Merge branch 'master' into design/add_data_screens

.buildkite/scripts/steps/storybooks/build_and_upload.js

@@ -8,6 +8,7 @@ const STORYBOOKS = [
   'canvas',
   'codeeditor',
   'ci_composite',
+  'custom_integrations',
   'url_template_editor',
   'dashboard',
   'dashboard_enhanced',

.ci/.storybook/main.js

@@ -11,6 +11,12 @@ const aliases = require('../../src/dev/storybook/aliases.ts').storybookAliases;
 
 config.refs = {};
 
+// Required due to https://github.com/storybookjs/storybook/issues/13834
+config.babel = async (options) => ({
+  ...options,
+  plugins: ['@babel/plugin-transform-typescript', ...options.plugins],
+});
+
 for (const alias of Object.keys(aliases).filter((a) => a !== 'ci_composite')) {
   // snake_case -> Title Case
   const title = alias

.i18nrc.json

@@ -5,6 +5,7 @@
     "kbnConfig": "packages/kbn-config/src",
     "console": "src/plugins/console",
     "core": "src/core",
+    "customIntegrations": "src/plugins/custom_integrations",
     "discover": "src/plugins/discover",
     "bfetch": "src/plugins/bfetch",
     "dashboard": "src/plugins/dashboard",
@@ -18,6 +19,7 @@
     "home": "src/plugins/home",
     "flot": "packages/kbn-ui-shared-deps-src/src/flot_charts",
     "charts": "src/plugins/charts",
+    "customIntegrations": "src/plugins/custom_integrations",
     "esUi": "src/plugins/es_ui_shared",
     "devTools": "src/plugins/dev_tools",
     "expressions": "src/plugins/expressions",

dev_docs/key_concepts/kibana_platform_plugin_intro.mdx

@@ -17,13 +17,13 @@ already existing applications. Did you know that almost everything you see in th
 Kibana UI is built inside a plugin? If you removed all plugins from Kibana, you'd be left with an empty navigation menu, and a set of
 developer tools. The Kibana platform is a blank canvas, just waiting for a developer to come along and create something!
 
-![Kibana personas](assets/kibana_platform_plugin_end_user.png)
+![Kibana personas](../assets/kibana_platform_plugin_end_user.png)
 
 ## 1,000 foot view
 
 At a super high-level, Kibana is composed of **plugins**, **core**, and **Kibana packages**.
 
-![Kibana 1000 ft arch](assets/1000_ft_arch.png)
+![Kibana 1000 ft arch](../assets/1000_ft_arch.png)
 
 **Plugins** provide the majority of all functionality in Kibana. All applications and UIs are defined here.
 
@@ -51,7 +51,7 @@ We try to put only the most stable and fundamental code into `Core`, while optio
 
 Today it looks something like this.
 
-![Core vs platform plugins vs plugins](assets/platform_plugins_core.png)
+![Core vs platform plugins vs plugins](../assets/platform_plugins_core.png)
 
 "Platform plugins" provide core-like functionality, just outside of core, and their public APIs tend to be more volatile. Other plugins may still expose shared services, but they are intended only for usage by a small subset of specific plugins, and may not be generic or "platform-like".
 
@@ -91,7 +91,7 @@ A plugin may register many applications, or none.
 
 Applications are top level pages in the Kibana UI. Dashboard, Canvas, Maps, App Search, etc, are all examples of applications:
 
-![applications in kibana](./assets/applications.png)
+![applications in kibana](../assets/applications.png)
 
 A plugin can register an application by
 adding it to core's application <DocLink id="kibPlatformIntro" section="registry" text="registry"/>.

docs/dev-tools/grokdebugger/index.asciidoc

@@ -9,21 +9,22 @@ structure it. Grok is good for parsing syslog, apache, and other
 webserver logs, mysql logs, and in general, any log format that is
 written for human consumption.
 
-Grok patterns are supported in the ingest node
-{ref}/grok-processor.html[grok processor] and the Logstash
-{logstash-ref}/plugins-filters-grok.html[grok filter]. See
-{logstash-ref}/plugins-filters-grok.html#_grok_basics[grok basics]
-for more information on the syntax for a grok pattern.
-
-The Elastic Stack ships
-with more than 120 reusable grok patterns. See
-https://github.com/elastic/elasticsearch/tree/master/libs/grok/src/main/resources/patterns[Ingest node grok patterns] and https://github.com/logstash-plugins/logstash-patterns-core/tree/master/patterns[Logstash grok patterns]
-for the complete list of patterns.
+Grok patterns are supported in {es} {ref}/runtime.html[runtime fields], the {es}
+{ref}/grok-processor.html[grok ingest processor], and the {ls}
+{logstash-ref}/plugins-filters-grok.html[grok filter]. For syntax, see
+{ref}/grok.html[Grokking grok].
+
+The {stack} ships with more than 120 reusable grok patterns. For a complete
+list of patterns, see
+https://github.com/elastic/elasticsearch/tree/master/libs/grok/src/main/resources/patterns[{es}
+grok patterns] and
+https://github.com/logstash-plugins/logstash-patterns-core/tree/master/patterns[{ls}
+grok patterns].
 
 Because
-ingest node and Logstash share the same grok implementation and pattern
+{es} and {ls} share the same grok implementation and pattern
 libraries, any grok pattern that you create in the *Grok Debugger* will work
-in ingest node and Logstash.
+in both {es} and {ls}.
 
 [float]
 [[grokdebugger-getting-started]]

docs/developer/plugin-list.asciidoc

@@ -458,7 +458,7 @@ the infrastructure monitoring use-case within Kibana.
 
 
 |{kib-repo}blob/{branch}/x-pack/plugins/ingest_pipelines/README.md[ingestPipelines]
-|The ingest_pipelines plugin provides Kibana support for Elasticsearch's ingest nodes. Please refer to the Elasticsearch documentation for more details.
+|The ingest_pipelines plugin provides Kibana support for Elasticsearch's ingest pipelines.
 
 
 |{kib-repo}blob/{branch}/x-pack/plugins/lens/readme.md[lens]

docs/migration/migrate_8_0.asciidoc

@@ -364,4 +364,34 @@ Configuration management tools and automation will need to be updated to use the
 === `server.xsrf.token` is no longer valid
 *Details:* The deprecated `server.xsrf.token` setting in the `kibana.yml` file has been removed.
 
+[float]
+=== `newsfeed.defaultLanguage` is no longer valid
+*Details:* Specifying a default language to retrieve newsfeed items is no longer supported.
+
+*Impact:* Newsfeed items will be retrieved based on the browser locale and fallback to 'en' if an item does not have a translation for the locale. Configure {kibana-ref}/i18n-settings-kb.html#general-i18n-settings-kb[`i18n.locale`] to override the default behavior. 
+
+[float]
+=== `xpack.banners.placement` has changed value
+*Details:* `xpack.banners.placement: 'header'` setting in `kibana.yml` has changed value.
+
+*Impact:* Use {kibana-ref}/banners-settings-kb.html#banners-settings-kb[`xpack.banners.placement: 'top'`] instead.
+
+[float]
+=== `cpu.cgroup.path.override` is no longer valid
+*Details:* The deprecated `cpu.cgroup.path.override` setting is no longer supported.
+
+*Impact:* Configure {kibana-ref}/settings.html#ops-cGroupOverrides-cpuPath[`ops.cGroupOverrides.cpuPath`] instead.
+
+[float]
+=== `cpuacct.cgroup.path.override` is no longer valid
+*Details:* The deprecated `cpuacct.cgroup.path.override` setting is no longer supported.
+
+*Impact:* Configure {kibana-ref}/settings.html#ops-cGroupOverrides-cpuAcctPath[`ops.cGroupOverrides.cpuAcctPath`] instead.
+
+[float]
+=== `server.xsrf.whitelist` is no longer valid
+*Details:* The deprecated `server.xsrf.whitelist` setting is no longer supported.
+
+*Impact:* Use {kibana-ref}/settings.html#settings-xsrf-allowlist[`server.xsrf.allowlist`] instead.
+
 // end::notable-breaking-changes[]

docs/redirects.asciidoc

@@ -293,7 +293,7 @@ This content has moved. Refer to <<dashboard, **Dashboard**>>.
 This content has moved. Refer to <<dashboard, **Dashboard**>>.
 
 [role="exclude",id="ingest-node-pipelines"]
-== Ingest Node Pipelines
+== Ingest Pipelines
 
 This content has moved. Refer to {ref}/ingest.html[Ingest pipelines].
 

docs/settings/alert-action-settings.asciidoc

@@ -31,11 +31,6 @@ Be sure to back up the encryption key value somewhere safe, as your alerting rul
 [[action-settings]]
 ==== Action settings
 
-`xpack.actions.enabled`::
-deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."]
-Feature toggle that enables Actions in {kib}.
-If `false`, all features dependent on Actions are disabled, including the *Observability* and *Security* apps.  Default: `true`.
-
 `xpack.actions.allowedHosts` {ess-icon}::
 A list of hostnames that {kib} is allowed to connect to when built-in actions are triggered. It defaults to `[*]`, allowing any host, but keep in mind the potential for SSRF attacks when hosts are not explicitly added to the allowed hosts. An empty list `[]` can be used to block built-in actions from making any external connections.
 +
@@ -179,3 +174,10 @@ For example, `20m`, `24h`, `7d`, `1w`. Default: `60s`.
 
 `xpack.alerting.maxEphemeralActionsPerAlert`::
 Sets the number of actions that will be executed ephemerally. To use this, enable ephemeral tasks in task manager first with <<task-manager-settings,`xpack.task_manager.ephemeral_tasks.enabled`>>
+
+`xpack.alerting.defaultRuleTaskTimeout`::
+Specifies the default timeout for the all rule types tasks. The time is formatted as:
++
+`<count>[ms,s,m,h,d,w,M,Y]` 
++
+For example, `20m`, `24h`, `7d`, `1w`. Default: `60s`.

docs/settings/reporting-settings.asciidoc

@@ -11,7 +11,6 @@ You can configure `xpack.reporting` settings in your `kibana.yml` to:
 
 * <<general-reporting-settings,Enable the {report-features}>>
 * <<encryption-keys,Configure the encryption key>>
-* <<report-indices,Configure the reporting index>>
 * <<reporting-kibana-server-settings,Control how the {report-features} communicate with the {kib} server>>
 * <<reporting-job-queue-settings,Manage background jobs>>
 * <<reporting-capture-settings,Capture screenshots>>
@@ -47,33 +46,6 @@ The static encryption key for reporting. Use an alphanumeric text string that is
 xpack.reporting.encryptionKey: "something_secret"
 --------------------------------------------------------------------------------
 
-[float]
-[[report-indices]]
-==== Reporting index setting
-
-
-
-`xpack.reporting.index`::
-deprecated:[7.11.0,This setting will be removed in 8.0.0.] Multitenancy by changing `kibana.index` is unsupported starting in 8.0.0. For more details, refer to https://ela.st/kbn-remove-legacy-multitenancy[8.0 Breaking Changes]. When you divide workspaces in an Elastic cluster using multiple {kib} instances with a different `kibana.index` setting per instance, you must set a unique `xpack.reporting.index` setting per `kibana.index`. Otherwise, report generation periodically fails if a report is queued through an instance with one `kibana.index` setting, and an instance with a different `kibana.index` attempts to claim the job. Reporting uses a weekly index in {es} to store the reporting job and the report content. The index is automatically created if it does not already exist. Configure a unique value for `xpack.reporting.index`, beginning with `.reporting-`, for every {kib} instance that has a unique <<kibana-index, `kibana.index`>> setting. Defaults to `.reporting`.
-
-{kib} instance A:
-[source,yaml]
---------------------------------------------------------------------------------
-kibana.index: ".kibana-a"
-xpack.reporting.index: ".reporting-a"
-xpack.reporting.encryptionKey: "something_secret"
---------------------------------------------------------------------------------
-
-{kib} instance B:
-[source,yaml]
---------------------------------------------------------------------------------
-kibana.index: ".kibana-b"
-xpack.reporting.index: ".reporting-b"
-xpack.reporting.encryptionKey: "something_secret"
---------------------------------------------------------------------------------
-
-NOTE: If security is enabled, the `xpack.reporting.index` setting should begin with `.reporting-` for the `kibana_system` role to have the necessary privileges over the index.
-
 [float]
 [[reporting-kibana-server-settings]]
 ==== {kib} server settings

docs/setup/configuring-reporting.asciidoc

@@ -148,56 +148,6 @@ reporting_user:
   - "cn=Bill Murray,dc=example,dc=com"
 --------------------------------------------------------------------------------
 
-[float]
-==== Grant access with a custom index
-
-If you are using a custom index, the `xpack.reporting.index` setting must begin with `.reporting-*`. The default {kib} system user has `all` privileges against the `.reporting-*` pattern of indices.
-
-If you use a different pattern for the `xpack.reporting.index` setting, you must create a custom `kibana_system` user with appropriate access to the index.
-
-NOTE: In the next major version of Kibana, granting access with a custom index is unsupported.
-
-. Create the reporting role. 
-
-.. Open the main menu, then click *Stack Management*.
-
-.. Click *Roles > Create role*.
-
-. Specify the role settings.
-
-.. Enter the *Role name*. For example, `custom-reporting-user`.
-
-.. From the *Indices* dropdown, select the custom index. 
-
-.. From the *Privileges* dropdown, select *all*.
-
-.. Click *Add Kibana privilege*.
-
-.. Select one or more *Spaces* that you want to grant reporting privileges to.
-
-.. Click *Customize*, then click *Analytics*.
-
-.. Next to each application you want to grant reporting privileges to, click *All*.
-
-.. Click *Add {kib} privilege*, then click *Create role*.
-
-. Assign the reporting role to a user.
-
-.. Open the main menu, then click *Stack Management*.
-
-.. Click *Users*, then click the user you want to assign the reporting role to. 
-
-.. From the *Roles* dropdown, select *kibana_system* and *custom-reporting-user*.
-
-.. Click *Update user*.
-
-. Configure {kib} to use the new account.
-+
-[source,js]
---------------------------------------------------------------------------------
-elasticsearch.username: 'custom_kibana_system'
---------------------------------------------------------------------------------
-
 [float]
 [[securing-reporting]]
 === Secure the reporting endpoints

docs/setup/settings.asciidoc

@@ -26,16 +26,6 @@ Toggling this causes the server to regenerate assets on the next startup,
 which may cause a delay before pages start being served.
 Set to `false` to disable Console. *Default: `true`*
 
-| `cpu.cgroup.path.override:`
- | deprecated:[7.10.0,"In 8.0 and later, this setting will no longer be supported."]
- This setting has been renamed to
- <<ops-cGroupOverrides-cpuPath,`ops.cGroupOverrides.cpuPath`>>.
-
-| `cpuacct.cgroup.path.override:`
- | deprecated:[7.10.0,"In 8.0 and later, this setting will no longer be supported."]
- This setting has been renamed to
- <<ops-cGroupOverrides-cpuAcctPath, `ops.cGroupOverrides.cpuAcctPath`>>.
-
 | `csp.rules:`
  | deprecated:[7.14.0,"In 8.0 and later, this setting will no longer be supported."]
 A https://w3c.github.io/webappsec-csp/[Content Security Policy] template

docs/user/management.asciidoc

@@ -17,7 +17,7 @@ Consult your administrator if you do not have the appropriate access.
 [cols="50, 50"]
 |===
 
-| {ref}/ingest.html[Ingest Node Pipelines]
+| {ref}/ingest.html[Ingest Pipelines]
 | Create and manage ingest pipelines that let you perform common transformations
 and enrichments on your data.
 

docs/user/monitoring/monitoring-metricbeat.asciidoc

@@ -189,8 +189,9 @@ If you configured the monitoring cluster to use encrypted communications, you
 must access it via HTTPS. For example, use a `hosts` setting like
 `https://es-mon-1:9200`.
 
-IMPORTANT: The {es} {monitor-features} use ingest pipelines, therefore the
-cluster that stores the monitoring data must have at least one ingest node.
+IMPORTANT: The {es} {monitor-features} use ingest pipelines. The
+cluster that stores the monitoring data must have at least one node with the
+`ingest` role.
 
 If the {es} {security-features} are enabled on the monitoring cluster, you
 must provide a valid user ID and password so that {metricbeat} can send metrics

package.json

@@ -92,6 +92,9 @@
     "yarn": "^1.21.1"
   },
   "dependencies": {
+    "@dnd-kit/core": "^3.1.1",
+    "@dnd-kit/sortable": "^4.0.0",
+    "@dnd-kit/utilities": "^2.0.0",
     "@babel/runtime": "^7.15.4",
     "@elastic/apm-rum": "^5.9.1",
     "@elastic/apm-rum-react": "^1.3.1",

packages/kbn-rule-data-utils/src/technical_field_names.ts

@@ -52,6 +52,7 @@ const ALERT_RULE_LICENSE = `${ALERT_RULE_NAMESPACE}.license` as const;
 const ALERT_RULE_CATEGORY = `${ALERT_RULE_NAMESPACE}.category` as const;
 const ALERT_RULE_NAME = `${ALERT_RULE_NAMESPACE}.name` as const;
 const ALERT_RULE_NOTE = `${ALERT_RULE_NAMESPACE}.note` as const;
+const ALERT_RULE_PARAMS = `${ALERT_RULE_NAMESPACE}.params` as const;
 const ALERT_RULE_REFERENCES = `${ALERT_RULE_NAMESPACE}.references` as const;
 const ALERT_RULE_RISK_SCORE = `${ALERT_RULE_NAMESPACE}.risk_score` as const;
 const ALERT_RULE_RISK_SCORE_MAPPING = `${ALERT_RULE_NAMESPACE}.risk_score_mapping` as const;
@@ -109,6 +110,7 @@ const fields = {
   ALERT_RULE_LICENSE,
   ALERT_RULE_NAME,
   ALERT_RULE_NOTE,
+  ALERT_RULE_PARAMS,
   ALERT_RULE_REFERENCES,
   ALERT_RULE_RISK_SCORE,
   ALERT_RULE_RISK_SCORE_MAPPING,
@@ -164,6 +166,7 @@ export {
   ALERT_RULE_LICENSE,
   ALERT_RULE_NAME,
   ALERT_RULE_NOTE,
+  ALERT_RULE_PARAMS,
   ALERT_RULE_REFERENCES,
   ALERT_RULE_RISK_SCORE,
   ALERT_RULE_RISK_SCORE_MAPPING,

packages/kbn-utils/src/path/index.ts

@@ -15,14 +15,12 @@ const isString = (v: any): v is string => typeof v === 'string';
 
 const CONFIG_PATHS = [
   process.env.KBN_PATH_CONF && join(process.env.KBN_PATH_CONF, 'kibana.yml'),
-  process.env.KIBANA_PATH_CONF && join(process.env.KIBANA_PATH_CONF, 'kibana.yml'), // deprecated
   join(REPO_ROOT, 'config/kibana.yml'),
   '/etc/kibana/kibana.yml',
 ].filter(isString);
 
 const CONFIG_DIRECTORIES = [
   process.env.KBN_PATH_CONF,
-  process.env.KIBANA_PATH_CONF, // deprecated
   join(REPO_ROOT, 'config'),
   '/etc/kibana',
 ].filter(isString);