Merge branch 'master' into alerting/webhook-basic-auth-optional

elastic · Feb 10, 2020 · c7362a6 · c7362a6
2 parents afc62be + bd1df78
commit c7362a6
Show file tree

Hide file tree

Showing 69 changed files with 1,087 additions and 470 deletions.
diff --git a/docs/canvas/canvas-elements.asciidoc b/docs/canvas/canvas-elements.asciidoc
@@ -20,7 +20,9 @@ When you add elements to your workpad, you can:
 [[add-canvas-element]]
 === Add elements to your workpad
 
-Choose the elements to display on your workpad, then familiarize yourself with the element using the preconfigured demo data. By default, every element you add to a workpad uses demo data until you change the data source. The demo data includes a small sample data set that you can use to experiment with your element.
+Choose the elements to display on your workpad, then familiarize yourself with the element using the preconfigured demo data. By default, most elements use demo data until you change the data source. The demo data includes a small sample data set that you can use to experiment with your element.
+
+To add a Canvas element:
 
 . Click *Add element*.
 
@@ -31,13 +33,26 @@ image::images/canvas-element-select.gif[Canvas elements]
 
 . Play around with the default settings and see what the element can do.
 
-TIP: Want to use a different element? You can delete the element by selecting it, clicking the *Element options* icon in the top right, then selecting *Delete*.
+To add a map:
+
+. Click *Embed object*.
+
+. Select the map you want to add to the workpad.
++
+[role="screenshot"]
+image::images/canvas-map-embed.gif[]
+
+NOTE: Demo data is only supported on Canvas elements. Maps do not support demo data.
+
+Want to use a different element? You can delete the element by selecting it, clicking the *Element options* icon in the top right, then selecting *Delete*.
 
 [float]
 [[connect-element-data]]
-=== Connect the element to your data
+=== Connect the Canvas element to your data
 
-When you have finished using the demo data, connect the element to a data source.
+When you have finished using the demo data, connect the Canvas element to a data source.
+
+NOTE: Maps do not support data sources. To change the map data, refer to <<maps, Elastic Maps>>.
 
 . Make sure that the element is selected, then select *Data*.
 
@@ -142,7 +157,7 @@ text.align: center;
 [[configure-auto-refresh-interval]]
 ==== Change the data auto-refresh interval
 
-Increase or decrease how often your data refreshes on your workpad.
+Increase or decrease how often your Canvas element data refreshes on your workpad.
 
 . In the top left corner, click the *Control settings* icon.
 
@@ -153,6 +168,17 @@ image::images/canvas-refresh-interval.png[Element data refresh interval]
 
 TIP: To manually refresh the data, click the *Refresh data* icon.
 
+[float]
+[[canvas-time-range]]
+==== Customize map time ranges
+
+Configure the maps on your workpad for a specific time range.
+
+From the panel menu, select *Customize time range* to expose a time filter dedicated to the map.
+
+[role="screenshot"]
+image::images/canvas_map-time-filter.gif[]
+
 [float]
 [[organize-element]]
 === Organize the elements on your workpad

diff --git a/docs/images/canvas-map-embed.gif b/docs/images/canvas-map-embed.gif
diff --git a/docs/images/canvas_map-time-filter.gif b/docs/images/canvas_map-time-filter.gif
diff --git a/docs/management/advanced-options.asciidoc b/docs/management/advanced-options.asciidoc
@@ -220,8 +220,10 @@ might increase the search time. This setting is off by default. Users must opt-i
 [horizontal]
 `siem:defaultAnomalyScore`:: The threshold above which Machine Learning job anomalies are displayed in the SIEM app.
 `siem:defaultIndex`:: A comma-delimited list of Elasticsearch indices from which the SIEM app collects events.
-`siem:enableNewsFeed`:: Enables the News feed
-`siem:newsFeedUrl`:: News feed content will be retrieved from this URL
+`siem:enableNewsFeed`:: Enables the security news feed on the SIEM *Overview* 
+page.
+`siem:newsFeedUrl`:: The URL from which the security news feed content is 
+retrieved.
 `siem:refreshIntervalDefaults`:: The default refresh interval for the SIEM time filter, in milliseconds.
 `siem:timeDefaults`:: The default period of time in the SIEM time filter.
 

diff --git a/docs/siem/index.asciidoc b/docs/siem/index.asciidoc
@@ -33,7 +33,8 @@ https://www.elastic.co/products/beats/packetbeat[{packetbeat}]
 send security events and other data to Elasticsearch.
 
 The default index patterns for SIEM events are `auditbeat-*`, `winlogbeat-*`,
-`filebeat-*`, `endgame-*`, and `packetbeat-*``. You can change the default index patterns in
+`filebeat-*`, `packetbeat-*`, `endgame-*`, and `apm-*-transaction*`. You can 
+change the default index patterns in
 *Kibana > Management > Advanced Settings > siem:defaultIndex*.
 
 [float]

diff --git a/src/legacy/core_plugins/vis_type_timeseries/public/services.ts b/src/legacy/core_plugins/vis_type_timeseries/public/services.ts
@@ -19,13 +19,13 @@
 
 import { I18nStart, SavedObjectsStart, IUiSettingsClient, CoreStart } from 'src/core/public';
 import { createGetterSetter } from '../../../../plugins/kibana_utils/public';
-import { DataPublicPluginStart, FieldFormatsStart } from '../../../../plugins/data/public';
+import { DataPublicPluginStart } from '../../../../plugins/data/public';
 
 export const [getUISettings, setUISettings] = createGetterSetter<IUiSettingsClient>('UISettings');
 
-export const [getFieldFormats, setFieldFormats] = createGetterSetter<FieldFormatsStart>(
-  'FieldFormats'
-);
+export const [getFieldFormats, setFieldFormats] = createGetterSetter<
+  DataPublicPluginStart['fieldFormats']
+>('FieldFormats');
 
 export const [getSavedObjectsClient, setSavedObjectsClient] = createGetterSetter<SavedObjectsStart>(
   'SavedObjectsClient'

diff --git a/src/legacy/server/logging/log_reporter.js b/src/legacy/server/logging/log_reporter.js
@@ -24,6 +24,14 @@ import LogFormatJson from './log_format_json';
 import LogFormatString from './log_format_string';
 import { LogInterceptor } from './log_interceptor';
 
+// NOTE: legacy logger creates a new stream for each new access
+// In https://github.com/elastic/kibana/pull/55937 we reach the max listeners
+// default limit of 10 for process.stdout which starts a long warning/error
+// thrown every time we start the server.
+// In order to keep using the legacy logger until we remove it I'm just adding
+// a new hard limit here.
+process.stdout.setMaxListeners(15);
+
 export function getLoggerStream({ events, config }) {
   const squeeze = new Squeeze(events);
   const format = config.json ? new LogFormatJson(config) : new LogFormatString(config);

diff --git a/src/plugins/data/public/autocomplete/autocomplete_service.ts b/src/plugins/data/public/autocomplete/autocomplete_service.ts
@@ -18,26 +18,23 @@
  */
 
 import { CoreSetup } from 'src/core/public';
-import { QuerySuggestionsGetFn } from './providers/query_suggestion_provider';
+import { QuerySuggestionGetFn } from './providers/query_suggestion_provider';
 import {
   setupValueSuggestionProvider,
   ValueSuggestionsGetFn,
 } from './providers/value_suggestion_provider';
 
 export class AutocompleteService {
-  private readonly querySuggestionProviders: Map<string, QuerySuggestionsGetFn> = new Map();
+  private readonly querySuggestionProviders: Map<string, QuerySuggestionGetFn> = new Map();
   private getValueSuggestions?: ValueSuggestionsGetFn;
 
-  private addQuerySuggestionProvider = (
-    language: string,
-    provider: QuerySuggestionsGetFn
-  ): void => {
+  private addQuerySuggestionProvider = (language: string, provider: QuerySuggestionGetFn): void => {
     if (language && provider) {
       this.querySuggestionProviders.set(language, provider);
     }
   };
 
-  private getQuerySuggestions: QuerySuggestionsGetFn = args => {
+  private getQuerySuggestions: QuerySuggestionGetFn = args => {
     const { language } = args;
     const provider = this.querySuggestionProviders.get(language);
 

diff --git a/src/plugins/data/public/autocomplete/index.ts b/src/plugins/data/public/autocomplete/index.ts
@@ -16,7 +16,14 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-import * as autocomplete from './static';
-export { AutocompleteService, AutocompleteSetup, AutocompleteStart } from './autocomplete_service';
 
-export { autocomplete };
+export {
+  QuerySuggestion,
+  QuerySuggestionTypes,
+  QuerySuggestionGetFn,
+  QuerySuggestionGetFnArgs,
+  QuerySuggestionBasic,
+  QuerySuggestionField,
+} from './providers/query_suggestion_provider';
+
+export { AutocompleteService, AutocompleteSetup, AutocompleteStart } from './autocomplete_service';
diff --git a/src/plugins/data/public/autocomplete/providers/query_suggestion_provider.ts b/src/plugins/data/public/autocomplete/providers/query_suggestion_provider.ts
@@ -19,20 +19,20 @@
 
 import { IFieldType, IIndexPattern } from '../../../common/index_patterns';
 
-export enum QuerySuggestionsTypes {
+export enum QuerySuggestionTypes {
   Field = 'field',
   Value = 'value',
   Operator = 'operator',
   Conjunction = 'conjunction',
   RecentSearch = 'recentSearch',
 }
 
-export type QuerySuggestionsGetFn = (
-  args: QuerySuggestionsGetFnArgs
+export type QuerySuggestionGetFn = (
+  args: QuerySuggestionGetFnArgs
 ) => Promise<QuerySuggestion[]> | undefined;
 
 /** @public **/
-export interface QuerySuggestionsGetFnArgs {
+export interface QuerySuggestionGetFnArgs {
   language: string;
   indexPatterns: IIndexPattern[];
   query: string;
@@ -43,8 +43,8 @@ export interface QuerySuggestionsGetFnArgs {
 }
 
 /** @public **/
-export interface BasicQuerySuggestion {
-  type: QuerySuggestionsTypes;
+export interface QuerySuggestionBasic {
+  type: QuerySuggestionTypes;
   description?: string | JSX.Element;
   end: number;
   start: number;
@@ -53,10 +53,10 @@ export interface BasicQuerySuggestion {
 }
 
 /** @public **/
-export interface FieldQuerySuggestion extends BasicQuerySuggestion {
-  type: QuerySuggestionsTypes.Field;
+export interface QuerySuggestionField extends QuerySuggestionBasic {
+  type: QuerySuggestionTypes.Field;
   field: IFieldType;
 }
 
 /** @public **/
-export type QuerySuggestion = BasicQuerySuggestion | FieldQuerySuggestion;
+export type QuerySuggestion = QuerySuggestionBasic | QuerySuggestionField;
diff --git a/src/plugins/data/public/autocomplete/static.ts b/src/plugins/data/public/autocomplete/static.ts
diff --git a/src/plugins/data/public/index.ts b/src/plugins/data/public/index.ts
@@ -104,7 +104,17 @@ export {
   FieldFormatConfig,
   FieldFormatId,
 } from '../common';
-export { autocomplete } from './autocomplete';
+
+export {
+  QuerySuggestion,
+  QuerySuggestionTypes,
+  QuerySuggestionGetFn,
+  QuerySuggestionGetFnArgs,
+  QuerySuggestionBasic,
+  QuerySuggestionField,
+} from './autocomplete';
+
+export * from './field_formats';
 export * from './index_patterns';
 export * from './search';
 export * from './query';

diff --git a/src/plugins/data/public/query/filter_manager/lib/mappers/map_spatial_filter.test.ts b/src/plugins/data/public/query/filter_manager/lib/mappers/map_spatial_filter.test.ts
@@ -24,6 +24,7 @@ describe('mapSpatialFilter()', () => {
   test('should return the key for matching multi polygon filter', async () => {
     const filter = {
       meta: {
+        key: 'location',
         alias: 'my spatial filter',
         type: esFilters.FILTERS.SPATIAL_FILTER,
       } as esFilters.FilterMeta,
@@ -41,14 +42,15 @@ describe('mapSpatialFilter()', () => {
     } as esFilters.Filter;
     const result = mapSpatialFilter(filter);
 
-    expect(result).toHaveProperty('key', 'query');
+    expect(result).toHaveProperty('key', 'location');
     expect(result).toHaveProperty('value', '');
     expect(result).toHaveProperty('type', esFilters.FILTERS.SPATIAL_FILTER);
   });
 
   test('should return the key for matching polygon filter', async () => {
     const filter = {
       meta: {
+        key: 'location',
         alias: 'my spatial filter',
         type: esFilters.FILTERS.SPATIAL_FILTER,
       } as esFilters.FilterMeta,
@@ -58,14 +60,15 @@ describe('mapSpatialFilter()', () => {
     } as esFilters.Filter;
     const result = mapSpatialFilter(filter);
 
-    expect(result).toHaveProperty('key', 'geo_polygon');
+    expect(result).toHaveProperty('key', 'location');
     expect(result).toHaveProperty('value', '');
     expect(result).toHaveProperty('type', esFilters.FILTERS.SPATIAL_FILTER);
   });
 
   test('should return undefined for none matching', async done => {
     const filter = {
       meta: {
+        key: 'location',
         alias: 'my spatial filter',
       } as esFilters.FilterMeta,
       geo_polygon: {

diff --git a/src/plugins/data/public/query/filter_manager/lib/mappers/map_spatial_filter.ts b/src/plugins/data/public/query/filter_manager/lib/mappers/map_spatial_filter.ts
@@ -20,18 +20,14 @@ import { esFilters } from '../../../../../common';
 
 // Use mapSpatialFilter mapper to avoid bloated meta with value and params for spatial filters.
 export const mapSpatialFilter = (filter: esFilters.Filter) => {
-  const metaProperty = /(^\$|meta)/;
-  const key = Object.keys(filter).find(item => {
-    return !item.match(metaProperty);
-  });
   if (
-    key &&
     filter.meta &&
+    filter.meta.key &&
     filter.meta.alias &&
     filter.meta.type === esFilters.FILTERS.SPATIAL_FILTER
   ) {
     return {
-      key,
+      key: filter.meta.key,
       type: filter.meta.type,
       value: '',
     };