Merge branch 'main' into 8657_2

config/node.options

@@ -13,3 +13,7 @@
 
 ## enable OpenSSL 3 legacy provider
 --openssl-legacy-provider
+
+# Enable capturing heap snapshots. See https://nodejs.org/api/cli.html#--heapsnapshot-signalsignal
+--heapsnapshot-signal=SIGUSR2
+--diagnostic-dir=./data

src/dev/build/tasks/os_packages/docker_generator/templates/base/Dockerfile

@@ -157,9 +157,6 @@ COPY --chown=1000:0 config/serverless.yml /usr/share/kibana/config/serverless.ym
 COPY --chown=1000:0 config/serverless.es.yml /usr/share/kibana/config/serverless.es.yml
 COPY --chown=1000:0 config/serverless.oblt.yml /usr/share/kibana/config/serverless.oblt.yml
 COPY --chown=1000:0 config/serverless.security.yml /usr/share/kibana/config/serverless.security.yml
-# Supportability enhancement: enable capturing heap snapshots. See https://nodejs.org/api/cli.html#--heapsnapshot-signalsignal
-RUN /usr/bin/echo -e '\n--heapsnapshot-signal=SIGUSR2' >> config/node.options
-RUN /usr/bin/echo '--diagnostic-dir=./data' >> config/node.options
 ENV PROFILER_SIGNAL=SIGUSR1
 {{/serverless}}
 {{^opensslLegacyProvider}}

src/plugins/unified_histogram/public/services/lens_vis_service.attributes.test.ts

@@ -240,7 +240,7 @@ describe('LensVisService attributes', () => {
                         "label": "Top 3 values of extension",
                         "operationType": "terms",
                         "params": Object {
-                          "missingBucket": false,
+                          "missingBucket": true,
                           "orderBy": Object {
                             "columnId": "count_column",
                             "type": "column",

src/plugins/unified_histogram/public/services/lens_vis_service.ts

@@ -378,7 +378,7 @@ export class LensVisService {
             },
             orderDirection: 'desc',
             otherBucket: true,
-            missingBucket: false,
+            missingBucket: true,
             parentFormat: {
               id: 'terms',
             },

x-pack/plugins/security_solution/public/app/solution_navigation/categories.ts

@@ -47,7 +47,10 @@ export const CATEGORIES: Array<SeparatorLinkCategory<SolutionPageName>> = [
   // --- Hidden links that need to be configured in the navigationTree for breadcrumbs ---
   {
     type: LinkCategoryType.separator,
-    linkIds: [SecurityPageName.entityAnalyticsManagement], // Linked from the management cards landing.
+    linkIds: [
+      SecurityPageName.entityAnalyticsManagement,
+      SecurityPageName.entityAnalyticsAssetClassification,
+    ], // Linked from the management cards landing.
   },
 ];
 

x-pack/plugins/security_solution/public/app/solution_navigation/links/sections/settings_links.ts

@@ -10,18 +10,19 @@ import type { LinkItem } from '../../../../common/links/types';
 import type { SolutionNavLink } from '../../../../common/links';
 import * as i18n from './settings_translations';
 
+const ENTITY_ANALYTICS_LINKS = [
+  SecurityPageName.entityAnalyticsManagement,
+  SecurityPageName.entityAnalyticsAssetClassification,
+];
+
 export const createSettingsLinksFromManage = (manageLink: LinkItem): LinkItem[] => {
-  const entityAnalyticsLink = manageLink.links?.find(
-    ({ id }) => id === SecurityPageName.entityAnalyticsManagement
-  );
-  return entityAnalyticsLink
-    ? [
-        {
-          ...entityAnalyticsLink,
-          sideNavDisabled: true, // Link disabled from the side nav but configured in the navigationTree (breadcrumbs). It is displayed in the management cards landing.
-        },
-      ]
-    : [];
+  const entityAnalyticsLinks =
+    manageLink.links?.filter(({ id }) => ENTITY_ANALYTICS_LINKS.includes(id)) ?? [];
+
+  return entityAnalyticsLinks.map((link) => ({
+    ...link,
+    sideNavDisabled: true, // Link disabled from the side nav but configured in the navigationTree (breadcrumbs). It is displayed in the management cards landing.
+  }));
 };
 
 export const settingsNavLinks: SolutionNavLink[] = [

x-pack/plugins/security_solution/public/entity_analytics/components/asset_criticality_file_uploader/components/file_picker_step.tsx

@@ -6,6 +6,7 @@
  */
 
 import {
+  EuiCode,
   EuiCodeBlock,
   EuiFilePicker,
   EuiPanel,
@@ -52,7 +53,7 @@ export const AssetCriticalityFilePickerStep: React.FC<AssetCriticalityFilePicker
           <EuiTitle size="xxs">
             <h3>
               <FormattedMessage
-                defaultMessage="CSV File Format Requirements"
+                defaultMessage="Supported file formats and size"
                 id="xpack.securitySolution.entityAnalytics.assetCriticalityUploadPage.csvFileFormatRequirements"
               />
             </h3>
@@ -62,7 +63,7 @@ export const AssetCriticalityFilePickerStep: React.FC<AssetCriticalityFilePicker
           <ul className={listStyle}>
             <li>
               <FormattedMessage
-                defaultMessage="Supported file formats: {formats}"
+                defaultMessage="File formats: {formats}"
                 id="xpack.securitySolution.entityAnalytics.assetCriticalityUploadPage.acceptedFileFormats"
                 values={{
                   formats: SUPPORTED_FILE_EXTENSIONS.join(', '),
@@ -71,7 +72,7 @@ export const AssetCriticalityFilePickerStep: React.FC<AssetCriticalityFilePicker
             </li>
             <li>
               <FormattedMessage
-                defaultMessage="You can upload files up to {maxFileSize}"
+                defaultMessage="Maximum file size: {maxFileSize}"
                 id="xpack.securitySolution.entityAnalytics.assetCriticalityUploadPage.uploadFileSizeLimit"
                 values={{
                   maxFileSize: formatBytes(CRITICALITY_CSV_MAX_SIZE_BYTES),
@@ -83,7 +84,7 @@ export const AssetCriticalityFilePickerStep: React.FC<AssetCriticalityFilePicker
           <EuiTitle size="xxs">
             <h3>
               <FormattedMessage
-                defaultMessage="Required CSV Structure"
+                defaultMessage="Required file structure"
                 id="xpack.securitySolution.entityAnalytics.assetCriticalityUploadPage.CSVStructureTitle"
               />
             </h3>
@@ -93,7 +94,7 @@ export const AssetCriticalityFilePickerStep: React.FC<AssetCriticalityFilePicker
           <ul className={listStyle}>
             <li>
               <FormattedMessage
-                defaultMessage="Resource type: Indicate whether the resource is a {host} or a {user}."
+                defaultMessage="Entity type: Indicate whether the entity is a {host} or a {user}."
                 id="xpack.securitySolution.entityAnalytics.assetCriticalityUploadPage.assetTypeDescription"
                 values={{
                   host: <b>{'host'}</b>,
@@ -104,21 +105,21 @@ export const AssetCriticalityFilePickerStep: React.FC<AssetCriticalityFilePicker
             <li>
               {
                 <FormattedMessage
-                  defaultMessage="Identifier: The unique identifier for each asset's {hostName} or {userName}."
+                  defaultMessage="Identifier: Specify the entity's {hostName} or {userName}."
                   id="xpack.securitySolution.entityAnalytics.assetCriticalityUploadPage.assetIdentifierDescription"
                   values={{
-                    hostName: <b>{'Host.name'}</b>,
-                    userName: <b>{'User.name'}</b>,
+                    hostName: <b>{'host.name'}</b>,
+                    userName: <b>{'user.name'}</b>,
                   }}
                 />
               }
             </li>
             <li>
               <FormattedMessage
-                defaultMessage="Criticality label: Use any one of {labels}"
+                defaultMessage="Criticality level: Specify any one of {labels}"
                 id="xpack.securitySolution.entityAnalytics.assetCriticalityUploadPage.assetCriticalityLabels"
                 values={{
-                  labels: <b>{ValidCriticalityLevels.join(', ')}</b>,
+                  labels: <EuiCode>{ValidCriticalityLevels.join(', ')}</EuiCode>,
                 }}
               />
             </li>

x-pack/plugins/security_solution/public/entity_analytics/components/asset_criticality_file_uploader/components/result_step.tsx

@@ -67,7 +67,7 @@ export const AssetCriticalityResultStep: React.FC<{
           iconType="checkInCircleFilled"
         >
           <FormattedMessage
-            defaultMessage="Your asset criticality assignments have been successfully mapped."
+            defaultMessage="Your asset criticality levels have been assigned."
             id="xpack.securitySolution.entityAnalytics.assetCriticalityResultStep.successMessage"
           />
         </EuiCallOut>

x-pack/plugins/security_solution/public/entity_analytics/components/asset_criticality_file_uploader/components/validation_step.test.tsx

@@ -54,7 +54,7 @@ describe('AssetCriticalityValidationStep', () => {
       wrapper: TestProviders,
     });
 
-    expect(container).toHaveTextContent('10 asset criticalities will be assigned');
+    expect(container).toHaveTextContent('10 asset criticality levels will be assigned');
     expect(container).toHaveTextContent("5 lines are invalid and won't be assigned");
     expect(container).toHaveTextContent('test.csv preview');
   });

x-pack/plugins/security_solution/public/entity_analytics/components/asset_criticality_file_uploader/components/validation_step.tsx

@@ -72,7 +72,7 @@ export const AssetCriticalityValidationStep: React.FC<AssetCriticalityValidation
                     <span data-test-subj="asset-criticality-validLinesMessage">
                       <FormattedMessage
                         id="xpack.securitySolution.entityAnalytics.assetCriticalityValidationStep.validLinesMessage"
-                        defaultMessage="{validLinesCount, plural, one {{validLinesCountBold} asset criticality will be assigned} other {{validLinesCountBold} asset criticalities will be assigned}}"
+                        defaultMessage="{validLinesCount, plural, one {{validLinesCountBold} asset criticality level will be assigned} other {{validLinesCountBold} asset criticality levels will be assigned}}"
                         values={{
                           validLinesCount: validLines.count,
                           validLinesCountBold: <b>{validLines.count}</b>,

x-pack/plugins/security_solution/public/entity_analytics/pages/asset_criticality_upload_page.tsx

@@ -121,15 +121,15 @@ export const AssetCriticalityUploadPage = () => {
             <h2>
               <FormattedMessage
                 id="xpack.securitySolution.entityAnalytics.assetCriticalityUploadPage.subTitle"
-                defaultMessage="Quickly Assign Asset Criticality with CSV Upload"
+                defaultMessage="Import your asset criticality data"
               />
             </h2>
           </EuiTitle>
           <EuiSpacer size="m" />
           <EuiText size="s">
             <FormattedMessage
               id="xpack.securitySolution.entityAnalytics.assetCriticalityUploadPage.description"
-              defaultMessage="Effortlessly import asset criticality from your asset management tools via CSV. This simple upload ensures data accuracy and reduces manual input errors."
+              defaultMessage="Bulk assign asset criticality by importing a CSV, TXT, or TSV file exported from your asset management tools. This ensures data accuracy and reduces manual input errors."
             />
           </EuiText>
           <EuiSpacer size="s" />
@@ -152,7 +152,7 @@ export const AssetCriticalityUploadPage = () => {
             <EuiText size="s">
               <FormattedMessage
                 id="xpack.securitySolution.entityAnalytics.assetCriticalityUploadPage.information.description"
-                defaultMessage="Allows you to classify assets based on their value and impact on business operations, to guide prioritization for alert triaging, threat-hunting, and investigation activities."
+                defaultMessage="Asset criticality allows you to classify entities based on their importance and impact on business operations. Use asset criticality to guide prioritization for alert triaging, threat-hunting, and investigation activities."
               />
             </EuiText>
             <EuiHorizontalRule />

x-pack/plugins/security_solution_ess/public/navigation/management_cards.ts

@@ -17,6 +17,7 @@ const SecurityManagementCards = new Map<string, CardNavExtensionDefinition['cate
   [ExternalPageName.visualize, 'content'],
   [ExternalPageName.maps, 'content'],
   [SecurityPageName.entityAnalyticsManagement, 'alerts'],
+  [SecurityPageName.entityAnalyticsAssetClassification, 'alerts'],
 ]);
 export const enableManagementCardsLanding = (services: Services) => {
   const { securitySolution, management, application, navigation } = services;

x-pack/plugins/security_solution_serverless/public/navigation/management_cards.ts

@@ -16,6 +16,7 @@ const SecurityManagementCards = new Map<string, CardNavExtensionDefinition['cate
   [ExternalPageName.visualize, 'content'],
   [ExternalPageName.maps, 'content'],
   [SecurityPageName.entityAnalyticsManagement, 'alerts'],
+  [SecurityPageName.entityAnalyticsAssetClassification, 'alerts'],
 ]);
 
 export const enableManagementCardsLanding = (services: Services) => {

x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/asset_criticality_upload_page.cy.ts

@@ -38,7 +38,10 @@ describe(
       uploadAssetCriticalityFile();
 
       cy.get(FILE_PICKER).should('not.visible');
-      cy.get(VALID_LINES_MESSAGE).should('have.text', '4 asset criticalities will be assigned');
+      cy.get(VALID_LINES_MESSAGE).should(
+        'have.text',
+        '4 asset criticality levels will be assigned'
+      );
       cy.get(INVALID_LINES_MESSAGE).should('have.text', "1 line is invalid and won't be assigned");
 
       clickAssignButton();