After #163895 this PR forward
ports the typescript-eslint packages to v5.62.0.

…e 1 (#164163)

## Summary

Fixes #162618

There was an issue with setting pagination for the EUI table before
models are fetched. Providing a page index while the items count is 0
caused pagination to reset with an uninitialized URL state callback.
This PR adds a check to verify model list has been retrieved.

Also, the Kibana `_stats` endpoint has been updated to provide a `size`
parameter.

## Summary

Removes a beta label from the "terminal output" feature in the linux
settings for the endpoint integration. The beta tag was previously
removed from the TTY player itself, but this spot was missed.

Also, this PR changes codeowners of session_view, kubernetes_security
and cloud_defend plugins to the **kibana-cloud-security-posture** team

---------

Co-authored-by: kibanamachine <[email protected]>

…63784)

> [!WARNING]
> Sorry, I had to recreate the PR
#157241
> Please submit your review again.

- Closes #155019

Per docs
https://www.elastic.co/guide/en/elasticsearch/reference/current/paginate-search-results.html
<img width="851" alt="Screenshot 2023-05-10 at 10 25 20"
src="https://github.com/elastic/kibana/assets/1415710/b4b9fef4-7dd8-40ed-8244-343889fc4367">


## Summary

1. This PR improves `search_after` pagination for `date_nanos` time
fields. `sort` value will be returned from ES as a string instead of a
rounded and incorrect timestamp. This change allows to also simplify
logic on Surrounding document page.

Before:
<img width="400" alt="Screenshot 2023-05-08 at 17 36 19"
src="https://github.com/elastic/kibana/assets/1415710/fd9f45c4-5dc2-4103-83b9-8810e3a6e0df">

After:
<img width="400" alt="Screenshot 2023-05-08 at 17 37 13"
src="https://github.com/elastic/kibana/assets/1415710/fe9090c0-2116-4f77-9a57-a96ae6b00365">

2. Also in this PR we now allow users to load more documents within the
same time range. Once the button is pressed, it will load next portion
of documents (same "sampleSize" value will be used). Currently, we limit
max total loaded documents to 10000.

"Load more" demo:
![Aug-07-2023
16-23-28](https://github.com/elastic/kibana/assets/1415710/53af9809-75cb-4b8a-8e99-d8f6d76b4981)

If refresh interval is on, the button becomes disabled:
![Aug-07-2023
16-24-58](https://github.com/elastic/kibana/assets/1415710/85db6144-98eb-40b5-ac88-80ea728bcd6b)

Date nanos demo:
![Aug-07-2023
16-34-59](https://github.com/elastic/kibana/assets/1415710/dc9fe0b1-e419-4c76-9fc6-79907b134e58)


100x Flaky test runner
https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/2801

---------

Co-authored-by: kibanamachine <[email protected]>

This PR is a simple update of our versions file after the recent bumps.

…nd repo (#164216)

Automated by https://buildkite.com/elastic/cloud-defend/builds/2061

Co-authored-by: sec_cloudnative_integrations <[email protected]>

…utside timerange of global time picker (#163887)

Closes #163614

PR resolves issue by only adding global time filter to CSV export body
when saved search embeddable does not have time range.

---------

Co-authored-by: kibanamachine <[email protected]>

Generated by
https://buildkite.com/elastic/kibana-api-docs-daily/builds/433

… Anomaly explorer (#163625)

…server (#164225)

## Summary

Increase the stability of Osquery Cypress by stopping the installation
of Osquery on the Fleet server and creating another Agent policy and
enrolling another elastic agent instead

## Summary

Closes #121051

I'm not seeing flakiness in the test suite after enabling all the tests.

Test suite: `test/api_integration/config.js`
Test runs:
*
https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/2904
*
https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/2917

## Summary

This disables the crawler if Enterprise Search is not available on the
new overview page.

… depending on the PLI (#163602)

## Summary

Generates empty array when the PLI don't meet the requirement. It end up
having empty fleet artifacts for those cannot be generated.

It also adds new test cases

---------

Co-authored-by: Kibana Machine <[email protected]>

…m `elasticInternalOrigin` (#163796)

## Summary

Closes #163678

* Raise the notion of "internal" into `CoreKibanaRequest`. This enables
us to share this with lifecycle handlers and control validation of query
params
* Added new `isInternalRequest` alongside `isSystemRequest` and
`isFakeRequest`
* Slight simplification to existing internal restriction check
* Some other chores and minor fixes

## Test

* Start ES with `yarn es serverless` and Kibana with `yarn start
--serverless --server.restrictInternalApis=true`
* Add the service account token to `kibana.dev.yml`:
`elasticsearch.serviceAccountToken: <SAT>`
* Send a request to an internal endpoint like: `curl -XPOST
-uelastic:changeme http://localhost:5601/<base-path>/api/files/find -H
'kbn-xsrf: foo' -H 'content-type: application/json' -d '{}'`
    * Should give you a 400 result
* message like `{"statusCode":400,"error":"Bad Request","message":"uri
[http://localhost:5603/api/files/find] with method [post] exists but is
not available with the current configuration"}`
* Send the same request, but include the query param:
`elasticInternalOrigin=true`
   *  Should give you a 200 result

---------

Co-authored-by: kibanamachine <[email protected]>

This PR drafts openAPI specifications for:

- [Delete runtime field
API](https://www.elastic.co/guide/en/kibana/master/data-views-runtime-field-api-delete.html).
- [Update runtime field
API](https://www.elastic.co/guide/en/kibana/master/data-views-runtime-field-api-update.html)

Relates to #137240

## Summary

Closes #164146

Changes the remaining TSVB panel to a by value Lens metric.
<img width="1652" alt="Screenshot 2023-08-17 at 6 10 06 PM"
src="https://github.com/elastic/kibana/assets/17003240/538b4bfb-5066-4a93-a16c-4d748b29ea7c">

### How to test
Remove the ecommerce dataset and reinstall it

)

We currently separate e2e tests into `power_user` tests and
`read_only_user` tests. We often want to test different permissions
within the same tests, so the distinction becomes a barrier rather than
a help. This PR removed the folders and combines all tests regardless of
which user they run as.

## Summary

Fixes #163971 

Reduces the impact of the ES promotion issue coming from the ES TSDB
downsampling bug to only downsampling tests and not the entire TSDB
suite.


### Checklist

Delete any items that are not applicable to this PR.

- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [ ] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [ ] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)


### Risk Matrix

Delete this section if it is not applicable to this PR.

Before closing this PR, invite QA, stakeholders, and other developers to
identify risks that should be tested prior to the change/feature
release.

When forming the risk matrix, consider some of the following examples
and how they may potentially impact the change:

| Risk | Probability | Severity | Mitigation/Notes |

|---------------------------|-------------|----------|-------------------------|
| Multiple Spaces—unexpected behavior in non-default Kibana Space.
| Low | High | Integration tests will verify that all features are still
supported in non-default Kibana Space and when user switches between
spaces. |
| Multiple nodes—Elasticsearch polling might have race conditions
when multiple Kibana nodes are polling for the same tasks. | High | Low
| Tasks are idempotent, so executing them multiple times will not result
in logical error, but will degrade performance. To test for this case we
add plenty of unit tests around this logic and document manual testing
procedure. |
| Code should gracefully handle cases when feature X or plugin Y are
disabled. | Medium | High | Unit tests will verify that any feature flag
or plugin combination still results in our service operational. |
| [See more potential risk
examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |


### For maintainers

- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)

Removes `coming` tag from the 8.9.1 release notes.

Removes all clone by reference functionality on the Dashboard. This means that we no longer have any `savedObjectsClient` usage in the browser side.

…e case insensitive (#164200)

## Summary

This fixes a bug where Windows and Mac Blocklist file path entries
should be passed as case insensitive. This is because Mac and Windows
are caseless for most use cases.

Bug ticket: #158581

Here is how it will be displayed in the UI:
<img width="1728" alt="image"
src="https://github.com/elastic/kibana/assets/56395104/a3006397-f49e-4de0-818d-94e2de20dba3">

Here are the breakdown of the artifacts after the fix:

Linux:
```
-------------------------------------------------------------------
Policy:   Protect
Manifest: 1.0.6 | v1
Artifact: endpoint-blocklist-linux-v1
          Relative URL:   /api/fleet/artifacts/endpoint-blocklist-linux-v1/f33e6890aeced00861c26a08121dd42d2d29ba08abfeb3c065d0447e32e18640
          Encoded SHA256: a907835be40af89b8b7aa23a6efc66c01ceaa5a19622edd378139319f3ca5fa0
          Decoded SHA256: f33e6890aeced00861c26a08121dd42d2d29ba08abfeb3c065d0447e32e18640
-------------------------------------------------------------------

{
  "entries": [
    {
      "type": "simple",
      "entries": [
        {
          "field": "file.path",
          "operator": "included",
          "type": "exact_cased_any",
          "value": [
            "/opt/bin/bin.exe"
          ]
        }
      ]
    }
  ]
}
```

Mac:
```
-------------------------------------------------------------------
Policy:   Protect
Manifest: 1.0.6 | v1
Artifact: endpoint-blocklist-macos-v1
          Relative URL:   /api/fleet/artifacts/endpoint-blocklist-macos-v1/b28e7978da4314ebc2c94770e0638fc4b2270f9dc17a11d6d32b8634b1fbec0f
          Encoded SHA256: 4f3e80d688f5cae4bf6a88b0704e37909f9fa4f47fe8325b7b154cddd46a2db9
          Decoded SHA256: b28e7978da4314ebc2c94770e0638fc4b2270f9dc17a11d6d32b8634b1fbec0f
-------------------------------------------------------------------

{
  "entries": [
    {
      "type": "simple",
      "entries": [
        {
          "field": "file.path",
          "operator": "included",
          "type": "exact_caseless_any",
          "value": [
            "/opt/exe.exe"
          ]
        }
      ]
    }
```

Windows:
```
-------------------------------------------------------------------
Policy:   Protect
Manifest: 1.0.6 | v1
Artifact: endpoint-blocklist-windows-v1
          Relative URL:   /api/fleet/artifacts/endpoint-blocklist-windows-v1/2a6fcc67c696ad4e29d91f8b685bff46977198cd34b9a61e8003d55b78dff6ac
          Encoded SHA256: c6e045fce97651336eeb400f0123541475b940e3aa38ce721f299585683da288
          Decoded SHA256: 2a6fcc67c696ad4e29d91f8b685bff46977198cd34b9a61e8003d55b78dff6ac
-------------------------------------------------------------------

{
  "entries": [
    {
      "type": "simple",
      "entries": [
        {
          "field": "file.path",
          "operator": "included",
          "type": "exact_caseless_any",
          "value": [
            "C:\\path\\path.exe"
          ]
        }
      ]
    }
  ]
}
```

### Checklist

Delete any items that are not applicable to this PR.

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: kibanamachine <[email protected]>

## Summary

It adds 8.10 into the .backportrc config file

Co-authored-by: Tiago Costa <[email protected]>

**Fixes:** #164056

## Summary

This PR fixes [value_lists.cy.ts](https://github.com/elastic/kibana/blob/main/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists/value_lists.cy.ts) tests flakiness.

## The flakiness reason

Value list items are processed in a bulk via bulk creation and `refresh=wait_for` is [used](https://github.com/elastic/kibana/blob/main/x-pack/plugins/lists/server/services/items/create_list_items_bulk.ts#L87). The problem it returns sometimes earlier than data is available. [Bulk API docs](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#bulk-refresh) say the following

> Only the shards that receive the bulk request will be affected by refresh. Imagine a _bulk?refresh=wait_for request with three documents in it that happen to be routed to different shards in an index with five shards. The request will only wait for those three shards to refresh. The other two shards that make up the index do not participate in the _bulk request at all.

While (it seems) only one shard is used in tests but it still cause issues (approx. 1 test per 50 fails) so adding explicit index refresh helps to get rid of flakiness.

## Flaky test runner

[value_lists.cy.ts (150 runs)](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/2924) 🟢

Co-authored-by: Dima Arnautov <[email protected]>

## Summary

close #88639

10 🟢 runs
https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/2926
40 🟢 runs
https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/2928

## Summary

This PR cleans up how config settings are used as conditionals in the
Reporting plugin startup phase.

The existing code is correct, but it's heavily aligned to certain
business requirements that might not be understood by a reader.

The change in the PR uses simpler conditionals that are separated from
internal business decisions. The result should be clearer readability of
the code.

If an unhandled error occurs, it will break the diagnostics bundle. This
change will log errors and then swallow them.
This should go out in 8.10 since it is already affecting users.

## Summary

Specifying a `refresh_interval` below 5s is no longer allowed with es
serverless. This PR removes the explicit `refresh_interval` from the
session index.

Work done in #151800 makes
specifying a `refresh_interval` unnecessary.

## Flaky Test Runner
[Session Tests x50
ea](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/2932)
🟢

Co-authored-by: Kibana Machine <[email protected]>

…e/rule_creation/custom_query_rule.cy.ts` (#164312)

## Summary

This PR fixes "burning" test
`x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule.cy.ts`
(`'Allows a rule to be edited'`).

Failing job
https://buildkite.com/elastic/kibana-pull-request/builds/151789#018a1792-bf45-4a4e-bf54-8372468d4cfd

More details in slack
https://elastic.slack.com/archives/C056TQ5J81Y/p1692621948405779

Related to elastic/response-ops-team#124

## Summary

Fixes tests that had an interval less than 1m

…_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule·cy·ts - Custom query rules Custom detection rules deletion and edition Deletion Deletes one rule from detail page Deletes one rule from detail page #163977 (#164327)

## Summary

Fixes: #163977
Fixes: #163568

These changes fix the issue with actions popover and the way we check
whether it is closed on rule's detail page.

The issue happens due to the fact that after we closed the popover we
should be testing `should('not.exist')` instead of
`should('not.be.visible')`.

…ewer cypress test (#164283)

## Summary

Fixes: #162569
Fixes: #164061
Fixes: #164058
Fixes: #163546
Fixes: #162669

We tried to fix the issue with this PR
#162839 but test failed again.

This is another attempt to fix it using the @jpdjere's approach where we
disable rule's table refreshing
(#163698).

## Summary


[Staging](https://telemetry-v2-staging.elastic.dev/s/securitysolution/app/r/s/1rf1f)



https://github.com/elastic/kibana/assets/6295984/50d4fbbd-2ce4-4fb7-be73-e33bb242a261


```
{
    "timestamp": "2023-08-15T13:39:27.513Z",
    "event_type": "Data Quality Index Checked",
    "context": {
        "isDev": true,
        "isDistributable": false,
        "version": "8.10.0",
        "branch": "main",
        "buildNum": 9007199254740991,
        "buildSha": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "session_id": "99ed0d92-71f7-4e48-bdbb-a03bb8ac31e3",
        "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36",
        "preferred_language": "en-US",
        "preferred_languages": [
            "en-US",
            "en"
        ],
        "viewport_width": 2560,
        "viewport_height": 934,
        "cluster_name": "elasticsearch",
        "cluster_uuid": "efIxsMivQne1nV2Y44MW5A",
        "cluster_version": "8.10.0-SNAPSHOT",
        "pageName": "application:securitySolutionUI:/data_quality",
        "applicationId": "securitySolutionUI",
        "page": "/data_quality",
        "entityId": "new",
        "page_title": "Elastic",
        "page_url": "/app/security/data_quality#?_g=(filters:!(),refreshInterval:(pause:!t,value:60000),time:(from:now-15m,to:now))&_a=(columns:!(),filters:!(),index:security-solution-default,interval:auto,query:(language:kuery,query:''),sort:!(!('@timestamp',desc)))",
        "license_id": "d8d531da-1994-4e24-a4cc-13d7ea30c339",
        "license_status": "active",
        "license_type": "trial",
        "labels": {
            "serverless": "security"
        },
        "userId": "986051385feae5b9850804db2d701c0b029ad24f09bce340c12aee7a5c8a0391",
        "isElasticCloudUser": false
    },
    "properties": {
        "batchId": "5d0d6127-4b9b-47af-8bb1-96e90fcdbb31",
        "ecsVersion": "8.6.1",
        "errorCount": 0,
        "ilmPhase": "hot",
        "indexId": "WxZsLLXbR9qeroNaFeY1wg",
        "indexName": ".internal.alerts-security.alerts-default-000001",
        "isCheckAll": true,
        "numberOfDocuments": 7834,
        "numberOfIncompatibleFields": 0,
        "numberOfIndices": 1,
        "numberOfIndicesChecked": 1,
        "sizeInBytes": 15097503,
        "timeConsumedMs": 151,
        "unallowedMappingFields": [],
        "unallowedValueFields": []
    }
}


{
    "timestamp": "2023-08-15T13:39:30.637Z",
    "event_type": "Data Quality Index Checked",
    "context": {
        "isDev": true,
        "isDistributable": false,
        "version": "8.10.0",
        "branch": "main",
        "buildNum": 9007199254740991,
        "buildSha": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "session_id": "99ed0d92-71f7-4e48-bdbb-a03bb8ac31e3",
        "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36",
        "preferred_language": "en-US",
        "preferred_languages": [
            "en-US",
            "en"
        ],
        "viewport_width": 2560,
        "viewport_height": 934,
        "cluster_name": "elasticsearch",
        "cluster_uuid": "efIxsMivQne1nV2Y44MW5A",
        "cluster_version": "8.10.0-SNAPSHOT",
        "pageName": "application:securitySolutionUI:/data_quality",
        "applicationId": "securitySolutionUI",
        "page": "/data_quality",
        "entityId": "new",
        "page_title": "Elastic",
        "page_url": "/app/security/data_quality#?_g=(filters:!(),refreshInterval:(pause:!t,value:60000),time:(from:now-15m,to:now))&_a=(columns:!(),filters:!(),index:security-solution-default,interval:auto,query:(language:kuery,query:''),sort:!(!('@timestamp',desc)))",
        "license_id": "d8d531da-1994-4e24-a4cc-13d7ea30c339",
        "license_status": "active",
        "license_type": "trial",
        "labels": {
            "serverless": "security"
        },
        "userId": "986051385feae5b9850804db2d701c0b029ad24f09bce340c12aee7a5c8a0391",
        "isElasticCloudUser": false
    },
    "properties": {
        "batchId": "5d0d6127-4b9b-47af-8bb1-96e90fcdbb31",
        "ecsVersion": "8.6.1",
        "errorCount": 0,
        "ilmPhase": "unmanaged",
        "indexId": "AoyctcRqTKG8HvUVmpuzEA",
        "indexName": "auditbeat-custom-index-1",
        "isCheckAll": true,
        "numberOfDocuments": 4,
        "numberOfIncompatibleFields": 3,
        "numberOfIndices": 1,
        "numberOfIndicesChecked": 1,
        "sizeInBytes": 28417,
        "timeConsumedMs": 69,
        "unallowedMappingFields": [
            "host.name",
            "source.ip"
        ],
        "unallowedValueFields": [
            "event.category"
        ]
    }
}


{
    "timestamp": "2023-08-15T13:39:33.806Z",
    "event_type": "Data Quality Index Checked",
    "context": {
        "isDev": true,
        "isDistributable": false,
        "version": "8.10.0",
        "branch": "main",
        "buildNum": 9007199254740991,
        "buildSha": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "session_id": "99ed0d92-71f7-4e48-bdbb-a03bb8ac31e3",
        "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36",
        "preferred_language": "en-US",
        "preferred_languages": [
            "en-US",
            "en"
        ],
        "viewport_width": 2560,
        "viewport_height": 934,
        "cluster_name": "elasticsearch",
        "cluster_uuid": "efIxsMivQne1nV2Y44MW5A",
        "cluster_version": "8.10.0-SNAPSHOT",
        "pageName": "application:securitySolutionUI:/data_quality",
        "applicationId": "securitySolutionUI",
        "page": "/data_quality",
        "entityId": "new",
        "page_title": "Elastic",
        "page_url": "/app/security/data_quality#?_g=(filters:!(),refreshInterval:(pause:!t,value:60000),time:(from:now-15m,to:now))&_a=(columns:!(),filters:!(),index:security-solution-default,interval:auto,query:(language:kuery,query:''),sort:!(!('@timestamp',desc)))",
        "license_id": "d8d531da-1994-4e24-a4cc-13d7ea30c339",
        "license_status": "active",
        "license_type": "trial",
        "labels": {
            "serverless": "security"
        },
        "userId": "986051385feae5b9850804db2d701c0b029ad24f09bce340c12aee7a5c8a0391",
        "isElasticCloudUser": false
    },
    "properties": {
        "batchId": "5d0d6127-4b9b-47af-8bb1-96e90fcdbb31",
        "ecsVersion": "8.6.1",
        "errorCount": 0,
        "ilmPhase": "hot",
        "indexId": "56NqQP_eSNCnesjLPmoe1g",
        "indexName": ".ds-auditbeat-8.7.1-2023.08.14-000001",
        "isCheckAll": true,
        "numberOfDocuments": 13593,
        "numberOfIncompatibleFields": 0,
        "numberOfIndices": 1,
        "numberOfIndicesChecked": 1,
        "sizeInBytes": 10588378,
        "timeConsumedMs": 134,
        "unallowedMappingFields": [],
        "unallowedValueFields": []
    }
}


{
    "timestamp": "2023-08-15T13:39:37.013Z",
    "event_type": "Data Quality Index Checked",
    "context": {
        "isDev": true,
        "isDistributable": false,
        "version": "8.10.0",
        "branch": "main",
        "buildNum": 9007199254740991,
        "buildSha": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "session_id": "99ed0d92-71f7-4e48-bdbb-a03bb8ac31e3",
        "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36",
        "preferred_language": "en-US",
        "preferred_languages": [
            "en-US",
            "en"
        ],
        "viewport_width": 2560,
        "viewport_height": 934,
        "cluster_name": "elasticsearch",
        "cluster_uuid": "efIxsMivQne1nV2Y44MW5A",
        "cluster_version": "8.10.0-SNAPSHOT",
        "pageName": "application:securitySolutionUI:/data_quality",
        "applicationId": "securitySolutionUI",
        "page": "/data_quality",
        "entityId": "new",
        "page_title": "Elastic",
        "page_url": "/app/security/data_quality#?_g=(filters:!(),refreshInterval:(pause:!t,value:60000),time:(from:now-15m,to:now))&_a=(columns:!(),filters:!(),index:security-solution-default,interval:auto,query:(language:kuery,query:''),sort:!(!('@timestamp',desc)))",
        "license_id": "d8d531da-1994-4e24-a4cc-13d7ea30c339",
        "license_status": "active",
        "license_type": "trial",
        "labels": {
            "serverless": "security"
        },
        "userId": "986051385feae5b9850804db2d701c0b029ad24f09bce340c12aee7a5c8a0391",
        "isElasticCloudUser": false
    },
    "properties": {
        "batchId": "5d0d6127-4b9b-47af-8bb1-96e90fcdbb31",
        "ecsVersion": "8.6.1",
        "errorCount": 0,
        "ilmPhase": "hot",
        "indexId": "hjnJ8WyPR5uTLw3fBISMmA",
        "indexName": ".ds-packetbeat-8.8.0-2023.08.14-000001",
        "isCheckAll": true,
        "numberOfDocuments": 318749,
        "numberOfIncompatibleFields": 0,
        "numberOfIndices": 1,
        "numberOfIndicesChecked": 1,
        "sizeInBytes": 165604512,
        "timeConsumedMs": 157,
        "unallowedMappingFields": [],
        "unallowedValueFields": []
    }
}


{
    "timestamp": "2023-08-15T13:39:37.013Z",
    "event_type": "Data Quality Check All Completed",
    "context": {
        "isDev": true,
        "isDistributable": false,
        "version": "8.10.0",
        "branch": "main",
        "buildNum": 9007199254740991,
        "buildSha": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "session_id": "99ed0d92-71f7-4e48-bdbb-a03bb8ac31e3",
        "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36",
        "preferred_language": "en-US",
        "preferred_languages": [
            "en-US",
            "en"
        ],
        "viewport_width": 2560,
        "viewport_height": 934,
        "cluster_name": "elasticsearch",
        "cluster_uuid": "efIxsMivQne1nV2Y44MW5A",
        "cluster_version": "8.10.0-SNAPSHOT",
        "pageName": "application:securitySolutionUI:/data_quality",
        "applicationId": "securitySolutionUI",
        "page": "/data_quality",
        "entityId": "new",
        "page_title": "Elastic",
        "page_url": "/app/security/data_quality#?_g=(filters:!(),refreshInterval:(pause:!t,value:60000),time:(from:now-15m,to:now))&_a=(columns:!(),filters:!(),index:security-solution-default,interval:auto,query:(language:kuery,query:''),sort:!(!('@timestamp',desc)))",
        "license_id": "d8d531da-1994-4e24-a4cc-13d7ea30c339",
        "license_status": "active",
        "license_type": "trial",
        "labels": {
            "serverless": "security"
        },
        "userId": "986051385feae5b9850804db2d701c0b029ad24f09bce340c12aee7a5c8a0391",
        "isElasticCloudUser": false
    },
    "properties": {
        "batchId": "5d0d6127-4b9b-47af-8bb1-96e90fcdbb31",
        "ecsVersion": "8.6.1",
        "isCheckAll": true,
        "numberOfDocuments": 340180,
        "numberOfIncompatibleFields": 3,
        "numberOfIndices": 4,
        "numberOfIndicesChecked": 4,
        "sizeInBytes": 191318810,
        "timeConsumedMs": 9651
    }
}
```




https://github.com/elastic/kibana/assets/6295984/5c977f60-e78d-426e-a682-46f7b1de4138

```
{
    "timestamp": "2023-08-15T13:42:47.777Z",
    "event_type": "Data Quality Index Checked",
    "context": {
        "isDev": true,
        "isDistributable": false,
        "version": "8.10.0",
        "branch": "main",
        "buildNum": 9007199254740991,
        "buildSha": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "session_id": "99ed0d92-71f7-4e48-bdbb-a03bb8ac31e3",
        "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36",
        "preferred_language": "en-US",
        "preferred_languages": [
            "en-US",
            "en"
        ],
        "viewport_width": 2560,
        "viewport_height": 934,
        "cluster_name": "elasticsearch",
        "cluster_uuid": "efIxsMivQne1nV2Y44MW5A",
        "cluster_version": "8.10.0-SNAPSHOT",
        "pageName": "application:securitySolutionUI:/data_quality",
        "applicationId": "securitySolutionUI",
        "page": "/data_quality",
        "entityId": "new",
        "page_title": "Elastic",
        "page_url": "/app/security/data_quality#?_g=(filters:!(),refreshInterval:(pause:!t,value:60000),time:(from:now-15m,to:now))&_a=(columns:!(),filters:!(),index:security-solution-default,interval:auto,query:(language:kuery,query:''),sort:!(!('@timestamp',desc)))",
        "license_id": "d8d531da-1994-4e24-a4cc-13d7ea30c339",
        "license_status": "active",
        "license_type": "trial",
        "labels": {
            "serverless": "security"
        },
        "userId": "986051385feae5b9850804db2d701c0b029ad24f09bce340c12aee7a5c8a0391",
        "isElasticCloudUser": false
    },
    "properties": {
        "batchId": "cb8c7d1d-d84c-41a3-8e9b-cb3991817df0",
        "ecsVersion": "8.6.1",
        "errorCount": 0,
        "ilmPhase": "hot",
        "indexId": "WxZsLLXbR9qeroNaFeY1wg",
        "indexName": ".internal.alerts-security.alerts-default-000001",
        "isCheckAll": false,
        "numberOfDocuments": 7834,
        "numberOfIncompatibleFields": 0,
        "numberOfIndices": 1,
        "numberOfIndicesChecked": 1,
        "sizeInBytes": 15097503,
        "timeConsumedMs": 121,
        "unallowedMappingFields": [],
        "unallowedValueFields": []
    }
}


{
    "timestamp": "2023-08-15T13:43:00.076Z",
    "event_type": "Data Quality Index Checked",
    "context": {
        "isDev": true,
        "isDistributable": false,
        "version": "8.10.0",
        "branch": "main",
        "buildNum": 9007199254740991,
        "buildSha": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "session_id": "99ed0d92-71f7-4e48-bdbb-a03bb8ac31e3",
        "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36",
        "preferred_language": "en-US",
        "preferred_languages": [
            "en-US",
            "en"
        ],
        "viewport_width": 2560,
        "viewport_height": 934,
        "cluster_name": "elasticsearch",
        "cluster_uuid": "efIxsMivQne1nV2Y44MW5A",
        "cluster_version": "8.10.0-SNAPSHOT",
        "pageName": "application:securitySolutionUI:/data_quality",
        "applicationId": "securitySolutionUI",
        "page": "/data_quality",
        "entityId": "new",
        "page_title": "Elastic",
        "page_url": "/app/security/data_quality#?_g=(filters:!(),refreshInterval:(pause:!t,value:60000),time:(from:now-15m,to:now))&_a=(columns:!(),filters:!(),index:security-solution-default,interval:auto,query:(language:kuery,query:''),sort:!(!('@timestamp',desc)))",
        "license_id": "d8d531da-1994-4e24-a4cc-13d7ea30c339",
        "license_status": "active",
        "license_type": "trial",
        "labels": {
            "serverless": "security"
        },
        "userId": "986051385feae5b9850804db2d701c0b029ad24f09bce340c12aee7a5c8a0391",
        "isElasticCloudUser": false
    },
    "properties": {
        "batchId": "ca4e6e41-0025-47c6-ab46-e4a7b6911b4f",
        "ecsVersion": "8.6.1",
        "errorCount": 0,
        "ilmPhase": "unmanaged",
        "indexId": "AoyctcRqTKG8HvUVmpuzEA",
        "indexName": "auditbeat-custom-index-1",
        "isCheckAll": false,
        "numberOfDocuments": 4,
        "numberOfIncompatibleFields": 3,
        "numberOfIndices": 1,
        "numberOfIndicesChecked": 1,
        "sizeInBytes": 28417,
        "timeConsumedMs": 91,
        "unallowedMappingFields": [
            "host.name",
            "source.ip"
        ],
        "unallowedValueFields": [
            "event.category"
        ]
    }
}
```

Closes #159641

Implements `/assets/services` endpoint that returns service assets found
in the configured source (signals or assets indices). Consumer can
provide a `parent` query to filter the returned services. While the
_assets_ mode supports any kind of parent/depth thanks to its common
interface, the _signals_ mode only supports host parent for the moment.

1. pull this branch and point it at an oblt-cli created cluster that
uses cross-cluster search to read from the edge cluster
2. add the following[1] to your kibana.yml file
3. hit
`/api/asset-manager/assets/services?from=<from>&to=<to>&(parent=<host>)?`.
services should be returned. Add/remove parent query string to filter
services only running on specific host.

[1]
```
xpack.assetManager:
  alphaEnabled: true
  sourceIndices:
    metrics: remote_cluster:metricbeat*,remote_cluster:metrics-*
    logs: remote_cluster:filebeat*,remote_cluster:logs-*
    traces: remote_cluster:traces-*
    serviceMetrics: remote_cluster:metrics-apm*
    serviceLogs: remote_cluster:logs-apm*
  lockedSource: signals
```

Co-authored-by: Kibana Machine <[email protected]>

Co-authored-by: Kibana Machine <[email protected]>
Co-authored-by: amyjtechwriter <[email protected]>

## Summary

Adds a filterlist entry for threat indicator match rules to the prebuilt
rule alert filterlist.
I will open an OOB artifact separately.

### Checklist

Delete any items that are not applicable to this PR.

- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [ ] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [ ] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)


### Risk Matrix

Delete this section if it is not applicable to this PR.

Before closing this PR, invite QA, stakeholders, and other developers to
identify risks that should be tested prior to the change/feature
release.

When forming the risk matrix, consider some of the following examples
and how they may potentially impact the change:

| Risk | Probability | Severity | Mitigation/Notes |

|---------------------------|-------------|----------|-------------------------|
| Multiple Spaces—unexpected behavior in non-default Kibana Space.
| Low | High | Integration tests will verify that all features are still
supported in non-default Kibana Space and when user switches between
spaces. |
| Multiple nodes—Elasticsearch polling might have race conditions
when multiple Kibana nodes are polling for the same tasks. | High | Low
| Tasks are idempotent, so executing them multiple times will not result
in logical error, but will degrade performance. To test for this case we
add plenty of unit tests around this logic and document manual testing
procedure. |
| Code should gracefully handle cases when feature X or plugin Y are
disabled. | Medium | High | Unit tests will verify that any feature flag
or plugin combination still results in our service operational. |
| [See more potential risk
examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |


### For maintainers

- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)

…default (#164343)

**Epic:** elastic/security-team#2905
(internal)

## Summary

Enables the Detections Coverage Overview dashboard feature flag by
default. We're aiming to release this feature in 8.10.

Before the last BC, we will:

- remove the flag if we're confident that we should release the feature
in 8.10
- otherwise, revert the flag back to `false` by default

…164359)

## Summary

This PR updates the COEOWNERS file by adding missing Cypress tests
folders owned by the @elastic/security-detection-engine team.

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Kibana Machine <[email protected]>

## Summary

We were using the feature Id to determine the alert indices, but we
realized that we should use the rule type id instead. Meaning that we
check which rule type does the user have access and then we get the
indices related to this rule type.

We also took advantage of the new suggestion abstraction of the search
bar components to remove the toaster of hell ->
#163003


### Checklist

- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: kibanamachine <[email protected]>

`v86.0.0`⏩`v87.1.0`

⚠️ The biggest set of type changes in this PR come from the breaking
change that makes `pageSize` and `pageSizeOptions` now optional props
for `EuiBasicTable.pagination`, `EuiInMemoryTable.pagination` and
`EuiDataGrid.pagination`.

This caused several other components that were cloning EUI's pagination
type to start throwing type warnings about `pageSize` being optional.
Where I came across these errors, I modified the extended types to
require `pageSize`. These types and their usages may end up changing
again in any case once the Shared UX team looks into
#56406.

---

## [`87.1.0`](https://github.com/elastic/eui/tree/v87.1.0)

- Updated the underlying library powering `EuiAutoSizer`. This primarily
affects typing around the `disableHeight` and `disableWidth` props
([#6798](elastic/eui#6798))
- Added new `EuiAutoSize`, `EuiAutoSizeHorizontal`, and
`EuiAutoSizeVertical` types to support `EuiAutoSizer`'s now-stricter
typing ([#6798](elastic/eui#6798))
- Updated `EuiDatePickerRange` to support `compressed` display
([#7058](elastic/eui#7058))
- Updated `EuiFlyoutBody` with a new `scrollableTabIndex` prop
([#7061](elastic/eui#7061))
- Added a new `panelMinWidth` prop to `EuiInputPopover`
([#7071](elastic/eui#7071))
- Added a new `inputPopoverProps` prop for `EuiRange`s and
`EuiDualRange`s with `showInput="inputWithPopover"` set
([#7082](elastic/eui#7082))

**Bug fixes**

- Fixed `EuiToolTip` overriding instead of merging its
`aria-describedby` tooltip ID with any existing `aria-describedby`s
([#7055](elastic/eui#7055))
- Fixed `EuiSuperDatePicker`'s `compressed` display
([#7058](elastic/eui#7058))
- Fixed `EuiAccordion` to remove tabbable children from sequential
keyboard navigation when the accordion is closed
([#7064](elastic/eui#7064))
- Fixed `EuiFlyout`s to accept custom `aria-describedby` IDs
([#7065](elastic/eui#7065))

**Accessibility**

- Removed the default `dialog` role and `tabIndex` from push
`EuiFlyout`s. Push flyouts, compared to overlay flyouts, require manual
accessibility management.
([#7065](elastic/eui#7065))

## [`87.0.0`](https://github.com/elastic/eui/tree/v87.0.0)

- Added beta `componentDefaults` prop to `EuiProvider`, which will allow
configuring certain default props globally. This list of components and
defaults is still under consideration.
([#6923](elastic/eui#6923))
- `EuiPortal`'s `insert` prop can now be configured globally via
`EuiProvider.componentDefaults`
([#6941](elastic/eui#6941))
- `EuiFocusTrap`'s `crossFrame` and `gapMode` props can now be
configured globally via `EuiProvider.componentDefaults`
([#6942](elastic/eui#6942))
- `EuiTablePagination`'s `itemsPerPage`, `itemsPerPageOptions`, and
`showPerPageOptions` props can now be configured globally via
`EuiProvider.componentDefaults`
([#6951](elastic/eui#6951))
- `EuiBasicTable`, `EuiInMemoryTable`, and `EuiDataGrid` now allow
`pagination.pageSize` to be undefined. If undefined, `pageSize` defaults
to `EuiTablePagination`'s `itemsPerPage` component default.
([#6993](elastic/eui#6993))
- `EuiBasicTable`, `EuiInMemoryTable`, and `EuiDataGrid`'s
`pagination.pageSizeOptions` will now fall back to
`EuiTablePagination`'s `itemsPerPageOptions` component default.
([#6993](elastic/eui#6993))
- Updated `EuiHeaderLinks`'s `gutterSize` spacings
([#7005](elastic/eui#7005))
- Updated `EuiHeaderAlert`'s stacking styles
([#7005](elastic/eui#7005))
- Added `toolTipProps` to `EuiListGroupItem` that allows customizing
item tooltips. ([#7018](elastic/eui#7018))
- Updated `EuiBreadcrumbs` to support breadcrumbs that toggle popovers
via `popoverContent` and `popoverProps`
([#7031](elastic/eui#7031))
- Improved the contrast ratio of disabled titles within `EuiSteps` and
`EuiStepsHorizontal` to meet WCAG AA guidelines.
([#7032](elastic/eui#7032))
- Updated `EuiSteps` and `EuiStepsHorizontal` to highlight and provide a
more clear visual indication of the current step
([#7048](elastic/eui#7048))

**Bug fixes**

- Single uses of `<EuiHeaderSectionItem side="right" />` now align right
as expected without needing a previous `side="left"` sibling.
([#7005](elastic/eui#7005))
- `EuiPageTemplate` now correctly displays `panelled={true}`
([#7044](elastic/eui#7044))

**Breaking changes**

- `EuiTablePagination`'s default `itemsPerPage` is now `10` (was
previously `50`). This can be configured through
`EuiProvider.componentDefaults`.
([#6993](elastic/eui#6993))
- `EuiTablePagination`'s default `itemsPerPageOptions` is now `[10, 25,
50]` (was previously `[10, 20, 50, 100]`). This can be configured
through `EuiProvider.componentDefaults`.
([#6993](elastic/eui#6993))
- Removed `border` prop from `EuiHeaderSectionItem` (unused since
Amsterdam theme) ([#7005](elastic/eui#7005))
- Removed `borders` object configuration from `EuiHeader.sections`
([#7005](elastic/eui#7005))

**CSS-in-JS conversions**

- Converted `EuiHeaderAlert` to Emotion; Removed unused
`.euiHeaderAlert__dismiss` CSS
([#7005](elastic/eui#7005))
- Converted `EuiHeaderSection`, `EuiHeaderSectionItem`, and
`EuiHeaderSectionItemButton` to Emotion
([#7005](elastic/eui#7005))
- Converted `EuiHeaderLinks` and `EuiHeaderLink` to Emotion; Removed
`$euiHeaderLinksGutterSizes` Sass variables
([#7005](elastic/eui#7005))
- Removed `$euiHeaderBackgroundColor` Sass variable; use
`$euiColorEmptyShade` instead
([#7005](elastic/eui#7005))
- Removed `$euiHeaderChildSize` Sass variable; use `$euiSizeXXL` instead
([#7005](elastic/eui#7005))

---------

Co-authored-by: Kibana Machine <[email protected]>
Co-authored-by: Patryk Kopyciński <[email protected]>

Generated by
https://buildkite.com/elastic/kibana-api-docs-daily/builds/437

## Summary

Relates to elastic/elasticsearch#98330

8.10 introduces a new method to configure remote clusters (API key
based), which will live next to the existing method (certificate based).
As a result, the ES remote cluster docs will be restructured. The deep
link from "[Alerting set
up](https://www.elastic.co/guide/en/kibana/current/alerting-setup.html#alerting-ccs-setup)"
to the setting up CCS privileges section in the ES docs will break (and
would potentially bring folks to the wrong page anyway).

This PR changes the link into a link to the higher-level remote cluster
docs, from where folks can click through to the section that is relevant
to them.

## Summary

Closes #162862 

Add a proxy selector for agent download sources. 

Selecting a proxy will set the agent.download.proxy_url field on the
agent policy (this can be checked in the "view full agent policy"
flyout). I have marked this functionality as beta as we currently can
only use the URL of the proxy, not the certificates or headers.

Editing a proxy should automatically update all associated policies
which use download sources with that proxy.

Deleting a proxy should remove the proxy from all associated policies. 

<img width="1789" alt="Screenshot 2023-08-17 at 14 41 58"
src="https://github.com/elastic/kibana/assets/3315046/7b1afb40-4b89-4509-89df-9850627d7257">


Verifying the field is set...


<img width="1788" alt="Screenshot 2023-08-17 at 14 43 38"
src="https://github.com/elastic/kibana/assets/3315046/81316dd1-dc8f-4120-9bbc-9e96e522ceda">


### Checklist

Delete any items that are not applicable to this PR.

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [x] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [x] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))

---------

Co-authored-by: kibanamachine <[email protected]>

… to fix flacky FTR tests (#164054)

## Summary

Fixing flaky FTR test where we need to navigate to the integrations page
from our onboarding views. Confirmed in the flaky test runner that with
the fix tests are not flaky anymore
https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/2901

fixes:
- #163950

---------

Co-authored-by: Kibana Machine <[email protected]>

…164268)

issue: #163458

## Summary

Update the global menu to reflect the latest changes to the security
solution menu.


## How to test it?
* start ESS kibana
* Open security solution
* Compare the global menu and the security solutions menu
* It should display the same item order


<img width="234" alt="Screenshot 2023-08-21 at 10 48 56"
src="https://github.com/elastic/kibana/assets/1490444/84716392-e15c-4377-9c55-51d8109afd40">
<img width="242" alt="Screenshot 2023-08-21 at 10 49 05"
src="https://github.com/elastic/kibana/assets/1490444/89f7516e-48f1-4f61-8272-2f6dd662b53e">

Automated by
https://internal-ci.elastic.co/job/package_storage/job/sync-bundled-packages-job/job/main/6309/

Co-authored-by: apmmachine <[email protected]>
Co-authored-by: Julia Bardi <[email protected]>
Co-authored-by: Kibana Machine <[email protected]>

Closes #161906
Related to:
elastic/observability-dev#2787
(_internal_)

This add a new plugin `apm_data_access` that contains the APM query
targets (indices to query for APM data).
This plugin can be consumed by apm and any other plugin, making it
possible for other plugins to know about the configured APM query
targets.



## Example:

APM query targets can be specified in kibana[.dev].yml using
`xpack.apm.indices.{dataset}: some-index-*` for instances:

```yml
xpack.apm.indices.transaction: apm-*
```

See all config options on:
https://www.elastic.co/guide/en/kibana/current/apm-settings-kb.html#general-apm-settings-kb

Query targets can also be specified via the UI (and persisted in a saved
object) via the settings page: `/app/apm/settings/apm-indices`

**Retrieving the query targets**
Query targets can be retrieved from other plugins via `getApmIndices`:
```ts
const apmIndices = await plugins.apmDataAccess.setup.getApmIndices(savedObjects.client); 
```

TODO:

- [x] Add SO client and fetch space aware index config (see
https://github.com/sqren/kibana/blob/4d7f626da020c156500f8bf52bf8861cde54b4f1/x-pack/plugins/apm/server/routes/settings/apm_indices/get_apm_indices.ts#L32-L44)
- [ ] Add simple APM client for querying apm data

---------

Co-authored-by: kibanamachine <[email protected]>

## Summary
upgrade `axios` to 1.4

- adjust to header usage, and config optionality
- Axios' adapters are now resolved from a string key by axios, no need
to import/instantiate adapters
- most of the changed code stems from changes in Axios' types
  - `response.config` is now optional
- there was a change in the type of AxiosHeaders <->
InternalAxiosHeaders

Closes: #162661 
Closes: #162414

---------

Co-authored-by: Kibana Machine <[email protected]>

This PR amends two constants for the CO2 emission and dollar cost
calculations to get more realistic results for the year 2023.

We identified a bug in the set up check where for admin users we should
also include the checks that were made in the step above.

We also decided to revert the changes in the package names.

---------

Co-authored-by: Francesco Gualazzi <[email protected]>

part of [#162898](#162898)

## Summary

This PR implements the new node details page for hosts. It uses the
Asset Details component, which is the same used in the Hosts View
flyout.


https://github.com/elastic/kibana/assets/2767137/0d3d2b2d-ed82-4275-b424-ddae82cdbddc

It **does not** change the behaviour of other asset types (kubernetes,
container, aws...). The main change this PR introduces is internalizing
the Data Views logic so that clients don't have to worry about passing
it to the Asset Details.

The fundamental change between flyout and page is the template.
Everything else is shared.

Functional tests will be added in a separate PR.

### How to test this PR
- Setup a local Kibana instance
- Navigate to `Infrastructure` > `Hosts`
  - Click on a host name and check if the new Node Details page opened
  - Return to the hosts page and open a flyout
- Click on `Open as page` and check if the new Node Details page opened
- Navigate to `Infrastructure` > `Inventory`
- With `Show: Host` selected, click on a waffle item to open the flyout,
click on `Open as page` and check if the new Node Details page opened
- Select another asset type in `Show` , open the flyout and check if the
old version of the Node Details Page will show

#### Storybook
`yarn storybook infra`


### For reviewers

Errors in the new page will be handled differently from what the current
Node Details page. i.e: accessing the page with invalid asset id, won't
show this page

<img width="1443" alt="image"
src="https://github.com/elastic/kibana/assets/2767137/93de3caf-ac63-4a34-a90d-226b212096fe">

---------

Co-authored-by: Kibana Machine <[email protected]>

Automated by
https://internal-ci.elastic.co/job/package_storage/job/sync-bundled-packages-job/job/main/6457/

Co-authored-by: apmmachine <[email protected]>

Co-authored-by: Kibana Machine <[email protected]>

In this PR, I'm adding a warning message to the docs for the
`xpack.alerting.rules.run.alerts.max` setting that indicates the
consequences when setting a value higher than the default, while also
indicating it's not supported.

<img width="862" alt="Screenshot 2023-08-21 at 5 03 52 PM"
src="https://github.com/elastic/kibana/assets/3694571/46a7f5d6-f6d5-475a-ab93-edf256eb9141">

cc @lcawl

---------

Co-authored-by: Lisa Cawley <[email protected]>

## Summary

Proposal to fix #164270

### Checklist

- [ ] Possibly evaluate the "verbosity" vs "troubleshoot-ability"
- [ ] Backport

Co-authored-by: Julia Bardi <[email protected]>

…avigation active sidenav section is auto opened on load (#162323)

## Summary

close #162781
Simulating flaky test run with for loop:
#162323 (comment)

#164335)

## Summary

Updates the docs links for Logstash and Kafka to point to new docs
pages.

Logstash docs link:

![image](https://github.com/elastic/kibana/assets/56395104/4b5c6962-bc2b-44f2-b2f3-ba15a9a57035)


![image](https://github.com/elastic/kibana/assets/56395104/862fa63b-9d3f-43ef-93d9-0e66f0913ffc)

Kafka docs link:

![image](https://github.com/elastic/kibana/assets/56395104/967c30d5-2354-4153-a2d6-3202a1e3f02f)


![image](https://github.com/elastic/kibana/assets/56395104/dae2d5d7-2083-43dc-8f55-c1b73a0ff19a)

### Checklist

- [x]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials

---------

Co-authored-by: Kibana Machine <[email protected]>

## Summary

Fixes a visual bug on product selector
![Screenshot 2023-08-21 at 15 24
23](https://github.com/elastic/kibana/assets/1410658/a51114a8-531f-46b4-aa0c-b027ff86c723)



### Checklist

Delete any items that are not applicable to this PR.

- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [ ] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [ ] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)


### Risk Matrix

Delete this section if it is not applicable to this PR.

Before closing this PR, invite QA, stakeholders, and other developers to
identify risks that should be tested prior to the change/feature
release.

When forming the risk matrix, consider some of the following examples
and how they may potentially impact the change:

| Risk | Probability | Severity | Mitigation/Notes |

|---------------------------|-------------|----------|-------------------------|
| Multiple Spaces—unexpected behavior in non-default Kibana Space.
| Low | High | Integration tests will verify that all features are still
supported in non-default Kibana Space and when user switches between
spaces. |
| Multiple nodes—Elasticsearch polling might have race conditions
when multiple Kibana nodes are polling for the same tasks. | High | Low
| Tasks are idempotent, so executing them multiple times will not result
in logical error, but will degrade performance. To test for this case we
add plenty of unit tests around this logic and document manual testing
procedure. |
| Code should gracefully handle cases when feature X or plugin Y are
disabled. | Medium | High | Unit tests will verify that any feature flag
or plugin combination still results in our service operational. |
| [See more potential risk
examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |


### For maintainers

- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)

…64404)

## Summary

Closes #158851

Updates assertion for the split field test.

…ig file (#163929)

## Summary

It seems beneficial to have feature flag tests in a separate test config
file
 - tests are still run on Kibana CI automatically
- tests are not run on MKI projects automatically, but you can deploy
custom project and run tests via feature flags config

All the feature flags within the same project should be places in the
same config to make sure there is no arguments conflict.
When the flag is moved to the yml configuration, we can rely on Kibana
CI and manually triggered deployment to make sure projects are
functioning correctly.

---------

Co-authored-by: Robert Oskamp <[email protected]>

The main question is here did I get the github team names correct for
fleet and security? Are there any other groups I am missing who will
have quality gates they want to see execute on every kibana release?

- The PR which registered the repo and controls who can write secrets to
vault was merged
[here](https://github.com/elastic/catalog-info/pull/488/files)
- Quality gate registration with argo deploy pipeline
[here](https://github.com/elastic/serverless-gitops/pull/586). Should
merge after this and pipelines are working.
- [this one](https://github.com/elastic/catalog-info/pull/485/files)
merges last and tells terrazzo about the catalog-info.yaml file with our
pipeline. Other pipelines should be migrated over but are not included
here.


Rel: https://github.com/elastic/ingest-dev/issues/2201
Rel: https://elasticco.atlassian.net/browse/QX-282

---------

Co-authored-by: Ramon Butter <[email protected]>

This change is related to this issue:
elastic/search-team#4440

 In this PR, we are moving error handler to selectors.

<img width="1249" alt="Screenshot 2023-08-16 at 6 04 38 PM"
src="https://github.com/elastic/kibana/assets/132922331/df2d4a6e-d677-4f61-952e-207cbc5c5955">

---------

Co-authored-by: kibanamachine <[email protected]>

## What does this PR do?
 *  Migrate all usages of EuiPage*_Deprecated in Watcher
 
## Issue References
 * #163070
 
## Video/Screenshot Demo


---
This code was written and reviewed by GitStart Community. Growing great
engineers, one PR at a time.

---------

Co-authored-by: LuisChiej <[email protected]>
Co-authored-by: gitstart_bot <[email protected]>
Co-authored-by: Yulia Cech <[email protected]>

part of #162898

## Summary

This PR adds a functional test for the Node Details page using the Asset
Details component. It also refactors the Hosts View flyout test cases,
limiting them to high-level checks. The focus of Hosts View test focuses
on the page's own functionalities

Detailed Asset Details-related tests will be implemented in the Node
Details test suite.


### How to test

 ```bash
yarn test:ftr:server --config
x-pack/test/functional/apps/infra/config.ts
```


```bash
node scripts/functional_test_runner
--config=x-pack/test/functional/apps/infra/config.ts --include
x-pack/test/functional/apps/infra/hosts_view.ts
```

```bash
node scripts/functional_test_runner
--config=x-pack/test/functional/apps/infra/config.ts --include
x-pack/test/functional/apps/infra/node_details.ts
```

…data sets (#164332)

Follow up to #119635
All modules which contain a query in their manifest file should have a
filter to avoid querying cold and frozen tiers.
The original PR did not include the sample data sets as it was assumed
it was not necessary due to these data sets never being added to cold or
frozen tiers.
However it was overlooked that these queries will be run on any index
pattern passed to the `/internal/ml/modules/recognize` endpoint and so
has the potential to negatively impact the speed of all calls to this
endpoint, especially if the index pattern contains multiple indices and
wildcards.

…r serverless pages (#164309)

issue: #164306

## Summary
Add <TrackApplicationView> telemetry to serverless-specific Security
pages
Pages: Investigations, Assets, ML, Project Settings.

## How to test it
* Visit Investigations, Assets, ML, and Project Settings.
When you navigate between pages the app should log "Reporting
application usage for securitySolutionUI, {PAGE}" like it does for the
other pages

---------

Co-authored-by: kibanamachine <[email protected]>