Merge branch 'main' into 193206-apmotel-add-e2e-tests-for-otel-services

.github/workflows/launchdarkly-code-references.yml

@@ -5,11 +5,6 @@ on:
     branches:
       - 'main'
 
-# cancel in-flight workflow run if another push was triggered
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
-  cancel-in-progress: true
-
 jobs:
   launchDarklyCodeReferences:
     name: LaunchDarkly Code References

config/serverless.yml

@@ -113,6 +113,9 @@ xpack.index_management.enableTogglingDataRetention: false
 # Disable project level rentention checks in DSL form from Index Management UI
 xpack.index_management.enableProjectLevelRetentionChecks: false
 
+# Disable Manage Processors UI in Ingest Pipelines
+xpack.ingest_pipelines.enableManageProcessors: false
+
 # Keep deeplinks visible so that they are shown in the sidenav
 dev_tools.deeplinks.navLinkStatus: visible
 management.deeplinks.navLinkStatus: visible
@@ -204,6 +207,7 @@ uiSettings:
     labs:dashboard:deferBelowFold: false
 
 # Task Manager
+xpack.task_manager.claim_strategy: mget
 xpack.task_manager.allow_reading_invalid_state: false
 xpack.task_manager.request_timeouts.update_by_query: 60000
 xpack.task_manager.metrics_reset_interval: 120000

docs/CHANGELOG.asciidoc

@@ -10,6 +10,7 @@
 
 Review important information about the {kib} 8.x releases.
 
+* <<release-notes-8.15.3>>
 * <<release-notes-8.15.2>>
 * <<release-notes-8.15.1>>
 * <<release-notes-8.15.0>>
@@ -76,6 +77,44 @@ Review important information about the {kib} 8.x releases.
 
 include::upgrade-notes.asciidoc[]
 
+[[release-notes-8.15.3]]
+== {kib} 8.15.3
+
+The 8.15.3 release includes the following bug fixes.
+
+[float]
+[[fixes-v8.15.3]]
+=== Bug fixes
+Alerting::
+* Fixes a storage configuration error that could prevent the Stack Management > Alerts page from loading correctly ({kibana-pull}194785[#194785]).
+* Fixes a bug preventing certain alerts with Role visibility set to "Stack Rules" from being shown on the Stack Management page ({kibana-pull}194615[#194615]).
+* Fixes an issue where rules created from Discover before version 8.11.0 could no longer be accessed after upgrading ({kibana-pull}192321[#192321]).
+Dashboards::
+* Fixes an issue where the `embed=true` parameter was missing when sharing a dashboard with the Embed code option ({kibana-pull}194366[#194366]).
+Discover::
+* Fixes an issue with the document viewer panel not opening in focus mode ({kibana-pull}191039[#191039]).
+Elastic Observability solution::
+* Fixes the OpenTelemetry guided onboarding for MacOS with x86_64 architectures ({kibana-pull}194915[#194915]).
+* Fixes a bug where the SLO creation form was allowing multiple values for timestamp fields ({kibana-pull}194311[#194311]).
+Elastic Search solution::
+* Fixes a bug with the https://www.elastic.co/guide/en/enterprise-search/8.15/connectors-network-drive.html[Network Drive connector] where advanced configuration fields were not displayed for CSV file role mappings with `Drive Type: Linux` selected ({kibana-pull}195567[#195567]).
+Elastic Security solution::
+For the Elastic Security 8.15.3 release information, refer to {security-guide}/release-notes.html[_Elastic Security Solution Release Notes_].
+Kibana security::
+* Automatic Import no longer asks the LLM to map fields to reserved ECS fields ({kibana-pull}195168[#195168]).
+* Automatic Import no longer returns an "Invalid ECS field" message when the ECS mapping slightly differs from the expected format. For example `date_format` instead of `date_formats` ({kibana-pull}195167[#195167]).
+* Fixes an issue that was causing the Grok processor to return non-ECS compatible fields when processing structured or unstructured syslog samples in Automatic Import ({kibana-pull}194727[#194727]).
+* Fixes the integrationName when uploading a new version of an existing integration using a ZIP upload ({kibana-pull}194298[#194298]).
+* Fixes a bug that caused the Deploy step of Automatic Import to fail after a pipeline was edited and saved ({kibana-pull}194203[#194203]).
+* Fixes an issue in the Kibana Management > Roles page where users could not sort the table by clicking the column headers ({kibana-pull}194196[#194196]).
+Lens & Visualizations::
+* Fixes an issue where the legend label truncation setting wasn't working properly for heat maps in Lens ({kibana-pull}195928[#195928]).
+Machine Learning::
+* Fixes an issue preventing Anomaly swim lane panels from updating on query changes ({kibana-pull}195090[#195090]).
+* Fixes an issue that could cause the "rows per page" option to disappear from the Anomaly timeline view in the Anomaly Explorer ({kibana-pull}194531[#194531]).
+* Fixes an issue causing screen flickering on the Results Explorer and Analytics Map pages when no jobs are available ({kibana-pull}193890[#193890]).
+
+
 [[release-notes-8.15.2]]
 == {kib} 8.15.2
 

docs/api/osquery-manager.asciidoc

@@ -1,6 +1,12 @@
 [[osquery-manager-api]]
 == Osquery manager API
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Run live queries, manage packs and saved queries
 
 Use the osquery manager APIs for managing packs and saved queries.

docs/api/osquery-manager/live-queries/create.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Create live query</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Create live queries.
 
 

docs/api/osquery-manager/live-queries/get-all.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Get live queries</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Get live queries.
 
 

docs/api/osquery-manager/live-queries/get-results.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Get live query results</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Retrieve a single live query result by ID.
 
 

docs/api/osquery-manager/live-queries/get.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Get live query</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Retrieves a single live query by ID.
 
 

docs/api/osquery-manager/packs/create.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Create pack</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Create packs.
 
 

docs/api/osquery-manager/packs/delete.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Delete pack</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Delete packs.
 
 WARNING: Once you delete a pack, _it cannot be recovered_.

docs/api/osquery-manager/packs/get-all.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Get packs</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Get packs.
 
 

docs/api/osquery-manager/packs/get.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Get pack</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Retrieve a single pack by ID.
 
 

docs/api/osquery-manager/packs/update.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Update pack</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Update packs.
 
 WARNING: You are unable to update a prebuilt pack (`read_only = true`).

docs/api/osquery-manager/saved-queries/create.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Create saved query</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Create saved queries.
 
 

docs/api/osquery-manager/saved-queries/delete.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Delete saved query</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Delete saved queries.
 
 WARNING: Once you delete a saved query, _it cannot be recovered_.

docs/api/osquery-manager/saved-queries/get-all.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Get saved-queries</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Get saved queries.
 
 

docs/api/osquery-manager/saved-queries/get.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Get saved query</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Retrieve a single saved query by ID.
 
 

docs/api/osquery-manager/saved-queries/update.asciidoc

@@ -4,6 +4,12 @@
 <titleabbrev>Update saved query</titleabbrev>
 ++++
 
+.New API Reference
+[sidebar]
+--
+For the most up-to-date API details, refer to {api-kibana}/group/endpoint-security-osquery-api[Osquery APIs].
+--
+
 experimental[] Update saved queries.
 
 WARNING: You are unable to update a prebuilt saved query (`prebuilt = true`).

docs/user/dashboard/view-dashboard-usage.asciidoc

@@ -6,4 +6,4 @@ image:images/view-details-dashboards-8.16.0.png[View details icon in the list of
 
 These details include a graph showing the total number of views during the last 90 days.
 
-image:images/dashboard-usage-count.png[Graph showing the number of views during the last 90 days]
+image:images/dashboard-usage-count.png[Graph showing the number of views during the last 90 days, width="50%"]

oas_docs/output/kibana.serverless.staging.yaml

@@ -35261,6 +35261,15 @@ paths:
           schema:
             nullable: true
             type: string
+        - in: query
+          name: userFilter
+          schema:
+            nullable: true
+            type: string
+        - in: query
+          name: associatedFilter
+          schema:
+            $ref: '#/components/schemas/Security_Timeline_API_AssociatedFilterType'
       responses:
         '200':
           content:
@@ -48009,6 +48018,7 @@ components:
         - started
         - stopped
         - updating
+        - error
       type: string
     Security_Entity_Analytics_API_Entity:
       oneOf:
@@ -49413,6 +49423,14 @@ components:
     Security_Osquery_API_VersionOrUndefined:
       $ref: '#/components/schemas/Security_Osquery_API_Version'
       nullable: true
+    Security_Timeline_API_AssociatedFilterType:
+      description: Filter notes based on their association with a document or saved object.
+      enum:
+        - document_only
+        - saved_object_only
+        - document_and_saved_object
+        - orphan
+      type: string
     Security_Timeline_API_BareNote:
       type: object
       properties:

oas_docs/output/kibana.serverless.yaml

@@ -35261,6 +35261,15 @@ paths:
           schema:
             nullable: true
             type: string
+        - in: query
+          name: userFilter
+          schema:
+            nullable: true
+            type: string
+        - in: query
+          name: associatedFilter
+          schema:
+            $ref: '#/components/schemas/Security_Timeline_API_AssociatedFilterType'
       responses:
         '200':
           content:
@@ -48009,6 +48018,7 @@ components:
         - started
         - stopped
         - updating
+        - error
       type: string
     Security_Entity_Analytics_API_Entity:
       oneOf:
@@ -49413,6 +49423,14 @@ components:
     Security_Osquery_API_VersionOrUndefined:
       $ref: '#/components/schemas/Security_Osquery_API_Version'
       nullable: true
+    Security_Timeline_API_AssociatedFilterType:
+      description: Filter notes based on their association with a document or saved object.
+      enum:
+        - document_only
+        - saved_object_only
+        - document_and_saved_object
+        - orphan
+      type: string
     Security_Timeline_API_BareNote:
       type: object
       properties: