diff --git a/.ci/Jenkinsfile_baseline_capture b/.ci/Jenkinsfile_baseline_capture
index b729f5d9da082d..d074da1cb1926c 100644
--- a/.ci/Jenkinsfile_baseline_capture
+++ b/.ci/Jenkinsfile_baseline_capture
@@ -23,6 +23,7 @@ kibanaPipeline(timeoutMinutes: 210) {
) {
withGcpServiceAccount.fromVaultSecret('secret/kibana-issues/dev/ci-artifacts-key', 'value') {
withEnv([
+ 'BUILD_TS_REFS_DISABLE=false', // disabled in root config so we need to override that here
'BUILD_TS_REFS_CACHE_ENABLE=true',
'BUILD_TS_REFS_CACHE_CAPTURE=true',
'DISABLE_BOOTSTRAP_VALIDATION=true',
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 0692e94e8b0283..cae64a24ec2cd5 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -272,7 +272,7 @@
/x-pack/test/functional_with_es_ssl/apps/triggers_actions_ui/ @elastic/kibana-alerting-services
/x-pack/test/functional_with_es_ssl/fixtures/plugins/alerts/ @elastic/kibana-alerting-services
/docs/user/alerting/ @elastic/kibana-alerting-services
-/docs/management/alerting/ @elastic/kibana-alerting-services
+/docs/management/connectors/ @elastic/kibana-alerting-services
#CC# /x-pack/plugins/stack_alerts @elastic/kibana-alerting-services
# Enterprise Search
diff --git a/config/kibana.yml b/config/kibana.yml
index 7c7378fb5d29d2..eefb6bb8bacdab 100644
--- a/config/kibana.yml
+++ b/config/kibana.yml
@@ -23,7 +23,7 @@
#server.publicBaseUrl: ""
# The maximum payload size in bytes for incoming server requests.
-#server.maxPayloadBytes: 1048576
+#server.maxPayload: 1048576
# The Kibana server's name. This is used for display purposes.
#server.name: "your-hostname"
diff --git a/docs/developer/getting-started/index.asciidoc b/docs/developer/getting-started/index.asciidoc
index d5fe7ebf470382..bc191fa828b58f 100644
--- a/docs/developer/getting-started/index.asciidoc
+++ b/docs/developer/getting-started/index.asciidoc
@@ -3,6 +3,18 @@
Get started building your own plugins, or contributing directly to the {kib} repo.
+[discrete]
+[[developing-on-windows]]
+=== Developing on Windows
+
+In order to support Windows development we currently require you to use one of the following:
+
+- https://git-scm.com/download/win[Git bash] (other bash emulators like https://cmder.net/[Cmder] could work but we did not test them)
+- https://docs.microsoft.com/en-us/windows/wsl/about[WSL]
+
+Before running the steps listed below, please make sure you have installed Git bash or WSL and that
+you are running the mentioned commands through one of them.
+
[discrete]
[[get-kibana-code]]
=== Get the code
diff --git a/docs/developer/getting-started/monorepo-packages.asciidoc b/docs/developer/getting-started/monorepo-packages.asciidoc
index bc47e46f6763b4..9564087dabefee 100644
--- a/docs/developer/getting-started/monorepo-packages.asciidoc
+++ b/docs/developer/getting-started/monorepo-packages.asciidoc
@@ -63,6 +63,7 @@ yarn kbn watch-bazel
- @elastic/datemath
- @kbn/apm-utils
+- @kbn/babel-preset
- @kbn/config-schema
- @kbn/tinymath
- @kbn/utility-types
diff --git a/docs/developer/plugin-list.asciidoc b/docs/developer/plugin-list.asciidoc
index 2a88d65cb9bd05..64a62e36567848 100644
--- a/docs/developer/plugin-list.asciidoc
+++ b/docs/developer/plugin-list.asciidoc
@@ -448,8 +448,8 @@ the infrastructure monitoring use-case within Kibana.
|Visualization editor allowing to quickly and easily configure compelling visualizations to use on dashboards and canvas workpads.
-|{kib-repo}blob/{branch}/x-pack/plugins/license_api_guard[licenseApiGuard]
-|WARNING: Missing README.
+|{kib-repo}blob/{branch}/x-pack/plugins/license_api_guard/README.md[licenseApiGuard]
+|This plugin is used by ES UI plugins to reject API requests when the plugin is unsupported by the user's license.
|{kib-repo}blob/{branch}/x-pack/plugins/license_management/README.md[licenseManagement]
diff --git a/docs/development/core/public/kibana-plugin-core-public.doclinksstart.links.md b/docs/development/core/public/kibana-plugin-core-public.doclinksstart.links.md
index 535bd8f11236df..3a383ee72b86a6 100644
--- a/docs/development/core/public/kibana-plugin-core-public.doclinksstart.links.md
+++ b/docs/development/core/public/kibana-plugin-core-public.doclinksstart.links.md
@@ -8,6 +8,9 @@
```typescript
readonly links: {
+ readonly canvas: {
+ readonly guide: string;
+ };
readonly dashboard: {
readonly guide: string;
readonly drilldowns: string;
diff --git a/docs/development/core/public/kibana-plugin-core-public.doclinksstart.md b/docs/development/core/public/kibana-plugin-core-public.doclinksstart.md
index b8d0d2288993ec..c5bf4babd9da95 100644
--- a/docs/development/core/public/kibana-plugin-core-public.doclinksstart.md
+++ b/docs/development/core/public/kibana-plugin-core-public.doclinksstart.md
@@ -17,5 +17,5 @@ export interface DocLinksStart
| --- | --- | --- |
| [DOC\_LINK\_VERSION](./kibana-plugin-core-public.doclinksstart.doc_link_version.md) | string | |
| [ELASTIC\_WEBSITE\_URL](./kibana-plugin-core-public.doclinksstart.elastic_website_url.md) | string | |
-| [links](./kibana-plugin-core-public.doclinksstart.links.md) | { readonly dashboard: { readonly guide: string; readonly drilldowns: string; readonly drilldownsTriggerPicker: string; readonly urlDrilldownTemplateSyntax: string; readonly urlDrilldownVariables: string; }; readonly discover: Record<string, string>; readonly filebeat: { readonly base: string; readonly installation: string; readonly configuration: string; readonly elasticsearchOutput: string; readonly elasticsearchModule: string; readonly startup: string; readonly exportedFields: string; }; readonly auditbeat: { readonly base: string; }; readonly metricbeat: { readonly base: string; readonly configure: string; readonly httpEndpoint: string; readonly install: string; readonly start: string; }; readonly enterpriseSearch: { readonly base: string; readonly appSearchBase: string; readonly workplaceSearchBase: string; }; readonly heartbeat: { readonly base: string; }; readonly logstash: { readonly base: string; }; readonly functionbeat: { readonly base: string; }; readonly winlogbeat: { readonly base: string; }; readonly aggs: { readonly composite: string; readonly composite_missing_bucket: string; readonly date_histogram: string; readonly date_range: string; readonly date_format_pattern: string; readonly filter: string; readonly filters: string; readonly geohash_grid: string; readonly histogram: string; readonly ip_range: string; readonly range: string; readonly significant_terms: string; readonly terms: string; readonly avg: string; readonly avg_bucket: string; readonly max_bucket: string; readonly min_bucket: string; readonly sum_bucket: string; readonly cardinality: string; readonly count: string; readonly cumulative_sum: string; readonly derivative: string; readonly geo_bounds: string; readonly geo_centroid: string; readonly max: string; readonly median: string; readonly min: string; readonly moving_avg: string; readonly percentile_ranks: string; readonly serial_diff: string; readonly std_dev: string; readonly sum: string; readonly top_hits: string; }; readonly runtimeFields: { readonly overview: string; readonly mapping: string; }; readonly scriptedFields: { readonly scriptFields: string; readonly scriptAggs: string; readonly painless: string; readonly painlessApi: string; readonly painlessLangSpec: string; readonly painlessSyntax: string; readonly painlessWalkthrough: string; readonly luceneExpressions: string; }; readonly indexPatterns: { readonly introduction: string; readonly fieldFormattersNumber: string; readonly fieldFormattersString: string; }; readonly addData: string; readonly kibana: string; readonly upgradeAssistant: string; readonly elasticsearch: Record<string, string>; readonly siem: { readonly guide: string; readonly gettingStarted: string; }; readonly query: { readonly eql: string; readonly kueryQuerySyntax: string; readonly luceneQuerySyntax: string; readonly percolate: string; readonly queryDsl: string; }; readonly date: { readonly dateMath: string; readonly dateMathIndexNames: string; }; readonly management: Record<string, string>; readonly ml: Record<string, string>; readonly transforms: Record<string, string>; readonly visualize: Record<string, string>; readonly apis: Readonly<{ bulkIndexAlias: string; createIndex: string; createSnapshotLifecyclePolicy: string; createRoleMapping: string; createRoleMappingTemplates: string; createApiKey: string; createPipeline: string; createTransformRequest: string; cronExpressions: string; executeWatchActionModes: string; indexExists: string; openIndex: string; putComponentTemplate: string; painlessExecute: string; painlessExecuteAPIContexts: string; putComponentTemplateMetadata: string; putSnapshotLifecyclePolicy: string; putIndexTemplateV1: string; putWatch: string; simulatePipeline: string; updateTransform: string; }>; readonly observability: Record<string, string>; readonly alerting: Record<string, string>; readonly maps: Record<string, string>; readonly monitoring: Record<string, string>; readonly security: Readonly<{ apiKeyServiceSettings: string; clusterPrivileges: string; elasticsearchSettings: string; elasticsearchEnableSecurity: string; indicesPrivileges: string; kibanaTLS: string; kibanaPrivileges: string; mappingRoles: string; mappingRolesFieldRules: string; runAsPrivilege: string; }>; readonly watcher: Record<string, string>; readonly ccs: Record<string, string>; readonly plugins: Record<string, string>; readonly snapshotRestore: Record<string, string>; readonly ingest: Record<string, string>; } | |
+| [links](./kibana-plugin-core-public.doclinksstart.links.md) | { readonly canvas: { readonly guide: string; }; readonly dashboard: { readonly guide: string; readonly drilldowns: string; readonly drilldownsTriggerPicker: string; readonly urlDrilldownTemplateSyntax: string; readonly urlDrilldownVariables: string; }; readonly discover: Record<string, string>; readonly filebeat: { readonly base: string; readonly installation: string; readonly configuration: string; readonly elasticsearchOutput: string; readonly elasticsearchModule: string; readonly startup: string; readonly exportedFields: string; }; readonly auditbeat: { readonly base: string; }; readonly metricbeat: { readonly base: string; readonly configure: string; readonly httpEndpoint: string; readonly install: string; readonly start: string; }; readonly enterpriseSearch: { readonly base: string; readonly appSearchBase: string; readonly workplaceSearchBase: string; }; readonly heartbeat: { readonly base: string; }; readonly logstash: { readonly base: string; }; readonly functionbeat: { readonly base: string; }; readonly winlogbeat: { readonly base: string; }; readonly aggs: { readonly composite: string; readonly composite_missing_bucket: string; readonly date_histogram: string; readonly date_range: string; readonly date_format_pattern: string; readonly filter: string; readonly filters: string; readonly geohash_grid: string; readonly histogram: string; readonly ip_range: string; readonly range: string; readonly significant_terms: string; readonly terms: string; readonly avg: string; readonly avg_bucket: string; readonly max_bucket: string; readonly min_bucket: string; readonly sum_bucket: string; readonly cardinality: string; readonly count: string; readonly cumulative_sum: string; readonly derivative: string; readonly geo_bounds: string; readonly geo_centroid: string; readonly max: string; readonly median: string; readonly min: string; readonly moving_avg: string; readonly percentile_ranks: string; readonly serial_diff: string; readonly std_dev: string; readonly sum: string; readonly top_hits: string; }; readonly runtimeFields: { readonly overview: string; readonly mapping: string; }; readonly scriptedFields: { readonly scriptFields: string; readonly scriptAggs: string; readonly painless: string; readonly painlessApi: string; readonly painlessLangSpec: string; readonly painlessSyntax: string; readonly painlessWalkthrough: string; readonly luceneExpressions: string; }; readonly indexPatterns: { readonly introduction: string; readonly fieldFormattersNumber: string; readonly fieldFormattersString: string; }; readonly addData: string; readonly kibana: string; readonly upgradeAssistant: string; readonly elasticsearch: Record<string, string>; readonly siem: { readonly guide: string; readonly gettingStarted: string; }; readonly query: { readonly eql: string; readonly kueryQuerySyntax: string; readonly luceneQuerySyntax: string; readonly percolate: string; readonly queryDsl: string; }; readonly date: { readonly dateMath: string; readonly dateMathIndexNames: string; }; readonly management: Record<string, string>; readonly ml: Record<string, string>; readonly transforms: Record<string, string>; readonly visualize: Record<string, string>; readonly apis: Readonly<{ bulkIndexAlias: string; createIndex: string; createSnapshotLifecyclePolicy: string; createRoleMapping: string; createRoleMappingTemplates: string; createApiKey: string; createPipeline: string; createTransformRequest: string; cronExpressions: string; executeWatchActionModes: string; indexExists: string; openIndex: string; putComponentTemplate: string; painlessExecute: string; painlessExecuteAPIContexts: string; putComponentTemplateMetadata: string; putSnapshotLifecyclePolicy: string; putIndexTemplateV1: string; putWatch: string; simulatePipeline: string; updateTransform: string; }>; readonly observability: Record<string, string>; readonly alerting: Record<string, string>; readonly maps: Record<string, string>; readonly monitoring: Record<string, string>; readonly security: Readonly<{ apiKeyServiceSettings: string; clusterPrivileges: string; elasticsearchSettings: string; elasticsearchEnableSecurity: string; indicesPrivileges: string; kibanaTLS: string; kibanaPrivileges: string; mappingRoles: string; mappingRolesFieldRules: string; runAsPrivilege: string; }>; readonly watcher: Record<string, string>; readonly ccs: Record<string, string>; readonly plugins: Record<string, string>; readonly snapshotRestore: Record<string, string>; readonly ingest: Record<string, string>; } | |
diff --git a/docs/development/core/public/kibana-plugin-core-public.navigatetoappoptions.openinnewtab.md b/docs/development/core/public/kibana-plugin-core-public.navigatetoappoptions.openinnewtab.md
new file mode 100644
index 00000000000000..4609fa68b38246
--- /dev/null
+++ b/docs/development/core/public/kibana-plugin-core-public.navigatetoappoptions.openinnewtab.md
@@ -0,0 +1,13 @@
+
+
+[Home](./index.md) > [kibana-plugin-core-public](./kibana-plugin-core-public.md) > [NavigateToAppOptions](./kibana-plugin-core-public.navigatetoappoptions.md) > [openInNewTab](./kibana-plugin-core-public.navigatetoappoptions.openinnewtab.md)
+
+## NavigateToAppOptions.openInNewTab property
+
+if true, will open the app in new tab, will share session information via window.open if base
+
+Signature:
+
+```typescript
+openInNewTab?: boolean;
+```
diff --git a/docs/development/core/server/kibana-plugin-core-server.cspconfig.disableembedding.md b/docs/development/core/server/kibana-plugin-core-server.cspconfig.disableembedding.md
new file mode 100644
index 00000000000000..bbd7c42c302d1a
--- /dev/null
+++ b/docs/development/core/server/kibana-plugin-core-server.cspconfig.disableembedding.md
@@ -0,0 +1,11 @@
+
+
+[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [CspConfig](./kibana-plugin-core-server.cspconfig.md) > [disableEmbedding](./kibana-plugin-core-server.cspconfig.disableembedding.md)
+
+## CspConfig.disableEmbedding property
+
+Signature:
+
+```typescript
+readonly disableEmbedding: boolean;
+```
diff --git a/docs/development/core/server/kibana-plugin-core-server.cspconfig.md b/docs/development/core/server/kibana-plugin-core-server.cspconfig.md
index 6ff807929e6fba..9f4f3211ea2b1c 100644
--- a/docs/development/core/server/kibana-plugin-core-server.cspconfig.md
+++ b/docs/development/core/server/kibana-plugin-core-server.cspconfig.md
@@ -21,6 +21,7 @@ The constructor for this class is marked as internal. Third-party code should no
| Property | Modifiers | Type | Description |
| --- | --- | --- | --- |
| [DEFAULT](./kibana-plugin-core-server.cspconfig.default.md) | static | CspConfig | |
+| [disableEmbedding](./kibana-plugin-core-server.cspconfig.disableembedding.md) | | boolean | |
| [header](./kibana-plugin-core-server.cspconfig.header.md) | | string | |
| [rules](./kibana-plugin-core-server.cspconfig.rules.md) | | string[] | |
| [strict](./kibana-plugin-core-server.cspconfig.strict.md) | | boolean | |
diff --git a/docs/development/core/server/kibana-plugin-core-server.icspconfig.disableembedding.md b/docs/development/core/server/kibana-plugin-core-server.icspconfig.disableembedding.md
new file mode 100644
index 00000000000000..2cfd680459fbc9
--- /dev/null
+++ b/docs/development/core/server/kibana-plugin-core-server.icspconfig.disableembedding.md
@@ -0,0 +1,13 @@
+
+
+[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [ICspConfig](./kibana-plugin-core-server.icspconfig.md) > [disableEmbedding](./kibana-plugin-core-server.icspconfig.disableembedding.md)
+
+## ICspConfig.disableEmbedding property
+
+Whether or not embedding (using iframes) should be allowed by the CSP. If embedding is disabled \*and\* no custom rules have been defined, a restrictive 'frame-ancestors' rule will be added to the default CSP rules.
+
+Signature:
+
+```typescript
+readonly disableEmbedding: boolean;
+```
diff --git a/docs/development/core/server/kibana-plugin-core-server.icspconfig.md b/docs/development/core/server/kibana-plugin-core-server.icspconfig.md
index bf04b760a0636d..ee49950df076cc 100644
--- a/docs/development/core/server/kibana-plugin-core-server.icspconfig.md
+++ b/docs/development/core/server/kibana-plugin-core-server.icspconfig.md
@@ -16,6 +16,7 @@ export interface ICspConfig
| Property | Type | Description |
| --- | --- | --- |
+| [disableEmbedding](./kibana-plugin-core-server.icspconfig.disableembedding.md) | boolean | Whether or not embedding (using iframes) should be allowed by the CSP. If embedding is disabled \*and\* no custom rules have been defined, a restrictive 'frame-ancestors' rule will be added to the default CSP rules. |
| [header](./kibana-plugin-core-server.icspconfig.header.md) | string | The CSP rules in a formatted directives string for use in a Content-Security-Policy header. |
| [rules](./kibana-plugin-core-server.icspconfig.rules.md) | string[] | The CSP rules used for Kibana. |
| [strict](./kibana-plugin-core-server.icspconfig.strict.md) | boolean | Specify whether browsers that do not support CSP should be able to use Kibana. Use true to block and false to allow. |
diff --git a/docs/development/core/server/kibana-plugin-core-server.routeconfigoptionsbody.maxbytes.md b/docs/development/core/server/kibana-plugin-core-server.routeconfigoptionsbody.maxbytes.md
index 474f7092b1b39d..4d2641255adb4e 100644
--- a/docs/development/core/server/kibana-plugin-core-server.routeconfigoptionsbody.maxbytes.md
+++ b/docs/development/core/server/kibana-plugin-core-server.routeconfigoptionsbody.maxbytes.md
@@ -6,7 +6,7 @@
Limits the size of incoming payloads to the specified byte count. Allowing very large payloads may cause the server to run out of memory.
-Default value: The one set in the kibana.yml config file under the parameter `server.maxPayloadBytes`.
+Default value: The one set in the kibana.yml config file under the parameter `server.maxPayload`.
Signature:
diff --git a/docs/development/core/server/kibana-plugin-core-server.routeconfigoptionsbody.md b/docs/development/core/server/kibana-plugin-core-server.routeconfigoptionsbody.md
index 330935e42026a3..d27c67891161a3 100644
--- a/docs/development/core/server/kibana-plugin-core-server.routeconfigoptionsbody.md
+++ b/docs/development/core/server/kibana-plugin-core-server.routeconfigoptionsbody.md
@@ -17,7 +17,7 @@ export interface RouteConfigOptionsBody
| Property | Type | Description |
| --- | --- | --- |
| [accepts](./kibana-plugin-core-server.routeconfigoptionsbody.accepts.md) | RouteContentType | RouteContentType[] | string | string[] | A string or an array of strings with the allowed mime types for the endpoint. Use this settings to limit the set of allowed mime types. Note that allowing additional mime types not listed above will not enable them to be parsed, and if parse is true, the request will result in an error response.Default value: allows parsing of the following mime types: \* application/json \* application/\*+json \* application/octet-stream \* application/x-www-form-urlencoded \* multipart/form-data \* text/\* |
-| [maxBytes](./kibana-plugin-core-server.routeconfigoptionsbody.maxbytes.md) | number | Limits the size of incoming payloads to the specified byte count. Allowing very large payloads may cause the server to run out of memory.Default value: The one set in the kibana.yml config file under the parameter server.maxPayloadBytes. |
+| [maxBytes](./kibana-plugin-core-server.routeconfigoptionsbody.maxbytes.md) | number | Limits the size of incoming payloads to the specified byte count. Allowing very large payloads may cause the server to run out of memory.Default value: The one set in the kibana.yml config file under the parameter server.maxPayload. |
| [output](./kibana-plugin-core-server.routeconfigoptionsbody.output.md) | typeof validBodyOutput[number] | The processed payload format. The value must be one of: \* 'data' - the incoming payload is read fully into memory. If parse is true, the payload is parsed (JSON, form-decoded, multipart) based on the 'Content-Type' header. If parse is false, a raw Buffer is returned. \* 'stream' - the incoming payload is made available via a Stream.Readable interface. If the payload is 'multipart/form-data' and parse is true, field values are presented as text while files are provided as streams. File streams from a 'multipart/form-data' upload will also have a hapi property containing the filename and headers properties. Note that payload streams for multipart payloads are a synthetic interface created on top of the entire multipart content loaded into memory. To avoid loading large multipart payloads into memory, set parse to false and handle the multipart payload in the handler using a streaming parser (e.g. pez).Default value: 'data', unless no validation.body is provided in the route definition. In that case the default is 'stream' to alleviate memory pressure. |
| [parse](./kibana-plugin-core-server.routeconfigoptionsbody.parse.md) | boolean | 'gunzip' | Determines if the incoming payload is processed or presented raw. Available values: \* true - if the request 'Content-Type' matches the allowed mime types set by allow (for the whole payload as well as parts), the payload is converted into an object when possible. If the format is unknown, a Bad Request (400) error response is sent. Any known content encoding is decoded. \* false - the raw payload is returned unmodified. \* 'gunzip' - the raw payload is returned unmodified after any known content encoding is decoded.Default value: true, unless no validation.body is provided in the route definition. In that case the default is false to alleviate memory pressure. |
diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.aggconfigs.hierarchical.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.aggconfigs.hierarchical.md
new file mode 100644
index 00000000000000..66d540c48c3bc8
--- /dev/null
+++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.aggconfigs.hierarchical.md
@@ -0,0 +1,11 @@
+
+
+[Home](./index.md) > [kibana-plugin-plugins-data-public](./kibana-plugin-plugins-data-public.md) > [AggConfigs](./kibana-plugin-plugins-data-public.aggconfigs.md) > [hierarchical](./kibana-plugin-plugins-data-public.aggconfigs.hierarchical.md)
+
+## AggConfigs.hierarchical property
+
+Signature:
+
+```typescript
+hierarchical?: boolean;
+```
diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.aggconfigs.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.aggconfigs.md
index 22f8994747aa29..02e9a63d95ba37 100644
--- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.aggconfigs.md
+++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.aggconfigs.md
@@ -22,6 +22,7 @@ export declare class AggConfigs
| --- | --- | --- | --- |
| [aggs](./kibana-plugin-plugins-data-public.aggconfigs.aggs.md) | | IAggConfig[] | |
| [createAggConfig](./kibana-plugin-plugins-data-public.aggconfigs.createaggconfig.md) | | <T extends AggConfig = AggConfig>(params: CreateAggConfigParams, { addToAggConfigs }?: { addToAggConfigs?: boolean | undefined; }) => T | |
+| [hierarchical](./kibana-plugin-plugins-data-public.aggconfigs.hierarchical.md) | | boolean | |
| [indexPattern](./kibana-plugin-plugins-data-public.aggconfigs.indexpattern.md) | | IndexPattern | |
| [timeFields](./kibana-plugin-plugins-data-public.aggconfigs.timefields.md) | | string[] | |
| [timeRange](./kibana-plugin-plugins-data-public.aggconfigs.timerange.md) | | TimeRange | |
@@ -46,5 +47,5 @@ export declare class AggConfigs
| [onSearchRequestStart(searchSource, options)](./kibana-plugin-plugins-data-public.aggconfigs.onsearchrequeststart.md) | | |
| [setTimeFields(timeFields)](./kibana-plugin-plugins-data-public.aggconfigs.settimefields.md) | | |
| [setTimeRange(timeRange)](./kibana-plugin-plugins-data-public.aggconfigs.settimerange.md) | | |
-| [toDsl(hierarchical)](./kibana-plugin-plugins-data-public.aggconfigs.todsl.md) | | |
+| [toDsl()](./kibana-plugin-plugins-data-public.aggconfigs.todsl.md) | | |
diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.aggconfigs.todsl.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.aggconfigs.todsl.md
index 055c4113ca3e46..1327e976db0ce3 100644
--- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.aggconfigs.todsl.md
+++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.aggconfigs.todsl.md
@@ -7,15 +7,8 @@
Signature:
```typescript
-toDsl(hierarchical?: boolean): Record;
+toDsl(): Record;
```
-
-## Parameters
-
-| Parameter | Type | Description |
-| --- | --- | --- |
-| hierarchical | boolean | |
-
Returns:
`Record`
diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.esquerysortvalue.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.esquerysortvalue.md
index 83762c22f0f826..15f45532cce2fe 100644
--- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.esquerysortvalue.md
+++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.esquerysortvalue.md
@@ -7,5 +7,5 @@
Signature:
```typescript
-export declare type EsQuerySortValue = Record;
+export declare type EsQuerySortValue = Record;
```
diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchoptions.requestresponder.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchoptions.inspector.md
similarity index 52%
rename from docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchoptions.requestresponder.md
rename to docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchoptions.inspector.md
index b4431b9467b71e..9961292aaf2177 100644
--- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchoptions.requestresponder.md
+++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchoptions.inspector.md
@@ -1,11 +1,13 @@
-[Home](./index.md) > [kibana-plugin-plugins-data-public](./kibana-plugin-plugins-data-public.md) > [ISearchOptions](./kibana-plugin-plugins-data-public.isearchoptions.md) > [requestResponder](./kibana-plugin-plugins-data-public.isearchoptions.requestresponder.md)
+[Home](./index.md) > [kibana-plugin-plugins-data-public](./kibana-plugin-plugins-data-public.md) > [ISearchOptions](./kibana-plugin-plugins-data-public.isearchoptions.md) > [inspector](./kibana-plugin-plugins-data-public.isearchoptions.inspector.md)
-## ISearchOptions.requestResponder property
+## ISearchOptions.inspector property
+
+Inspector integration options
Signature:
```typescript
-requestResponder?: RequestResponder;
+inspector?: IInspectorInfo;
```
diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchoptions.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchoptions.md
index cc0cb538be6113..21fb7e3dfc7e87 100644
--- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchoptions.md
+++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchoptions.md
@@ -16,10 +16,10 @@ export interface ISearchOptions
| --- | --- | --- |
| [abortSignal](./kibana-plugin-plugins-data-public.isearchoptions.abortsignal.md) | AbortSignal | An AbortSignal that allows the caller of search to abort a search request. |
| [indexPattern](./kibana-plugin-plugins-data-public.isearchoptions.indexpattern.md) | IndexPattern | Index pattern reference is used for better error messages |
+| [inspector](./kibana-plugin-plugins-data-public.isearchoptions.inspector.md) | IInspectorInfo | Inspector integration options |
| [isRestore](./kibana-plugin-plugins-data-public.isearchoptions.isrestore.md) | boolean | Whether the session is restored (i.e. search requests should re-use the stored search IDs, rather than starting from scratch) |
| [isStored](./kibana-plugin-plugins-data-public.isearchoptions.isstored.md) | boolean | Whether the session is already saved (i.e. sent to background) |
| [legacyHitsTotal](./kibana-plugin-plugins-data-public.isearchoptions.legacyhitstotal.md) | boolean | Request the legacy format for the total number of hits. If sending rest_total_hits_as_int to something other than true, this should be set to false. |
-| [requestResponder](./kibana-plugin-plugins-data-public.isearchoptions.requestresponder.md) | RequestResponder | |
| [sessionId](./kibana-plugin-plugins-data-public.isearchoptions.sessionid.md) | string | A session ID, grouping multiple search requests into a single session. |
| [strategy](./kibana-plugin-plugins-data-public.isearchoptions.strategy.md) | string | Use this option to force using a specific server side search strategy. Leave empty to use the default strategy. |
diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.fetch.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.fetch.md
index 623d6366d4d131..e6ba1a51a867d2 100644
--- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.fetch.md
+++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.fetch.md
@@ -14,7 +14,7 @@ Fetch this source and reject the returned Promise on error
Signature:
```typescript
-fetch(options?: ISearchOptions): Promise>;
+fetch(options?: ISearchOptions): Promise>;
```
## Parameters
@@ -25,5 +25,5 @@ fetch(options?: ISearchOptions): PromiseReturns:
-`Promise>`
+`Promise>`
diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.fetch_.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.fetch_.md
index d5641107a88aa1..4369cf7c087da7 100644
--- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.fetch_.md
+++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.fetch_.md
@@ -9,7 +9,7 @@ Fetch this source from Elasticsearch, returning an observable over the response(
Signature:
```typescript
-fetch$(options?: ISearchOptions): import("rxjs").Observable>;
+fetch$(options?: ISearchOptions): Observable>;
```
## Parameters
@@ -20,5 +20,5 @@ fetch$(options?: ISearchOptions): import("rxjs").ObservableReturns:
-`import("rxjs").Observable>`
+`Observable>`
diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsourcefields.aggs.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsourcefields.aggs.md
index f6bab8e424857d..12011f82429969 100644
--- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsourcefields.aggs.md
+++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsourcefields.aggs.md
@@ -9,5 +9,5 @@
Signature:
```typescript
-aggs?: any;
+aggs?: object | IAggConfigs | (() => object);
```
diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsourcefields.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsourcefields.md
index d0f53936eb56aa..981d956a9e89be 100644
--- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsourcefields.md
+++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsourcefields.md
@@ -16,7 +16,7 @@ export interface SearchSourceFields
| Property | Type | Description |
| --- | --- | --- |
-| [aggs](./kibana-plugin-plugins-data-public.searchsourcefields.aggs.md) | any | [AggConfigs](./kibana-plugin-plugins-data-public.aggconfigs.md) |
+| [aggs](./kibana-plugin-plugins-data-public.searchsourcefields.aggs.md) | object | IAggConfigs | (() => object) | [AggConfigs](./kibana-plugin-plugins-data-public.aggconfigs.md) |
| [fields](./kibana-plugin-plugins-data-public.searchsourcefields.fields.md) | SearchFieldValue[] | Retrieve fields via the search Fields API |
| [fieldsFromSource](./kibana-plugin-plugins-data-public.searchsourcefields.fieldsfromsource.md) | NameList | Retreive fields directly from \_source (legacy behavior) |
| [filter](./kibana-plugin-plugins-data-public.searchsourcefields.filter.md) | Filter[] | Filter | (() => Filter[] | Filter | undefined) | [Filter](./kibana-plugin-plugins-data-public.filter.md) |
diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchoptions.requestresponder.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchoptions.inspector.md
similarity index 52%
rename from docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchoptions.requestresponder.md
rename to docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchoptions.inspector.md
index 7440f5a9d26cfc..ab755334643aae 100644
--- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchoptions.requestresponder.md
+++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchoptions.inspector.md
@@ -1,11 +1,13 @@
-[Home](./index.md) > [kibana-plugin-plugins-data-server](./kibana-plugin-plugins-data-server.md) > [ISearchOptions](./kibana-plugin-plugins-data-server.isearchoptions.md) > [requestResponder](./kibana-plugin-plugins-data-server.isearchoptions.requestresponder.md)
+[Home](./index.md) > [kibana-plugin-plugins-data-server](./kibana-plugin-plugins-data-server.md) > [ISearchOptions](./kibana-plugin-plugins-data-server.isearchoptions.md) > [inspector](./kibana-plugin-plugins-data-server.isearchoptions.inspector.md)
-## ISearchOptions.requestResponder property
+## ISearchOptions.inspector property
+
+Inspector integration options
Signature:
```typescript
-requestResponder?: RequestResponder;
+inspector?: IInspectorInfo;
```
diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchoptions.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchoptions.md
index 413a59be3d4278..cdb5664f96cddb 100644
--- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchoptions.md
+++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchoptions.md
@@ -16,10 +16,10 @@ export interface ISearchOptions
| --- | --- | --- |
| [abortSignal](./kibana-plugin-plugins-data-server.isearchoptions.abortsignal.md) | AbortSignal | An AbortSignal that allows the caller of search to abort a search request. |
| [indexPattern](./kibana-plugin-plugins-data-server.isearchoptions.indexpattern.md) | IndexPattern | Index pattern reference is used for better error messages |
+| [inspector](./kibana-plugin-plugins-data-server.isearchoptions.inspector.md) | IInspectorInfo | Inspector integration options |
| [isRestore](./kibana-plugin-plugins-data-server.isearchoptions.isrestore.md) | boolean | Whether the session is restored (i.e. search requests should re-use the stored search IDs, rather than starting from scratch) |
| [isStored](./kibana-plugin-plugins-data-server.isearchoptions.isstored.md) | boolean | Whether the session is already saved (i.e. sent to background) |
| [legacyHitsTotal](./kibana-plugin-plugins-data-server.isearchoptions.legacyhitstotal.md) | boolean | Request the legacy format for the total number of hits. If sending rest_total_hits_as_int to something other than true, this should be set to false. |
-| [requestResponder](./kibana-plugin-plugins-data-server.isearchoptions.requestresponder.md) | RequestResponder | |
| [sessionId](./kibana-plugin-plugins-data-server.isearchoptions.sessionid.md) | string | A session ID, grouping multiple search requests into a single session. |
| [strategy](./kibana-plugin-plugins-data-server.isearchoptions.strategy.md) | string | Use this option to force using a specific server side search strategy. Leave empty to use the default strategy. |
diff --git a/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.container.children.md b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.container.children.md
index e8f140219ed9c3..a334f37ba3e7dc 100644
--- a/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.container.children.md
+++ b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.container.children.md
@@ -7,7 +7,7 @@
Signature:
```typescript
-protected readonly children: {
+readonly children: {
[key: string]: IEmbeddable | ErrorEmbeddable;
};
```
diff --git a/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.getdescription.md b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.getdescription.md
new file mode 100644
index 00000000000000..1699351349bf84
--- /dev/null
+++ b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.getdescription.md
@@ -0,0 +1,17 @@
+
+
+[Home](./index.md) > [kibana-plugin-plugins-embeddable-public](./kibana-plugin-plugins-embeddable-public.md) > [EmbeddableFactory](./kibana-plugin-plugins-embeddable-public.embeddablefactory.md) > [getDescription](./kibana-plugin-plugins-embeddable-public.embeddablefactory.getdescription.md)
+
+## EmbeddableFactory.getDescription() method
+
+Returns a description about the embeddable.
+
+Signature:
+
+```typescript
+getDescription(): string;
+```
+Returns:
+
+`string`
+
diff --git a/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.geticontype.md b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.geticontype.md
new file mode 100644
index 00000000000000..58b987e5630c48
--- /dev/null
+++ b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.geticontype.md
@@ -0,0 +1,17 @@
+
+
+[Home](./index.md) > [kibana-plugin-plugins-embeddable-public](./kibana-plugin-plugins-embeddable-public.md) > [EmbeddableFactory](./kibana-plugin-plugins-embeddable-public.embeddablefactory.md) > [getIconType](./kibana-plugin-plugins-embeddable-public.embeddablefactory.geticontype.md)
+
+## EmbeddableFactory.getIconType() method
+
+Returns an EUI Icon type to be displayed in a menu.
+
+Signature:
+
+```typescript
+getIconType(): string;
+```
+Returns:
+
+`string`
+
diff --git a/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.grouping.md b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.grouping.md
new file mode 100644
index 00000000000000..c4dbe739ddfcb7
--- /dev/null
+++ b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.grouping.md
@@ -0,0 +1,13 @@
+
+
+[Home](./index.md) > [kibana-plugin-plugins-embeddable-public](./kibana-plugin-plugins-embeddable-public.md) > [EmbeddableFactory](./kibana-plugin-plugins-embeddable-public.embeddablefactory.md) > [grouping](./kibana-plugin-plugins-embeddable-public.embeddablefactory.grouping.md)
+
+## EmbeddableFactory.grouping property
+
+Indicates the grouping this factory should appear in a sub-menu. Example, this is used for grouping options in the editors menu in Dashboard for creating new embeddables
+
+Signature:
+
+```typescript
+readonly grouping?: UiActionsPresentableGrouping;
+```
diff --git a/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.md b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.md
index b355acd0567a82..8ee60e1f58a2b6 100644
--- a/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.md
+++ b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactory.md
@@ -16,6 +16,7 @@ export interface EmbeddableFactoryUiActionsPresentableGrouping | Indicates the grouping this factory should appear in a sub-menu. Example, this is used for grouping options in the editors menu in Dashboard for creating new embeddables |
| [isContainerType](./kibana-plugin-plugins-embeddable-public.embeddablefactory.iscontainertype.md) | boolean | True if is this factory create embeddables that are Containers. Used in the add panel to conditionally show whether these can be added to another container. It's just not supported right now, but once nested containers are officially supported we can probably get rid of this interface. |
| [isEditable](./kibana-plugin-plugins-embeddable-public.embeddablefactory.iseditable.md) | () => Promise<boolean> | Returns whether the current user should be allowed to edit this type of embeddable. Most of the time this should be based off the capabilities service, hence it's async. |
| [savedObjectMetaData](./kibana-plugin-plugins-embeddable-public.embeddablefactory.savedobjectmetadata.md) | SavedObjectMetaData<TSavedObjectAttributes> | |
@@ -29,6 +30,8 @@ export interface EmbeddableFactoryThis will likely change in future iterations when we improve in place editing capabilities. |
| [createFromSavedObject(savedObjectId, input, parent)](./kibana-plugin-plugins-embeddable-public.embeddablefactory.createfromsavedobject.md) | Creates a new embeddable instance based off the saved object id. |
| [getDefaultInput(partial)](./kibana-plugin-plugins-embeddable-public.embeddablefactory.getdefaultinput.md) | Can be used to get any default input, to be passed in to during the creation process. Default input will not be stored in a parent container, so any inherited input from a container will trump default input parameters. |
+| [getDescription()](./kibana-plugin-plugins-embeddable-public.embeddablefactory.getdescription.md) | Returns a description about the embeddable. |
| [getDisplayName()](./kibana-plugin-plugins-embeddable-public.embeddablefactory.getdisplayname.md) | Returns a display name for this type of embeddable. Used in "Create new... " options in the add panel for containers. |
| [getExplicitInput()](./kibana-plugin-plugins-embeddable-public.embeddablefactory.getexplicitinput.md) | Can be used to request explicit input from the user, to be passed in to EmbeddableFactory:create. Explicit input is stored on the parent container for this embeddable. It overrides any inherited input passed down from the parent container. |
+| [getIconType()](./kibana-plugin-plugins-embeddable-public.embeddablefactory.geticontype.md) | Returns an EUI Icon type to be displayed in a menu. |
diff --git a/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactorydefinition.md b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactorydefinition.md
index 6ecb88e7c017ea..dd61272625160e 100644
--- a/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactorydefinition.md
+++ b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.embeddablefactorydefinition.md
@@ -7,5 +7,5 @@
Signature:
```typescript
-export declare type EmbeddableFactoryDefinition = IEmbeddable, T extends SavedObjectAttributes = SavedObjectAttributes> = Pick, 'create' | 'type' | 'isEditable' | 'getDisplayName'> & Partial, 'createFromSavedObject' | 'isContainerType' | 'getExplicitInput' | 'savedObjectMetaData' | 'canCreateNew' | 'getDefaultInput' | 'telemetry' | 'extract' | 'inject' | 'migrations'>>;
+export declare type EmbeddableFactoryDefinition = IEmbeddable, T extends SavedObjectAttributes = SavedObjectAttributes> = Pick, 'create' | 'type' | 'isEditable' | 'getDisplayName'> & Partial, 'createFromSavedObject' | 'isContainerType' | 'getExplicitInput' | 'savedObjectMetaData' | 'canCreateNew' | 'getDefaultInput' | 'telemetry' | 'extract' | 'inject' | 'migrations' | 'grouping' | 'getIconType' | 'getDescription'>>;
```
diff --git a/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.openaddpanelflyout.md b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.openaddpanelflyout.md
index add46463753590..90caaa3035b348 100644
--- a/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.openaddpanelflyout.md
+++ b/docs/development/plugins/embeddable/public/kibana-plugin-plugins-embeddable-public.openaddpanelflyout.md
@@ -14,6 +14,7 @@ export declare function openAddPanelFlyout(options: {
overlays: OverlayStart;
notifications: NotificationsStart;
SavedObjectFinder: React.ComponentType;
+ showCreateNewMenu?: boolean;
}): OverlayRef;
```
@@ -21,7 +22,7 @@ export declare function openAddPanelFlyout(options: {
| Parameter | Type | Description |
| --- | --- | --- |
-| options | { embeddable: IContainer; getFactory: EmbeddableStart['getEmbeddableFactory']; getAllFactories: EmbeddableStart['getEmbeddableFactories']; overlays: OverlayStart; notifications: NotificationsStart; SavedObjectFinder: React.ComponentType<any>; } | |
+| options | { embeddable: IContainer; getFactory: EmbeddableStart['getEmbeddableFactory']; getAllFactories: EmbeddableStart['getEmbeddableFactories']; overlays: OverlayStart; notifications: NotificationsStart; SavedObjectFinder: React.ComponentType<any>; showCreateNewMenu?: boolean; } | |
Returns:
diff --git a/docs/development/plugins/ui_actions/public/kibana-plugin-plugins-ui_actions-public.uiactionspresentable.getdisplaynametooltip.md b/docs/development/plugins/ui_actions/public/kibana-plugin-plugins-ui_actions-public.uiactionspresentable.getdisplaynametooltip.md
index 8fc859d5713e6a..a35f455f7af25e 100644
--- a/docs/development/plugins/ui_actions/public/kibana-plugin-plugins-ui_actions-public.uiactionspresentable.getdisplaynametooltip.md
+++ b/docs/development/plugins/ui_actions/public/kibana-plugin-plugins-ui_actions-public.uiactionspresentable.getdisplaynametooltip.md
@@ -9,7 +9,7 @@ Returns tooltip text which should be displayed when user hovers this object. Sho
Signature:
```typescript
-getDisplayNameTooltip(context: Context): string;
+getDisplayNameTooltip?(context: Context): string;
```
## Parameters
diff --git a/docs/management/action-types.asciidoc b/docs/management/action-types.asciidoc
new file mode 100644
index 00000000000000..4d6dcb631792ea
--- /dev/null
+++ b/docs/management/action-types.asciidoc
@@ -0,0 +1,117 @@
+[role="xpack"]
+[[action-types]]
+== Connectors
+
+Connectors provide a central place to store connection information for services and integrations with third party systems. Actions are instantiations of a connector that are linked to rules and run as background tasks on the {kib} server when rule conditions are met. {kib} provides the following types of connectors:
+
+[cols="2"]
+|===
+
+a| <>
+
+| Send email from your server.
+
+a| <>
+
+| Create an incident in IBM Resilient.
+
+a| <>
+
+| Index data into Elasticsearch.
+
+a| <>
+
+| Create an incident in Jira.
+
+a| <>
+
+| Send a message to a Microsoft Teams channel.
+
+a| <>
+
+| Send an event in PagerDuty.
+
+a| <>
+
+| Add a message to a Kibana log.
+
+a| <>
+
+| Create an incident in ServiceNow.
+
+a| <>
+
+| Send a message to a Slack channel or user.
+
+a| <>
+
+| Send a request to a web service.
+|===
+
+[NOTE]
+==============================================
+Some connector types are paid commercial features, while others are free.
+For a comparison of the Elastic subscription levels,
+see https://www.elastic.co/subscriptions[the subscription page].
+==============================================
+
+[float]
+[[connector-management]]
+=== Managing Connectors
+
+Rules use *Connectors* to route actions to different destinations like log files, ticketing systems, and messaging tools. While each {kib} app can offer their own types of rules, they typically share connectors. The *Connectors* tab offers a central place to view and manage all the connectors in the current space.
+
+For more information on connectors and the types of actions available see <>.
+
+[role="screenshot"]
+image::images/connector-listing.png[Example connector listing in the Rules and Connectors UI]
+
+[float]
+=== Required permissions
+
+Access to connectors is granted based on your privileges to alerting-enabled features. See <> for more information.
+
+[float]
+[[connectors-list]]
+=== Connector list
+
+The *Connectors* tab lists all connectors in the current space. The *search bar* can be used to find specific connectors by name and/or type.
+
+[role="screenshot"]
+image::images/connector-filter-by-search.png[Filtering the connector list using the search bar]
+
+
+The *type* dropdown also lets you filter to a subset of connector types.
+
+[role="screenshot"]
+image::images/connector-filter-by-type.png[Filtering the connector list by types of connectors]
+
+You can delete individual connectors using the trash icon. Connectors can also be deleted in bulk by multi-selecting them and clicking the *Delete* button to the left of the search box.
+
+[role="screenshot"]
+image::images/connector-delete.png[Deleting connectors individually or in bulk]
+
+[NOTE]
+============================================================================
+You can delete a connector even if there are still actions referencing it.
+When this happens the action will fail to execute, and appear as errors in the {kib} logs.
+============================================================================
+
+[float]
+[[creating-new-connector]]
+=== Creating a new connector
+
+New connectors can be created by clicking the *Create connector* button, which will guide you to select the type of connector and configure its properties. Refer to <> for the types of connectors available and how to configure them. Once you create a connector it will be made available to you anytime you set up an action in the current space.
+
+[role="screenshot"]
+image::images/connector-select-type.png[Connector select type]
+
+[float]
+[[create-connectors]]
+=== Preconfigured connectors
+
+For out-of-the-box and standardized connectors, you can <>
+before {kib} starts.
+
+
+include::connectors/index.asciidoc[]
diff --git a/docs/management/alerting/connector-management.asciidoc b/docs/management/alerting/connector-management.asciidoc
deleted file mode 100644
index dd3b5209ed4a0c..00000000000000
--- a/docs/management/alerting/connector-management.asciidoc
+++ /dev/null
@@ -1,40 +0,0 @@
-[role="xpack"]
-[[connector-management]]
-=== Managing Connectors
-
-Rules use *Connectors* to route actions to different destinations like log files, ticketing systems, and messaging tools. While each {kib} app can offer their own types of rules, they typically share connectors. The *Connectors* tab offers a central place to view and manage all the connectors in the current space.
-
-For more information on connectors and the types of actions available see <>.
-
-[role="screenshot"]
-image::images/connector-listing.png[Example connector listing in the Rules and Connectors UI]
-
-
-[float]
-==== Connector list
-
-The *Connectors* tab lists all connectors in the current space. The *search bar* can be used to find specific connectors by name and/or type.
-
-[role="screenshot"]
-image::images/connector-filter-by-search.png[Filtering the connector list using the search bar]
-
-
-The *type* dropdown also lets you filter to a subset of connector types.
-
-[role="screenshot"]
-image::images/connector-filter-by-type.png[Filtering the connector list by types of connectors]
-
-You can delete individual connectors using the trash icon. Connectors can also be deleted in bulk by multi-selecting them and clicking the *Delete* button to the left of the search box.
-
-[role="screenshot"]
-image::images/connector-delete.png[Deleting connectors individually or in bulk]
-
-[NOTE]
-============================================================================
-You can delete a connector even if there are still actions referencing it.
-When this happens the action will fail to execute, and appear as errors in the {kib} logs.
-============================================================================
-
-==== Creating a new connector
-
-New connectors can be created by clicking the *Create connector* button, which will guide you to select the type of connector and configure its properties. Refer to <> for the types of connectors available and how to configure them. Once you create a connector it will be made available to you anytime you set up an action in the current space.
diff --git a/docs/management/alerting/rules-and-connectors-intro.asciidoc b/docs/management/alerting/rules-and-connectors-intro.asciidoc
deleted file mode 100644
index 6e23ca95e2266e..00000000000000
--- a/docs/management/alerting/rules-and-connectors-intro.asciidoc
+++ /dev/null
@@ -1,29 +0,0 @@
-[role="xpack"]
-[[managing-alerts-and-actions]]
-== Rules and Connectors
-
-
-The *Rules and Connectors* UI lets you <> in a space, and provides tools to <> so that rules can trigger actions like notification, indexing, and ticketing.
-
-To manage rules and connectors, open the main menu, then click *Stack Management > Alerts and Insights > Rules and Connectors*.
-
-[role="screenshot"]
-image:management/alerting/images/rules-and-connectors-ui.png[Example rule listing in the Rules and Connectors UI]
-
-[NOTE]
-============================================================================
-Similar to dashboards, rules and connectors reside in a <>.
-The *Rules and Connectors* UI only shows rules and connectors for the current space.
-============================================================================
-
-[NOTE]
-============================================================================
-{es} also offers alerting capabilities through Watcher, which
-can be managed through the <>. See
-<> for more information.
-============================================================================
-
-[float]
-=== Required permissions
-
-Access to rules and connectors is granted based on your privileges to alerting-enabled features. See <> for more information.
diff --git a/docs/user/alerting/action-types/email.asciidoc b/docs/management/connectors/action-types/email.asciidoc
similarity index 93%
rename from docs/user/alerting/action-types/email.asciidoc
rename to docs/management/connectors/action-types/email.asciidoc
index 58f1300d0c2872..1c2f9212b48871 100644
--- a/docs/user/alerting/action-types/email.asciidoc
+++ b/docs/management/connectors/action-types/email.asciidoc
@@ -25,7 +25,7 @@ Username:: Username for login type authentication.
Password:: Password for login type authentication.
[float]
-[[Preconfigured-email-configuration]]
+[[preconfigured-email-configuration]]
==== Preconfigured connector type
[source,text]
@@ -57,6 +57,19 @@ Secrets defines sensitive information for the connector type.
`user`:: A string that corresponds to *Username*. Required if `hasAuth` is set to `true`.
`password`:: A string that corresponds to *Password*. Should be stored in the <>. Required if `hasAuth` is set to `true`.
+[float]
+[[define-email-ui]]
+==== Define connector in Stack Management
+
+Define email connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/email-connector.png[Email connector]
+
+Test email action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/email-params-test.png[Email params test]
[float]
[[email-action-configuration]]
@@ -68,6 +81,7 @@ To, CC, BCC:: Each item is a list of addresses. Addresses can be specified in
Subject:: The subject line of the email.
Message:: The message text of the email. Markdown format is supported.
+[float]
[[configuring-email]]
==== Configuring email accounts for well-known services
@@ -84,7 +98,7 @@ For other email servers, you can check the list of well-known services that Node
[float]
[[gmail]]
-===== Sending email from Gmail
+==== Sending email from Gmail
Use the following email connector configuration to send email from the
https://mail.google.com[Gmail] SMTP service:
@@ -112,7 +126,7 @@ for more information.
[float]
[[outlook]]
-===== Sending email from Outlook.com
+==== Sending email from Outlook.com
Use the following email connector configuration to send email from the
https://www.outlook.com/[Outlook.com] SMTP service:
@@ -137,7 +151,7 @@ NOTE: You must use a unique App Password if two-step verification is enabled.
[float]
[[amazon-ses]]
-===== Sending email from Amazon SES (Simple Email Service)
+==== Sending email from Amazon SES (Simple Email Service)
Use the following email connector configuration to send email from the
http://aws.amazon.com/ses[Amazon Simple Email Service] (SES) SMTP service:
@@ -164,7 +178,7 @@ NOTE: You must use your Amazon SES SMTP credentials to send email through
[float]
[[exchange]]
-===== Sending email from Microsoft Exchange
+==== Sending email from Microsoft Exchange
Use the following email connector configuration to send email from Microsoft
Exchange:
diff --git a/docs/user/alerting/action-types/index.asciidoc b/docs/management/connectors/action-types/index.asciidoc
similarity index 92%
rename from docs/user/alerting/action-types/index.asciidoc
rename to docs/management/connectors/action-types/index.asciidoc
index e23dcbf298fd5b..d3bd3d431748c9 100644
--- a/docs/user/alerting/action-types/index.asciidoc
+++ b/docs/management/connectors/action-types/index.asciidoc
@@ -39,6 +39,20 @@ Config defines information for the connector type.
`refresh`:: A boolean that corresponds to *Refresh*. Defaults to `false`.
`executionTimeField`:: A string that corresponds to *Execution time field*.
+[float]
+[[define-index-ui]]
+==== Define connector in Stack Management
+
+Define Index connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/index-connector.png[Index connector]
+
+Test Index action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/index-params-test.png[Index params test]
+
[float]
[[index-action-configuration]]
==== Action configuration
diff --git a/docs/user/alerting/action-types/jira.asciidoc b/docs/management/connectors/action-types/jira.asciidoc
similarity index 86%
rename from docs/user/alerting/action-types/jira.asciidoc
rename to docs/management/connectors/action-types/jira.asciidoc
index 7b4dc69bb639a3..a5e629887d5c6e 100644
--- a/docs/user/alerting/action-types/jira.asciidoc
+++ b/docs/management/connectors/action-types/jira.asciidoc
@@ -46,6 +46,20 @@ Secrets defines sensitive information for the connector type.
`email`:: A string that corresponds to *Email*.
`apiToken`:: A string that corresponds to *API Token*. Should be stored in the <>.
+[float]
+[[define-jira-ui]]
+==== Define connector in Stack Management
+
+Define Jira connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/jira-connector.png[Jira connector]
+
+Test Jira action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/jira-params-test.png[Jira params test]
+
[float]
[[jira-action-configuration]]
==== Action configuration
@@ -60,6 +74,7 @@ Description:: The details about the incident.
Parent:: The ID or key of the parent issue. Only for `Subtask` issue types.
Additional comments:: Additional information for the client, such as how to troubleshoot the issue.
+[float]
[[configuring-jira]]
==== Configure Jira
diff --git a/docs/user/alerting/action-types/pagerduty.asciidoc b/docs/management/connectors/action-types/pagerduty.asciidoc
similarity index 93%
rename from docs/user/alerting/action-types/pagerduty.asciidoc
rename to docs/management/connectors/action-types/pagerduty.asciidoc
index c32e6c8a6635fa..25cba050105480 100644
--- a/docs/user/alerting/action-types/pagerduty.asciidoc
+++ b/docs/management/connectors/action-types/pagerduty.asciidoc
@@ -40,6 +40,20 @@ Secrets defines sensitive information for the connector type.
`routingKey`:: A string that corresponds to *Integration Key*.
+[float]
+[[define-pagerduty-ui]]
+==== Define connector in Stack Management
+
+Define PagerDuty connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/pagerduty-connector.png[PagerDuty connector]
+
+Test PagerDuty action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/pagerduty-params-test.png[PagerDuty params test]
+
[float]
[[pagerduty-action-configuration]]
==== Action configuration
@@ -70,14 +84,14 @@ By integrating PagerDuty with rules, you can:
[float]
[[pagerduty-support]]
-===== Support
+==== Support
If you need help with this integration, get in touch with the {kib} team by visiting
https://support.elastic.co[support.elastic.co] or by using the *Ask Elastic* option in the {kib} Help menu.
You can also select the {kib} category at https://discuss.elastic.co/[discuss.elastic.co].
[float]
[[pagerduty-integration-walkthrough]]
-===== Integration with PagerDuty walkthrough
+==== Integration with PagerDuty walkthrough
[[pagerduty-in-pagerduty]]
*In PagerDuty*
@@ -101,7 +115,7 @@ and select *Elastic Alerts* from the *Integration Type* menu.
You will be redirected to the *Integrations* tab for your service. An Integration Key is generated on this screen.
+
[role="screenshot"]
-image::user/alerting/images/pagerduty-integration.png[PagerDuty Integrations tab]
+image::images/pagerduty-integration.png[PagerDuty Integrations tab]
. Save this key, as you will use it when you configure the integration with Elastic in the next section.
diff --git a/docs/user/alerting/action-types/resilient.asciidoc b/docs/management/connectors/action-types/resilient.asciidoc
similarity index 85%
rename from docs/user/alerting/action-types/resilient.asciidoc
rename to docs/management/connectors/action-types/resilient.asciidoc
index 862af0e5263371..454ae145bbc579 100644
--- a/docs/user/alerting/action-types/resilient.asciidoc
+++ b/docs/management/connectors/action-types/resilient.asciidoc
@@ -46,6 +46,20 @@ Secrets defines sensitive information for the connector type.
`apiKeyId`:: A string that corresponds to *API key ID*.
`apiKeySecret`:: A string that corresponds to *API Key secret*. Should be stored in the <>.
+[float]
+[[define-resilient-ui]]
+==== Define connector in Stack Management
+
+Define IBM Resilient connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/resilient-connector.png[IBM Resilient connector]
+
+Test IBM Resilient action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/resilient-params-test.png[IBM Resilient params test]
+
[float]
[[resilient-action-configuration]]
==== Action configuration
@@ -58,6 +72,7 @@ Name:: A name for the issue, used for searching the contents of the knowledge ba
Description:: The details about the incident.
Additional comments:: Additional information for the client, such as how to troubleshoot the issue.
+[float]
[[configuring-resilient]]
==== Configure IBM Resilient
diff --git a/docs/user/alerting/action-types/server-log.asciidoc b/docs/management/connectors/action-types/server-log.asciidoc
similarity index 72%
rename from docs/user/alerting/action-types/server-log.asciidoc
rename to docs/management/connectors/action-types/server-log.asciidoc
index e497ed3a4467af..0810724d39ead3 100644
--- a/docs/user/alerting/action-types/server-log.asciidoc
+++ b/docs/management/connectors/action-types/server-log.asciidoc
@@ -26,6 +26,20 @@ Name:: The name of the connector. The name is used to identify a connector
actionTypeId: .server-log
--
+[float]
+[[define-serverlog-ui]]
+==== Define connector in Stack Management
+
+Define Server log connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/serverlog-connector.png[Server log connector]
+
+Test Server log action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/serverlog-params-test.png[Server log params test]
+
[float]
[[server-log-action-configuration]]
==== Action configuration
diff --git a/docs/user/alerting/action-types/servicenow.asciidoc b/docs/management/connectors/action-types/servicenow.asciidoc
similarity index 86%
rename from docs/user/alerting/action-types/servicenow.asciidoc
rename to docs/management/connectors/action-types/servicenow.asciidoc
index 35d50f1bfeb722..24892c62e804b2 100644
--- a/docs/user/alerting/action-types/servicenow.asciidoc
+++ b/docs/management/connectors/action-types/servicenow.asciidoc
@@ -43,6 +43,20 @@ Secrets defines sensitive information for the connector type.
`username`:: A string that corresponds to *Username*.
`password`:: A string that corresponds to *Password*. Should be stored in the <>.
+[float]
+[[define-servicenow-ui]]
+==== Define connector in Stack Management
+
+Define ServiceNow connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/servicenow-connector.png[ServiceNow connector]
+
+Test ServiceNow action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/servicenow-params-test.png[ServiceNow params test]
+
[float]
[[servicenow-action-configuration]]
==== Action configuration
@@ -56,6 +70,7 @@ Short description:: A short description for the incident, used for searching
Description:: The details about the incident.
Additional comments:: Additional information for the client, such as how to troubleshoot the issue.
+[float]
[[configuring-servicenow]]
==== Configure ServiceNow
diff --git a/docs/user/alerting/action-types/slack.asciidoc b/docs/management/connectors/action-types/slack.asciidoc
similarity index 86%
rename from docs/user/alerting/action-types/slack.asciidoc
rename to docs/management/connectors/action-types/slack.asciidoc
index 3ef369e2a4e4a3..da0bf321f9ade7 100644
--- a/docs/user/alerting/action-types/slack.asciidoc
+++ b/docs/management/connectors/action-types/slack.asciidoc
@@ -33,6 +33,20 @@ Secrets defines sensitive information for the connector type.
`webhookUrl`:: A string that corresponds to *Webhook URL*.
+[float]
+[[define-slack-ui]]
+==== Define connector in Stack Management
+
+Define Slack connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/slack-connector.png[Slack connector]
+
+Test Slack action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/slack-params-test.png[Slack params test]
+
[float]
[[slack-action-configuration]]
==== Action configuration
@@ -41,6 +55,7 @@ Slack actions have the following properties.
Message:: The message text, converted to the `text` field in the Webhook JSON payload. Currently only the text field is supported. Markdown, images, and other advanced formatting are not yet supported.
+[float]
[[configuring-slack]]
==== Configure a Slack account
diff --git a/docs/user/alerting/action-types/teams.asciidoc b/docs/management/connectors/action-types/teams.asciidoc
similarity index 88%
rename from docs/user/alerting/action-types/teams.asciidoc
rename to docs/management/connectors/action-types/teams.asciidoc
index 1a0e52141ee9c4..ba723a6f33c860 100644
--- a/docs/user/alerting/action-types/teams.asciidoc
+++ b/docs/management/connectors/action-types/teams.asciidoc
@@ -33,6 +33,20 @@ Secrets defines sensitive information for the connector type.
`webhookUrl`:: A string that corresponds to *Webhook URL*.
+[float]
+[[define-teams-ui]]
+==== Define connector in Stack Management
+
+Define Teams connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/teams-connector.png[Teams connector]
+
+Test Teams action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/teams-params-test.png[Teams params test]
+
[float]
[[teams-action-configuration]]
==== Action configuration
@@ -41,6 +55,7 @@ Microsoft Teams actions have the following properties.
Message:: The message text, converted to the `text` field in the Webhook JSON payload. Currently only the text field is supported. Markdown, images, and other advanced formatting are not yet supported.
+[float]
[[configuring-teams]]
==== Configure a Microsoft Teams account
diff --git a/docs/user/alerting/action-types/webhook.asciidoc b/docs/management/connectors/action-types/webhook.asciidoc
similarity index 88%
rename from docs/user/alerting/action-types/webhook.asciidoc
rename to docs/management/connectors/action-types/webhook.asciidoc
index 01ddfee288fc8e..a2024b9457a1c5 100644
--- a/docs/user/alerting/action-types/webhook.asciidoc
+++ b/docs/management/connectors/action-types/webhook.asciidoc
@@ -52,6 +52,20 @@ Secrets defines sensitive information for the connector type.
`user`:: A string that corresponds to *User*. Required if `hasAuth` is set to `true`.
`password`:: A string that corresponds to *Password*. Should be stored in the <>. Required if `hasAuth` is set to `true`.
+[float]
+[[define-webhook-ui]]
+==== Define connector in Stack Management
+
+Define Webhook connector properties.
+
+[role="screenshot"]
+image::management/connectors/images/webhook-connector.png[Webhook connector]
+
+Test Webhook action parameters.
+
+[role="screenshot"]
+image::management/connectors/images/webhook-params-test.png[Webhook params test]
+
[float]
[[webhook-action-configuration]]
==== Action configuration
diff --git a/docs/management/alerting/images/connector-action-count.png b/docs/management/connectors/images/connector-action-count.png
similarity index 100%
rename from docs/management/alerting/images/connector-action-count.png
rename to docs/management/connectors/images/connector-action-count.png
diff --git a/docs/management/alerting/images/connector-delete.png b/docs/management/connectors/images/connector-delete.png
similarity index 100%
rename from docs/management/alerting/images/connector-delete.png
rename to docs/management/connectors/images/connector-delete.png
diff --git a/docs/management/alerting/images/connector-filter-by-search.png b/docs/management/connectors/images/connector-filter-by-search.png
similarity index 100%
rename from docs/management/alerting/images/connector-filter-by-search.png
rename to docs/management/connectors/images/connector-filter-by-search.png
diff --git a/docs/management/alerting/images/connector-filter-by-type.png b/docs/management/connectors/images/connector-filter-by-type.png
similarity index 100%
rename from docs/management/alerting/images/connector-filter-by-type.png
rename to docs/management/connectors/images/connector-filter-by-type.png
diff --git a/docs/management/alerting/images/connector-listing.png b/docs/management/connectors/images/connector-listing.png
similarity index 100%
rename from docs/management/alerting/images/connector-listing.png
rename to docs/management/connectors/images/connector-listing.png
diff --git a/docs/management/connectors/images/connector-select-type.png b/docs/management/connectors/images/connector-select-type.png
new file mode 100644
index 00000000000000..ef5825b1493112
Binary files /dev/null and b/docs/management/connectors/images/connector-select-type.png differ
diff --git a/docs/management/connectors/images/email-connector.png b/docs/management/connectors/images/email-connector.png
new file mode 100644
index 00000000000000..b837fa545a4d11
Binary files /dev/null and b/docs/management/connectors/images/email-connector.png differ
diff --git a/docs/management/connectors/images/email-params-test.png b/docs/management/connectors/images/email-params-test.png
new file mode 100644
index 00000000000000..3745bcd3235e93
Binary files /dev/null and b/docs/management/connectors/images/email-params-test.png differ
diff --git a/docs/management/connectors/images/index-connector.png b/docs/management/connectors/images/index-connector.png
new file mode 100644
index 00000000000000..b3a81a7c0e7618
Binary files /dev/null and b/docs/management/connectors/images/index-connector.png differ
diff --git a/docs/management/connectors/images/index-params-test.png b/docs/management/connectors/images/index-params-test.png
new file mode 100644
index 00000000000000..6f4f83bd4297c8
Binary files /dev/null and b/docs/management/connectors/images/index-params-test.png differ
diff --git a/docs/management/connectors/images/jira-connector.png b/docs/management/connectors/images/jira-connector.png
new file mode 100644
index 00000000000000..5ff5ebf83afc76
Binary files /dev/null and b/docs/management/connectors/images/jira-connector.png differ
diff --git a/docs/management/connectors/images/jira-params-test.png b/docs/management/connectors/images/jira-params-test.png
new file mode 100644
index 00000000000000..78d51e823fb61b
Binary files /dev/null and b/docs/management/connectors/images/jira-params-test.png differ
diff --git a/docs/management/connectors/images/pagerduty-connector.png b/docs/management/connectors/images/pagerduty-connector.png
new file mode 100644
index 00000000000000..2e5d240f42c110
Binary files /dev/null and b/docs/management/connectors/images/pagerduty-connector.png differ
diff --git a/docs/user/alerting/images/pagerduty-integration.png b/docs/management/connectors/images/pagerduty-integration.png
similarity index 100%
rename from docs/user/alerting/images/pagerduty-integration.png
rename to docs/management/connectors/images/pagerduty-integration.png
diff --git a/docs/management/connectors/images/pagerduty-params-test.png b/docs/management/connectors/images/pagerduty-params-test.png
new file mode 100644
index 00000000000000..3fb4a9bb5dc821
Binary files /dev/null and b/docs/management/connectors/images/pagerduty-params-test.png differ
diff --git a/docs/user/alerting/images/pre-configured-connectors-managing.png b/docs/management/connectors/images/pre-configured-connectors-managing.png
similarity index 100%
rename from docs/user/alerting/images/pre-configured-connectors-managing.png
rename to docs/management/connectors/images/pre-configured-connectors-managing.png
diff --git a/docs/user/alerting/images/pre-configured-connectors-view-screen.png b/docs/management/connectors/images/pre-configured-connectors-view-screen.png
similarity index 100%
rename from docs/user/alerting/images/pre-configured-connectors-view-screen.png
rename to docs/management/connectors/images/pre-configured-connectors-view-screen.png
diff --git a/docs/management/connectors/images/resilient-connector.png b/docs/management/connectors/images/resilient-connector.png
new file mode 100644
index 00000000000000..b7d216d150f8c1
Binary files /dev/null and b/docs/management/connectors/images/resilient-connector.png differ
diff --git a/docs/management/connectors/images/resilient-params-test.png b/docs/management/connectors/images/resilient-params-test.png
new file mode 100644
index 00000000000000..865d5b517aea28
Binary files /dev/null and b/docs/management/connectors/images/resilient-params-test.png differ
diff --git a/docs/management/connectors/images/serverlog-connector.png b/docs/management/connectors/images/serverlog-connector.png
new file mode 100644
index 00000000000000..983bb6afadd65b
Binary files /dev/null and b/docs/management/connectors/images/serverlog-connector.png differ
diff --git a/docs/management/connectors/images/serverlog-params-test.png b/docs/management/connectors/images/serverlog-params-test.png
new file mode 100644
index 00000000000000..762721c7ead453
Binary files /dev/null and b/docs/management/connectors/images/serverlog-params-test.png differ
diff --git a/docs/management/connectors/images/servicenow-connector.png b/docs/management/connectors/images/servicenow-connector.png
new file mode 100644
index 00000000000000..9891a80ee758fe
Binary files /dev/null and b/docs/management/connectors/images/servicenow-connector.png differ
diff --git a/docs/management/connectors/images/servicenow-params-test.png b/docs/management/connectors/images/servicenow-params-test.png
new file mode 100644
index 00000000000000..79f1580c873d26
Binary files /dev/null and b/docs/management/connectors/images/servicenow-params-test.png differ
diff --git a/docs/management/connectors/images/servicenow-sir-connector.png b/docs/management/connectors/images/servicenow-sir-connector.png
new file mode 100644
index 00000000000000..fbb137bd4f7d96
Binary files /dev/null and b/docs/management/connectors/images/servicenow-sir-connector.png differ
diff --git a/docs/management/connectors/images/servicenow-sir-params-test.png b/docs/management/connectors/images/servicenow-sir-params-test.png
new file mode 100644
index 00000000000000..16ea83c60b3c32
Binary files /dev/null and b/docs/management/connectors/images/servicenow-sir-params-test.png differ
diff --git a/docs/user/alerting/images/slack-add-webhook-integration.png b/docs/management/connectors/images/slack-add-webhook-integration.png
similarity index 100%
rename from docs/user/alerting/images/slack-add-webhook-integration.png
rename to docs/management/connectors/images/slack-add-webhook-integration.png
diff --git a/docs/management/connectors/images/slack-connector.png b/docs/management/connectors/images/slack-connector.png
new file mode 100644
index 00000000000000..7342d962d2a2bb
Binary files /dev/null and b/docs/management/connectors/images/slack-connector.png differ
diff --git a/docs/user/alerting/images/slack-copy-webhook-url.png b/docs/management/connectors/images/slack-copy-webhook-url.png
similarity index 100%
rename from docs/user/alerting/images/slack-copy-webhook-url.png
rename to docs/management/connectors/images/slack-copy-webhook-url.png
diff --git a/docs/management/connectors/images/slack-params-test.png b/docs/management/connectors/images/slack-params-test.png
new file mode 100644
index 00000000000000..603f66301af122
Binary files /dev/null and b/docs/management/connectors/images/slack-params-test.png differ
diff --git a/docs/user/alerting/images/teams-add-webhook-integration.png b/docs/management/connectors/images/teams-add-webhook-integration.png
similarity index 100%
rename from docs/user/alerting/images/teams-add-webhook-integration.png
rename to docs/management/connectors/images/teams-add-webhook-integration.png
diff --git a/docs/management/connectors/images/teams-connector.png b/docs/management/connectors/images/teams-connector.png
new file mode 100644
index 00000000000000..4b9112db28474d
Binary files /dev/null and b/docs/management/connectors/images/teams-connector.png differ
diff --git a/docs/user/alerting/images/teams-copy-webhook-url.png b/docs/management/connectors/images/teams-copy-webhook-url.png
similarity index 100%
rename from docs/user/alerting/images/teams-copy-webhook-url.png
rename to docs/management/connectors/images/teams-copy-webhook-url.png
diff --git a/docs/management/connectors/images/teams-params-test.png b/docs/management/connectors/images/teams-params-test.png
new file mode 100644
index 00000000000000..01efb84ae60d46
Binary files /dev/null and b/docs/management/connectors/images/teams-params-test.png differ
diff --git a/docs/management/connectors/images/webhook-connector.png b/docs/management/connectors/images/webhook-connector.png
new file mode 100644
index 00000000000000..6046572734afd3
Binary files /dev/null and b/docs/management/connectors/images/webhook-connector.png differ
diff --git a/docs/management/connectors/images/webhook-params-test.png b/docs/management/connectors/images/webhook-params-test.png
new file mode 100644
index 00000000000000..7b7007a72a0b63
Binary files /dev/null and b/docs/management/connectors/images/webhook-params-test.png differ
diff --git a/docs/management/connectors/index.asciidoc b/docs/management/connectors/index.asciidoc
new file mode 100644
index 00000000000000..ea4fa46d3e8082
--- /dev/null
+++ b/docs/management/connectors/index.asciidoc
@@ -0,0 +1,11 @@
+include::action-types/email.asciidoc[]
+include::action-types/resilient.asciidoc[]
+include::action-types/index.asciidoc[]
+include::action-types/jira.asciidoc[]
+include::action-types/teams.asciidoc[]
+include::action-types/pagerduty.asciidoc[]
+include::action-types/server-log.asciidoc[]
+include::action-types/servicenow.asciidoc[]
+include::action-types/slack.asciidoc[]
+include::action-types/webhook.asciidoc[]
+include::pre-configured-connectors.asciidoc[]
diff --git a/docs/user/alerting/action-types/pre-configured-connectors.asciidoc b/docs/management/connectors/pre-configured-connectors.asciidoc
similarity index 99%
rename from docs/user/alerting/action-types/pre-configured-connectors.asciidoc
rename to docs/management/connectors/pre-configured-connectors.asciidoc
index 557404f24288a2..4d304cdd6c5a20 100644
--- a/docs/user/alerting/action-types/pre-configured-connectors.asciidoc
+++ b/docs/management/connectors/pre-configured-connectors.asciidoc
@@ -1,6 +1,5 @@
[role="xpack"]
[[pre-configured-connectors]]
-
=== Preconfigured connectors
You can preconfigure a connector to have all the information it needs prior to startup by adding it to the `kibana.yml` file.
diff --git a/docs/management/alerting/images/rules-and-connectors-ui.png b/docs/management/images/rules-and-connectors-ui.png
similarity index 100%
rename from docs/management/alerting/images/rules-and-connectors-ui.png
rename to docs/management/images/rules-and-connectors-ui.png
diff --git a/docs/maps/trouble-shooting.asciidoc b/docs/maps/trouble-shooting.asciidoc
index 11aa636e0d8522..0e1ed0b9e1bec5 100644
--- a/docs/maps/trouble-shooting.asciidoc
+++ b/docs/maps/trouble-shooting.asciidoc
@@ -32,7 +32,7 @@ image::maps/images/inspector.png[]
** Ensure your geospatial field is searchable and aggregatable.
** If your geospatial field type does not match your Elasticsearch mapping, click the *Refresh* button to refresh the field list from Elasticsearch.
* Index patterns with thousands of fields can exceed the default maximum payload size.
-Increase <> for large index patterns.
+Increase <> for large index patterns.
[float]
==== Features are not displayed
diff --git a/docs/setup/settings.asciidoc b/docs/setup/settings.asciidoc
index 90e813afad6f44..a7af5901363557 100644
--- a/docs/setup/settings.asciidoc
+++ b/docs/setup/settings.asciidoc
@@ -25,12 +25,12 @@ which may cause a delay before pages start being served.
Set to `false` to disable Console. *Default: `true`*
| `cpu.cgroup.path.override:`
- | deprecated:[7.10.0,"This setting will no longer be supported as of 8.0."]
+ | deprecated:[7.10.0,"In 8.0 and later, this setting will no longer be supported."]
This setting has been renamed to
<>.
| `cpuacct.cgroup.path.override:`
- | deprecated:[7.10.0,"This setting will no longer be supported as of 8.0."]
+ | deprecated:[7.10.0,"In 8.0 and later, this setting will no longer be supported."]
This setting has been renamed to
<>.
@@ -473,7 +473,7 @@ confident your server can hold this many objects in memory.
| The maximum byte size of a saved objects import that the {kib} server will accept.
This setting exists to prevent the {kib} server from runnning out of memory when handling
a large import payload. Note that this setting overrides the more general
-<> for saved object imports only.
+<> for saved object imports only.
*Default: `26214400`*
|[[server-basePath]] `server.basePath:`
@@ -504,6 +504,55 @@ deprecation warning at startup. This setting cannot end in a slash (`/`).
proxy sitting in front of it. This determines whether HTTP compression may be used for responses, based on the request `Referer` header.
This setting may not be used when <> is set to `false`. *Default: `none`*
+
+a| [[server-securityResponseHeaders-strictTransportSecurity]]
+----
+server.securityResponseHeaders:
+ strictTransportSecurity:
+----
+| Controls whether the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security[`Strict-Transport-Security`]
+header is used in all responses to the client from the {kib} server, and specifies what value is used. Allowed values are any text value or
+`null`. To disable, set to `null`. *Default:* `null`
+
+a| [[server-securityResponseHeaders-xContentTypeOptions]]
+----
+server.securityResponseHeaders:
+ xContentTypeOptions:
+----
+| Controls whether the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options[`X-Content-Type-Options`] header is
+used in all responses to the client from the {kib} server, and specifies what value is used. Allowed values are `nosniff` or `null`. To
+disable, set to `null`. *Default:* `"nosniff"`
+
+a| [[server-securityResponseHeaders-referrerPolicy]]
+----
+server.securityResponseHeaders:
+ referrerPolicy:
+----
+| Controls whether the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy[`Referrer-Policy`] header is used in all
+responses to the client from the {kib} server, and specifies what value is used. Allowed values are `no-referrer`,
+`no-referrer-when-downgrade`, `origin`, `origin-when-cross-origin`, `same-origin`, `strict-origin`, `strict-origin-when-cross-origin`,
+`unsafe-url`, or `null`. To disable, set to `null`. *Default:* `"no-referrer-when-downgrade"`
+
+a| [[server-securityResponseHeaders-permissionsPolicy]]
+----
+server.securityResponseHeaders:
+ permissionsPolicy:
+----
+| experimental[] Controls whether the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy[`Permissions-Policy`] header
+is used in all responses to the client from the {kib} server, and specifies what value is used. Allowed values are any text value or `null`.
+To disable, set to `null`. *Default:* `null`
+
+a| [[server-securityResponseHeaders-disableEmbedding]]
+----
+server.securityResponseHeaders:
+ disableEmbedding:
+----
+| Controls whether the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy[`Content-Security-Policy`] and
+https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options[`X-Frame-Options`] headers are configured to disable embedding
+{kib} in other webpages using iframes. When set to `true`, secure headers are used to disable embedding, which adds the `frame-ancestors:
+'self'` directive to the `Content-Security-Policy` response header (if you are using the default CSP rules), and adds the `X-Frame-Options:
+SAMEORIGIN` response header. *Default:* `false`
+
| `server.customResponseHeaders:` {ess-icon}
| Header names and values to
send on all responses to the client from the {kib} server. *Default: `{}`*
@@ -517,6 +566,10 @@ back end server. To allow remote users to connect, set the value to the IP addre
the <> counter. *Default: `"120000"`*
|[[server-maxPayloadBytes]] `server.maxPayloadBytes:`
+ | deprecated:[7.13.0,"In 8.0 and later, this setting will no longer be supported."]
+ This setting has been renamed to <>.
+
+|[[server-maxPayload]] `server.maxPayload:`
| The maximum payload size in bytes
for incoming server requests. *Default: `1048576`*
diff --git a/docs/user/alerting/action-types.asciidoc b/docs/user/alerting/action-types.asciidoc
deleted file mode 100644
index b648f5a9ccde53..00000000000000
--- a/docs/user/alerting/action-types.asciidoc
+++ /dev/null
@@ -1,75 +0,0 @@
-[role="xpack"]
-[[action-types]]
-== Connectors and actions
-
-Connectors provide a central place to store connection information for services and integrations with third party systems. Actions are instantiations of a connector that are linked to rules and run as background tasks on the {kib} server when rule conditions are met. {kib} provides the following types of connectors:
-
-[cols="2"]
-|===
-
-a| <>
-
-| Send email from your server.
-
-a| <>
-
-| Create an incident in IBM Resilient.
-
-a| <>
-
-| Index data into Elasticsearch.
-
-a| <>
-
-| Create an incident in Jira.
-
-a| <>
-
-| Send a message to a Microsoft Teams channel.
-
-a| <>
-
-| Send an event in PagerDuty.
-
-a| <>
-
-| Add a message to a Kibana log.
-
-a| <>
-
-| Create an incident in ServiceNow.
-
-a| <>
-
-| Send a message to a Slack channel or user.
-
-a| <>
-
-| Send a request to a web service.
-|===
-
-[NOTE]
-==============================================
-Some connector types are paid commercial features, while others are free.
-For a comparison of the Elastic subscription levels,
-see https://www.elastic.co/subscriptions[the subscription page].
-==============================================
-
-[float]
-[[create-connectors]]
-=== Preconfigured connectors
-
-For out-of-the-box and standardized connectors, you can <>
-before {kib} starts.
-
-include::action-types/email.asciidoc[]
-include::action-types/resilient.asciidoc[]
-include::action-types/index.asciidoc[]
-include::action-types/jira.asciidoc[]
-include::action-types/teams.asciidoc[]
-include::action-types/pagerduty.asciidoc[]
-include::action-types/server-log.asciidoc[]
-include::action-types/servicenow.asciidoc[]
-include::action-types/slack.asciidoc[]
-include::action-types/webhook.asciidoc[]
-include::action-types/pre-configured-connectors.asciidoc[]
diff --git a/docs/user/alerting/alerting-getting-started.asciidoc b/docs/user/alerting/alerting-getting-started.asciidoc
index 2c8985075398e4..bb11d2a0be4233 100644
--- a/docs/user/alerting/alerting-getting-started.asciidoc
+++ b/docs/user/alerting/alerting-getting-started.asciidoc
@@ -5,7 +5,7 @@
--
-Alerting allows you to define *rules* to detect complex conditions within different {kib} apps and trigger actions when those conditions are met. Alerting is integrated with {observability-guide}/create-alerts.html[*Observability*], {security-guide}/prebuilt-rules.html[*Security*], <> and {ml-docs}/ml-configuring-alerts.html[*{ml-app}*], can be centrally managed from the <> UI, and provides a set of built-in <> and <> (known as stack rules) for you to use.
+Alerting allows you to define *rules* to detect complex conditions within different {kib} apps and trigger actions when those conditions are met. Alerting is integrated with {observability-guide}/create-alerts.html[*Observability*], {security-guide}/prebuilt-rules.html[*Security*], <> and {ml-docs}/ml-configuring-alerts.html[*{ml-app}*], can be centrally managed from the <> UI, and provides a set of built-in <> and <> (known as stack rules) for you to use.
image::images/alerting-overview.png[Rules and Connectors UI]
@@ -47,7 +47,7 @@ to control the details of the conditions to detect.
For example, an <> lets you specify the index to query, an aggregation field, and a time window, but the details of the underlying {es} query are hidden.
-See <> for the types of rules provided by {kib} and how they express their conditions.
+See <> and <> for the types of rules provided by {kib} and how they express their conditions.
[float]
[[alerting-concepts-scheduling]]
diff --git a/docs/user/alerting/domain-specific-rules.asciidoc b/docs/user/alerting/domain-specific-rules.asciidoc
new file mode 100644
index 00000000000000..f509f9e5288234
--- /dev/null
+++ b/docs/user/alerting/domain-specific-rules.asciidoc
@@ -0,0 +1,20 @@
+[role="xpack"]
+[[domain-specific-rules]]
+== Domain-specific rules
+
+For domain-specific rules, refer to the documentation for that app.
+{kib} supports these rules:
+
+* {observability-guide}/create-alerts.html[Observability rules]
+* {security-guide}/prebuilt-rules.html[Security rules]
+* <>
+* {ml-docs}/ml-configuring-alerts.html[{ml-cap} rules] beta:[]
+
+[NOTE]
+==============================================
+Some rule types are subscription features, while others are free features.
+For a comparison of the Elastic subscription levels,
+see {subscriptions}[the subscription page].
+==============================================
+
+include::map-rules/geo-rule-types.asciidoc[]
diff --git a/docs/management/alerting/images/bulk-mute-disable.png b/docs/user/alerting/images/bulk-mute-disable.png
similarity index 100%
rename from docs/management/alerting/images/bulk-mute-disable.png
rename to docs/user/alerting/images/bulk-mute-disable.png
diff --git a/docs/management/alerting/images/follower_indices.png b/docs/user/alerting/images/follower_indices.png
similarity index 100%
rename from docs/management/alerting/images/follower_indices.png
rename to docs/user/alerting/images/follower_indices.png
diff --git a/docs/management/alerting/images/individual-mute-disable.png b/docs/user/alerting/images/individual-mute-disable.png
similarity index 100%
rename from docs/management/alerting/images/individual-mute-disable.png
rename to docs/user/alerting/images/individual-mute-disable.png
diff --git a/docs/management/alerting/images/rule-details-alert-muting.png b/docs/user/alerting/images/rule-details-alert-muting.png
similarity index 100%
rename from docs/management/alerting/images/rule-details-alert-muting.png
rename to docs/user/alerting/images/rule-details-alert-muting.png
diff --git a/docs/management/alerting/images/rule-details-alerts-active.png b/docs/user/alerting/images/rule-details-alerts-active.png
similarity index 100%
rename from docs/management/alerting/images/rule-details-alerts-active.png
rename to docs/user/alerting/images/rule-details-alerts-active.png
diff --git a/docs/management/alerting/images/rule-details-alerts-inactive.png b/docs/user/alerting/images/rule-details-alerts-inactive.png
similarity index 100%
rename from docs/management/alerting/images/rule-details-alerts-inactive.png
rename to docs/user/alerting/images/rule-details-alerts-inactive.png
diff --git a/docs/management/alerting/images/rule-details-disabling.png b/docs/user/alerting/images/rule-details-disabling.png
similarity index 100%
rename from docs/management/alerting/images/rule-details-disabling.png
rename to docs/user/alerting/images/rule-details-disabling.png
diff --git a/docs/management/alerting/images/rule-details-muting.png b/docs/user/alerting/images/rule-details-muting.png
similarity index 100%
rename from docs/management/alerting/images/rule-details-muting.png
rename to docs/user/alerting/images/rule-details-muting.png
diff --git a/docs/user/alerting/images/rules-and-connectors-ui.png b/docs/user/alerting/images/rules-and-connectors-ui.png
new file mode 100644
index 00000000000000..3a464fa7cf3755
Binary files /dev/null and b/docs/user/alerting/images/rules-and-connectors-ui.png differ
diff --git a/docs/management/alerting/images/rules-filter-by-action-type.png b/docs/user/alerting/images/rules-filter-by-action-type.png
similarity index 100%
rename from docs/management/alerting/images/rules-filter-by-action-type.png
rename to docs/user/alerting/images/rules-filter-by-action-type.png
diff --git a/docs/management/alerting/images/rules-filter-by-search.png b/docs/user/alerting/images/rules-filter-by-search.png
similarity index 100%
rename from docs/management/alerting/images/rules-filter-by-search.png
rename to docs/user/alerting/images/rules-filter-by-search.png
diff --git a/docs/management/alerting/images/rules-filter-by-type.png b/docs/user/alerting/images/rules-filter-by-type.png
similarity index 100%
rename from docs/management/alerting/images/rules-filter-by-type.png
rename to docs/user/alerting/images/rules-filter-by-type.png
diff --git a/docs/user/alerting/index.asciidoc b/docs/user/alerting/index.asciidoc
index a29ca1c4ca012f..f8a5aacce8f0e1 100644
--- a/docs/user/alerting/index.asciidoc
+++ b/docs/user/alerting/index.asciidoc
@@ -1,5 +1,7 @@
include::alerting-getting-started.asciidoc[]
include::defining-rules.asciidoc[]
-include::action-types.asciidoc[]
-include::rule-types.asciidoc[]
+include::rule-management.asciidoc[]
+include::rule-details.asciidoc[]
+include::stack-rules.asciidoc[]
+include::domain-specific-rules.asciidoc[]
include::alerting-troubleshooting.asciidoc[]
diff --git a/docs/management/alerting/rule-details.asciidoc b/docs/user/alerting/rule-details.asciidoc
similarity index 99%
rename from docs/management/alerting/rule-details.asciidoc
rename to docs/user/alerting/rule-details.asciidoc
index a893db280c7f78..6e743595e5c33b 100644
--- a/docs/management/alerting/rule-details.asciidoc
+++ b/docs/user/alerting/rule-details.asciidoc
@@ -1,6 +1,6 @@
[role="xpack"]
[[rule-details]]
-=== Rule details
+== Rule details
The *Rule details* page tells you about the state of the rule and provides granular control over the actions it is taking.
diff --git a/docs/management/alerting/rule-management.asciidoc b/docs/user/alerting/rule-management.asciidoc
similarity index 74%
rename from docs/management/alerting/rule-management.asciidoc
rename to docs/user/alerting/rule-management.asciidoc
index b43dc9eb635e94..b908bd03b09927 100644
--- a/docs/management/alerting/rule-management.asciidoc
+++ b/docs/user/alerting/rule-management.asciidoc
@@ -1,6 +1,6 @@
[role="xpack"]
[[alert-management]]
-=== Managing Rules
+== Managing rules
The *Rules* tab provides a cross-app view of alerting. Different {kib} apps like {observability-guide}/create-alerts.html[*Observability*], {security-guide}/prebuilt-rules.html[*Security*], <> and <> can offer their own rules. The *Rules* tab provides a central place to:
@@ -10,12 +10,12 @@ The *Rules* tab provides a cross-app view of alerting. Different {kib} apps like
* Drill-down to <>
[role="screenshot"]
-image:management/alerting/images/rules-and-connectors-ui.png[Example rule listing in the Rules and Connectors UI]
+image:images/rules-and-connectors-ui.png[Example rule listing in the Rules and Connectors UI]
For more information on alerting concepts and the types of rules and connectors available, see <>.
[float]
-==== Finding rules
+=== Finding rules
The *Rules* tab lists all rules in the current space, including summary information about their execution frequency, tags, and type.
@@ -36,23 +36,28 @@ image::images/rules-filter-by-action-type.png[Filtering the rule list by type of
[float]
[[create-edit-rules]]
-==== Creating and editing rules
+=== Creating and editing rules
-Many rules must be created within the context of a {kib} app like <>, <>, or <>, but others are generic. Generic rule types can be created in the *Rules* management UI by clicking the *Create* button. This will launch a flyout that guides you through selecting a rule type and configuring its properties. Refer to <> for details on what types of rules are available and how to configure them.
+Many rules must be created within the context of a {kib} app like <>, <>, or <>, but others are generic. Generic rule types can be created in the *Rules* management UI by clicking the *Create* button. This will launch a flyout that guides you through selecting a rule type and configuring its properties. Refer to <> for details on what types of rules are available and how to configure them.
After a rule is created, you can re-open the flyout and change a rule's properties by clicking the *Edit* button shown on each row of the rule listing.
[float]
[[controlling-rules]]
-==== Controlling rules
+=== Controlling rules
The rule listing allows you to quickly mute/unmute, disable/enable, and delete individual rules by clicking the action button.
[role="screenshot"]
-image:management/alerting/images/individual-mute-disable.png[The actions button allows an individual rule to be muted, disabled, or deleted]
+image:images/individual-mute-disable.png[The actions button allows an individual rule to be muted, disabled, or deleted]
These operations can also be performed in bulk by multi-selecting rules and clicking the *Manage rules* button:
[role="screenshot"]
-image:management/alerting/images/bulk-mute-disable.png[The Manage rules button lets you mute/unmute, enable/disable, and delete in bulk]
+image:images/bulk-mute-disable.png[The Manage rules button lets you mute/unmute, enable/disable, and delete in bulk]
+
+[float]
+=== Required permissions
+
+Access to rules is granted based on your privileges to alerting-enabled features. See <> for more information.
diff --git a/docs/user/alerting/rule-types.asciidoc b/docs/user/alerting/stack-rules.asciidoc
similarity index 58%
rename from docs/user/alerting/rule-types.asciidoc
rename to docs/user/alerting/stack-rules.asciidoc
index 44a22c548757cc..483834c78806e2 100644
--- a/docs/user/alerting/rule-types.asciidoc
+++ b/docs/user/alerting/stack-rules.asciidoc
@@ -1,14 +1,11 @@
[role="xpack"]
-[[rule-types]]
-== Rules
+[[stack-rules]]
+== Stack rule types
Kibana provides two types of rules:
* Stack rules, which are built into {kib}
-* Domain-specific rules, which are registered by {kib} apps.
-
-[float]
-==== Standard stack rules
+* <>, which are registered by {kib} apps.
{kib} provides two stack rules:
@@ -18,17 +15,6 @@ Kibana provides two types of rules:
Users require the `all` privilege to access the *Stack Rules* feature and create and edit rules.
See <> for more information.
-[float]
-==== Domain-specific rules
-
-For domain-specific rules, refer to the documentation for that app.
-{kib} supports these rules:
-
-* {observability-guide}/create-alerts.html[Observability rules]
-* {security-guide}/prebuilt-rules.html[Security rules]
-* <>
-* {ml-docs}/ml-configuring-alerts.html[{ml-cap} rules] beta:[]
-
[NOTE]
==============================================
Some rule types are subscription features, while others are free features.
@@ -39,4 +25,3 @@ see {subscriptions}[the subscription page].
include::stack-rules/index-threshold.asciidoc[]
include::stack-rules/es-query.asciidoc[]
-include::map-rules/geo-rule-types.asciidoc[]
diff --git a/docs/user/index.asciidoc b/docs/user/index.asciidoc
index 81ded1e54d8fdb..47d86004fdc664 100644
--- a/docs/user/index.asciidoc
+++ b/docs/user/index.asciidoc
@@ -29,6 +29,8 @@ include::ml/index.asciidoc[]
include::graph/index.asciidoc[]
+include::alerting/index.asciidoc[]
+
include::{kib-repo-dir}/observability/index.asciidoc[]
include::{kib-repo-dir}/apm/index.asciidoc[]
@@ -45,8 +47,6 @@ include::{kib-repo-dir}/fleet/fleet.asciidoc[]
include::reporting/index.asciidoc[]
-include::alerting/index.asciidoc[]
-
include::api.asciidoc[]
include::plugins.asciidoc[]
diff --git a/docs/user/management.asciidoc b/docs/user/management.asciidoc
index 7c73a80362eb6f..83e18734f65d43 100644
--- a/docs/user/management.asciidoc
+++ b/docs/user/management.asciidoc
@@ -78,9 +78,9 @@ You can add and remove remote clusters, and check their connectivity.
[cols="50, 50"]
|===
-| <>
-| Centrally manage your rules across {kib}. Create and manage reusable
-connectors for triggering actions.
+| <>
+| Centrally <> across {kib}. Create and <> for triggering actions.
| <>
| Monitor the generation of reports—PDF, PNG, and CSV—and download reports that you previously generated.
@@ -182,16 +182,10 @@ next major version of {es}, and then reindex, if needed.
include::{kib-repo-dir}/management/advanced-options.asciidoc[]
-include::{kib-repo-dir}/management/alerting/rules-and-connectors-intro.asciidoc[]
-
-include::{kib-repo-dir}/management/alerting/rule-management.asciidoc[]
-
-include::{kib-repo-dir}/management/alerting/rule-details.asciidoc[]
-
-include::{kib-repo-dir}/management/alerting/connector-management.asciidoc[]
-
include::{kib-repo-dir}/management/managing-beats.asciidoc[]
+include::{kib-repo-dir}/management/action-types.asciidoc[]
+
include::{kib-repo-dir}/management/managing-fields.asciidoc[]
include::{kib-repo-dir}/management/managing-licenses.asciidoc[]
@@ -202,14 +196,14 @@ include::{kib-repo-dir}/management/rollups/create_and_manage_rollups.asciidoc[]
include::{kib-repo-dir}/management/managing-saved-objects.asciidoc[]
-include::{kib-repo-dir}/management/managing-tags.asciidoc[]
-
include::security/index.asciidoc[]
include::{kib-repo-dir}/management/snapshot-restore/index.asciidoc[]
include::{kib-repo-dir}/spaces/index.asciidoc[]
+include::{kib-repo-dir}/management/managing-tags.asciidoc[]
+
include::{kib-repo-dir}/management/upgrade-assistant/index.asciidoc[]
include::{kib-repo-dir}/management/watcher-ui/index.asciidoc[]
diff --git a/docs/user/monitoring/kibana-alerts.asciidoc b/docs/user/monitoring/kibana-alerts.asciidoc
index 2944921edd2eea..58bf419d8d54a9 100644
--- a/docs/user/monitoring/kibana-alerts.asciidoc
+++ b/docs/user/monitoring/kibana-alerts.asciidoc
@@ -20,7 +20,7 @@ analyze past performance. You can also modify active alerts.
image::user/monitoring/images/monitoring-kibana-alerts.png["Kibana alerts in the Stack Monitoring app"]
To review and modify all the available alerts, use
-<> in *{stack-manage-app}*.
+<> in *{stack-manage-app}*.
[discrete]
[[kibana-alerts-cpu-threshold]]
diff --git a/examples/search_examples/public/index.scss b/examples/search_examples/public/index.scss
index e69de29bb2d1d6..b623fecf78640f 100644
--- a/examples/search_examples/public/index.scss
+++ b/examples/search_examples/public/index.scss
@@ -0,0 +1,6 @@
+@import '@elastic/eui/src/global_styling/variables/header';
+
+.searchExampleStepDsc {
+ padding-left: $euiSizeXL;
+ font-style: italic;
+}
diff --git a/examples/search_examples/public/search/app.tsx b/examples/search_examples/public/search/app.tsx
index 8f31d242faf5ea..65d939088515a9 100644
--- a/examples/search_examples/public/search/app.tsx
+++ b/examples/search_examples/public/search/app.tsx
@@ -20,13 +20,13 @@ import {
EuiTitle,
EuiText,
EuiFlexGrid,
- EuiFlexGroup,
EuiFlexItem,
EuiCheckbox,
EuiSpacer,
EuiCode,
EuiComboBox,
EuiFormLabel,
+ EuiTabbedContent,
} from '@elastic/eui';
import { CoreStart } from '../../../../src/core/public';
@@ -60,6 +60,11 @@ function getNumeric(fields?: IndexPatternField[]) {
return fields?.filter((f) => f.type === 'number' && f.aggregatable);
}
+function getAggregatableStrings(fields?: IndexPatternField[]) {
+ if (!fields) return [];
+ return fields?.filter((f) => f.type === 'string' && f.aggregatable);
+}
+
function formatFieldToComboBox(field?: IndexPatternField | null) {
if (!field) return [];
return formatFieldsToComboBox([field]);
@@ -90,6 +95,9 @@ export const SearchExamplesApp = ({
const [selectedNumericField, setSelectedNumericField] = useState<
IndexPatternField | null | undefined
>();
+ const [selectedBucketField, setSelectedBucketField] = useState<
+ IndexPatternField | null | undefined
+ >();
const [request, setRequest] = useState>({});
const [response, setResponse] = useState>({});
@@ -108,6 +116,7 @@ export const SearchExamplesApp = ({
setFields(indexPattern?.fields);
}, [indexPattern]);
useEffect(() => {
+ setSelectedBucketField(fields?.length ? getAggregatableStrings(fields)[0] : null);
setSelectedNumericField(fields?.length ? getNumeric(fields)[0] : null);
}, [fields]);
@@ -186,7 +195,7 @@ export const SearchExamplesApp = ({
});
};
- const doSearchSourceSearch = async () => {
+ const doSearchSourceSearch = async (otherBucket: boolean) => {
if (!indexPattern) return;
const query = data.query.queryString.getQuery();
@@ -203,28 +212,40 @@ export const SearchExamplesApp = ({
.setField('index', indexPattern)
.setField('filter', filters)
.setField('query', query)
- .setField('fields', selectedFields.length ? selectedFields.map((f) => f.name) : ['*'])
+ .setField('fields', selectedFields.length ? selectedFields.map((f) => f.name) : [''])
+ .setField('size', selectedFields.length ? 100 : 0)
.setField('trackTotalHits', 100);
- if (selectedNumericField) {
- searchSource.setField('aggs', () => {
- return data.search.aggs
- .createAggConfigs(indexPattern, [
- { type: 'avg', params: { field: selectedNumericField.name } },
- ])
- .toDsl();
+ const aggDef = [];
+ if (selectedBucketField) {
+ aggDef.push({
+ type: 'terms',
+ schema: 'split',
+ params: { field: selectedBucketField.name, size: 2, otherBucket },
});
}
+ if (selectedNumericField) {
+ aggDef.push({ type: 'avg', params: { field: selectedNumericField.name } });
+ }
+ if (aggDef.length > 0) {
+ const ac = data.search.aggs.createAggConfigs(indexPattern, aggDef);
+ searchSource.setField('aggs', ac);
+ }
setRequest(searchSource.getSearchRequestBody());
const res = await searchSource.fetch$().toPromise();
setResponse(res);
const message = Searched {res.hits.total} documents.;
- notifications.toasts.addSuccess({
- title: 'Query result',
- text: mountReactNode(message),
- });
+ notifications.toasts.addSuccess(
+ {
+ title: 'Query result',
+ text: mountReactNode(message),
+ },
+ {
+ toastLifeTimeMs: 300000,
+ }
+ );
} catch (e) {
setResponse(e.body);
notifications.toasts.addWarning(`An error has occurred: ${e.message}`);
@@ -259,10 +280,59 @@ export const SearchExamplesApp = ({
}
};
- const onSearchSourceClickHandler = () => {
- doSearchSourceSearch();
+ const onSearchSourceClickHandler = (withOtherBucket: boolean) => {
+ doSearchSourceSearch(withOtherBucket);
};
+ const reqTabs = [
+ {
+ id: 'request',
+ name: Request,
+ content: (
+ <>
+
+ Search body sent to ES
+
+ {JSON.stringify(request, null, 2)}
+
+
+ ),
+ },
+ {
+ id: 'response',
+ name: Response,
+ content: (
+ <>
+
+
+
+
+
+ {JSON.stringify(response, null, 2)}
+
+
+ ),
+ },
+ ];
+
return (
@@ -284,59 +354,76 @@ export const SearchExamplesApp = ({
useDefaultBehaviors={true}
indexPatterns={indexPattern ? [indexPattern] : undefined}
/>
-
+
+
+ Index Pattern
+ {
+ const newIndexPattern = await data.indexPatterns.get(newIndexPatternId);
+ setIndexPattern(newIndexPattern);
+ }}
+ isClearable={false}
+ data-test-subj="indexPatternSelector"
+ />
+
+
+ Field (bucket)
+ {
+ if (option.length) {
+ const fld = indexPattern?.getFieldByName(option[0].label);
+ setSelectedBucketField(fld || null);
+ } else {
+ setSelectedBucketField(null);
+ }
+ }}
+ sortMatchesBy="startsWith"
+ data-test-subj="searchBucketField"
+ />
+
+
+ Numeric Field (metric)
+ {
+ if (option.length) {
+ const fld = indexPattern?.getFieldByName(option[0].label);
+ setSelectedNumericField(fld || null);
+ } else {
+ setSelectedNumericField(null);
+ }
+ }}
+ sortMatchesBy="startsWith"
+ data-test-subj="searchMetricField"
+ />
+
+
+ Fields to queryString
+ {
+ const flds = option
+ .map((opt) => indexPattern?.getFieldByName(opt?.label))
+ .filter((f) => f);
+ setSelectedFields(flds.length ? (flds as IndexPatternField[]) : []);
+ }}
+ sortMatchesBy="startsWith"
+ />
+
+
+
-
-
-
- Index Pattern
- {
- const newIndexPattern = await data.indexPatterns.get(newIndexPatternId);
- setIndexPattern(newIndexPattern);
- }}
- isClearable={false}
- />
-
-
- Numeric Field to Aggregate
- {
- const fld = indexPattern?.getFieldByName(option[0].label);
- setSelectedNumericField(fld || null);
- }}
- sortMatchesBy="startsWith"
- />
-
-
-
-
- Fields to query (leave blank to include all fields)
- {
- const flds = option
- .map((opt) => indexPattern?.getFieldByName(opt?.label))
- .filter((f) => f);
- setSelectedFields(flds.length ? (flds as IndexPatternField[]) : []);
- }}
- sortMatchesBy="startsWith"
- />
-
-
-
-
- Search body sent to ES
-
- {JSON.stringify(request, null, 2)}
-
-
-
-
-
Response
-
-
-
-
-
- {JSON.stringify(response, null, 2)}
-
+
+
diff --git a/package.json b/package.json
index c6f33d263df84a..23241a37ffe476 100644
--- a/package.json
+++ b/package.json
@@ -176,17 +176,6 @@
"angular-sortable-view": "^0.0.17",
"angular-ui-ace": "0.2.3",
"antlr4ts": "^0.5.0-alpha.3",
- "apollo-cache-inmemory": "1.6.2",
- "apollo-client": "^2.3.8",
- "apollo-link": "^1.2.3",
- "apollo-link-error": "^1.1.7",
- "apollo-link-http": "^1.5.16",
- "apollo-link-http-common": "^0.2.15",
- "apollo-link-schema": "^1.1.0",
- "apollo-link-state": "^0.4.1",
- "apollo-server-core": "^1.3.6",
- "apollo-server-errors": "^2.0.2",
- "apollo-server-hapi": "^1.3.6",
"archiver": "^5.2.0",
"axios": "^0.21.1",
"base64-js": "^1.3.1",
@@ -243,9 +232,7 @@
"glob-all": "^3.2.1",
"globby": "^11.0.3",
"graphql": "^0.13.2",
- "graphql-fields": "^1.0.2",
"graphql-tag": "^2.10.3",
- "graphql-tools": "^3.0.2",
"handlebars": "4.7.7",
"he": "^1.2.0",
"history": "^4.9.0",
@@ -333,7 +320,6 @@
"re2": "^1.15.4",
"react": "^16.12.0",
"react-ace": "^5.9.0",
- "react-apollo": "^2.1.4",
"react-beautiful-dnd": "^13.0.0",
"react-color": "^2.13.8",
"react-datetime": "^2.14.0",
@@ -348,7 +334,7 @@
"react-moment-proptypes": "^1.7.0",
"react-monaco-editor": "^0.41.2",
"react-popper-tooltip": "^2.10.1",
- "react-query": "^3.12.0",
+ "react-query": "^3.13.10",
"react-resize-detector": "^4.2.0",
"react-reverse-portal": "^1.0.4",
"react-router-redux": "^4.0.8",
@@ -454,7 +440,7 @@
"@istanbuljs/schema": "^0.1.2",
"@jest/reporters": "^26.5.2",
"@kbn/babel-code-parser": "link:packages/kbn-babel-code-parser",
- "@kbn/babel-preset": "link:packages/kbn-babel-preset",
+ "@kbn/babel-preset": "link:bazel-bin/packages/kbn-babel-preset/npm_module",
"@kbn/cli-dev-mode": "link:packages/kbn-cli-dev-mode",
"@kbn/dev-utils": "link:packages/kbn-dev-utils",
"@kbn/docs-utils": "link:packages/kbn-docs-utils",
@@ -728,13 +714,6 @@
"form-data": "^4.0.0",
"geckodriver": "^1.22.2",
"glob-watcher": "5.0.3",
- "graphql-code-generator": "^0.18.2",
- "graphql-codegen-add": "^0.18.2",
- "graphql-codegen-introspection": "^0.18.2",
- "graphql-codegen-typescript-client": "^0.18.2",
- "graphql-codegen-typescript-common": "^0.18.2",
- "graphql-codegen-typescript-resolvers": "^0.18.2",
- "graphql-codegen-typescript-server": "^0.18.2",
"grunt": "1.3.0",
"grunt-available-tasks": "^0.6.3",
"grunt-peg": "^2.0.1",
diff --git a/packages/BUILD.bazel b/packages/BUILD.bazel
index fe0e8efe0d44f2..e1a85e926f049d 100644
--- a/packages/BUILD.bazel
+++ b/packages/BUILD.bazel
@@ -5,6 +5,7 @@ filegroup(
srcs = [
"//packages/elastic-datemath:build",
"//packages/kbn-apm-utils:build",
+ "//packages/kbn-babel-preset:build",
"//packages/kbn-config-schema:build",
"//packages/kbn-tinymath:build",
"//packages/kbn-utility-types:build",
diff --git a/packages/kbn-ace/package.json b/packages/kbn-ace/package.json
index 30f37b4786f367..5b4b0312aa1aec 100644
--- a/packages/kbn-ace/package.json
+++ b/packages/kbn-ace/package.json
@@ -10,7 +10,6 @@
"kbn:bootstrap": "yarn build --dev"
},
"devDependencies": {
- "@kbn/dev-utils": "link:../kbn-dev-utils",
- "@kbn/babel-preset": "link:../kbn-babel-preset"
+ "@kbn/dev-utils": "link:../kbn-dev-utils"
}
}
\ No newline at end of file
diff --git a/packages/kbn-analytics/package.json b/packages/kbn-analytics/package.json
index 715f0af96ea3e5..5b9db79febd777 100644
--- a/packages/kbn-analytics/package.json
+++ b/packages/kbn-analytics/package.json
@@ -14,7 +14,6 @@
"kbn:watch": "node scripts/build --source-maps --watch"
},
"devDependencies": {
- "@kbn/dev-utils": "link:../kbn-dev-utils",
- "@kbn/babel-preset": "link:../kbn-babel-preset"
+ "@kbn/dev-utils": "link:../kbn-dev-utils"
}
}
\ No newline at end of file
diff --git a/packages/kbn-babel-code-parser/package.json b/packages/kbn-babel-code-parser/package.json
index bfe01c6eae8e38..a5e05da6f8ee47 100755
--- a/packages/kbn-babel-code-parser/package.json
+++ b/packages/kbn-babel-code-parser/package.json
@@ -13,8 +13,5 @@
"build": "../../node_modules/.bin/babel src --out-dir target",
"kbn:bootstrap": "yarn build --quiet",
"kbn:watch": "yarn build --watch"
- },
- "dependencies": {
- "@kbn/babel-preset": "link:../kbn-babel-preset"
}
}
diff --git a/packages/kbn-babel-preset/BUILD.bazel b/packages/kbn-babel-preset/BUILD.bazel
new file mode 100644
index 00000000000000..13542ed6e73ad4
--- /dev/null
+++ b/packages/kbn-babel-preset/BUILD.bazel
@@ -0,0 +1,63 @@
+load("@build_bazel_rules_nodejs//:index.bzl", "js_library", "pkg_npm")
+
+PKG_BASE_NAME = "kbn-babel-preset"
+PKG_REQUIRE_NAME = "@kbn/babel-preset"
+
+SOURCE_FILES = glob([
+ "common_babel_parser_options.js",
+ "common_preset.js",
+ "istanbul_preset.js",
+ "node_preset.js",
+ "webpack_preset.js",
+])
+
+SRCS = SOURCE_FILES
+
+filegroup(
+ name = "srcs",
+ srcs = SRCS,
+)
+
+NPM_MODULE_EXTRA_FILES = [
+ "package.json",
+ "README.md",
+]
+
+DEPS = [
+ "@npm//@babel/plugin-proposal-class-properties",
+ "@npm//@babel/plugin-proposal-export-namespace-from",
+ "@npm//@babel/plugin-proposal-nullish-coalescing-operator",
+ "@npm//@babel/plugin-proposal-optional-chaining",
+ "@npm//@babel/plugin-proposal-private-methods",
+ "@npm//@babel/preset-env",
+ "@npm//@babel/preset-react",
+ "@npm//@babel/preset-typescript",
+ "@npm//babel-plugin-add-module-exports",
+ "@npm//babel-plugin-styled-components",
+]
+
+js_library(
+ name = PKG_BASE_NAME,
+ srcs = [
+ ":srcs",
+ ],
+ deps = DEPS,
+ package_name = PKG_REQUIRE_NAME,
+ visibility = ["//visibility:public"],
+)
+
+pkg_npm(
+ name = "npm_module",
+ srcs = NPM_MODULE_EXTRA_FILES,
+ deps = [
+ ":%s" % PKG_BASE_NAME,
+ ]
+)
+
+filegroup(
+ name = "build",
+ srcs = [
+ ":npm_module",
+ ],
+ visibility = ["//visibility:public"],
+)
diff --git a/packages/kbn-dev-utils/package.json b/packages/kbn-dev-utils/package.json
index e1990fca4e0bbf..87e142c3bece7d 100644
--- a/packages/kbn-dev-utils/package.json
+++ b/packages/kbn-dev-utils/package.json
@@ -17,7 +17,6 @@
"@kbn/utils": "link:../kbn-utils"
},
"devDependencies": {
- "@kbn/babel-preset": "link:../kbn-babel-preset",
"@kbn/expect": "link:../kbn-expect"
}
}
\ No newline at end of file
diff --git a/packages/kbn-es/package.json b/packages/kbn-es/package.json
index c8fe2101bd6396..f47f042505cad0 100644
--- a/packages/kbn-es/package.json
+++ b/packages/kbn-es/package.json
@@ -14,8 +14,5 @@
},
"dependencies": {
"@kbn/dev-utils": "link:../kbn-dev-utils"
- },
- "devDependencies": {
- "@kbn/babel-preset": "link:../kbn-babel-preset"
}
}
\ No newline at end of file
diff --git a/packages/kbn-i18n/package.json b/packages/kbn-i18n/package.json
index d3b4e56fe05d48..570110589490bb 100644
--- a/packages/kbn-i18n/package.json
+++ b/packages/kbn-i18n/package.json
@@ -12,7 +12,6 @@
"kbn:watch": "node scripts/build --watch --source-maps"
},
"devDependencies": {
- "@kbn/babel-preset": "link:../kbn-babel-preset",
"@kbn/dev-utils": "link:../kbn-dev-utils"
}
}
\ No newline at end of file
diff --git a/packages/kbn-interpreter/package.json b/packages/kbn-interpreter/package.json
index 59a14fa8285831..491a7205be210e 100644
--- a/packages/kbn-interpreter/package.json
+++ b/packages/kbn-interpreter/package.json
@@ -13,7 +13,6 @@
"@kbn/i18n": "link:../kbn-i18n"
},
"devDependencies": {
- "@kbn/babel-preset": "link:../kbn-babel-preset",
"@kbn/dev-utils": "link:../kbn-dev-utils"
}
}
\ No newline at end of file
diff --git a/packages/kbn-monaco/package.json b/packages/kbn-monaco/package.json
index bdf36915bab3ae..f4309e08f5bdb1 100644
--- a/packages/kbn-monaco/package.json
+++ b/packages/kbn-monaco/package.json
@@ -11,7 +11,6 @@
"build:antlr4ts": "../../node_modules/antlr4ts-cli/antlr4ts ./src/painless/antlr/painless_lexer.g4 ./src/painless/antlr/painless_parser.g4 && node ./scripts/fix_generated_antlr.js"
},
"devDependencies": {
- "@kbn/babel-preset": "link:../kbn-babel-preset",
"@kbn/dev-utils": "link:../kbn-dev-utils"
},
"dependencies": {
diff --git a/packages/kbn-optimizer/package.json b/packages/kbn-optimizer/package.json
index ac73fbc0fc16a9..3c14d98755a32a 100644
--- a/packages/kbn-optimizer/package.json
+++ b/packages/kbn-optimizer/package.json
@@ -11,7 +11,6 @@
"kbn:watch": "yarn build --watch"
},
"dependencies": {
- "@kbn/babel-preset": "link:../kbn-babel-preset",
"@kbn/config": "link:../kbn-config",
"@kbn/dev-utils": "link:../kbn-dev-utils",
"@kbn/std": "link:../kbn-std",
diff --git a/packages/kbn-test/package.json b/packages/kbn-test/package.json
index a2dc8f84cfb513..2afbe41e0e00ec 100644
--- a/packages/kbn-test/package.json
+++ b/packages/kbn-test/package.json
@@ -19,7 +19,6 @@
"@kbn/optimizer": "link:../kbn-optimizer"
},
"devDependencies": {
- "@kbn/babel-preset": "link:../kbn-babel-preset",
"@kbn/dev-utils": "link:../kbn-dev-utils",
"@kbn/expect": "link:../kbn-expect",
"@kbn/utils": "link:../kbn-utils"
diff --git a/packages/kbn-ui-shared-deps/entry.js b/packages/kbn-ui-shared-deps/entry.js
index f14c793d22a097..4029ce28faf5bf 100644
--- a/packages/kbn-ui-shared-deps/entry.js
+++ b/packages/kbn-ui-shared-deps/entry.js
@@ -49,3 +49,4 @@ export const TsLib = require('tslib');
export const KbnAnalytics = require('@kbn/analytics');
export const KbnStd = require('@kbn/std');
export const SaferLodashSet = require('@elastic/safer-lodash-set');
+export const RisonNode = require('rison-node');
diff --git a/packages/kbn-ui-shared-deps/index.js b/packages/kbn-ui-shared-deps/index.js
index 0542bc89ff9e48..62ddb09d25add7 100644
--- a/packages/kbn-ui-shared-deps/index.js
+++ b/packages/kbn-ui-shared-deps/index.js
@@ -60,5 +60,6 @@ exports.externals = {
'@kbn/analytics': '__kbnSharedDeps__.KbnAnalytics',
'@kbn/std': '__kbnSharedDeps__.KbnStd',
'@elastic/safer-lodash-set': '__kbnSharedDeps__.SaferLodashSet',
+ 'rison-node': '__kbnSharedDeps__.RisonNode',
};
exports.publicPathLoader = require.resolve('./public_path_loader');
diff --git a/packages/kbn-ui-shared-deps/package.json b/packages/kbn-ui-shared-deps/package.json
index 47a2fa19e7a8ea..00c6f677cd223f 100644
--- a/packages/kbn-ui-shared-deps/package.json
+++ b/packages/kbn-ui-shared-deps/package.json
@@ -14,7 +14,6 @@
"@kbn/monaco": "link:../kbn-monaco"
},
"devDependencies": {
- "@kbn/babel-preset": "link:../kbn-babel-preset",
"@kbn/dev-utils": "link:../kbn-dev-utils"
}
}
\ No newline at end of file
diff --git a/rfcs/images/url_service/new_architecture.png b/rfcs/images/url_service/new_architecture.png
new file mode 100644
index 00000000000000..9faa025d429bf8
Binary files /dev/null and b/rfcs/images/url_service/new_architecture.png differ
diff --git a/rfcs/images/url_service/old_architecture.png b/rfcs/images/url_service/old_architecture.png
new file mode 100644
index 00000000000000..fdb1c13fabf349
Binary files /dev/null and b/rfcs/images/url_service/old_architecture.png differ
diff --git a/rfcs/text/0017_url_service.md b/rfcs/text/0017_url_service.md
new file mode 100644
index 00000000000000..87a8a92c090d68
--- /dev/null
+++ b/rfcs/text/0017_url_service.md
@@ -0,0 +1,600 @@
+- Start Date: 2021-03-26
+- RFC PR: (leave this empty)
+- Kibana Issue: (leave this empty)
+
+
+# Summary
+
+Currently in the Kibana `share` plugin we have two services that deal with URLs.
+
+One is *Short URL Service*: given a long internal Kibana URL it returns an ID.
+That ID can be used to "resolve" back to the long URL and redirect the user to
+that long URL page. (The Short URL Service is now used in Dashboard, Discover,
+Visualize apps, and have a few upcoming users, for example, when sharing panels
+by Slack or e-mail we will want to use short URLs.)
+
+```ts
+// It does not have a plugin API, you can only use it through an HTTP request.
+const shortUrl = await http.post('/api/shorten_url', {
+ url: '/some/long/kibana/url/.../very?long=true#q=(rison:approved)'
+});
+```
+
+The other is the *URL Generator Service*: it simply receives an object of
+parameters and returns back a deep link within Kibana. (You can use it, for
+example, to navigate to some specific query with specific filters for a
+specific index pattern in the Discover app. As of this writing, there are
+eight registered URL generators, which are used by ten plugins.)
+
+```ts
+// You first register a URL generator.
+const myGenerator = plugins.share.registerUrlGenerator(/* ... */);
+
+// You can fetch it from the registry (if you don't already have it).
+const myGenerator = plugins.share.getUrlGenerator(/* ... */);
+
+// Now you can use it to generate a deep link into Kibana.
+const deepLink: string = myGenerator.createUrl({ /* ... */ });
+```
+
+
+## Goals of the project
+
+The proposal is to unify both of these services (Short URL Service and URL
+Generator Service) into a single new *URL Service*. The new unified service
+will still provide all the functionality the above mentioned services provide
+and in addition will implement the following improvements:
+
+1. Standardize a way for apps to deep link and navigate into other Kibana apps,
+ with ability to use *location state* to specify the state of the app which is
+ not part of the URL.
+2. Combine Short URL Service with URL Generator Service to allow short URLs to
+ be constructed from URL generators, which will also allow us to automatically
+ migrate the short URLs if the parameters of the underlying URL generator
+ change and be able to store location state in every short URL.
+3. Make the short url service easier to use. (It was previously undocumented,
+ and no server side plugin APIs existed, which meant consumers had to use
+ REST APIs which is discouraged. Merging the two services will help achieve
+ this goal by simplifying the APIs.)
+4. Support short urls being deleted (previously not possible).
+5. Support short urls being migrated (previously not possible).
+
+See more detailed explanation and other small improvements in the "Motivation"
+section below.
+
+
+# Terminology
+
+In the proposed new service we introduce "locators". This is mostly a change
+in language, we are renaming "URL generators" to "locators". The old name would
+no longer make sense as we are not returning URLs from locators.
+
+
+# Basic example
+
+The URL Service will have a client (`UrlServiceClient`) which will have the same
+interface, both, on the server-side and the client-side. It will also have a
+documented public set of HTTP API endpoints for use by: (1) the client-side
+client; (2) external users, Elastic Cloud, and Support.
+
+The following code examples will work, both, on the server-side and the
+client-side, as the base `UrlServiceClient` interface will be similar in both
+environments.
+
+Below we consider four main examples of usage of the URL Service. All four
+examples are existing use cases we currently have in Kibana.
+
+
+## Navigating within Kibana using locators
+
+In this example let's consider a case where Discover app creates a locator,
+then another plugin uses that locator to navigate to a deep link within the
+Discover app.
+
+First, the Discover plugin creates its locator (usually one per app). It needs
+to do this on the client and server.
+
+
+```ts
+const locator = plugins.share.locators.create({
+ id: 'DISCOVER_DEEP_LINKS',
+ getLocation: ({
+ indexPattern,
+ highlightedField,
+ filters: [],
+ query: {},
+ fields: [],
+ activeDoc: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx',
+ }) => {
+ app: 'discover',
+ route: `/${indexPatten}#_a=(${risonEncode({filters, query, fields})})`,
+ state: {
+ highlightedField,
+ activeDoc,
+ },
+ },
+});
+```
+
+Now, the Discover plugin exports this locator from its plugin contract.
+
+```ts
+class DiscoverPlugin() {
+ start() {
+ return {
+ locator,
+ };
+ }
+}
+```
+
+Finally, if any other app now wants to navigate to a deep link within the
+Discover application, they use this exported locator.
+
+```ts
+plugins.discover.locator.navigate({
+ indexPattern: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx',
+ highlightedField: 'foo',
+});
+```
+
+Note, in this example the `highlightedField` parameter will not appear in the
+URL bar, it will be passed to the Discover app through [`history.pushState()`](https://developer.mozilla.org/en-US/docs/Web/API/History/pushState)
+mechanism (in Kibana case, using the [`history`](https://www.npmjs.com/package/history) package, which is used by `core.application.navigateToApp`).
+
+
+## Sending a deep link to Kibana
+
+We have use cases were a deep link to some Kibana app is sent out, for example,
+through e-mail or as a Slack message.
+
+In this example, lets consider some plugin gets hold of the Discover locator
+on the server-side.
+
+```ts
+const location = plugins.discover.locator.getRedirectPath({
+ indexPattern: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx',
+ highlightedField: 'foo',
+});
+```
+
+This would return the location of the client-side redirect endpoint. The redirect
+endpoint could look like this:
+
+```
+/app/goto/_redirect/DISCOVER_DEEP_LINKS?params={"indexPattern":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx","highlightedField":"foo"}¶msVersion=7.x
+```
+
+This redirect client-side endpoint would find the Discover locator and and
+execute the `.navigate()` method on it.
+
+
+## Creating a short link
+
+In this example, lets create a short link using the Discover locator.
+
+```ts
+const shortUrl = await plugins.discover.locator.createShortUrl(
+ {
+ indexPattern: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx',
+ highlightedField: 'foo',
+ }
+ 'human-readable-slug',
+});
+```
+
+The above example creates a short link and persists it in a saved object. The
+short URL can have a human-readable slug, which uniquely identifies that short
+URL.
+
+```ts
+shortUrl.slug === 'human-readable-slug'
+```
+
+The short URL can be used to navigate to the Discover app. The redirect
+client-side endpoint currently looks like this:
+
+```
+/app/goto/human-readable-slug
+```
+
+This persisted short URL would effectively work the same as the full version:
+
+```
+/app/goto/_redirect/DISCOVER_DEEP_LINKS?params={"indexPattern":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx","highlightedField":"foo"}¶msVersion=7.x
+```
+
+
+## External users navigating to a Kibana deep link
+
+Currently Elastic Cloud and Support have many links linking into Kibana. Most of
+them are deep links into Discover and Dashboard apps where, for example, index
+pattern is selected, or filters and time range are set.
+
+The external users could use the above mentioned client-side redirect endpoint
+to navigate to their desired deep location within Kibana, for example, to the
+Discover application:
+
+```
+/app/goto/_redirect/DISCOVER_DEEP_LINKS?params={"indexPattern":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx","highlightedField":"foo"}¶msVersion=7.x
+```
+
+
+# Motivation
+
+Our motivation to improve the URL services comes from us intending to use them
+more, for example, for panel sharing to Slack or e-mail; and we believe that the
+current state of the URL services needs an upgrade.
+
+
+## Limitations of the Short URL Service
+
+We have identified the following limitations in the current implementation of
+the Short URL Service:
+
+1. There is no migration system. If an application exposes this functionality,
+ every possible URL that might be generated should be supported forever. A
+ migration could be written inside the app itself, on page load, but this is a
+ risky path for URLs with many possibilities.
+ 1. __Will do:__ Short URLs will be created using locators. We will use
+ migrations provided by the locators to migrate the stored parameters
+ in the short URL saved object.
+1. Short URLs store only the URL of the destination page. However, the
+ destination page might have other state which affects the display of the page
+ but is not present in the URL. Once the short URL is used to navigate to that
+ page, any state that is kept only in memory is lost.
+ 1. __Will do:__ The new implementation of the short URLs will also persist
+ the location state of the URL. That state would be provided to a
+ Kibana app once a user navigates to that app using a short URL.
+1. It exposes only HTTP endpoint API.
+ 1. __Will do:__ We will also expose a URL Service client through plugin
+ contract on the server and browser.
+1. It only has 3 HTTP endpoints, yet all three have different paths:
+ (1) `/short_url`, (2) `/shorten_url`; and (3) `/goto`.
+ 1. __Will do:__ We will normalize the HTTP endpoints. We will use HTTP
+ method "verbs" like POST, instead of verbs in the url like "shorten_url".
+1. There is not much documentation for developers.
+ 1. __Will do:__ The new service will have a much nicer API and docs.
+1. There is no way to delete short URLs once they are created.
+ 1. __Will do:__ The new service will provide CRUD API to manage short URLs,
+ including deletion.
+1. Short URL service uses MD5 algorithm to hash long URLs. Security team
+ requested to stop using that algorithm.
+ 1. __Will do:__ The new URL Service will not use MD5 algorithm.
+1. Short URLs are not automatically deleted when the target (say dashboard) is
+ deleted. (#10450)
+ 1. __Could do:__ The URL Service will not provide such feature. Though the
+ short URLs will keep track of saved object references used in the params
+ to generate a short URL. Maybe those saved references could somehow be
+ used in the future to provide such a facility.
+
+ Currently, there are two possible avenues for deleting a short URL when
+ the underlying dashboard is deleted:
+
+ 1. The Dashboard app could keep track of short URLs it generates for each
+ dashboard. Once a dashboard is deleted, the Dashboard app also
+ deletes all short URLs associated with that dashboard.
+ 1. Saved Objects Service could implement *cascading deletes*. Once a saved
+ object is deleted, the associated saved objects are also deleted
+ (#71453).
+1. Add additional metadata to each short URL.
+ 1. __Could do:__ Each short URL already keeps a counter of how often it was
+ resolved, we could also keep track of a timestamp when it was last
+ resolved, and have an ability for users to give a title to each short URL.
+1. Short URLs don't have a management UI.
+ 1. __Will NOT do:__ We will not create a dedicated UI for managing short
+ URLs. We could improve how short URLs saved objects are presented in saved
+ object management UI.
+1. Short URLs can't be created by read-only users (#18006).
+ 1. __Will NOT do:__ Currently short URLs are stored as saved objects of type
+ `url`, we would like to keep it that way and benefit from saved object
+ facilities like references, migrations, authorization etc.. The consensus
+ is that we will not allow anonymous users to create short URLs. We want to
+ continue using saved object for short URLs going forward and not
+ compromise on their security model.
+
+
+## Limitations of the URL Generator Service
+
+We have identified the following limitations in the current implementation of
+the URL Generator Service:
+
+1. URL generator generate only the URL of the destination. However there is
+ also the ability to use location state with `core.application.navigateToApp`
+ navigation method.
+ 1. __Will do:__ The new locators will also generate the location state, which
+ will be used in `.navigateToApp` method.
+1. URL generators are available only on the client-side. There is no way to use
+ them together with short URLs.
+ 1. __Will do:__ We will implement locators also on the server-side
+ (they will be available in both environments) and we will combine them
+ with the Short URL Service.
+1. URL generators are not exposed externally, thus Cloud and Support cannot use
+ them to generate deep links into Kibana.
+ 1. __Will do:__ We will expose HTTP endpoints on the server-side and the
+ "redirect" app on the client-side which external users will be able to use
+ to deep link into Kibana using locators.
+
+
+## Limitations of the architecture
+
+One major reason we want to "refresh" the Short URL Service and the URL
+Generator Service is their architecture.
+
+Currently, the Short URL Service is implemented on top of the `url` type saved
+object on the server-side. However, it only exposes the
+HTTP endpoints, it does not expose any API on the server for the server-side
+plugins to consume; on the client-side there is no plugin API either, developers
+need to manually execute HTTP requests.
+
+The URL Generator Service is only available on the client-side, there is no way
+to use it on the server-side, yet we already have use cases (for example ML
+team) where a server-side plugin wants to use a URL generator.
+
+
+
+The current architecture does not allow both services to be conveniently used,
+also as they are implemented in different locations, they are disjointed—
+we cannot create a short URL using an URL generator.
+
+
+# Detailed design
+
+In general we will try to provide as much as possible the same API on the
+server-side and the client-side.
+
+
+## High level architecture
+
+Below diagram shows the proposed architecture of the URL Service.
+
+
+
+
+## Plugin contracts
+
+The aim is to provide developers the same experience on the server and browser.
+
+Below are preliminary interfaces of the new URL Service. `IUrlService` will be
+a shared interface defined in `/common` folder shared across server and browser.
+This will allow us to provide users a common API interface on the server and
+browser, wherever they choose to use the URL Service:
+
+```ts
+/**
+ * Common URL Service client interface for the server-side and the client-side.
+ */
+interface IUrlService {
+ locators: ILocatorClient;
+ shortUrls: IShortUrlClient;
+}
+```
+
+
+### Locators
+
+The locator business logic will be contained in `ILocatorClient` client and will
+provide two main functionalities:
+
+1. It will provide a facility to create locators.
+1. It will also be a registry of locators, every newly created locator is
+ automatically added to the registry. The registry should never be used when
+ locator ID is known at the compile time, but is reserved only for use cases
+ when we only know ID of a locator at runtime.
+
+```ts
+interface ILocatorClient {
+ create
(definition: LocatorDefinition
): Locator
;
+ get
(id: string): Locator
;
+}
+```
+
+The `LocatorDefinition` interface is a developer-friendly interface for creating
+new locators. Mainly two things will be required from each new locator:
+
+1. Implement the `getLocation()` method, which gives the locator specific `params`
+ object returns a Kibana location, see description of `KibanaLocation` below.
+2. Implement the `PersistableState` interface which we use in Kibana. This will
+ allow to migrate the locator `params`. Implementation of the `PersistableState`
+ interface will replace the `.isDeprecated` and `.migrate()` properties of URL
+ generators.
+
+
+```ts
+interface LocatorDefinition
extends PeristableState
{
+ id: string;
+ getLocation(params: P): KibanaLocation;
+}
+```
+
+Each constructed locator will have the following interface:
+
+```ts
+interface Locator
{
+ /** Creates a new short URL saved object using this locator. */
+ createShortUrl(params: P, slug?: string): Promise;
+ /** Returns a relative URL to the client-side redirect endpoint using this locator. */
+ getRedirectPath(params: P): string;
+ /** Navigate using core.application.navigateToApp() using this locator. */
+ navigate(params: P): void; // Only on browser.
+}
+```
+
+
+### Short URLs
+
+The short URL client `IShortUrlClient` which will be the same on the server and
+browser. However, the server and browser might add extra utility methods for
+convenience.
+
+```ts
+/**
+ * CRUD-like API for short URLs.
+ */
+interface IShortUrlClient {
+ /**
+ * Delete a short URL.
+ *
+ * @param slug The slug (ID) of the short URL.
+ * @return Returns true if deletion was successful.
+ */
+ delete(slug: string): Promise;
+
+ /**
+ * Fetch short URL.
+ *
+ * @param slug The slug (ID) of the short URL.
+ */
+ get(slug: string): Promise;
+
+ /**
+ * Same as `get()` but it also increments the "view" counter and the
+ * "last view" timestamp of this short URL.
+ *
+ * @param slug The slug (ID) of the short URL.
+ */
+ resolve(slug: string): Promise;
+}
+```
+
+Note, that in this new service to create a short URL the developer will have to
+use a locator (instead of creating it directly from a long URL).
+
+```ts
+const shortUrl = await plugins.share.shortUrls.create(
+ plugins.discover.locator,
+ {
+ indexPattern: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx',
+ highlightedField: 'foo',
+ },
+ 'optional-human-readable-slug',
+);
+```
+
+These short URLs will be stored in saved objects of type `url` and will be
+automatically migrated using the locator. The long URL will NOT be stored in the
+saved object. The locator ID and locator params will be stored in the saved
+object, that will allow us to do the migrations for short URLs.
+
+
+### `KibanaLocation` interface
+
+The `KibanaLocation` interface is a simple interface to store a location in some
+Kibana application.
+
+```ts
+interface KibanaLocation {
+ app: string;
+ route: string;
+ state: object;
+}
+```
+
+It maps directly to a `.navigateToApp()` call.
+
+```ts
+let location: KibanaLocation;
+
+core.application.navigateToApp(location.app, {
+ route: location.route,
+ state: location.state,
+});
+```
+
+
+## HTTP endpoints
+
+
+### Short URL CRUD+ HTTP endpoints
+
+Below HTTP endpoints are designed to work specifically with short URLs:
+
+| HTTP method | Path | Description |
+|-----------------------|-------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------|
+| __POST__ | `/api/short_url` | Endpoint for creating new short URLs. |
+| __GET__ | `/api/short_url/` | Endpoint for retrieving information about an existing short URL. |
+| __DELETE__ | `/api/short_url/` | Endpoint for deleting an existing short URL. |
+| __POST__ | `/api/short_url/` | Endpoint for updating information about an existing short URL. |
+| __POST__ | `/api/short_url//_resolve` | Similar to `GET /api/short_url/`, but also increments the short URL access count counter and the last access timestamp. |
+
+
+### The client-side navigate endpoint
+
+__NOTE.__ We are currently investigating if we really need this endpoint. The
+main user of it was expected to be Cloud and Support to deeply link into Kibana,
+but we are now reconsidering if we want to support this endpoint and possibly
+find a different solution.
+
+The `/app/goto/_redirect/?params=...¶msVersion=...` client-side
+endpoint will receive the locator ID and locator params, it will use those to
+find the locator and execute `locator.navigate(params)` method.
+
+The `paramsVersion` parameter will be used to specify the version of the
+`params` parameter. If the version is behind the latest version, then the migration
+facilities of the locator will be used to on-the-fly migrate the `params` to the
+latest version.
+
+
+### Legacy endpoints
+
+Below are the legacy HTTP endpoints implemented by the `share` plugin, with a
+plan of action for each endpoint:
+
+| HTTP method | Path | Description |
+|-----------------------|-------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------|
+| __ANY__ | `/goto/` | Endpoint for redirecting short URLs, we will keep it to redirect short URLs. |
+| __GET__ | `/api/short_url/` | The new `GET /api/short_url/` endpoint will return a superset of the payload that the legacy endpoint now returns. |
+| __POST__ | `/api/shorten_url` | The legacy endpoints for creating short URLs. We will remove it or deprecate this endpoint and maintain it until 8.0 major release. |
+
+
+# Drawbacks
+
+Why should we *not* do this?
+
+- Implementation cost will be a few weeks, but the code complexity and quality
+ will improve.
+- There is a cost of migrating existing Kibana plugins to use the new API.
+
+
+# Alternatives
+
+We haven't considered other design alternatives.
+
+One alternative is still do the short URL improvements outlined above. But
+reconsider URL generators:
+
+- Do we need URL generators at all?
+ - Kibana URLs are not stable and have changed in our past experience. Hence,
+ the URL generators were created to make the URL generator parameters stable
+ unless a migration is available.
+- Do we want to put migration support in URL generators?
+ - Alternative would be for each app to support URLs forever or do the
+ migrations on the fly for old URLs.
+- Should Kibana URLs be stable and break only during major releases?
+- Should the Kibana application interface be extended such that some version of
+ URL generators is built in?
+
+The impact of not doing this change is essentially extending technical debt.
+
+
+# Adoption strategy
+
+Is this a breaking change? It is a breaking change in the sense that the API
+will change. However, all the existing use cases will be supported. When
+implementing this we will also adjust all Kibana code to use the new API. From
+the perspective of the developers when using the existing URL services nothing
+will change, they will simply need to review a PR which stops using the URL
+Generator Service and uses the combined URL Service instead, which will provide
+a superset of features.
+
+Alternatively, we can deprecate the URL Generator Service and maintain it for a
+few minor releases.
+
+
+# How we teach this
+
+For the existing short URL and URL generator functionality there is nothing to
+teach, as they will continue working with a largely similar API.
+
+Everything else in the new URL Service will have JSDoc comments and good
+documentation on our website.
diff --git a/src/core/public/doc_links/doc_links_service.ts b/src/core/public/doc_links/doc_links_service.ts
index 4220d3e490f63a..0ecfc152197d3c 100644
--- a/src/core/public/doc_links/doc_links_service.ts
+++ b/src/core/public/doc_links/doc_links_service.ts
@@ -21,12 +21,16 @@ export class DocLinksService {
const DOC_LINK_VERSION = injectedMetadata.getKibanaBranch();
const ELASTIC_WEBSITE_URL = 'https://www.elastic.co/';
const ELASTICSEARCH_DOCS = `${ELASTIC_WEBSITE_URL}guide/en/elasticsearch/reference/${DOC_LINK_VERSION}/`;
+ const KIBANA_DOCS = `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/`;
const PLUGIN_DOCS = `${ELASTIC_WEBSITE_URL}guide/en/elasticsearch/plugins/${DOC_LINK_VERSION}/`;
return deepFreeze({
DOC_LINK_VERSION,
ELASTIC_WEBSITE_URL,
links: {
+ canvas: {
+ guide: `${KIBANA_DOCS}canvas.html`,
+ },
dashboard: {
guide: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/dashboard.html`,
drilldowns: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/drilldowns.html`,
@@ -245,10 +249,10 @@ export class DocLinksService {
guide: `${ELASTIC_WEBSITE_URL}guide/en/observability/${DOC_LINK_VERSION}/index.html`,
},
alerting: {
- guide: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/managing-alerts-and-actions.html`,
+ guide: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/alert-management.html`,
actionTypes: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/action-types.html`,
emailAction: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/email-action-type.html`,
- emailActionConfig: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/email-action-type.html#configuring-email`,
+ emailActionConfig: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/email-action-type.html`,
generalSettings: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/alert-action-settings-kb.html#general-alert-action-settings`,
indexAction: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/index-action-type.html`,
esQuery: `${ELASTIC_WEBSITE_URL}guide/en/kibana/${DOC_LINK_VERSION}/rule-type-es-query.html`,
@@ -397,6 +401,9 @@ export interface DocLinksStart {
readonly DOC_LINK_VERSION: string;
readonly ELASTIC_WEBSITE_URL: string;
readonly links: {
+ readonly canvas: {
+ readonly guide: string;
+ };
readonly dashboard: {
readonly guide: string;
readonly drilldowns: string;
diff --git a/src/core/public/public.api.md b/src/core/public/public.api.md
index 18133ebec33533..b3ded52a98171a 100644
--- a/src/core/public/public.api.md
+++ b/src/core/public/public.api.md
@@ -490,6 +490,9 @@ export interface DocLinksStart {
readonly ELASTIC_WEBSITE_URL: string;
// (undocumented)
readonly links: {
+ readonly canvas: {
+ readonly guide: string;
+ };
readonly dashboard: {
readonly guide: string;
readonly drilldowns: string;
diff --git a/src/core/server/core_usage_data/core_usage_data_service.mock.ts b/src/core/server/core_usage_data/core_usage_data_service.mock.ts
index 8ed627cebec7e4..7fb15a921a4134 100644
--- a/src/core/server/core_usage_data/core_usage_data_service.mock.ts
+++ b/src/core/server/core_usage_data/core_usage_data_service.mock.ts
@@ -95,6 +95,13 @@ const createStartContractMock = () => {
supportedProtocols: ['TLSv1.1', 'TLSv1.2'],
truststoreConfigured: false,
},
+ securityResponseHeaders: {
+ strictTransportSecurity: 'NULL', // `null` values are coalesced to `"NULL"` strings
+ xContentTypeOptions: 'nosniff',
+ referrerPolicy: 'no-referrer-when-downgrade',
+ permissionsPolicyConfigured: false,
+ disableEmbedding: false,
+ },
xsrf: {
disableProtection: false,
allowlistConfigured: false,
diff --git a/src/core/server/core_usage_data/core_usage_data_service.test.ts b/src/core/server/core_usage_data/core_usage_data_service.test.ts
index 1c28eca1f1decb..d1f047c129efef 100644
--- a/src/core/server/core_usage_data/core_usage_data_service.test.ts
+++ b/src/core/server/core_usage_data/core_usage_data_service.test.ts
@@ -187,6 +187,13 @@ describe('CoreUsageDataService', () => {
"ipAllowlistConfigured": false,
},
"rewriteBasePath": false,
+ "securityResponseHeaders": Object {
+ "disableEmbedding": false,
+ "permissionsPolicyConfigured": false,
+ "referrerPolicy": "no-referrer-when-downgrade",
+ "strictTransportSecurity": "NULL",
+ "xContentTypeOptions": "nosniff",
+ },
"socketTimeout": 120000,
"ssl": Object {
"certificateAuthoritiesConfigured": false,
diff --git a/src/core/server/core_usage_data/core_usage_data_service.ts b/src/core/server/core_usage_data/core_usage_data_service.ts
index dff68bf1c524fe..78ac977c31a7d5 100644
--- a/src/core/server/core_usage_data/core_usage_data_service.ts
+++ b/src/core/server/core_usage_data/core_usage_data_service.ts
@@ -225,6 +225,16 @@ export class CoreUsageDataService implements CoreService {
+ test(`does not allow "disableEmbedding" to be set to true`, () => {
+ // This is intentionally not editable in the raw CSP config.
+ // Users should set `server.securityResponseHeaders.disableEmbedding` to control this config property.
+ expect(() => config.schema.validate({ disableEmbedding: true })).toThrowError(
+ '[disableEmbedding.0]: expected value to equal [false]'
+ );
+ });
+});
diff --git a/src/core/server/csp/config.ts b/src/core/server/csp/config.ts
index 3fc9faa26179e6..a61fa1b03a45c8 100644
--- a/src/core/server/csp/config.ts
+++ b/src/core/server/csp/config.ts
@@ -27,5 +27,8 @@ export const config = {
}),
strict: schema.boolean({ defaultValue: true }),
warnLegacyBrowsers: schema.boolean({ defaultValue: true }),
+ disableEmbedding: schema.oneOf([schema.literal(false)], { defaultValue: false }),
}),
};
+
+export const FRAME_ANCESTORS_RULE = `frame-ancestors 'self'`; // only used by CspConfig when embedding is disabled
diff --git a/src/core/server/csp/csp_config.test.ts b/src/core/server/csp/csp_config.test.ts
index ed13d363c41665..1e023c6f08ea80 100644
--- a/src/core/server/csp/csp_config.test.ts
+++ b/src/core/server/csp/csp_config.test.ts
@@ -6,7 +6,8 @@
* Side Public License, v 1.
*/
-import { CspConfig } from '.';
+import { CspConfig } from './csp_config';
+import { FRAME_ANCESTORS_RULE } from './config';
// CSP rules aren't strictly additive, so any change can potentially expand or
// restrict the policy in a way we consider a breaking change. For that reason,
@@ -25,6 +26,7 @@ describe('CspConfig', () => {
test('DEFAULT', () => {
expect(CspConfig.DEFAULT).toMatchInlineSnapshot(`
CspConfig {
+ "disableEmbedding": false,
"header": "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
"rules": Array [
"script-src 'unsafe-eval' 'self'",
@@ -38,49 +40,51 @@ describe('CspConfig', () => {
});
test('defaults from config', () => {
- expect(new CspConfig()).toMatchInlineSnapshot(`
- CspConfig {
- "header": "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
- "rules": Array [
- "script-src 'unsafe-eval' 'self'",
- "worker-src blob: 'self'",
- "style-src 'unsafe-inline' 'self'",
- ],
- "strict": true,
- "warnLegacyBrowsers": true,
- }
- `);
+ expect(new CspConfig()).toEqual(CspConfig.DEFAULT);
});
- test('creates from partial config', () => {
- expect(new CspConfig({ strict: false, warnLegacyBrowsers: false })).toMatchInlineSnapshot(`
- CspConfig {
- "header": "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
- "rules": Array [
- "script-src 'unsafe-eval' 'self'",
- "worker-src blob: 'self'",
- "style-src 'unsafe-inline' 'self'",
- ],
- "strict": false,
- "warnLegacyBrowsers": false,
- }
- `);
- });
+ describe('partial config', () => {
+ test('allows "rules" to be set and changes header', () => {
+ const rules = ['foo', 'bar'];
+ const config = new CspConfig({ rules });
+ expect(config.rules).toEqual(rules);
+ expect(config.header).toMatchInlineSnapshot(`"foo; bar"`);
+ });
- test('computes header from rules', () => {
- const cspConfig = new CspConfig({ rules: ['alpha', 'beta', 'gamma'] });
+ test('allows "strict" to be set', () => {
+ const config = new CspConfig({ strict: false });
+ expect(config.strict).toEqual(false);
+ expect(config.strict).not.toEqual(CspConfig.DEFAULT.strict);
+ });
- expect(cspConfig).toMatchInlineSnapshot(`
- CspConfig {
- "header": "alpha; beta; gamma",
- "rules": Array [
- "alpha",
- "beta",
- "gamma",
- ],
- "strict": true,
- "warnLegacyBrowsers": true,
- }
- `);
+ test('allows "warnLegacyBrowsers" to be set', () => {
+ const warnLegacyBrowsers = false;
+ const config = new CspConfig({ warnLegacyBrowsers });
+ expect(config.warnLegacyBrowsers).toEqual(warnLegacyBrowsers);
+ expect(config.warnLegacyBrowsers).not.toEqual(CspConfig.DEFAULT.warnLegacyBrowsers);
+ });
+
+ describe('allows "disableEmbedding" to be set', () => {
+ const disableEmbedding = true;
+
+ test('and changes rules/header if custom rules are not defined', () => {
+ const config = new CspConfig({ disableEmbedding });
+ expect(config.disableEmbedding).toEqual(disableEmbedding);
+ expect(config.disableEmbedding).not.toEqual(CspConfig.DEFAULT.disableEmbedding);
+ expect(config.rules).toEqual(expect.arrayContaining([FRAME_ANCESTORS_RULE]));
+ expect(config.header).toMatchInlineSnapshot(
+ `"script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'; frame-ancestors 'self'"`
+ );
+ });
+
+ test('and does not change rules/header if custom rules are defined', () => {
+ const rules = ['foo', 'bar'];
+ const config = new CspConfig({ disableEmbedding, rules });
+ expect(config.disableEmbedding).toEqual(disableEmbedding);
+ expect(config.disableEmbedding).not.toEqual(CspConfig.DEFAULT.disableEmbedding);
+ expect(config.rules).toEqual(rules);
+ expect(config.header).toMatchInlineSnapshot(`"foo; bar"`);
+ });
+ });
});
});
diff --git a/src/core/server/csp/csp_config.ts b/src/core/server/csp/csp_config.ts
index dd0e7ef2dbee4c..649c81576ef522 100644
--- a/src/core/server/csp/csp_config.ts
+++ b/src/core/server/csp/csp_config.ts
@@ -6,7 +6,7 @@
* Side Public License, v 1.
*/
-import { config } from './config';
+import { config, FRAME_ANCESTORS_RULE } from './config';
const DEFAULT_CONFIG = Object.freeze(config.schema.validate({}));
@@ -32,6 +32,12 @@ export interface ICspConfig {
*/
readonly warnLegacyBrowsers: boolean;
+ /**
+ * Whether or not embedding (using iframes) should be allowed by the CSP. If embedding is disabled *and* no custom rules have been
+ * defined, a restrictive 'frame-ancestors' rule will be added to the default CSP rules.
+ */
+ readonly disableEmbedding: boolean;
+
/**
* The CSP rules in a formatted directives string for use
* in a `Content-Security-Policy` header.
@@ -49,6 +55,7 @@ export class CspConfig implements ICspConfig {
public readonly rules: string[];
public readonly strict: boolean;
public readonly warnLegacyBrowsers: boolean;
+ public readonly disableEmbedding: boolean;
public readonly header: string;
/**
@@ -58,9 +65,13 @@ export class CspConfig implements ICspConfig {
constructor(rawCspConfig: Partial> = {}) {
const source = { ...DEFAULT_CONFIG, ...rawCspConfig };
- this.rules = source.rules;
+ this.rules = [...source.rules];
this.strict = source.strict;
this.warnLegacyBrowsers = source.warnLegacyBrowsers;
- this.header = source.rules.join('; ');
+ this.disableEmbedding = source.disableEmbedding;
+ if (!rawCspConfig.rules?.length && source.disableEmbedding) {
+ this.rules.push(FRAME_ANCESTORS_RULE);
+ }
+ this.header = this.rules.join('; ');
}
}
diff --git a/src/core/server/http/__snapshots__/http_config.test.ts.snap b/src/core/server/http/__snapshots__/http_config.test.ts.snap
index 4545396c27b5e9..589e4e118991a8 100644
--- a/src/core/server/http/__snapshots__/http_config.test.ts.snap
+++ b/src/core/server/http/__snapshots__/http_config.test.ts.snap
@@ -64,6 +64,13 @@ Object {
"ipAllowlist": Array [],
},
"rewriteBasePath": false,
+ "securityResponseHeaders": Object {
+ "disableEmbedding": false,
+ "permissionsPolicy": null,
+ "referrerPolicy": "no-referrer-when-downgrade",
+ "strictTransportSecurity": null,
+ "xContentTypeOptions": "nosniff",
+ },
"socketTimeout": 120000,
"ssl": Object {
"cipherSuites": Array [
diff --git a/src/core/server/http/http_config.ts b/src/core/server/http/http_config.ts
index daf7424b8f8bd3..c7e53bb600377d 100644
--- a/src/core/server/http/http_config.ts
+++ b/src/core/server/http/http_config.ts
@@ -14,6 +14,10 @@ import url from 'url';
import { ServiceConfigDescriptor } from '../internal_types';
import { CspConfigType, CspConfig, ICspConfig } from '../csp';
import { ExternalUrlConfig, IExternalUrlConfig } from '../external_url';
+import {
+ securityResponseHeadersSchema,
+ parseRawSecurityResponseHeadersConfig,
+} from './security_response_headers_config';
const validBasePathRegex = /^\/.*[^\/]$/;
const uuidRegexp = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
@@ -53,6 +57,7 @@ const configSchema = schema.object(
},
}
),
+ securityResponseHeaders: securityResponseHeadersSchema,
customResponseHeaders: schema.recordOf(schema.string(), schema.any(), {
defaultValue: {},
}),
@@ -171,6 +176,7 @@ export class HttpConfig implements IHttpConfig {
allowCredentials: boolean;
allowOrigin: string[];
};
+ public securityResponseHeaders: Record;
public customResponseHeaders: Record;
public maxPayload: ByteSizeValue;
public basePath?: string;
@@ -195,6 +201,10 @@ export class HttpConfig implements IHttpConfig {
this.host = rawHttpConfig.host;
this.port = rawHttpConfig.port;
this.cors = rawHttpConfig.cors;
+ const { securityResponseHeaders, disableEmbedding } = parseRawSecurityResponseHeadersConfig(
+ rawHttpConfig.securityResponseHeaders
+ );
+ this.securityResponseHeaders = securityResponseHeaders;
this.customResponseHeaders = Object.entries(rawHttpConfig.customResponseHeaders ?? {}).reduce(
(headers, [key, value]) => {
return {
@@ -213,7 +223,7 @@ export class HttpConfig implements IHttpConfig {
this.rewriteBasePath = rawHttpConfig.rewriteBasePath;
this.ssl = new SslConfig(rawHttpConfig.ssl || {});
this.compression = rawHttpConfig.compression;
- this.csp = new CspConfig(rawCspConfig);
+ this.csp = new CspConfig({ ...rawCspConfig, disableEmbedding });
this.externalUrl = rawExternalUrlConfig;
this.xsrf = rawHttpConfig.xsrf;
this.requestId = rawHttpConfig.requestId;
diff --git a/src/core/server/http/integration_tests/lifecycle_handlers.test.ts b/src/core/server/http/integration_tests/lifecycle_handlers.test.ts
index 2f9d393b632f72..8d4cf31a5c7052 100644
--- a/src/core/server/http/integration_tests/lifecycle_handlers.test.ts
+++ b/src/core/server/http/integration_tests/lifecycle_handlers.test.ts
@@ -53,8 +53,16 @@ describe('core lifecycle handlers', () => {
},
compression: { enabled: true },
name: kibanaName,
+ securityResponseHeaders: {
+ // reflects default config
+ strictTransportSecurity: null,
+ xContentTypeOptions: 'nosniff',
+ referrerPolicy: 'strict-origin-when-cross-origin',
+ permissionsPolicy: null,
+ },
customResponseHeaders: {
'some-header': 'some-value',
+ 'referrer-policy': 'strict-origin', // overrides a header that is defined by securityResponseHeaders
},
xsrf: { disableProtection: false, allowlist: [allowlistedTestPath] },
requestId: {
@@ -117,6 +125,13 @@ describe('core lifecycle handlers', () => {
const testRoute = '/custom_headers/test/route';
const testErrorRoute = '/custom_headers/test/error_route';
+ const expectedHeaders = {
+ [nameHeader]: kibanaName,
+ 'x-content-type-options': 'nosniff',
+ 'referrer-policy': 'strict-origin',
+ 'some-header': 'some-value',
+ };
+
beforeEach(async () => {
router.get({ path: testRoute, validate: false }, (context, req, res) => {
return res.ok({ body: 'ok' });
@@ -127,36 +142,16 @@ describe('core lifecycle handlers', () => {
await server.start();
});
- it('adds the kbn-name header', async () => {
- const result = await supertest(innerServer.listener).get(testRoute).expect(200, 'ok');
- const headers = result.header as Record;
- expect(headers).toEqual(
- expect.objectContaining({
- [nameHeader]: kibanaName,
- })
- );
- });
-
- it('adds the kbn-name header in case of error', async () => {
- const result = await supertest(innerServer.listener).get(testErrorRoute).expect(400);
- const headers = result.header as Record;
- expect(headers).toEqual(
- expect.objectContaining({
- [nameHeader]: kibanaName,
- })
- );
- });
-
- it('adds the custom headers', async () => {
+ it('adds the expected headers in case of success', async () => {
const result = await supertest(innerServer.listener).get(testRoute).expect(200, 'ok');
const headers = result.header as Record;
- expect(headers).toEqual(expect.objectContaining({ 'some-header': 'some-value' }));
+ expect(headers).toEqual(expect.objectContaining(expectedHeaders));
});
- it('adds the custom headers in case of error', async () => {
+ it('adds the expected headers in case of error', async () => {
const result = await supertest(innerServer.listener).get(testErrorRoute).expect(400);
const headers = result.header as Record;
- expect(headers).toEqual(expect.objectContaining({ 'some-header': 'some-value' }));
+ expect(headers).toEqual(expect.objectContaining(expectedHeaders));
});
});
diff --git a/src/core/server/http/lifecycle_handlers.test.ts b/src/core/server/http/lifecycle_handlers.test.ts
index cd8caa7c76ab18..e777cbb1c1ff07 100644
--- a/src/core/server/http/lifecycle_handlers.test.ts
+++ b/src/core/server/http/lifecycle_handlers.test.ts
@@ -241,12 +241,15 @@ describe('customHeaders pre-response handler', () => {
expect(toolkit.next).toHaveBeenCalledWith({ headers: { 'kbn-name': 'my-server-name' } });
});
- it('adds the custom headers defined in the configuration', () => {
+ it('adds the security headers and custom headers defined in the configuration', () => {
const config = createConfig({
name: 'my-server-name',
- customResponseHeaders: {
+ securityResponseHeaders: {
headerA: 'value-A',
- headerB: 'value-B',
+ headerB: 'value-B', // will be overridden by the custom response header below
+ },
+ customResponseHeaders: {
+ headerB: 'x',
},
});
const handler = createCustomHeadersPreResponseHandler(config as HttpConfig);
@@ -258,7 +261,7 @@ describe('customHeaders pre-response handler', () => {
headers: {
'kbn-name': 'my-server-name',
headerA: 'value-A',
- headerB: 'value-B',
+ headerB: 'x',
},
});
});
diff --git a/src/core/server/http/lifecycle_handlers.ts b/src/core/server/http/lifecycle_handlers.ts
index a1fae89b68e11e..eed24c8071eaf9 100644
--- a/src/core/server/http/lifecycle_handlers.ts
+++ b/src/core/server/http/lifecycle_handlers.ts
@@ -62,12 +62,12 @@ export const createVersionCheckPostAuthHandler = (kibanaVersion: string): OnPost
};
export const createCustomHeadersPreResponseHandler = (config: HttpConfig): OnPreResponseHandler => {
- const serverName = config.name;
- const customHeaders = config.customResponseHeaders;
+ const { name: serverName, securityResponseHeaders, customResponseHeaders } = config;
return (request, response, toolkit) => {
const additionalHeaders = {
- ...customHeaders,
+ ...securityResponseHeaders,
+ ...customResponseHeaders,
[KIBANA_NAME_HEADER]: serverName,
};
diff --git a/src/core/server/http/router/route.ts b/src/core/server/http/router/route.ts
index 77b40ca5995bb9..ea70f1b4f543b8 100644
--- a/src/core/server/http/router/route.ts
+++ b/src/core/server/http/router/route.ts
@@ -70,7 +70,7 @@ export interface RouteConfigOptionsBody {
/**
* Limits the size of incoming payloads to the specified byte count. Allowing very large payloads may cause the server to run out of memory.
*
- * Default value: The one set in the kibana.yml config file under the parameter `server.maxPayloadBytes`.
+ * Default value: The one set in the kibana.yml config file under the parameter `server.maxPayload`.
*/
maxBytes?: number;
diff --git a/src/core/server/http/security_response_headers_config.test.ts b/src/core/server/http/security_response_headers_config.test.ts
new file mode 100644
index 00000000000000..b1c8bb23102f5c
--- /dev/null
+++ b/src/core/server/http/security_response_headers_config.test.ts
@@ -0,0 +1,99 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0 and the Server Side Public License, v 1; you may not use this file except
+ * in compliance with, at your election, the Elastic License 2.0 or the Server
+ * Side Public License, v 1.
+ */
+
+import {
+ securityResponseHeadersSchema as schema,
+ parseRawSecurityResponseHeadersConfig as parse,
+} from './security_response_headers_config';
+
+describe('parseRawSecurityResponseHeadersConfig', () => {
+ it('returns default values', () => {
+ const config = schema.validate({});
+ const result = parse(config);
+ expect(result.disableEmbedding).toBe(false);
+ expect(result.securityResponseHeaders).toMatchInlineSnapshot(`
+ Object {
+ "Referrer-Policy": "no-referrer-when-downgrade",
+ "X-Content-Type-Options": "nosniff",
+ }
+ `);
+ });
+
+ describe('strictTransportSecurity', () => {
+ it('a custom value results in the expected Strict-Transport-Security header', () => {
+ const strictTransportSecurity = 'max-age=31536000; includeSubDomains';
+ const config = schema.validate({ strictTransportSecurity });
+ const result = parse(config);
+ expect(result.securityResponseHeaders['Strict-Transport-Security']).toEqual(
+ strictTransportSecurity
+ );
+ });
+
+ it('a null value removes the Strict-Transport-Security header', () => {
+ const config = schema.validate({ strictTransportSecurity: null });
+ const result = parse(config);
+ expect(result.securityResponseHeaders['Strict-Transport-Security']).toBeUndefined();
+ });
+ });
+
+ describe('xContentTypeOptions', () => {
+ it('a custom value results in the expected X-Content-Type-Options header', () => {
+ const xContentTypeOptions = 'nosniff'; // there is no other valid value to test with
+ const config = schema.validate({ xContentTypeOptions });
+ const result = parse(config);
+ expect(result.securityResponseHeaders['X-Content-Type-Options']).toEqual(xContentTypeOptions);
+ });
+
+ it('a null value removes the X-Content-Type-Options header', () => {
+ const config = schema.validate({ xContentTypeOptions: null });
+ const result = parse(config);
+ expect(result.securityResponseHeaders['X-Content-Type-Options']).toBeUndefined();
+ });
+ });
+
+ describe('referrerPolicy', () => {
+ it('a custom value results in the expected Referrer-Policy header', () => {
+ const referrerPolicy = 'strict-origin-when-cross-origin';
+ const config = schema.validate({ referrerPolicy });
+ const result = parse(config);
+ expect(result.securityResponseHeaders['Referrer-Policy']).toEqual(referrerPolicy);
+ });
+
+ it('a null value removes the Referrer-Policy header', () => {
+ const config = schema.validate({ referrerPolicy: null });
+ const result = parse(config);
+ expect(result.securityResponseHeaders['Referrer-Policy']).toBeUndefined();
+ });
+ });
+
+ describe('permissionsPolicy', () => {
+ it('a custom value results in the expected Permissions-Policy header', () => {
+ const permissionsPolicy = 'display-capture=(self)';
+ const config = schema.validate({ permissionsPolicy });
+ const result = parse(config);
+ expect(result.securityResponseHeaders['Permissions-Policy']).toEqual(permissionsPolicy);
+ });
+
+ it('a null value removes the Permissions-Policy header', () => {
+ const config = schema.validate({ permissionsPolicy: null });
+ const result = parse(config);
+ expect(result.securityResponseHeaders['Permissions-Policy']).toBeUndefined();
+ });
+ });
+
+ describe('disableEmbedding', () => {
+ it('a true value results in the expected X-Frame-Options header and expected disableEmbedding result value', () => {
+ const config = schema.validate({ disableEmbedding: true });
+ const result = parse(config);
+ expect(result.securityResponseHeaders['X-Frame-Options']).toMatchInlineSnapshot(
+ `"SAMEORIGIN"`
+ );
+ expect(result.disableEmbedding).toBe(true);
+ });
+ });
+});
diff --git a/src/core/server/http/security_response_headers_config.ts b/src/core/server/http/security_response_headers_config.ts
new file mode 100644
index 00000000000000..917d737d59297e
--- /dev/null
+++ b/src/core/server/http/security_response_headers_config.ts
@@ -0,0 +1,72 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0 and the Server Side Public License, v 1; you may not use this file except
+ * in compliance with, at your election, the Elastic License 2.0 or the Server
+ * Side Public License, v 1.
+ */
+
+import { schema, TypeOf } from '@kbn/config-schema';
+
+export const securityResponseHeadersSchema = schema.object({
+ strictTransportSecurity: schema.oneOf([schema.string(), schema.literal(null)], {
+ // See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
+ defaultValue: null,
+ }),
+ xContentTypeOptions: schema.oneOf([schema.literal('nosniff'), schema.literal(null)], {
+ // See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
+ defaultValue: 'nosniff',
+ }),
+ referrerPolicy: schema.oneOf(
+ // See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
+ [
+ schema.literal('no-referrer'),
+ schema.literal('no-referrer-when-downgrade'),
+ schema.literal('origin'),
+ schema.literal('origin-when-cross-origin'),
+ schema.literal('same-origin'),
+ schema.literal('strict-origin'),
+ schema.literal('strict-origin-when-cross-origin'),
+ schema.literal('unsafe-url'),
+ schema.literal(null),
+ ],
+ { defaultValue: 'no-referrer-when-downgrade' }
+ ),
+ permissionsPolicy: schema.oneOf([schema.string(), schema.literal(null)], {
+ // See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy
+ // Note: Feature-Policy is superseded by Permissions-Policy; the link above is temporary until MDN releases an updated page
+ defaultValue: null,
+ }),
+ disableEmbedding: schema.boolean({ defaultValue: false }), // is used to control X-Frame-Options and CSP headers
+});
+
+/**
+ * Parses raw security header config info, returning an object with the appropriate header keys and values.
+ *
+ * @param raw
+ * @internal
+ */
+export function parseRawSecurityResponseHeadersConfig(
+ raw: TypeOf
+) {
+ const securityResponseHeaders: Record = {};
+ const { disableEmbedding } = raw;
+
+ if (raw.strictTransportSecurity) {
+ securityResponseHeaders['Strict-Transport-Security'] = raw.strictTransportSecurity;
+ }
+ if (raw.xContentTypeOptions) {
+ securityResponseHeaders['X-Content-Type-Options'] = raw.xContentTypeOptions;
+ }
+ if (raw.referrerPolicy) {
+ securityResponseHeaders['Referrer-Policy'] = raw.referrerPolicy;
+ }
+ if (raw.permissionsPolicy) {
+ securityResponseHeaders['Permissions-Policy'] = raw.permissionsPolicy;
+ }
+ if (disableEmbedding) {
+ securityResponseHeaders['X-Frame-Options'] = 'SAMEORIGIN';
+ }
+
+ return { securityResponseHeaders, disableEmbedding };
+}
diff --git a/src/core/server/http/test_utils.ts b/src/core/server/http/test_utils.ts
index b9b877e193fbd6..c6368a7166bc30 100644
--- a/src/core/server/http/test_utils.ts
+++ b/src/core/server/http/test_utils.ts
@@ -38,6 +38,7 @@ configService.atPath.mockImplementation((path) => {
disableProtection: true,
allowlist: [],
},
+ securityResponseHeaders: {},
customResponseHeaders: {},
requestId: {
allowFromAnyIp: true,
diff --git a/src/core/server/saved_objects/migrationsv2/integration_tests/migration_7.7.2_xpack_100k.test.ts b/src/core/server/saved_objects/migrationsv2/integration_tests/migration_7.7.2_xpack_100k.test.ts
index 7f3ee03f1437d2..0e51c886f7f30d 100644
--- a/src/core/server/saved_objects/migrationsv2/integration_tests/migration_7.7.2_xpack_100k.test.ts
+++ b/src/core/server/saved_objects/migrationsv2/integration_tests/migration_7.7.2_xpack_100k.test.ts
@@ -26,8 +26,7 @@ async function removeLogFile() {
await asyncUnlink(logFilePath).catch(() => void 0);
}
-// FAILING: https://github.com/elastic/kibana/pull/96788
-describe.skip('migration from 7.7.2-xpack with 100k objects', () => {
+describe('migration from 7.7.2-xpack with 100k objects', () => {
let esServer: kbnTestServer.TestElasticsearchUtils;
let root: Root;
let coreStart: InternalCoreStart;
diff --git a/src/core/server/saved_objects/service/lib/filter_utils.test.ts b/src/core/server/saved_objects/service/lib/filter_utils.test.ts
index 956a60b23809d3..2ef5219ccfff16 100644
--- a/src/core/server/saved_objects/service/lib/filter_utils.test.ts
+++ b/src/core/server/saved_objects/service/lib/filter_utils.test.ts
@@ -6,6 +6,7 @@
* Side Public License, v 1.
*/
+import { cloneDeep } from 'lodash';
// @ts-expect-error no ts
import { esKuery } from '../../es_query';
@@ -105,6 +106,22 @@ describe('Filter Utils', () => {
)
).toEqual(esKuery.fromKueryExpression('foo.title: "best"'));
});
+
+ test('does not mutate the input KueryNode', () => {
+ const input = esKuery.nodeTypes.function.buildNode(
+ 'is',
+ `foo.attributes.title`,
+ 'best',
+ true
+ );
+
+ const inputCopy = cloneDeep(input);
+
+ validateConvertFilterToKueryNode(['foo'], input, mockMappings);
+
+ expect(input).toEqual(inputCopy);
+ });
+
test('Validate a simple KQL expression filter', () => {
expect(
validateConvertFilterToKueryNode(['foo'], 'foo.attributes.title: "best"', mockMappings)
diff --git a/src/core/server/saved_objects/service/lib/filter_utils.ts b/src/core/server/saved_objects/service/lib/filter_utils.ts
index b3bcef9a62e130..a41a25a27b70dd 100644
--- a/src/core/server/saved_objects/service/lib/filter_utils.ts
+++ b/src/core/server/saved_objects/service/lib/filter_utils.ts
@@ -7,11 +7,12 @@
*/
import { set } from '@elastic/safer-lodash-set';
-import { get } from 'lodash';
+import { get, cloneDeep } from 'lodash';
import { SavedObjectsErrorHelpers } from './errors';
import { IndexMapping } from '../../mappings';
// @ts-expect-error no ts
import { esKuery } from '../../es_query';
+
type KueryNode = any;
const astFunctionType = ['is', 'range', 'nested'];
@@ -23,7 +24,7 @@ export const validateConvertFilterToKueryNode = (
): KueryNode | undefined => {
if (filter && indexMapping) {
const filterKueryNode =
- typeof filter === 'string' ? esKuery.fromKueryExpression(filter) : filter;
+ typeof filter === 'string' ? esKuery.fromKueryExpression(filter) : cloneDeep(filter);
const validationFilterKuery = validateFilterKueryNode({
astFilter: filterKueryNode,
diff --git a/src/core/server/server.api.md b/src/core/server/server.api.md
index e8f9dab435754a..e5804b3c9fc580 100644
--- a/src/core/server/server.api.md
+++ b/src/core/server/server.api.md
@@ -442,6 +442,13 @@ export interface CoreConfigUsageData {
supportedProtocols: string[];
clientAuthentication: 'none' | 'optional' | 'required';
};
+ securityResponseHeaders: {
+ strictTransportSecurity: string;
+ xContentTypeOptions: string;
+ referrerPolicy: string;
+ permissionsPolicyConfigured: boolean;
+ disableEmbedding: boolean;
+ };
};
// (undocumented)
logging: {
@@ -757,6 +764,8 @@ export class CspConfig implements ICspConfig {
// (undocumented)
static readonly DEFAULT: CspConfig;
// (undocumented)
+ readonly disableEmbedding: boolean;
+ // (undocumented)
readonly header: string;
// (undocumented)
readonly rules: string[];
@@ -1113,6 +1122,7 @@ export type IContextProvider> "$HOME/.bazelrc"
echo "build --remote_header=x-buildbuddy-api-key=$KIBANA_BUILDBUDDY_CI_API_KEY" >> "$HOME/.bazelrc"
-if [[ "$BUILD_TS_REFS_CACHE_ENABLE" != "true" ]]; then
- export BUILD_TS_REFS_CACHE_ENABLE=false
-fi
-
###
### install dependencies
###
diff --git a/src/dev/typescript/build_ts_refs_cli.ts b/src/dev/typescript/build_ts_refs_cli.ts
index 42b278ce6450c1..00f298887ee17f 100644
--- a/src/dev/typescript/build_ts_refs_cli.ts
+++ b/src/dev/typescript/build_ts_refs_cli.ts
@@ -21,7 +21,7 @@ const CACHE_WORKING_DIR = Path.resolve(REPO_ROOT, 'data/ts_refs_output_cache');
const TS_ERROR_REF = /\sTS\d{1,6}:\s/;
const isTypeFailure = (error: any) =>
- error.exitCode === 1 &&
+ error.exitCode > 0 &&
error.stderr === '' &&
typeof error.stdout === 'string' &&
TS_ERROR_REF.test(error.stdout);
diff --git a/src/plugins/console/server/lib/spec_definitions/js/search.ts b/src/plugins/console/server/lib/spec_definitions/js/search.ts
index 686737b96ac839..5a3b37e2e4135b 100644
--- a/src/plugins/console/server/lib/spec_definitions/js/search.ts
+++ b/src/plugins/console/server/lib/spec_definitions/js/search.ts
@@ -16,7 +16,7 @@ export const search = (specService: SpecDefinitionsService) => {
// populated by a global rule
},
profile: {
- __one_of: ['true', 'false'],
+ __one_of: [true, false],
},
aggs: {
__template: {
@@ -118,6 +118,26 @@ export const search = (specService: SpecDefinitionsService) => {
},
},
docvalue_fields: ['{field}'],
+ fields: {
+ __one_of: [
+ [
+ {
+ __one_of: [
+ '{field}',
+ '*',
+ {
+ field: '{field}',
+ include_unmapped: {
+ __one_of: ['true', 'false'],
+ },
+ format: '',
+ },
+ ],
+ },
+ ],
+ '*',
+ ],
+ },
collapse: {
__template: {
field: 'FIELD',
@@ -144,6 +164,19 @@ export const search = (specService: SpecDefinitionsService) => {
__scope_link: 'GLOBAL.script',
},
},
+ runtime_mappings: {
+ __template: {
+ FIELD: {
+ type: '',
+ script: {
+ // populated by a global rule
+ },
+ },
+ },
+ '*': {
+ __scope_link: 'GLOBAL.script',
+ },
+ },
partial_fields: {
__template: {
NAME: {
@@ -160,8 +193,11 @@ export const search = (specService: SpecDefinitionsService) => {
},
_source: {
__one_of: [
- '{field}',
['{field}'],
+ '*',
+ '{field}',
+ true,
+ false,
{
includes: {
__one_of: ['{field}', ['{field}']],
diff --git a/src/plugins/dashboard/kibana.json b/src/plugins/dashboard/kibana.json
index 41335069461fae..54eaf461b73d73 100644
--- a/src/plugins/dashboard/kibana.json
+++ b/src/plugins/dashboard/kibana.json
@@ -11,7 +11,8 @@
"share",
"uiActions",
"urlForwarding",
- "presentationUtil"
+ "presentationUtil",
+ "visualizations"
],
"optionalPlugins": [
"home",
diff --git a/src/plugins/dashboard/public/application/_dashboard_app.scss b/src/plugins/dashboard/public/application/_dashboard_app.scss
index 30253afff391fa..f6525377cce70f 100644
--- a/src/plugins/dashboard/public/application/_dashboard_app.scss
+++ b/src/plugins/dashboard/public/application/_dashboard_app.scss
@@ -66,4 +66,17 @@
.dshUnsavedListingItem__actions {
flex-direction: column;
}
-}
\ No newline at end of file
+}
+
+// Temporary fix for two tone icons to make them monochrome
+.dshSolutionToolbar__editorContextMenu--dark {
+ .euiIcon path {
+ fill: $euiColorGhost;
+ }
+}
+
+.dshSolutionToolbar__editorContextMenu--light {
+ .euiIcon path {
+ fill: $euiColorInk;
+ }
+}
diff --git a/src/plugins/dashboard/public/application/dashboard_router.tsx b/src/plugins/dashboard/public/application/dashboard_router.tsx
index e5281a257ee13d..ed68afc5e97b15 100644
--- a/src/plugins/dashboard/public/application/dashboard_router.tsx
+++ b/src/plugins/dashboard/public/application/dashboard_router.tsx
@@ -80,6 +80,7 @@ export async function mountApp({
embeddable: embeddableStart,
kibanaLegacy: { dashboardConfig },
savedObjectsTaggingOss,
+ visualizations,
} = pluginsStart;
const spacesApi = pluginsStart.spacesOss?.isSpacesAvailable ? pluginsStart.spacesOss : undefined;
@@ -123,6 +124,7 @@ export async function mountApp({
visualizeCapabilities: { save: Boolean(coreStart.application.capabilities.visualize?.save) },
storeSearchSession: Boolean(coreStart.application.capabilities.dashboard.storeSearchSession),
},
+ visualizations,
};
const getUrlStateStorage = (history: RouteComponentProps['history']) =>
diff --git a/src/plugins/dashboard/public/application/embeddable/dashboard_container_factory.tsx b/src/plugins/dashboard/public/application/embeddable/dashboard_container_factory.tsx
index 9b93f0bbd07119..ff592742488f5d 100644
--- a/src/plugins/dashboard/public/application/embeddable/dashboard_container_factory.tsx
+++ b/src/plugins/dashboard/public/application/embeddable/dashboard_container_factory.tsx
@@ -49,7 +49,7 @@ export class DashboardContainerFactoryDefinition
public readonly getDisplayName = () => {
return i18n.translate('dashboard.factory.displayName', {
- defaultMessage: 'dashboard',
+ defaultMessage: 'Dashboard',
});
};
diff --git a/src/plugins/dashboard/public/application/embeddable/empty_screen/__snapshots__/dashboard_empty_screen.test.tsx.snap b/src/plugins/dashboard/public/application/embeddable/empty_screen/__snapshots__/dashboard_empty_screen.test.tsx.snap
index 4cd3eb13f36095..138d665866af06 100644
--- a/src/plugins/dashboard/public/application/embeddable/empty_screen/__snapshots__/dashboard_empty_screen.test.tsx.snap
+++ b/src/plugins/dashboard/public/application/embeddable/empty_screen/__snapshots__/dashboard_empty_screen.test.tsx.snap
@@ -287,7 +287,7 @@ exports[`DashboardEmptyScreen renders correctly with edit mode 1`] = `
- Add your first panel
+ Add your first visualization
+
+
+ ,
+ "scriptsInAggregation":
+
+ ,
+ }
+ }
+ >
+
+ Please familiarize yourself with
+
+
+
+ and
+
+
+
+ before using this feature. Scripted fields can be used to display and aggregate calculated values. As such, they can be very slow and, if done incorrectly, can cause Kibana to become unusable.
+
+
+
+
+
+
+
+
}
@@ -38,12 +126,13 @@ exports[`ScriptingWarningCallOut should render normally 1`] = `
className="euiCallOutHeader__title"
>
- Proceed with caution
+ Scripted fields are deprecated.
@@ -54,113 +143,57 @@ exports[`ScriptingWarningCallOut should render normally 1`] = `
-
- Please familiarize yourself with
-
+
+
+ ,
+ }
+ }
>
-
-
- and with
-
-
-
- before using scripted fields.
-
-
-
-
-
-
- Scripted fields can be used to display and aggregate calculated values. As such, they can be very slow, and if done incorrectly, can cause Kibana to be unusable. There's no safety net here. If you make a typo, unexpected exceptions will be thrown all over the place!
-
-
-