Skip to content

[8.14] [Security Solution] - Security solution ES|QL configurable via advanced setting (#181616)#182517

Merged
michaelolo24 merged 3 commits intoelastic:8.14from
michaelolo24:backport/8.14/pr-181616
May 2, 2024
Merged

[8.14] [Security Solution] - Security solution ES|QL configurable via advanced setting (#181616)#182517
michaelolo24 merged 3 commits intoelastic:8.14from
michaelolo24:backport/8.14/pr-181616

Conversation

@michaelolo24
Copy link
Copy Markdown
Contributor

@michaelolo24 michaelolo24 commented May 2, 2024

Backport

This will backport the following commits from main to 8.14:

Questions ?

Please refer to the Backport tool documentation

@michaelolo24 @vitaliidm @kibanamachine
[Security Solution] - Security solution ES|QL configurable via advanc…
0d14044 
…ed setting (elastic#181616)

## Summary

This PR links the ESQL functionality in security solution to the
`discover:enableESQL` advanced setting. The advanced setting will only
be present in ESS, but not serverless

The way this should work to maintain parity with the rest of Kibana such
as discover and stack rules:

- By default ES|QL will be enabled across all Kibana
- When the ES|QL advanced setting is disabled:
  - Timeline
    - ES|QL tab should not be accessible on any newly created timelines
- Existing Timelines with an ES|QL query should still have the tab
accessible
  - Rules
- New ES|QL rule should not be available to be created in the *Rule
Creation* workflow
    - Existing ES|QL rules should still run and be able to be edited

**Timeline Demo Video:**

https://github.com/elastic/kibana/assets/17211684/d5429be9-de37-43e2-882d-687b3371beb4

**Rules Demo Video:**

https://github.com/elastic/kibana/assets/17211684/7df2fd11-bd2b-4e50-ad97-b6e1d0f7867a

---------

Co-authored-by: Vitalii Dmyterko <92328789+vitaliidm@users.noreply.github.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
(cherry picked from commit 963391e)
@michaelolo24 michaelolo24 added the backport This PR is a backport of another PR label May 2, 2024
@michaelolo24 michaelolo24 enabled auto-merge (squash) May 2, 2024 20:05
@michaelolo24 michaelolo24 mentioned this pull request May 2, 2024
Merged
@michaelolo24
Copy link
Copy Markdown
Contributor Author

michaelolo24 commented May 2, 2024

@elasticmachine merge upstream

@michaelolo24 michaelolo24 merged commit d6fa87e into elastic:8.14 May 2, 2024
@kibana-ci
Copy link
Copy Markdown

kibana-ci commented May 2, 2024

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #40 / discover/embeddable discover saved search embeddable can save a search embeddable with a defined rows per page number

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
securitySolution 5455 5454 -1

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 13.6MB 13.6MB +3.3KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
securitySolution 82.2KB 82.2KB -15.0B

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@szaffarano szaffarano mentioned this pull request Jul 12, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kqualters-elastic kqualters-elastic kqualters-elastic approved these changes

Assignees

No one assigned

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@michaelolo24 @kibana-ci @kqualters-elastic @kibanamachine