Skip to content

Commit

Permalink
Merge branch 'main' into canvas_filters_panel_update_group
Browse files Browse the repository at this point in the history
  • Loading branch information
kibanamachine authored Nov 19, 2021
2 parents 93e7d8c + e5c4846 commit f5ee006
Show file tree
Hide file tree
Showing 669 changed files with 5,369 additions and 2,638 deletions.
21 changes: 21 additions & 0 deletions docs/setup/install/auto-enroll.asciidoc
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
[role="exclude"]

If this is the first time you're starting {kib}, this command generates a
unique link in your terminal to enroll your {kib} instance with {es}.

. In your terminal, click the generated link to open {kib} in your browser.

. In your browser, paste the enrollment token that was generated in the terminal
when you started {es}, and then click the button to connect your {kib} instance with {es}.

. Log in to {kib} as the `elastic` user with the password that was
generated when you started {es}.

[NOTE]
====
If you need to reset the password for the `elastic` user or other
built-in users, run the {ref}/reset-password.html[`elasticsearch-reset-password`] tool. To generate new enrollment tokens for
{kib} or {es} nodes, run the
{ref}/create-enrollment-token.html[`elasticsearch-create-enrollment-token`] tool.
These tools are available in the {es} `bin` directory.
====
24 changes: 24 additions & 0 deletions docs/setup/install/deb.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,30 @@ sudo dpkg -i kibana-{version}-amd64.deb

endif::[]

[[deb-enroll]]
==== Start {es} and generate an enrollment token for {kib}
++++
<titleabbrev>Generate an enrollment token</titleabbrev>
++++

When you start {es} for the first time, the following security configuration
occurs automatically:

* Authentication and authorization are enabled, and a password is generated for the `elastic` built-in superuser.
* Certificates and keys for TLS are generated for the transport and HTTP layer, and TLS is enabled and configured with these keys and certificates.

The password and certificate and keys are output to your terminal.

You can then generate an enrollment token for {kib} with the
{ref}/create-enrollment-token.html[`elasticsearch-create-enrollment-token`] tool:

[source,sh]
----
bin/elasticsearch-create-enrollment-token -s kibana
----

Start {kib} and enter the enrollment token to securely connect {kib} with {es}.

[[deb-running-systemd]]
include::systemd.asciidoc[]

Expand Down
24 changes: 24 additions & 0 deletions docs/setup/install/rpm.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,30 @@ sudo rpm --install kibana-{version}-x86_64.rpm

endif::[]

[[rpm-enroll]]
==== Start {es} and generate an enrollment token for {kib}
++++
<titleabbrev>Generate an enrollment token</titleabbrev>
++++

When you start {es} for the first time, the following security configuration
occurs automatically:

* Authentication and authorization are enabled, and a password is generated for the `elastic` built-in superuser.
* Certificates and keys for TLS are generated for the transport and HTTP layer, and TLS is enabled and configured with these keys and certificates.

The password and certificate and keys are output to your terminal.

You can then generate an enrollment token for {kib} with the
{ref}/create-enrollment-token.html[`elasticsearch-create-enrollment-token`] tool:

[source,sh]
----
bin/elasticsearch-create-enrollment-token -s kibana
----

Start {kib} and enter the enrollment token to securely connect {kib} with {es}.

[[rpm-running-systemd]]
include::systemd.asciidoc[]

Expand Down
16 changes: 16 additions & 0 deletions docs/setup/install/start-es-and-enroll.asciidoc
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
==== Start {es} and generate an enrollment token for {kib}
++++
<titleabbrev>Generate an enrollment token</titleabbrev>
++++

When you start {es} for the first time, the following security configuration
occurs automatically:

* {ref}/configuring-stack-security.html#stack-security-certificates[Certificates and keys] for TLS are
generated for the transport and HTTP layers.
* The TLS configuration settings are written to `elasticsearch.yml`.
* A password is generated for the `elastic` user.
* An enrollment token is generated for {kib}.
You can then start {kib} and enter the enrollment token to securely connect
{kib} with {es}. The enrollment token is valid for 30 minutes.
8 changes: 4 additions & 4 deletions docs/setup/install/systemd.asciidoc
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
==== Run {kib} with `systemd`

To configure Kibana to start automatically when the system boots up,
To configure {kib} to start automatically when the system starts,
run the following commands:

[source,sh]
Expand All @@ -9,14 +9,14 @@ sudo /bin/systemctl daemon-reload
sudo /bin/systemctl enable kibana.service
--------------------------------------------------

Kibana can be started and stopped as follows:
{kib} can be started and stopped as follows:

[source,sh]
--------------------------------------------
sudo systemctl start kibana.service
sudo systemctl stop kibana.service
--------------------------------------------

These commands provide no feedback as to whether Kibana was started
These commands provide no feedback as to whether {kib} was started
successfully or not. Log information can be accessed via
`journalctl -u kibana.service`.
`journalctl -u kibana.service`.
2 changes: 2 additions & 0 deletions docs/setup/install/targz-running.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,5 @@ Kibana can be started from the command line as follows:

By default, Kibana runs in the foreground, prints its logs to the
standard output (`stdout`), and can be stopped by pressing *Ctrl-C*.

include::auto-enroll.asciidoc[]
2 changes: 2 additions & 0 deletions docs/setup/install/targz.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,8 @@ cd kibana-{version}/ <2>

endif::[]

[[targz-enroll]]
include::start-es-and-enroll.asciidoc[]

[[targz-running]]
include::targz-running.asciidoc[]
Expand Down
2 changes: 2 additions & 0 deletions docs/setup/install/windows-running.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,5 @@ Kibana can be started from the command line as follows:

By default, Kibana runs in the foreground, prints its logs to `STDOUT`,
and can be stopped by pressing *Ctrl-C*.

include::auto-enroll.asciidoc[]
3 changes: 3 additions & 0 deletions docs/setup/install/windows.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,9 @@ CD c:\kibana-{version}-windows-x86_64

endif::[]

[[windows-enroll]]
include::start-es-and-enroll.asciidoc[]

[[windows-running]]
include::windows-running.asciidoc[]

Expand Down
4 changes: 2 additions & 2 deletions docs/user/alerting/alerting-getting-started.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ This section describes all of these elements and how they operate together.
[float]
=== Rules

A rule specifies a background task that runs on the {kib} server to check for specific conditions. {kib} provides two types of rules: stack rules that are built into {kib} and domain rules that are registered by Kibana apps. Refer to <<rule-types,Rule types>> for more information.
A rule specifies a background task that runs on the {kib} server to check for specific conditions. {kib} provides two types of rules: stack rules that are built into {kib} and the rules that are registered by Kibana apps. Refer to <<rule-types,Rule types>> for more information.

A rule consists of three main parts:

Expand Down Expand Up @@ -53,7 +53,7 @@ to control the details of the conditions to detect.

For example, an <<rule-type-index-threshold, index threshold rule type>> lets you specify the index to query, an aggregation field, and a time window, but the details of the underlying {es} query are hidden.

See <<stack-rules>> and <<domain-specific-rules>> for the types of rules provided by {kib} and how they express their conditions.
See <<rule-types>> for the rules provided by {kib} and how they express their conditions.

[float]
[[alerting-concepts-scheduling]]
Expand Down
54 changes: 37 additions & 17 deletions docs/user/alerting/rule-types.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@
[[rule-types]]
== Rule types

A rule is a set of <<alerting-concepts-conditions, conditions>>, <<alerting-concepts-scheduling, schedules>>, and <<alerting-concepts-actions, actions>> that enable notifications. {kib} provides two types of rules: rules specific to the Elastic Stack and rules specific to a domain.
A rule is a set of <<alerting-concepts-conditions, conditions>>, <<alerting-concepts-scheduling, schedules>>, and <<alerting-concepts-actions, actions>> that enable notifications. {kib} provides rules built into the Elastic Stack and rules registered by one of the {kib} apps.
You can create most rules types in <<create-and-manage-rules,Stack Management > Rules and Connectors>>. For information on creating security rules, refer to {security-guide}/rules-ui-create.html[Create a detection rule].

[NOTE]
==============================================
Expand All @@ -15,45 +16,64 @@ see {subscriptions}[the subscription page].
[[stack-rules]]
=== Stack rules

<<create-and-manage-rules, Stack rules>> are built into {kib}. To access the *Stack Rules* feature and create and edit rules, users require the `all` privilege. See <<kibana-feature-privileges, feature privileges>> for more information.
<<create-and-manage-rules, Stack rules>> are built into {kib}. To access the *Stack Rules* feature and create and edit rules, users require the `all` privilege. See <<kibana-feature-privileges, feature privileges>> for more information.

[cols="2*<"]
|===

| <<rule-type-index-threshold>>
| Aggregate field values from documents using {es} queries, compare them to threshold values, and schedule actions to run when the thresholds are met.

| <<rule-type-es-query>>
| Run a user-configured {es} query, compare the number of matches to a configured threshold, and schedule actions to run when the threshold condition is met.

| {ref}/transform-alerts.html[{transform-cap} rules] beta:[]
| <<rule-type-index-threshold>>
| Aggregate field values from documents using {es} queries, compare them to threshold values, and schedule actions to run when the thresholds are met.

| {ref}/transform-alerts.html[{transform-cap} rules]
| beta:[] Run scheduled checks on a {ctransform} to check its health. If a {ctransform} meets the conditions, an alert is created and the associated action is triggered.

| <<geo-alerting, Tracking containment>>
| Run an {es} query to determine if any documents are currently contained in any boundaries from a specified boundary index and generate alerts when a rule's conditions are met.

|===

[float]
[[domain-specific-rules]]
=== Domain rules
[[observability-rules]]
=== Observability rules

Domain rules are registered by *Observability*, *Security*, <<maps, Maps>> and <<xpack-ml, Machine Learning>>.
Observability rules are categorized into APM and User Experience, Logs, Metrics, Stack Monitoring, and Uptime.

[cols="2*<"]
|===

| {observability-guide}/create-alerts.html[Observability rules]
| Detect complex conditions in the *Logs*, *Metrics*, and *Uptime* apps.

| {security-guide}/prebuilt-rules.html[Security rules]
| Detect suspicious source events with pre-built or custom rules and create alerts when a rule’s conditions are met.
| <<apm-alerts, APM and User Experience>>
| Detect complex conditions in *APM* data and trigger built-in actions when the conditions are met.

| <<geo-alerting, Maps rules>>
| Run an {es} query to determine if any documents are currently contained in any boundaries from a specified boundary index and generate alerts when a rule's conditions are met.
| {observability-guide}/create-alerts.html[Logs rules]
| Detect complex conditions in the *Logs* app.

| {ml-docs}/ml-configuring-alerts.html[{ml-cap} rules] beta:[]
| beta:[] Run scheduled checks on an {anomaly-job} to detect anomalies with certain conditions. If an anomaly meets the conditions, an alert is created and the associated action is triggered.
| {observability-guide}/create-alerts.html[Metrics rules]
| Detect complex conditions in the *Metrics* app.

| <<kibana-alerts,Stack Monitoring>>
| Provide {kib} Alerting rules out-of-the box to notify you of potential issues in the Elastic Stack.

| {observability-guide}/create-alerts.html[Uptime rules]
| Detect complex conditions in the *Uptime* app.

|===

[float]
[[ml-rules]]
=== Machine learning rules

beta:[] {ml-docs}/ml-configuring-alerts.html[{ml-cap} rules] run scheduled checks on an {anomaly-job} to detect anomalies with certain conditions. If an anomaly meets the conditions, an alert is created and the associated action is triggered.

[float]
[[security-rules]]
=== Security rules

Security rules detect suspicious source events with pre-built or custom rules and create alerts when a rule’s conditions are met. For more information, refer to {security-guide}/prebuilt-rules.html[Security rules].

include::rule-types/index-threshold.asciidoc[]
include::rule-types/es-query.asciidoc[]
include::rule-types/geo-rule-types.asciidoc[]
2 changes: 1 addition & 1 deletion examples/expressions_explorer/kibana.json
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,5 @@
},
"requiredPlugins": ["expressions", "inspector", "uiActions", "developerExamples"],
"optionalPlugins": [],
"requiredBundles": []
"requiredBundles": ["kibanaReact"]
}
69 changes: 37 additions & 32 deletions examples/expressions_explorer/public/app.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -18,61 +18,66 @@ import {
EuiText,
EuiLink,
} from '@elastic/eui';
import { AppMountParameters } from '../../../src/core/public';
import { AppMountParameters, IUiSettingsClient } from '../../../src/core/public';
import { ExpressionsStart } from '../../../src/plugins/expressions/public';
import { Start as InspectorStart } from '../../../src/plugins/inspector/public';
import { RunExpressionsExample } from './run_expressions';
import { RenderExpressionsExample } from './render_expressions';
import { ActionsExpressionsExample } from './actions_and_expressions';
import { UiActionsStart } from '../../../src/plugins/ui_actions/public';
import { ActionsExpressionsExample2 } from './actions_and_expressions2';
import { createKibanaReactContext } from '../../../src/plugins/kibana_react/public';

interface Props {
expressions: ExpressionsStart;
inspector: InspectorStart;
actions: UiActionsStart;
uiSettings: IUiSettingsClient;
}

const ExpressionsExplorer = ({ expressions, inspector, actions }: Props) => {
const ExpressionsExplorer = ({ expressions, inspector, actions, uiSettings }: Props) => {
const { Provider: KibanaReactContextProvider } = createKibanaReactContext({ uiSettings });
return (
<EuiPage>
<EuiPageBody>
<EuiPageHeader>Expressions Explorer</EuiPageHeader>
<EuiPageContent>
<EuiPageContentBody>
<EuiText>
<p>
There are a couple of ways to run the expressions. Below some of the options are
demonstrated. You can read more about it{' '}
<EuiLink
href={
'https://github.com/elastic/kibana/blob/main/src/plugins/expressions/README.asciidoc'
}
>
here
</EuiLink>
</p>
</EuiText>
<KibanaReactContextProvider>
<EuiPage>
<EuiPageBody>
<EuiPageHeader>Expressions Explorer</EuiPageHeader>
<EuiPageContent>
<EuiPageContentBody>
<EuiText>
<p>
There are a couple of ways to run the expressions. Below some of the options are
demonstrated. You can read more about it{' '}
<EuiLink
href={
'https://github.com/elastic/kibana/blob/main/src/plugins/expressions/README.asciidoc'
}
>
here
</EuiLink>
</p>
</EuiText>

<EuiSpacer />
<EuiSpacer />

<RunExpressionsExample expressions={expressions} inspector={inspector} />
<RunExpressionsExample expressions={expressions} inspector={inspector} />

<EuiSpacer />
<EuiSpacer />

<RenderExpressionsExample expressions={expressions} inspector={inspector} />
<RenderExpressionsExample expressions={expressions} inspector={inspector} />

<EuiSpacer />
<EuiSpacer />

<ActionsExpressionsExample expressions={expressions} actions={actions} />
<ActionsExpressionsExample expressions={expressions} actions={actions} />

<EuiSpacer />
<EuiSpacer />

<ActionsExpressionsExample2 expressions={expressions} actions={actions} />
</EuiPageContentBody>
</EuiPageContent>
</EuiPageBody>
</EuiPage>
<ActionsExpressionsExample2 expressions={expressions} actions={actions} />
</EuiPageContentBody>
</EuiPageContent>
</EuiPageBody>
</EuiPage>
</KibanaReactContextProvider>
);
};

Expand Down
Loading

0 comments on commit f5ee006

Please sign in to comment.