diff --git a/docs/CHANGELOG.asciidoc b/docs/CHANGELOG.asciidoc index b1b4a59160c19..3c102cbbf9384 100644 --- a/docs/CHANGELOG.asciidoc +++ b/docs/CHANGELOG.asciidoc @@ -10,6 +10,7 @@ Review important information about the {kib} 8.x releases. +* <> * <> * <> * <> @@ -77,6 +78,360 @@ Review important information about the {kib} 8.x releases. include::upgrade-notes.asciidoc[] + +[[release-notes-8.16.0]] +== {kib} 8.16.0 + +For information about the {kib} 8.16.0 release, review the following information. + +[float] +[[deprecations-8.16.0]] +=== Deprecations + +The following functionality is deprecated in 8.16.0, and will be removed in 9.0.0. +Deprecated functionality does not have an immediate impact on your application, but we strongly recommend +you make the necessary updates after you upgrade to 8.16.0. + +[discrete] +* The Logs Stream is now hidden by default in favor of the Logs Explorer app. +[%collapsible] +==== +*Details* + +You can find the Logs Explorer app in the navigation menu under Logs > Explorer, or as a separate tab in Discover. For more information, refer to ({kibana-pull}194519[#194519]). + +*Impact* + +You can still show the Logs Stream app again by navigating to Stack Management > Advanced Settings and by enabling the `observability:enableLogsStream` setting. +==== + +[discrete] +* Deprecates the Observability AI Assistant specific advanced setting `observability:aiAssistantLogsIndexPattern`. +[%collapsible] +==== +*Details* + +The Observability AI Assistant specific advanced setting for Logs index patterns `observability:aiAssistantLogsIndexPattern` is deprecated and no longer used. The AI Assistant will now use the existing **Log sources** setting `observability:logSources` instead. For more information, refer to ({kibana-pull}192003[#192003]). + +//*Impact* + +//!!TODO!! +==== + + + +[float] +[[features-8.16.0]] +=== Features +{kib} 8.16.0 adds the following new and notable features. + +AGPL license:: +* Adds AGPL 3.0 license ({kibana-pull}192025[#192025]). +Alerting:: +* Adds TheHive connector ({kibana-pull}180138[#180138]). +* Adds flapping settings per rule ({kibana-pull}189341[#189341]). +Cases:: +* Support TheHive connector in cases ({kibana-pull}180931[#180931]). +Dashboards and visualizations:: +* Adds the ability to star your favorite dashboards and quickly find them ({kibana-pull}189285[#189285]). +* Adds a chart showing usage statistics to the dashboard details ({kibana-pull}187993[#187993]). +* Adds metric styling options in *Lens* ({kibana-pull}186929[#186929]). +* Adds support for coloring table cells by terms with color mappings assignments. This is supported for both Rows and Metric dimensions ({kibana-pull}189895[#189895]). +Data ingestion and Fleet:: +* Support content packages in UI ({kibana-pull}195831[#195831]). +* Advanced agent monitoring options UI for HTTP endpoint and diagnostics ({kibana-pull}193361[#193361]). +* Adds option to have Kafka dynamic topics in outputs ({kibana-pull}192720[#192720]). +* Adds support for GeoIP processor databases in Ingest Pipelines ({kibana-pull}190830[#190830]). +//// +!!TODO!! The above PR had a lengthy release note description: +The Ingest Pipelines app now supports adding and managing databases for the GeoIP processor. Additionally, the pipeline creation flow now includes support for the IP Location processor. +//// +* Adds agentless ux creation flow ({kibana-pull}189932[#189932]). +* Enable feature flag for reusable integration policies ({kibana-pull}187153[#187153]). +Discover:: +* When writing ES|QL queries, you now get recommendations to help you get started ({kibana-pull}194418[#194418]). +* Enhances the inline documentation experience in ES|QL mode ({kibana-pull}192156[#192156]). +* Adds the ability to break down the histogram by field for ES|QL queries in Discover ({kibana-pull}193820[#193820]). +* Adds a summary column to the Documents table when exploring log data in Discover ({kibana-pull}192567[#192567]). +* Adds row indicators to the Documents table when exploring log data in Discover ({kibana-pull}190676[#190676]). +* Moves the button to switch between ES|QL and classic modes to the toolbar ({kibana-pull}188898[#188898]). +* Adds density settings to allow further customization of the Documents table layout ({kibana-pull}188495[#188495]). +* Enables the time picker for indices without the @timestamp field when editing ES|QL queries ({kibana-pull}184361[#184361]). +Elastic Observability solution:: +* Show monitors from all permitted spaces !! ({kibana-pull}196109[#196109]). +* Adds experimental logs overview to the observability hosts and service overviews ({kibana-pull}195673[#195673]). +* Show alerts for entities ({kibana-pull}195250[#195250]). +* Create sub-feature role to manage APM settings write permissions ({kibana-pull}194419[#194419]). +* Adds related alerts tab to the alert details page ({kibana-pull}193263[#193263]). +* Adds labels field !! ({kibana-pull}193250[#193250]). +* Implement _ignored root cause identification flow ({kibana-pull}192370[#192370]). +* Enable page for synthetics ({kibana-pull}191846[#191846]). +* Settings add config to enable default rules ({kibana-pull}190800[#190800]). +* Added alerts page ({kibana-pull}190751[#190751]). +* Monitor list add bulk delete ({kibana-pull}190674[#190674]). +* Delete monitor API via id param !! ({kibana-pull}190210[#190210]). +* Enable metrics and traces in the Data Set Quality page ({kibana-pull}190043[#190043]). +* Adds alert grouping functionality to the observability alerts page ({kibana-pull}189958[#189958]). +* Adds a new SLO Burn Rate embeddable ({kibana-pull}189429[#189429]). +* The Slack Web API Alert Connector is now supported as a default connector for Synthetics and Uptime rules ({kibana-pull}188437[#188437]). +* Adds option to enable backfill transform ({kibana-pull}188379[#188379]). +* Save the ECS group by fields at the AAD root level ({kibana-pull}188241[#188241]). +* Adds last value aggregation ({kibana-pull}187082[#187082]). +* Improve synthetics alerting ({kibana-pull}186585[#186585]). +* Make overview grid embeddable ({kibana-pull}160597[#160597]). +Elastic Security solution:: +For the Elastic Security 8.16.0 release information, refer to {security-guide}/release-notes.html[_Elastic Security Solution Release Notes_]. +Kibana security:: +* Adds an API endpoint `POST security/roles` that can be used to bulk create or update roles ({kibana-pull}189173[#189173]). +* Automatic Import can now create integrations for logs in the CSV format ({kibana-pull}194386[#194386]). +* Adds an error handling framework to Automatic Import that provides error messages with more context to user ({kibana-pull}193577[#193577]). +* When running in FIPS mode, Kibana forbids usage of PKCS12 configuration options ({kibana-pull}192627[#192627]). +Machine Learning:: +* Adds new section for creating daylight saving time calendar events ({kibana-pull}193605[#193605]). +* Anomaly Detection: Adds a page to list supplied job configurations ({kibana-pull}191564[#191564]). +* Redesigns start/update model deployment dialog to support adaptive resources ({kibana-pull}190243[#190243]). +* File upload: Adds support for PDF files ({kibana-pull}186956[#186956]). +* Adds Pattern analysis embeddable for dashboards ({kibana-pull}186539[#186539]). +Management:: +* This release introduces a fresh, modern look for the console, now featuring the Monaco editor. We've added a file import and export functionality, and the console is fully responsive with stackable panels for a smoother experience. New buttons allow for quick clearing of editor values and output. Additionally, the history and config tabs were improved to enhance usability. ({kibana-pull}189748[#189748]). + +For more information about the features introduced in 8.16.0, refer to <>. + +[[enhancements-and-bug-fixes-v8.16.0]] +=== Enhancements and bug fixes + +For detailed information about the 8.16.0 release, review the enhancements and bug fixes. + + +[float] +[[enhancement-v8.16.0]] +=== Enhancements +Alerting:: +* Allow users to select template while adding a case action in the rule ({kibana-pull}190701[#190701]). +* New full-page rule form in the Stack Management app ({kibana-pull}194655[#194655]). +Dashboards and visualizations:: +* Adds compressed style for dashboard controls ({kibana-pull}190636[#190636]). +* Adds the ability to duplicate a managed dashboard from its `managed` badge ({kibana-pull}189404[#189404]). +* Adds the ability to expand the height of various sections in the Edit ES|QL visualization flyout ({kibana-pull}193453[#193453]). +* Improves the query authoring experience when editing an ES|QL visualization ({kibana-pull}186875[#186875]). +* Syncs the cursor for time series charts powered by ES|QL ({kibana-pull}192837[#192837]). +* Gauge and metric Lens visualizations are no longer experimental ({kibana-pull}192359[#192359]). +* Sets gauge default palette to "temperature" in *Lens* ({kibana-pull}191853[#191853]). +* Supports fuzzy search on field pickers and field lists in *Lens* ({kibana-pull}186894[#186894]). +Data ingestion and Fleet:: +* Update max supported package version ({kibana-pull}196551[#196551]). +* Adds additional columns to Agent Logs UI ({kibana-pull}192262[#192262]). +* Show `+build` versions for Elastic Agent upgrades ({kibana-pull}192171[#192171]). +* Added format parameter to `agent_policies` APIs ({kibana-pull}191811[#191811]). +* Adds toggles for `agent.monitoring.http.enabled` and `agent.monitoring.http.buffer.enabled` to agent policy advanced settings ({kibana-pull}190984[#190984]). +* Support integration policies without agent policy references (aka orphaned integration policies) ({kibana-pull}190649[#190649]). +* Changed the UX of the Edit Integration Policy page to update agent policies ({kibana-pull}190583[#190583]). +* Allow `traces` to be added to the `monitoring_enabled` array in Agent policies ({kibana-pull}189908[#189908]). +* Create task that periodically unenrolls inactive agents ({kibana-pull}189861[#189861]). +* Adds setup technology selector to add integration page ({kibana-pull}189612[#189612]). +* Support integration-level outputs ({kibana-pull}189125[#189125]). +Discover:: +* Renames the Documents tab to Results in ES|QL mode ({kibana-pull}197833[#197833]). +* Adds a cluster details tab for CCS data sources when inspecting requests in ES|QL mode ({kibana-pull}195373[#195373]). +* Adds the query time to the list of statistics when inspecting requests in ES|QL mode ({kibana-pull}194806[#194806]). +* Improves display of error messages in ES|QL mode ({kibana-pull}191320[#191320]). +* Adds a help menu to the ES|QL mode ({kibana-pull}190579[#190579]). +* Initializes the ES|QL editor with time named parameters when switching from the classic mode with a data view without @timestamp ({kibana-pull}189367[#189367]). +* Adds the ability to select multiple rows from the Documents table using "Shift + Select" ({kibana-pull}193619[#193619]). +* Adds the ability to filter on field names and values in the expanded document view ({kibana-pull}192299[#192299]). +* Adds filtering for selected fields ({kibana-pull}191930[#191930]). +* Adds a dedicated column to the document viewer flyout for pinning and unpinning rows ({kibana-pull}190344[#190344]). +* Improves absolute column width handling ({kibana-pull}190288[#190288]). +* Allows filtering by field type in the document viewer flyout ({kibana-pull}189981[#189981]). +* Improves the document viewer flyout to remember the last active tab ({kibana-pull}189806[#189806]). +* Adds ability to hide fields with null values from the document viewer ({kibana-pull}189601[#189601]). +* Adds the ability to copy selected rows as text ({kibana-pull}189512[#189512]). +* Adds a log level badge cell renderer to the Discover logs profile ({kibana-pull}188281[#188281]). +* Shows ECS field descriptions in Discover and adds markdown support for field descriptions ({kibana-pull}187160[#187160]). +* Adds support for the Log overview tab to the Discover log profile ({kibana-pull}186680[#186680]). +* Adds default app state extension and log integration data source profiles ({kibana-pull}186347[#186347]). +* Allows to select and deselect all rows in the grid at once ({kibana-pull}184241[#184241]). +* Limits the height of long field values by default ({kibana-pull}183736[#183736]). +ES|QL editor:: +* Changes the auto-focus to be on the ES|QL editor when loading the page ({kibana-pull}193800[#193800]). +* Updates the autocomplete behavior for `SORT` to be in line with other field-list-based experiences like `KEEP` in ES|QL queries ({kibana-pull}193595[#193595]). +* Adds `all (*)` to the list of suggestions for `COUNT` functions in ES|QL queries ({kibana-pull}192205[#192205]). +* Improves ES|QL autocomplete suggestions for `case()` expressions ({kibana-pull}192135[#192135]). +* Opens suggestions automatically for sources lists and `ENRICH` functions when writing ES|QL queries ({kibana-pull}191312[#191312]). +* Improves wrapping and readability for ES|QL queries ({kibana-pull}191269[#191269]). +* Improves suggestions based on previous function arguments and date suggestions for `bucket` functions in ES|QL queries ({kibana-pull}190828[#190828]). +* Show the `LIMIT` information in the ES|QL editor's footer ({kibana-pull}190498[#190498]). +* Opens suggestions automatically for field lists in ES|QL queries ({kibana-pull}190466[#190466]). +* Integrates a time picker for date fields into the ES|QL editor ({kibana-pull}187047[#187047]). +* Improves ES|QL support for Elasticsearch sub-types in AST for both validation and autocomplete ({kibana-pull}189689[#189689]). +* Adds ECS information to the ES|QL editor suggestions and prioritizes fields based on ECS information on the editor ({kibana-pull}187922[#187922]). +* Improves `BY` suggestions in ES|QL queries to include pipe and comma operators ({kibana-pull}189458[#189458]). +* Makes the suggestion menu open automatically in more places in ES|QL queries ({kibana-pull}189585[#189585]). +* Adds hints upon hover for function argument types and time system types ({kibana-pull}191881[#191881]). +Elastic Observability solution:: +* Enable Kubernetes Otel flow ({kibana-pull}196531[#196531]). +* Pass function responses when copying conversation ({kibana-pull}195635[#195635]). +* Turn 'fast filter' on by default and ensure tech preview badge shows when turned on ({kibana-pull}193710[#193710]). +* Custom Service Name Cell ({kibana-pull}192381[#192381]). +* Remove manage_transform and manage_ingest_pipeline privilege requirements ({kibana-pull}190572[#190572]). +* Create new formula for CPU Usage metric ({kibana-pull}189261[#189261]). +* Adds customizable header for quickstart flows ({kibana-pull}188340[#188340]). +* Change Kubernetes guide to link to observability onboarding ({kibana-pull}188322[#188322]). +* Adds KB user instructions ({kibana-pull}187607[#187607]). +* Refactor Synthetics Overview page for increased scalability ({kibana-pull}187092[#187092]). +* Improve synthetics alerting ({kibana-pull}186585[#186585]). +* Annotations Initial phase ({kibana-pull}184325[#184325]). +Elastic Search solution:: +* Adds Alibaba AI Search to Deletion, search and filtering of inference endpoints ({kibana-pull}190783[#190783]). +Elastic Security solution:: +For the Elastic Security 8.16.0 release information, refer to {security-guide}/release-notes.html[_Elastic Security Solution Release Notes_]. +Kibana security:: +* Enhances Open API spec generation to include Route Security Authorization if available ({kibana-pull}197001[#197001]). +* Automatic Import now analyzes larger number of samples to generate an integration ({kibana-pull}196233[#196233]). +* Extended `KibanaRouteOptions` to include security configuration at the route definition level ({kibana-pull}191973[#191973]). +* Adds several UX improvements to the management of Spaces in **Stack Management > Spaces**, including the ability to assign Roles to an existing Space. ({kibana-pull}191795[#191795]). +* Displays an "invalid file" error when selecting unsupported file types for the user profile image ({kibana-pull}190077[#190077]). +* Displays a warning to users whenever role mappings with empty `any` or `all` rules are created or updated ({kibana-pull}189340[#189340]). +* Adds support for CHIPS cookies ({kibana-pull}188519[#188519]). +* Adds support for Permissions Policy reporting ({kibana-pull}186892[#186892]). +Machine Learning:: +* File upload: enables check for model allocations ({kibana-pull}197395[#197395]). +* Data visualizer: Adds icons for semantic text, sparse vector, and dense vector ({kibana-pull}196069[#196069]). +* Updates vCPUs ranges for start model deployment ({kibana-pull}195617[#195617]). +* Adds ML tasks to the Kibana audit log ({kibana-pull}195120[#195120]). +* Anomaly Detection: adds ability to delete forecasts from job ({kibana-pull}194896[#194896]). +* Updates for Trained Models table layout and model states ({kibana-pull}194614[#194614]). +* Log rate analysis: ensures ability to sort on Log rate change ({kibana-pull}193501[#193501]). +* Single Metric Viewer: Enables cross-filtering for 'by', 'over', and 'partition' field values ({kibana-pull}193255[#193255]). +* Adds link to anomaly detection configurations from Integration > Assets tab ({kibana-pull}193105[#193105]). +* Anomaly Explorer: Displays markers for scheduled events in distribution-type anomaly charts ({kibana-pull}192377[#192377]). +* Serverless Security: Adds ES|QL visualizer menu item to the nav ({kibana-pull}192314[#192314]). +* Updates icons for Machine Learning embeddable dashboard panel types ({kibana-pull}191718[#191718]). +* AIOps: Uses no minimum time range by default for pattern analysis ({kibana-pull}191192[#191192]). +* Links to ML assets from Integration > Assets tab ({kibana-pull}189767[#189767]). +* Utilizes the `DataViewLazy` in ML plugin ({kibana-pull}189188[#189188]). +* AIOps: Chunks groups of field candidates into single queries for top items and histograms ({kibana-pull}189155[#189155]). +* AIOps: Updates fields filter popover to be able to filter fields from analysis (not just grouping) ({kibana-pull}188913[#188913]). +* Single Metric Viewer embeddable: adds forecasting ({kibana-pull}188791[#188791]). +* Adds new custom rule action to force time shift ({kibana-pull}188710[#188710]). +* AIOps: Chunks groups of field candidates into single queries ({kibana-pull}188137[#188137]). +* AIOps: Adds log rate analysis to alert details page contextual insight ({kibana-pull}187690[#187690]). +* Adds ability to toggle visibility for empty fields when choosing an aggregation or field in Anomaly detection, data frame analytics ({kibana-pull}186670[#186670]). +* Anomaly Detection: Adds popover links menu to anomaly explorer charts ({kibana-pull}186587[#186587]). +Management:: +* Adds an option to show or hide empty fields in dropdown lists in Transform ({kibana-pull}195485[#195485]). +* Adds a confirmation dialog when deleting a transform from a warning banner ({kibana-pull}192080[#192080]). +* Improves the autocomplete to suggest fields for the `dense_vector` type in Console ({kibana-pull}190769[#190769]). +* Adds the ability to view an ILM policy details in read-only mode ({kibana-pull}186955[#186955]). + +[float] +[[fixes-v8.16.0]] +=== Bug fixes +Alerting:: +* Show up to 1k maintenance windows in the UI ({kibana-pull}198504[#198504]) +* Skip scheduling actions for the alerts without scheduledActions ({kibana-pull}195948[#195948]). +* Fixes Stack Alerts feature API access control ({kibana-pull}193948[#193948]). +* Remove unintended internal find routes API with public access ({kibana-pull}193757[#193757]). +* Convert timestamp before passing to validation ({kibana-pull}192379[#192379]). +* Grouped over field is not populated correctly when editing a rule ({kibana-pull}192297[#192297]). +* Mark slack rate-limiting errors as user errors ({kibana-pull}192200[#192200]). +* Fixes maintenance window filtering with wildcards ({kibana-pull}194777[#194777]). +* Fixes search filters in rules, alerts, and maintenance windows ({kibana-pull}193623[#193623]). +Cases:: +* Use absolute time ranges when adding visualizations to a case ({kibana-pull}189168[#189168]). +* Fixes custom fields with long text that could not be edited in the UI ({kibana-pull}190490[#190490]). +Dashboards and visualizations:: +* Correctly show full screen mode when opening a dashboard or panel from a URL that contains the fullScreenMode parameter ({kibana-pull}196275[#196275]) and ({kibana-pull}190086[#190086]). +* Fixes an issue that could cause a the dashboard list to stay in loading state ({kibana-pull}195277[#195277]). +* Correctly use the same field icons as Discover ({kibana-pull}194095[#194095]). +* Fixes an issue where panels could disappear from a dashboard when canceling edit after saving the dashboard ({kibana-pull}193914[#193914]). +* Adds scroll margin to panels ({kibana-pull}193430[#193430]). +* Fixes an issue with the breadcrumb update icon not working when clicked ({kibana-pull}192240[#192240]). +* Fixes an issue where unsaved changes could remain after saving a dashboard ({kibana-pull}190165[#190165]). +* Fixes an issue causing the flyout to close when canceling the Save to library action ({kibana-pull}188995[#188995]). +* Fixes incomplete string escaping and encoding in *TSVB* ({kibana-pull}196248[#196248]). +* Fixes an issue where label truncation in heat map legends was not working properly in *Lens* ({kibana-pull}195928[#195928]). +* Fixes an issue where the color picker and axis side settings were incorrectly available in the breakdown dimension editor for XY charts in *Lens* ({kibana-pull}195845[#195845]). +* Fixes the tooltip position on faceted charts in *Vega* ({kibana-pull}194620[#194620]). +* Fixes the filter out legend action for ES|QL visualizations ({kibana-pull}194374[#194374]). +* Fixes element sizing issues in full screen mode in *Vega* ({kibana-pull}194330[#194330]). +* Fixes the default cell text alignment setting for non-numeric field types in *Lens* ({kibana-pull}193886[#193886]). +* Limits the height of the query bar input for long KQL queries ({kibana-pull}193737[#193737]). +* Makes the title correctly align left after removing an icon in **Lens** metric charts ({kibana-pull}191057[#191057]). +* Fixes a "No data" error caused by the "Collapse by" setting in **Lens** metric charts ({kibana-pull}190966[#190966]). +* Fixes an issue causing the color of a cell to disappear when clicking the "Expand cell" icon in *Lens* ({kibana-pull}190618[#190618]). +* Removes unnecessary index pattern references from Lens charts ({kibana-pull}190296[#190296]). +* Fixes several accessibility issues ({kibana-pull}188624[#188624]). +Data ingestion and Fleet:: +* Revert "Fix client-side validation for agent policy timeout fields" ({kibana-pull}194338[#194338]). +* Adds proxy arguments to install snippets ({kibana-pull}193922[#193922]). +* Rollover if dimension mappings changed in dynamic templates ({kibana-pull}192098[#192098]). +Discover:: +* Fixes an issue with search highlighting ({kibana-pull}197607[#197607]). +* Correctly pass embeddable filters to the Surrounding Documents page ({kibana-pull}197190[#197190]). +* Fixes trailing decimals dropped from client side validation messages ({kibana-pull}196570[#196570]). +* Fixes several validation issues and creates an expression type evaluator for ES|QL queries ({kibana-pull}195989[#195989]). +* Fixes duplicate autocomplete suggestions for `WHERE` clauses and suggestions with no space in between in ES|QL queries ({kibana-pull}195771[#195771]). +* Improves variable and field name handling in ES|QL queries ({kibana-pull}195149[#195149]). +* Fixes an issue where the Unified Field List popover could get cut off ({kibana-pull}195147[#195147]). +* Fixes the width for saved object type columns ({kibana-pull}194388[#194388]). +* Adds tooltips to Discover button icons ({kibana-pull}192963[#192963]). +* Excludes inactive integration data stream suggestions ({kibana-pull}192953[#192953]). +* Fixes new variables being suggested in incorrect places ({kibana-pull}192405[#192405]). +* Only log requests in the Inspector when they completed ({kibana-pull}191232[#191232]). +ES|QL editor:: +* Fixes an issue where the autocomplete suggestions could cause duplicate entries in ES|QL queries ({kibana-pull}190465[#190465]). +* Fixes several styling issues in the ES|QL editor ({kibana-pull}190170[#190170]). +Elastic Observability solution:: +* Change the slice outcome from bad to good whenever there is no data during the slice window ({kibana-pull}196942[#196942]). +* Make agent names generic with otel-native mode ({kibana-pull}195594[#195594]). +* Avoid showing unnecessary error toast ({kibana-pull}195331[#195331]). +* Use `fields` instead of `_source` on APM queries ({kibana-pull}195242[#195242]). +* Fixes ping heatmap payload ({kibana-pull}195107[#195107]). +* Fixes rule modal warnings in the developer console ({kibana-pull}194766[#194766]). +* Avoid AI assistant overlaying AI conversations ({kibana-pull}194722[#194722]). +* Improve loading state for metric items ({kibana-pull}192930[#192930]). +* Fixes issue where heatmap UI crashes on undefined histogram data ({kibana-pull}192508[#192508]). +* Calculate the latest metadata lookback based on the calculated history delay ({kibana-pull}191324[#191324]). +* Remove dedicated language setting ({kibana-pull}190983[#190983]). +* Change latest metric to use @timestamp ({kibana-pull}190417[#190417]). +* Prevent initial error when adding filters ({kibana-pull}190214[#190214]). +* Display error message when failing to enable machine learning anomaly detection in Inventory ({kibana-pull}189627[#189627]). +* Convert route validation to Zod ({kibana-pull}188691[#188691]). +* Fixes functions table height in asset details view profiling tab ({kibana-pull}188650[#188650]). +* Adds four decimal places float validation for transaction_sample_rate ({kibana-pull}188555[#188555]). +* Centralize data fetching and better control of when data can be refreshed ({kibana-pull}187736[#187736]). +* Fixes heatmap on monitor detail/history page for very large doc counts ({kibana-pull}184177[#184177]). +* Adds settings to serverless allowlist ({kibana-pull}190098[#190098]). +* Set missing group to false by default and show checkbox value in disable mode ({kibana-pull}188402[#188402]). +Elastic Search solution:: +* Fixes an issue with the {ref}/es-connectors-network-drive.html[Network Drive connector] where advanced configuration fields were not displayed for CSV file role mappings with `Drive Type: Linux` selected. +Elastic Security solution:: +For the Elastic Security 8.16.0 release information, refer to {security-guide}/release-notes.html[_Elastic Security Solution Release Notes_]. +Kibana platform:: +* Fixes an issue causing a wrong date to show in the header of a report when generated from relative date ({kibana-pull}197027[#197027]). +* Fixes an issue where the Created and Updated timestamps for Dashboards were ignoring the default timezone settings in Advanced settings. ({kibana-pull}196977[#196977]). +* Fixes an issue causing searches including a colon `:` character to show inaccurate results ({kibana-pull}190464[#190464]). +Kibana security:: +* Fixes an issue where an LLM was likely to generate invalid processors containing array access in Automatic Import ({kibana-pull}196207[#196207]). +Machine Learning:: +* File upload: fixes PDF character count limit ({kibana-pull}197333[#197333]). +* Data Drift: Updates brush positions on window resize fix ({kibana-pull}196830[#196830]). +* AIOps: Fixes issue where some queries cause filters to not be applied ({kibana-pull}196585[#196585]). +* Transforms: Limits the data grid result window ({kibana-pull}196510[#196510]). +* Fixes Anomaly Swim Lane Embeddable not updating properly on query change ({kibana-pull}195090[#195090]). +* Hides ES|QL based saved searches in ML & Transforms ({kibana-pull}195084[#195084]). +* Fixes query for pattern analysis and change point analysis ({kibana-pull}194742[#194742]). +* Anomaly explorer: Shows data gaps and connect anomalous points on Single Metric Charts ({kibana-pull}194119[#194119]). +* Fixes file upload with no ingest pipeline ({kibana-pull}193744[#193744]). +* Disables field statistics panel in Dashboard if ES|QL is disabled ({kibana-pull}193587[#193587]). +* Fixes display of assignees when attaching ML panels to a new case ({kibana-pull}192163[#192163]). +* Anomaly explorer: Fixes the order of the coordinates displayed on the map tooltip ({kibana-pull}192077[#192077]). +* Fixes links to the Single Metric Viewer from the Annotations and Forecasts tables ({kibana-pull}192000[#192000]). +* Trained models: fixes responsiveness of state column for smaller displays ({kibana-pull}191900[#191900]). +* File upload: increases timeout for upload request ({kibana-pull}191770[#191770]). +* Improves expired license check ({kibana-pull}191503[#191503]). +Management:: +* Fixes the pagination of the source documents data grid in Transforms ({kibana-pull}196119[#196119]). +* Fixes autocomplete suggestions after a comma in Console ({kibana-pull}189656[#189656]). + + [[release-notes-8.15.3]] == {kib} 8.15.3 diff --git a/docs/upgrade-notes.asciidoc b/docs/upgrade-notes.asciidoc index 85013c8e4ba64..98f7feeac2d6a 100644 --- a/docs/upgrade-notes.asciidoc +++ b/docs/upgrade-notes.asciidoc @@ -1694,6 +1694,30 @@ When you create *Lens* visualization, the default for the *Legend width* is now [float] ==== Elastic Observability solution +[discrete] +[[deprecation-192003]] +* Deprecated the Observability AI Assistant specific advanced setting `observability:aiAssistantLogsIndexPattern`. (8.16) +[%collapsible] +==== +*Details* + +The Observability AI Assistant specific advanced setting for Logs index patterns `observability:aiAssistantLogsIndexPattern` is deprecated and no longer used. The AI Assistant will now use the existing **Log sources** setting `observability:logSources` instead. For more information, refer to ({kibana-pull}192003[#192003]). + +//*Impact* + +//!!TODO!! +==== + +[discrete] +[[deprecation-194519]] +* The Logs Stream was hidden by default in favor of the Logs Explorer app. (8.16) +[%collapsible] +==== +*Details* + +You can find the Logs Explorer app in the navigation menu under Logs > Explorer, or as a separate tab in Discover. For more information, refer to ({kibana-pull}194519[#194519]). + +*Impact* + +You can still show the Logs Stream app again by navigating to Stack Management > Advanced Settings and by enabling the `observability:enableLogsStream` setting. +==== + [discrete] [[deprecation-120689]] diff --git a/docs/user/images/dashboard-star.png b/docs/user/images/dashboard-star.png new file mode 100644 index 0000000000000..25219d8866c0b Binary files /dev/null and b/docs/user/images/dashboard-star.png differ diff --git a/docs/user/images/dashboard-usage.png b/docs/user/images/dashboard-usage.png new file mode 100644 index 0000000000000..e18843511e21a Binary files /dev/null and b/docs/user/images/dashboard-usage.png differ diff --git a/docs/user/images/discover-log-level.png b/docs/user/images/discover-log-level.png new file mode 100644 index 0000000000000..a6de92c0ae020 Binary files /dev/null and b/docs/user/images/discover-log-level.png differ diff --git a/docs/user/images/esql-autocomplete-suggestions.png b/docs/user/images/esql-autocomplete-suggestions.png new file mode 100644 index 0000000000000..bd78201b0d121 Binary files /dev/null and b/docs/user/images/esql-autocomplete-suggestions.png differ diff --git a/docs/user/images/esql-suggestions.png b/docs/user/images/esql-suggestions.png new file mode 100644 index 0000000000000..234f0339003a1 Binary files /dev/null and b/docs/user/images/esql-suggestions.png differ diff --git a/docs/user/images/ip-location-processor.png b/docs/user/images/ip-location-processor.png new file mode 100644 index 0000000000000..b1de4a540f52d Binary files /dev/null and b/docs/user/images/ip-location-processor.png differ diff --git a/docs/user/images/metric-customization.png b/docs/user/images/metric-customization.png new file mode 100644 index 0000000000000..238df1aee82ac Binary files /dev/null and b/docs/user/images/metric-customization.png differ diff --git a/docs/user/images/monaco-console.png b/docs/user/images/monaco-console.png new file mode 100644 index 0000000000000..3bdd4be4eb498 Binary files /dev/null and b/docs/user/images/monaco-console.png differ diff --git a/docs/user/images/solution-view-obs.png b/docs/user/images/solution-view-obs.png new file mode 100644 index 0000000000000..4ae5942dbae37 Binary files /dev/null and b/docs/user/images/solution-view-obs.png differ diff --git a/docs/user/images/space-settings.png b/docs/user/images/space-settings.png new file mode 100644 index 0000000000000..a3a38c1ca88c7 Binary files /dev/null and b/docs/user/images/space-settings.png differ diff --git a/docs/user/images/table-coloring.png b/docs/user/images/table-coloring.png new file mode 100644 index 0000000000000..6c96daf381164 Binary files /dev/null and b/docs/user/images/table-coloring.png differ diff --git a/docs/user/whats-new.asciidoc b/docs/user/whats-new.asciidoc index 2a726ba3dc4f3..25568518ad2ec 100644 --- a/docs/user/whats-new.asciidoc +++ b/docs/user/whats-new.asciidoc @@ -1,175 +1,144 @@ [[whats-new]] -== What's new in 8.15 +== What's new in 8.16 -Here are the highlights of what's new and improved in 8.15. +Here are the highlights of what's new and improved in 8.16. For detailed information about this release, check the <>. -Previous versions: {kibana-ref-all}/8.14/whats-new.html[8.14] | {kibana-ref-all}/8.13/whats-new.html[8.13] | {kibana-ref-all}/8.12/whats-new.html[8.12] | {kibana-ref-all}/8.11/whats-new.html[8.11] | {kibana-ref-all}/8.10/whats-new.html[8.10] | {kibana-ref-all}/8.9/whats-new.html[8.9] | {kibana-ref-all}/8.8/whats-new.html[8.8] | {kibana-ref-all}/8.7/whats-new.html[8.7] | {kibana-ref-all}/8.6/whats-new.html[8.6] | {kibana-ref-all}/8.5/whats-new.html[8.5] | {kibana-ref-all}/8.4/whats-new.html[8.4] | {kibana-ref-all}/8.3/whats-new.html[8.3] | {kibana-ref-all}/8.2/whats-new.html[8.2] | {kibana-ref-all}/8.1/whats-new.html[8.1] | {kibana-ref-all}/8.0/whats-new.html[8.0] +Previous versions: {kibana-ref-all}/8.15/whats-new.html[8.15] | {kibana-ref-all}/8.14/whats-new.html[8.14] | {kibana-ref-all}/8.13/whats-new.html[8.13] | {kibana-ref-all}/8.12/whats-new.html[8.12] | {kibana-ref-all}/8.11/whats-new.html[8.11] | {kibana-ref-all}/8.10/whats-new.html[8.10] | {kibana-ref-all}/8.9/whats-new.html[8.9] | {kibana-ref-all}/8.8/whats-new.html[8.8] | {kibana-ref-all}/8.7/whats-new.html[8.7] | {kibana-ref-all}/8.6/whats-new.html[8.6] | {kibana-ref-all}/8.5/whats-new.html[8.5] | {kibana-ref-all}/8.4/whats-new.html[8.4] | {kibana-ref-all}/8.3/whats-new.html[8.3] | {kibana-ref-all}/8.2/whats-new.html[8.2] | {kibana-ref-all}/8.1/whats-new.html[8.1] | {kibana-ref-all}/8.0/whats-new.html[8.0] [discrete] -=== ES|QL +=== Solution-oriented navigation +On Elastic Cloud Hosted deployments running on version 8.16, you can now navigate Kibana using a lighter, solution-oriented left navigation menu, called **Solution view**. -[discrete] -==== Filter UX improvements in ES|QL +There are four selectable solution views: Search, Observability, Security, and Classic. Search, Observability, and Security are the new navigation menus. Each of those brings simplicity by focusing the left navigation menu on a relevant subset of features, scoped to its associated use cases, and offers a dedicated home page. Classic has the same navigation menu as 8.15 and before. -We're thrilled to unveil a complete overhaul of filtering in the ES|QL UX. Now, you can seamlessly filter data by browsing a time series chart, allowing for quick and intuitive time-based filtering. Interactive chart filtering lets you refine your data directly by clicking on any chart, while creating WHERE clause filters from the Discover table or sidebar has never been easier. These enhancements streamline data exploration and analysis, making your ES|QL experience more efficient and user-friendly than ever. +Each space has its own solution view setting which determines the navigation experience for all users of that space. -*Filter by clicking a chart:* +When creating a new deployment, you will now be asked to choose between one of the 3 new solution views for your default space. If you prefer to stick with the classic, multi-layered navigation, you can do so once the deployment is created by navigating to your space settings. -image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt965a5190f246f7c8/669a7d41e5f7c84793b031cb/filter-by-clicking-chart.gif[Filter by clicking a chart] +Deployments upgrading from a previous version to 8.16 keep the classic navigation. Admins can enable one of the new solution views from the space settings. -*Filter by browsing a time series chart:* +image::images/solution-view-obs.png[Example of observability solution view] +_The Observability solution view and its Home page._ -image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blta20c9a93dded707c/669a7d40843f93a02fe51013/filter-by-brushing-time-series.gif[Filter by browsing a time series chart] +[discrete] +=== Discover and ES|QL -*Create WHERE clause filters from Discover table or sidebar:* +[discrete] +==== Contextual Data presentation -image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt50ac35ab3af29ff8/669a7d4006a6fafe4c7cb39d/create-where-clause-filters-from-sidebar.gif[Create WHERE clause filters from Discover table or sidebar] +In this release, Discover introduces enhanced contextual data presentation. Previously, you needed to manually select relevant fields and set up your workspace before diving into data exploration. Now, Discover automatically tailors the user experience based on the data being explored, powered by a scalable contextual architecture. For example, when analyzing logs, you'll see a *log.level* field rendered directly in the table, a custom Logs overview in the document viewer, and log.level indicators on individual rows. +image::images/discover-log-level.png[Log level badge displaying in the Discover grid] [discrete] -==== Field statistics in ES|QL +==== Recommended ES|QL queries -Field statistics are now available in ES|QL. This feature is designed to provide comprehensive insights for each data field. With this enhancement, you can access detailed statistics such as distributions, averages, and other key metrics, helping you quickly understand your data. This makes data exploration and quality assessment more efficient, providing deeper insights and streamlining the analysis of field-level data in ES|QL. +Writing ES|QL queries just got easier. Many users face challenges when authoring queries, and even more so when unfamiliar with the syntax or data structure. This can lead to inefficiencies in data analysis and visualization. We want to reduce the time it takes to create queries and to lower the learning curve for both new and existing users by suggesting recommended queries within the ES|QL Help menu and from the auto-complete. -image::images/field-statistics-esql.png[Field statistics in ES|QL] +image::images/esql-suggestions.png[A list of suggestions to get started with an ES|QL query, width=30%] +_Recommended ES|QL queries from the ES|QL help menu_ -[discrete] -==== Integrations support in the ES|QL editor when using FROM command. +image::images/esql-autocomplete-suggestions.png[A list of suggestions in the autocomplete menu of an ES|QL query, width=50%] +_Recommended ES|QL queries from auto-complete suggestions_ -We're excited to announce enhanced support for integrations in the ES|QL editor with the *FROM* command. Previously, you could only access indices, but now you can also view a list of installed integrations directly within the editor. This improvement streamlines your workflow, making it easier to manage and utilize various integrations while working with your data. - -image::images/integrations-in-esql.png[Accessing an integration from ES|QL] [discrete] === Dashboards [discrete] -==== Field statistics in Dashboards - -It's now easier than ever to include your field statistics view from **Discover** into **Dashboards**. While running investigations, it is very common that you need to see some field information, such as unique values and their distribution, to make sense of the data. Select the fields that you want with your ES|QL query and get the document count, values, and distribution in your dashboard so you don't have to navigate back and forth to **Discover** to see this information. +==== Manage dashboards more easily and efficiently +As part of a series of improvements to help you find and manage your dashboards https://www.elastic.co/guide/en/kibana/8.15/whats-new.html#_view_dashboard_creator_and_last_editor[started in version 8.15], the new default way to sort your dashboards is by recently viewed, and we are adding an option to star your favorite dashboards, as well as some statistics to monitor the usage of your dashboards. -image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt9bc52ff7851acc52/669a4f6a490fbc64fa22f279/field-statistics.gif[Showing field statistics panel in Dashboards] +You can find your favorite dashboards in the new **Starred** tab. -[discrete] -==== Statistics in legends +image::images/dashboard-star.png[Viewing starred dashboards] -Accelerate time to insights by summarizing the values of your charts using average, minimum, maximum, median, and variance, among many others. You can add these statistics for **Lens** and ES|QL visualizations. It is important to note that these statistics are computed using the data points from the chart considering the aggregation used and not the raw data. In the following example, the chart shows the median memory per host, so the Max = 15.3KB for the first series (artifacts.elastic.co) is the maximum value of the median memory per host. +By opening a dashboard's details using the “info” icon from the dashboard list view, you can now get a sense of the popularity of that dashboard with a histogram showing how many times the dashboard was viewed in the last 90 days. -image::images/statistics-in-legends.png[Statistics in legends] +image::images/dashboard-usage.png[Dashboard usage chart] -You can find the option to select statistics for your legends along with an explanation for each calculation when editing your visualization, as shown in the following image. +[discrete] +==== Log Pattern Analysis dashboard panels +Log Pattern Analysis panels are now available for you to add to your dashboards, making AIOps even more embedded in your workflows and where you need it. When filtering patterns, the dashboard’s data adjusts accordingly. You can also choose the filtering to transition you into Discover for further exploration. -image::images/statistics-in-legends2.png[Select statistics in legends] +image:https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt8288e01386b5830c/67222fb0d2da223e27bc1e67/log_analysis_panel.gif[Log pattern analysis panel in dashboards] [discrete] -==== View dashboard creator and last editor +==== Color text values in tables +Previously, you could only decide to color numeric values in tables. We're adding the ability to also color your string values. You can decide whether you want to color the whole cell, or only the text. -You can now see who created and who last updated a dashboard. +image::images/table-coloring.png[Coloring table cells with string values] -You can find the creator information right from the dashboard list. -image::images/dashboard-creator.png[Dashboard creator column in dashboard list] +[discrete] +==== Formatting options for your metrics +We've received a lot of feedback asking for more flexibility to customize the appearance of your metrics. In this version, we are adding the ability to customize the title and value alignment, as well as the font size. Selecting the *Fit* option will adjust the font size and make the metric value occupy the entire panel. -Quickly find all dashboards created by the same user with a simple filter. +image::images/metric-customization.png[Customization options for a metric panel] -image::images/dashboard-creator-filter.png[Filtering dashboards by creator] -Note that the creator information will be visible only for dashboards created on or after version 8.14. -You can also see who last updated a dashboard by clicking the dashboard information icon from the dashboard list. The creator is also visible next to it. This information is immutable and cannot be changed. +//[discrete] +//=== Alerting, cases, and connectors -image::images/dashboard-last-editor.png[Dashboard details panel with the name of the last editor] [discrete] -=== Discover +=== Managing {kib} and data [discrete] -==== Push flyout for Discover document viewer +==== Edit space access from the space settings +As an admin, you can now assign roles to and edit role permissions on a given space directly from the settings of that space. -You can now seamlessly view document details and the main table simultaneously in **Discover** with the new _push_ flyout. You can adjust the width of the flyout to suit your needs and explore your data much more easily. - -image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/bltb40a408acf4ab688/669a58ea9fecd85219d58ed2/discover-push-flyout.gif[Resizable push flyout in Discover] +Prior to 8.16, you could only do this from the role settings, which was counterintuitive. +image::space-settings.png[Editing space settings with new options] [discrete] -=== Alerting, cases, and connectors +==== New IP Location processor +Enhancing location information based on IP addresses just got easier with the new IP Location processor. In addition to the existing free GeoLite offerings from MaxMind, we have integrated with MaxMind’s premium GeoIP databases for users who have licensed MaxMind’s products. If you're an Enterprise Elastic customer, you now have an additional third-party product, IP Info, available for use as well. These additional data sources provide improved options for enriching data with location information associated with IP addresses to improve telemetry and insights. To utilize these features beyond the free MaxMind GeoIP database, you will need to have licensed premium MaxMind products and/or the IP Info database. -[discrete] -==== Case templates - -{kib} cases offer a new powerful capability to enhance the efficiency of your analyst teams with <>. -You can manage multiple templates, each of which can be used to auto-populate values in a case with pre-defined knowledge. -This streamlines the investigative process and significantly reduces time to resolution. +image::images/ip-location-processor.png[The IP Location processor] [discrete] -==== Case custom fields are GA +==== File uploader PDF support +The file uploader provides a quick way to upload data and start using Elastic. In 8.16, we are improving it to allow you to upload data from PDF files. -In 8.11, <> were added to cases and they are now moving from technical preview to general availability. -You can set custom field values in your templates to enhance consistency across cases. +image:https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blte8f0b295330b7e68/67222fb0ca492a5044b51bd8/file_uploader_pdf.gif[File uploader with PDF support] [discrete] -==== {sn} additional fields +=== Developer Tools Console redesign +We're excited to introduce a number of improvements to the overall user experience on one of our most popular features: **Console**. If you're new to Console, you will be welcomed by an onboarding tour that will help you get started quickly with your first requests. And if you're already a regular Console user, you will notice a variety of new features, including the ability to copy outputs to the clipboard, import and export request files, enjoy improved responsiveness, and other quality of life improvements. -You can now create enriched {sn} tickets based on detected alerts with a more comprehensive structure that matches the {sn} ticket scheme. -A new JSON field is now available as part of the {sn} action, which enables you to send any field from {kib} alerts to {sn} tickets. - -[discrete] -==== {webhook-cm} SSL auth support - -It's common for organizations to integrate with third parties using secured authentication. -Currently, most of the available case connectors use basic authentication (user and passwords or tokens), which might not be sufficient to meet organization security policies. -With this release, the <> now supports client certification, which enables you to leverage the connector for secured integration with third parties. - -The {webhook-cm} connector also moves from technical preview to general availability in this release. +image::images/monaco-console.png[Console's redesign featuring the Monaco editor] [discrete] === Machine Learning [discrete] -==== Improved UX for Log Pattern Analysis in Discover +==== The Inference API is now Generally Available -Analyze large volumes of logs efficiently, in very short times with Log Pattern Analysis in **Discover**. In 8.15, we redesigned the Log Pattern Analysis user flow in **Discover** to make it easier to use. Discover log patterns with one click for the message field (and other applicable text fields) and easily filter in and out logs to drastically reduce MTTR. - -image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt7e63d7e764ab183e/669a807bd316c7015db35458/ml-log-pattern-analysis.gif[New log pattern analysis interface] +Starting in 8.16, the {ref}/inference-apis.html[Inference API] is now GA, offering production-level stability, robustness and performance. Elastic’s Inference API integrates the state-of-the-art in AI inference, including ELSER, your Elastic hosted models and {ref}/put-inference-api.html#put-inference-api-desc[an increasing array of external models and tasks] in a unified, lean syntax. Used with {ref}/semantic-text.html[semantic_text] or the vector fields supported by the Elastic vector database, you can perform AI search, reranking, and completion with simplicity. In 8.16, we're also adding streamed completions for improved flows and real time interactions and GenAI experiences. [discrete] -==== Log Rate Analysis contextual insights in serverless Observability +==== ELSER and trained models adaptive resources and chunking strategies -You can now see insights in natural language, for example for the root cause of a log rate change or threshold alert, in Log Rate Analysis. This feature is currently only available for Observability serverless projects. +From 8.16, ELSER and the other AI search and NLP models you use in Elastic automatically adapt resource consumption according to the inference load, providing the performance you need during peak times and reducing the cost during slow periods, all the way down to zero cost during idle times. -image::images/obs-log-rate-analysis-insigths.png[Log Rate Analysis contextual insights in serverless Observability] +We're also improving the UX through which you deploy your models. You can provision search-optimized and ingest-optimized model deployments with a one-click selection. An optimized configuration is created without the need to specify parameters such as threads and allocations. Combined with the flexibility of ML auto-scaling on Elastic Cloud and the incredible elasticity of Elastic Cloud Serverless, you are in full control of both performance and cost. -[discrete] -==== Inference API improvements +image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt429790e1de1b4f93/67222fb048ec8c73255ef4eb/trained_models.gif[Trained models and ELSER] -The inference API provides a seamless, intuitive interface to perform inference and other tasks against proprietary, hosted, and integrated external services. In 8.15, we're extending it with the following capabilities: +In addition, from 8.16 you can choose between a word or sequence-based chunking strategy to use with your trained models, and you can also customize the maximum size and overlap parameters. A suitable chunking strategy can result in gains depending on the model you use, the length and nature of the texts and the length and complexity of the search queries. -* Support for Anthropic's chat completion API. -* Ability to host cross encoder models and perform the reranking task. - - -[discrete] -=== Managing {kib} users and objects [discrete] -==== Sharing improvements +==== Support for Daylight Saving Time changes in Anomaly Detection -You can now share a dashboard, search, or Lens object in one click. When sharing an object, the most common actions are directly presented to you, and a short link is automatically generated, making it simpler than ever to share your work. +In 8.16, we are introducing support for DST changes in Anomaly Detection. Set up a DST calendar by selecting the right timezone and apply it to your anomaly detection jobs individually or in groups. This feature eliminates any false positives that you may have experienced previously due to Daylight Saving Time changes, and works without the need for your intervention for many years ahead. -image::images/share-modal.png[New object share modal, width=50%] - -[discrete] -==== Quick API key creation - -Many API keys don’t require custom settings, so we made it simple to generate a standard key. From the **Endpoints & API keys** top menu in Search, you can create a key in seconds. - -image::images/create-simple-api-key.png[Shortcut to create an API key, width=60%] - -[discrete] -==== Filtering by User in Kibana Audit Logs +image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt5fb82f18cde26710/67222fb086339971144a31e5/daylight_savings.gif[DST support in Anomaly Detection] -We are pleased to share that ignoring events by user in Kibana audit logs is now possible. This enhancement will give you more flexibility to reduce the overall number of events logged by the Kibana audit logs service and to control the volume of data being generated in audit logs. While we currently offer a number of ways to do this using the `xpack.security.audit.ignore_filters.[]` configuration setting, there wasn't an easy option to filter by user. With this addition, you can configure Kibana audit logs to ignore events based on values from the following fields: users, spaces, outcomes, categories, types and actions. \ No newline at end of file diff --git a/packages/kbn-doc-links/src/get_doc_links.ts b/packages/kbn-doc-links/src/get_doc_links.ts index 2e9183ed18b56..1294f72b9f208 100644 --- a/packages/kbn-doc-links/src/get_doc_links.ts +++ b/packages/kbn-doc-links/src/get_doc_links.ts @@ -283,9 +283,6 @@ export const getDocLinks = ({ kibanaBranch, buildFlavor }: GetDocLinkOptions): D base: `${ELASTIC_WEBSITE_URL}guide/en/logstash/${DOC_LINK_VERSION}`, inputElasticAgent: `${ELASTIC_WEBSITE_URL}guide/en/logstash/${DOC_LINK_VERSION}/plugins-inputs-elastic_agent.html`, }, - functionbeat: { - base: `${ELASTIC_WEBSITE_URL}guide/en/beats/functionbeat/${DOC_LINK_VERSION}`, - }, winlogbeat: { base: `${ELASTIC_WEBSITE_URL}guide/en/beats/winlogbeat/${DOC_LINK_VERSION}`, }, diff --git a/packages/kbn-doc-links/src/types.ts b/packages/kbn-doc-links/src/types.ts index 9a41985460b61..0bfb1c69fd6bb 100644 --- a/packages/kbn-doc-links/src/types.ts +++ b/packages/kbn-doc-links/src/types.ts @@ -240,9 +240,6 @@ export interface DocLinks { readonly base: string; readonly inputElasticAgent: string; }; - readonly functionbeat: { - readonly base: string; - }; readonly winlogbeat: { readonly base: string; }; diff --git a/packages/kbn-search-api-panels/components/language_client_panel.tsx b/packages/kbn-search-api-panels/components/language_client_panel.tsx index 2f89c8da7578c..2c07d3118d943 100644 --- a/packages/kbn-search-api-panels/components/language_client_panel.tsx +++ b/packages/kbn-search-api-panels/components/language_client_panel.tsx @@ -62,8 +62,12 @@ export const LanguageClientPanel: React.FC = ({ width={euiTheme.size.xl} /> - -
{language.name}
+ + {language.name} diff --git a/src/plugins/data/server/search/session/session_service.ts b/src/plugins/data/server/search/session/session_service.ts index 4ef741ec78387..48b563c5585ca 100644 --- a/src/plugins/data/server/search/session/session_service.ts +++ b/src/plugins/data/server/search/session/session_service.ts @@ -402,8 +402,8 @@ export class SearchSessionService implements ISearchSessionService { const session = await this.get(deps, user, sessionId); const requestHash = createRequestHash(searchRequest.params); if (!Object.hasOwn(session.attributes.idMapping, requestHash)) { - this.logger.error(`SearchSessionService: getId | ${sessionId} | ${requestHash} not found`); - this.logger.debug( + this.logger.debug(`SearchSessionService: getId | ${sessionId} | ${requestHash} not found`); + this.logger.error( `SearchSessionService: getId not found search with params: ${JSON.stringify( searchRequest.params )}` diff --git a/x-pack/plugins/enterprise_search/public/applications/shared/api_key/create_api_key_flyout.tsx b/x-pack/plugins/enterprise_search/public/applications/shared/api_key/create_api_key_flyout.tsx index 38217df269fd1..c72f56c656e49 100644 --- a/x-pack/plugins/enterprise_search/public/applications/shared/api_key/create_api_key_flyout.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/shared/api_key/create_api_key_flyout.tsx @@ -210,6 +210,7 @@ export const CreateApiKeyFlyout: React.FC = ({ onClose defaultMessage: 'Store this API key', })} titleSize="xs" + role="alert" > {i18n.translate('xpack.enterpriseSearch.apiKey.apiKeyStepDescription', { diff --git a/x-pack/plugins/fleet/server/services/agent_policy.ts b/x-pack/plugins/fleet/server/services/agent_policy.ts index f93bf583945a0..cada1c8e64452 100644 --- a/x-pack/plugins/fleet/server/services/agent_policy.ts +++ b/x-pack/plugins/fleet/server/services/agent_policy.ts @@ -30,6 +30,8 @@ import { asyncForEach } from '@kbn/std'; import type { SavedObjectError } from '@kbn/core-saved-objects-common'; +import { withSpan } from '@kbn/apm-utils'; + import { getAllowedOutputTypeForPolicy, packageToPackagePolicy, @@ -170,11 +172,13 @@ class AgentPolicyService { removeProtection: boolean; skipValidation: boolean; returnUpdatedPolicy?: boolean; + asyncDeploy?: boolean; } = { bumpRevision: true, removeProtection: false, skipValidation: false, returnUpdatedPolicy: true, + asyncDeploy: false, } ): Promise { const savedObjectType = await getAgentPolicySavedObjectType(); @@ -228,10 +232,19 @@ class AgentPolicyService { newAgentPolicy!.package_policies = existingAgentPolicy.package_policies; if (options.bumpRevision || options.removeProtection) { - await this.triggerAgentPolicyUpdatedEvent(esClient, 'updated', id, { - spaceId: soClient.getCurrentNamespace(), - agentPolicy: newAgentPolicy, - }); + if (!options.asyncDeploy) { + await this.triggerAgentPolicyUpdatedEvent(esClient, 'updated', id, { + spaceId: soClient.getCurrentNamespace(), + agentPolicy: newAgentPolicy, + }); + } else { + await scheduleDeployAgentPoliciesTask(appContextService.getTaskManagerStart()!, [ + { + id, + spaceId: soClient.getCurrentNamespace(), + }, + ]); + } } logger.debug( `Agent policy ${id} update completed, revision: ${ @@ -878,13 +891,16 @@ class AgentPolicyService { soClient: SavedObjectsClientContract, esClient: ElasticsearchClient, id: string, - options?: { user?: AuthenticatedUser; removeProtection?: boolean } + options?: { user?: AuthenticatedUser; removeProtection?: boolean; asyncDeploy?: boolean } ): Promise { - await this._update(soClient, esClient, id, {}, options?.user, { - bumpRevision: true, - removeProtection: options?.removeProtection ?? false, - skipValidation: false, - returnUpdatedPolicy: false, + return withSpan('bump_agent_policy_revision', async () => { + await this._update(soClient, esClient, id, {}, options?.user, { + bumpRevision: true, + removeProtection: options?.removeProtection ?? false, + skipValidation: false, + returnUpdatedPolicy: false, + asyncDeploy: options?.asyncDeploy, + }); }); } diff --git a/x-pack/plugins/fleet/server/services/package_policy.ts b/x-pack/plugins/fleet/server/services/package_policy.ts index bc5bce9eea2a3..48dc3956d6984 100644 --- a/x-pack/plugins/fleet/server/services/package_policy.ts +++ b/x-pack/plugins/fleet/server/services/package_policy.ts @@ -480,22 +480,21 @@ class PackagePolicyClientImpl implements PackagePolicyClient { user?: AuthenticatedUser; bumpRevision?: boolean; force?: true; + asyncDeploy?: boolean; } ): Promise<{ created: PackagePolicy[]; failed: Array<{ packagePolicy: NewPackagePolicy; error?: Error | SavedObjectError }>; }> { - const useSpaceAwareness = await isSpaceAwarenessEnabled(); - const savedObjectType = await getPackagePolicySavedObjectType(); - for (const packagePolicy of packagePolicies) { + const [useSpaceAwareness, savedObjectType, packageInfos] = await Promise.all([ + isSpaceAwarenessEnabled(), + getPackagePolicySavedObjectType(), + getPackageInfoForPackagePolicies(packagePolicies, soClient), + ]); + + await pMap(packagePolicies, async (packagePolicy) => { const basePkgInfo = packagePolicy.package - ? await getPackageInfo({ - savedObjectsClient: soClient, - pkgName: packagePolicy.package.name, - pkgVersion: packagePolicy.package.version, - ignoreUnverified: true, - prerelease: true, - }) + ? packageInfos.get(`${packagePolicy.package.name}-${packagePolicy.package.version}`) : undefined; if (!packagePolicy.id) { packagePolicy.id = SavedObjectsUtils.generateId(); @@ -508,7 +507,7 @@ class PackagePolicyClientImpl implements PackagePolicyClient { this.keepPolicyIdInSync(packagePolicy); await preflightCheckPackagePolicy(soClient, packagePolicy, basePkgInfo); - } + }); const agentPolicyIds = new Set(packagePolicies.flatMap((pkgPolicy) => pkgPolicy.policy_ids)); @@ -528,8 +527,6 @@ class PackagePolicyClientImpl implements PackagePolicyClient { } } - const packageInfos = await getPackageInfoForPackagePolicies(packagePolicies, soClient); - const isoDate = new Date().toISOString(); const policiesToCreate: Array> = []; @@ -665,6 +662,7 @@ class PackagePolicyClientImpl implements PackagePolicyClient { for (const agentPolicyId of agentPolicyIds) { await agentPolicyService.bumpRevision(soClient, esClient, agentPolicyId, { user: options?.user, + asyncDeploy: options?.asyncDeploy, }); } } @@ -1176,7 +1174,7 @@ class PackagePolicyClientImpl implements PackagePolicyClient { soClient: SavedObjectsClientContract, esClient: ElasticsearchClient, packagePolicyUpdates: Array, - options?: { user?: AuthenticatedUser; force?: boolean } + options?: { user?: AuthenticatedUser; force?: boolean; asyncDeploy?: boolean } ): Promise<{ updatedPolicies: PackagePolicy[] | null; failedPolicies: Array<{ @@ -1347,6 +1345,7 @@ class PackagePolicyClientImpl implements PackagePolicyClient { await agentPolicyService.bumpRevision(soClient, esClient, agentPolicyId, { user: options?.user, removeProtection, + asyncDeploy: options?.asyncDeploy, }); }); @@ -2368,6 +2367,7 @@ class PackagePolicyClientWithAuthz extends PackagePolicyClientImpl { user?: AuthenticatedUser | undefined; bumpRevision?: boolean | undefined; force?: true | undefined; + asyncDeploy?: boolean; } | undefined ): Promise<{ diff --git a/x-pack/plugins/fleet/server/services/package_policy_service.ts b/x-pack/plugins/fleet/server/services/package_policy_service.ts index 967efb1055cfb..5a83c2adf97ab 100644 --- a/x-pack/plugins/fleet/server/services/package_policy_service.ts +++ b/x-pack/plugins/fleet/server/services/package_policy_service.ts @@ -105,6 +105,7 @@ export interface PackagePolicyClient { bumpRevision?: boolean; force?: true; authorizationHeader?: HTTPAuthorizationHeader | null; + asyncDeploy?: boolean; } ): Promise<{ created: PackagePolicy[]; @@ -115,7 +116,7 @@ export interface PackagePolicyClient { soClient: SavedObjectsClientContract, esClient: ElasticsearchClient, packagePolicyUpdates: UpdatePackagePolicy[], - options?: { user?: AuthenticatedUser; force?: boolean }, + options?: { user?: AuthenticatedUser; force?: boolean; asyncDeploy?: boolean }, currentVersion?: string ): Promise<{ updatedPolicies: PackagePolicy[] | null; @@ -165,6 +166,7 @@ export interface PackagePolicyClient { user?: AuthenticatedUser; skipUnassignFromAgentPolicies?: boolean; force?: boolean; + asyncDeploy?: boolean; }, context?: RequestHandlerContext, request?: KibanaRequest diff --git a/x-pack/plugins/observability_solution/apm/ftr_e2e/README.md b/x-pack/plugins/observability_solution/apm/ftr_e2e/README.md index 8336c037ff21d..ecdb37a5f5229 100644 --- a/x-pack/plugins/observability_solution/apm/ftr_e2e/README.md +++ b/x-pack/plugins/observability_solution/apm/ftr_e2e/README.md @@ -1,6 +1,6 @@ # APM E2E -APM uses [FTR](../../../../../packages/kbn-test/README.md) (functional test runner) and [Cypress](https://www.cypress.io/) to run the e2e tests. The tests are located at `kibana/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/integration`. +APM uses [FTR](../../../../../packages/kbn-test/README.mdx) (functional test runner) and [Cypress](https://www.cypress.io/) to run the e2e tests. The tests are located at `kibana/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/integration`. ## Tips and best practices diff --git a/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/transaction_details/transaction_details.cy.ts b/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/transaction_details/transaction_details.cy.ts index 3ae431f5d3299..0fc1b609b14ba 100644 --- a/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/transaction_details/transaction_details.cy.ts +++ b/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/transaction_details/transaction_details.cy.ts @@ -16,7 +16,7 @@ const timeRange = { rangeTo: end, }; // flaky -describe.skip('Transaction details', () => { +describe('Transaction details', () => { before(() => { synthtrace.index( opbeans({ @@ -34,8 +34,7 @@ describe.skip('Transaction details', () => { cy.loginAsViewerUser(); }); - // skipping this as it´s been failing a lot lately, more information here https://github.com/elastic/kibana/issues/197386 - it.skip('shows transaction name and transaction charts', () => { + it('shows transaction name and transaction charts', () => { cy.intercept('GET', '/internal/apm/services/opbeans-java/transactions/charts/latency?*').as( 'transactionLatencyRequest' ); @@ -61,7 +60,7 @@ describe.skip('Transaction details', () => { '@transactionThroughputRequest', '@transactionFailureRateRequest', ], - { timeout: 60000 } + { timeout: 30000 } ).spread((latencyInterception, throughputInterception, failureRateInterception) => { expect(latencyInterception.request.query.transactionName).to.be.eql('GET /api/product'); @@ -107,8 +106,7 @@ describe.skip('Transaction details', () => { ); cy.contains('Create SLO'); }); - // skipping this as it´s been failing a lot lately, more information here https://github.com/elastic/kibana/issues/197386 - it.skip('shows top errors table', () => { + it('shows top errors table', () => { cy.visitKibana( `/app/apm/services/opbeans-java/transactions/view?${new URLSearchParams({ ...timeRange, @@ -116,7 +114,7 @@ describe.skip('Transaction details', () => { })}` ); - cy.contains('Top 5 errors'); + cy.contains('Top 5 errors', { timeout: 30000 }); cy.getByTestSubj('topErrorsForTransactionTable').contains('a', '[MockError] Foo').click(); cy.url().should('include', 'opbeans-java/errors'); }); diff --git a/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/private_location/synthetics_private_location.ts b/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/private_location/synthetics_private_location.ts index fe5f74529121e..9ed34399e74f2 100644 --- a/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/private_location/synthetics_private_location.ts +++ b/x-pack/plugins/observability_solution/synthetics/server/synthetics_service/private_location/synthetics_private_location.ts @@ -369,7 +369,10 @@ export class SyntheticsPrivateLocation { return await this.server.fleet.packagePolicyService.bulkCreate( soClient, esClient, - newPolicies + newPolicies, + { + asyncDeploy: true, + } ); } } @@ -384,6 +387,7 @@ export class SyntheticsPrivateLocation { policiesToUpdate, { force: true, + asyncDeploy: true, } ); return failedPolicies; @@ -401,6 +405,7 @@ export class SyntheticsPrivateLocation { policyIdsToDelete, { force: true, + asyncDeploy: true, } ); } catch (e) { @@ -430,6 +435,7 @@ export class SyntheticsPrivateLocation { policyIdsToDelete, { force: true, + asyncDeploy: true, } ); const failedPolicies = result?.filter((policy) => { diff --git a/x-pack/test/functional/apps/spaces/spaces_selection.ts b/x-pack/test/functional/apps/spaces/spaces_selection.ts index 113282e5a80d6..d2b1019b9d6ac 100644 --- a/x-pack/test/functional/apps/spaces/spaces_selection.ts +++ b/x-pack/test/functional/apps/spaces/spaces_selection.ts @@ -21,6 +21,7 @@ export default function spaceSelectorFunctionalTests({ 'spaceSelector', ]); const spacesService = getService('spaces'); + const sampleData = getService('sampleData'); describe('Spaces', function () { const testSpacesIds = ['another-space', ...Array.from('123456789', (idx) => `space-${idx}`)]; @@ -158,14 +159,7 @@ export default function spaceSelectorFunctionalTests({ }); after(async () => { - // No need to remove the same sample data in both spaces, the index - // data will be removed in the first call. By feature limitation, - // the created saved objects in the second space will be broken but removed - // when we call esArchiver.unload('x-pack/test/functional/es_archives/spaces'). - await PageObjects.common.navigateToApp('home', { - hash: sampleDataHash, - }); - await PageObjects.home.removeSampleDataSet('logs'); + await sampleData.testResources.removeKibanaSampleData('logs'); await PageObjects.security.forceLogout(); }); diff --git a/x-pack/test/functional/page_objects/search_sessions_management_page.ts b/x-pack/test/functional/page_objects/search_sessions_management_page.ts index 6d704387e21f2..8694dc51dfbd6 100644 --- a/x-pack/test/functional/page_objects/search_sessions_management_page.ts +++ b/x-pack/test/functional/page_objects/search_sessions_management_page.ts @@ -37,7 +37,7 @@ export function SearchSessionsPageProvider({ getService, getPageObjects }: FtrPr id: ((await row.getAttribute('data-test-search-session-id')) ?? '').split('id-')[1], name: $.findTestSubject('sessionManagementNameCol').text().trim(), status: $.findTestSubject('sessionManagementStatusLabel').attr('data-test-status'), - mainUrl: $.findTestSubject('sessionManagementNameCol').text(), + mainUrl: $.findTestSubject('sessionManagementNameCol').attr('href'), created: $.findTestSubject('sessionManagementCreatedCol').text(), expires: $.findTestSubject('sessionManagementExpiresCol').text(), searchesCount: Number($.findTestSubject('sessionManagementNumSearchesCol').text()), diff --git a/x-pack/test/search_sessions_integration/tests/apps/discover/async_search.ts b/x-pack/test/search_sessions_integration/tests/apps/discover/async_search.ts index 3e9429ee5ed97..1f768780a9c95 100644 --- a/x-pack/test/search_sessions_integration/tests/apps/discover/async_search.ts +++ b/x-pack/test/search_sessions_integration/tests/apps/discover/async_search.ts @@ -29,8 +29,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { const kibanaServer = getService('kibanaServer'); const toasts = getService('toasts'); - // FLAKY: https://github.com/elastic/kibana/issues/195955 - describe.skip('discover async search', () => { + describe('discover async search', () => { before(async () => { await esArchiver.loadIfNeeded('x-pack/test/functional/es_archives/logstash_functional'); await kibanaServer.importExport.load( @@ -115,6 +114,8 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { it('relative timerange works', async () => { await common.navigateToApp('discover'); await header.waitUntilLoadingHasFinished(); + const url = await browser.getCurrentUrl(); + await searchSessions.save(); await searchSessions.expectState('backgroundCompleted'); const searchSessionId = await getSearchSessionId(); @@ -125,8 +126,14 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { await searchSessionsManagement.goTo(); const searchSessionListBeforeRestore = await searchSessionsManagement.getList(); const searchesCountBeforeRestore = searchSessionListBeforeRestore[0].searchesCount; + // navigate to Discover - await searchSessionListBeforeRestore[0].view(); + // Instead of clicking the link to navigate to Discover, we load Discover from scratch (just like we did when we + // ran the search session before saving). This ensures that the same number of requests are made. + // await searchSessionListBeforeRestore[0].view(); + const restoreUrl = new URL(searchSessionListBeforeRestore[0].mainUrl, url).href; + await browser.navigateTo(restoreUrl); + await header.waitUntilLoadingHasFinished(); await searchSessions.expectState('restored'); expect(await discover.hasNoResults()).to.be(true); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/investigations/sourcerer/sourcerer_timeline.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/sourcerer/sourcerer_timeline.cy.ts index 9d2e1ac2e11a5..3560ff4bfd4c4 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/investigations/sourcerer/sourcerer_timeline.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/sourcerer/sourcerer_timeline.cy.ts @@ -40,7 +40,8 @@ import { closeTimeline, openTimelineById } from '../../../tasks/timeline'; const siemDataViewTitle = 'Security Default Data View'; const dataViews = ['logs-*', 'metrics-*', '.kibana-event-log-*']; -describe('Timeline scope', { tags: ['@ess', '@serverless', '@skipInServerless'] }, () => { +// Failing: See https://github.com/elastic/kibana/issues/198943 +describe.skip('Timeline scope', { tags: ['@ess', '@serverless', '@skipInServerless'] }, () => { before(() => { waitForRulesBootstrap(); });