Reduce or improve the number of assets added under the hood

[yomduf]

Describe the feature:
When users browse Kibana, they may activate features (by mistake) that automatically add assets (data-views/dashboards) that are managed by Kibana.
Some of these assets are not easy to delete because they are "Managed" so it add a kind of noise in the Kibana Environment

Example :

• By simply clicking Main Menu > Security > Dashboards, Elastic automatically added, without consent, the following integrations Elastic Defend and Prebuilt Security Detection Rules. As a result, several unrequested data views, a dashboard (and most likely other things) were created without need.

Describe a specific use case for the feature:
Maybe add

• warning message, such as By clicking here, dashboards and data views will automatically be added to this space. Do you wish to continue?
• Or maybe we should add a boolean settings in Kibana Advanced Settings Automatically add managed assets

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[jlind23]

@nimarezainia is this something you have already heard of?

[lucabelluccini]

Additional context:

• This might be seen as a Fleet feature to be offered to integration developers. Instead of installing all assets by default, we can offer optional assets and a mandatory set of assets (e.g. Index Templates, Ingest pipelines, ... are mandatory - Dashboards, Visualizations, Alerts can be optional)
• For some "system" integrations (e.g. Elastic Agent integration), all assets must be made mandatory as we rely on them for Monitoring features of Fleet/Elastic Agent (Elastic Agent view in Fleet has a link to the Elastic Agent monitoring dashboard)

[nimarezainia]

so it add a kind of noise in the Kibana Environment

there's a fairly comprehensive filtering options there. Why couldn't the user just filter out "managed"? I'm worried about changing already established behaviour in this regard.

[lucabelluccini]

I think this can be expressed as "Fleet UI to offer the ability to install assets selectively":

• Ingestion assets (index templates, components, ingest pipelines). Those are purely ES side and I would make those mandatory and with a big warning they are required in 99% of cases.
• Dashboards and Visualizations (+ data views). Those are optional (some integrations might mark them as mandatory, like the elastic_agent package as the monitoring dashboards are needed for the Fleet UI to work properly)
• Transforms. Some integrations started shipping transforms with integrations.
• (future) Alerts, SLO, ... ?

I can provide 2 possible use cases:

• User doesn't use our bundled dashboards for Prometheus integration. They do not want to remove them every time they install/upgrade to not pollute the Kibana environment they have.
• User has N clusters and a central CCS cluster. Each cluster is dedicated only for ingesting data for a separate data center. In each one of the N clusters they only ingest data. The central CCS cluster searches across all the N clusters. They want to:
  • install only the ingest assets in the N clusters
  • install only the kibana assets in the CCS cluster

[nimarezainia]

let's pursue this as giving the user the ability to make non-essential assets as optional installs. Provide the package developer the ability to nominate which assets are "optional" (and therefore can be de-selected) and which are mandatory (which can't be de-selected).

All assets are "selected" by default as that is the current behavior.