[7.7] bc5 siem rules merge (#62679)

[spong]

Backports the following commits to 7.7:

• bc5 siem rules merge (bc5 siem rules merge #62679)

[kibanamachine]

💛 Build succeeded, but was flaky

• continuous-integration/kibana-ci/pull-request
• Commit: ce870c9
• Flaky suites:
  • xpack-kibana-ciGroup10

---

Test Failures

Kibana Pipeline / kibana-xpack-agent / Chrome X-Pack UI Functional Tests.x-pack/test/functional_with_es_ssl/apps/triggers_actions_ui/details·ts.Actions and Triggers app Alert Details Alert Instance Pagination renders the first page

Link to Jenkins

Standard Out

Failed Tests Reporter:
  - Test has failed 1 times on tracked branches: https://github.com/elastic/kibana/issues/62676

[00:00:00]       │
[00:00:00]         └-: Actions and Triggers app
[00:00:00]           └-> "before all" hook
[00:05:33]           └-: Alert Details
[00:05:33]             └-> "before all" hook
[00:06:56]             └-: Alert Instance Pagination
[00:06:56]               └-> "before all" hook
[00:06:56]               └-> "before all" hook
[00:06:56]                 │ debg navigating to triggersActions url: http://localhost:61101/app/kibana#/management/kibana/triggersActions
[00:06:56]                 │ debg Navigate to: http://localhost:61101/app/kibana#/management/kibana/triggersActions
[00:06:56]                 │ debg ... sleep(700) start
[00:06:56]                 │ debg browser[INFO] http://localhost:61101/app/kibana?_t=1586232618561#/management/kibana/triggersActions 341 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.
[00:06:56]                 │
[00:06:56]                 │ debg browser[INFO] http://localhost:61101/bundles/app/kibana/bootstrap.js 9:19 "^ A single error about an inline script not firing due to content security policy is expected!"
[00:06:57]                 │ debg ... sleep(700) end
[00:06:57]                 │ debg returned from get, calling refresh
[00:06:57]                 │ debg browser[INFO] http://localhost:61101/app/kibana?_t=1586232618561#/management/kibana/triggersActions 341 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.
[00:06:57]                 │
[00:06:57]                 │ debg browser[INFO] http://localhost:61101/bundles/app/kibana/bootstrap.js 9:19 "^ A single error about an inline script not firing due to content security policy is expected!"
[00:06:58]                 │ debg currentUrl = http://localhost:61101/app/kibana#/management/kibana/triggersActions
[00:06:58]                 │          appUrl = http://localhost:61101/app/kibana#/management/kibana/triggersActions
[00:06:58]                 │ debg TestSubjects.find(kibanaChrome)
[00:06:58]                 │ debg Find.findByCssSelector('[data-test-subj="kibanaChrome"]') with timeout=60000
[00:07:00]                 │ debg TestSubjects.find(kibanaChrome)
[00:07:00]                 │ debg Find.findByCssSelector('[data-test-subj="kibanaChrome"]') with timeout=10000
[00:07:00]                 │ debg browser[INFO] http://localhost:61101/bundles/kbn-ui-shared-deps/kbn-ui-shared-deps.js 380:106452 "INFO: 2020-04-07T04:10:21Z
[00:07:00]                 │        Adding connection to http://localhost:61101/elasticsearch
[00:07:00]                 │
[00:07:00]                 │      "
[00:07:00]                 │ debg ... sleep(501) start
[00:07:01]                 │ debg ... sleep(501) end
[00:07:01]                 │ debg in navigateTo url = http://localhost:61101/app/kibana#/management/kibana/triggersActions/alerts
[00:07:01]                 │ debg TestSubjects.exists(statusPageContainer)
[00:07:01]                 │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="statusPageContainer"]') with timeout=2500
[00:07:03]                 │ debg --- retry.tryForTime error: [data-test-subj="statusPageContainer"] is not displayed
[00:07:04]                 │ debg creating action server-log-d3c531d8-7788-4221-aa4f-470982afbffb-0
[00:07:04]                 │ debg creating action server-log-d3c531d8-7788-4221-aa4f-470982afbffb-1
[00:07:04]                 │ debg created action f545bf2e-d5f2-45c7-9844-aa636daf18df
[00:07:04]                 │ debg created action 01e4e4c0-eba7-4c9c-bb24-7b5611938d78
[00:07:04]                 │ debg creating alert test-alert-d3c531d8-7788-4221-aa4f-470982afbffb
[00:07:06]                 │ debg created alert a5e90779-8f0c-4dde-b0ef-a4ce6fd03019
[00:07:06]                 │ debg isGlobalLoadingIndicatorVisible
[00:07:06]                 │ debg TestSubjects.exists(globalLoadingIndicator)
[00:07:06]                 │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="globalLoadingIndicator"]') with timeout=1500
[00:07:06]                 │ debg browser[INFO] http://localhost:61101/app/kibana?_t=1586232618561#/management/kibana/triggersActions/alerts 341 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.
[00:07:06]                 │
[00:07:06]                 │ debg browser[INFO] http://localhost:61101/bundles/app/kibana/bootstrap.js 9:19 "^ A single error about an inline script not firing due to content security policy is expected!"
[00:07:08]                 │ debg browser[INFO] http://localhost:61101/bundles/kbn-ui-shared-deps/kbn-ui-shared-deps.js 380:106452 "INFO: 2020-04-07T04:10:30Z
[00:07:08]                 │        Adding connection to http://localhost:61101/elasticsearch
[00:07:08]                 │
[00:07:08]                 │      "
[00:07:08]                 │ debg --- retry.tryForTime error: [data-test-subj="globalLoadingIndicator"] is not displayed
[00:07:09]                 │ debg TestSubjects.exists(globalLoadingIndicator-hidden)
[00:07:09]                 │ debg Find.existsByCssSelector('[data-test-subj="globalLoadingIndicator-hidden"]') with timeout=100000
[00:07:09]                 │ debg TestSubjects.exists(alertsList)
[00:07:09]                 │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="alertsList"]') with timeout=120000
[00:07:09]                 │ debg TestSubjects.find(alertSearchField)
[00:07:09]                 │ debg Find.findByCssSelector('[data-test-subj="alertSearchField"]') with timeout=10000
[00:07:10]                 │ debg Find.findByCssSelector('.euiBasicTable[data-test-subj="alertsList"]:not(.euiBasicTable-loading)') with timeout=10000
[00:07:10]                 │ debg Find.clickDisplayedByCssSelector('[data-test-subj="alertsList"] [title="test-alert-d3c531d8-7788-4221-aa4f-470982afbffb"]') with timeout=10000
[00:07:10]                 │ debg Find.displayedByCssSelector([data-test-subj="alertsList"] [title="test-alert-d3c531d8-7788-4221-aa4f-470982afbffb"])
[00:07:10]                 │ debg Find.findByCssSelector('[data-test-subj="alertsList"] [title="test-alert-d3c531d8-7788-4221-aa4f-470982afbffb"]') with timeout=10000
[00:07:10]                 │ debg Wait for element become visible: [data-test-subj="alertsList"] [title="test-alert-d3c531d8-7788-4221-aa4f-470982afbffb"] with timeout=10000
[00:07:11]                 │ debg getting alert a5e90779-8f0c-4dde-b0ef-a4ce6fd03019 state
[00:07:11]                 │ debg --- retry.try error: expected 0 to sort of equal 30
[00:07:11]                 │ debg getting alert a5e90779-8f0c-4dde-b0ef-a4ce6fd03019 state
[00:07:11]                 │ proc [kibana]   log   [04:10:33.584] [warning][actions][actions][plugins] Server log: from alert 1s
[00:07:11]                 │ proc [kibana]   log   [04:10:33.590] [warning][actions][actions][plugins] Server log: from alert 1s
[00:07:11]                 │ proc [kibana]   log   [04:10:33.596] [warning][actions][actions][plugins] Server log: from alert 1s
[00:07:11]                 │ proc [kibana]   log   [04:10:33.602] [warning][actions][actions][plugins] Server log: from alert 1s
[00:07:11]                 │ proc [kibana]   log   [04:10:33.608] [warning][actions][actions][plugins] Server log: from alert 1s
[00:07:11]                 │ proc [kibana]   log   [04:10:33.613] [warning][actions][actions][plugins] Server log: from alert 1s
[00:07:11]                 │ proc [kibana]   log   [04:10:33.620] [warning][actions][actions][plugins] Server log: from alert 1s
[00:07:11]                 │ proc [kibana]   log   [04:10:33.626] [warning][actions][actions][plugins] Server log: from alert 1s
[00:07:11]                 │ proc [kibana]   log   [04:10:33.632] [warning][actions][actions][plugins] Server log: from alert 1s
[00:07:11]               └-> renders the first page
[00:07:11]                 └-> "before each" hook: global before each
[00:07:11]                 │ debg TestSubjects.exists(alertInstancesList)
[00:07:11]                 │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="alertInstancesList"]') with timeout=120000
[00:07:11]                 │ proc [kibana]   log   [04:10:33.681] [warning][actions][actions][plugins] Server log: from alert 1s
[00:07:11]                 │ debg getting alert a5e90779-8f0c-4dde-b0ef-a4ce6fd03019 state
[00:07:11]                 │ debg Find.findByCssSelector('.euiBasicTable[data-test-subj="alertInstancesList"]:not(.euiBasicTable-loading)') with timeout=10000
[00:07:11]                 │ info Taking screenshot "/dev/shm/workspace/kibana/x-pack/test/functional/screenshots/failure/Actions and Triggers app Alert Details Alert Instance Pagination renders the first page.png"
[00:07:11]                 │ info Current URL is: http://localhost:61101/app/kibana#/management/kibana/triggersActions/alert/a5e90779-8f0c-4dde-b0ef-a4ce6fd03019
[00:07:12]                 │ info Saving page source to: /dev/shm/workspace/kibana/x-pack/test/functional/failure_debug/html/Actions and Triggers app Alert Details Alert Instance Pagination renders the first page.html
[00:07:12]                 └- ✖ fail: "Actions and Triggers app Alert Details Alert Instance Pagination renders the first page"
[00:07:12]                 │

Stack Trace

{ Error: expected 0 to sort of equal 10
    at Assertion.assert (/dev/shm/workspace/kibana/packages/kbn-expect/expect.js:100:11)
    at Assertion.eql (/dev/shm/workspace/kibana/packages/kbn-expect/expect.js:244:8)
    at Context.it (test/functional_with_es_ssl/apps/triggers_actions_ui/details.ts:482:33)
    at process._tickCallback (internal/process/next_tick.js:68:7) actual: '0', expected: '10', showDiff: true }

---

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream