diff --git a/.bazeliskversion b/.bazeliskversion index 4dae2985b58cc..1cac385c6cb86 100644 --- a/.bazeliskversion +++ b/.bazeliskversion @@ -1 +1 @@ -1.10.1 +1.11.0 diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 3f36f4b67e56b..a8619643d1b2e 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -138,13 +138,11 @@ # Uptime /x-pack/plugins/uptime @elastic/uptime /x-pack/plugins/ux @elastic/uptime -/x-pack/plugins/observability/public/components/shared/exploratory_view @elastic/uptime /x-pack/test/functional_with_es_ssl/apps/uptime @elastic/uptime /x-pack/test/functional/apps/uptime @elastic/uptime /x-pack/test/functional/es_archives/uptime @elastic/uptime /x-pack/test/functional/services/uptime @elastic/uptime /x-pack/test/api_integration/apis/uptime @elastic/uptime -/x-pack/plugins/observability/public/components/shared/exploratory_view @elastic/uptime # Client Side Monitoring / Uptime (lives in APM directories but owned by Uptime) /x-pack/plugins/apm/public/application/uxApp.tsx @elastic/uptime diff --git a/.github/ISSUE_TEMPLATE/APM.yml b/.github/ISSUE_TEMPLATE/APM.yml deleted file mode 100644 index cbcabdee25718..0000000000000 --- a/.github/ISSUE_TEMPLATE/APM.yml +++ /dev/null @@ -1,44 +0,0 @@ -name: APM Issue -description: Issues related to the curated APM UI in Kibana -labels: Team:apm -title: "[APM] " -body: - - type: markdown - attributes: - value: | - Thank you for our interest in Elastic APM. This issue tracker is meant for reporting bugs and problems with APM UI. For questions around how to use or setup APM, please refer to our [Discuss Forum](https://discuss.elastic.co/) - - type: input - attributes: - label: Kibana version - validations: - required: true - - type: input - attributes: - label: APM Server version (if applicable) - validations: - required: false - - type: input - attributes: - label: Elasticsearch version (if applicable) - validations: - required: false - - type: textarea - attributes: - label: Steps to Reproduce - description: Steps to reproduce the behavior. - validations: - required: false - - type: textarea - attributes: - label: Expected Behavior - description: A concise description of what you expected to happen. - validations: - required: false - - type: textarea - attributes: - label: Actual Behavior - description: A concise description of what you're experiencing. - validations: - required: false - - diff --git a/.github/workflows/dev-doc-builder.yml b/.github/workflows/dev-doc-builder.yml deleted file mode 100644 index bbc8745854e48..0000000000000 --- a/.github/workflows/dev-doc-builder.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: Dev docs -on: - pull_request_target: - paths: - - '**.mdx' - - '**.docnav.json' - - '**.docapi.json' - - '**.devdocs.json' - - '**.jpg' - - '**.jpeg' - - '**.png' - - '**.gif' - types: [closed, opened, synchronize, reopened] - -jobs: - internal-docs: - uses: elastic/workflows/.github/workflows/dev-docs-builder.yml@main - secrets: - VERCEL_GITHUB_TOKEN: ${{ secrets.VERCEL_GITHUB_TOKEN }} - VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }} - VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} - VERCEL_PROJECT_ID_DOCS_DEV: ${{ secrets.VERCEL_PROJECT_ID_DOCS_DEV }} diff --git a/.github/workflows/label-qa-fixed-in.yml b/.github/workflows/label-qa-fixed-in.yml new file mode 100644 index 0000000000000..e1dafa061f623 --- /dev/null +++ b/.github/workflows/label-qa-fixed-in.yml @@ -0,0 +1,78 @@ +name: Add QA labels to Fleet issues +on: + pull_request: + types: + - closed + +jobs: + fetch_issues_to_label: + runs-on: ubuntu-latest + # Only run on PRs that were merged for the Fleet team + if: | + github.event.pull_request.merged_at && + contains(github.event.pull_request.labels.*.name, 'Team:Fleet') + outputs: + matrix: ${{ steps.issues_to_label.outputs.value }} + label_ids: ${{ steps.label_ids.outputs.value }} + steps: + - uses: octokit/graphql-action@v2.x + id: closing_issues + with: + query: | + query closingIssueNumbersQuery($prnumber: Int!) { + repository(owner: "elastic", name: "kibana") { + pullRequest(number: $prnumber) { + closingIssuesReferences(first: 10) { + nodes { + id + labels(first: 20) { + nodes { + id + name + } + } + } + } + } + } + } + prnumber: ${{ github.event.number }} + token: ${{ secrets.GITHUB_TOKEN }} + - uses: sergeysova/jq-action@v2 + id: issues_to_label + with: + # Map to the issues' node id + cmd: echo $CLOSING_ISSUES | jq -c '.repository.pullRequest.closingIssuesReferences.nodes | map(.id)' + multiline: true + env: + CLOSING_ISSUES: ${{ steps.closing_issues.outputs.data }} + - uses: sergeysova/jq-action@v2 + id: label_ids + with: + # Get list of version labels on pull request and map to label's node id, append 'QA:Ready For Testing' id ("MDU6TGFiZWwyNTQ1NjcwOTI4") + cmd: echo $PR_LABELS | jq -c 'map(select(.name | test("v[0-9]+\\.[0-9]+\\.[0-9]+")) | .node_id) + ["MDU6TGFiZWwyNTQ1NjcwOTI4"]' + multiline: true + env: + PR_LABELS: ${{ toJSON(github.event.pull_request.labels) }} + + label_issues: + needs: fetch_issues_to_label + runs-on: ubuntu-latest + # For each issue closed by the PR run this job + strategy: + matrix: + issueNodeId: ${{ fromJSON(needs.fetch_issues_to_label.outputs.matrix) }} + name: Label issue ${{ matrix.issueNodeId }} + steps: + - uses: octokit/graphql-action@v2.x + id: add_labels_to_closed_issue + with: + query: | + mutation add_label($issueid:String!, $labelids:[String!]!) { + addLabelsToLabelable(input: {labelableId: $issueid, labelIds: $labelids}) { + clientMutationId + } + } + issueid: ${{ matrix.issueNodeId }} + labelids: ${{ needs.fetch_issues_to_label.outputs.label_ids }} + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.gitignore b/.gitignore index 18302cebd1641..818d3a472d52c 100644 --- a/.gitignore +++ b/.gitignore @@ -66,6 +66,7 @@ npm-debug.log* .ci/bash_standard_lib.sh .gradle .vagrant +.envrc ## @cypress/snapshot from apm plugin /snapshots.js diff --git a/docs/CHANGELOG.asciidoc b/docs/CHANGELOG.asciidoc index 446c305c03b95..47ebcd573edc2 100644 --- a/docs/CHANGELOG.asciidoc +++ b/docs/CHANGELOG.asciidoc @@ -10,6 +10,7 @@ Review important information about the {kib} 8.0.0 releases. +* <> * <> * <> * <> @@ -17,6 +18,139 @@ Review important information about the {kib} 8.0.0 releases. * <> -- +[[release-notes-8.0.0]] +== {kib} 8.0.0 + +Review the {kib} 8.0.0 changes, then use the {kibana-ref-all}/7.17/upgrade-assistant.html[Upgrade Assistant] to complete the upgrade. + +[float] +[[breaking-changes-8.0.0]] +=== Breaking change + +Breaking changes can prevent your application from optimal operation and performance. +Before you upgrade to 8.0.0, review the breaking change, then mitigate the impact to your application. + +// tag::notable-breaking-changes[] + +[discrete] +[[breaking-123754]] +.Removes the `console.ssl` setting +[%collapsible] +==== +*Details* + +The `console.ssl` setting has been removed. For more information, refer to {kibana-pull}123754[#123754]. + +*Impact* + +Before you upgrade to 8.0.0, remove `console.ssl` from kibana.yml. +==== + +// end::notable-breaking-changes[] + + +To review the breaking changes in previous versions, refer to the following: + +<> | <> | <> | <> | +<> + +[float] +[[deprecations-8.0.0]] +=== Deprecation + +The following functionality is deprecated in 8.0.0, and will be removed in 9.0.0. +Deprecated functionality does not have an immediate impact on your application, but we strongly recommend +you make the necessary updates after you upgrade to 8.0.0. + +[discrete] +[[deprecation-123229]] +.Removes support for `monitoring.cluster_alerts.allowedSpaces` +[%collapsible] +==== +*Details* + +The `monitoring.cluster_alerts.allowedSpaces` setting, which {kib} uses to create Stack Monitoring alerts, has been removed. For more information, refer to {kibana-pull}123229[#123229]. + +*Impact* + +Before you upgrade to 8.0.0, remove `monitoring.cluster_alerts.allowedSpaces` from kibana.yml. +==== + +To review the deprecations in previous versions, refer to the following: + +<> | <> + +[float] +[[known-issue-8.0.0]] +=== Known issue + +[discrete] +[[known-issue-123550]] +.Importing and copying saved objects causes weak links to break +[%collapsible] +==== +*Details* + +{kib} supports weak links in some saved objects. For example, a dashboard may include a Markdown panel that contains a relative URL to +another dashboard. Weak links are defined by free text, _not_ the saved object's relationships, and can break if **both** of the following +conditions are true: + +* You are importing saved objects into multiple spaces, _OR_ you are copying saved objects into another space +* Before you upgraded to 8.0.0, the saved objects did not already exist in the destinations + +In 8.0.0 and later, weak links break because <>. +This applies to both the UI and the API. +This issue will be fixed 8.0.1 and 8.1.0. For more information, refer to {kibana-issue}123550[#123550]. + +*Impact* + +Saved objects in 7.x that are migrated during upgrade are **not** impacted. +Only _new_ saved objects that are imported or copied _multiple times_ (causing object IDs to change) are impacted. +If you are impacted, you can re-import or re-copy your saved objects after the fix is +implemented to preserve the weak links. +==== + +[float] +[[features-8.0.0]] +=== Features +For information about the features introduced in 8.0.0, refer to <>. + +Elastic Security:: +For the Elastic Security 8.0.0 release information, refer to {security-guide}/release-notes.html[_Elastic Security Solution Release Notes_]. + +To review the features in previous versions, refer to the following: + +<> | <> | <> | <> + +[[enhancements-and-bug-fixes-v8.0.0]] +=== Enhancements and bug fixes + +For detailed information about the 8.0.0 release, review the enhancements and bug fixes. + +[float] +[[enhancement-v8.0.0]] +==== Enhancements +Dashboard:: +Clone ReferenceOrValueEmbeddables by value {kibana-pull}122199[#122199] + +Elastic Security:: +For the Elastic Security 8.0.0 release information, refer to {security-guide}/release-notes.html[_Elastic Security Solution Release Notes_]. + +[float] +[[fixes-v8.0.0]] +==== Bug Fixes +APM:: +Restrict aggregated transaction metrics search to date range {kibana-pull}123445[#123445] + +Elastic Security:: +For the Elastic Security 8.0.0 release information, refer to {security-guide}/release-notes.html[_Elastic Security Solution Release Notes_]. + +Fleet:: +Allow empty strings for required text fields in package policies {kibana-pull}123610[#123610] + +Maps:: +Fixes Label border color is not removed from legend when disabled {kibana-pull}122705[#122705] + +Monitoring:: +Ensure logstash getNodes always contains a uuid {kibana-pull}124201[#124201] + +Security:: +Long-running requests no longer cause sporadic logouts in certain cases, even when user sessions are active {kibana-pull}122155[#122155] + [[release-notes-8.0.0-rc2]] == {kib} 8.0.0-rc2 @@ -29,8 +163,6 @@ For information about the {kib} 8.0.0-rc2 release, review the following informat Breaking changes can prevent your application from optimal operation and performance. Before you upgrade, review the breaking change, then mitigate the impact to your application. -// tag::notable-breaking-changes[] - [discrete] [[breaking-122722]] .Removes the ability to use `elasticsearch.username: elastic` in production @@ -42,14 +174,12 @@ In production, you are no longer able to use the `elastic` superuser to authenti *Impact* + When you configure `elasticsearch.username: elastic`, {kib} fails. ==== - -// end::notable-breaking-changes[] To review the breaking changes in previous versions, refer to the following: <> | <> | <> | <> - + [float] [[features-8.0.0-rc2]] === Features @@ -1304,7 +1434,7 @@ Use the `xpack.monitoring.clusterAlertsEmail` in kibana.yml. ==== [float] -[[enhancements-and-bug-fixes-v8.0.0]] +[[enhancements-and-bug-fixes-v8.0.0-alpha1]] === Bug fix The 8.0.0-alpha1 release includes the following bug fix. diff --git a/docs/developer/advanced/sharing-saved-objects.asciidoc b/docs/developer/advanced/sharing-saved-objects.asciidoc index 9a009e6ad49b7..beff7cc007b6d 100644 --- a/docs/developer/advanced/sharing-saved-objects.asciidoc +++ b/docs/developer/advanced/sharing-saved-objects.asciidoc @@ -405,8 +405,8 @@ necessary. However, such handling of secondary objects is not considered critica ==== 4. What is a "legacy URL alias"? As depicted above, when an object is converted to become share-capable, if it exists in a non-Default space, its ID gets changed. To -preserve its old ID, we also create a special object called a _legacy URL alias_ ("alias" for short); this alias retains the target object's -old ID (_sourceId_), and it contains a pointer to the target object's new ID (_targetId_). +preserve its old ID, we also create a special object called a <> ("alias" for short); this alias +retains the target object's old ID (_sourceId_), and it contains a pointer to the target object's new ID (_targetId_). Aliases are meant to be mostly invisible to end-users by design. There is no UI to manage them directly. Our vision is that aliases will be used as a stop-gap to help us through the 8.0 upgrade process, but we will nudge users away from relying on aliases so we can eventually @@ -473,3 +473,7 @@ change any other data flows to use `resolve()`. External plugins (those not shipped with {kib}) can use this guide to convert any isolated objects to become share-capable or fully shareable! If you are an external plugin developer, the steps are the same, but you don't need to worry about getting anything done before a specific release. The only thing you need to know is that your plugin cannot convert your objects until the 8.0 release. + +==== 8. How will users be impacted? + +Refer to <> documentation for more details how users should expect to be impacted. diff --git a/docs/developer/architecture/core/index.asciidoc b/docs/developer/architecture/core/index.asciidoc index 53720a593d3f2..6c70205c3590d 100644 --- a/docs/developer/architecture/core/index.asciidoc +++ b/docs/developer/architecture/core/index.asciidoc @@ -36,9 +36,3 @@ The services that core provides are: * <> * <> * <> - - - - - - diff --git a/docs/setup/upgrade/logging-configuration-changes.asciidoc b/docs/developer/architecture/core/logging-configuration-migration.asciidoc similarity index 89% rename from docs/setup/upgrade/logging-configuration-changes.asciidoc rename to docs/developer/architecture/core/logging-configuration-migration.asciidoc index 4d5f5f732536e..4a9d03d3b5312 100644 --- a/docs/setup/upgrade/logging-configuration-changes.asciidoc +++ b/docs/developer/architecture/core/logging-configuration-migration.asciidoc @@ -2,7 +2,7 @@ [[logging-config-changes]] === Logging configuration changes -WARNING: {kib} 8.0 and later uses a new logging system. Be sure to read the documentation for your version of {kib} before proceeding. +WARNING: {kib} 8.0.0 and later uses a new logging system. Before you upgrade, read the documentation for your {kib} version. [[logging-pattern-format-old-and-new-example]] [options="header"] diff --git a/docs/developer/architecture/development-visualize-index.asciidoc b/docs/developer/architecture/development-visualize-index.asciidoc index d41ee32c1fb27..b941cdedf9df9 100644 --- a/docs/developer/architecture/development-visualize-index.asciidoc +++ b/docs/developer/architecture/development-visualize-index.asciidoc @@ -19,7 +19,7 @@ We would recommend waiting until later in `7.x` to upgrade your plugins if possi If you would like to keep up with progress on the visualizations plugin in the meantime, here are a few resources: -* The <> documentation, where we try to capture any changes to the APIs as they occur across minors. +* The <> documentation, where we try to capture any changes to the APIs as they occur across minors. * link:https://github.com/elastic/kibana/issues/44121[Meta issue] which is tracking the move of the plugin to the new {kib} platform * Our link:https://www.elastic.co/blog/join-our-elastic-stack-workspace-on-slack[Elastic Stack workspace on Slack]. * The {kib-repo}blob/{branch}/src/plugins/visualizations[source code], which will continue to be diff --git a/docs/developer/architecture/index.asciidoc b/docs/developer/architecture/index.asciidoc index 774292f513f03..90a0972d65f2f 100644 --- a/docs/developer/architecture/index.asciidoc +++ b/docs/developer/architecture/index.asciidoc @@ -40,6 +40,8 @@ include::core/http-service.asciidoc[leveloffset=+1] include::core/logging-service.asciidoc[leveloffset=+1] +include::core/logging-configuration-migration.asciidoc[leveloffset=+1] + include::core/saved-objects-service.asciidoc[leveloffset=+1] include::core/uisettings-service.asciidoc[leveloffset=+1] diff --git a/docs/index.asciidoc b/docs/index.asciidoc index ec1a99fa5bffc..668a6edcad3db 100644 --- a/docs/index.asciidoc +++ b/docs/index.asciidoc @@ -24,8 +24,6 @@ include::user/index.asciidoc[] include::accessibility.asciidoc[] -include::migration.asciidoc[] - include::CHANGELOG.asciidoc[] include::developer/index.asciidoc[] diff --git a/docs/management/managing-saved-objects.asciidoc b/docs/management/managing-saved-objects.asciidoc index b9859575051af..3901d178e1461 100644 --- a/docs/management/managing-saved-objects.asciidoc +++ b/docs/management/managing-saved-objects.asciidoc @@ -126,3 +126,5 @@ WARNING: Validation is not performed for object properties. Submitting an invali change will render the object unusable. A more failsafe approach is to use *Discover* or *Dashboard* to create new objects instead of directly editing an existing one. + +include::saved-objects/saved-object-ids.asciidoc[] diff --git a/docs/management/saved-objects/saved-object-ids.asciidoc b/docs/management/saved-objects/saved-object-ids.asciidoc new file mode 100644 index 0000000000000..a09f91ee361cd --- /dev/null +++ b/docs/management/saved-objects/saved-object-ids.asciidoc @@ -0,0 +1,87 @@ +[[saved-object-ids]] +=== Saved Object IDs + +In the past, many saved object types could have the same ID in different <>. For example, if you copied dashboard "123" +from the one space to another space, the second dashboard would also have an ID of "123". While the saved object ID is not something +that users would interact with directly, many aspects of {kib} rely on it, notably URLs. If you have a "deep link" URL to a saved dashboard, +that URL includes the saved object ID. + +**Starting in the 8.0 release**, {kib} requires most saved objects to have _globally unique_ IDs. This is a change that we needed to make to +support sharing saved objects to multiple spaces. Most saved objects cannot be shared to multiple spaces _yet_, but we needed to start +enforcing globally unique object IDs first. + +We have made several enhancements to minimize the impact, and this document describes what you need to know about the changes and +how it will affect you. + +[[saved-object-ids-impact-upon-upgrading]] +==== Impact upon upgrading to 8.x + +Every time you upgrade {kib}, <>. When you +first upgrade from 7.x to 8.x, this migration process will start enforcing globally unique saved object IDs. + +In practical terms, **any old saved objects that exist in a custom space will have their IDs changed to a new UUID**, while saved objects in +the Default space will be unchanged. This is how we can ensure that every saved object ID is unique. For example: if you had dashboard "123" +in the Default space and dashboard "123" in Another space, after the upgrade you would have dashboard "123" in the Default space and +dashboard "456" in Another space. + +[[saved-object-ids-impact-when-using]] +==== Impact when using 8.x + +After you upgrade, or if you set up a new {kib} instance using 8.x, there are a few more things that behave differently. + +[[saved-object-ids-impact-when-using-legacy-urls]] +===== Accessing saved objects using old URLs + +When you upgrade {kib} and saved object IDs change, the "deep link" URLs to access those saved objects will also change. To reduce the impact, +each existing URL is preserved with a special <>. This means that if you use a bookmark for +a saved object ID that was changed, you'll be redirected to the new URL for that saved object. + +[[saved-object-ids-impact-when-using-import-and-copy]] +===== Importing and copying saved objects + +When you <>, {kib} effectively +<>. In this way, copying a saved object has always behaved +like an import. In this document when we say "import", it applies to both features. + +Historically, whether you imported or copied a saved object, {kib} would create _at most_ one copy of a saved object in that space. If you +imported the saved object multiple times, {kib} would overwrite the existing object, because it used the same ID. Since saved object IDs are +now globally unique, {kib} maintains this functionality by tracking each saved object's _origin_. When you import an object in 8.x, {kib} +uses either the saved object ID _or_ the origin to determine its destination. + +If you import a saved object using the "Check for existing objects" option -- whether it was exported from 7.x or 8.x -- {kib} will +take the following steps: + +1. If {kib} finds a matching saved object with the exact same ID in the target space, that will be the import destination -- you can **overwrite** that +destination or **skip** it. + +2. Otherwise, if {kib} finds a matching saved object with a _different_ ID that has the same origin, that will be the import destination +-- again, you can **overwrite** that destination or **skip** it. + +3. Otherwise, if a saved object with the exact same ID exists in a _different_ space, then {kib} will generate a random ID for the import +destination, preserving the saved object's origin. + +4. Otherwise, {kib} creates the saved object with the given ID. + +For example, you have a saved object in an `export.ndjson` file, and you set up a brand new {kib} instance. You attempt to import the saved +object using the "Check for existing objects" and "Automatically overwrite conflicts" options. The first time you import the saved object, +{kib} will create a new object with the same ID (step 4 above). If you import it again, {kib} will find that object and overwrite it (step 1 +above). If you then create a _different_ space and import it there, {kib} will create a new object with a random ID (step 3 above). Finally, +if you import it into the second space again, {kib} will find the second object with a matching origin and overwrite it (step 2 above). + +WARNING: When you import a saved object and it is created with a different ID, if 1. it contains weak links to other saved objects (such as +a dashboard with a Markdown URL to navigate to another dashboard) and 2. the object's ID has changed (step 3 above), those weak links will +be broken. For more information, refer to <>. + +[[saved-object-ids-impact-when-using-apis]] +===== Using the saved objects APIs + +If you are using the saved objects APIs directly, you should be aware of these changes: + +* When using the <> or <> API, you may encounter + <> that **cannot** be overridden using the `overwrite: true` + option. This can occur if there is already a saved object with this ID in a _different_ space, or if there is a legacy URL alias for this + ID in the same space. +* When using the <> or <> API, objects can potentially be + created with a different ID as described above. +* When using the <> API, if the saved object exists in multiple spaces, it can only be deleted by using the + <>. diff --git a/docs/migration/migrate_8_0.asciidoc b/docs/migration/migrate_8_0.asciidoc index 8936e41762c69..18be9a9364c22 100644 --- a/docs/migration/migrate_8_0.asciidoc +++ b/docs/migration/migrate_8_0.asciidoc @@ -7,8 +7,6 @@ This section discusses the changes that you need to be aware of when migrating your application to Kibana 8.0. -coming[8.0.0] - See also <> and <>. * <> diff --git a/docs/redirects.asciidoc b/docs/redirects.asciidoc index 0ca518c3a8788..2c9d48813781a 100644 --- a/docs/redirects.asciidoc +++ b/docs/redirects.asciidoc @@ -386,17 +386,22 @@ This content has moved. Refer to <>. This content has moved. Refer to <>. -[role="exclude",id="logging-configuration-changes"] -== Logging configuration changes - -This content has moved. Refer to <>. - [role="exclude",id="upgrade-migrations"] == Upgrade migrations This content has moved. Refer to <>. +[role="exclude",id="upgrade-standard"] +== Standard Upgrade + +This content has moved. Refer to {stack-ref}/upgrading-kibana.html[Upgrade Kibana]. + [role="exclude",id="upgrade-assistant"] == Upgrade Assistant This content has moved. Refer to {kibana-ref-all}/7.17/upgrade-assistant.html[Upgrade Assistant]. + +[role="exclude",id="brew"] +== Install {kib} on macOS with Homebrew + +This page has been deleted. Refer to <>. diff --git a/docs/settings/apm-settings.asciidoc b/docs/settings/apm-settings.asciidoc index 27ea7f4dc7cd0..7441621f441f9 100644 --- a/docs/settings/apm-settings.asciidoc +++ b/docs/settings/apm-settings.asciidoc @@ -74,7 +74,7 @@ Changing these settings may disable features of the APM App. | Index name where Observability annotations are stored. Defaults to `observability-annotations`. | `xpack.apm.searchAggregatedTransactions` {ess-icon} - | experimental[] Enables Transaction histogram metrics. Defaults to `never` and aggregated transactions are not used. When set to `auto`, the UI will use metric indices over transaction indices for transactions if aggregated transactions are found. When set to `always`, additional configuration in APM Server is required. + | Enables Transaction histogram metrics. Defaults to `auto` so the UI will use metric indices over transaction indices for transactions if aggregated transactions are found. When set to `always`, additional configuration in APM Server is required. When set to `never` and aggregated transactions are not used. See {apm-guide-ref}/transaction-metrics.html[Configure transaction metrics] for more information. | `xpack.apm.metricsInterval` {ess-icon} diff --git a/docs/settings/security-settings.asciidoc b/docs/settings/security-settings.asciidoc index 56d08ee24efe1..787efa64f0775 100644 --- a/docs/settings/security-settings.asciidoc +++ b/docs/settings/security-settings.asciidoc @@ -8,10 +8,6 @@ You do not need to configure any additional settings to use the {security-features} in {kib}. They are enabled by default. -[float] -[[general-security-settings]] -==== General security settings - [float] [[authentication-security-settings]] ==== Authentication security settings @@ -46,123 +42,80 @@ xpack.security.authc: <3> Specifies the settings for the SAML authentication provider with a `saml1` name. <4> Specifies the settings for the SAML authentication provider with a `saml2` name. -The valid settings in the `xpack.security.authc.providers` namespace vary depending on the authentication provider type. For more information, refer to <>. - [float] [[authentication-provider-settings]] -===== Valid settings for all authentication providers - -[cols="2*<"] -|=== -| `xpack.security.authc.providers.` -`..enabled` {ess-icon} -| Determines if the authentication provider should be enabled. By default, {kib} enables the provider as soon as you configure any of its properties. - -| `xpack.security.authc.providers.` -`..order` {ess-icon} -| Order of the provider in the authentication chain and on the Login Selector UI. - -| `xpack.security.authc.providers.` -`..description` {ess-icon} -| Custom description of the provider entry displayed on the Login Selector UI. - -| `xpack.security.authc.providers.` -`..hint` {ess-icon} -| Custom hint for the provider entry displayed on the Login Selector UI. - -| `xpack.security.authc.providers.` -`..icon` {ess-icon} -| Custom icon for the provider entry displayed on the Login Selector UI. - -| `xpack.security.authc.providers..` -`.showInSelector` {ess-icon} -| Flag that indicates if the provider should have an entry on the Login Selector UI. Setting this to `false` doesn't remove the provider from the authentication chain. - -2+a| -[TIP] -[NOTE] -============ -You are unable to set this setting to `false` for `basic` and `token` authentication providers. -============ - -| `xpack.security.authc.providers..` -`.accessAgreement.message` {ess-icon} -| Access agreement text in Markdown format. For more information, refer to <>. - -| [[xpack-security-provider-session-idleTimeout]] `xpack.security.authc.providers..` -`.session.idleTimeout` {ess-icon} -| Ensures that user sessions will expire after a period of inactivity. Setting this to `0` will prevent sessions from expiring because of inactivity. By default, this setting is equal to <>. - -2+a| -[TIP] -============ -Use a string of `[ms\|s\|m\|h\|d\|w\|M\|Y]` (e.g. '20m', '24h', '7d', '1w'). -============ - -| [[xpack-security-provider-session-lifespan]] `xpack.security.authc.providers..` -`.session.lifespan` {ess-icon} -| Ensures that user sessions will expire after the defined time period. This behavior is also known as an "absolute timeout". If -this is set to `0`, user sessions could stay active indefinitely. By default, this setting is equal to <>. +==== Valid settings for all authentication providers + +The valid settings in the `xpack.security.authc.providers` namespace vary depending on the authentication provider type. For more information, refer to <>. + +xpack.security.authc.providers...enabled {ess-icon}:: +Determines if the authentication provider should be enabled. By default, {kib} enables the provider as soon as you configure any of its properties. + +xpack.security.authc.providers...order {ess-icon}:: +Order of the provider in the authentication chain and on the Login Selector UI. + +xpack.security.authc.providers...description {ess-icon}:: +Custom description of the provider entry displayed on the Login Selector UI. -2+a| -[TIP] -============ -Use a string of `[ms\|s\|m\|h\|d\|w\|M\|Y]` (e.g. '20m', '24h', '7d', '1w'). -============ +xpack.security.authc.providers...hint {ess-icon}:: +Custom hint for the provider entry displayed on the Login Selector UI. -|=== +xpack.security.authc.providers...icon {ess-icon}:: +Custom icon for the provider entry displayed on the Login Selector UI. + +xpack.security.authc.providers...showInSelector {ess-icon}:: +Flag that indicates if the provider should have an entry on the Login Selector UI. Setting this to `false` doesn't remove the provider from the authentication chain. ++ +NOTE: You are unable to set this setting to `false` for `basic` and `token` authentication providers. + +xpack.security.authc.providers...accessAgreement.message {ess-icon}:: +Access agreement text in Markdown format. For more information, refer to <>. + +[[xpack-security-provider-session-idleTimeout]] xpack.security.authc.providers...session.idleTimeout {ess-icon}:: +Ensures that user sessions will expire after a period of inactivity. Setting this to `0` will prevent sessions from expiring because of inactivity. By default, this setting is equal to <>. ++ +NOTE: Use a string of `[ms\|s\|m\|h\|d\|w\|M\|Y]` (e.g. '20m', '24h', '7d', '1w'). + +[[xpack-security-provider-session-lifespan]] xpack.security.authc.providers...session.lifespan {ess-icon}:: +Ensures that user sessions will expire after the defined time period. This behavior is also known as an "absolute timeout". If +this is set to `0`, user sessions could stay active indefinitely. By default, this setting is equal to <>. ++ +NOTE: Use a string of `[ms\|s\|m\|h\|d\|w\|M\|Y]` (e.g. '20m', '24h', '7d', '1w'). [float] [[saml-authentication-provider-settings]] -===== SAML authentication provider settings +==== SAML authentication provider settings In addition to <>, you can specify the following settings: -[cols="2*<"] -|=== -| `xpack.security.authc.providers.` -`saml..realm` {ess-icon} -| SAML realm in {es} that provider should use. +xpack.security.authc.providers.saml..realm {ess-icon}:: +SAML realm in {es} that provider should use. -| `xpack.security.authc.providers.` -`saml..useRelayStateDeepLink` {ess-icon} -| Determines if the provider should treat the `RelayState` parameter as a deep link in {kib} during Identity Provider initiated log in. By default, this setting is set to `false`. The link specified in `RelayState` should be a relative, URL-encoded {kib} URL. For example, the `/app/dashboards#/list` link in `RelayState` parameter would look like this: `RelayState=%2Fapp%2Fdashboards%23%2Flist`. - -|=== +xpack.security.authc.providers.saml..useRelayStateDeepLink {ess-icon}:: +Determines if the provider should treat the `RelayState` parameter as a deep link in {kib} during Identity Provider initiated log in. By default, this setting is set to `false`. The link specified in `RelayState` should be a relative, URL-encoded {kib} URL. For example, the `/app/dashboards#/list` link in `RelayState` parameter would look like this: `RelayState=%2Fapp%2Fdashboards%23%2Flist`. [float] [[oidc-authentication-provider-settings]] -===== OpenID Connect authentication provider settings +==== OpenID Connect authentication provider settings In addition to <>, you can specify the following settings: -[cols="2*<"] -|=== -| `xpack.security.authc.providers.` -`oidc..realm` {ess-icon} -| OpenID Connect realm in {es} that the provider should use. - -|=== +xpack.security.authc.providers.oidc..realm {ess-icon}:: +OpenID Connect realm in {es} that the provider should use. [float] [[anonymous-authentication-provider-settings]] -===== Anonymous authentication provider settings +==== Anonymous authentication provider settings In addition to <>, you can specify the following settings: -[NOTE] -============ -You can configure only one anonymous provider per {kib} instance. -============ - -[cols="2*<"] -|=== -| `xpack.security.authc.providers.` -`anonymous..credentials` {ess-icon} -| Credentials that {kib} should use internally to authenticate anonymous requests to {es}. Possible values are: username and password, API key, or the constant `elasticsearch_anonymous_user` if you want to leverage {ref}/anonymous-access.html[{es} anonymous access]. - -2+a| For example: +NOTE: You can configure only one anonymous provider per {kib} instance. +xpack.security.authc.providers.anonymous..credentials {ess-icon}:: +Credentials that {kib} should use internally to authenticate anonymous requests to {es}. Possible values are: username and password, API key, or the constant `elasticsearch_anonymous_user` if you want to leverage {ref}/anonymous-access.html[{es} anonymous access]. ++ +For example: ++ [source,yaml] ---------------------------------------- # Username and password credentials @@ -187,45 +140,35 @@ xpack.security.authc.providers.anonymous.anonymous1: credentials: "elasticsearch_anonymous_user" ---------------------------------------- -|=== - [float] [[http-authentication-settings]] -===== HTTP authentication settings +==== HTTP authentication settings There is a very limited set of cases when you'd want to change these settings. For more information, refer to <>. -[cols="2*<"] -|=== -| `xpack.security.authc.http.enabled` -| Determines if HTTP authentication should be enabled. By default, this setting is set to `true`. - -| `xpack.security.authc.http.autoSchemesEnabled` -| Determines if HTTP authentication schemes used by the enabled authentication providers should be automatically supported during HTTP authentication. By default, this setting is set to `true`. +xpack.security.authc.http.enabled:: +Determines if HTTP authentication should be enabled. By default, this setting is set to `true`. -| `xpack.security.authc.http.schemes[]` -| List of HTTP authentication schemes that {kib} HTTP authentication should support. By default, this setting is set to `['apikey', 'bearer']` to support HTTP authentication with the <> and <> schemes. +xpack.security.authc.http.autoSchemesEnabled:: +Determines if HTTP authentication schemes used by the enabled authentication providers should be automatically supported during HTTP authentication. By default, this setting is set to `true`. -|=== +xpack.security.authc.http.schemes[]:: +List of HTTP authentication schemes that {kib} HTTP authentication should support. By default, this setting is set to `['apikey', 'bearer']` to support HTTP authentication with the <> and <> schemes. [float] [[login-ui-settings]] -===== Login user interface settings +==== Login user interface settings You can configure the following settings in the `kibana.yml` file. -[cols="2*<"] -|=== -| `xpack.security.loginAssistanceMessage` {ess-icon} -| Adds a message to the login UI. Useful for displaying information about maintenance windows, links to corporate sign up pages, and so on. +xpack.security.loginAssistanceMessage {ess-icon}:: +Adds a message to the login UI. Useful for displaying information about maintenance windows, links to corporate sign up pages, and so on. -| `xpack.security.loginHelp` {ess-icon} -| Adds a message accessible at the login UI with additional help information for the login process. +xpack.security.loginHelp {ess-icon}:: +Adds a message accessible at the login UI with additional help information for the login process. -| `xpack.security.authc.selector.enabled` {ess-icon} -| Determines if the login selector UI should be enabled. By default, this setting is set to `true` if more than one authentication provider is configured. - -|=== +xpack.security.authc.selector.enabled {ess-icon}:: +Determines if the login selector UI should be enabled. By default, this setting is set to `true` if more than one authentication provider is configured. [float] [[security-session-and-cookie-settings]] @@ -233,81 +176,49 @@ You can configure the following settings in the `kibana.yml` file. You can configure the following settings in the `kibana.yml` file. -[cols="2*<"] -|=== -| `xpack.security.cookieName` - | Sets the name of the cookie used for the session. The default value is `"sid"`. - -|[[xpack-security-encryptionKey]] `xpack.security.encryptionKey` - | An arbitrary string of 32 characters or more that is used to encrypt session information. Do **not** expose this key to users of {kib}. By - default, a value is automatically generated in memory. If you use that default - behavior, all sessions are invalidated when {kib} restarts. - In addition, high-availability deployments of {kib} will behave unexpectedly - if this setting isn't the same for all instances of {kib}. - -|[[xpack-security-secureCookies]] `xpack.security.secureCookies` - | Sets the `secure` flag of the session cookie. The default value is `false`. It - is automatically set to `true` if <> is set to `true`. Set - this to `true` if SSL is configured outside of {kib} (for example, you are - routing requests through a load balancer or proxy). - -| [[xpack-security-sameSiteCookies]] `xpack.security.sameSiteCookies` {ess-icon} - | Sets the `SameSite` attribute of the session cookie. This allows you to declare whether your cookie should be restricted to a first-party or same-site context. - Valid values are `Strict`, `Lax`, `None`. - This is *not set* by default, which modern browsers will treat as `Lax`. If you use Kibana embedded in an iframe in modern browsers, you might need to set it to `None`. Setting this value to `None` requires cookies to be sent over a secure connection by setting <>: `true`. - -|[[xpack-session-idleTimeout]] `xpack.security.session.idleTimeout` {ess-icon} - | Ensures that user sessions will expire after a period of inactivity. This and <> are both -highly recommended. You can also specify this setting for <>. If this is set to `0`, then sessions will never expire due to inactivity. By default, this value is 8 hours. - -2+a| -[TIP] -============ -Use a string of `[ms\|s\|m\|h\|d\|w\|M\|Y]` (e.g. '20m', '24h', '7d', '1w'). -============ - -|[[xpack-session-lifespan]] `xpack.security.session.lifespan` {ess-icon} - | Ensures that user sessions will expire after the defined time period. This behavior is also known as an "absolute timeout". If -this is set to `0`, user sessions could stay active indefinitely. This and <> are both highly -recommended. You can also specify this setting for <>. By default, this value is 30 days. +xpack.security.cookieName:: +Sets the name of the cookie used for the session. The default value is `"sid"`. -2+a| -[TIP] -============ -Use a string of `[ms\|s\|m\|h\|d\|w\|M\|Y]` (e.g. '20m', '24h', '7d', '1w'). -============ +[[xpack-security-encryptionKey]] xpack.security.encryptionKey:: +An arbitrary string of 32 characters or more that is used to encrypt session information. Do **not** expose this key to users of {kib}. By default, a value is automatically generated in memory. If you use that default behavior, all sessions are invalidated when {kib} restarts. In addition, high-availability deployments of {kib} will behave unexpectedly if this setting isn't the same for all instances of {kib}. -| `xpack.security.session.cleanupInterval` {ess-icon} -| Sets the interval at which {kib} tries to remove expired and invalid sessions from the session index. By default, this value is 1 hour. The minimum value is 10 seconds. +[[xpack-security-secureCookies]] xpack.security.secureCookies:: +Sets the `secure` flag of the session cookie. The default value is `false`. It +is automatically set to `true` if <> is set to `true`. Set this to `true` if SSL is configured outside of {kib} (for example, you are routing requests through a load balancer or proxy). -2+a| -[TIP] -============ -Use a string of `[ms\|s\|m\|h\|d\|w\|M\|Y]` (e.g. '20m', '24h', '7d', '1w'). -============ +[[xpack-security-sameSiteCookies]] xpack.security.sameSiteCookies {ess-icon}:: +Sets the `SameSite` attribute of the session cookie. This allows you to declare whether your cookie should be restricted to a first-party or same-site context. +Valid values are `Strict`, `Lax`, `None`. +This is *not set* by default, which modern browsers will treat as `Lax`. If you use Kibana embedded in an iframe in modern browsers, you might need to set it to `None`. Setting this value to `None` requires cookies to be sent over a secure connection by setting <>: `true`. -|=== +[[xpack-session-idleTimeout]] xpack.security.session.idleTimeout {ess-icon}:: +Ensures that user sessions will expire after a period of inactivity. This and <> are both highly recommended. You can also specify this setting for <>. If this is set to `0`, then sessions will never expire due to inactivity. By default, this value is 8 hours. ++ +NOTE: Use a string of `[ms\|s\|m\|h\|d\|w\|M\|Y]` (e.g. '20m', '24h', '7d', '1w'). + +[[xpack-session-lifespan]] xpack.security.session.lifespan {ess-icon}:: +Ensures that user sessions will expire after the defined time period. This behavior is also known as an "absolute timeout". If this is set to `0`, user sessions could stay active indefinitely. This and <> are both highly +recommended. You can also specify this setting for <>. By default, this value is 30 days. ++ +TIP: Use a string of `[ms\|s\|m\|h\|d\|w\|M\|Y]` (e.g. '20m', '24h', '7d', '1w'). + +xpack.security.session.cleanupInterval {ess-icon}:: +Sets the interval at which {kib} tries to remove expired and invalid sessions from the session index. By default, this value is 1 hour. The minimum value is 10 seconds. ++ +TIP: Use a string of `[ms\|s\|m\|h\|d\|w\|M\|Y]` (e.g. '20m', '24h', '7d', '1w'). [[security-encrypted-saved-objects-settings]] ==== Encrypted saved objects settings These settings control the encryption of saved objects with sensitive data. For more details, refer to <>. -[IMPORTANT] -============ -In high-availability deployments, make sure you use the same encryption and decryption keys for all instances of {kib}. Although the keys can be specified in clear text in `kibana.yml`, it's recommended to store them securely in the <>. -============ +IMPORTANT: In high-availability deployments, make sure you use the same encryption and decryption keys for all instances of {kib}. Although the keys can be specified in clear text in `kibana.yml`, it's recommended to store them securely in the <>. -[cols="2*<"] -|=== -| [[xpack-encryptedSavedObjects-encryptionKey]] `xpack.encryptedSavedObjects.` -`encryptionKey` -| An arbitrary string of at least 32 characters that is used to encrypt sensitive properties of saved objects before they're stored in {es}. If not set, {kib} will generate a random key on startup, but certain features won't be available until you set the encryption key explicitly. +[[xpack-encryptedSavedObjects-encryptionKey]] xpack.encryptedSavedObjects.encryptionKey:: +An arbitrary string of at least 32 characters that is used to encrypt sensitive properties of saved objects before they're stored in {es}. If not set, {kib} will generate a random key on startup, but certain features won't be available until you set the encryption key explicitly. -| [[xpack-encryptedSavedObjects-keyRotation-decryptionOnlyKeys]] `xpack.encryptedSavedObjects.` -`keyRotation.decryptionOnlyKeys` -| An optional list of previously used encryption keys. Like <>, these must be at least 32 characters in length. {kib} doesn't use these keys for encryption, but may still require them to decrypt some existing saved objects. Use this setting if you wish to change your encryption key, but don't want to lose access to saved objects that were previously encrypted with a different key. -|=== +[[xpack-encryptedSavedObjects-keyRotation-decryptionOnlyKeys]] xpack.encryptedSavedObjects.keyRotation.decryptionOnlyKeys:: +An optional list of previously used encryption keys. Like <>, these must be at least 32 characters in length. {kib} doesn't use these keys for encryption, but may still require them to decrypt some existing saved objects. Use this setting if you wish to change your encryption key, but don't want to lose access to saved objects that were previously encrypted with a different key. [float] [[audit-logging-settings]] @@ -315,18 +226,17 @@ In high-availability deployments, make sure you use the same encryption and decr You can enable audit logging to support compliance, accountability, and security. When enabled, {kib} will capture: -- Who performed an action -- What action was performed -- When the action occurred +* Who performed an action +* What action was performed +* When the action occurred For more details and a reference of audit events, refer to <>. -[cols="2*<"] -|====== -| `xpack.security.audit.enabled` {ess-icon} -| Set to `true` to enable audit logging`. *Default:* `false` - -2+a| For example: +xpack.security.audit.enabled {ess-icon}:: +Set to `true` to enable audit logging`. *Default:* `false` ++ +For example: ++ [source,yaml] ---------------------------------------- xpack.security.audit.enabled: true @@ -346,128 +256,103 @@ xpack.security.audit.appender: <1> <2> Rotates log files every 24 hours. <3> Keeps maximum of 10 log files before deleting older ones. -| `xpack.security.audit.appender` -| Optional. Specifies where audit logs should be written to and how they should be formatted. If no appender is specified, a default appender will be used (see above). - -| `xpack.security.audit.appender.type` -| Required. Specifies where audit logs should be written to. Allowed values are `console`, `file`, or `rolling-file`. +xpack.security.audit.appender:: +Optional. Specifies where audit logs should be written to and how they should be formatted. If no appender is specified, a default appender will be used (see above). +xpack.security.audit.appender.type:: +Required. Specifies where audit logs should be written to. Allowed values are `console`, `file`, or `rolling-file`. ++ Refer to <> and <> for appender specific settings. -| `xpack.security.audit.appender.layout.type` -| Required. Specifies how audit logs should be formatted. Allowed values are `json` or `pattern`. - +xpack.security.audit.appender.layout.type:: +Required. Specifies how audit logs should be formatted. Allowed values are `json` or `pattern`. ++ Refer to <> for layout specific settings. - -2+a| -[TIP] -============ -We recommend using `json` format to allow ingesting {kib} audit logs into {es} using Filebeat. -============ - -|====== ++ +TIP: We recommend using `json` format to allow ingesting {kib} audit logs into {es} using Filebeat. [float] [[audit-logging-file-appender,file appender]] -===== File appender +==== File appender The `file` appender writes to a file and can be configured using the following settings: -[cols="2*<"] -|====== -| `xpack.security.audit.appender.fileName` -| Required. Full file path the log file should be written to. -|====== +xpack.security.audit.appender.fileName:: +Required. Full file path the log file should be written to. [float] [[audit-logging-rolling-file-appender, rolling file appender]] -===== Rolling file appender +==== Rolling file appender The `rolling-file` appender writes to a file and rotates it using a rolling strategy, when a particular policy is triggered: -[cols="2*<"] -|====== -| `xpack.security.audit.appender.fileName` -| Required. Full file path the log file should be written to. - -| `xpack.security.audit.appender.policy.type` -| Specifies when a rollover should occur. Allowed values are `size-limit` and `time-interval`. *Default:* `time-interval`. +xpack.security.audit.appender.fileName:: +Required. Full file path the log file should be written to. +xpack.security.audit.appender.policy.type:: +Specifies when a rollover should occur. Allowed values are `size-limit` and `time-interval`. *Default:* `time-interval`. ++ Refer to <> and <> for policy specific settings. -| `xpack.security.audit.appender.strategy.type` -| Specifies how the rollover should occur. Only allowed value is currently `numeric`. *Default:* `numeric` +xpack.security.audit.appender.strategy.type:: +Specifies how the rollover should occur. Only allowed value is currently `numeric`. *Default:* `numeric` ++ Refer to <> for strategy specific settings. -|====== [float] [[audit-logging-size-limit-policy, size limit policy]] -===== Size limit triggering policy +==== Size limit triggering policy The `size-limit` triggering policy will rotate the file when it reaches a certain size: -[cols="2*<"] -|====== -| `xpack.security.audit.appender.policy.size` -| Maximum size the log file should reach before a rollover should be performed. *Default:* `100mb` -|====== +xpack.security.audit.appender.policy.size:: +Maximum size the log file should reach before a rollover should be performed. *Default:* `100mb` [float] [[audit-logging-time-interval-policy, time interval policy]] -===== Time interval triggering policy +==== Time interval triggering policy The `time-interval` triggering policy will rotate the file every given interval of time: -[cols="2*<"] -|====== -| `xpack.security.audit.appender.policy.interval` -| How often a rollover should occur. *Default:* `24h` +xpack.security.audit.appender.policy.interval:: +How often a rollover should occur. *Default:* `24h` -| `xpack.security.audit.appender.policy.modulate` -| Whether the interval should be adjusted to cause the next rollover to occur on the interval boundary. *Default:* `true` -|====== +xpack.security.audit.appender.policy.modulate:: +Whether the interval should be adjusted to cause the next rollover to occur on the interval boundary. *Default:* `true` [float] [[audit-logging-numeric-strategy, numeric strategy]] -===== Numeric rolling strategy +==== Numeric rolling strategy The `numeric` rolling strategy will suffix the log file with a given pattern when rolling over, and will retain a fixed number of rolled files: -[cols="2*<"] -|====== -| `xpack.security.audit.appender.strategy.pattern` -| Suffix to append to the file name when rolling over. Must include `%i`. *Default:* `-%i` +xpack.security.audit.appender.strategy.pattern:: +Suffix to append to the file name when rolling over. Must include `%i`. *Default:* `-%i` -| `xpack.security.audit.appender.strategy.max` -| Maximum number of files to keep. Once this number is reached, oldest files will be deleted. *Default:* `7` -|====== +xpack.security.audit.appender.strategy.max:: +Maximum number of files to keep. Once this number is reached, oldest files will be deleted. *Default:* `7` [float] [[audit-logging-pattern-layout, pattern layout]] -===== Pattern layout +==== Pattern layout The `pattern` layout outputs a string, formatted using a pattern with special placeholders, which will be replaced with data from the actual log message: -[cols="2*<"] -|====== -| `xpack.security.audit.appender.layout.pattern` -| Optional. Specifies how the log line should be formatted. *Default:* `[%date][%level][%logger]%meta %message` +xpack.security.audit.appender.layout.pattern:: +Optional. Specifies how the log line should be formatted. *Default:* `[%date][%level][%logger]%meta %message` -| `xpack.security.audit.appender.layout.highlight` -| Optional. Set to `true` to enable highlighting log messages with colors. -|====== +xpack.security.audit.appender.layout.highlight:: +Optional. Set to `true` to enable highlighting log messages with colors. [float] [[audit-logging-ignore-filters]] -===== Ignore filters - -[cols="2*<"] -|====== -| `xpack.security.audit.ignore_filters[]` {ess-icon} -| List of filters that determine which events should be excluded from the audit log. An event will get filtered out if at least one of the provided filters matches. - -2+a| For example: +==== Ignore filters +xpack.security.audit.ignore_filters[] {ess-icon}:: +List of filters that determine which events should be excluded from the audit log. An event will get filtered out if at least one of the provided filters matches. ++ +For example: ++ [source,yaml] ---------------------------------------- xpack.security.audit.ignore_filters: @@ -478,15 +363,14 @@ xpack.security.audit.ignore_filters: <1> Filters out HTTP request events <2> Filters out any data write events -| `xpack.security.audit.ignore_filters[].actions[]` {ess-icon} -| List of values matched against the `event.action` field of an audit event. Refer to <> for a list of available events. +xpack.security.audit.ignore_filters[].actions[] {ess-icon}:: +List of values matched against the `event.action` field of an audit event. Refer to <> for a list of available events. -| `xpack.security.audit.ignore_filters[].categories[]` {ess-icon} -| List of values matched against the `event.category` field of an audit event. Refer to https://www.elastic.co/guide/en/ecs/1.5/ecs-allowed-values-event-category.html[ECS categorization field] for allowed values. +xpack.security.audit.ignore_filters[].categories[] {ess-icon}:: +List of values matched against the `event.category` field of an audit event. Refer to https://www.elastic.co/guide/en/ecs/1.5/ecs-allowed-values-event-category.html[ECS categorization field] for allowed values. -| `xpack.security.audit.ignore_filters[].types[]` {ess-icon} -| List of values matched against the `event.type` field of an audit event. Refer to https://www.elastic.co/guide/en/ecs/1.5/ecs-allowed-values-event-type.html[ECS type field] for allowed values. +xpack.security.audit.ignore_filters[].types[] {ess-icon}:: +List of values matched against the `event.type` field of an audit event. Refer to https://www.elastic.co/guide/en/ecs/1.5/ecs-allowed-values-event-type.html[ECS type field] for allowed values. -| `xpack.security.audit.ignore_filters[].outcomes[]` {ess-icon} -| List of values matched against the `event.outcome` field of an audit event. Refer to https://www.elastic.co/guide/en/ecs/1.5/ecs-allowed-values-event-outcome.html[ECS outcome field] for allowed values. -|====== +xpack.security.audit.ignore_filters[].outcomes[] {ess-icon}:: +List of values matched against the `event.outcome` field of an audit event. Refer to https://www.elastic.co/guide/en/ecs/1.5/ecs-allowed-values-event-outcome.html[ECS outcome field] for allowed values. \ No newline at end of file diff --git a/docs/setup/install.asciidoc b/docs/setup/install.asciidoc index 8b64bdf5fe2a2..ac49946d877bc 100644 --- a/docs/setup/install.asciidoc +++ b/docs/setup/install.asciidoc @@ -46,12 +46,6 @@ downloaded from the Elastic Docker Registry. + <> -`brew`:: - -Formulae are available from the Elastic Homebrew tap for installing {kib} on macOS with the Homebrew package manager. -+ -<> - IMPORTANT: If your Elasticsearch installation is protected by {ref}/elasticsearch-security.html[{stack-security-features}] see {kibana-ref}/using-kibana-with-security.html[Configuring security in {kib}] for @@ -66,5 +60,3 @@ include::install/deb.asciidoc[] include::install/rpm.asciidoc[] include::{kib-repo-dir}/setup/docker.asciidoc[] - -include::install/brew.asciidoc[] diff --git a/docs/setup/install/brew-running.asciidoc b/docs/setup/install/brew-running.asciidoc deleted file mode 100644 index d73102b098ec1..0000000000000 --- a/docs/setup/install/brew-running.asciidoc +++ /dev/null @@ -1,9 +0,0 @@ -==== Run {kib} with `brew services` - -With Homebrew, Kibana can be started and stopped as follows: - -[source,sh] --------------------------------------------------- -brew services start elastic/tap/kibana-full -brew services stop elastic/tap/kibana-full --------------------------------------------------- diff --git a/docs/setup/install/brew.asciidoc b/docs/setup/install/brew.asciidoc deleted file mode 100644 index eeba869a259d4..0000000000000 --- a/docs/setup/install/brew.asciidoc +++ /dev/null @@ -1,65 +0,0 @@ -[[brew]] -=== Install {kib} on macOS with Homebrew -++++ -Install on macOS with Homebrew -++++ - -Elastic publishes Homebrew formulae so you can install {kib} with the https://brew.sh/[Homebrew] package manager. - -To install with Homebrew, you first need to tap the Elastic Homebrew repository: - -[source,sh] -------------------------- -brew tap elastic/tap -------------------------- - -Once you've tapped the Elastic Homebrew repo, you can use `brew install` to -install the **latest version** of {kib}: - -[source,sh] -------------------------- -brew install elastic/tap/kibana-full -------------------------- - -[[brew-layout]] -==== Directory layout for Homebrew installs - -When you install {kib} with `brew install`, the config files, logs, -and data directory are stored in the following locations. - -[cols="> -when required. +When required, {kib} automatically migrates <>. In case of an upgrade failure, you can roll back to an earlier version of {kib}. To roll back, you **must** have a {ref}/snapshot-restore.html[backup snapshot] that includes the `kibana` feature -state. Snapshots include this feature state by default. +state. By default, snapshots include the `kibana` feature state. ==== -For more information about upgrading, +For more information about upgrading, refer to {stack-ref}/upgrading-elastic-stack.html[Upgrading to Elastic {version}.] -IMPORTANT: You can upgrade to pre-release versions for testing, -but upgrading from a pre-release to the General Available version is not supported. -Pre-releases should only be used for testing in a temporary environment. +IMPORTANT: You can upgrade to pre-release versions for testing, +but upgrading from a pre-release to the General Available version is unsupported. +You should use pre-release versions only for testing in a temporary environment. + +[float] +=== Upgrading multiple {kib} instances +When upgrading several {kib} instances connected to the same {es} cluster, +ensure that all outdated instances are shut down before starting the upgrade. + +Rolling upgrades are unsupported in {kib}. However, when outdated instances are shut down, you can start all upgraded instances in parallel, +which allows all instances to participate in the upgrade migration in parallel. + +For large deployments with more than 10 {kib} instances, and more than 10,000 saved objects, +you can reduce the upgrade downtime by bringing up a single {kib} instance and waiting for it to +complete the upgrade migration before bringing up the remaining instances. + +[float] +[[preventing-migration-failures]] +=== Preparing for migration + +There are extra steps you can follow to ensure you are ready for migration. + +[float] +==== Ensure your {es} cluster is healthy +Problems with your {es} cluster can prevent {kib} upgrades from succeeding. Ensure that your cluster has: + + * Enough free disk space, at least twice the amount of storage taken up by the `.kibana` and `.kibana_task_manager` indices + * Sufficient heap size + * A "green" cluster status + +[float] +==== Ensure that all {kib} instances are the same +When you perform an upgrade migration of different {kib} versions, the migration can fail. +Ensure that all {kib} instances are running the same version, configuration, and plugins. + +[float] +==== Back up your data +Be sure to have a {ref}/snapshot-restore.html[snapshot] of all your data before attempting a migration. +If something goes wrong during migration, you can restore from the snapshot and try again. + +Review the <> and how to prevent them. + + +include::upgrade/saved-objects-migration.asciidoc[] -include::upgrade/upgrade-migrations.asciidoc[leveloffset=-1] +include::upgrade/resolving-migration-failures.asciidoc[] -include::upgrade/logging-configuration-changes.asciidoc[] +include::upgrade/rollback-migration.asciidoc[] diff --git a/docs/setup/upgrade/resolving-migration-failures.asciidoc b/docs/setup/upgrade/resolving-migration-failures.asciidoc new file mode 100644 index 0000000000000..454dfe948fe4e --- /dev/null +++ b/docs/setup/upgrade/resolving-migration-failures.asciidoc @@ -0,0 +1,125 @@ +[[resolve-migrations-failures]] +=== Resolve migration failures + +Migrating {kib} primarily involves migrating saved object documents to be compatible +with the new version. + +[float] +==== Resolve saved object migration failures + +If {kib} unexpectedly terminates while migrating a saved object index, {kib} automatically attempts to +perform the migration again when the process restarts. Do not delete any saved objects indices to +to fix a failed migration. Unlike previous versions, {kib} 7.12.0 and +later does not require deleting indices to release a failed migration lock. + +If upgrade migrations fail repeatedly, refer to +<>. +When you address the root cause for the migration failure, +{kib} automatically retries the migration. +If you're unable to resolve a failed migration, contact Support. + + +[float] +[[upgrade-migrations-old-indices]] +==== Handle old `.kibana_N` indices + +After the migrations complete, multiple {kib} indices are created in {es}: (`.kibana_1`, `.kibana_2`, `.kibana_7.12.0` etc). +{kib} only uses the index that the `.kibana` and `.kibana_task_manager` aliases point to. +The other {kib} indices can be safely deleted, but are left around as a matter of historical record, and to facilitate rolling {kib} back to a previous version. + +[float] +==== Handle known issues with {fleet} beta +If you see a`timeout_exception` or `receive_timeout_transport_exception` error, +it might be from a known known issue in 7.12.0 if you tried the {fleet} beta. +Upgrade migrations fail because of a large number of documents in the `.kibana` index, +which causes {kib} to log errors such as: + +[source,sh] +-------------------------------------------- +Error: Unable to complete saved object migrations for the [.kibana] index. Please check the health of your Elasticsearch cluster and try again. Error: [receive_timeout_transport_exception]: [instance-0000000002][10.32.1.112:19541][cluster:monitor/task/get] request_id [2648] timed out after [59940ms] + +Error: Unable to complete saved object migrations for the [.kibana] index. Please check the health of your Elasticsearch cluster and try again. Error: [timeout_exception]: Timed out waiting for completion of [org.elasticsearch.index.reindex.BulkByScrollTask@6a74c54] +-------------------------------------------- + +For instructions on how to mitigate the known issue, refer to https://github.com/elastic/kibana/issues/95321[the GitHub issue]. + + +[float] +==== Handle corrupt saved objects +To find and remedy problems caused by corrupt documents, we highly recommend testing your {kib} upgrade in a development cluster, +especially when there are custom integrations that create saved objects in your environment. + +Saved objects that are corrupted through manual editing or integrations cause migration +failures with a log message, such as `Unable to migrate the corrupt Saved Object document ...`. +For a successful upgrade migration, you must fix or delete corrupt documents. + +For example, you receive the following error message: + +[source,sh] +-------------------------------------------- +Unable to migrate the corrupt saved object document with _id: 'marketing_space:dashboard:e3c5fc71-ac71-4805-bcab-2bcc9cc93275'. To allow migrations to proceed, please delete this document from the [.kibana_7.12.0_001] index. +-------------------------------------------- + +To delete the documents that cause migrations to fail, take the following steps: + +. Remove the write block which the migration system has placed on the previous index: ++ +[source,sh] +-------------------------------------------- +PUT .kibana_7.12.1_001/_settings +{ + "index": { + "blocks.write": false + } +} +-------------------------------------------- + +. Delete the corrupt document: ++ +[source,sh] +-------------------------------------------- +DELETE .kibana_7.12.0_001/_doc/marketing_space:dashboard:e3c5fc71-ac71-4805-bcab-2bcc9cc93275 +-------------------------------------------- + +. Restart {kib}. ++ +The dashboard with the `e3c5fc71-ac71-4805-bcab-2bcc9cc93275` ID that belongs to the `marketing_space` space **is no longer available**. + +[float] +[[unknown-saved-object-types]] +==== Handle documents for unknown saved objects +Migrations will fail if saved objects belong to an unknown +saved object type. Unknown saved objects are typically caused by +to the {es} index, or by disabling a plugin that had previously +created a saved object. + +We recommend using the {kibana-ref-all}/7.17/upgrade-assistant.html[Upgrade Assistant] +to discover and remedy any unknown saved object types. {kib} version 7.17.0 deployments containing unknown saved +object types will also log the following warning message: + +[source,sh] +-------------------------------------------- +CHECK_UNKNOWN_DOCUMENTS Upgrades will fail for 8.0+ because documents were found for unknown saved object types. To ensure that upgrades will succeed in the future, either re-enable plugins or delete these documents from the ".kibana_7.17.0_001" index after the current upgrade completes. +-------------------------------------------- + +If you fail to remedy this, your upgrade to 8.0+ will fail with a message like: + +[source,sh] +-------------------------------------------- +Unable to complete saved object migrations for the [.kibana] index: Migration failed because documents were found for unknown saved object types. To proceed with the migration, please delete these documents from the ".kibana_7.17.0_001" index. +-------------------------------------------- + +[float] +==== Handle incompatible settings or mappings +Matching index templates that specify `settings.refresh_interval` or +`mappings` are known to interfere with {kib} upgrades. +This can happen when index templates are defined manually. + +To make sure the index templates won't apply to new `.kibana*` indices, narrow down the {data-sources} of any user-defined index templates. + +[float] +==== Handle incompatible `xpack.tasks.index` configuration setting +In {kib} 7.5.0 and earlier, when the task manager index is set to `.tasks` +with the configuration setting `xpack.tasks.index: ".tasks"`, +upgrade migrations fail. In {kib} 7.5.1 and later, the incompatible configuration +setting prevents upgrade migrations from starting. diff --git a/docs/setup/upgrade/rollback-migration.asciidoc b/docs/setup/upgrade/rollback-migration.asciidoc new file mode 100644 index 0000000000000..1b87d0f335b8c --- /dev/null +++ b/docs/setup/upgrade/rollback-migration.asciidoc @@ -0,0 +1,41 @@ +[[upgrade-migrations-rolling-back]] +=== Roll back to a previous version of {kib} + +If you've followed <> +and <>, and +{kib} is still unable to successfully upgrade, rollback {kib} until +you're able to identify and fix the root cause. + +WARNING: Before you roll back {kib}, ensure that the version you want to roll back to is compatible with +your {es} cluster. If the version you want to roll back to is not compatible, you must also rollback {es}. +Any changes made after an upgrade are lost when you roll back to a previous version. + +To roll back after a failed upgrade migration, you must also rollback the saved object indices to be compatible with the previous {kib} version. + +[float] +==== Roll back by restoring a backup snapshot + +. Before proceeding, {ref}/snapshots-take-snapshot.html[take a snapshot] that contains the `kibana` feature state. + By default, snapshots include the `kibana` feature state. +. To make sure no {kib} instances are performing an upgrade migration, shut down all {kib} instances. +. To delete all saved object indices, use `DELETE /.kibana*`. +. {ref}/snapshots-restore-snapshot.html[Restore] the `kibana` feature state from the snapshot. +. Start all {kib} instances on the older version you want to rollback to. + +[float] +==== (Not recommended) Roll back without a backup snapshot + +. To make sure no {kib} instances are performing an upgrade migration, shut down all {kib} instances. +. {ref}/snapshots-take-snapshot.html[Take a snapshot] that includes the `kibana` feature state. By default, snapshots include the `kibana` feature state. +. Delete the version-specific indices created by the failed upgrade migration. ++ +For example, to rollback from a failed upgrade +to v7.12.0, use `DELETE /.kibana_7.12.0_*,.kibana_task_manager_7.12.0_*`. +. Inspect the output of `GET /_cat/aliases`. ++ +If the `.kibana` or `.kibana_task_manager` aliases are missing, you must create them manually. +Find the latest index from the output of `GET /_cat/indices` and create the missing alias to point to the latest index. +For example, if the `.kibana` alias is missing, and the latest index is `.kibana_3`, create a new alias using `POST /.kibana_3/_aliases/.kibana`. +. To remove the write block from the roll back indices, use +`PUT /.kibana,.kibana_task_manager/_settings {"index.blocks.write": false}` +. Start {kib} on the older version you want to rollback to. diff --git a/docs/setup/upgrade/saved-objects-migration.asciidoc b/docs/setup/upgrade/saved-objects-migration.asciidoc new file mode 100644 index 0000000000000..cc4406f8cdd1f --- /dev/null +++ b/docs/setup/upgrade/saved-objects-migration.asciidoc @@ -0,0 +1,39 @@ +[[saved-object-migrations]] +=== Migrate saved objects + +Each time you upgrade {kib}, an upgrade migration is performed to ensure that all <> are compatible with the new version. + +NOTE: To help you prepare for the upgrade to 8.0.0, 7.17.0 includes an https://www.elastic.co/guide/en/kibana/7.17/upgrade-assistant.html[*Upgrade Assistant*]. +To access the assistant, go to *Stack Management > Upgrade Assistant*. + +WARNING: {kib} 7.12.0 and later uses a new migration process and index naming scheme. Before you upgrade, read the documentation for your version of {kib}. + +WARNING: The following instructions assumes {kib} is using the default index names. If the `kibana.index` or `xpack.tasks.index` configuration settings are different from the default, adapt the instructions accordingly. + +[float] +[[upgrade-migrations-process]] +==== How saved objects migrations work + +Saved objects are stored in two indices: + +* `.kibana_{kibana_version}_001`, e.g. for {kib} 7.12.0 `.kibana_7.12.0_001`. +* `.kibana_task_manager_{kibana_version}_001`, e.g. for {kib} 7.12.0 `.kibana_task_manager_7.12.0_001`. + +The index aliases `.kibana` and `.kibana_task_manager` always point to +the most up-to-date saved object indices. + +When you start a new {kib} installation, an upgrade migration is performed before starting plugins or serving HTTP traffic. +Before you upgrade, shut down old nodes to prevent losing acknowledged writes. +To reduce the likelihood of old nodes losing acknowledged writes, {kib} 7.12.0 and later +adds a write block to the outdated index. Table 1 lists the saved objects indices used by previous {kib} versions. + +.Saved object indices and aliases per {kib} version +[options="header"] +|======================= +|Upgrading from version | Outdated index (alias) +| 6.5.0 through 7.3.x | `.kibana_N` (`.kibana` alias) +| 7.4.0 through 7.11.x +| `.kibana_N` (`.kibana` alias) + +`.kibana_task_manager_N` (`.kibana_task_manager` alias) +|======================= diff --git a/docs/setup/upgrade/upgrade-migrations.asciidoc b/docs/setup/upgrade/upgrade-migrations.asciidoc deleted file mode 100644 index 7136011a4f8f8..0000000000000 --- a/docs/setup/upgrade/upgrade-migrations.asciidoc +++ /dev/null @@ -1,194 +0,0 @@ -[float] -[[saved-object-migrations]] -=== Saved object migrations - -Every time {kib} is upgraded it will perform an upgrade migration to ensure that all <> are compatible with the new version. - -NOTE: 6.7 includes an https://www.elastic.co/guide/en/kibana/6.7/upgrade-assistant.html[Upgrade Assistant] -to help you prepare for your upgrade to 7.0. To access the assistant, go to *Management > 7.0 Upgrade Assistant*. - -WARNING: {kib} 7.12.0 and later uses a new migration process and index naming scheme. Be sure to read the documentation for your version of {kib} before proceeding. - -WARNING: The following instructions assumes {kib} is using the default index names. If the `kibana.index` or `xpack.tasks.index` configuration settings were changed these instructions will have to be adapted accordingly. - -[float] -[[upgrade-migrations-process]] -==== Background - -Saved objects are stored in two indices: - -* `.kibana_{kibana_version}_001`, e.g. for Kibana v7.12.0 `.kibana_7.12.0_001`. -* `.kibana_task_manager_{kibana_version}_001`, e.g. for Kibana v7.12.0 `.kibana_task_manager_7.12.0_001`. - -The index aliases `.kibana` and `.kibana_task_manager` will always point to -the most up-to-date saved object indices. - -The first time a newer {kib} starts, it will first perform an upgrade migration before starting plugins or serving HTTP traffic. To prevent losing acknowledged writes old nodes should be shutdown before starting the upgrade. To reduce the likelihood of old nodes losing acknowledged writes, {kib} 7.12.0 and later will add a write block to the outdated index. Table 1 lists the saved objects indices used by previous versions of {kib}. - -.Saved object indices and aliases per {kib} version -[options="header"] -|======================= -|Upgrading from version | Outdated index (alias) -| 6.0.0 through 6.4.x | `.kibana` - -`.kibana_task_manager_7.12.0_001` (`.kibana_task_manager` alias) -| 6.5.0 through 7.3.x | `.kibana_N` (`.kibana` alias) -| 7.4.0 through 7.11.x -| `.kibana_N` (`.kibana` alias) - -`.kibana_task_manager_N` (`.kibana_task_manager` alias) -|======================= - -==== Upgrading multiple {kib} instances -When upgrading several {kib} instances connected to the same {es} cluster, ensure that all outdated instances are shutdown before starting the upgrade. - -Kibana does not support rolling upgrades. However, once outdated instances are shutdown, all upgraded instances can be started in parallel in which case all instances will participate in the upgrade migration in parallel. - -For large deployments with more than 10 {kib} instances and more than 10 000 saved objects, the upgrade downtime can be reduced by bringing up a single {kib} instance and waiting for it to complete the upgrade migration before bringing up the remaining instances. - -[float] -[[preventing-migration-failures]] -==== Preventing migration failures -This section highlights common causes of {kib} upgrade failures and how to prevent them. - -[float] -===== timeout_exception or receive_timeout_transport_exception -There is a known issue in v7.12.0 for users who tried the fleet beta. Upgrade migrations fail because of a large number of documents in the `.kibana` index. - -This can cause Kibana to log errors like: - -[source,sh] --------------------------------------------- -Error: Unable to complete saved object migrations for the [.kibana] index. Please check the health of your Elasticsearch cluster and try again. Error: [receive_timeout_transport_exception]: [instance-0000000002][10.32.1.112:19541][cluster:monitor/task/get] request_id [2648] timed out after [59940ms] - -Error: Unable to complete saved object migrations for the [.kibana] index. Please check the health of your Elasticsearch cluster and try again. Error: [timeout_exception]: Timed out waiting for completion of [org.elasticsearch.index.reindex.BulkByScrollTask@6a74c54] --------------------------------------------- - -Instructions to work around this issue are in https://github.com/elastic/kibana/issues/95321[this GitHub issue]. - -[float] -===== Corrupt saved objects -We highly recommend testing your {kib} upgrade in a development cluster to discover and remedy problems caused by corrupt documents, especially when there are custom integrations creating saved objects in your environment. - -Saved objects that were corrupted through manual editing or integrations will cause migration -failures with a log message like `Unable to migrate the corrupt Saved Object document ...`. -Corrupt documents will have to be fixed or deleted before an upgrade migration can succeed. - -For example, given the following error message: - -[source,sh] --------------------------------------------- -Unable to migrate the corrupt saved object document with _id: 'marketing_space:dashboard:e3c5fc71-ac71-4805-bcab-2bcc9cc93275'. To allow migrations to proceed, please delete this document from the [.kibana_7.12.0_001] index. --------------------------------------------- - -The following steps must be followed to delete the document that is causing the migration to fail: - -. Remove the write block which the migration system has placed on the previous index: -+ -[source,sh] --------------------------------------------- -PUT .kibana_7.12.1_001/_settings -{ - "index": { - "blocks.write": false - } -} --------------------------------------------- - -. Delete the corrupt document: -+ -[source,sh] --------------------------------------------- -DELETE .kibana_7.12.0_001/_doc/marketing_space:dashboard:e3c5fc71-ac71-4805-bcab-2bcc9cc93275 --------------------------------------------- - -. Restart {kib}. -+ -In this example, the Dashboard with ID `e3c5fc71-ac71-4805-bcab-2bcc9cc93275` that belongs to the space `marketing_space` **will no longer be available**. - -Be sure you have a snapshot before you delete the corrupt document. If restoring from a snapshot is not an option, it is recommended to also delete the `temp` and `target` indices the migration created before restarting {kib} and retrying. - -[float] -===== User defined index templates that causes new `.kibana*` indices to have incompatible settings or mappings -Matching index templates which specify `settings.refresh_interval` or `mappings` are known to interfere with {kib} upgrades. - -Prevention: narrow down the index patterns of any user-defined index templates to ensure that these won't apply to new `.kibana*` indices. - -NOTE: {kib} < 6.5 creates it's own index template called `kibana_index_template:.kibana` -and uses an index pattern of `.kibana`. This index template will not interfere and does not need to be changed or removed. - -[float] -===== An unhealthy {es} cluster -Problems with your {es} cluster can prevent {kib} upgrades from succeeding. Ensure that your cluster has: - - * Enough free disk space, at least twice the amount of storage taken up by the `.kibana` and `.kibana_task_manager` indices - * Sufficient heap size - * A "green" cluster status - -[float] -===== Different versions of {kib} connected to the same {es} index -When different versions of {kib} are attempting an upgrade migration in parallel this can lead to migration failures. Ensure that all {kib} instances are running the same version, configuration and plugins. - -[float] -===== Incompatible `xpack.tasks.index` configuration setting -For {kib} versions prior to 7.5.1, if the task manager index is set to `.tasks` with the configuration setting `xpack.tasks.index: ".tasks"`, upgrade migrations will fail. {kib} 7.5.1 and later prevents this by refusing to start with an incompatible configuration setting. - -[float] -[[resolve-migrations-failures]] -==== Resolving migration failures - -If {kib} terminates unexpectedly while migrating a saved object index it will automatically attempt to -perform the migration again once the process has restarted. Do not delete any saved objects indices to -attempt to fix a failed migration. Unlike previous versions, {kib} version 7.12.0 and -later does not require deleting any indices to release a failed migration lock. - -If upgrade migrations fail repeatedly, follow the advice in -<>. -Once the root cause for the migration failure has been addressed, -{kib} will automatically retry the migration without any further intervention. -If you're unable to resolve a failed migration following these steps, please contact support. - -[float] -[[upgrade-migrations-rolling-back]] -==== Rolling back to a previous version of {kib} - -If you've followed the advice in <> -and <> and -{kib} is still not able to upgrade successfully, you might choose to rollback {kib} until -you're able to identify and fix the root cause. - -WARNING: Before rolling back {kib}, ensure that the version you wish to rollback to is compatible with -your {es} cluster. If the version you're rolling back to is not compatible, you will have to also rollback {es}. -Any changes made after an upgrade will be lost when rolling back to a previous version. - -In order to rollback after a failed upgrade migration, the saved object indices have to be -rolled back to be compatible with the previous {kib} version. - -[float] -===== Rollback by restoring a backup snapshot: - -1. Before proceeding, {ref}/snapshots-take-snapshot.html[take a snapshot] that contains the `kibana` feature state. - Snapshots include this feature state by default. -2. Shutdown all {kib} instances to be 100% sure that there are no instances currently performing a migration. -3. Delete all saved object indices with `DELETE /.kibana*` -4. {ref}/snapshots-restore-snapshot.html[Restore] the `kibana` feature state from the snapshot. -5. Start up all {kib} instances on the older version you wish to rollback to. - -[float] -===== (Not recommended) Rollback without a backup snapshot: - -1. Shutdown all {kib} instances to be 100% sure that there are no {kib} instances currently performing a migration. -2. {ref}/snapshots-take-snapshot.html[Take a snapshot] that includes the `kibana` feature state. Snapshots include this feature state by default. -3. Delete the version specific indices created by the failed upgrade migration. For example, if you wish to rollback from a failed upgrade to v7.12.0 `DELETE /.kibana_7.12.0_*,.kibana_task_manager_7.12.0_*` -4. Inspect the output of `GET /_cat/aliases`. -If either the `.kibana` and/or `.kibana_task_manager` alias is missing, these will have to be created manually. -Find the latest index from the output of `GET /_cat/indices` and create the missing alias to point to the latest index. -For example. if the `.kibana` alias was missing and the latest index is `.kibana_3` create a new alias with `POST /.kibana_3/_aliases/.kibana`. -5. Remove the write block from the rollback indices. `PUT /.kibana,.kibana_task_manager/_settings {"index.blocks.write": false}` -6. Start up {kib} on the older version you wish to rollback to. - -[float] -[[upgrade-migrations-old-indices]] -==== Handling old `.kibana_N` indices - -After migrations have completed, there will be multiple {kib} indices in {es}: (`.kibana_1`, `.kibana_2`, `.kibana_7.12.0` etc). {kib} only uses the index that the `.kibana` and `.kibana_task_manager` alias points to. The other {kib} indices can be safely deleted, but are left around as a matter of historical record, and to facilitate rolling {kib} back to a previous version. diff --git a/docs/setup/upgrade/upgrade-standard.asciidoc b/docs/setup/upgrade/upgrade-standard.asciidoc index b43da6aef9765..6854ead7531a8 100644 --- a/docs/setup/upgrade/upgrade-standard.asciidoc +++ b/docs/setup/upgrade/upgrade-standard.asciidoc @@ -1,8 +1,8 @@ [[upgrade-standard]] === Standard upgrade -NOTE: 6.7 includes an https://www.elastic.co/guide/en/kibana/6.7/upgrade-assistant.html[Upgrade Assistant] -to help you prepare for your upgrade to 7.0. To access the assistant, go to *Management > 7.0 Upgrade Assistant*. +NOTE: 7.17 includes an https://www.elastic.co/guide/en/kibana/7.17/upgrade-assistant.html[Upgrade Assistant] +to help you prepare for your upgrade to 8.0. To access the assistant, go to *Stack Management > Upgrade Assistant*. [IMPORTANT] =========================================== @@ -29,15 +29,9 @@ Different versions of {kib} running against the same {es} index, such as during . Use `rpm` or `dpkg` to install the new package. All files should be placed in their proper locations and config files should not be overwritten. + -[NOTE] --- -{kib} 4.x used a different config location than 5.0+, so if you're upgrading -from 4.x, you will need to copy the configurations from your old config -(`/opt/kibana/config/kibana.yml`) to your new config -(`/etc/kibana/kibana.yml`). Make sure you remove or update any configurations -that are indicated in the <> documentation +that are indicated in the <> documentation otherwise {kib} will fail to start. -- . Upgrade any plugins by removing the existing plugin and reinstalling the @@ -58,7 +52,7 @@ and becomes a new instance in the monitoring data. -- . Copy the files from the `config` directory from your old installation to your new installation. Make sure you remove or update any configurations that are - indicated in the <> documentation + indicated in the <> documentation otherwise {kib} will fail to start. . Copy the files from the `data` directory from your old installation to your new installation. diff --git a/docs/user/dashboard/tsvb.asciidoc b/docs/user/dashboard/tsvb.asciidoc index a1bad870dde46..a097e34b20911 100644 --- a/docs/user/dashboard/tsvb.asciidoc +++ b/docs/user/dashboard/tsvb.asciidoc @@ -191,6 +191,30 @@ For example `dashboards#/view/f193ca90-c9f4-11eb-b038-dd3270053a27`. . In the toolbar, click *Save as*, then make sure *Store time with dashboard* is deselected. ==== +[discrete] +[[how-do-i-base-drilldowns-on-data]] +.*How do I base drilldown URLs on my data?* +[%collapsible] +==== + +You can build drilldown URLs dynamically with your visualization data. + +Do this by adding the `{{key}}` placeholder to your URL + +For example `https://example.org/{{key}}` + +This instructs TSVB to substitute the value from your visualization wherever it sees `{{key}}`. + +If your data contain reserved or invalid URL characters such as "#" or "&", you should apply a transform to URL-encode the key like this `{{encodeURIComponent key}}`. If you are dynamically constructing a drilldown to another location in Kibana (for example, clicking a table row takes to you a value-scoped saved search), you will likely want to Rison-encode your key as it may contain invalid Rison characters. (https://github.com/Nanonid/rison#rison---compact-data-in-uris[Rison] is the serialization format many parts of Kibana use to store information in their URL.) + +For example: `discover#/view/0ac50180-82d9-11ec-9f4a-55de56b00cc0?_a=(filters:!((query:(match_phrase:(foo.keyword:{{rison key}})))))` + +If both conditions apply, you can cover all cases by applying both transforms: `{{encodeURIComponent (rison key)}}`. + +Technical note: TSVB uses https://handlebarsjs.com/[Handlebars] to perform these interpolations. `rison` and `encodeURIComponent` are custom Handlebars helpers provided by Kibana. + +==== + [discrete] [[why-is-my-tsvb-visualiztion-missing-data]] .*Why is my TSVB visualization missing data?* diff --git a/docs/user/whats-new.asciidoc b/docs/user/whats-new.asciidoc index 587f4588bb442..640a824180480 100644 --- a/docs/user/whats-new.asciidoc +++ b/docs/user/whats-new.asciidoc @@ -2,9 +2,7 @@ == What's new in 8.0 This section summarizes the most important changes in each release. For the -full list, see <> and <>. - -coming[8.0.0] +full list, see <> and <>. //NOTE: The notable-highlights tagged regions are re-used in the //Installation and Upgrade Guide diff --git a/package.json b/package.json index 978186d22386d..f7e49c48660fe 100644 --- a/package.json +++ b/package.json @@ -232,7 +232,7 @@ "deep-freeze-strict": "^1.1.1", "deepmerge": "^4.2.2", "del": "^5.1.0", - "elastic-apm-node": "^3.27.0", + "elastic-apm-node": "^3.28.0", "execa": "^4.0.2", "exit-hook": "^2.2.0", "expiry-js": "0.1.7", @@ -732,7 +732,7 @@ "babel-plugin-require-context-hook": "^1.0.0", "babel-plugin-styled-components": "^2.0.2", "babel-plugin-transform-react-remove-prop-types": "^0.4.24", - "backport": "6.1.5", + "backport": "7.0.1", "callsites": "^3.1.0", "chai": "3.5.0", "chance": "1.0.18", @@ -906,4 +906,4 @@ "yargs": "^15.4.1", "zlib": "^1.0.5" } -} \ No newline at end of file +} diff --git a/packages/kbn-pm/dist/index.js b/packages/kbn-pm/dist/index.js index d0fe0f269f6fa..a4b6f4938ddcd 100644 --- a/packages/kbn-pm/dist/index.js +++ b/packages/kbn-pm/dist/index.js @@ -51510,7 +51510,7 @@ async function sortPackageJson(kbn) { await fs_promises__WEBPACK_IMPORTED_MODULE_0___default.a.writeFile(packageJsonPath, JSON.stringify(sort_package_json__WEBPACK_IMPORTED_MODULE_1___default()(JSON.parse(packageJson), { // top level keys in the order they were written when this was implemented sortOrder: ['name', 'description', 'keywords', 'private', 'version', 'branch', 'types', 'tsdocMetadata', 'build', 'homepage', 'bugs', 'kibana', 'author', 'scripts', 'repository', 'engines', 'resolutions'] - }), null, 2)); + }), null, 2) + '\n'); } /***/ }), diff --git a/packages/kbn-pm/src/utils/sort_package_json.ts b/packages/kbn-pm/src/utils/sort_package_json.ts index 0abab6f0f89b4..b4df5355744f1 100644 --- a/packages/kbn-pm/src/utils/sort_package_json.ts +++ b/packages/kbn-pm/src/utils/sort_package_json.ts @@ -42,6 +42,6 @@ export async function sortPackageJson(kbn: Kibana) { }), null, 2 - ) + ) + '\n' ); } diff --git a/src/core/public/application/application_service.tsx b/src/core/public/application/application_service.tsx index 9f5470a2d248e..3010a781b4e9e 100644 --- a/src/core/public/application/application_service.tsx +++ b/src/core/public/application/application_service.tsx @@ -67,8 +67,9 @@ const getAppUrl = (mounters: Map, appId: string, path: string = return appendAppPath(appBasePath, path); }; -const getAppDeepLinkPath = (mounters: Map, appId: string, deepLinkId: string) => { - return mounters.get(appId)?.deepLinkPaths[deepLinkId]; +const getAppDeepLinkPath = (app: App, appId: string, deepLinkId: string) => { + const flattenedLinks = flattenDeepLinks(app.deepLinks); + return flattenedLinks[deepLinkId]; }; const allApplicationsFilter = '__ALL__'; @@ -182,7 +183,6 @@ export class ApplicationService { this.mounters.set(app.id, { appRoute: app.appRoute!, appBasePath: basePath.prepend(app.appRoute!), - deepLinkPaths: toDeepLinkPaths(app.deepLinks), exactRoute: app.exactRoute ?? false, mount: wrapMount(plugin, app), unmountBeforeMounting: false, @@ -242,15 +242,17 @@ export class ApplicationService { ? true : await this.shouldNavigate(overlays, appId); + const targetApp = applications$.value.get(appId); + if (shouldNavigate) { - if (deepLinkId) { - const deepLinkPath = getAppDeepLinkPath(availableMounters, appId, deepLinkId); + if (deepLinkId && targetApp) { + const deepLinkPath = getAppDeepLinkPath(targetApp, appId, deepLinkId); if (deepLinkPath) { path = appendAppPath(deepLinkPath, path); } } if (path === undefined) { - path = applications$.value.get(appId)?.defaultPath; + path = targetApp?.defaultPath; } if (openInNewTab) { this.openInNewTab!(getAppUrl(availableMounters, appId, path)); @@ -290,8 +292,9 @@ export class ApplicationService { deepLinkId, }: { path?: string; absolute?: boolean; deepLinkId?: string } = {} ) => { - if (deepLinkId) { - const deepLinkPath = getAppDeepLinkPath(availableMounters, appId, deepLinkId); + const targetApp = applications$.value.get(appId); + if (deepLinkId && targetApp) { + const deepLinkPath = getAppDeepLinkPath(targetApp, appId, deepLinkId); if (deepLinkPath) { path = appendAppPath(deepLinkPath, path); } @@ -439,12 +442,12 @@ const populateDeepLinkDefaults = (deepLinks?: AppDeepLink[]): AppDeepLink[] => { })); }; -const toDeepLinkPaths = (deepLinks?: AppDeepLink[]): Mounter['deepLinkPaths'] => { +const flattenDeepLinks = (deepLinks?: AppDeepLink[]): Record => { if (!deepLinks) { return {}; } - return deepLinks.reduce((deepLinkPaths: Mounter['deepLinkPaths'], deepLink) => { + return deepLinks.reduce((deepLinkPaths: Record, deepLink) => { if (deepLink.path) deepLinkPaths[deepLink.id] = deepLink.path; - return { ...deepLinkPaths, ...toDeepLinkPaths(deepLink.deepLinks) }; + return { ...deepLinkPaths, ...flattenDeepLinks(deepLink.deepLinks) }; }, {}); }; diff --git a/src/core/public/application/integration_tests/application_service.test.tsx b/src/core/public/application/integration_tests/application_service.test.tsx index 59ef1346ef323..dda029c66f4c3 100644 --- a/src/core/public/application/integration_tests/application_service.test.tsx +++ b/src/core/public/application/integration_tests/application_service.test.tsx @@ -6,6 +6,7 @@ * Side Public License, v 1. */ +import { BehaviorSubject } from 'rxjs'; import { take } from 'rxjs/operators'; import { act } from 'react-dom/test-utils'; import { createMemoryHistory, MemoryHistory } from 'history'; @@ -16,7 +17,7 @@ import { httpServiceMock } from '../../http/http_service.mock'; import { MockLifecycle } from '../test_types'; import { overlayServiceMock } from '../../overlays/overlay_service.mock'; import { themeServiceMock } from '../../theme/theme_service.mock'; -import { AppMountParameters } from '../types'; +import { AppMountParameters, AppUpdater } from '../types'; import { Observable } from 'rxjs'; import { MountPoint } from 'kibana/public'; @@ -134,6 +135,42 @@ describe('ApplicationService', () => { expect(history.entries.map((entry) => entry.pathname)).toEqual(['/', '/app/app1/bar']); }); + + it('handles updated deepLinks', async () => { + const { register } = service.setup(setupDeps); + + const updater$ = new BehaviorSubject(() => ({})); + + register(Symbol(), { + id: 'app1', + title: 'App1', + deepLinks: [], + updater$, + mount: async ({}: AppMountParameters) => { + return () => undefined; + }, + }); + + const { navigateToApp } = await service.start(startDeps); + + updater$.next(() => ({ + deepLinks: [ + { + id: 'deepLink', + title: 'Some deep link', + path: '/deep-link', + }, + ], + })); + + await navigateToApp('app1', { deepLinkId: 'deepLink' }); + + expect(history.entries.map((entry) => entry.pathname)).toEqual([ + '/', + '/app/app1/deep-link', + ]); + }); + //// }); }); diff --git a/src/core/public/application/integration_tests/utils.tsx b/src/core/public/application/integration_tests/utils.tsx index 7ebc12deccd02..9c1969d9f39c7 100644 --- a/src/core/public/application/integration_tests/utils.tsx +++ b/src/core/public/application/integration_tests/utils.tsx @@ -40,14 +40,12 @@ export const createAppMounter = ({ appId, html = `
App ${appId}
`, appRoute = `/app/${appId}`, - deepLinkPaths = {}, exactRoute = false, extraMountHook, }: { appId: string; html?: string; appRoute?: string; - deepLinkPaths?: Record; exactRoute?: boolean; extraMountHook?: (params: AppMountParameters) => void; }): MockedMounterTuple => { @@ -58,7 +56,6 @@ export const createAppMounter = ({ mounter: { appRoute, appBasePath: appRoute, - deepLinkPaths, exactRoute, mount: jest.fn(async (params: AppMountParameters) => { const { appBasePath: basename, element } = params; diff --git a/src/core/public/application/types.ts b/src/core/public/application/types.ts index 9c3294086efcc..187cee8d0a29a 100644 --- a/src/core/public/application/types.ts +++ b/src/core/public/application/types.ts @@ -636,7 +636,6 @@ export interface AppLeaveActionFactory { export interface Mounter { appRoute: string; appBasePath: string; - deepLinkPaths: Record; mount: AppMount; exactRoute: boolean; unmountBeforeMounting?: boolean; diff --git a/src/core/public/application/ui/app_container.test.tsx b/src/core/public/application/ui/app_container.test.tsx index 4434f6c1751e0..5512b4a120714 100644 --- a/src/core/public/application/ui/app_container.test.tsx +++ b/src/core/public/application/ui/app_container.test.tsx @@ -51,7 +51,6 @@ describe('AppContainer', () => { appRoute: '/some-route', unmountBeforeMounting: false, exactRoute: false, - deepLinkPaths: {}, mount: async ({ element }: AppMountParameters) => { await promise; const container = document.createElement('div'); @@ -67,7 +66,6 @@ describe('AppContainer', () => { appRoute: '/some-route', unmountBeforeMounting: false, exactRoute: false, - deepLinkPaths: {}, mount: jest.fn().mockImplementation(({ element }) => { const container = document.createElement('div'); container.innerHTML = 'some-content'; @@ -190,7 +188,6 @@ describe('AppContainer', () => { const mounter = { appBasePath: '/base-path/some-route', appRoute: '/some-route', - deepLinkPaths: {}, unmountBeforeMounting: false, exactRoute: false, mount: async ({ element }: AppMountParameters) => { diff --git a/src/plugins/saved_objects/public/saved_object/saved_object_loader.ts b/src/plugins/dashboard/public/services/saved_object_loader.ts similarity index 95% rename from src/plugins/saved_objects/public/saved_object/saved_object_loader.ts rename to src/plugins/dashboard/public/services/saved_object_loader.ts index 10872b5d9cd1a..521d6645e30f9 100644 --- a/src/plugins/saved_objects/public/saved_object/saved_object_loader.ts +++ b/src/plugins/dashboard/public/services/saved_object_loader.ts @@ -12,9 +12,13 @@ import { SavedObjectsFindOptionsReference, SavedObjectReference, } from 'kibana/public'; -import { SavedObject } from '../types'; -import { StringUtils } from './helpers/string_utils'; +import { SavedObject } from '../../../saved_objects/public'; +import { upperFirst } from './string_utils'; +/** + * @deprecated + * @removeBy 8.0 + */ export interface SavedObjectLoaderFindOptions { size?: number; fields?: string[]; @@ -23,6 +27,8 @@ export interface SavedObjectLoaderFindOptions { /** * @deprecated + * @removeBy 8.0 + * * The SavedObjectLoader class provides some convenience functions * to load and save one kind of saved objects (specified in the constructor). * @@ -46,7 +52,7 @@ export class SavedObjectLoader { this.loaderProperties = { name: `${this.lowercaseType}s`, - noun: StringUtils.upperFirst(this.type), + noun: upperFirst(this.type), nouns: `${this.lowercaseType}s`, }; } diff --git a/src/plugins/dashboard/public/services/saved_objects.ts b/src/plugins/dashboard/public/services/saved_objects.ts index 305ff3c2014f8..afd778d78b271 100644 --- a/src/plugins/dashboard/public/services/saved_objects.ts +++ b/src/plugins/dashboard/public/services/saved_objects.ts @@ -11,11 +11,11 @@ export type { SavedObject, SavedObjectsStart, SavedObjectSaveOpts, - SavedObjectLoaderFindOptions, } from '../../../saved_objects/public'; export { showSaveModal, - SavedObjectLoader, SavedObjectSaveModal, getSavedObjectFinder, } from '../../../saved_objects/public'; +export { SavedObjectLoader } from './saved_object_loader'; +export type { SavedObjectLoaderFindOptions } from './saved_object_loader'; diff --git a/src/plugins/saved_objects/public/saved_object/helpers/string_utils.test.ts b/src/plugins/dashboard/public/services/string_utils.test.ts similarity index 53% rename from src/plugins/saved_objects/public/saved_object/helpers/string_utils.test.ts rename to src/plugins/dashboard/public/services/string_utils.test.ts index 4e7258f1575dc..ed96cb4f1a0a1 100644 --- a/src/plugins/saved_objects/public/saved_object/helpers/string_utils.test.ts +++ b/src/plugins/dashboard/public/services/string_utils.test.ts @@ -6,17 +6,17 @@ * Side Public License, v 1. */ -import { StringUtils } from './string_utils'; +import { upperFirst } from './string_utils'; -describe('StringUtils class', () => { - describe('static upperFirst', () => { +describe('StringUtils', () => { + describe('upperFirst', () => { test('should converts the first character of string to upper case', () => { - expect(StringUtils.upperFirst()).toBe(''); - expect(StringUtils.upperFirst('')).toBe(''); + expect(upperFirst()).toBe(''); + expect(upperFirst('')).toBe(''); - expect(StringUtils.upperFirst('Fred')).toBe('Fred'); - expect(StringUtils.upperFirst('fred')).toBe('Fred'); - expect(StringUtils.upperFirst('FRED')).toBe('FRED'); + expect(upperFirst('Fred')).toBe('Fred'); + expect(upperFirst('fred')).toBe('Fred'); + expect(upperFirst('FRED')).toBe('FRED'); }); }); }); diff --git a/src/plugins/saved_objects/public/saved_object/helpers/string_utils.ts b/src/plugins/dashboard/public/services/string_utils.ts similarity index 55% rename from src/plugins/saved_objects/public/saved_object/helpers/string_utils.ts rename to src/plugins/dashboard/public/services/string_utils.ts index 5d4551f0c200c..31a36b38155d7 100644 --- a/src/plugins/saved_objects/public/saved_object/helpers/string_utils.ts +++ b/src/plugins/dashboard/public/services/string_utils.ts @@ -6,13 +6,11 @@ * Side Public License, v 1. */ -export class StringUtils { - /** - * Returns a version of the string with the first letter capitalized. - * @param str {string} - * @returns {string} - */ - public static upperFirst(str: string = ''): string { - return str ? str.charAt(0).toUpperCase() + str.slice(1) : ''; - } +/** + * Returns a version of the string with the first letter capitalized. + * @param str {string} + * @returns {string} + */ +export function upperFirst(str: string = ''): string { + return str ? str.charAt(0).toUpperCase() + str.slice(1) : ''; } diff --git a/src/plugins/data/common/search/aggs/metrics/lib/sibling_pipeline_agg_helper.ts b/src/plugins/data/common/search/aggs/metrics/lib/sibling_pipeline_agg_helper.ts index da110c1abb7e9..f8c903b8cfe42 100644 --- a/src/plugins/data/common/search/aggs/metrics/lib/sibling_pipeline_agg_helper.ts +++ b/src/plugins/data/common/search/aggs/metrics/lib/sibling_pipeline_agg_helper.ts @@ -30,7 +30,7 @@ const metricAggFilter: string[] = [ '!filtered_metric', '!single_percentile', ]; -const bucketAggFilter: string[] = []; +const bucketAggFilter: string[] = ['!filter', '!sampler', '!diversified_sampler', '!multi_terms']; export const siblingPipelineType = i18n.translate( 'data.search.aggs.metrics.siblingPipelineAggregationsSubtypeTitle', diff --git a/src/plugins/data_view_management/public/components/edit_index_pattern/create_edit_field/create_edit_field.tsx b/src/plugins/data_view_management/public/components/edit_index_pattern/create_edit_field/create_edit_field.tsx index 0f41c08fbc6fe..2d8469975430b 100644 --- a/src/plugins/data_view_management/public/components/edit_index_pattern/create_edit_field/create_edit_field.tsx +++ b/src/plugins/data_view_management/public/components/edit_index_pattern/create_edit_field/create_edit_field.tsx @@ -70,7 +70,11 @@ export const CreateEditField = withRouter( if (spec) { return ( <> - + { - const { application, uiSettings, overlays, chrome, dataViews } = + const { uiSettings, overlays, chrome, dataViews } = useKibana().services; const [fields, setFields] = useState(indexPattern.getNonScriptedFields()); const [conflictedFields, setConflictedFields] = useState( @@ -143,15 +143,16 @@ export const EditIndexPattern = withRouter( const showTagsSection = Boolean(indexPattern.timeFieldName || (tags && tags.length > 0)); const kibana = useKibana(); const docsUrl = kibana.services.docLinks!.links.elasticsearch.mapping; - const userEditPermission = !!application?.capabilities?.indexPatterns?.save; + const userEditPermission = dataViews.getCanSaveSync(); return (
{showTagsSection && ( diff --git a/src/plugins/data_view_management/public/components/edit_index_pattern/index_header/index_header.tsx b/src/plugins/data_view_management/public/components/edit_index_pattern/index_header/index_header.tsx index b64aed5c0811c..e40ef6a7ddf2f 100644 --- a/src/plugins/data_view_management/public/components/edit_index_pattern/index_header/index_header.tsx +++ b/src/plugins/data_view_management/public/components/edit_index_pattern/index_header/index_header.tsx @@ -16,6 +16,7 @@ interface IndexHeaderProps { defaultIndex?: string; setDefault?: () => void; deleteIndexPatternClick?: () => void; + canSave: boolean; } const setDefaultAriaLabel = i18n.translate('indexPatternManagement.editDataView.setDefaultAria', { @@ -40,12 +41,13 @@ export const IndexHeader: React.FC = ({ setDefault, deleteIndexPatternClick, children, + canSave, }) => { return ( {indexPattern.title}} rightSideItems={[ - defaultIndex !== indexPattern.id && setDefault && ( + defaultIndex !== indexPattern.id && setDefault && canSave && ( = ({ /> ), - deleteIndexPatternClick && ( + canSave && (
`; @@ -196,6 +198,8 @@ exports[`IndexedFieldsTable should filter based on the query bar 1`] = ` }, ] } + openModal={[Function]} + theme={Object {}} /> `; @@ -233,6 +237,8 @@ exports[`IndexedFieldsTable should filter based on the schema filter 1`] = ` }, ] } + openModal={[Function]} + theme={Object {}} /> `; @@ -267,6 +273,8 @@ exports[`IndexedFieldsTable should filter based on the type filter 1`] = ` }, ] } + openModal={[Function]} + theme={Object {}} /> `; @@ -366,6 +374,8 @@ exports[`IndexedFieldsTable should render normally 1`] = ` }, ] } + openModal={[Function]} + theme={Object {}} /> `; diff --git a/src/plugins/data_view_management/public/components/edit_index_pattern/indexed_fields_table/indexed_fields_table.test.tsx b/src/plugins/data_view_management/public/components/edit_index_pattern/indexed_fields_table/indexed_fields_table.test.tsx index e179050ca7fe2..c7b92c227a5d9 100644 --- a/src/plugins/data_view_management/public/components/edit_index_pattern/indexed_fields_table/indexed_fields_table.test.tsx +++ b/src/plugins/data_view_management/public/components/edit_index_pattern/indexed_fields_table/indexed_fields_table.test.tsx @@ -97,6 +97,12 @@ const fields = [ }, ].map(mockFieldToIndexPatternField); +const mockedServices = { + userEditPermission: false, + openModal: () => ({ onClose: new Promise(() => {}), close: async () => {} }), + theme: {} as any, +}; + describe('IndexedFieldsTable', () => { test('should render normally', async () => { const component: ShallowWrapper, React.Component<{}, {}, any>> = shallow( @@ -110,8 +116,9 @@ describe('IndexedFieldsTable', () => { indexedFieldTypeFilter={[]} schemaFieldTypeFilter={[]} fieldFilter="" + {...mockedServices} /> - ).dive(); + ); await new Promise((resolve) => process.nextTick(resolve)); component.update(); @@ -131,8 +138,9 @@ describe('IndexedFieldsTable', () => { indexedFieldTypeFilter={[]} schemaFieldTypeFilter={[]} fieldFilter="" + {...mockedServices} /> - ).dive(); + ); await new Promise((resolve) => process.nextTick(resolve)); component.setProps({ fieldFilter: 'Elast' }); @@ -153,8 +161,9 @@ describe('IndexedFieldsTable', () => { indexedFieldTypeFilter={[]} schemaFieldTypeFilter={[]} fieldFilter="" + {...mockedServices} /> - ).dive(); + ); await new Promise((resolve) => process.nextTick(resolve)); component.setProps({ indexedFieldTypeFilter: ['date'] }); @@ -175,8 +184,9 @@ describe('IndexedFieldsTable', () => { indexedFieldTypeFilter={[]} schemaFieldTypeFilter={[]} fieldFilter="" + {...mockedServices} /> - ).dive(); + ); await new Promise((resolve) => process.nextTick(resolve)); component.setProps({ schemaFieldTypeFilter: ['runtime'] }); @@ -198,8 +208,9 @@ describe('IndexedFieldsTable', () => { indexedFieldTypeFilter={[]} schemaFieldTypeFilter={[]} fieldFilter="" + {...mockedServices} /> - ).dive(); + ); await new Promise((resolve) => process.nextTick(resolve)); component.update(); diff --git a/src/plugins/data_view_management/public/components/edit_index_pattern/indexed_fields_table/indexed_fields_table.tsx b/src/plugins/data_view_management/public/components/edit_index_pattern/indexed_fields_table/indexed_fields_table.tsx index 07a3bf50aab53..ad85499009db0 100644 --- a/src/plugins/data_view_management/public/components/edit_index_pattern/indexed_fields_table/indexed_fields_table.tsx +++ b/src/plugins/data_view_management/public/components/edit_index_pattern/indexed_fields_table/indexed_fields_table.tsx @@ -10,10 +10,8 @@ import React, { Component } from 'react'; import { createSelector } from 'reselect'; import { OverlayStart, ThemeServiceStart } from 'src/core/public'; import { DataViewField, DataView } from '../../../../../../plugins/data_views/public'; -import { useKibana } from '../../../../../../plugins/kibana_react/public'; import { Table } from './components/table'; import { IndexedFieldItem } from './types'; -import { IndexPatternManagmentContext } from '../../../types'; interface IndexedFieldsTableProps { fields: DataViewField[]; @@ -36,16 +34,10 @@ interface IndexedFieldsTableState { fields: IndexedFieldItem[]; } -const withHooks = (Comp: typeof Component) => { - return (props: any) => { - const { application } = useKibana().services; - const userEditPermission = !!application?.capabilities?.indexPatterns?.save; - - return ; - }; -}; - -class IndexedFields extends Component { +export class IndexedFieldsTable extends Component< + IndexedFieldsTableProps, + IndexedFieldsTableState +> { constructor(props: IndexedFieldsTableProps) { super(props); @@ -158,5 +150,3 @@ class IndexedFields extends Component { - const { application, docLinks } = useKibana().services; + const { dataViews, docLinks } = useKibana().services; const links = docLinks?.links; - const userEditPermission = !!application?.capabilities?.indexPatterns?.save; + const userEditPermission = dataViews.getCanSaveSync(); return ( diff --git a/src/plugins/data_view_management/public/components/edit_index_pattern/scripted_fields_table/scripted_field_table.test.tsx b/src/plugins/data_view_management/public/components/edit_index_pattern/scripted_fields_table/scripted_field_table.test.tsx index 169b3673001a1..4febfdf0e1219 100644 --- a/src/plugins/data_view_management/public/components/edit_index_pattern/scripted_fields_table/scripted_field_table.test.tsx +++ b/src/plugins/data_view_management/public/components/edit_index_pattern/scripted_fields_table/scripted_field_table.test.tsx @@ -68,9 +68,10 @@ describe('ScriptedFieldsTable', () => { helpers={helpers} painlessDocLink={'painlessDoc'} saveIndexPattern={async () => {}} + userEditPermission={false} scriptedFieldLanguageFilter={[]} /> - ).dive(); + ); // Allow the componentWillMount code to execute // https://github.com/airbnb/enzyme/issues/450 @@ -87,9 +88,10 @@ describe('ScriptedFieldsTable', () => { helpers={helpers} painlessDocLink={'painlessDoc'} saveIndexPattern={async () => {}} + userEditPermission={false} scriptedFieldLanguageFilter={[]} /> - ).dive(); + ); // Allow the componentWillMount code to execute // https://github.com/airbnb/enzyme/issues/450 @@ -119,9 +121,10 @@ describe('ScriptedFieldsTable', () => { painlessDocLink={'painlessDoc'} helpers={helpers} saveIndexPattern={async () => {}} + userEditPermission={false} scriptedFieldLanguageFilter={[]} /> - ).dive(); + ); // Allow the componentWillMount code to execute // https://github.com/airbnb/enzyme/issues/450 @@ -145,9 +148,10 @@ describe('ScriptedFieldsTable', () => { painlessDocLink={'painlessDoc'} helpers={helpers} saveIndexPattern={async () => {}} + userEditPermission={false} scriptedFieldLanguageFilter={[]} /> - ).dive(); + ); // Allow the componentWillMount code to execute // https://github.com/airbnb/enzyme/issues/450 @@ -166,9 +170,10 @@ describe('ScriptedFieldsTable', () => { helpers={helpers} painlessDocLink={'painlessDoc'} saveIndexPattern={async () => {}} + userEditPermission={false} scriptedFieldLanguageFilter={[]} /> - ).dive(); + ); await component.update(); // Fire `componentWillMount()` // @ts-expect-error lang is not valid @@ -194,9 +199,10 @@ describe('ScriptedFieldsTable', () => { helpers={helpers} painlessDocLink={'painlessDoc'} saveIndexPattern={async () => {}} + userEditPermission={false} scriptedFieldLanguageFilter={[]} /> - ).dive(); + ); await component.update(); // Fire `componentWillMount()` // @ts-expect-error diff --git a/src/plugins/data_view_management/public/components/edit_index_pattern/scripted_fields_table/scripted_fields_table.tsx b/src/plugins/data_view_management/public/components/edit_index_pattern/scripted_fields_table/scripted_fields_table.tsx index 1b9d63e2d2c6a..540131c50b236 100644 --- a/src/plugins/data_view_management/public/components/edit_index_pattern/scripted_fields_table/scripted_fields_table.tsx +++ b/src/plugins/data_view_management/public/components/edit_index_pattern/scripted_fields_table/scripted_fields_table.tsx @@ -15,10 +15,8 @@ import { import { Table, Header, CallOuts, DeleteScritpedFieldConfirmationModal } from './components'; import { ScriptedFieldItem } from './types'; -import { IndexPatternManagmentContext } from '../../../types'; import { DataView, DataViewsPublicPluginStart } from '../../../../../../plugins/data_views/public'; -import { useKibana } from '../../../../../../plugins/kibana_react/public'; interface ScriptedFieldsTableProps { indexPattern: DataView; @@ -41,16 +39,10 @@ interface ScriptedFieldsTableState { fields: ScriptedFieldItem[]; } -const withHooks = (Comp: typeof Component) => { - return (props: any) => { - const { application } = useKibana().services; - const userEditPermission = !!application?.capabilities?.indexPatterns?.save; - - return ; - }; -}; - -class ScriptedFields extends Component { +export class ScriptedFieldsTable extends Component< + ScriptedFieldsTableProps, + ScriptedFieldsTableState +> { constructor(props: ScriptedFieldsTableProps) { super(props); @@ -168,5 +160,3 @@ class ScriptedFields extends Component().services; const [fieldFilter, setFieldFilter] = useState(''); const [syncingStateFunc, setSyncingStateFunc] = useState({ @@ -241,7 +241,7 @@ export function Tabs({ [uiSettings] ); - const userEditPermission = !!application?.capabilities?.indexPatterns?.save; + const userEditPermission = dataViews.getCanSaveSync(); const getFilterSection = useCallback( (type: string) => { return ( @@ -448,7 +448,8 @@ export function Tabs({ getFieldInfo, }} openModal={overlays.openModal} - theme={theme} + theme={theme!} + userEditPermission={dataViews.getCanSaveSync()} /> )} @@ -472,6 +473,7 @@ export function Tabs({ }} onRemoveField={refreshFilters} painlessDocLink={docLinks.links.scriptedFields.painless} + userEditPermission={dataViews.getCanSaveSync()} /> ); @@ -510,6 +512,7 @@ export function Tabs({ refreshFields, overlays, theme, + dataViews, ] ); diff --git a/src/plugins/data_view_management/public/management_app/mount_management_section.tsx b/src/plugins/data_view_management/public/management_app/mount_management_section.tsx index 1b876e34a42fb..e4978acbc9d17 100644 --- a/src/plugins/data_view_management/public/management_app/mount_management_section.tsx +++ b/src/plugins/data_view_management/public/management_app/mount_management_section.tsx @@ -39,7 +39,7 @@ export async function mountManagementSection( params: ManagementAppMountParams ) { const [ - { chrome, application, uiSettings, notifications, overlays, http, docLinks, theme }, + { chrome, uiSettings, notifications, overlays, http, docLinks, theme }, { data, dataViewFieldEditor, dataViewEditor, dataViews, fieldFormats }, indexPatternManagementStart, ] = await getStartServices(); @@ -51,7 +51,6 @@ export async function mountManagementSection( const deps: IndexPatternManagmentContext = { chrome, - application, uiSettings, notifications, overlays, diff --git a/src/plugins/data_view_management/public/mocks.ts b/src/plugins/data_view_management/public/mocks.ts index 3404ca4912c88..54c1900d37f4c 100644 --- a/src/plugins/data_view_management/public/mocks.ts +++ b/src/plugins/data_view_management/public/mocks.ts @@ -13,6 +13,7 @@ import { urlForwardingPluginMock } from '../../url_forwarding/public/mocks'; import { dataPluginMock } from '../../data/public/mocks'; import { indexPatternFieldEditorPluginMock } from '../../data_view_field_editor/public/mocks'; import { indexPatternEditorPluginMock } from '../../data_view_editor/public/mocks'; +import { dataViewPluginMocks } from '../../data_views/public/mocks'; import { IndexPatternManagementSetup, IndexPatternManagementStart, @@ -54,15 +55,14 @@ const docLinks = { const createIndexPatternManagmentContext = (): { [key in keyof IndexPatternManagmentContext]: any; } => { - const { chrome, application, uiSettings, notifications, overlays } = coreMock.createStart(); + const { chrome, uiSettings, notifications, overlays } = coreMock.createStart(); const { http } = coreMock.createSetup(); const data = dataPluginMock.createStartContract(); const dataViewFieldEditor = indexPatternFieldEditorPluginMock.createStartContract(); - const dataViews = data.indexPatterns; + const dataViews = dataViewPluginMocks.createStartContract(); return { chrome, - application, uiSettings, notifications, overlays, diff --git a/src/plugins/data_view_management/public/types.ts b/src/plugins/data_view_management/public/types.ts index dc5e0198a64f1..f0a79416892ef 100644 --- a/src/plugins/data_view_management/public/types.ts +++ b/src/plugins/data_view_management/public/types.ts @@ -8,7 +8,6 @@ import { ChromeStart, - ApplicationStart, IUiSettingsClient, OverlayStart, NotificationsStart, @@ -26,7 +25,6 @@ import { FieldFormatsStart } from '../../field_formats/public'; export interface IndexPatternManagmentContext { chrome: ChromeStart; - application: ApplicationStart; uiSettings: IUiSettingsClient; notifications: NotificationsStart; overlays: OverlayStart; diff --git a/src/plugins/data_views/public/mocks.ts b/src/plugins/data_views/public/mocks.ts index c9aece61c4e02..61713c9406c23 100644 --- a/src/plugins/data_views/public/mocks.ts +++ b/src/plugins/data_views/public/mocks.ts @@ -27,6 +27,7 @@ const createStartContract = (): Start => { }), get: jest.fn().mockReturnValue(Promise.resolve({})), clearCache: jest.fn(), + getCanSaveSync: jest.fn(), } as unknown as jest.Mocked; }; diff --git a/src/plugins/kibana_react/public/code_editor/__snapshots__/code_editor.test.tsx.snap b/src/plugins/kibana_react/public/code_editor/__snapshots__/code_editor.test.tsx.snap index b05abbcece0b9..9a4511f8b03f5 100644 --- a/src/plugins/kibana_react/public/code_editor/__snapshots__/code_editor.test.tsx.snap +++ b/src/plugins/kibana_react/public/code_editor/__snapshots__/code_editor.test.tsx.snap @@ -126,6 +126,7 @@ exports[` is rendered 1`] = ` >
is rendered 1`] = ` /> - + -
-
-