenow-itom.asciidoc[leveloffset=+1]
include::action-types/swimlane.asciidoc[]
include::action-types/slack.asciidoc[]
+include::action-types/tines.asciidoc[leveloffset=+1]
include::action-types/webhook.asciidoc[]
include::action-types/cases-webhook.asciidoc[leveloffset=+1]
-include::action-types/opsgenie.asciidoc[]
include::action-types/xmatters.asciidoc[]
-include::action-types/tines.asciidoc[leveloffset=+1]
include::pre-configured-connectors.asciidoc[]
diff --git a/docs/management/connectors/pre-configured-connectors.asciidoc b/docs/management/connectors/pre-configured-connectors.asciidoc
index 7498784ef389e..ad580d87e712b 100644
--- a/docs/management/connectors/pre-configured-connectors.asciidoc
+++ b/docs/management/connectors/pre-configured-connectors.asciidoc
@@ -66,9 +66,8 @@ Sensitive properties, such as passwords, can also be stored in the
[[managing-pre-configured-connectors]]
==== View preconfigured connectors
-When you open the main menu, click *Stack Management > Rules and Connectors*.
-Preconfigured connectors appear on the
-<>, regardless of which space you are
+When you open the main menu, click *{stack-manage-app} > {connectors-ui}*.
+Preconfigured connectors appear regardless of which space you are
in. They are tagged as “preconfigured”, and you cannot delete them.
[role="screenshot"]
diff --git a/docs/maps/asset-tracking-tutorial.asciidoc b/docs/maps/asset-tracking-tutorial.asciidoc
index 4e6efff35b3a3..c87cdfde9ee68 100644
--- a/docs/maps/asset-tracking-tutorial.asciidoc
+++ b/docs/maps/asset-tracking-tutorial.asciidoc
@@ -8,7 +8,7 @@ In this tutorial, you’ll look at live urban transit data from the city of Port
You’ll learn to:
-- Use {filebeat} to ingest the TriMet REST API into Elasticsearch.
+- Use {agent} to ingest the TriMet REST API into {es}.
- Create a map with layers that visualize asset tracks and last-known locations.
- Use symbols and colors to style data values and show which direction an asset is heading.
- Set up tracking containment alerts to monitor moving vehicles.
@@ -23,11 +23,11 @@ image::maps/images/asset-tracking-tutorial/construction_zones.png[]
- If you don’t already have {kib}, set it up with https://www.elastic.co/cloud/elasticsearch-service/signup?baymax=docs-body&elektra=docs[our free trial]. Download the deployment credentials.
- Obtain an API key for https://developer.trimet.org/[TriMet web services] at https://developer.trimet.org/appid/registration/.
-- https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-installation-configuration.html[Install Filebeat].
+- {fleet-guide}/fleet-overview.html[Fleet] is enabled on your cluster, and one or more {fleet-guide}/elastic-agent-installation.html[{agent}s] is enrolled.
[float]
=== Part 1: Ingest the Portland bus data
-To get to the fun of visualizing and alerting on Portland buses, you must first create a {filebeat} input to ingest the TriMet Portland bus data into {es}.
+To get to the fun of visualizing and alerting on Portland buses, you must first add the *Custom API* integration to an Elastic Agent policy to get the TriMet Portland bus data into {es}.
[float]
==== Step 1: Set up an Elasticsearch index
@@ -270,47 +270,39 @@ PUT _ingest/pipeline/tri_met_tracks
----------------------------------
[float]
-==== Step 2: Start {filebeat}
+==== Step 2: Configure {agent}
-. Replace the contents in your `filebeat.yml` file with the following:
-+
-[source,yaml]
-----------------------------------
-filebeat.inputs:
-# Fetch trimet bus data every minute.
-- type: httpjson
- interval: 1m
- request.url: "https://developer.trimet.org/ws/v2/vehicles?appID="
- response.split:
- target: body.resultSet.vehicle
- processors:
- - decode_json_fields:
- fields: ["message"]
- target: "trimet"
+. From the {kib} main menu, click *Fleet*, then the *Agent policies* tab.
- pipeline: "tri_met_tracks"
+. Click the name of the agent policy where you want to add the *Custom API* integration. The configuration changes you make only apply to the policy you select.
+. Click the name of the *Custom API* integration, or add the integration if the agent policy does not yet have it.
-# ---------------------------- Elastic Cloud Output ----------------------------
-cloud.id:
-cloud.auth:
+. From the *Edit Custom API integration* page, expand the *Change defaults* section.
-----------------------------------
+. Set the *Dataset name* to *httpjson.trimet*.
+
+. Set the *Ingest Pipeline* to *tri_met_pipeline*.
+
+. Set the *Request URL* to *https://developer.trimet.org/ws/v2/vehicles?appID=*.
-. Replace `` with your TriMet application id.
-. Replace `` with your Elastic Cloud deployment credentials.
-. Replace `` with your {ece}/ece-cloud-id.html[elastic cloud id].
-. Open a terminal window, and then navigate to the {filebeat} folder.
-. In your `filebeat` folder, run {filebeat} with the edited config:
+. Set *Response Split* to *target: body.resultSet.vehicle*.
+
+. At the bottom of the configuration, expand *Advanced options*.
+
+. Set *Processors* to:
+
-[source,bash]
+[source,yaml]
----------------------------------
-/bin/filebeat -c filebeat.yml
+- decode_json_fields:
+ fields: ["message"]
+ target: "trimet"
----------------------------------
-. Wait for {filebeat} to start shipping data to Elastic Cloud. {filebeat} should not produce any output to stdout.
+. Leave everything else as defaults.
+
+. Click *Save integration* to deploy the configuration to any {agent} with the policy assigned.
-. Leave the terminal window open and {filebeat} running throughout this tutorial.
[float]
==== Step 3: Create a data view for the tri_met_tracks {es} index
@@ -450,7 +442,7 @@ image::maps/images/asset-tracking-tutorial/construction_zones.png[]
Create a new alert by defining a rule and a connector. The rule includes the conditions that will trigger the alert, and the connector defines what action takes place once the alert is triggered. In this case, each alert will log a message to the Kibana log.
-. Open *Stack Management*, and then click *Rules and Connectors*.
+. Open *{stack-manage-app}*, and then click *{rules-ui}*.
. Click *Create rule*.
. Name the rule *Bus Alerts*.
. Set *Check every* to *5 seconds*.
@@ -489,9 +481,6 @@ image::maps/images/asset-tracking-tutorial/tracking_containment_configuration.pn
. Click *Save*.
-The *Bus Alert connector* is added to the *Rules and Connectors* page. For more information on common connectors, refer to the <> and <> connectors.
-
-[role="screenshot"]
-image::maps/images/asset-tracking-tutorial/rules_and_connectors.png[]
+The *Bus Alert connector* is added to the *{connectors-ui}* page. For more information on common connectors, refer to the <> and <> connectors.
Congratulations! You have completed the tutorial and have the recipe for tracking assets. You can now try replicating this same analysis with your own data.
diff --git a/docs/maps/images/asset-tracking-tutorial/rules_and_connectors.png b/docs/maps/images/asset-tracking-tutorial/rules_and_connectors.png
deleted file mode 100644
index 35d89dd42ab27..0000000000000
Binary files a/docs/maps/images/asset-tracking-tutorial/rules_and_connectors.png and /dev/null differ
diff --git a/docs/setup/connect-to-elasticsearch.asciidoc b/docs/setup/connect-to-elasticsearch.asciidoc
index 9e1ee62f093fe..f459150b0ee8d 100644
--- a/docs/setup/connect-to-elasticsearch.asciidoc
+++ b/docs/setup/connect-to-elasticsearch.asciidoc
@@ -13,7 +13,7 @@ All integrations are available in a single view, and
image::images/add-integration.png[Integrations page from which you can choose integrations to start collecting and analyzing data]
NOTE: When an integration is available for both
-https://www.elastic.co/guide/en/fleet/master/beats-agent-comparison.html[Elastic Agent and Beats],
+{fleet-guide}/beats-agent-comparison.html[Elastic Agent and Beats],
the *Integrations* view defaults to the
Elastic Agent integration, if it is generally available (GA).
To show a
diff --git a/docs/user/alerting/alerting-getting-started.asciidoc b/docs/user/alerting/alerting-getting-started.asciidoc
index 708c4f0ddfeff..e169bcfc24869 100644
--- a/docs/user/alerting/alerting-getting-started.asciidoc
+++ b/docs/user/alerting/alerting-getting-started.asciidoc
@@ -3,32 +3,32 @@
--
-Alerting allows you to define *rules* to detect complex conditions within different {kib} apps and trigger actions when those conditions are met. Alerting is integrated with {observability-guide}/create-alerts.html[*Observability*], {security-guide}/prebuilt-rules.html[*Security*], <> and {ml-docs}/ml-configuring-alerts.html[*{ml-app}*], can be centrally managed from the <> UI, and provides a set of built-in <> and <> (known as stack rules) for you to use.
+Alerting allows you to define _rules_ to detect complex conditions within different {kib} apps and trigger actions when those conditions are met. Alerting is integrated with {observability-guide}/create-alerts.html[*Observability*], {security-guide}/prebuilt-rules.html[*Security*], <> and {ml-docs}/ml-configuring-alerts.html[*{ml-app}*], can be centrally managed from the <> UI, and provides a set of built-in <> and <> (known as stack rules) for you to use.
image::images/alerting-overview.png[{rules-ui} UI]
[IMPORTANT]
==============================================
-To make sure you can access alerting and actions, see the <> section.
+To make sure you can access alerting and actions, see the <> section.
==============================================
[float]
== Concepts and terminology
-Alerting works by running checks on a schedule to detect conditions defined by a *rule*. When a condition is met, the rule tracks it as an *alert* and responds by triggering one or more *actions*.
-Actions typically involve interaction with {kib} services or third party integrations. *Connectors* allow actions to talk to these services and integrations.
+Alerting works by running checks on a schedule to detect conditions defined by a rule. When a condition is met, the rule tracks it as an _alert_ and responds by triggering one or more _actions_.
+Actions typically involve interaction with {kib} services or third party integrations. _Connectors_ allow actions to talk to these services and integrations.
This section describes all of these elements and how they operate together.
[float]
=== Rules
-A rule specifies a background task that runs on the {kib} server to check for specific conditions. {kib} provides two types of rules: stack rules that are built into {kib} and the rules that are registered by {kib} apps. Refer to <> for more information.
+A rule specifies a background task that runs on the {kib} server to check for specific conditions. {kib} provides two types of rules: stack rules that are built into {kib} and the rules that are registered by {kib} apps. For more information, refer to <>.
A rule consists of three main parts:
-* *Conditions*: what needs to be detected?
-* *Schedule*: when/how often should detection checks run?
-* *Actions*: what happens when a condition is detected?
+* _Conditions_: what needs to be detected?
+* _Schedule_: when/how often should detection checks run?
+* _Actions_: what happens when a condition is detected?
For example, when monitoring a set of servers, a rule might:
@@ -46,10 +46,10 @@ The following sections describe each part of the rule in more detail.
Under the hood, {kib} rules detect conditions by running a JavaScript function on the {kib} server, which gives it the flexibility to support a wide range of conditions, anything from the results of a simple {es} query to heavy computations involving data from multiple sources or external systems.
-These conditions are packaged and exposed as *rule types*. A rule type hides the underlying details of the condition, and exposes a set of parameters
+These conditions are packaged and exposed as _rule types_. A rule type hides the underlying details of the condition, and exposes a set of parameters
to control the details of the conditions to detect.
-For example, an <> lets you specify the index to query, an aggregation field, and a time window, but the details of the underlying {es} query are hidden.
+For example, an <> lets you specify the index to query, an aggregation field, and a time window, but the details of the underlying {es} query are hidden.
See <> for the rules provided by {kib} and how they express their conditions.
@@ -72,8 +72,8 @@ Actions are invocations of connectors, which allow interaction with {kib} servic
When defining actions in a rule, you specify:
-* The *connector type*: the type of service or integration to use
-* The connection for that type by referencing a <>
+* The _connector type_: the type of service or integration to use
+* The connection for that type by referencing a <>
* A mapping of rule values to properties exposed for that type of action
The result is a template: all the parameters needed to invoke a service are supplied except for specific values that are only known at the time the rule condition is detected.
@@ -101,40 +101,43 @@ image::images/alerts.svg[{kib} tracks each detected condition as an alert and ta
=== Connectors
Actions often involve connecting with services inside {kib} or integrating with third-party systems.
-Rather than repeatedly entering connection information and credentials for each action, {kib} simplifies action setup using *connectors*.
+Rather than repeatedly entering connection information and credentials for each action, {kib} simplifies action setup using connectors.
-*Connectors* provide a central place to store connection information for services and integrations. For example if four rules send email notifications via the same SMTP service, they can all reference the same SMTP connector. When the SMTP settings change, you can update them once in the connector, instead of having to update four rules.
+Connectors provide a central place to store connection information for services and integrations. For example if four rules send email notifications via the same SMTP service, they can all reference the same SMTP connector. When the SMTP settings change, you can update them once in the connector, instead of having to update four rules.
image::images/rule-concepts-connectors.svg[Connectors provide a central place to store service connection settings]
[float]
== Putting it all together
-A *rule* consists of conditions, *actions*, and a schedule. When conditions are met, *alerts* are created that render *actions* and invoke them. To make action setup and update easier, actions use *connectors* that centralize the information used to connect with {kib} services and third-party integrations. The following example ties these concepts together:
+A rule consists of conditions, actions, and a schedule. When conditions are met, alerts are created that render actions and invoke them. To make action setup and update easier, actions use connectors that centralize the information used to connect with {kib} services and third-party integrations. The following example ties these concepts together:
image::images/rule-concepts-summary.svg[Rules, connectors, alerts and actions work together to convert detection into action]
-. Anytime a *rule*'s conditions are met, an *alert* is created. This example checks for servers with average CPU > 0.9. Three servers meet the condition, so three alerts are created.
-. Alerts create *actions* as long as they are not muted or throttled. When actions are created, the template that was setup in the rule is filled with actual values. In this example, three actions are created, and the template string {{server}} is replaced with the server name for each alert.
-. {kib} invokes the actions, sending them to a third party *integration* like an email service.
-. If the third party integration has connection parameters or credentials, {kib} will fetch these from the *connector* referenced in the action.
+. Anytime a rule's conditions are met, an alert is created. This example checks for servers with average CPU > 0.9. Three servers meet the condition, so three alerts are created.
+. Alerts create actions as long as they are not muted or throttled. When actions are created, the template that was setup in the rule is filled with actual values. In this example, three actions are created, and the template string {{server}} is replaced with the server name for each alert.
+. {kib} invokes the actions, sending them to a third party integration like an email service.
+. If the third party integration has connection parameters or credentials, {kib} will fetch these from the connector referenced in the action.
[float]
[[alerting-concepts-differences]]
== Differences from {watcher}
-Alerting and <> are both used to detect conditions and can trigger actions in response, but they are completely independent alerting systems.
+<> and the {kib} {alert-features} are both used to detect
+conditions and can trigger actions in response, but they are completely
+independent alerting systems.
-This section will clarify some of the important differences in the function and intent of the two systems.
+This section will clarify some of the important differences in the function and
+intent of the two systems.
-Functionally, Alerting differs in that:
+Functionally, the {alert-features} differ in that:
* Scheduled checks are run on {kib} instead of {es}
-* {kib} <> through *rule types*, whereas watches provide low-level control over inputs, conditions, and transformations.
-* {kib} rules track and persist the state of each detected condition through *alerts*. This makes it possible to mute and throttle individual alerts, and detect changes in state such as resolution.
-* Actions are linked to *alerts* in Alerting. Actions are fired for each occurrence of a detected condition, rather than for the entire rule.
+* {kib} <> through rule types, whereas watches provide low-level control over inputs, conditions, and transformations.
+* {kib} rules track and persist the state of each detected condition through alerts. This makes it possible to mute and throttle individual alerts, and detect changes in state such as resolution.
+* Actions are linked to alerts in Alerting. Actions are fired for each occurrence of a detected condition, rather than for the entire rule.
-At a higher level, Alerting allows rich integrations across use cases like <>, <>, <>, and <>.
-Prepackaged *rule types* simplify setup and hide the details of complex, domain-specific detections, while providing a consistent interface across {kib}.
+At a higher level, the {alert-features} allow rich integrations across use cases like <>, <>, <>, and <>.
+Prepackaged rule types simplify setup and hide the details of complex, domain-specific detections, while providing a consistent interface across {kib}.
--
diff --git a/docs/user/alerting/alerting-troubleshooting.asciidoc b/docs/user/alerting/alerting-troubleshooting.asciidoc
index 62604c465dafc..6f3246956be49 100644
--- a/docs/user/alerting/alerting-troubleshooting.asciidoc
+++ b/docs/user/alerting/alerting-troubleshooting.asciidoc
@@ -31,7 +31,8 @@ and Task Manager <>.
[float]
[[alerting-managment-detail]]
=== Using rules and connectors list for the current state and finding issues
-*{rules-ui}* in *{stack-manage-app}* lists the rules and connectors available in the space you're currently in. When you click a rule name, you are navigated to the <> for the rule, where you can see currently active alerts.
+
+*{rules-ui}* in *{stack-manage-app}* lists the rules available in the space you're currently in. When you click a rule name, you are navigated to the <> for the rule, where you can see currently active alerts.
The start date on this page indicates when a rule is triggered, and for what alerts. In addition, the duration of the condition indicates how long the instance is active.
[role="screenshot"]
image::images/rule-details-alerts-inactive.png[Alerting management details]
@@ -64,7 +65,7 @@ curl -X POST -k \
-d '{"params":{"subject":"hallo","message":"hallo!","to":["me@example.com"]}}'
--------------------------------------------------
-experimental[] In addition, there is a command-line client that uses legacy {rules-ui} APIs, which can be easier to use, but must be updated for the new APIs.
+experimental[] In addition, there is a command-line client that uses legacy rule APIs, which can be easier to use, but must be updated for the new APIs.
CLI tools to list, create, edit, and delete alerts (rules) and actions (connectors) are available in https://github.com/pmuellr/kbn-action[kbn-action], which you can install as follows:
[source, txt]
--------------------------------------------------
@@ -93,8 +94,8 @@ image::images/rules-management-health.png[Rule management page with the errors b
[[task-manager-diagnostics]]
=== Task Manager diagnostics
-Under the hood, {rules-ui} uses a plugin called Task Manager, which handles the scheduling, running, and error handling of the tasks.
-This means that failure cases in {rules-ui} will, at times, be revealed by the Task Manager mechanism, rather than the Rules mechanism.
+Under the hood, the {alert-features} use a plugin called Task Manager, which handles the scheduling, running, and error handling of the tasks.
+This means that failure cases in {alert-features} will, at times, be revealed by the Task Manager mechanism, rather than the Rules mechanism.
Task Manager provides a visible status which can be used to diagnose issues and is very well documented <> and <>.
Task Manager uses the `.kibana_task_manager` index, an internal index that contains all the saved objects that represent the tasks in the system.
@@ -191,7 +192,7 @@ In addition to the above methods, refer to the following approaches and common i
* <>
* <>
-* <>
+* <>
[discrete]
[[alerting-limitations]]
diff --git a/docs/user/alerting/create-and-manage-rules.asciidoc b/docs/user/alerting/create-and-manage-rules.asciidoc
index 9aeeeabe08c7e..15de5944b59fc 100644
--- a/docs/user/alerting/create-and-manage-rules.asciidoc
+++ b/docs/user/alerting/create-and-manage-rules.asciidoc
@@ -13,7 +13,7 @@ central place to:
* Drill down to <>
[role="screenshot"]
-image:images/rules-and-connectors-ui.png[Example rule listing in {rules-ui}]
+image:images/rules-ui.png[Example rule listing in {rules-ui}]
For more information on alerting concepts and the types of rules and connectors
available, go to <>.
diff --git a/docs/user/alerting/images/alerting-overview.png b/docs/user/alerting/images/alerting-overview.png
index b9368f737b550..af2b14b272bb5 100644
Binary files a/docs/user/alerting/images/alerting-overview.png and b/docs/user/alerting/images/alerting-overview.png differ
diff --git a/docs/user/alerting/images/individual-enable-disable.png b/docs/user/alerting/images/individual-enable-disable.png
index cca96a119da3b..14a06b7cbe657 100644
Binary files a/docs/user/alerting/images/individual-enable-disable.png and b/docs/user/alerting/images/individual-enable-disable.png differ
diff --git a/docs/user/alerting/images/rules-and-connectors-ui.png b/docs/user/alerting/images/rules-and-connectors-ui.png
deleted file mode 100644
index ad04bfbc470ee..0000000000000
Binary files a/docs/user/alerting/images/rules-and-connectors-ui.png and /dev/null differ
diff --git a/docs/user/alerting/images/rules-ui.png b/docs/user/alerting/images/rules-ui.png
new file mode 100644
index 0000000000000..cfe4670254ee6
Binary files /dev/null and b/docs/user/alerting/images/rules-ui.png differ
diff --git a/docs/user/alerting/images/snooze-panel.png b/docs/user/alerting/images/snooze-panel.png
index 79b64b914338d..55d3e372c4436 100644
Binary files a/docs/user/alerting/images/snooze-panel.png and b/docs/user/alerting/images/snooze-panel.png differ
diff --git a/docs/user/alerting/rule-types/index-threshold.asciidoc b/docs/user/alerting/rule-types/index-threshold.asciidoc
index 03f855a861022..b19dc83ae0351 100644
--- a/docs/user/alerting/rule-types/index-threshold.asciidoc
+++ b/docs/user/alerting/rule-types/index-threshold.asciidoc
@@ -48,9 +48,9 @@ image::user/alerting/images/rule-types-index-threshold-preview.png[Five clauses
[float]
==== Example
-In this example, you will use the {kib} <> to set up and tune the conditions on an index threshold rule. For this example, you want to detect when any of the top four sites serve more than 420,000 bytes over a 24 hour period.
+In this example, you will use the {kib} <> to set up and tune the conditions on an index threshold rule. For this example, you want to detect when any of the top four sites serve more than 420,000 bytes over a 24 hour period.
-. Open the main menu, then click **Stack Management > Rules and Connectors**.
+. Open the main menu, then click *{stack-manage-app} > {rules-ui}*.
. Create a new rule that is checked every four hours and triggers actions when the rule status changes.
+
diff --git a/docs/user/alerting/troubleshooting/testing-connectors.asciidoc b/docs/user/alerting/troubleshooting/testing-connectors.asciidoc
index 4207a6af23239..3170ec27ccdb9 100644
--- a/docs/user/alerting/troubleshooting/testing-connectors.asciidoc
+++ b/docs/user/alerting/troubleshooting/testing-connectors.asciidoc
@@ -3,11 +3,11 @@
=== Test connectors
-In *{stack-manage-app} > {rules-ui}*, you can test a newly created connector by navigating to the Test tab of Connector Edit flyout or by clicking "Save & test" button on Create flyout:
+In *{stack-manage-app} > {connectors-ui}*, you can test a newly created connector by navigating to the Test tab of Connector Edit flyout or by clicking "Save & test" button on Create flyout:
[role="screenshot"]
image::user/alerting/images/connector-save-and-test.png[Rule management page with the errors banner]
-or by directly opening the proper connector Edit flyout:
+or by directly opening the proper connector edit flyout:
[role="screenshot"]
image::user/alerting/images/email-connector-test.png[Rule management page with the errors banner]
diff --git a/docs/user/images/rules-and-connectors.png b/docs/user/images/rules-and-connectors.png
deleted file mode 100644
index 1a85eeb6c0bc2..0000000000000
Binary files a/docs/user/images/rules-and-connectors.png and /dev/null differ
diff --git a/docs/user/introduction.asciidoc b/docs/user/introduction.asciidoc
index fa5801e622706..f3281b9bed175 100644
--- a/docs/user/introduction.asciidoc
+++ b/docs/user/introduction.asciidoc
@@ -127,10 +127,7 @@ When the alert triggers, you can send a notification to a system that is part of
email, Slack, PagerDuty, ServiceNow, and other third party integrations.
A dedicated view for creating, searching,
-and editing rules is in <>.
-
-[role="screenshot"]
-image::images/rules-and-connectors.png[Rules and Connectors view]
+and editing rules is in <>.
[float]
[[organize-and-secure]]
diff --git a/docs/user/management.asciidoc b/docs/user/management.asciidoc
index 02261d062e826..67ccadf696411 100644
--- a/docs/user/management.asciidoc
+++ b/docs/user/management.asciidoc
@@ -74,13 +74,15 @@ You can add and remove remote clusters, and check their connectivity.
[cols="50, 50"]
|===
-| <>
-| Centrally <> across {kib}. Create and <> for triggering actions.
+| <>
+| Centrally <> across {kib}.
| <>
| Create and manage cases to investigate issues.
+| <>
+| Create and <> for triggering actions.
+
| <>
| Monitor the generation of reports—PDF, PNG, and CSV—and download reports that you previously generated.
A report can contain a dashboard, visualization, saved search, or Canvas workpad.
diff --git a/docs/user/monitoring/kibana-alerts.asciidoc b/docs/user/monitoring/kibana-alerts.asciidoc
index eedc19a189887..a291f50364099 100644
--- a/docs/user/monitoring/kibana-alerts.asciidoc
+++ b/docs/user/monitoring/kibana-alerts.asciidoc
@@ -23,7 +23,8 @@ The default action for all {stack-monitor-app} rules is to write to {kib} logs
and display a notification in the UI.
To review and modify existing *{stack-monitor-app}* rules, click *Enter setup mode* on the *Cluster overview* page.
-Alternatively, to manage all rules, including create and delete functionality go to *Stack Management > Rules and Connectors*.
+Alternatively, to manage all rules, including create and delete functionality
+go to *{stack-manage-app} > {rules-ui}*.
[discrete]
[[kibana-alerts-cpu-threshold]]
diff --git a/docs/user/production-considerations/task-manager-troubleshooting.asciidoc b/docs/user/production-considerations/task-manager-troubleshooting.asciidoc
index de765ea542ecd..75f7973bc3af9 100644
--- a/docs/user/production-considerations/task-manager-troubleshooting.asciidoc
+++ b/docs/user/production-considerations/task-manager-troubleshooting.asciidoc
@@ -1002,7 +1002,7 @@ Task Manager has run out of Available Workers:
server log [12:41:33.672] [info][plugins][taskManager][taskManager] [Task Ownership]: Task Manager has skipped Claiming Ownership of available tasks at it has ran out Available Workers.
--------------------------------------------------
-This log message tells us that Task Manager is not managing to keep up with the sheer amount of work it has been tasked with completing. This might mean that Rules are not running at the frequency that was expected (instead of running every 5 minutes, it runs every 7-8 minutes, just as an example).
+This log message tells us that Task Manager is not managing to keep up with the sheer amount of work it has been tasked with completing. This might mean that rules are not running at the frequency that was expected (instead of running every 5 minutes, it runs every 7-8 minutes, just as an example).
By default Task Manager is limited to 10 tasks and this can be bumped up by setting a higher number in the kibana.yml file using the `xpack.task_manager.max_workers` configuration. It is important to keep in mind that a higher number of tasks running at any given time means more load on both Kibana and Elasticsearch, so only change this setting if increasing load in your environment makes sense.
diff --git a/package.json b/package.json
index 7ad2173ff9f15..b5e7099ce6459 100644
--- a/package.json
+++ b/package.json
@@ -12,7 +12,7 @@
],
"private": true,
"version": "8.6.0",
- "branch": "main",
+ "branch": "8.6",
"types": "./kibana.d.ts",
"tsdocMetadata": "./build/tsdoc-metadata.json",
"build": {
@@ -108,7 +108,7 @@
"@elastic/datemath": "5.0.3",
"@elastic/elasticsearch": "npm:@elastic/elasticsearch-canary@8.4.0-canary.1",
"@elastic/ems-client": "8.3.3",
- "@elastic/eui": "67.1.8",
+ "@elastic/eui": "67.1.10",
"@elastic/filesaver": "1.1.2",
"@elastic/node-crypto": "1.2.1",
"@elastic/numeral": "^2.5.1",
@@ -1062,7 +1062,7 @@
"license-checker": "^25.0.1",
"listr": "^0.14.1",
"lmdb-store": "^1.6.11",
- "loader-utils": "^2.0.3",
+ "loader-utils": "^2.0.4",
"marge": "^1.0.1",
"micromatch": "^4.0.5",
"mini-css-extract-plugin": "1.1.0",
diff --git a/packages/core/http/core-http-resources-server-internal/src/http_resources_service.test.ts b/packages/core/http/core-http-resources-server-internal/src/http_resources_service.test.ts
index b642c505cad38..32245c6e9f61c 100644
--- a/packages/core/http/core-http-resources-server-internal/src/http_resources_service.test.ts
+++ b/packages/core/http/core-http-resources-server-internal/src/http_resources_service.test.ts
@@ -57,6 +57,7 @@ describe('HttpResources service', () => {
describe(`${name} register`, () => {
const routeConfig: RouteConfig = { path: '/', validate: false };
let register: HttpResources['register'];
+
beforeEach(async () => {
register = await initializer();
});
@@ -81,32 +82,8 @@ describe('HttpResources service', () => {
}
);
});
-
- it('can attach headers, except the CSP header', async () => {
- register(routeConfig, async (ctx, req, res) => {
- return res.renderCoreApp({
- headers: {
- 'content-security-policy': "script-src 'unsafe-eval'",
- 'x-kibana': '42',
- },
- });
- });
-
- const [[, routeHandler]] = router.get.mock.calls;
-
- const responseFactory = createHttpResourcesResponseFactory();
- await routeHandler(context, kibanaRequest, responseFactory);
-
- expect(responseFactory.ok).toHaveBeenCalledWith({
- body: '',
- headers: {
- 'x-kibana': '42',
- 'content-security-policy':
- "script-src 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
- },
- });
- });
});
+
describe('renderAnonymousCoreApp', () => {
it('formats successful response', async () => {
register(routeConfig, async (ctx, req, res) => {
@@ -127,32 +104,8 @@ describe('HttpResources service', () => {
}
);
});
-
- it('can attach headers, except the CSP header', async () => {
- register(routeConfig, async (ctx, req, res) => {
- return res.renderAnonymousCoreApp({
- headers: {
- 'content-security-policy': "script-src 'unsafe-eval'",
- 'x-kibana': '42',
- },
- });
- });
-
- const [[, routeHandler]] = router.get.mock.calls;
-
- const responseFactory = createHttpResourcesResponseFactory();
- await routeHandler(context, kibanaRequest, responseFactory);
-
- expect(responseFactory.ok).toHaveBeenCalledWith({
- body: '',
- headers: {
- 'x-kibana': '42',
- 'content-security-policy':
- "script-src 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
- },
- });
- });
});
+
describe('renderHtml', () => {
it('formats successful response', async () => {
const htmlBody = '';
@@ -167,20 +120,17 @@ describe('HttpResources service', () => {
body: htmlBody,
headers: {
'content-type': 'text/html',
- 'content-security-policy':
- "script-src 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
},
});
});
- it('can attach headers, except the CSP & "content-type" headers', async () => {
+ it('can attach headers, except the "content-type" header', async () => {
const htmlBody = '';
register(routeConfig, async (ctx, req, res) => {
return res.renderHtml({
body: htmlBody,
headers: {
'content-type': 'text/html5',
- 'content-security-policy': "script-src 'unsafe-eval'",
'x-kibana': '42',
},
});
@@ -196,12 +146,11 @@ describe('HttpResources service', () => {
headers: {
'content-type': 'text/html',
'x-kibana': '42',
- 'content-security-policy':
- "script-src 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
},
});
});
});
+
describe('renderJs', () => {
it('formats successful response', async () => {
const jsBody = 'alert(1);';
@@ -216,20 +165,17 @@ describe('HttpResources service', () => {
body: jsBody,
headers: {
'content-type': 'text/javascript',
- 'content-security-policy':
- "script-src 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
},
});
});
- it('can attach headers, except the CSP & "content-type" headers', async () => {
+ it('can attach headers, except the "content-type" header', async () => {
const jsBody = 'alert(1);';
register(routeConfig, async (ctx, req, res) => {
return res.renderJs({
body: jsBody,
headers: {
'content-type': 'text/html',
- 'content-security-policy': "script-src 'unsafe-eval'",
'x-kibana': '42',
},
});
@@ -245,12 +191,11 @@ describe('HttpResources service', () => {
headers: {
'content-type': 'text/javascript',
'x-kibana': '42',
- 'content-security-policy':
- "script-src 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
},
});
});
});
+
describe('renderCss', () => {
it('formats successful response', async () => {
const cssBody = `body {border: 1px solid red;}`;
@@ -265,20 +210,17 @@ describe('HttpResources service', () => {
body: cssBody,
headers: {
'content-type': 'text/css',
- 'content-security-policy':
- "script-src 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
},
});
});
- it('can attach headers, except the CSP & "content-type" headers', async () => {
+ it('can attach headers, except the "content-type" header', async () => {
const cssBody = `body {border: 1px solid red;}`;
register(routeConfig, async (ctx, req, res) => {
return res.renderCss({
body: cssBody,
headers: {
'content-type': 'text/css5',
- 'content-security-policy': "script-src 'unsafe-eval'",
'x-kibana': '42',
},
});
@@ -294,8 +236,6 @@ describe('HttpResources service', () => {
headers: {
'content-type': 'text/css',
'x-kibana': '42',
- 'content-security-policy':
- "script-src 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
},
});
});
diff --git a/packages/core/http/core-http-resources-server-internal/src/http_resources_service.ts b/packages/core/http/core-http-resources-server-internal/src/http_resources_service.ts
index 22be209158b89..13bd334148ae5 100644
--- a/packages/core/http/core-http-resources-server-internal/src/http_resources_service.ts
+++ b/packages/core/http/core-http-resources-server-internal/src/http_resources_service.ts
@@ -101,7 +101,6 @@ export class HttpResourcesService implements CoreService {
toolkit = createToolkit();
});
- it('adds the kbn-name header to the response', () => {
- const config = createConfig({ name: 'my-server-name' });
+ it('adds the kbn-name and Content-Security-Policy headers to the response', () => {
+ const config = createConfig({
+ name: 'my-server-name',
+ csp: { strict: true, warnLegacyBrowsers: true, disableEmbedding: true, header: 'foo' },
+ });
const handler = createCustomHeadersPreResponseHandler(config as HttpConfig);
handler({} as any, {} as any, toolkit);
expect(toolkit.next).toHaveBeenCalledTimes(1);
- expect(toolkit.next).toHaveBeenCalledWith({ headers: { 'kbn-name': 'my-server-name' } });
+ expect(toolkit.next).toHaveBeenCalledWith({
+ headers: {
+ 'Content-Security-Policy': 'foo',
+ 'kbn-name': 'my-server-name',
+ },
+ });
});
it('adds the security headers and custom headers defined in the configuration', () => {
const config = createConfig({
name: 'my-server-name',
+ csp: { strict: true, warnLegacyBrowsers: true, disableEmbedding: true, header: 'foo' },
securityResponseHeaders: {
headerA: 'value-A',
headerB: 'value-B', // will be overridden by the custom response header below
@@ -276,6 +285,7 @@ describe('customHeaders pre-response handler', () => {
expect(toolkit.next).toHaveBeenCalledTimes(1);
expect(toolkit.next).toHaveBeenCalledWith({
headers: {
+ 'Content-Security-Policy': 'foo',
'kbn-name': 'my-server-name',
headerA: 'value-A',
headerB: 'x',
@@ -283,11 +293,13 @@ describe('customHeaders pre-response handler', () => {
});
});
- it('preserve the kbn-name value from server.name if defined in custom headders ', () => {
+ it('do not allow overwrite of the kbn-name and Content-Security-Policy headers if defined in custom headders ', () => {
const config = createConfig({
name: 'my-server-name',
+ csp: { strict: true, warnLegacyBrowsers: true, disableEmbedding: true, header: 'foo' },
customResponseHeaders: {
'kbn-name': 'custom-name',
+ 'Content-Security-Policy': 'custom-csp',
headerA: 'value-A',
headerB: 'value-B',
},
@@ -300,6 +312,7 @@ describe('customHeaders pre-response handler', () => {
expect(toolkit.next).toHaveBeenCalledWith({
headers: {
'kbn-name': 'my-server-name',
+ 'Content-Security-Policy': 'foo',
headerA: 'value-A',
headerB: 'value-B',
},
diff --git a/packages/core/http/core-http-server-internal/src/lifecycle_handlers.ts b/packages/core/http/core-http-server-internal/src/lifecycle_handlers.ts
index 11e034a56914b..3fe9c8ac727ff 100644
--- a/packages/core/http/core-http-server-internal/src/lifecycle_handlers.ts
+++ b/packages/core/http/core-http-server-internal/src/lifecycle_handlers.ts
@@ -61,12 +61,18 @@ export const createVersionCheckPostAuthHandler = (kibanaVersion: string): OnPost
};
export const createCustomHeadersPreResponseHandler = (config: HttpConfig): OnPreResponseHandler => {
- const { name: serverName, securityResponseHeaders, customResponseHeaders } = config;
+ const {
+ name: serverName,
+ securityResponseHeaders,
+ customResponseHeaders,
+ csp: { header: cspHeader },
+ } = config;
return (request, response, toolkit) => {
const additionalHeaders = {
...securityResponseHeaders,
...customResponseHeaders,
+ 'Content-Security-Policy': cspHeader,
[KIBANA_NAME_HEADER]: serverName,
};
diff --git a/packages/core/http/core-http-server-mocks/src/test_utils.ts b/packages/core/http/core-http-server-mocks/src/test_utils.ts
index bb260ae23c908..18e6a21ed2dba 100644
--- a/packages/core/http/core-http-server-mocks/src/test_utils.ts
+++ b/packages/core/http/core-http-server-mocks/src/test_utils.ts
@@ -26,6 +26,7 @@ const createConfigService = () => {
configService.atPath.mockImplementation((path) => {
if (path === 'server') {
return new BehaviorSubject({
+ name: 'kibana',
hosts: ['localhost'],
maxPayload: new ByteSizeValue(1024),
autoListen: true,
diff --git a/packages/core/overlays/core-overlays-browser-internal/src/modal/__snapshots__/modal_service.test.tsx.snap b/packages/core/overlays/core-overlays-browser-internal/src/modal/__snapshots__/modal_service.test.tsx.snap
index ae55761e0cbd4..2b5f564dfb3ee 100644
--- a/packages/core/overlays/core-overlays-browser-internal/src/modal/__snapshots__/modal_service.test.tsx.snap
+++ b/packages/core/overlays/core-overlays-browser-internal/src/modal/__snapshots__/modal_service.test.tsx.snap
@@ -148,7 +148,7 @@ exports[`ModalService openConfirm() renders a mountpoint confirm message 2`] = `