Merge branch 'master' of github.com:elastic/kibana into spaces/np-client

.github/PULL_REQUEST_TEMPLATE.md

@@ -4,16 +4,15 @@ Summarize your PR. If it involves visual changes include a screenshot or gif.
 
 ### Checklist
 
-Use ~~strikethroughs~~ to remove checklist items you don't feel are applicable to this PR.
+Delete any items that are not applicable to this PR.
 
-- [ ] This was checked for cross-browser compatibility, [including a check against IE11](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility)
 - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)
 - [ ] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials
 - [ ] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios
 - [ ] This was checked for [keyboard-only and screenreader accessibility](https://developer.mozilla.org/en-US/docs/Learn/Tools_and_testing/Cross_browser_testing/Accessibility#Accessibility_testing_checklist)
+- [ ] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)
+- [ ] This was checked for cross-browser compatibility, [including a check against IE11](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility)
 
 ### For maintainers
 
 - [ ] This was checked for breaking API changes and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)
-- [ ] This includes a feature addition or change that requires a release note and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)
-

NOTICE.txt

@@ -162,8 +162,6 @@ which is available under a "MIT" license. The files based on this license are:
 - windows_priv_escalation_via_accessibility_features.json
 - windows_persistence_via_application_shimming.json
 - windows_execution_via_trusted_developer_utilities.json
-- windows_execution_via_net_com_assemblies.json
-- windows_execution_via_connection_manager.json
 
 MIT License
 

docs/setup/upgrade.asciidoc

@@ -50,7 +50,7 @@ instructions.
 [[upgrade-6x]]
 === Upgrading from 6.x
 
-The recommended path is to upgrade to 6.7 before upgrading to 7.0. This makes it 
+The recommended path is to upgrade to 6.8 before upgrading to 7.0. This makes it 
 easier to identify the required changes, and enables you to use the Upgrade 
 Assistant to prepare for your upgrade to 7.0.
 
@@ -59,11 +59,11 @@ dashboards is supported.
 
 [float]
 [[upgrade-67]]
-=== Upgrading from 6.7
-To help you prepare for your upgrade to 7.0, 6.7 includes an https://www.elastic.co/guide/en/kibana/6.7/upgrade-assistant.html[Upgrade Assistant] 
-To access the assistant, go to *Management > 7.0 Upgrade Assistant*. 
+=== Upgrading from 6.8
+To help you prepare for your upgrade to 7.0, 6.8 includes an https://www.elastic.co/guide/en/kibana/6.8/upgrade-assistant.html[Upgrade Assistant] 
+To access the assistant, go to *Management > 7.0 Upgrade Assistant*.
 
-After you have addressed any issues that were identified by the Upgrade 
+After you have addressed any issues that were identified by the Upgrade
 Assistant, <<upgrade-standard,upgrade to 7.0>>.
 
 

docs/siem/siem-ui.asciidoc

@@ -33,6 +33,23 @@ investigation.
 [role="screenshot"]
 image::siem/images/network-ui.png[]
 
+[float]
+[[detections-ui]]
+=== Detections
+
+The Detections feature automatically searches for threats and creates 
+signals when they are detected. Signal detection rules define the conditions 
+for creating signals. The SIEM app comes with prebuilt rules that search for 
+suspicious activity on your network and hosts. Additionally, you can
+create your own rules.
+
+See {siem-guide}/detection-engine-overview.html[Detections] in the SIEM 
+Guide for information on managing detection rules and signals via the UI 
+or the Detections API.
+
+[role="screenshot"]
+image::siem/images/detections-ui.png[]
+
 [float]
 [[timelines-ui]]
 === Timeline

src/legacy/core_plugins/data/public/actions/filters/brush_event.test.js

@@ -21,7 +21,7 @@ import _ from 'lodash';
 import moment from 'moment';
 import expect from '@kbn/expect';
 
-jest.mock('../../../../../ui/public/agg_types/agg_configs', () => ({
+jest.mock('../../search/aggs', () => ({
   AggConfigs: function AggConfigs() {
     return {
       createAggConfig: ({ params }) => ({

src/legacy/core_plugins/data/public/index.ts

@@ -18,7 +18,7 @@
  */
 
 // /// Define plugin function
-import { DataPlugin as Plugin, DataStart } from './plugin';
+import { DataPlugin as Plugin } from './plugin';
 
 export function plugin() {
   return new Plugin();
@@ -27,14 +27,58 @@ export function plugin() {
 // /// Export types & static code
 
 /** @public types */
-export { DataStart };
+export { DataSetup, DataStart } from './plugin';
 export {
   SavedQueryAttributes,
   SavedQuery,
   SavedQueryTimeFilter,
 } from '../../../../plugins/data/public';
+export {
+  // agg_types
+  AggParam,
+  AggParamOption,
+  DateRangeKey,
+  IAggConfig,
+  IAggConfigs,
+  IAggType,
+  IFieldParamType,
+  IMetricAggType,
+  IpRangeKey,
+  ISchemas,
+  OptionedParamEditorProps,
+  OptionedValueProp,
+} from './search/types';
 
 /** @public static code */
 export * from '../common';
 export { FilterStateManager } from './filter/filter_manager';
-export { getRequestInspectorStats, getResponseInspectorStats } from './search';
+export {
+  // agg_types TODO need to group these under a namespace or prefix
+  AggParamType,
+  AggTypeFilters, // TODO convert to interface
+  aggTypeFilters,
+  AggTypeFieldFilters, // TODO convert to interface
+  AggGroupNames,
+  aggGroupNamesMap,
+  BUCKET_TYPES,
+  CidrMask,
+  convertDateRangeToString,
+  convertIPRangeToString,
+  intervalOptions, // only used in Discover
+  isDateHistogramBucketAggConfig,
+  isStringType,
+  isType,
+  isValidInterval,
+  isValidJson,
+  METRIC_TYPES,
+  OptionedParamType,
+  parentPipelineType,
+  propFilter,
+  Schema,
+  Schemas,
+  siblingPipelineType,
+  termsAggFilter,
+  // search_source
+  getRequestInspectorStats,
+  getResponseInspectorStats,
+} from './search';

src/legacy/core_plugins/data/public/plugin.ts

@@ -45,6 +45,8 @@ import {
 } from '../../../../plugins/embeddable/public/lib/triggers';
 import { IUiActionsSetup, IUiActionsStart } from '../../../../plugins/ui_actions/public';
 
+import { SearchSetup, SearchStart, SearchService } from './search/search_service';
+
 export interface DataPluginSetupDependencies {
   data: DataPublicPluginSetup;
   expressions: ExpressionsSetup;
@@ -56,12 +58,23 @@ export interface DataPluginStartDependencies {
   uiActions: IUiActionsStart;
 }
 
+/**
+ * Interface for this plugin's returned `setup` contract.
+ *
+ * @public
+ */
+export interface DataSetup {
+  search: SearchSetup;
+}
+
 /**
  * Interface for this plugin's returned `start` contract.
  *
  * @public
  */
-export interface DataStart {} // eslint-disable-line @typescript-eslint/no-empty-interface
+export interface DataStart {
+  search: SearchStart;
+}
 
 /**
  * Data Plugin - public
@@ -76,7 +89,10 @@ export interface DataStart {} // eslint-disable-line @typescript-eslint/no-empty
  */
 
 export class DataPlugin
-  implements Plugin<void, DataStart, DataPluginSetupDependencies, DataPluginStartDependencies> {
+  implements
+    Plugin<DataSetup, DataStart, DataPluginSetupDependencies, DataPluginStartDependencies> {
+  private readonly search = new SearchService();
+
   public setup(core: CoreSetup, { data, uiActions }: DataPluginSetupDependencies) {
     setInjectedMetadata(core.injectedMetadata);
 
@@ -89,6 +105,10 @@ export class DataPlugin
     uiActions.registerAction(
       valueClickAction(data.query.filterManager, data.query.timefilter.timefilter)
     );
+
+    return {
+      search: this.search.setup(core),
+    };
   }
 
   public start(core: CoreStart, { data, uiActions }: DataPluginStartDependencies): DataStart {
@@ -102,7 +122,9 @@ export class DataPlugin
     uiActions.attachAction(SELECT_RANGE_TRIGGER, SELECT_RANGE_ACTION);
     uiActions.attachAction(VALUE_CLICK_TRIGGER, VALUE_CLICK_ACTION);
 
-    return {};
+    return {
+      search: this.search.start(core),
+    };
   }
 
   public stop() {}

src/legacy/ui/public/agg_types/__tests__/buckets/_terms_other_bucket_helper.js → src/legacy/core_plugins/data/public/search/aggs/__tests__/buckets/_terms_other_bucket_helper.js

@@ -24,7 +24,7 @@ import {
   mergeOtherBucketAggResponse,
   updateMissingBucket,
 } from '../../buckets/_terms_other_bucket_helper';
-import { Vis } from '../../../../../core_plugins/visualizations/public';
+import { Vis } from '../../../../../../../core_plugins/visualizations/public';
 import FixturesStubbedLogstashIndexPatternProvider from 'fixtures/stubbed_logstash_index_pattern';
 
 const visConfigSingleTerm = {

src/legacy/ui/public/agg_types/agg_config.ts → src/legacy/core_plugins/data/public/search/aggs/agg_config.ts

@@ -27,17 +27,17 @@
 import _ from 'lodash';
 import { i18n } from '@kbn/i18n';
 import { npStart } from 'ui/new_platform';
-import { AggType } from './agg_type';
+import { IAggType } from './agg_type';
 import { AggGroupNames } from './agg_groups';
 import { writeParams } from './agg_params';
-import { AggConfigs } from './agg_configs';
+import { IAggConfigs } from './agg_configs';
 import { Schema } from './schemas';
 import {
   ISearchSource,
   FetchOptions,
   fieldFormats,
   KBN_FIELD_TYPES,
-} from '../../../../plugins/data/public';
+} from '../../../../../../plugins/data/public';
 
 export interface AggConfigOptions {
   enabled: boolean;
@@ -58,15 +58,20 @@ const unknownSchema: Schema = {
   defaults: {},
   editor: false,
   group: AggGroupNames.Metrics,
+  aggSettings: {
+    top_hits: {
+      allowStrings: true,
+    },
+  },
 };
 
-const getTypeFromRegistry = (type: string): AggType => {
+const getTypeFromRegistry = (type: string): IAggType => {
   // We need to inline require here, since we're having a cyclic dependency
   // from somewhere inside agg_types back to AggConfig.
-  const aggTypes = require('./agg_types').aggTypes;
+  const aggTypes = require('../aggs').aggTypes;
   const registeredType =
-    aggTypes.metrics.find((agg: AggType) => agg.name === type) ||
-    aggTypes.buckets.find((agg: AggType) => agg.name === type);
+    aggTypes.metrics.find((agg: IAggType) => agg.name === type) ||
+    aggTypes.buckets.find((agg: IAggType) => agg.name === type);
 
   if (!registeredType) {
     throw new Error('unknown type');
@@ -85,6 +90,9 @@ const getSchemaFromRegistry = (schemas: any, schema: string): Schema => {
   return registeredSchema;
 };
 
+// TODO need to make a more explicit interface for this
+export type IAggConfig = AggConfig;
+
 export class AggConfig {
   /**
    * Ensure that all of the objects in the list have ids, the objects
@@ -122,19 +130,19 @@ export class AggConfig {
     );
   }
 
-  public aggConfigs: AggConfigs;
+  public aggConfigs: IAggConfigs;
   public id: string;
   public enabled: boolean;
   public params: any;
-  public parent?: AggConfigs;
+  public parent?: IAggConfigs;
   public brandNew?: boolean;
 
   private __schema: Schema;
-  private __type: AggType;
+  private __type: IAggType;
   private __typeDecorations: any;
   private subAggs: AggConfig[] = [];
 
-  constructor(aggConfigs: AggConfigs, opts: AggConfigOptions) {
+  constructor(aggConfigs: IAggConfigs, opts: AggConfigOptions) {
     this.aggConfigs = aggConfigs;
     this.id = String(opts.id || AggConfig.nextId(aggConfigs.aggs as any));
     this.enabled = typeof opts.enabled === 'boolean' ? opts.enabled : true;
@@ -207,7 +215,7 @@ export class AggConfig {
     return _.get(this.params, key);
   }
 
-  write(aggs?: AggConfigs) {
+  write(aggs?: IAggConfigs) {
     return writeParams<AggConfig>(this.type.params, this, aggs);
   }
 
@@ -262,7 +270,7 @@ export class AggConfig {
    * @return {void|Object} - if the config has a dsl representation, it is
    *                         returned, else undefined is returned
    */
-  toDsl(aggConfigs?: AggConfigs) {
+  toDsl(aggConfigs?: IAggConfigs) {
     if (this.type.hasNoDsl) return;
     const output = this.write(aggConfigs) as any;
 
@@ -360,7 +368,7 @@ export class AggConfig {
 
     if (!this.type) return '';
     return percentageMode
-      ? i18n.translate('common.ui.vis.aggConfig.percentageOfLabel', {
+      ? i18n.translate('data.search.aggs.percentageOfLabel', {
           defaultMessage: 'Percentage of {label}',
           values: { label: this.type.makeLabel(this) },
         })
@@ -435,7 +443,7 @@ export class AggConfig {
 
     if (fieldParam) {
       // @ts-ignore
-      availableFields = fieldParam.getAvailableFields(this.getIndexPattern().fields);
+      availableFields = fieldParam.getAvailableFields(this);
     }
 
     // clear out the previous params except for a few special ones
@@ -448,7 +456,7 @@ export class AggConfig {
     });
   }
 
-  public setType(type: string | AggType) {
+  public setType(type: string | IAggType) {
     this.type = typeof type === 'string' ? getTypeFromRegistry(type) : type;
   }
 

src/legacy/ui/public/agg_types/agg_configs.ts → src/legacy/core_plugins/data/public/search/aggs/agg_configs.ts

@@ -35,7 +35,7 @@ import {
   ISearchSource,
   FetchOptions,
   TimeRange,
-} from '../../../../plugins/data/public';
+} from '../../../../../../plugins/data/public';
 
 type Schemas = Record<string, any>;
 
@@ -55,6 +55,9 @@ function parseParentAggs(dslLvlCursor: any, dsl: any) {
   }
 }
 
+// TODO need to make a more explicit interface for this
+export type IAggConfigs = AggConfigs;
+
 export class AggConfigs {
   public indexPattern: IndexPattern;
   public schemas: any;

src/legacy/ui/public/agg_types/agg_groups.ts → src/legacy/core_plugins/data/public/search/aggs/agg_groups.ts

@@ -28,10 +28,10 @@ export const AggGroupNames = Object.freeze({
 export type AggGroupNames = $Values<typeof AggGroupNames>;
 
 export const aggGroupNamesMap = () => ({
-  [AggGroupNames.Metrics]: i18n.translate('common.ui.aggTypes.aggGroups.metricsText', {
+  [AggGroupNames.Metrics]: i18n.translate('data.search.aggs.aggGroups.metricsText', {
     defaultMessage: 'Metrics',
   }),
-  [AggGroupNames.Buckets]: i18n.translate('common.ui.aggTypes.aggGroups.bucketsText', {
+  [AggGroupNames.Buckets]: i18n.translate('data.search.aggs.aggGroups.bucketsText', {
     defaultMessage: 'Buckets',
   }),
 });

src/legacy/ui/public/agg_types/agg_params.test.ts → src/legacy/core_plugins/data/public/search/aggs/agg_params.test.ts

@@ -21,7 +21,7 @@ import { initParams } from './agg_params';
 import { BaseParamType } from './param_types/base';
 import { FieldParamType } from './param_types/field';
 import { OptionedParamType } from './param_types/optioned';
-import { AggParamType } from '../agg_types/param_types/agg';
+import { AggParamType } from '../aggs/param_types/agg';
 
 jest.mock('ui/new_platform');