Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[8.14] [Security Solution] - Security solution ES|QL configurable via advanced setting (#181616) #182510

Closed
wants to merge 1 commit into from
Closed

[8.14] [Security Solution] - Security solution ES|QL configurable via advanced setting (#181616) #182510

wants to merge 1 commit into from

Conversation

michaelolo24
Copy link
Contributor

Backport

This will backport the following commits from main to 8.14:

Questions ?

Please refer to the Backport tool documentation

@michaelolo24
[Security Solution] - Security solution ES|QL configurable via advanc…
924d51f 
…ed setting (elastic#181616)

## Summary

This PR links the ESQL functionality in security solution to the
`discover:enableESQL` advanced setting. The advanced setting will only
be present in ESS, but not serverless

The way this should work to maintain parity with the rest of Kibana such
as discover and stack rules:

- By default ES|QL will be enabled across all Kibana
- When the ES|QL advanced setting is disabled:
  - Timeline
    - ES|QL tab should not be accessible on any newly created timelines
- Existing Timelines with an ES|QL query should still have the tab
accessible
  - Rules
- New ES|QL rule should not be available to be created in the *Rule
Creation* workflow
    - Existing ES|QL rules should still run and be able to be edited

**Timeline Demo Video:**

https://github.com/elastic/kibana/assets/17211684/d5429be9-de37-43e2-882d-687b3371beb4

**Rules Demo Video:**

https://github.com/elastic/kibana/assets/17211684/7df2fd11-bd2b-4e50-ad97-b6e1d0f7867a

---------

Co-authored-by: Vitalii Dmyterko <[email protected]>
Co-authored-by: kibanamachine <[email protected]>
(cherry picked from commit 963391e)
@michaelolo24 michaelolo24 enabled auto-merge (squash) May 2, 2024 19:16
@michaelolo24 michaelolo24 mentioned this pull request May 2, 2024
Merged
@michaelolo24 michaelolo24 disabled auto-merge May 2, 2024 19:18
@elastic elastic deleted a comment from kibana-ci May 2, 2024
@michaelolo24 michaelolo24 deleted the backport/8.14/pr-181616 branch May 2, 2024 19:58
@kibana-ci
Copy link
Collaborator

kibana-ci commented May 2, 2024
edited
Loading

⏳ Build in-progress, with failures

Failed CI Steps

Test Failures

  • [job] [logs] Defend Workflows Cypress Tests on Serverless #8 / Agent Policy Settings - Complete Agent Tamper Protection is available with no upselling component present "before all" hook for "should display upselling section for protections" "before all" hook for "should display upselling section for protections"
  • [job] [logs] Defend Workflows Cypress Tests on Serverless #8 / Response actions history page "before all" hook for "retains expanded action details on page reload" "before all" hook for "retains expanded action details on page reload"
  • [job] [logs] Defend Workflows Cypress Tests on Serverless #12 / Response console File operations: "before all" hook for ""get-file --path" - should retrieve a file" "before all" hook for ""get-file --path" - should retrieve a file"
  • [job] [logs] Defend Workflows Cypress Tests on Serverless #13 / Response console Host Isolation: "before all" hook for "should isolate a host from response console" "before all" hook for "should isolate a host from response console"
  • [job] [logs] Defend Workflows Cypress Tests #2 / Response console Processes operations: "before all" hook for ""processes" - should obtain a list of processes" "before all" hook for ""processes" - should obtain a list of processes"
  • [job] [logs] Defend Workflows Cypress Tests on Serverless #14 / Response console Processes operations: "before all" hook for ""processes" - should obtain a list of processes" "before all" hook for ""processes" - should obtain a list of processes"
  • [job] [logs] Defend Workflows Cypress Tests #2 / When defining a kibana role for Endpoint security access "before all" hook for "should display RBAC entries with expected controls" "before all" hook for "should display RBAC entries with expected controls"

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@michaelolo24 @kibana-ci