Closed
Conversation
# Backport This will backport the following commits from `main` to `9.1`: - [[Streams] Add Streamlang package (elastic#224915)](elastic#224915) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Kerry Gallagher","email":"kerry.gallagher@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T13:53:16Z","message":"[Streams] Add Streamlang package (elastic#224915)\n\n## Summary\n\nCloses https://github.com/elastic/kibana/issues/224412.\n\nNothing exciting here, this just adds a new package (via `node\nscripts/generate package`) for Streamlang.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"6023bf643e1e63d4a6fb2ac5c5c26e011062356a","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport:version","Feature:Streams","v9.1.0","v8.19.0","v9.2.0"],"title":"[Streams] Add Streamlang package","number":224915,"url":"https://github.com/elastic/kibana/pull/224915","mergeCommit":{"message":"[Streams] Add Streamlang package (elastic#224915)\n\n## Summary\n\nCloses https://github.com/elastic/kibana/issues/224412.\n\nNothing exciting here, this just adds a new package (via `node\nscripts/generate package`) for Streamlang.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"6023bf643e1e63d4a6fb2ac5c5c26e011062356a"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/224915","number":224915,"mergeCommit":{"message":"[Streams] Add Streamlang package (elastic#224915)\n\n## Summary\n\nCloses https://github.com/elastic/kibana/issues/224412.\n\nNothing exciting here, this just adds a new package (via `node\nscripts/generate package`) for Streamlang.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"6023bf643e1e63d4a6fb2ac5c5c26e011062356a"}}]}] BACKPORT--> Co-authored-by: Kerry Gallagher <kerry.gallagher@elastic.co>
…elastic#226211) # Backport This will backport the following commits from `main` to `9.1`: - [[ES|QL] fix: don't let clear ESQL control type (elastic#226122)](elastic#226122) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Sebastian Delle Donne","email":"sebastian.delledonne@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T13:32:03Z","message":"[ES|QL] fix: don't let clear ESQL control type (elastic#226122)\n\n## Summary\nWhen attempting to clear the control type an uncaught error occurs.\n```\nshared_form_components.tsx:56 Uncaught TypeError: Cannot read properties of undefined (reading 'key')\n at shared_form_components.tsx:56:1\n```\n\nAs the type is mandatory, make the select un-clearable.\n\n<img width=\"581\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/e7b10080-0886-4a03-b8eb-4b8cca597294\"\n/>","sha":"1b17e02ccbcaf04b4c16a2a75ba377441f50d2bc","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Feature:ES|QL","Team:ESQL","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[ES|QL] fix: don't let clear ESQL control type","number":226122,"url":"https://github.com/elastic/kibana/pull/226122","mergeCommit":{"message":"[ES|QL] fix: don't let clear ESQL control type (elastic#226122)\n\n## Summary\nWhen attempting to clear the control type an uncaught error occurs.\n```\nshared_form_components.tsx:56 Uncaught TypeError: Cannot read properties of undefined (reading 'key')\n at shared_form_components.tsx:56:1\n```\n\nAs the type is mandatory, make the select un-clearable.\n\n<img width=\"581\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/e7b10080-0886-4a03-b8eb-4b8cca597294\"\n/>","sha":"1b17e02ccbcaf04b4c16a2a75ba377441f50d2bc"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226122","number":226122,"mergeCommit":{"message":"[ES|QL] fix: don't let clear ESQL control type (elastic#226122)\n\n## Summary\nWhen attempting to clear the control type an uncaught error occurs.\n```\nshared_form_components.tsx:56 Uncaught TypeError: Cannot read properties of undefined (reading 'key')\n at shared_form_components.tsx:56:1\n```\n\nAs the type is mandatory, make the select un-clearable.\n\n<img width=\"581\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/e7b10080-0886-4a03-b8eb-4b8cca597294\"\n/>","sha":"1b17e02ccbcaf04b4c16a2a75ba377441f50d2bc"}}]}] BACKPORT--> Co-authored-by: Sebastian Delle Donne <sebastian.delledonne@elastic.co>
# Backport This will backport the following commits from `main` to `9.1`: - [[APM] Fix broken operation page (elastic#226036)](elastic#226036) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Katerina","email":"aikaterini.patticha@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T14:18:01Z","message":"[APM] Fix broken operation page (elastic#226036)\n\n## Summary\n\nclose https://github.com/elastic/observability-error-backlog/issues/152\n\nThe issue seems to appear only when the waterfall has an error. \n\n## Before \n\n\n\nhttps://github.com/user-attachments/assets/7ef12356-cad3-4560-a057-6a4b3b161172\n\nTODO\n\n- [ ] add test","sha":"74bdc5bbae9e0c84dc0866fb446b56fc0cfda622","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","backport:prev-minor","backport:prev-major","Team:obs-ux-infra_services","v9.2.0"],"title":"[APM] Fix broken operation page","number":226036,"url":"https://github.com/elastic/kibana/pull/226036","mergeCommit":{"message":"[APM] Fix broken operation page (elastic#226036)\n\n## Summary\n\nclose https://github.com/elastic/observability-error-backlog/issues/152\n\nThe issue seems to appear only when the waterfall has an error. \n\n## Before \n\n\n\nhttps://github.com/user-attachments/assets/7ef12356-cad3-4560-a057-6a4b3b161172\n\nTODO\n\n- [ ] add test","sha":"74bdc5bbae9e0c84dc0866fb446b56fc0cfda622"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226036","number":226036,"mergeCommit":{"message":"[APM] Fix broken operation page (elastic#226036)\n\n## Summary\n\nclose https://github.com/elastic/observability-error-backlog/issues/152\n\nThe issue seems to appear only when the waterfall has an error. \n\n## Before \n\n\n\nhttps://github.com/user-attachments/assets/7ef12356-cad3-4560-a057-6a4b3b161172\n\nTODO\n\n- [ ] add test","sha":"74bdc5bbae9e0c84dc0866fb446b56fc0cfda622"}}]}] BACKPORT--> Co-authored-by: Katerina <aikaterini.patticha@elastic.co>
… common folder (elastic#225495) (elastic#226229) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Solution] Move license level independent tests to the common folder (elastic#225495)](elastic#225495) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Maxim Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T14:10:01Z","message":"[Security Solution] Move license level independent tests to the common folder (elastic#225495)\n\n**Relates to:** https://github.com/elastic/kibana/pull/219831\n\n## Summary\n\nThis PR moves prebuilt rules license independent integration tests to the `prebuilt_rules/common` folder.","sha":"55e329206dae0e4ba76a5eebdd759dec6c8dd46f","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["test","refactoring","release_note:skip","impact:medium","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Security Solution] Move license level independent tests to the common folder","number":225495,"url":"https://github.com/elastic/kibana/pull/225495","mergeCommit":{"message":"[Security Solution] Move license level independent tests to the common folder (elastic#225495)\n\n**Relates to:** https://github.com/elastic/kibana/pull/219831\n\n## Summary\n\nThis PR moves prebuilt rules license independent integration tests to the `prebuilt_rules/common` folder.","sha":"55e329206dae0e4ba76a5eebdd759dec6c8dd46f"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/225495","number":225495,"mergeCommit":{"message":"[Security Solution] Move license level independent tests to the common folder (elastic#225495)\n\n**Relates to:** https://github.com/elastic/kibana/pull/219831\n\n## Summary\n\nThis PR moves prebuilt rules license independent integration tests to the `prebuilt_rules/common` folder.","sha":"55e329206dae0e4ba76a5eebdd759dec6c8dd46f"}}]}] BACKPORT--> Co-authored-by: Maxim Palenov <maxim.palenov@elastic.co>
…stic#226228) # Backport This will backport the following commits from `main` to `9.1`: - [[Detection Engine][Telemetry] Update test (elastic#225937)](elastic#225937) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Yara Tercero","email":"yctercero@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-02T14:09:37Z","message":"[Detection Engine][Telemetry] Update test (elastic#225937)\n\n## Summary\n\nUpdated a test to check that the value of `has_exceptions` is greater\nthan 0 instead of checking for `1` specifically. Found that in MKI\nalone, the prebuilt rules utilities don't seem to clean up. Prebuilt\nrule installation gets called 8 times in these tests, each time\ninstalling one rule with exceptions. Then in my test I add an exception\nto one of the prebuilt rules without exceptions so it shows a total of\n`has_exceptions: 9`.","sha":"e974006285c9bd43c20d55007631eb662398a120","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Detection Engine","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Detection Engine][Telemetry] Update test","number":225937,"url":"https://github.com/elastic/kibana/pull/225937","mergeCommit":{"message":"[Detection Engine][Telemetry] Update test (elastic#225937)\n\n## Summary\n\nUpdated a test to check that the value of `has_exceptions` is greater\nthan 0 instead of checking for `1` specifically. Found that in MKI\nalone, the prebuilt rules utilities don't seem to clean up. Prebuilt\nrule installation gets called 8 times in these tests, each time\ninstalling one rule with exceptions. Then in my test I add an exception\nto one of the prebuilt rules without exceptions so it shows a total of\n`has_exceptions: 9`.","sha":"e974006285c9bd43c20d55007631eb662398a120"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/225937","number":225937,"mergeCommit":{"message":"[Detection Engine][Telemetry] Update test (elastic#225937)\n\n## Summary\n\nUpdated a test to check that the value of `has_exceptions` is greater\nthan 0 instead of checking for `1` specifically. Found that in MKI\nalone, the prebuilt rules utilities don't seem to clean up. Prebuilt\nrule installation gets called 8 times in these tests, each time\ninstalling one rule with exceptions. Then in my test I add an exception\nto one of the prebuilt rules without exceptions so it shows a total of\n`has_exceptions: 9`.","sha":"e974006285c9bd43c20d55007631eb662398a120"}}]}] BACKPORT--> Co-authored-by: Yara Tercero <yctercero@users.noreply.github.com>
…elastic#226232) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Assistant] Starter prompt telemetry! (elastic#226063)](elastic#226063) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Steph Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T14:17:03Z","message":"[Security Assistant] Starter prompt telemetry! (elastic#226063)","sha":"5c4c7d9a3e3cbc7406686adaa1efa9832de71ff5","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team: SecuritySolution","Team:Security Generative AI","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Security Assistant] Starter prompt telemetry!","number":226063,"url":"https://github.com/elastic/kibana/pull/226063","mergeCommit":{"message":"[Security Assistant] Starter prompt telemetry! (elastic#226063)","sha":"5c4c7d9a3e3cbc7406686adaa1efa9832de71ff5"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226063","number":226063,"mergeCommit":{"message":"[Security Assistant] Starter prompt telemetry! (elastic#226063)","sha":"5c4c7d9a3e3cbc7406686adaa1efa9832de71ff5"}}]}] BACKPORT--> Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
…ion (elastic#226069) (elastic#226243) # Backport This will backport the following commits from `main` to `9.1`: - [Add AutoComplete for semantic_text index_options, BBQ quantization (elastic#226069)](elastic#226069) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Kathleen DeRusso","email":"kathleen.derusso@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T14:52:02Z","message":"Add AutoComplete for semantic_text index_options, BBQ quantization (elastic#226069)\n\nAdds support for specifying `semantic_text` `index_options`: \n<img width=\"581\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/323148be-e456-45db-83a5-0f16e963fc16\"\n/>\n\nAnd adds BBQ to the list of AutoComplete types: \n<img width=\"583\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/6c57bcb9-a3b2-4291-a005-1a464100d581\"\n/>\n\nfor both `semantic_text` and `dense_vector`.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"69ce7b7c162ca4982c70a1c4a4be841773e691fb","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Search","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"Add AutoComplete for semantic_text index_options, BBQ quantization","number":226069,"url":"https://github.com/elastic/kibana/pull/226069","mergeCommit":{"message":"Add AutoComplete for semantic_text index_options, BBQ quantization (elastic#226069)\n\nAdds support for specifying `semantic_text` `index_options`: \n<img width=\"581\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/323148be-e456-45db-83a5-0f16e963fc16\"\n/>\n\nAnd adds BBQ to the list of AutoComplete types: \n<img width=\"583\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/6c57bcb9-a3b2-4291-a005-1a464100d581\"\n/>\n\nfor both `semantic_text` and `dense_vector`.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"69ce7b7c162ca4982c70a1c4a4be841773e691fb"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226069","number":226069,"mergeCommit":{"message":"Add AutoComplete for semantic_text index_options, BBQ quantization (elastic#226069)\n\nAdds support for specifying `semantic_text` `index_options`: \n<img width=\"581\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/323148be-e456-45db-83a5-0f16e963fc16\"\n/>\n\nAnd adds BBQ to the list of AutoComplete types: \n<img width=\"583\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/6c57bcb9-a3b2-4291-a005-1a464100d581\"\n/>\n\nfor both `semantic_text` and `dense_vector`.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"69ce7b7c162ca4982c70a1c4a4be841773e691fb"}}]}] BACKPORT--> Co-authored-by: Kathleen DeRusso <kathleen.derusso@elastic.co>
…26249) # Backport This will backport the following commits from `main` to `9.1`: - [[A11y] Add labels to control inputs (elastic#221639)](elastic#221639) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Catherine Liu","email":"catherine.liu@elastic.co"},"sourceCommit":{"committedDate":"2025-06-26T21:54:03Z","message":"[A11y] Add labels to control inputs (elastic#221639)\n\n## Summary\n\nCloses elastic#183202.\nCloses elastic#220687.\n\nThis adds aria-labels to the number fields on the range slider control.\n\n<img width=\"704\" alt=\"Screenshot 2025-05-27 at 8 10 38 AM\"\nsrc=\"https://github.com/user-attachments/assets/ffeb1b98-6765-41ab-abd3-bff2ce176cda\"\n/>\n\n<img width=\"413\" alt=\"Screenshot 2025-05-27 at 8 04 59 AM\"\nsrc=\"https://github.com/user-attachments/assets/e899b1f9-6290-463f-9213-2e0a456fa677\"\n/>\n\nThis also adds an aria-label to the search filter at the top of the\noptions list popover.\n\n<img width=\"2559\" alt=\"Screenshot 2025-06-02 at 7 23 53 AM\"\nsrc=\"https://github.com/user-attachments/assets/47e870dc-55c2-40bd-b461-a16022691810\"\n/>\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [ ] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\n---------\n\nCo-authored-by: Marta Bondyra <4283304+mbondyra@users.noreply.github.com>","sha":"f7dad16597d9d29b312b877a4cb8c9e9bdf4f5ac","branchLabelMapping":{"^v9.1.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Dashboard","Team:Presentation","loe:small","release_note:skip","impact:high","backport missing","ci:cloud-deploy","backport:version","a11y","v9.1.0","v8.19.0","v9.0.1","v9.2.0","v8.18.4","v8.17.9"],"title":"[A11y] Add labels to control inputs","number":221639,"url":"https://github.com/elastic/kibana/pull/221639","mergeCommit":{"message":"[A11y] Add labels to control inputs (elastic#221639)\n\n## Summary\n\nCloses elastic#183202.\nCloses elastic#220687.\n\nThis adds aria-labels to the number fields on the range slider control.\n\n<img width=\"704\" alt=\"Screenshot 2025-05-27 at 8 10 38 AM\"\nsrc=\"https://github.com/user-attachments/assets/ffeb1b98-6765-41ab-abd3-bff2ce176cda\"\n/>\n\n<img width=\"413\" alt=\"Screenshot 2025-05-27 at 8 04 59 AM\"\nsrc=\"https://github.com/user-attachments/assets/e899b1f9-6290-463f-9213-2e0a456fa677\"\n/>\n\nThis also adds an aria-label to the search filter at the top of the\noptions list popover.\n\n<img width=\"2559\" alt=\"Screenshot 2025-06-02 at 7 23 53 AM\"\nsrc=\"https://github.com/user-attachments/assets/47e870dc-55c2-40bd-b461-a16022691810\"\n/>\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [ ] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\n---------\n\nCo-authored-by: Marta Bondyra <4283304+mbondyra@users.noreply.github.com>","sha":"f7dad16597d9d29b312b877a4cb8c9e9bdf4f5ac"}},"sourceBranch":"main","suggestedTargetBranches":["8.19","9.0","8.18","8.17"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/221639","number":221639,"mergeCommit":{"message":"[A11y] Add labels to control inputs (elastic#221639)\n\n## Summary\n\nCloses elastic#183202.\nCloses elastic#220687.\n\nThis adds aria-labels to the number fields on the range slider control.\n\n<img width=\"704\" alt=\"Screenshot 2025-05-27 at 8 10 38 AM\"\nsrc=\"https://github.com/user-attachments/assets/ffeb1b98-6765-41ab-abd3-bff2ce176cda\"\n/>\n\n<img width=\"413\" alt=\"Screenshot 2025-05-27 at 8 04 59 AM\"\nsrc=\"https://github.com/user-attachments/assets/e899b1f9-6290-463f-9213-2e0a456fa677\"\n/>\n\nThis also adds an aria-label to the search filter at the top of the\noptions list popover.\n\n<img width=\"2559\" alt=\"Screenshot 2025-06-02 at 7 23 53 AM\"\nsrc=\"https://github.com/user-attachments/assets/47e870dc-55c2-40bd-b461-a16022691810\"\n/>\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [ ] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\n---------\n\nCo-authored-by: Marta Bondyra <4283304+mbondyra@users.noreply.github.com>","sha":"f7dad16597d9d29b312b877a4cb8c9e9bdf4f5ac"}},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.2","label":"v9.2.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.17","label":"v8.17.9","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"url":"https://github.com/elastic/kibana/pull/226248","number":226248,"branch":"9.1","state":"OPEN"}]}] BACKPORT--> Co-authored-by: Catherine Liu <catherine.liu@elastic.co> Co-authored-by: Marta Bondyra <4283304+mbondyra@users.noreply.github.com>
…oast wording (elastic#226079) (elastic#226257) # Backport This will backport the following commits from `main` to `9.1`: - [[Alerting / Linked Dashboards] tweak linked dashboard success toast wording (elastic#226079)](elastic#226079) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Bailey Cash","email":"bailey.cash@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T15:51:27Z","message":"[Alerting / Linked Dashboards] tweak linked dashboard success toast wording (elastic#226079)\n\n## Summary\n\nResolves elastic#225914 [see\ndiscussion](https://github.com/elastic/kibana/issues/225914#issuecomment-3025450187)\n\n<img width=\"350\" alt=\"Screenshot 2025-07-01 at 5 18 31 PM\"\nsrc=\"https://github.com/user-attachments/assets/0d864dea-16b6-4a78-9c82-9b471c3d0630\"\n/>","sha":"748ac5bf4aaad0327fc426a723646d7533916d04","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","Team:obs-ux-management","backport:version","v9.1.0","v8.19.0","author:obs-ux-management","v9.2.0"],"title":"[Alerting / Linked Dashboards] tweak linked dashboard success toast wording","number":226079,"url":"https://github.com/elastic/kibana/pull/226079","mergeCommit":{"message":"[Alerting / Linked Dashboards] tweak linked dashboard success toast wording (elastic#226079)\n\n## Summary\n\nResolves elastic#225914 [see\ndiscussion](https://github.com/elastic/kibana/issues/225914#issuecomment-3025450187)\n\n<img width=\"350\" alt=\"Screenshot 2025-07-01 at 5 18 31 PM\"\nsrc=\"https://github.com/user-attachments/assets/0d864dea-16b6-4a78-9c82-9b471c3d0630\"\n/>","sha":"748ac5bf4aaad0327fc426a723646d7533916d04"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226079","number":226079,"mergeCommit":{"message":"[Alerting / Linked Dashboards] tweak linked dashboard success toast wording (elastic#226079)\n\n## Summary\n\nResolves elastic#225914 [see\ndiscussion](https://github.com/elastic/kibana/issues/225914#issuecomment-3025450187)\n\n<img width=\"350\" alt=\"Screenshot 2025-07-01 at 5 18 31 PM\"\nsrc=\"https://github.com/user-attachments/assets/0d864dea-16b6-4a78-9c82-9b471c3d0630\"\n/>","sha":"748ac5bf4aaad0327fc426a723646d7533916d04"}}]}] BACKPORT--> Co-authored-by: Bailey Cash <bailey.cash@elastic.co>
…stic#226075) (elastic#226262) # Backport This will backport the following commits from `main` to `9.1`: - [[Discover] Dataview Picker - Update dropdown minimum width (elastic#226075)](elastic#226075) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"christineweng","email":"18648970+christineweng@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-02T16:07:00Z","message":"[Discover] Dataview Picker - Update dropdown minimum width (elastic#226075)\n\n## Summary\n\nThis PR modifies the minimum width of the data view picker drop down.\nThe width calculation does not factor in `Managed` badge, in the case of\nsecurity data views (we always have them present), the text is\ntruncated. Slightly increase the width to improve presentation.\n\n|Before|After|\n|------|------|\n\n||\n|","sha":"3db5a9a51fd7511a62f936b4c38a103f7fc65015","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:DataDiscovery","Team:Threat Hunting:Investigations","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Discover] Dataview Picker - Update dropdown minimum width","number":226075,"url":"https://github.com/elastic/kibana/pull/226075","mergeCommit":{"message":"[Discover] Dataview Picker - Update dropdown minimum width (elastic#226075)\n\n## Summary\n\nThis PR modifies the minimum width of the data view picker drop down.\nThe width calculation does not factor in `Managed` badge, in the case of\nsecurity data views (we always have them present), the text is\ntruncated. Slightly increase the width to improve presentation.\n\n|Before|After|\n|------|------|\n\n||\n|","sha":"3db5a9a51fd7511a62f936b4c38a103f7fc65015"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226075","number":226075,"mergeCommit":{"message":"[Discover] Dataview Picker - Update dropdown minimum width (elastic#226075)\n\n## Summary\n\nThis PR modifies the minimum width of the data view picker drop down.\nThe width calculation does not factor in `Managed` badge, in the case of\nsecurity data views (we always have them present), the text is\ntruncated. Slightly increase the width to improve presentation.\n\n|Before|After|\n|------|------|\n\n||\n|","sha":"3db5a9a51fd7511a62f936b4c38a103f7fc65015"}}]}] BACKPORT--> Co-authored-by: christineweng <18648970+christineweng@users.noreply.github.com>
…#225381) (elastic#226260) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Solution] Update entity links to open flyout (elastic#225381)](elastic#225381) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"christineweng","email":"18648970+christineweng@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-02T16:04:31Z","message":"[Security Solution] Update entity links to open flyout (elastic#225381)\n\n## Summary\n\nThis PR updates various entity links to open the flyout instead of going\nto another page. Refactored `PreviewLink` to `FlyoutLink`. It will check\nwhether a flyout is opened, if so it will open preview, if not it will\nopen a new flyout.\n\n- Alert/Event flyout -> Details panel -> Insights -> Entity\n - Ip links opens network previews\n\n\n\n- IP flyout\n - Host ID and host name opens host preview\n\n\n\n- Host overview (page for 1 host)\n - Ips at the top section opens IP flyout \n\n\n\n\n- User overview (page for 1 user)\n - Ips at the top section opens IP flyout \n\n\n\n- Network overview (page for 1 IP)\n - Host name and host id at the top section opens host flyout \n\n\n\n- IP address in event renderer opens flyout/preview \n\n\n\n\n\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"058e45bf98d824a40788a000cf8ce1f79b0c14ad","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Threat Hunting:Investigations","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Security Solution] Update entity links to open flyout","number":225381,"url":"https://github.com/elastic/kibana/pull/225381","mergeCommit":{"message":"[Security Solution] Update entity links to open flyout (elastic#225381)\n\n## Summary\n\nThis PR updates various entity links to open the flyout instead of going\nto another page. Refactored `PreviewLink` to `FlyoutLink`. It will check\nwhether a flyout is opened, if so it will open preview, if not it will\nopen a new flyout.\n\n- Alert/Event flyout -> Details panel -> Insights -> Entity\n - Ip links opens network previews\n\n\n\n- IP flyout\n - Host ID and host name opens host preview\n\n\n\n- Host overview (page for 1 host)\n - Ips at the top section opens IP flyout \n\n\n\n\n- User overview (page for 1 user)\n - Ips at the top section opens IP flyout \n\n\n\n- Network overview (page for 1 IP)\n - Host name and host id at the top section opens host flyout \n\n\n\n- IP address in event renderer opens flyout/preview \n\n\n\n\n\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"058e45bf98d824a40788a000cf8ce1f79b0c14ad"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/225381","number":225381,"mergeCommit":{"message":"[Security Solution] Update entity links to open flyout (elastic#225381)\n\n## Summary\n\nThis PR updates various entity links to open the flyout instead of going\nto another page. Refactored `PreviewLink` to `FlyoutLink`. It will check\nwhether a flyout is opened, if so it will open preview, if not it will\nopen a new flyout.\n\n- Alert/Event flyout -> Details panel -> Insights -> Entity\n - Ip links opens network previews\n\n\n\n- IP flyout\n - Host ID and host name opens host preview\n\n\n\n- Host overview (page for 1 host)\n - Ips at the top section opens IP flyout \n\n\n\n\n- User overview (page for 1 user)\n - Ips at the top section opens IP flyout \n\n\n\n- Network overview (page for 1 IP)\n - Host name and host id at the top section opens host flyout \n\n\n\n- IP address in event renderer opens flyout/preview \n\n\n\n\n\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"058e45bf98d824a40788a000cf8ce1f79b0c14ad"}}]}] BACKPORT--> Co-authored-by: christineweng <18648970+christineweng@users.noreply.github.com>
…tic#226062) (elastic#226270) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Assistant] Responsive design for welcome screen (elastic#226062)](elastic#226062) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Steph Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T16:21:59Z","message":"[Security Assistant] Responsive design for welcome screen (elastic#226062)","sha":"128d6fc7735cca837e887a989a0a945cf5503396","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team: SecuritySolution","Team:Security Generative AI","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Security Assistant] Responsive design for welcome screen","number":226062,"url":"https://github.com/elastic/kibana/pull/226062","mergeCommit":{"message":"[Security Assistant] Responsive design for welcome screen (elastic#226062)","sha":"128d6fc7735cca837e887a989a0a945cf5503396"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226062","number":226062,"mergeCommit":{"message":"[Security Assistant] Responsive design for welcome screen (elastic#226062)","sha":"128d6fc7735cca837e887a989a0a945cf5503396"}}]}] BACKPORT--> Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
…ic#217250) (elastic#226268) # Backport This will backport the following commits from `main` to `9.1`: - [[Security solution] Fix `.inference` model for telemetry (elastic#217250)](elastic#217250) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Steph Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T16:16:31Z","message":"[Security solution] Fix `.inference` model for telemetry (elastic#217250)","sha":"12f384e0249d320068d0e6b9ae416eb4692db7fd","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team: SecuritySolution","Team:Security Generative AI","backport:version","v9.1.0","v8.19.0","v9.2.0","v8.18.4","v9.0.4"],"title":"[Security solution] Fix `.inference` model for telemetry ","number":217250,"url":"https://github.com/elastic/kibana/pull/217250","mergeCommit":{"message":"[Security solution] Fix `.inference` model for telemetry (elastic#217250)","sha":"12f384e0249d320068d0e6b9ae416eb4692db7fd"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19","8.18","9.0"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/217250","number":217250,"mergeCommit":{"message":"[Security solution] Fix `.inference` model for telemetry (elastic#217250)","sha":"12f384e0249d320068d0e6b9ae416eb4692db7fd"}},{"branch":"8.18","label":"v8.18.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
…ng onDashboardLandingPage (elastic#226064) (elastic#226276) # Backport This will backport the following commits from `main` to `9.1`: - [[dashboard] avoid 5 second delay in functional tests when calling onDashboardLandingPage (elastic#226064)](elastic#226064) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Nathan Reese","email":"reese.nathan@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T16:41:37Z","message":"[dashboard] avoid 5 second delay in functional tests when calling onDashboardLandingPage (elastic#226064)\n\nThe current implementation of `onDashboardLandingPage` calls\n`this.listingTable.onListingPage('dashboard')`. `onListingPage` is\ninlined below for reference. The problem with this implementation is\nthat when the test is not on the listing page, there is a 5000\nmilliseconds delay checking for the existence of a never-gonna-be-there\nelement.\n\n```\npublic async onListingPage(appName: AppName) {\n return await this.testSubjects.exists(`${appName}LandingPage`, {\n timeout: 5000,\n });\n }\n```\n\n`onDashboardLandingPage` is used 20 times, while\n`onDashboardLandingPage` is called in `gotoDashboardLandingPage`, which\nis used 137 times. A majority of these calls occur when the test is on\n`dashboards#/view` so the tests delay 5 seconds on these calls. Needless\nto say, our tests waste a lot of time determining if they are on the\nlisting page.\n\nOne case study is\nsrc/platform/test/functional/apps/dashboard/group1/dashboard_unsaved_listing.ts,\nwhich calls `gotoDashboardLandingPage` 11 times. Before this change,\nthis test takes 4 minutes to run. With this change, this test takes 3\nminutes to run which lines up with our expection that 11 x 5 seconds is\nabout one minute.\n\nThe PR resolves the issue by checking the URL instead of the DOM. This\nway, the test instantly knows if its on the landing page without any\ndelays.\n\nFlaky test runner\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8504.\nRan src/platform/test/functional/apps/dashboard/group1/config.ts, which\nincludes dashboard_unsaved_listing.ts, to ensure this change is not\nflaky.\n\nI also ran the flaky test runner\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8506\nas a control to see how long it takes without these changes. The runs\nwhere 2 to 3 minutes faster with the changes.\n\nControl - no changes to `onDashboardLandingPage`\n<img width=\"408\" alt=\"Screenshot 2025-07-01 at 4 45 04 PM\"\nsrc=\"https://github.com/user-attachments/assets/58acc42c-241c-4005-b564-c114ff6b7b15\"\n/>\n\nWith changes to `onDashboardLandingPage`\n<img width=\"348\" alt=\"Screenshot 2025-07-01 at 4 45 44 PM\"\nsrc=\"https://github.com/user-attachments/assets/45ed8cde-e78c-4be6-a6b4-e9d95626a681\"\n/>","sha":"0a761c9b5dd7a2aaa1afd251c8667946565244c1","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Presentation","release_note:skip","v9.0.0","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[dashboard] avoid 5 second delay in functional tests when calling onDashboardLandingPage","number":226064,"url":"https://github.com/elastic/kibana/pull/226064","mergeCommit":{"message":"[dashboard] avoid 5 second delay in functional tests when calling onDashboardLandingPage (elastic#226064)\n\nThe current implementation of `onDashboardLandingPage` calls\n`this.listingTable.onListingPage('dashboard')`. `onListingPage` is\ninlined below for reference. The problem with this implementation is\nthat when the test is not on the listing page, there is a 5000\nmilliseconds delay checking for the existence of a never-gonna-be-there\nelement.\n\n```\npublic async onListingPage(appName: AppName) {\n return await this.testSubjects.exists(`${appName}LandingPage`, {\n timeout: 5000,\n });\n }\n```\n\n`onDashboardLandingPage` is used 20 times, while\n`onDashboardLandingPage` is called in `gotoDashboardLandingPage`, which\nis used 137 times. A majority of these calls occur when the test is on\n`dashboards#/view` so the tests delay 5 seconds on these calls. Needless\nto say, our tests waste a lot of time determining if they are on the\nlisting page.\n\nOne case study is\nsrc/platform/test/functional/apps/dashboard/group1/dashboard_unsaved_listing.ts,\nwhich calls `gotoDashboardLandingPage` 11 times. Before this change,\nthis test takes 4 minutes to run. With this change, this test takes 3\nminutes to run which lines up with our expection that 11 x 5 seconds is\nabout one minute.\n\nThe PR resolves the issue by checking the URL instead of the DOM. This\nway, the test instantly knows if its on the landing page without any\ndelays.\n\nFlaky test runner\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8504.\nRan src/platform/test/functional/apps/dashboard/group1/config.ts, which\nincludes dashboard_unsaved_listing.ts, to ensure this change is not\nflaky.\n\nI also ran the flaky test runner\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8506\nas a control to see how long it takes without these changes. The runs\nwhere 2 to 3 minutes faster with the changes.\n\nControl - no changes to `onDashboardLandingPage`\n<img width=\"408\" alt=\"Screenshot 2025-07-01 at 4 45 04 PM\"\nsrc=\"https://github.com/user-attachments/assets/58acc42c-241c-4005-b564-c114ff6b7b15\"\n/>\n\nWith changes to `onDashboardLandingPage`\n<img width=\"348\" alt=\"Screenshot 2025-07-01 at 4 45 44 PM\"\nsrc=\"https://github.com/user-attachments/assets/45ed8cde-e78c-4be6-a6b4-e9d95626a681\"\n/>","sha":"0a761c9b5dd7a2aaa1afd251c8667946565244c1"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","9.1","8.19"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226064","number":226064,"mergeCommit":{"message":"[dashboard] avoid 5 second delay in functional tests when calling onDashboardLandingPage (elastic#226064)\n\nThe current implementation of `onDashboardLandingPage` calls\n`this.listingTable.onListingPage('dashboard')`. `onListingPage` is\ninlined below for reference. The problem with this implementation is\nthat when the test is not on the listing page, there is a 5000\nmilliseconds delay checking for the existence of a never-gonna-be-there\nelement.\n\n```\npublic async onListingPage(appName: AppName) {\n return await this.testSubjects.exists(`${appName}LandingPage`, {\n timeout: 5000,\n });\n }\n```\n\n`onDashboardLandingPage` is used 20 times, while\n`onDashboardLandingPage` is called in `gotoDashboardLandingPage`, which\nis used 137 times. A majority of these calls occur when the test is on\n`dashboards#/view` so the tests delay 5 seconds on these calls. Needless\nto say, our tests waste a lot of time determining if they are on the\nlisting page.\n\nOne case study is\nsrc/platform/test/functional/apps/dashboard/group1/dashboard_unsaved_listing.ts,\nwhich calls `gotoDashboardLandingPage` 11 times. Before this change,\nthis test takes 4 minutes to run. With this change, this test takes 3\nminutes to run which lines up with our expection that 11 x 5 seconds is\nabout one minute.\n\nThe PR resolves the issue by checking the URL instead of the DOM. This\nway, the test instantly knows if its on the landing page without any\ndelays.\n\nFlaky test runner\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8504.\nRan src/platform/test/functional/apps/dashboard/group1/config.ts, which\nincludes dashboard_unsaved_listing.ts, to ensure this change is not\nflaky.\n\nI also ran the flaky test runner\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8506\nas a control to see how long it takes without these changes. The runs\nwhere 2 to 3 minutes faster with the changes.\n\nControl - no changes to `onDashboardLandingPage`\n<img width=\"408\" alt=\"Screenshot 2025-07-01 at 4 45 04 PM\"\nsrc=\"https://github.com/user-attachments/assets/58acc42c-241c-4005-b564-c114ff6b7b15\"\n/>\n\nWith changes to `onDashboardLandingPage`\n<img width=\"348\" alt=\"Screenshot 2025-07-01 at 4 45 44 PM\"\nsrc=\"https://github.com/user-attachments/assets/45ed8cde-e78c-4be6-a6b4-e9d95626a681\"\n/>","sha":"0a761c9b5dd7a2aaa1afd251c8667946565244c1"}}]}] BACKPORT--> Co-authored-by: Nathan Reese <reese.nathan@elastic.co>
) # Backport This will backport the following commits from `main` to `9.1`: - [[Infra] Enforce input empty state (elastic#224101)](elastic#224101) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Carlos Crespo","email":"crespocarlos@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-02T12:43:30Z","message":"[Infra] Enforce input empty state (elastic#224101)\n\nfixes: [elastic#194945](https://github.com/elastic/kibana/issues/194945)\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\nCo-authored-by: jennypavlova <dzheni.pavlova@elastic.co>","sha":"0b9da35b6ab575e7416b42909e9421f8ccbe34d0","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:obs-ux-infra_services","backport:version","v8.17.0","v8.18.0","v9.1.0","v8.19.0","v9.2.0"],"title":"[Infra] Enforce input empty state","number":224101,"url":"https://github.com/elastic/kibana/pull/224101","mergeCommit":{"message":"[Infra] Enforce input empty state (elastic#224101)\n\nfixes: [elastic#194945](https://github.com/elastic/kibana/issues/194945)\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\nCo-authored-by: jennypavlova <dzheni.pavlova@elastic.co>","sha":"0b9da35b6ab575e7416b42909e9421f8ccbe34d0"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.17","8.18","9.1","8.19"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.17","label":"v8.17.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/224101","number":224101,"mergeCommit":{"message":"[Infra] Enforce input empty state (elastic#224101)\n\nfixes: [elastic#194945](https://github.com/elastic/kibana/issues/194945)\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\nCo-authored-by: jennypavlova <dzheni.pavlova@elastic.co>","sha":"0b9da35b6ab575e7416b42909e9421f8ccbe34d0"}}]}] BACKPORT--> Co-authored-by: Carlos Crespo <crespocarlos@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: jennypavlova <dzheni.pavlova@elastic.co>
…pec calls (elastic#224831) (elastic#226184) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Solution][Sourcerer] Replace unnecessary useDataViewSpec calls (elastic#224831)](elastic#224831) <!--- Backport version: 10.0.1 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Luke Gmys","email":"11671118+lgestc@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-02T12:14:35Z","message":"[Security Solution][Sourcerer] Replace unnecessary useDataViewSpec calls (elastic#224831)\n\n## Summary\n\nAs useDataViewSpec uses are expensive (due to toSpec method in the data\nview implementation), this PR\nadds in an optional switch to the hook and actually replaces it where we\nonly need the data view id and not the full spec.\n\n### Testing\n\nSet the FF,\n\n```\nxpack.securitySolution.enableExperimental: ['newDataViewPickerEnabled']\n```\n\nverify that the app still works correctly (timelines)\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"711ab70b3770addcba8fa66b28af65ceda11e5e3","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Threat Hunting:Investigations","backport:version","9.1 candidate","v9.1.0","v8.19.0","v9.2.0"],"title":"[Security Solution][Sourcerer] Replace unnecessary useDataViewSpec calls","number":224831,"url":"https://github.com/elastic/kibana/pull/224831","mergeCommit":{"message":"[Security Solution][Sourcerer] Replace unnecessary useDataViewSpec calls (elastic#224831)\n\n## Summary\n\nAs useDataViewSpec uses are expensive (due to toSpec method in the data\nview implementation), this PR\nadds in an optional switch to the hook and actually replaces it where we\nonly need the data view id and not the full spec.\n\n### Testing\n\nSet the FF,\n\n```\nxpack.securitySolution.enableExperimental: ['newDataViewPickerEnabled']\n```\n\nverify that the app still works correctly (timelines)\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"711ab70b3770addcba8fa66b28af65ceda11e5e3"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/226183","number":226183,"state":"OPEN"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/224831","number":224831,"mergeCommit":{"message":"[Security Solution][Sourcerer] Replace unnecessary useDataViewSpec calls (elastic#224831)\n\n## Summary\n\nAs useDataViewSpec uses are expensive (due to toSpec method in the data\nview implementation), this PR\nadds in an optional switch to the hook and actually replaces it where we\nonly need the data view id and not the full spec.\n\n### Testing\n\nSet the FF,\n\n```\nxpack.securitySolution.enableExperimental: ['newDataViewPickerEnabled']\n```\n\nverify that the app still works correctly (timelines)\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"711ab70b3770addcba8fa66b28af65ceda11e5e3"}}]}] BACKPORT-->
…226058) (elastic#226289) # Backport This will backport the following commits from `main` to `9.1`: - [[dashboard] move library functional test to unit test (elastic#226058)](elastic#226058) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Nathan Reese","email":"reese.nathan@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T18:59:10Z","message":"[dashboard] move library functional test to unit test (elastic#226058)\n\nFunctional tests have several disadvantages\n* They are slow to run\n* They are expensive to run\n* They are difficult to unsure consistently (not flaky)\n\nThis PR re-writes `embeddable_library` functional tests as unit test to\nreduce our functional test tech debt.","sha":"101ca6ec36c57d909abc7492d8fa908f5fe35f78","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Presentation","release_note:skip","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[dashboard] move library functional test to unit test","number":226058,"url":"https://github.com/elastic/kibana/pull/226058","mergeCommit":{"message":"[dashboard] move library functional test to unit test (elastic#226058)\n\nFunctional tests have several disadvantages\n* They are slow to run\n* They are expensive to run\n* They are difficult to unsure consistently (not flaky)\n\nThis PR re-writes `embeddable_library` functional tests as unit test to\nreduce our functional test tech debt.","sha":"101ca6ec36c57d909abc7492d8fa908f5fe35f78"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226058","number":226058,"mergeCommit":{"message":"[dashboard] move library functional test to unit test (elastic#226058)\n\nFunctional tests have several disadvantages\n* They are slow to run\n* They are expensive to run\n* They are difficult to unsure consistently (not flaky)\n\nThis PR re-writes `embeddable_library` functional tests as unit test to\nreduce our functional test tech debt.","sha":"101ca6ec36c57d909abc7492d8fa908f5fe35f78"}}]}] BACKPORT--> Co-authored-by: Nathan Reese <reese.nathan@elastic.co>
…stic#226299) # Backport This will backport the following commits from `main` to `9.1`: - [fix(slo): Hide actions for read-only user (elastic#226284)](elastic#226284) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Kevin Delemme","email":"kevin.delemme@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T19:47:32Z","message":"fix(slo): Hide actions for read-only user (elastic#226284)","sha":"7e286e085c777847da673f711e862ea685a7f61a","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:obs-ux-management","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"fix(slo): Hide actions for read-only user","number":226284,"url":"https://github.com/elastic/kibana/pull/226284","mergeCommit":{"message":"fix(slo): Hide actions for read-only user (elastic#226284)","sha":"7e286e085c777847da673f711e862ea685a7f61a"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226284","number":226284,"mergeCommit":{"message":"fix(slo): Hide actions for read-only user (elastic#226284)","sha":"7e286e085c777847da673f711e862ea685a7f61a"}}]}] BACKPORT--> Co-authored-by: Kevin Delemme <kevin.delemme@elastic.co>
…#225705) (elastic#226297) # Backport This will backport the following commits from `main` to `9.1`: - [[Dashboard][Controls] Do not recommend adhoc dataviews (elastic#225705)](elastic#225705) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Devon Thomson","email":"devon.thomson@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T19:45:45Z","message":"[Dashboard][Controls] Do not recommend adhoc dataviews (elastic#225705)\n\nStops the Dashboard from placing adhoc data views into its published data views list. This fixes a bug where Dashboard would recommend an adhoc data view as the most relevant data view when creating a control.","sha":"f48e8142750669651933711e87f57ff26bb8210b","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","Team:Presentation","loe:small","impact:critical","backport:version","v9.1.0","v8.19.0","v9.2.0","v9.0.4"],"title":"[Dashboard][Controls] Do not recommend adhoc dataviews","number":225705,"url":"https://github.com/elastic/kibana/pull/225705","mergeCommit":{"message":"[Dashboard][Controls] Do not recommend adhoc dataviews (elastic#225705)\n\nStops the Dashboard from placing adhoc data views into its published data views list. This fixes a bug where Dashboard would recommend an adhoc data view as the most relevant data view when creating a control.","sha":"f48e8142750669651933711e87f57ff26bb8210b"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19","9.0"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/225705","number":225705,"mergeCommit":{"message":"[Dashboard][Controls] Do not recommend adhoc dataviews (elastic#225705)\n\nStops the Dashboard from placing adhoc data views into its published data views list. This fixes a bug where Dashboard would recommend an adhoc data view as the most relevant data view when creating a control.","sha":"f48e8142750669651933711e87f57ff26bb8210b"}},{"branch":"9.0","label":"v9.0.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Devon Thomson <devon.thomson@elastic.co>
…ies and useGetAttackDiscoveryGenerations fail (elastic#225940) (elastic#226302) # Backport This will backport the following commits from `main` to `9.1`: - [[Attack discovery] Show error toasts when useFindAttackDiscoveries and useGetAttackDiscoveryGenerations fail (elastic#225940)](elastic#225940) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Andrew Macri","email":"andrew.macri@elastic.co"},"sourceCommit":{"committedDate":"2025-07-02T19:57:02Z","message":"[Attack discovery] Show error toasts when useFindAttackDiscoveries and useGetAttackDiscoveryGenerations fail (elastic#225940)\n\n## [Attack discovery] Show error toasts when `useFindAttackDiscoveries` and `useGetAttackDiscoveryGenerations` fail\n\nThis PR fixes an issue where the Attack discovery page should display error toasts when the `useFindAttackDiscoveries` and `useGetAttackDiscoveryGenerations` hooks fail to retrieve results.\n\nThe error toasts are illustrated by the screenshots below:\n\n\n\n_Above: An error toaster is displayed when `useFindAttackDiscoveries` fails_\n\n\n\n_Above: An error toaster is displayed when `useGetAttackDiscoveryGenerations` fails_\n\n### Feature flags\n\nThe following `securitySolution.attackDiscoveryAlertsEnabled` feature flag in `config/kibana.dev.yml` is required to view the error toasters:\n\n```yaml\nfeature_flags.overrides:\n securitySolution.attackDiscoveryAlertsEnabled: true\n```","sha":"db33a3faadb6cd2e08e7faf05581d7e69542996e","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team: SecuritySolution","Team:Security Generative AI","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Attack discovery] Show error toasts when useFindAttackDiscoveries and useGetAttackDiscoveryGenerations fail","number":225940,"url":"https://github.com/elastic/kibana/pull/225940","mergeCommit":{"message":"[Attack discovery] Show error toasts when useFindAttackDiscoveries and useGetAttackDiscoveryGenerations fail (elastic#225940)\n\n## [Attack discovery] Show error toasts when `useFindAttackDiscoveries` and `useGetAttackDiscoveryGenerations` fail\n\nThis PR fixes an issue where the Attack discovery page should display error toasts when the `useFindAttackDiscoveries` and `useGetAttackDiscoveryGenerations` hooks fail to retrieve results.\n\nThe error toasts are illustrated by the screenshots below:\n\n\n\n_Above: An error toaster is displayed when `useFindAttackDiscoveries` fails_\n\n\n\n_Above: An error toaster is displayed when `useGetAttackDiscoveryGenerations` fails_\n\n### Feature flags\n\nThe following `securitySolution.attackDiscoveryAlertsEnabled` feature flag in `config/kibana.dev.yml` is required to view the error toasters:\n\n```yaml\nfeature_flags.overrides:\n securitySolution.attackDiscoveryAlertsEnabled: true\n```","sha":"db33a3faadb6cd2e08e7faf05581d7e69542996e"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/225940","number":225940,"mergeCommit":{"message":"[Attack discovery] Show error toasts when useFindAttackDiscoveries and useGetAttackDiscoveryGenerations fail (elastic#225940)\n\n## [Attack discovery] Show error toasts when `useFindAttackDiscoveries` and `useGetAttackDiscoveryGenerations` fail\n\nThis PR fixes an issue where the Attack discovery page should display error toasts when the `useFindAttackDiscoveries` and `useGetAttackDiscoveryGenerations` hooks fail to retrieve results.\n\nThe error toasts are illustrated by the screenshots below:\n\n\n\n_Above: An error toaster is displayed when `useFindAttackDiscoveries` fails_\n\n\n\n_Above: An error toaster is displayed when `useGetAttackDiscoveryGenerations` fails_\n\n### Feature flags\n\nThe following `securitySolution.attackDiscoveryAlertsEnabled` feature flag in `config/kibana.dev.yml` is required to view the error toasters:\n\n```yaml\nfeature_flags.overrides:\n securitySolution.attackDiscoveryAlertsEnabled: true\n```","sha":"db33a3faadb6cd2e08e7faf05581d7e69542996e"}}]}] BACKPORT--> Co-authored-by: Andrew Macri <andrew.macri@elastic.co>
…4968) (elastic#226304) # Backport This will backport the following commits from `main` to `9.1`: - [[Detections Response] Extended rule usage telemetry (elastic#224968)](elastic#224968) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Yara Tercero","email":"yctercero@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-02T20:21:57Z","message":"[Detections Response] Extended rule usage telemetry (elastic#224968)\n\n## Summary\n\nAddresses https://github.com/elastic/security-team/issues/12856\n\nProduct wanted more granular information on custom rule usage. We have\ninformation on number of different rule types, total custom and total\nprebuilt, but there isn't a clear snapshot of the custom rules broken\nout by rule type. The existing rule type usage includes both prebuilt\nand custom.\n\n### Sample\n\n<img width=\"342\" alt=\"Screenshot 2025-06-23 at 2 40 59 PM\"\nsrc=\"https://github.com/user-attachments/assets/3dcb3fe0-5251-489f-bf3b-d762e57ab597\"\n/>\n\n### How to test\n\nYou can run `cd\nx-pack/solutions/security/plugins/security_solution/scripts/endpoint &&\nyarn test:generate` to generate some test data.\n\n- Create some rules of different types\n- Add some exceptions\n- Add some rules with suppression\n- Try adding a few prebuilt rules of different rule types\n- Visit Stack Management > Advanced Settings > Global settings > Usage\nCollection > Click on the link `cluster data`\n- Values of `[rule_type]_custom` should only reflect numbers for custom\nrules, not prebuilt\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"f282c4d98fac1e8dfc99fcff4d2a930cea1f30df","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Detection Engine","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Detections Response] Extended rule usage telemetry","number":224968,"url":"https://github.com/elastic/kibana/pull/224968","mergeCommit":{"message":"[Detections Response] Extended rule usage telemetry (elastic#224968)\n\n## Summary\n\nAddresses https://github.com/elastic/security-team/issues/12856\n\nProduct wanted more granular information on custom rule usage. We have\ninformation on number of different rule types, total custom and total\nprebuilt, but there isn't a clear snapshot of the custom rules broken\nout by rule type. The existing rule type usage includes both prebuilt\nand custom.\n\n### Sample\n\n<img width=\"342\" alt=\"Screenshot 2025-06-23 at 2 40 59 PM\"\nsrc=\"https://github.com/user-attachments/assets/3dcb3fe0-5251-489f-bf3b-d762e57ab597\"\n/>\n\n### How to test\n\nYou can run `cd\nx-pack/solutions/security/plugins/security_solution/scripts/endpoint &&\nyarn test:generate` to generate some test data.\n\n- Create some rules of different types\n- Add some exceptions\n- Add some rules with suppression\n- Try adding a few prebuilt rules of different rule types\n- Visit Stack Management > Advanced Settings > Global settings > Usage\nCollection > Click on the link `cluster data`\n- Values of `[rule_type]_custom` should only reflect numbers for custom\nrules, not prebuilt\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"f282c4d98fac1e8dfc99fcff4d2a930cea1f30df"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/224968","number":224968,"mergeCommit":{"message":"[Detections Response] Extended rule usage telemetry (elastic#224968)\n\n## Summary\n\nAddresses https://github.com/elastic/security-team/issues/12856\n\nProduct wanted more granular information on custom rule usage. We have\ninformation on number of different rule types, total custom and total\nprebuilt, but there isn't a clear snapshot of the custom rules broken\nout by rule type. The existing rule type usage includes both prebuilt\nand custom.\n\n### Sample\n\n<img width=\"342\" alt=\"Screenshot 2025-06-23 at 2 40 59 PM\"\nsrc=\"https://github.com/user-attachments/assets/3dcb3fe0-5251-489f-bf3b-d762e57ab597\"\n/>\n\n### How to test\n\nYou can run `cd\nx-pack/solutions/security/plugins/security_solution/scripts/endpoint &&\nyarn test:generate` to generate some test data.\n\n- Create some rules of different types\n- Add some exceptions\n- Add some rules with suppression\n- Try adding a few prebuilt rules of different rule types\n- Visit Stack Management > Advanced Settings > Global settings > Usage\nCollection > Click on the link `cluster data`\n- Values of `[rule_type]_custom` should only reflect numbers for custom\nrules, not prebuilt\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"f282c4d98fac1e8dfc99fcff4d2a930cea1f30df"}}]}] BACKPORT--> Co-authored-by: Yara Tercero <yctercero@users.noreply.github.com>
…t on integration sync (elastic#226282) (elastic#226310) # Backport This will backport the following commits from `main` to `9.1`: - [[Fleet] Remove accordion expansion button when theres no content on integration sync (elastic#226282)](elastic#226282) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Mason Herron","email":"46727170+Supplementing@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-02T20:55:39Z","message":"[Fleet] Remove accordion expansion button when theres no content on integration sync (elastic#226282)\n\n## Summary\n\nCloses elastic#225590 \n\nStops the expansion button from rendering when theres no additional\ncontent. Also applies to the nested custom assets.\n\nSee the below video where I mocked the different cases all at once to\nverify it worked as intended (this would have been very hard with real\ndata):\n\n\n\nhttps://github.com/user-attachments/assets/b8332e29-535a-42cb-b1c4-9a8ce6ecd396\n\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [ ] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [ ] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n### Identify risks\n\nN/A\n\n---------\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"d433c398aa15491aba0f33cfc6b9c73e55f4c31a","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","backport:prev-minor","v9.1.0","v9.2.0"],"title":"[Fleet] Remove accordion expansion button when theres no content on integration sync","number":226282,"url":"https://github.com/elastic/kibana/pull/226282","mergeCommit":{"message":"[Fleet] Remove accordion expansion button when theres no content on integration sync (elastic#226282)\n\n## Summary\n\nCloses elastic#225590 \n\nStops the expansion button from rendering when theres no additional\ncontent. Also applies to the nested custom assets.\n\nSee the below video where I mocked the different cases all at once to\nverify it worked as intended (this would have been very hard with real\ndata):\n\n\n\nhttps://github.com/user-attachments/assets/b8332e29-535a-42cb-b1c4-9a8ce6ecd396\n\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [ ] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [ ] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n### Identify risks\n\nN/A\n\n---------\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"d433c398aa15491aba0f33cfc6b9c73e55f4c31a"}},"sourceBranch":"main","suggestedTargetBranches":["9.1"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226282","number":226282,"mergeCommit":{"message":"[Fleet] Remove accordion expansion button when theres no content on integration sync (elastic#226282)\n\n## Summary\n\nCloses elastic#225590 \n\nStops the expansion button from rendering when theres no additional\ncontent. Also applies to the nested custom assets.\n\nSee the below video where I mocked the different cases all at once to\nverify it worked as intended (this would have been very hard with real\ndata):\n\n\n\nhttps://github.com/user-attachments/assets/b8332e29-535a-42cb-b1c4-9a8ce6ecd396\n\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [ ] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [ ] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n### Identify risks\n\nN/A\n\n---------\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"d433c398aa15491aba0f33cfc6b9c73e55f4c31a"}}]}] BACKPORT--> Co-authored-by: Mason Herron <46727170+Supplementing@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
# Backport This will backport the following commits from `main` to `9.1`: - [[lens] remove scale from columns (elastic#224519)](elastic#224519) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Peter Pisljar","email":"peter.pisljar@elastic.co"},"sourceCommit":{"committedDate":"2025-07-03T06:37:24Z","message":"[lens] remove scale from columns (elastic#224519)","sha":"6113a1188a13e3db8034bd2c3ec3447a963a45ce","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["backport","Team:Visualizations","release_note:skip","Feature:Lens","Team:obs-ux-management","v8.19.0","v9.2.0","v9.0.4"],"title":"[lens] remove scale from columns","number":224519,"url":"https://github.com/elastic/kibana/pull/224519","mergeCommit":{"message":"[lens] remove scale from columns (elastic#224519)","sha":"6113a1188a13e3db8034bd2c3ec3447a963a45ce"}},"sourceBranch":"main","suggestedTargetBranches":["8.19","9.0"],"targetPullRequestStates":[{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/224519","number":224519,"mergeCommit":{"message":"[lens] remove scale from columns (elastic#224519)","sha":"6113a1188a13e3db8034bd2c3ec3447a963a45ce"}},{"branch":"9.0","label":"v9.0.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Peter Pisljar <peter.pisljar@elastic.co>
…c#226189) (elastic#226330) # Backport This will backport the following commits from `main` to `9.1`: - [Update dependency @elastic/monaco-esql to ^3.1.4 (main) (elastic#226189)](elastic#226189) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"elastic-renovate-prod[bot]","email":"174716857+elastic-renovate-prod[bot]@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-03T07:32:05Z","message":"Update dependency @elastic/monaco-esql to ^3.1.4 (main) (elastic#226189)\n\nThis PR contains the following updates:\n\n| Package | Type | Update | Change |\n|---|---|---|---|\n|\n[@elastic/monaco-esql](https://github.com/elastic/monaco-esql)\n([source](https://github.com/elastic/highlightjs-esql)) |\ndependencies | patch | [`^3.1.2` ->\n`^3.1.4`](https://renovatebot.com/diffs/npm/@elastic%2fmonaco-esql/3.1.2/3.1.4)\n|\n\n---\n\n### Release Notes\n\n<details>\n<summary>elastic/highlightjs-esql\n(@&elastic#8203;elastic/monaco-esql)</summary>\n\n###\n[`v3.1.4`](https://github.com/elastic/highlightjs-esql/compare/67c0ead66ce76925fea44ef46df5360ae67f8f51...bab9e580d3ddecb73125af95222c83c6f5ce74fd)\n\n[Compare\nSource](https://github.com/elastic/highlightjs-esql/compare/67c0ead66ce76925fea44ef46df5360ae67f8f51...bab9e580d3ddecb73125af95222c83c6f5ce74fd)\n\n###\n[`v3.1.3`](https://github.com/elastic/highlightjs-esql/compare/ffd1628c1e989f9bf6517d38deab55d098b3fae6...67c0ead66ce76925fea44ef46df5360ae67f8f51)\n\n[Compare\nSource](https://github.com/elastic/highlightjs-esql/compare/ffd1628c1e989f9bf6517d38deab55d098b3fae6...67c0ead66ce76925fea44ef46df5360ae67f8f51)\n\n</details>\n\n---\n\n### Configuration\n\n📅 **Schedule**: Branch creation - At any time (no schedule defined),\nAutomerge - At any time (no schedule defined).\n\n🚦 **Automerge**: Disabled by config. Please merge this manually once you\nare satisfied.\n\n♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the\nrebase/retry checkbox.\n\n🔕 **Ignore**: Close this PR and you won't be reminded about this update\nagain.\n\n---\n\n- [ ] If you want to rebase/retry this PR, check\nthis box\n\n---\n\nThis PR has been generated by [Renovate\nBot](https://github.com/renovatebot/renovate).\n\n\n\nCo-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com>\nCo-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>","sha":"e3bb206f80ddceb86b06f9b0f9db3f3ba170ea6a","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Feature:ES|QL","Team:ESQL","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"Update dependency @elastic/monaco-esql to ^3.1.4 (main)","number":226189,"url":"https://github.com/elastic/kibana/pull/226189","mergeCommit":{"message":"Update dependency @elastic/monaco-esql to ^3.1.4 (main) (elastic#226189)\n\nThis PR contains the following updates:\n\n| Package | Type | Update | Change |\n|---|---|---|---|\n|\n[@elastic/monaco-esql](https://github.com/elastic/monaco-esql)\n([source](https://github.com/elastic/highlightjs-esql)) |\ndependencies | patch | [`^3.1.2` ->\n`^3.1.4`](https://renovatebot.com/diffs/npm/@elastic%2fmonaco-esql/3.1.2/3.1.4)\n|\n\n---\n\n### Release Notes\n\n<details>\n<summary>elastic/highlightjs-esql\n(@&elastic#8203;elastic/monaco-esql)</summary>\n\n###\n[`v3.1.4`](https://github.com/elastic/highlightjs-esql/compare/67c0ead66ce76925fea44ef46df5360ae67f8f51...bab9e580d3ddecb73125af95222c83c6f5ce74fd)\n\n[Compare\nSource](https://github.com/elastic/highlightjs-esql/compare/67c0ead66ce76925fea44ef46df5360ae67f8f51...bab9e580d3ddecb73125af95222c83c6f5ce74fd)\n\n###\n[`v3.1.3`](https://github.com/elastic/highlightjs-esql/compare/ffd1628c1e989f9bf6517d38deab55d098b3fae6...67c0ead66ce76925fea44ef46df5360ae67f8f51)\n\n[Compare\nSource](https://github.com/elastic/highlightjs-esql/compare/ffd1628c1e989f9bf6517d38deab55d098b3fae6...67c0ead66ce76925fea44ef46df5360ae67f8f51)\n\n</details>\n\n---\n\n### Configuration\n\n📅 **Schedule**: Branch creation - At any time (no schedule defined),\nAutomerge - At any time (no schedule defined).\n\n🚦 **Automerge**: Disabled by config. Please merge this manually once you\nare satisfied.\n\n♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the\nrebase/retry checkbox.\n\n🔕 **Ignore**: Close this PR and you won't be reminded about this update\nagain.\n\n---\n\n- [ ] If you want to rebase/retry this PR, check\nthis box\n\n---\n\nThis PR has been generated by [Renovate\nBot](https://github.com/renovatebot/renovate).\n\n\n\nCo-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com>\nCo-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>","sha":"e3bb206f80ddceb86b06f9b0f9db3f3ba170ea6a"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226189","number":226189,"mergeCommit":{"message":"Update dependency @elastic/monaco-esql to ^3.1.4 (main) (elastic#226189)\n\nThis PR contains the following updates:\n\n| Package | Type | Update | Change |\n|---|---|---|---|\n|\n[@elastic/monaco-esql](https://github.com/elastic/monaco-esql)\n([source](https://github.com/elastic/highlightjs-esql)) |\ndependencies | patch | [`^3.1.2` ->\n`^3.1.4`](https://renovatebot.com/diffs/npm/@elastic%2fmonaco-esql/3.1.2/3.1.4)\n|\n\n---\n\n### Release Notes\n\n<details>\n<summary>elastic/highlightjs-esql\n(@&elastic#8203;elastic/monaco-esql)</summary>\n\n###\n[`v3.1.4`](https://github.com/elastic/highlightjs-esql/compare/67c0ead66ce76925fea44ef46df5360ae67f8f51...bab9e580d3ddecb73125af95222c83c6f5ce74fd)\n\n[Compare\nSource](https://github.com/elastic/highlightjs-esql/compare/67c0ead66ce76925fea44ef46df5360ae67f8f51...bab9e580d3ddecb73125af95222c83c6f5ce74fd)\n\n###\n[`v3.1.3`](https://github.com/elastic/highlightjs-esql/compare/ffd1628c1e989f9bf6517d38deab55d098b3fae6...67c0ead66ce76925fea44ef46df5360ae67f8f51)\n\n[Compare\nSource](https://github.com/elastic/highlightjs-esql/compare/ffd1628c1e989f9bf6517d38deab55d098b3fae6...67c0ead66ce76925fea44ef46df5360ae67f8f51)\n\n</details>\n\n---\n\n### Configuration\n\n📅 **Schedule**: Branch creation - At any time (no schedule defined),\nAutomerge - At any time (no schedule defined).\n\n🚦 **Automerge**: Disabled by config. Please merge this manually once you\nare satisfied.\n\n♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the\nrebase/retry checkbox.\n\n🔕 **Ignore**: Close this PR and you won't be reminded about this update\nagain.\n\n---\n\n- [ ] If you want to rebase/retry this PR, check\nthis box\n\n---\n\nThis PR has been generated by [Renovate\nBot](https://github.com/renovatebot/renovate).\n\n\n\nCo-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com>\nCo-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>","sha":"e3bb206f80ddceb86b06f9b0f9db3f3ba170ea6a"}}]}] BACKPORT--> Co-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com> Co-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>
) (elastic#226347) # Backport This will backport the following commits from `main` to `9.1`: - [Test fix: Close popover before clicking on the tab (elastic#226116)](elastic#226116) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"jennypavlova","email":"dzheni.pavlova@elastic.co"},"sourceCommit":{"committedDate":"2025-07-03T08:16:20Z","message":"Test fix: Close popover before clicking on the tab (elastic#226116)\n\nCloses elastic#225181\n\n## Summary\n\nThis PR tries to fix a failing test by closing all popovers that cover\nthe tab button using the escape key.","sha":"d5f6e40ef663b7a3bab5858b4b5eaa4506c5f691","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport:prev-minor","backport:prev-major","Team:obs-ux-infra_services","v9.2.0"],"title":"Test fix: Close popover before clicking on the tab","number":226116,"url":"https://github.com/elastic/kibana/pull/226116","mergeCommit":{"message":"Test fix: Close popover before clicking on the tab (elastic#226116)\n\nCloses elastic#225181\n\n## Summary\n\nThis PR tries to fix a failing test by closing all popovers that cover\nthe tab button using the escape key.","sha":"d5f6e40ef663b7a3bab5858b4b5eaa4506c5f691"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226116","number":226116,"mergeCommit":{"message":"Test fix: Close popover before clicking on the tab (elastic#226116)\n\nCloses elastic#225181\n\n## Summary\n\nThis PR tries to fix a failing test by closing all popovers that cover\nthe tab button using the escape key.","sha":"d5f6e40ef663b7a3bab5858b4b5eaa4506c5f691"}}]}] BACKPORT--> Co-authored-by: jennypavlova <dzheni.pavlova@elastic.co>
…lastic#226259) (elastic#226348) # Backport This will backport the following commits from `main` to `9.1`: - [[Discover] Fix font size in a single document/flyover popover (elastic#226259)](elastic#226259) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Ania Kowalska","email":"63072419+akowalska622@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-03T08:24:50Z","message":"[Discover] Fix font size in a single document/flyover popover (elastic#226259)\n\n## Summary\n\nCloses elastic#226217\n\nThis PR adds unit to `euiTheme.font.scale.s` value, which fixes too\nsmall text.\n\nBefore:\n\n\n\nAfter:\n<img width=\"525\" alt=\"Screenshot 2025-07-02 at 18 09 31\"\nsrc=\"https://github.com/user-attachments/assets/5f5e9e55-a86d-4d92-abf2-c500f5aeb2ce\"\n/>","sha":"5bd075c5648dfe86a0d5c17e32d5d1b67ab7472b","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","Team:DataDiscovery","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Discover] Fix font size in a single document/flyover popover","number":226259,"url":"https://github.com/elastic/kibana/pull/226259","mergeCommit":{"message":"[Discover] Fix font size in a single document/flyover popover (elastic#226259)\n\n## Summary\n\nCloses elastic#226217\n\nThis PR adds unit to `euiTheme.font.scale.s` value, which fixes too\nsmall text.\n\nBefore:\n\n\n\nAfter:\n<img width=\"525\" alt=\"Screenshot 2025-07-02 at 18 09 31\"\nsrc=\"https://github.com/user-attachments/assets/5f5e9e55-a86d-4d92-abf2-c500f5aeb2ce\"\n/>","sha":"5bd075c5648dfe86a0d5c17e32d5d1b67ab7472b"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226259","number":226259,"mergeCommit":{"message":"[Discover] Fix font size in a single document/flyover popover (elastic#226259)\n\n## Summary\n\nCloses elastic#226217\n\nThis PR adds unit to `euiTheme.font.scale.s` value, which fixes too\nsmall text.\n\nBefore:\n\n\n\nAfter:\n<img width=\"525\" alt=\"Screenshot 2025-07-02 at 18 09 31\"\nsrc=\"https://github.com/user-attachments/assets/5f5e9e55-a86d-4d92-abf2-c500f5aeb2ce\"\n/>","sha":"5bd075c5648dfe86a0d5c17e32d5d1b67ab7472b"}}]}] BACKPORT--> Co-authored-by: Ania Kowalska <63072419+akowalska622@users.noreply.github.com>
…de errors on Basic license (elastic#224676) (elastic#226352) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Solution] Stop showing ML rule installation and upgrade errors on Basic license (elastic#224676)](elastic#224676) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Nikita Indik","email":"nikita.indik@elastic.co"},"sourceCommit":{"committedDate":"2025-07-03T08:43:07Z","message":"[Security Solution] Stop showing ML rule installation and upgrade errors on Basic license (elastic#224676)\n\n**Resolves: https://github.com/elastic/kibana/issues/197246**\n**Resolves: https://github.com/elastic/kibana/issues/190753**\n\n**Flaky test runner**:\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8483\n\n\n\n## Summary\nThis PR addresses an issue where users with Basic or Essentials licenses\nencountered errors when attempting to install ML rules. This problem\narose because Basic and Essentials licenses do not permit the\ninstallation or upgrading of ML rules. The PR resolves this by excluding\nML rules from the installation and upgrade `_review` endpoint responses\nfor users with insufficient license.\n\n## Changes\n- `installation/_review` and `upgrade/_review` don't return ML rules for\nusers on Basic/Essentials.\n- `prebuilt_rules/status` does not include ML rules in the count of\nrules to install or upgrade.\n- `installation/_perform` and `upgrade/_perform` now skip ML rules when\ncalled with `ALL_RULES` mode if the license is insufficient.\n- Added API integration tests for installing and upgrading prebuilt\nrules on Basic and Essentials, as well as for checking their status.\n- Now, installation and upgrade errors are displayed in a separate \"red\"\ntoast if any rules fail to install or upgrade.\n- Added tests for toasts as well.\n\n## Screenshots and screen recordings\n### Installing all prebuilt rules\n\n<details>\n <summary>Click to see screen recordings</summary>\n <b>Before</b>\n\n\nhttps://github.com/user-attachments/assets/4e68d4c8-5523-495f-9157-41a5f037d261\n\n <b>After</b>\n\n\nhttps://github.com/user-attachments/assets/465a2bc0-fd89-49cc-9bdb-78d45a6545ea\n\n</details>\n\n### Upgrading all prebuilt rules\n<details>\n <summary>Click to see screen recordings</summary>\n <b>Before</b>\n\n\nhttps://github.com/user-attachments/assets/6e7e4299-2348-43b3-b5f6-ed31cf350a69\n\n <b>After</b>\n\n\nhttps://github.com/user-attachments/assets/84303135-2ed0-4014-a677-d182f2a105c9\n\n</details>\n\n### Errors during installation (unrelated to ML rules)\n<details>\n <summary>Click to see screenshots</summary>\n\n **Before: a green toast with combined success and error text**\n \n<img width=\"2561\" alt=\"installation_toast_before\"\nsrc=\"https://github.com/user-attachments/assets/35d4134b-643b-4e91-8971-de8d63a4c885\"\n/>\n\n\n **After: two toasts – one for success, one for errors**\n\n<img width=\"2561\" alt=\"installation_toast_after_1\"\nsrc=\"https://github.com/user-attachments/assets/cc967445-e8fc-4508-a39d-a13116c4087b\"\n/>\n<img width=\"2561\" alt=\"installation_toast_after_2\"\nsrc=\"https://github.com/user-attachments/assets/0c2fcbae-484f-4458-8151-29de2a09e243\"\n/>\n\n\n</details>\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"e19fdf8dd600e849413b680c730b03ac9aa2f725","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v9.1.0","v8.19.0","v9.2.0","v8.18.4","v9.0.4"],"title":"[Security Solution] Stop showing ML rule installation and upgrade errors on Basic license","number":224676,"url":"https://github.com/elastic/kibana/pull/224676","mergeCommit":{"message":"[Security Solution] Stop showing ML rule installation and upgrade errors on Basic license (elastic#224676)\n\n**Resolves: https://github.com/elastic/kibana/issues/197246**\n**Resolves: https://github.com/elastic/kibana/issues/190753**\n\n**Flaky test runner**:\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8483\n\n\n\n## Summary\nThis PR addresses an issue where users with Basic or Essentials licenses\nencountered errors when attempting to install ML rules. This problem\narose because Basic and Essentials licenses do not permit the\ninstallation or upgrading of ML rules. The PR resolves this by excluding\nML rules from the installation and upgrade `_review` endpoint responses\nfor users with insufficient license.\n\n## Changes\n- `installation/_review` and `upgrade/_review` don't return ML rules for\nusers on Basic/Essentials.\n- `prebuilt_rules/status` does not include ML rules in the count of\nrules to install or upgrade.\n- `installation/_perform` and `upgrade/_perform` now skip ML rules when\ncalled with `ALL_RULES` mode if the license is insufficient.\n- Added API integration tests for installing and upgrading prebuilt\nrules on Basic and Essentials, as well as for checking their status.\n- Now, installation and upgrade errors are displayed in a separate \"red\"\ntoast if any rules fail to install or upgrade.\n- Added tests for toasts as well.\n\n## Screenshots and screen recordings\n### Installing all prebuilt rules\n\n<details>\n <summary>Click to see screen recordings</summary>\n <b>Before</b>\n\n\nhttps://github.com/user-attachments/assets/4e68d4c8-5523-495f-9157-41a5f037d261\n\n <b>After</b>\n\n\nhttps://github.com/user-attachments/assets/465a2bc0-fd89-49cc-9bdb-78d45a6545ea\n\n</details>\n\n### Upgrading all prebuilt rules\n<details>\n <summary>Click to see screen recordings</summary>\n <b>Before</b>\n\n\nhttps://github.com/user-attachments/assets/6e7e4299-2348-43b3-b5f6-ed31cf350a69\n\n <b>After</b>\n\n\nhttps://github.com/user-attachments/assets/84303135-2ed0-4014-a677-d182f2a105c9\n\n</details>\n\n### Errors during installation (unrelated to ML rules)\n<details>\n <summary>Click to see screenshots</summary>\n\n **Before: a green toast with combined success and error text**\n \n<img width=\"2561\" alt=\"installation_toast_before\"\nsrc=\"https://github.com/user-attachments/assets/35d4134b-643b-4e91-8971-de8d63a4c885\"\n/>\n\n\n **After: two toasts – one for success, one for errors**\n\n<img width=\"2561\" alt=\"installation_toast_after_1\"\nsrc=\"https://github.com/user-attachments/assets/cc967445-e8fc-4508-a39d-a13116c4087b\"\n/>\n<img width=\"2561\" alt=\"installation_toast_after_2\"\nsrc=\"https://github.com/user-attachments/assets/0c2fcbae-484f-4458-8151-29de2a09e243\"\n/>\n\n\n</details>\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"e19fdf8dd600e849413b680c730b03ac9aa2f725"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19","8.18","9.0"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/224676","number":224676,"mergeCommit":{"message":"[Security Solution] Stop showing ML rule installation and upgrade errors on Basic license (elastic#224676)\n\n**Resolves: https://github.com/elastic/kibana/issues/197246**\n**Resolves: https://github.com/elastic/kibana/issues/190753**\n\n**Flaky test runner**:\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8483\n\n\n\n## Summary\nThis PR addresses an issue where users with Basic or Essentials licenses\nencountered errors when attempting to install ML rules. This problem\narose because Basic and Essentials licenses do not permit the\ninstallation or upgrading of ML rules. The PR resolves this by excluding\nML rules from the installation and upgrade `_review` endpoint responses\nfor users with insufficient license.\n\n## Changes\n- `installation/_review` and `upgrade/_review` don't return ML rules for\nusers on Basic/Essentials.\n- `prebuilt_rules/status` does not include ML rules in the count of\nrules to install or upgrade.\n- `installation/_perform` and `upgrade/_perform` now skip ML rules when\ncalled with `ALL_RULES` mode if the license is insufficient.\n- Added API integration tests for installing and upgrading prebuilt\nrules on Basic and Essentials, as well as for checking their status.\n- Now, installation and upgrade errors are displayed in a separate \"red\"\ntoast if any rules fail to install or upgrade.\n- Added tests for toasts as well.\n\n## Screenshots and screen recordings\n### Installing all prebuilt rules\n\n<details>\n <summary>Click to see screen recordings</summary>\n <b>Before</b>\n\n\nhttps://github.com/user-attachments/assets/4e68d4c8-5523-495f-9157-41a5f037d261\n\n <b>After</b>\n\n\nhttps://github.com/user-attachments/assets/465a2bc0-fd89-49cc-9bdb-78d45a6545ea\n\n</details>\n\n### Upgrading all prebuilt rules\n<details>\n <summary>Click to see screen recordings</summary>\n <b>Before</b>\n\n\nhttps://github.com/user-attachments/assets/6e7e4299-2348-43b3-b5f6-ed31cf350a69\n\n <b>After</b>\n\n\nhttps://github.com/user-attachments/assets/84303135-2ed0-4014-a677-d182f2a105c9\n\n</details>\n\n### Errors during installation (unrelated to ML rules)\n<details>\n <summary>Click to see screenshots</summary>\n\n **Before: a green toast with combined success and error text**\n \n<img width=\"2561\" alt=\"installation_toast_before\"\nsrc=\"https://github.com/user-attachments/assets/35d4134b-643b-4e91-8971-de8d63a4c885\"\n/>\n\n\n **After: two toasts – one for success, one for errors**\n\n<img width=\"2561\" alt=\"installation_toast_after_1\"\nsrc=\"https://github.com/user-attachments/assets/cc967445-e8fc-4508-a39d-a13116c4087b\"\n/>\n<img width=\"2561\" alt=\"installation_toast_after_2\"\nsrc=\"https://github.com/user-attachments/assets/0c2fcbae-484f-4458-8151-29de2a09e243\"\n/>\n\n\n</details>\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"e19fdf8dd600e849413b680c730b03ac9aa2f725"}},{"branch":"8.18","label":"v8.18.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Nikita Indik <nikita.indik@elastic.co>
…st is finished (elastic#224671) (elastic#226355) # Backport This will backport the following commits from `main` to `9.1`: - [[UnifiedSearch][ESQL] Fix edited query overwriting when a request is finished (elastic#224671)](elastic#224671) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Matthias Wilhelm","email":"matthias.wilhelm@elastic.co"},"sourceCommit":{"committedDate":"2025-07-03T08:14:41Z","message":"[UnifiedSearch][ESQL] Fix edited query overwriting when a request is finished (elastic#224671)\n\nResolved overwriting changes to the query in the ESQL Editor in UnifiedSearch while the request is still running when the previous request finished","sha":"ca7b021814e3606434934c9dac0b1be8fbed4338","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Discover","release_note:fix","Team:DataDiscovery","Feature:Unified search","Team:ESQL","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[UnifiedSearch][ESQL] Fix edited query overwriting when a request is finished","number":224671,"url":"https://github.com/elastic/kibana/pull/224671","mergeCommit":{"message":"[UnifiedSearch][ESQL] Fix edited query overwriting when a request is finished (elastic#224671)\n\nResolved overwriting changes to the query in the ESQL Editor in UnifiedSearch while the request is still running when the previous request finished","sha":"ca7b021814e3606434934c9dac0b1be8fbed4338"}},"sourceBranch":"main","suggestedTargetBranches":["9.1"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/226344","number":226344,"state":"OPEN"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/224671","number":224671,"mergeCommit":{"message":"[UnifiedSearch][ESQL] Fix edited query overwriting when a request is finished (elastic#224671)\n\nResolved overwriting changes to the query in the ESQL Editor in UnifiedSearch while the request is still running when the previous request finished","sha":"ca7b021814e3606434934c9dac0b1be8fbed4338"}}]}] BACKPORT--> Co-authored-by: Matthias Wilhelm <matthias.wilhelm@elastic.co>
…astic#226370) # Backport This will backport the following commits from `main` to `9.1`: - [[ES|QL] Improve binary expression grouping (elastic#225416)](elastic#225416) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Vadim Kibana","email":"82822460+vadimkibana@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-03T10:03:00Z","message":"[ES|QL] Improve binary expression grouping (elastic#225416)\n\n## Summary\n\nCloses https://github.com/elastic/kibana/issues/224990\n\nAlso:\n\n- Improves binary expression grouping with `()` parenthesis in\npretty-printer.\n- Updates binary expression precedence list.\n\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"6d0dc4bcf7d8ed90a8634832a2aaa6b1683fc7fb","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["review","release_note:skip","Feature:ES|QL","Team:ESQL","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[ES|QL] Improve binary expression grouping","number":225416,"url":"https://github.com/elastic/kibana/pull/225416","mergeCommit":{"message":"[ES|QL] Improve binary expression grouping (elastic#225416)\n\n## Summary\n\nCloses https://github.com/elastic/kibana/issues/224990\n\nAlso:\n\n- Improves binary expression grouping with `()` parenthesis in\npretty-printer.\n- Updates binary expression precedence list.\n\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"6d0dc4bcf7d8ed90a8634832a2aaa6b1683fc7fb"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/225416","number":225416,"mergeCommit":{"message":"[ES|QL] Improve binary expression grouping (elastic#225416)\n\n## Summary\n\nCloses https://github.com/elastic/kibana/issues/224990\n\nAlso:\n\n- Improves binary expression grouping with `()` parenthesis in\npretty-printer.\n- Updates binary expression precedence list.\n\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"6d0dc4bcf7d8ed90a8634832a2aaa6b1683fc7fb"}}]}] BACKPORT--> Co-authored-by: Vadim Kibana <82822460+vadimkibana@users.noreply.github.com>
…) (elastic#226369) # Backport This will backport the following commits from `main` to `9.1`: - [Update dependency @xyflow/react to ^12.7.1 (main) (elastic#225810)](elastic#225810) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"elastic-renovate-prod[bot]","email":"174716857+elastic-renovate-prod[bot]@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-03T09:59:20Z","message":"Update dependency @xyflow/react to ^12.7.1 (main) (elastic#225810)\n\nThis PR contains the following updates:\n\n| Package | Type | Update | Change | Pending |\n|---|---|---|---|---|\n| [@xyflow/react](https://reactflow.dev)\n([source](https://github.com/xyflow/xyflow/tree/HEAD/packages/react))\n| dependencies | patch | [`^12.7.0` ->\n`^12.7.1`](https://renovatebot.com/diffs/npm/@xyflow%2freact/12.8.1/12.7.1)\n| `12.8.1` (+1) |\n\n---\n\n### Configuration\n\n📅 **Schedule**: Branch creation - At any time (no schedule defined),\nAutomerge - At any time (no schedule defined).\n\n🚦 **Automerge**: Disabled by config. Please merge this manually once you\nare satisfied.\n\n♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the\nrebase/retry checkbox.\n\n🔕 **Ignore**: Close this PR and you won't be reminded about this update\nagain.\n\n---\n\n- [ ] If you want to rebase/retry this PR, check\nthis box\n\n---\n\nThis PR has been generated by [Renovate\nBot](https://github.com/renovatebot/renovate).\n\n\n\nCo-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com>\nCo-authored-by: Kfir Peled <61654899+kfirpeled@users.noreply.github.com>","sha":"15d77c06aee07fc02a7071df2e5935058e5e964f","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Cloud Security","backport:all-open","v9.2.0"],"title":"Update dependency @xyflow/react to ^12.7.1 (main)","number":225810,"url":"https://github.com/elastic/kibana/pull/225810","mergeCommit":{"message":"Update dependency @xyflow/react to ^12.7.1 (main) (elastic#225810)\n\nThis PR contains the following updates:\n\n| Package | Type | Update | Change | Pending |\n|---|---|---|---|---|\n| [@xyflow/react](https://reactflow.dev)\n([source](https://github.com/xyflow/xyflow/tree/HEAD/packages/react))\n| dependencies | patch | [`^12.7.0` ->\n`^12.7.1`](https://renovatebot.com/diffs/npm/@xyflow%2freact/12.8.1/12.7.1)\n| `12.8.1` (+1) |\n\n---\n\n### Configuration\n\n📅 **Schedule**: Branch creation - At any time (no schedule defined),\nAutomerge - At any time (no schedule defined).\n\n🚦 **Automerge**: Disabled by config. Please merge this manually once you\nare satisfied.\n\n♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the\nrebase/retry checkbox.\n\n🔕 **Ignore**: Close this PR and you won't be reminded about this update\nagain.\n\n---\n\n- [ ] If you want to rebase/retry this PR, check\nthis box\n\n---\n\nThis PR has been generated by [Renovate\nBot](https://github.com/renovatebot/renovate).\n\n\n\nCo-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com>\nCo-authored-by: Kfir Peled <61654899+kfirpeled@users.noreply.github.com>","sha":"15d77c06aee07fc02a7071df2e5935058e5e964f"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/225810","number":225810,"mergeCommit":{"message":"Update dependency @xyflow/react to ^12.7.1 (main) (elastic#225810)\n\nThis PR contains the following updates:\n\n| Package | Type | Update | Change | Pending |\n|---|---|---|---|---|\n| [@xyflow/react](https://reactflow.dev)\n([source](https://github.com/xyflow/xyflow/tree/HEAD/packages/react))\n| dependencies | patch | [`^12.7.0` ->\n`^12.7.1`](https://renovatebot.com/diffs/npm/@xyflow%2freact/12.8.1/12.7.1)\n| `12.8.1` (+1) |\n\n---\n\n### Configuration\n\n📅 **Schedule**: Branch creation - At any time (no schedule defined),\nAutomerge - At any time (no schedule defined).\n\n🚦 **Automerge**: Disabled by config. Please merge this manually once you\nare satisfied.\n\n♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the\nrebase/retry checkbox.\n\n🔕 **Ignore**: Close this PR and you won't be reminded about this update\nagain.\n\n---\n\n- [ ] If you want to rebase/retry this PR, check\nthis box\n\n---\n\nThis PR has been generated by [Renovate\nBot](https://github.com/renovatebot/renovate).\n\n\n\nCo-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com>\nCo-authored-by: Kfir Peled <61654899+kfirpeled@users.noreply.github.com>","sha":"15d77c06aee07fc02a7071df2e5935058e5e964f"}}]}] BACKPORT--> Co-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com> Co-authored-by: Kfir Peled <61654899+kfirpeled@users.noreply.github.com>
…27621) # Backport This will backport the following commits from `main` to `9.1`: - [[Rules] Fixed serverless rules test (elastic#227442)](elastic#227442) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Francesco Fagnani","email":"fagnani.francesco@gmail.com"},"sourceCommit":{"committedDate":"2025-07-11T11:36:24Z","message":"[Rules] Fixed serverless rules test (elastic#227442)\n\nIt closes elastic#225813.\nIt closes elastic#225800.\nIt closes elastic#224460.\n\nWhen clicking on the `Alerts` side nav button for some reason the\nnavigation was sometimes not happening and the test was stuck in looking\nfor the `manageRulesPageButton` but without trying clicking the `Alerts`\nbutton again.\n\nAlso worth mentioning that I was able to reproduce this only starting\nthe server pointing to a Kibana build I previously created, I couldn't\nreproduce the issue running the server with the local Kibana.","sha":"89a2343a0d7e5b19f77ed9918616a503ec2103fa","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport:version","v9.1.0","v8.19.0","author:obs-ux-management","v9.2.0"],"title":"[Rules] Fixed serverless rules test","number":227442,"url":"https://github.com/elastic/kibana/pull/227442","mergeCommit":{"message":"[Rules] Fixed serverless rules test (elastic#227442)\n\nIt closes elastic#225813.\nIt closes elastic#225800.\nIt closes elastic#224460.\n\nWhen clicking on the `Alerts` side nav button for some reason the\nnavigation was sometimes not happening and the test was stuck in looking\nfor the `manageRulesPageButton` but without trying clicking the `Alerts`\nbutton again.\n\nAlso worth mentioning that I was able to reproduce this only starting\nthe server pointing to a Kibana build I previously created, I couldn't\nreproduce the issue running the server with the local Kibana.","sha":"89a2343a0d7e5b19f77ed9918616a503ec2103fa"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227442","number":227442,"mergeCommit":{"message":"[Rules] Fixed serverless rules test (elastic#227442)\n\nIt closes elastic#225813.\nIt closes elastic#225800.\nIt closes elastic#224460.\n\nWhen clicking on the `Alerts` side nav button for some reason the\nnavigation was sometimes not happening and the test was stuck in looking\nfor the `manageRulesPageButton` but without trying clicking the `Alerts`\nbutton again.\n\nAlso worth mentioning that I was able to reproduce this only starting\nthe server pointing to a Kibana build I previously created, I couldn't\nreproduce the issue running the server with the local Kibana.","sha":"89a2343a0d7e5b19f77ed9918616a503ec2103fa"}}]}] BACKPORT--> Co-authored-by: Francesco Fagnani <fagnani.francesco@gmail.com>
…ry actions are clicked (elastic#227462) (elastic#227643) # Backport This will backport the following commits from `main` to `9.1`: - [[Obs AI Assistant] Inject user prompt before tool call when query actions are clicked (elastic#227462)](elastic#227462) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Viduni Wickramarachchi","email":"viduni.wickramarachchi@elastic.co"},"sourceCommit":{"committedDate":"2025-07-11T12:25:04Z","message":"[Obs AI Assistant] Inject user prompt before tool call when query actions are clicked (elastic#227462)\n\nCloses https://github.com/elastic/obs-ai-assistant-team/issues/309\n\n## Summary\n\nThis PR improves the `Display Results` and `visualize this query`\nactions by injecting a user prompt first and then the tool call to\nmaintain correct message ordering. This fixes the empty message that was\nobserved when visualize this query was clicked.\n\nHowever, in any case, if an empty message is received this should be\nhandled separately to avoid breaking the conversation flow.\n\n## Testing instructions:\n1. Generate some logs\n2. Pick the LLM (Needs to be tested with Elastic Managed LLM, Claude\n3.5, Claude 3.7, GPT-4, etc)\n3. Ask the assistant to generate a query\n4. Click on `Display results` -- the results should be shown and the\nuser should be able to continue the conversation\n5. Click on `Visualize this query` -- the visualization should be shown\nand the user should be able to continue the conversation\n\n## Traces with each model:\n\n- EIS (Visualize this query) -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/b1dcb77fb39ad7efbf82d9c4a1feb0e0?selectedSpanNodeId=U3BhbjoyOTk3ODQ%3D\n<img width=\"715\" height=\"868\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/75fd8efe-82df-4f7f-ad4f-f915e09d49da\"\n/>\n\n- EIS (Display results) -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/e7d8c42774491e6e2bcf328c34203c14?selectedSpanNodeId=U3BhbjozMDAxOTg%3D\n\n\nhttps://github.com/user-attachments/assets/6aa520db-2b40-4317-ace0-7be206ebb669\n\n- Bedrock+Claude 3.7 -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/f1bc4f490fcc990db9dbddf0782cff7e?selectedSpanNodeId=U3BhbjoyOTk4MDA%3D\n<img width=\"709\" height=\"889\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/86f77ff9-1783-42d3-8b31-8680fd7da227\"\n/>\n\n\n- Bedrock+Claude 3.5 -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/457a7cc939ce3b18ae3a9e2b066c3a7f?selectedSpanNodeId=U3BhbjoyOTk4MTY%3D\n<img width=\"714\" height=\"942\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/fe96b72e-24d0-4a85-9b42-a9862bdf4139\"\n/>\n\n\n- AzureOpenAI+GPT 4.1 -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/de9fc09a6f0162b7b2d6f52fbb188469?selectedSpanNodeId=U3BhbjoyOTk4MzI%3D\n<img width=\"715\" height=\"877\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/cca5326e-9350-426f-9f2e-a407d26e193d\"\n/>\n\n\n- Gemini 2.0 Flash -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/982da6b0ff4bae04f45af0271aa4cd84?selectedSpanNodeId=U3BhbjoyOTk4NTI%3D\n<img width=\"709\" height=\"880\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/d29b99c7-e3f6-4318-a19b-0a92e7aa690b\"\n/>\n\n- Gemini 2.5 Flash -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/9f7115cc79bb2e929dbeb93670555e81?selectedSpanNodeId=U3BhbjoyOTk4NjU%3D\n<img width=\"708\" height=\"872\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/4c6e48fd-ccaf-413c-b01d-21c0fc8df061\"\n/>\n\n\n### Checklist\n\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"021b30816e86ddb2e1fa2a8c911ff85ab07e1d43","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Obs AI Assistant","ci:project-deploy-observability","backport:version","v9.1.0","v8.19.0","v9.2.0","v8.18.4","v9.0.4"],"title":"[Obs AI Assistant] Inject user prompt before tool call when query actions are clicked","number":227462,"url":"https://github.com/elastic/kibana/pull/227462","mergeCommit":{"message":"[Obs AI Assistant] Inject user prompt before tool call when query actions are clicked (elastic#227462)\n\nCloses https://github.com/elastic/obs-ai-assistant-team/issues/309\n\n## Summary\n\nThis PR improves the `Display Results` and `visualize this query`\nactions by injecting a user prompt first and then the tool call to\nmaintain correct message ordering. This fixes the empty message that was\nobserved when visualize this query was clicked.\n\nHowever, in any case, if an empty message is received this should be\nhandled separately to avoid breaking the conversation flow.\n\n## Testing instructions:\n1. Generate some logs\n2. Pick the LLM (Needs to be tested with Elastic Managed LLM, Claude\n3.5, Claude 3.7, GPT-4, etc)\n3. Ask the assistant to generate a query\n4. Click on `Display results` -- the results should be shown and the\nuser should be able to continue the conversation\n5. Click on `Visualize this query` -- the visualization should be shown\nand the user should be able to continue the conversation\n\n## Traces with each model:\n\n- EIS (Visualize this query) -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/b1dcb77fb39ad7efbf82d9c4a1feb0e0?selectedSpanNodeId=U3BhbjoyOTk3ODQ%3D\n<img width=\"715\" height=\"868\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/75fd8efe-82df-4f7f-ad4f-f915e09d49da\"\n/>\n\n- EIS (Display results) -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/e7d8c42774491e6e2bcf328c34203c14?selectedSpanNodeId=U3BhbjozMDAxOTg%3D\n\n\nhttps://github.com/user-attachments/assets/6aa520db-2b40-4317-ace0-7be206ebb669\n\n- Bedrock+Claude 3.7 -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/f1bc4f490fcc990db9dbddf0782cff7e?selectedSpanNodeId=U3BhbjoyOTk4MDA%3D\n<img width=\"709\" height=\"889\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/86f77ff9-1783-42d3-8b31-8680fd7da227\"\n/>\n\n\n- Bedrock+Claude 3.5 -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/457a7cc939ce3b18ae3a9e2b066c3a7f?selectedSpanNodeId=U3BhbjoyOTk4MTY%3D\n<img width=\"714\" height=\"942\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/fe96b72e-24d0-4a85-9b42-a9862bdf4139\"\n/>\n\n\n- AzureOpenAI+GPT 4.1 -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/de9fc09a6f0162b7b2d6f52fbb188469?selectedSpanNodeId=U3BhbjoyOTk4MzI%3D\n<img width=\"715\" height=\"877\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/cca5326e-9350-426f-9f2e-a407d26e193d\"\n/>\n\n\n- Gemini 2.0 Flash -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/982da6b0ff4bae04f45af0271aa4cd84?selectedSpanNodeId=U3BhbjoyOTk4NTI%3D\n<img width=\"709\" height=\"880\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/d29b99c7-e3f6-4318-a19b-0a92e7aa690b\"\n/>\n\n- Gemini 2.5 Flash -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/9f7115cc79bb2e929dbeb93670555e81?selectedSpanNodeId=U3BhbjoyOTk4NjU%3D\n<img width=\"708\" height=\"872\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/4c6e48fd-ccaf-413c-b01d-21c0fc8df061\"\n/>\n\n\n### Checklist\n\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"021b30816e86ddb2e1fa2a8c911ff85ab07e1d43"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19","8.18","9.0"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227462","number":227462,"mergeCommit":{"message":"[Obs AI Assistant] Inject user prompt before tool call when query actions are clicked (elastic#227462)\n\nCloses https://github.com/elastic/obs-ai-assistant-team/issues/309\n\n## Summary\n\nThis PR improves the `Display Results` and `visualize this query`\nactions by injecting a user prompt first and then the tool call to\nmaintain correct message ordering. This fixes the empty message that was\nobserved when visualize this query was clicked.\n\nHowever, in any case, if an empty message is received this should be\nhandled separately to avoid breaking the conversation flow.\n\n## Testing instructions:\n1. Generate some logs\n2. Pick the LLM (Needs to be tested with Elastic Managed LLM, Claude\n3.5, Claude 3.7, GPT-4, etc)\n3. Ask the assistant to generate a query\n4. Click on `Display results` -- the results should be shown and the\nuser should be able to continue the conversation\n5. Click on `Visualize this query` -- the visualization should be shown\nand the user should be able to continue the conversation\n\n## Traces with each model:\n\n- EIS (Visualize this query) -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/b1dcb77fb39ad7efbf82d9c4a1feb0e0?selectedSpanNodeId=U3BhbjoyOTk3ODQ%3D\n<img width=\"715\" height=\"868\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/75fd8efe-82df-4f7f-ad4f-f915e09d49da\"\n/>\n\n- EIS (Display results) -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/e7d8c42774491e6e2bcf328c34203c14?selectedSpanNodeId=U3BhbjozMDAxOTg%3D\n\n\nhttps://github.com/user-attachments/assets/6aa520db-2b40-4317-ace0-7be206ebb669\n\n- Bedrock+Claude 3.7 -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/f1bc4f490fcc990db9dbddf0782cff7e?selectedSpanNodeId=U3BhbjoyOTk4MDA%3D\n<img width=\"709\" height=\"889\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/86f77ff9-1783-42d3-8b31-8680fd7da227\"\n/>\n\n\n- Bedrock+Claude 3.5 -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/457a7cc939ce3b18ae3a9e2b066c3a7f?selectedSpanNodeId=U3BhbjoyOTk4MTY%3D\n<img width=\"714\" height=\"942\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/fe96b72e-24d0-4a85-9b42-a9862bdf4139\"\n/>\n\n\n- AzureOpenAI+GPT 4.1 -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/de9fc09a6f0162b7b2d6f52fbb188469?selectedSpanNodeId=U3BhbjoyOTk4MzI%3D\n<img width=\"715\" height=\"877\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/cca5326e-9350-426f-9f2e-a407d26e193d\"\n/>\n\n\n- Gemini 2.0 Flash -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/982da6b0ff4bae04f45af0271aa4cd84?selectedSpanNodeId=U3BhbjoyOTk4NTI%3D\n<img width=\"709\" height=\"880\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/d29b99c7-e3f6-4318-a19b-0a92e7aa690b\"\n/>\n\n- Gemini 2.5 Flash -\nhttps://35-187-109-62.sslip.io/projects/UHJvamVjdDo5/traces/9f7115cc79bb2e929dbeb93670555e81?selectedSpanNodeId=U3BhbjoyOTk4NjU%3D\n<img width=\"708\" height=\"872\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/4c6e48fd-ccaf-413c-b01d-21c0fc8df061\"\n/>\n\n\n### Checklist\n\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"021b30816e86ddb2e1fa2a8c911ff85ab07e1d43"}},{"branch":"8.18","label":"v8.18.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Viduni Wickramarachchi <viduni.wickramarachchi@elastic.co>
…ration tests (elastic#227371) (elastic#227647) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Solution] Unskip prebuilt rules bundled package integration tests (elastic#227371)](elastic#227371) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Maxim Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2025-07-11T12:26:23Z","message":"[Security Solution] Unskip prebuilt rules bundled package integration tests (elastic#227371)\n\n**Resolves: https://github.com/elastic/kibana/issues/180087**\n\n## Summary\n\nThis PR fixes and unskips Prebuilt Rules bundled package integration tests.\n\n## Details\n\nFlakiness was caused by improper test setup which failed to remove already installed prebuilt rules package.\n\n## Flaky test runner\n\n- ✅ [200 runs](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8579)","sha":"c43d8ccfbdbf0a25b07db34d71f160a239fa858c","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v8.18.0","v9.1.0","v8.19.0","v9.2.0"],"title":"[Security Solution] Unskip prebuilt rules bundled package integration tests","number":227371,"url":"https://github.com/elastic/kibana/pull/227371","mergeCommit":{"message":"[Security Solution] Unskip prebuilt rules bundled package integration tests (elastic#227371)\n\n**Resolves: https://github.com/elastic/kibana/issues/180087**\n\n## Summary\n\nThis PR fixes and unskips Prebuilt Rules bundled package integration tests.\n\n## Details\n\nFlakiness was caused by improper test setup which failed to remove already installed prebuilt rules package.\n\n## Flaky test runner\n\n- ✅ [200 runs](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8579)","sha":"c43d8ccfbdbf0a25b07db34d71f160a239fa858c"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18","9.1","8.19"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227371","number":227371,"mergeCommit":{"message":"[Security Solution] Unskip prebuilt rules bundled package integration tests (elastic#227371)\n\n**Resolves: https://github.com/elastic/kibana/issues/180087**\n\n## Summary\n\nThis PR fixes and unskips Prebuilt Rules bundled package integration tests.\n\n## Details\n\nFlakiness was caused by improper test setup which failed to remove already installed prebuilt rules package.\n\n## Flaky test runner\n\n- ✅ [200 runs](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8579)","sha":"c43d8ccfbdbf0a25b07db34d71f160a239fa858c"}}]}] BACKPORT--> Co-authored-by: Maxim Palenov <maxim.palenov@elastic.co>
# Backport This will backport the following commits from `main` to `9.1`: - [[CI] bump ci disk to 85gb (elastic#227665)](elastic#227665) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Brad White","email":"Ikuni17@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-11T14:24:37Z","message":"[CI] bump ci disk to 85gb (elastic#227665)\n\n## Summary\nStill seeing some operations run out of disk at 80gb","sha":"3657d74b81579fcd4aa0afd4be826aa3ccf2d3ef","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","skip-ci","backport:prev-major","backport:current-major","v9.2.0"],"title":"[CI] bump ci disk to 85gb","number":227665,"url":"https://github.com/elastic/kibana/pull/227665","mergeCommit":{"message":"[CI] bump ci disk to 85gb (elastic#227665)\n\n## Summary\nStill seeing some operations run out of disk at 80gb","sha":"3657d74b81579fcd4aa0afd4be826aa3ccf2d3ef"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227665","number":227665,"mergeCommit":{"message":"[CI] bump ci disk to 85gb (elastic#227665)\n\n## Summary\nStill seeing some operations run out of disk at 80gb","sha":"3657d74b81579fcd4aa0afd4be826aa3ccf2d3ef"}}]}] BACKPORT--> Co-authored-by: Brad White <Ikuni17@users.noreply.github.com>
…ests.x-pack/test/observability_functional/apps/observability/feature_controls/observability_security·ts - ObservabilityApp feature controls observability security feature controls observability cases all privileges "before all" hook for "shows observability/cases navlink" (elastic#227431) (elastic#227658) # Backport This will backport the following commits from `main` to `9.1`: - [[FIX] Failing test: Chrome X-Pack Observability UI Functional Tests.x-pack/test/observability_functional/apps/observability/feature_controls/observability_security·ts - ObservabilityApp feature controls observability security feature controls observability cases all privileges "before all" hook for "shows observability/cases navlink" (elastic#227431)](elastic#227431) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Faisal Kanout","email":"faisal.kanout@elastic.co"},"sourceCommit":{"committedDate":"2025-07-11T13:18:05Z","message":"[FIX] Failing test: Chrome X-Pack Observability UI Functional Tests.x-pack/test/observability_functional/apps/observability/feature_controls/observability_security·ts - ObservabilityApp feature controls observability security feature controls observability cases all privileges \"before all\" hook for \"shows observability/cases navlink\" (elastic#227431)\n\n## Summary\n\nIt resumes/ fixes elastic#155091\nIt resumes/ fixes elastic#155090 \nThese tests were flaky in 2023, but now, according to FTR, they are\nworking as expected.","sha":"2008eff8d0b0118d9e99846f5f031fbd23fcef93","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","ci:project-deploy-observability","Team:obs-ux-management","backport:version","v9.1.0","v9.2.0"],"title":"[FIX] Failing test: Chrome X-Pack Observability UI Functional Tests.x-pack/test/observability_functional/apps/observability/feature_controls/observability_security·ts - ObservabilityApp feature controls observability security feature controls observability cases all privileges \"before all\" hook for \"shows observability/cases navlink\"","number":227431,"url":"https://github.com/elastic/kibana/pull/227431","mergeCommit":{"message":"[FIX] Failing test: Chrome X-Pack Observability UI Functional Tests.x-pack/test/observability_functional/apps/observability/feature_controls/observability_security·ts - ObservabilityApp feature controls observability security feature controls observability cases all privileges \"before all\" hook for \"shows observability/cases navlink\" (elastic#227431)\n\n## Summary\n\nIt resumes/ fixes elastic#155091\nIt resumes/ fixes elastic#155090 \nThese tests were flaky in 2023, but now, according to FTR, they are\nworking as expected.","sha":"2008eff8d0b0118d9e99846f5f031fbd23fcef93"}},"sourceBranch":"main","suggestedTargetBranches":["9.1"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227431","number":227431,"mergeCommit":{"message":"[FIX] Failing test: Chrome X-Pack Observability UI Functional Tests.x-pack/test/observability_functional/apps/observability/feature_controls/observability_security·ts - ObservabilityApp feature controls observability security feature controls observability cases all privileges \"before all\" hook for \"shows observability/cases navlink\" (elastic#227431)\n\n## Summary\n\nIt resumes/ fixes elastic#155091\nIt resumes/ fixes elastic#155090 \nThese tests were flaky in 2023, but now, according to FTR, they are\nworking as expected.","sha":"2008eff8d0b0118d9e99846f5f031fbd23fcef93"}}]}] BACKPORT--> Co-authored-by: Faisal Kanout <faisal.kanout@elastic.co>
…oud template instructions for AWS, GCP and Azure (elastic#227461) (elastic#227659) # Backport This will backport the following commits from `main` to `9.1`: - [[Cloud Security] [Bug] Fix Cloud Asset Discovery not showing cloud template instructions for AWS, GCP and Azure (elastic#227461)](elastic#227461) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"seanrathier","email":"sean.rathier@gmail.com"},"sourceCommit":{"committedDate":"2025-07-11T13:21:04Z","message":"[Cloud Security] [Bug] Fix Cloud Asset Discovery not showing cloud template instructions for AWS, GCP and Azure (elastic#227461)","sha":"d080256c1959fd302a59b2d94d76d3f92f2235b2","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","Team:Cloud Security","backport:prev-minor","ci:cloud-deploy","v9.2.0"],"title":"[Cloud Security] [Bug] Fix Cloud Asset Discovery not showing cloud template instructions for AWS, GCP and Azure","number":227461,"url":"https://github.com/elastic/kibana/pull/227461","mergeCommit":{"message":"[Cloud Security] [Bug] Fix Cloud Asset Discovery not showing cloud template instructions for AWS, GCP and Azure (elastic#227461)","sha":"d080256c1959fd302a59b2d94d76d3f92f2235b2"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227461","number":227461,"mergeCommit":{"message":"[Cloud Security] [Bug] Fix Cloud Asset Discovery not showing cloud template instructions for AWS, GCP and Azure (elastic#227461)","sha":"d080256c1959fd302a59b2d94d76d3f92f2235b2"}}]}] BACKPORT--> Co-authored-by: seanrathier <sean.rathier@gmail.com>
…age (elastic#227176) (elastic#227654) # Backport This will backport the following commits from `main` to `9.1`: - [[SecuritySolution] Add a privileges check callout to priv mon page (elastic#227176)](elastic#227176) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Pablo Machado","email":"pablo.nevesmachado@elastic.co"},"sourceCommit":{"committedDate":"2025-07-11T13:01:24Z","message":"[SecuritySolution] Add a privileges check callout to priv mon page (elastic#227176)\n\n## Summary\n\nAdd a privileges check callout to priv mon page\n\n\n\n\n\n\n\n\n### How to test\n1. On a kibana instance with an admin user\n2. Add priv mon data and install ML jobs\n2.1 Run the `privileged-user-monitoring` command from the\n`security-documents-generator` repo\n3. Open the priv mon page and make sure everything is displayed\n4. Create a test role with access to the data view indices but nothing\nmore\n5. Create a user with the role\n6. Log in on an anonymous tab with the created user\n7. Open the privmon page\n8. The callout should be displayed\n9. If you add privileges to the indices listed in the callout, the\ncallout should disappear, and the dashboard should be displayed without\nany errors\n\n\n\n### Checklist\n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>","sha":"4965cf54e23e276bd7f93e5fd713add8b8af9c13","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team: SecuritySolution","Feature:Entity Analytics","Team:Entity Analytics","backport:version","v9.1.0","v9.2.0"],"title":"[SecuritySolution] Add a privileges check callout to priv mon page","number":227176,"url":"https://github.com/elastic/kibana/pull/227176","mergeCommit":{"message":"[SecuritySolution] Add a privileges check callout to priv mon page (elastic#227176)\n\n## Summary\n\nAdd a privileges check callout to priv mon page\n\n\n\n\n\n\n\n\n### How to test\n1. On a kibana instance with an admin user\n2. Add priv mon data and install ML jobs\n2.1 Run the `privileged-user-monitoring` command from the\n`security-documents-generator` repo\n3. Open the priv mon page and make sure everything is displayed\n4. Create a test role with access to the data view indices but nothing\nmore\n5. Create a user with the role\n6. Log in on an anonymous tab with the created user\n7. Open the privmon page\n8. The callout should be displayed\n9. If you add privileges to the indices listed in the callout, the\ncallout should disappear, and the dashboard should be displayed without\nany errors\n\n\n\n### Checklist\n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>","sha":"4965cf54e23e276bd7f93e5fd713add8b8af9c13"}},"sourceBranch":"main","suggestedTargetBranches":["9.1"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227176","number":227176,"mergeCommit":{"message":"[SecuritySolution] Add a privileges check callout to priv mon page (elastic#227176)\n\n## Summary\n\nAdd a privileges check callout to priv mon page\n\n\n\n\n\n\n\n\n### How to test\n1. On a kibana instance with an admin user\n2. Add priv mon data and install ML jobs\n2.1 Run the `privileged-user-monitoring` command from the\n`security-documents-generator` repo\n3. Open the priv mon page and make sure everything is displayed\n4. Create a test role with access to the data view indices but nothing\nmore\n5. Create a user with the role\n6. Log in on an anonymous tab with the created user\n7. Open the privmon page\n8. The callout should be displayed\n9. If you add privileges to the indices listed in the callout, the\ncallout should disappear, and the dashboard should be displayed without\nany errors\n\n\n\n### Checklist\n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>","sha":"4965cf54e23e276bd7f93e5fd713add8b8af9c13"}}]}] BACKPORT--> Co-authored-by: Pablo Machado <pablo.nevesmachado@elastic.co> Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>
…d reports flyout (elastic#225437) (elastic#227701) # Backport This will backport the following commits from `main` to `9.1`: - [[ResponseOps][Reporting] Re-enable start date field in scheduled reports flyout (elastic#225437)](elastic#225437) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Umberto Pepato","email":"umbopepato@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-11T17:01:33Z","message":"[ResponseOps][Reporting] Re-enable start date field in scheduled reports flyout (elastic#225437)","sha":"eca556f6c4e7943cc035900d98b52890ffcae10d","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","Team:ResponseOps","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[ResponseOps][Reporting] Re-enable start date field in scheduled reports flyout","number":225437,"url":"https://github.com/elastic/kibana/pull/225437","mergeCommit":{"message":"[ResponseOps][Reporting] Re-enable start date field in scheduled reports flyout (elastic#225437)","sha":"eca556f6c4e7943cc035900d98b52890ffcae10d"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/225437","number":225437,"mergeCommit":{"message":"[ResponseOps][Reporting] Re-enable start date field in scheduled reports flyout (elastic#225437)","sha":"eca556f6c4e7943cc035900d98b52890ffcae10d"}}]}] BACKPORT--> Co-authored-by: Umberto Pepato <umbopepato@users.noreply.github.com>
…urce saved objects (elastic#227420) (elastic#227702) # Backport This will backport the following commits from `main` to `9.1`: - [[Entity Analytics][Privmon] Use default UUIDs for monitoring source saved objects (elastic#227420)](elastic#227420) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Mark Hopkin","email":"mark.hopkin@elastic.co"},"sourceCommit":{"committedDate":"2025-07-11T17:04:53Z","message":"[Entity Analytics][Privmon] Use default UUIDs for monitoring source saved objects (elastic#227420)\n\n## Summary\n\nrevert to using the default UUID generation for monitoring data source\nsaved objects and remove any reference to temp-id. Previously we were\ngenerating the ID using the integration name or index name and the\nnamespace, and also overriding this with temp-id.\n\n- remove temp-id refs\n- add ID param to the get and update routes URL\n- Remove the behaviour where the create API will update if the source\nalready exists\n\n## Testing\n\nSteps Taken from\n[elastic#221610](https://github.com/elastic/kibana/pull/221610)\n- Pull branch into local machine\n- Security experimental flag enable: 'privilegeMonitoringEnabled'\n- Start up ElasticSearch and Kibana\n\n**1. Optional - create the default index, this should just skip if you\ndon't make it.**\n\n```\nPOST entity_analytics.privileged_monitoring/_doc\n{\n \"user\": {\n \"name\": \"default name\"\n }\n}\n```\n\n**2. Create test index/ indicies**\n\n```\nPUT /tatooine-\n{\n \"mappings\": {\n \"properties\": {\n \"user\": {\n \"properties\": {\n \"name\": {\n \"type\": \"keyword\",\n \"fields\": {\n \"text\": {\n \"type\": \"text\"\n }\n }\n }\n }\n }\n }\n }\n}\n\n```\n```\nPOST tatooine-/_bulk\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Luke Skywalker\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Leia Organa\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Han Solo\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Chewbacca\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Obi-Wan Kenobi\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Yoda\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"R2-D2\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"C-3PO\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Darth Vader\" } }\n\n``` \n**3. Register Monitoring Entity Source Saved Objects**\n```\nPOST kbn:/api/entity_analytics/monitoring/entity_source\n{\n \"type\": \"index\",\n \"name\": \"StarWars\",\n \"managed\": true,\n \"indexPattern\": \"tatooine-\",\n \"enabled\": true,\n \"matchers\": [\n {\n \"fields\": [\"user.role\"],\n \"values\": [\"admin\"]\n }\n ],\n \"filter\": {}\n}\n\n``` \n**- OPTIONAL: You can check what is in the monitoring entity_source\nSO:**\n\n``` \nGET kbn:/api/entity_analytics/monitoring/entity_source/list\n``` \n**4. Initialise monitoring engine:** \n```\nPOST kbn:/api/entity_analytics/monitoring/engine/init {}\n``` \n\n**5. Verify Users in Monitoring Index**\n- Check the list of synced user, should include: \n- - The created users\n- - The default user (if you created it)\n\n```\nGET kbn:/api/entity_analytics/monitoring/users/list\n``` \n\n**e.g. output:**\n\n```\n[\n {\n \"id\": \"FkMJoZcB7muj1aiwb_eQ\",\n \"user\": {\n \"name\": \"C-3PO\",\n \"is_privileged\": true\n },\n \"labels\": {\n \"sources\": [\n \"index\"\n ],\n \"source_indices\": [\n \"tatooine-\"\n ],\n }\n },\n {\n \"id\": \"F0MJoZcB7muj1aiwb_eQ\",\n \"user\": {\n \"name\": \"Chewbacca\", \n \"is_privileged\": true\n },\n \"labels\": {\n \"sources\": [\n \"index\"\n ],\n \"source_indices\": [\n \"tatooine-\"\n ], \n }\n },\n// ... more here \n\n```\n\n## Testing: Removing Stale Users\nThe engine should soft delete users from the internal index if they no\nlonger appear in the synced sources - e.g. label as\nmonitoring.privileged_users: \"not_monitored\"\n**Example:**\n\n- Delete users in index: \n```\nPOST tatooine-/_delete_by_query\n{\n \"query\": {\n \"terms\": {\n \"user.name\": [\"Chewbacca\", \"Han Solo\"]\n }\n }\n}\n\n```\n- re-run engine init\n\n```\nPOST kbn:/api/entity_analytics/monitoring/engine/init\n{}\n```\n-Fetch the updated user list: \n\n```\nGET kbn:/api/entity_analytics/monitoring/users/list\n```\nYou should now only see both Chewbacca and Han Solo are no longer\nprivileged:\n```\n// ..\n{\n \"id\": \"GUMJoZcB7muj1aiwb_eQ\",\n \"user\": {\n \"name\": \"Han Solo\"\n \"is_privileged\": false \n },\n \"labels\": {\n \"sources\": [],\n \"source_indices\": [],\n }\n }\n]\n```\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"e26d309535c1c5c1ebe1b6111e4438e08b065a7f","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Entity Analytics","backport:version","v9.1.0","v9.2.0"],"title":"[Entity Analytics][Privmon] Use default UUIDs for monitoring source saved objects","number":227420,"url":"https://github.com/elastic/kibana/pull/227420","mergeCommit":{"message":"[Entity Analytics][Privmon] Use default UUIDs for monitoring source saved objects (elastic#227420)\n\n## Summary\n\nrevert to using the default UUID generation for monitoring data source\nsaved objects and remove any reference to temp-id. Previously we were\ngenerating the ID using the integration name or index name and the\nnamespace, and also overriding this with temp-id.\n\n- remove temp-id refs\n- add ID param to the get and update routes URL\n- Remove the behaviour where the create API will update if the source\nalready exists\n\n## Testing\n\nSteps Taken from\n[elastic#221610](https://github.com/elastic/kibana/pull/221610)\n- Pull branch into local machine\n- Security experimental flag enable: 'privilegeMonitoringEnabled'\n- Start up ElasticSearch and Kibana\n\n**1. Optional - create the default index, this should just skip if you\ndon't make it.**\n\n```\nPOST entity_analytics.privileged_monitoring/_doc\n{\n \"user\": {\n \"name\": \"default name\"\n }\n}\n```\n\n**2. Create test index/ indicies**\n\n```\nPUT /tatooine-\n{\n \"mappings\": {\n \"properties\": {\n \"user\": {\n \"properties\": {\n \"name\": {\n \"type\": \"keyword\",\n \"fields\": {\n \"text\": {\n \"type\": \"text\"\n }\n }\n }\n }\n }\n }\n }\n}\n\n```\n```\nPOST tatooine-/_bulk\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Luke Skywalker\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Leia Organa\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Han Solo\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Chewbacca\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Obi-Wan Kenobi\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Yoda\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"R2-D2\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"C-3PO\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Darth Vader\" } }\n\n``` \n**3. Register Monitoring Entity Source Saved Objects**\n```\nPOST kbn:/api/entity_analytics/monitoring/entity_source\n{\n \"type\": \"index\",\n \"name\": \"StarWars\",\n \"managed\": true,\n \"indexPattern\": \"tatooine-\",\n \"enabled\": true,\n \"matchers\": [\n {\n \"fields\": [\"user.role\"],\n \"values\": [\"admin\"]\n }\n ],\n \"filter\": {}\n}\n\n``` \n**- OPTIONAL: You can check what is in the monitoring entity_source\nSO:**\n\n``` \nGET kbn:/api/entity_analytics/monitoring/entity_source/list\n``` \n**4. Initialise monitoring engine:** \n```\nPOST kbn:/api/entity_analytics/monitoring/engine/init {}\n``` \n\n**5. Verify Users in Monitoring Index**\n- Check the list of synced user, should include: \n- - The created users\n- - The default user (if you created it)\n\n```\nGET kbn:/api/entity_analytics/monitoring/users/list\n``` \n\n**e.g. output:**\n\n```\n[\n {\n \"id\": \"FkMJoZcB7muj1aiwb_eQ\",\n \"user\": {\n \"name\": \"C-3PO\",\n \"is_privileged\": true\n },\n \"labels\": {\n \"sources\": [\n \"index\"\n ],\n \"source_indices\": [\n \"tatooine-\"\n ],\n }\n },\n {\n \"id\": \"F0MJoZcB7muj1aiwb_eQ\",\n \"user\": {\n \"name\": \"Chewbacca\", \n \"is_privileged\": true\n },\n \"labels\": {\n \"sources\": [\n \"index\"\n ],\n \"source_indices\": [\n \"tatooine-\"\n ], \n }\n },\n// ... more here \n\n```\n\n## Testing: Removing Stale Users\nThe engine should soft delete users from the internal index if they no\nlonger appear in the synced sources - e.g. label as\nmonitoring.privileged_users: \"not_monitored\"\n**Example:**\n\n- Delete users in index: \n```\nPOST tatooine-/_delete_by_query\n{\n \"query\": {\n \"terms\": {\n \"user.name\": [\"Chewbacca\", \"Han Solo\"]\n }\n }\n}\n\n```\n- re-run engine init\n\n```\nPOST kbn:/api/entity_analytics/monitoring/engine/init\n{}\n```\n-Fetch the updated user list: \n\n```\nGET kbn:/api/entity_analytics/monitoring/users/list\n```\nYou should now only see both Chewbacca and Han Solo are no longer\nprivileged:\n```\n// ..\n{\n \"id\": \"GUMJoZcB7muj1aiwb_eQ\",\n \"user\": {\n \"name\": \"Han Solo\"\n \"is_privileged\": false \n },\n \"labels\": {\n \"sources\": [],\n \"source_indices\": [],\n }\n }\n]\n```\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"e26d309535c1c5c1ebe1b6111e4438e08b065a7f"}},"sourceBranch":"main","suggestedTargetBranches":["9.1"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227420","number":227420,"mergeCommit":{"message":"[Entity Analytics][Privmon] Use default UUIDs for monitoring source saved objects (elastic#227420)\n\n## Summary\n\nrevert to using the default UUID generation for monitoring data source\nsaved objects and remove any reference to temp-id. Previously we were\ngenerating the ID using the integration name or index name and the\nnamespace, and also overriding this with temp-id.\n\n- remove temp-id refs\n- add ID param to the get and update routes URL\n- Remove the behaviour where the create API will update if the source\nalready exists\n\n## Testing\n\nSteps Taken from\n[elastic#221610](https://github.com/elastic/kibana/pull/221610)\n- Pull branch into local machine\n- Security experimental flag enable: 'privilegeMonitoringEnabled'\n- Start up ElasticSearch and Kibana\n\n**1. Optional - create the default index, this should just skip if you\ndon't make it.**\n\n```\nPOST entity_analytics.privileged_monitoring/_doc\n{\n \"user\": {\n \"name\": \"default name\"\n }\n}\n```\n\n**2. Create test index/ indicies**\n\n```\nPUT /tatooine-\n{\n \"mappings\": {\n \"properties\": {\n \"user\": {\n \"properties\": {\n \"name\": {\n \"type\": \"keyword\",\n \"fields\": {\n \"text\": {\n \"type\": \"text\"\n }\n }\n }\n }\n }\n }\n }\n}\n\n```\n```\nPOST tatooine-/_bulk\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Luke Skywalker\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Leia Organa\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Han Solo\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Chewbacca\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Obi-Wan Kenobi\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Yoda\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"R2-D2\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"C-3PO\" } }\n{ \"index\": {} }\n{ \"user\": { \"name\": \"Darth Vader\" } }\n\n``` \n**3. Register Monitoring Entity Source Saved Objects**\n```\nPOST kbn:/api/entity_analytics/monitoring/entity_source\n{\n \"type\": \"index\",\n \"name\": \"StarWars\",\n \"managed\": true,\n \"indexPattern\": \"tatooine-\",\n \"enabled\": true,\n \"matchers\": [\n {\n \"fields\": [\"user.role\"],\n \"values\": [\"admin\"]\n }\n ],\n \"filter\": {}\n}\n\n``` \n**- OPTIONAL: You can check what is in the monitoring entity_source\nSO:**\n\n``` \nGET kbn:/api/entity_analytics/monitoring/entity_source/list\n``` \n**4. Initialise monitoring engine:** \n```\nPOST kbn:/api/entity_analytics/monitoring/engine/init {}\n``` \n\n**5. Verify Users in Monitoring Index**\n- Check the list of synced user, should include: \n- - The created users\n- - The default user (if you created it)\n\n```\nGET kbn:/api/entity_analytics/monitoring/users/list\n``` \n\n**e.g. output:**\n\n```\n[\n {\n \"id\": \"FkMJoZcB7muj1aiwb_eQ\",\n \"user\": {\n \"name\": \"C-3PO\",\n \"is_privileged\": true\n },\n \"labels\": {\n \"sources\": [\n \"index\"\n ],\n \"source_indices\": [\n \"tatooine-\"\n ],\n }\n },\n {\n \"id\": \"F0MJoZcB7muj1aiwb_eQ\",\n \"user\": {\n \"name\": \"Chewbacca\", \n \"is_privileged\": true\n },\n \"labels\": {\n \"sources\": [\n \"index\"\n ],\n \"source_indices\": [\n \"tatooine-\"\n ], \n }\n },\n// ... more here \n\n```\n\n## Testing: Removing Stale Users\nThe engine should soft delete users from the internal index if they no\nlonger appear in the synced sources - e.g. label as\nmonitoring.privileged_users: \"not_monitored\"\n**Example:**\n\n- Delete users in index: \n```\nPOST tatooine-/_delete_by_query\n{\n \"query\": {\n \"terms\": {\n \"user.name\": [\"Chewbacca\", \"Han Solo\"]\n }\n }\n}\n\n```\n- re-run engine init\n\n```\nPOST kbn:/api/entity_analytics/monitoring/engine/init\n{}\n```\n-Fetch the updated user list: \n\n```\nGET kbn:/api/entity_analytics/monitoring/users/list\n```\nYou should now only see both Chewbacca and Han Solo are no longer\nprivileged:\n```\n// ..\n{\n \"id\": \"GUMJoZcB7muj1aiwb_eQ\",\n \"user\": {\n \"name\": \"Han Solo\"\n \"is_privileged\": false \n },\n \"labels\": {\n \"sources\": [],\n \"source_indices\": [],\n }\n }\n]\n```\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"e26d309535c1c5c1ebe1b6111e4438e08b065a7f"}}]}] BACKPORT--> Co-authored-by: Mark Hopkin <mark.hopkin@elastic.co>
…227712) # Backport This will backport the following commits from `main` to `9.1`: - [Unskip input_controls_vis test suite (elastic#227542)](elastic#227542) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Nick Peihl","email":"nick.peihl@elastic.co"},"sourceCommit":{"committedDate":"2025-07-11T19:25:01Z","message":"Unskip input_controls_vis test suite (elastic#227542)\n\n[Flaky test runner x\n200](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8603)\n\nFixes elastic#225165\n\n## Summary\n\nUnskip input_controls_vis test suite.\n\nThe failure did not re-occur in 200 flaky tests after only unskipping\nthe test in 6f48e39.\n\nHowever, logs during failures are indicating that the `osx` option could\nnot be found. Since we clear the previous selection right before setting\nthe `osx` option, it might be possible that the events following the\nclear are not always completely resolved before we try to set a new\noption. So this adds a `waitFor` check to ensure the input control is\nactually clear before we set a new option.","sha":"dd99dfa38ad9395c39a05b7fcbfd56df00d4608f","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Presentation","release_note:skip","backport:all-open","v9.2.0"],"title":"Unskip input_controls_vis test suite","number":227542,"url":"https://github.com/elastic/kibana/pull/227542","mergeCommit":{"message":"Unskip input_controls_vis test suite (elastic#227542)\n\n[Flaky test runner x\n200](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8603)\n\nFixes elastic#225165\n\n## Summary\n\nUnskip input_controls_vis test suite.\n\nThe failure did not re-occur in 200 flaky tests after only unskipping\nthe test in 6f48e39.\n\nHowever, logs during failures are indicating that the `osx` option could\nnot be found. Since we clear the previous selection right before setting\nthe `osx` option, it might be possible that the events following the\nclear are not always completely resolved before we try to set a new\noption. So this adds a `waitFor` check to ensure the input control is\nactually clear before we set a new option.","sha":"dd99dfa38ad9395c39a05b7fcbfd56df00d4608f"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227542","number":227542,"mergeCommit":{"message":"Unskip input_controls_vis test suite (elastic#227542)\n\n[Flaky test runner x\n200](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8603)\n\nFixes elastic#225165\n\n## Summary\n\nUnskip input_controls_vis test suite.\n\nThe failure did not re-occur in 200 flaky tests after only unskipping\nthe test in 6f48e39.\n\nHowever, logs during failures are indicating that the `osx` option could\nnot be found. Since we clear the previous selection right before setting\nthe `osx` option, it might be possible that the events following the\nclear are not always completely resolved before we try to set a new\noption. So this adds a `waitFor` check to ensure the input control is\nactually clear before we set a new option.","sha":"dd99dfa38ad9395c39a05b7fcbfd56df00d4608f"}}]}] BACKPORT--> Co-authored-by: Nick Peihl <nick.peihl@elastic.co>
…CSPM benchmark dashboard's (elastic#225692) (elastic#227706) # Backport This will backport the following commits from `main` to `9.1`: - [[Cloud Security] Refactor hard coded Findings filter fields in CSPM benchmark dashboard's (elastic#225692)](elastic#225692) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"seanrathier","email":"sean.rathier@gmail.com"},"sourceCommit":{"committedDate":"2025-07-11T19:17:23Z","message":"[Cloud Security] Refactor hard coded Findings filter fields in CSPM benchmark dashboard's (elastic#225692)","sha":"e8d9e525dd4c8dea82c80b242dd075c02914a2fd","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Cloud Security","ci:project-deploy-security","backport:version","v9.1.0","v9.2.0"],"title":"[Cloud Security] Refactor hard coded Findings filter fields in CSPM benchmark dashboard's","number":225692,"url":"https://github.com/elastic/kibana/pull/225692","mergeCommit":{"message":"[Cloud Security] Refactor hard coded Findings filter fields in CSPM benchmark dashboard's (elastic#225692)","sha":"e8d9e525dd4c8dea82c80b242dd075c02914a2fd"}},"sourceBranch":"main","suggestedTargetBranches":["9.1"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/225692","number":225692,"mergeCommit":{"message":"[Cloud Security] Refactor hard coded Findings filter fields in CSPM benchmark dashboard's (elastic#225692)","sha":"e8d9e525dd4c8dea82c80b242dd075c02914a2fd"}}]}] BACKPORT--> Co-authored-by: seanrathier <sean.rathier@gmail.com>
…verseStream` subaction (elastic#227531) (elastic#227715) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Assistant] Implements token tracking for Bedrock `converseStream` subaction (elastic#227531)](elastic#227531) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Steph Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2025-07-11T19:36:24Z","message":"[Security Assistant] Implements token tracking for Bedrock `converseStream` subaction (elastic#227531)","sha":"9c94d070d7a4e99063b60e6ebe9dc35ca6b4eb0f","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team: SecuritySolution","Team:Security Generative AI","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Security Assistant] Implements token tracking for Bedrock `converseStream` subaction","number":227531,"url":"https://github.com/elastic/kibana/pull/227531","mergeCommit":{"message":"[Security Assistant] Implements token tracking for Bedrock `converseStream` subaction (elastic#227531)","sha":"9c94d070d7a4e99063b60e6ebe9dc35ca6b4eb0f"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227531","number":227531,"mergeCommit":{"message":"[Security Assistant] Implements token tracking for Bedrock `converseStream` subaction (elastic#227531)","sha":"9c94d070d7a4e99063b60e6ebe9dc35ca6b4eb0f"}}]}] BACKPORT--> Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
…#227719) # Backport This will backport the following commits from `main` to `9.1`: - [[Content Connectors] Fixed docs links (elastic#227130)](elastic#227130) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Yuliia Naumenko","email":"jo.naumenko@gmail.com"},"sourceCommit":{"committedDate":"2025-07-11T20:11:58Z","message":"[Content Connectors] Fixed docs links (elastic#227130)\n\nFixed bug with missing documentation links:\n\n\nhttps://github.com/user-attachments/assets/9dabe967-f667-4fd7-b6ee-7b36c39be2b8","sha":"ccc4e6f870f8c19accb9ac4dfbd645a8063aa39f","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","backport:prev-minor","ci:build-cloud-image","ci:cloud-deploy","ci:cloud-redeploy","ci:build-serverless-image","ci:project-deploy-security","v9.1.0","ci:project-deploy-ai4soc","v9.2.0"],"title":"[Content Connectors] Fixed docs links","number":227130,"url":"https://github.com/elastic/kibana/pull/227130","mergeCommit":{"message":"[Content Connectors] Fixed docs links (elastic#227130)\n\nFixed bug with missing documentation links:\n\n\nhttps://github.com/user-attachments/assets/9dabe967-f667-4fd7-b6ee-7b36c39be2b8","sha":"ccc4e6f870f8c19accb9ac4dfbd645a8063aa39f"}},"sourceBranch":"main","suggestedTargetBranches":["9.1"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227130","number":227130,"mergeCommit":{"message":"[Content Connectors] Fixed docs links (elastic#227130)\n\nFixed bug with missing documentation links:\n\n\nhttps://github.com/user-attachments/assets/9dabe967-f667-4fd7-b6ee-7b36c39be2b8","sha":"ccc4e6f870f8c19accb9ac4dfbd645a8063aa39f"}}]}] BACKPORT--> Co-authored-by: Yuliia Naumenko <jo.naumenko@gmail.com>
…the user to update the `kibana.alert.workflow_status` of alerts (elastic#227326) (elastic#227721) # Backport This will backport the following commits from `main` to `9.1`: - [[AI4DSOC] [Attack discovery] In AI4DSOC projects, don't prompt the user to update the `kibana.alert.workflow_status` of alerts (elastic#227326)](elastic#227326) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Andrew Macri","email":"andrew.macri@elastic.co"},"sourceCommit":{"committedDate":"2025-07-11T20:16:59Z","message":"[AI4DSOC] [Attack discovery] In AI4DSOC projects, don't prompt the user to update the `kibana.alert.workflow_status` of alerts (elastic#227326)\n\n## [AI4DSOC] [Attack discovery] In AI4DSOC projects, don't prompt the user to update the `kibana.alert.workflow_status` of alerts\n\nThis PR updates Attack discovery for AI4DSOC projects, such that it does NOT prompt the user with a modal to [optionally update the kibana.alert.workflow_status of alerts associated with Attack discoveries](elastic#225029), as illustrated by the animated gif below:\n\n\n\n_Above: AI4DSOC: The modal is NOT displayed, and the associated alerts are NOT updated_\n\nThe animated gif above illustrates that in AI4DSOC projects:\n\n- The modal prompting the user to update the `kibana.alert.workflow_status` of alerts is NOT displayed\n- Only the workflow status of the Attack discovery is updated\n\n### All other serverless projects\n\nAll other (non-AI4DSOC) serverless projects display the modal, and optionally update the workflow status of the alerts, as illustrated by the animated gif below:\n\n\n\n_Above: All other serverless projects: The modal is displayed, and the associated alerts are updated_\n\nThe animated gif above illustrates that for all other serverless projects:\n\n- The modal prompting the user to update the `kibana.alert.workflow_status` of alerts is displayed\n- The workflow status of the Attack discovery is (optionally) updated\n\n### Elastic Cloud and self manged\n\nElastic Cloud and self manged deployments display the modal, and optionally update the workflow status of the alerts, as illustrated by the animated gif below:\n\n\n\n_Above: Self managed: The modal is displayed, and the associated alerts are updated_\n\nThe animated gif above illustrates that for Elastic cloud and self manged:\n\n- The modal prompting the user to update the `kibana.alert.workflow_status` of alerts is displayed\n- The workflow status of the Attack discovery is (optionally) updated\n\n### Feature flags\n\nEnable the required and recommended `assistantAttackDiscoverySchedulingEnabled` features flag in `config/kibana.dev.yml`:\n\n```yaml\nfeature_flags.overrides:\n securitySolution.attackDiscoveryAlertsEnabled: true\n securitySolution.assistantAttackDiscoverySchedulingEnabled: true\n```\n\n### AI4DSOC\n\n- To test with an AI4DSOC project, add the following setting to `config/serverless.security.dev.yaml`:\n\n```yaml\nxpack.securitySolutionServerless.productTypes:\n[\n { product_line: 'ai_soc', product_tier: 'search_ai_lake' },\n]\n```\n\n### Desk testing\n\n1) Navigate to Security > Attack discovery\n\n2) Click `Generate` to generate attack discoveries\n\n3) Click the `Take action` dropdown on an Attack discovery\n\n4) Click `Mark as acknowledged`\n\n**Expected result**\n\nThe modal is displayed, and alerts are (optionally) updated for the deployment, for the deployment-type in the table below:\n\n| Deployment | Modal displayed | Alerts (optionally) updated |\n|-------------------------------|-----------------|-----------------------------|\n| AI4DSOC | ❌ | ❌ |\n| All other serverless projects | ✅ | ✅ |\n| Elastic Cloud and self manged | ✅ | ✅ |\n\n5) Select (at least) 2 discoveries via their checkboxes\n\n6) Click the `Selected 2 Attack discoveries` popover menu\n\n7) Click `Mark as closed` from the popover menu\n\n**Expected result**\n\nOnce again, the modal is displayed, and alerts are (optionally) updated for the deployment, for the deployment-type in the table below:\n\n| Deployment | Modal displayed | Alerts (optionally) updated |\n|-------------------------------|-----------------|-----------------------------|\n| AI4DSOC | ❌ | ❌ |\n| All other serverless projects | ✅ | ✅ |\n| Elastic Cloud and self manged | ✅ | ✅ |","sha":"a4aa6a04c3db7d793e334fd1b38273cfca141c09","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team: SecuritySolution","Team:Security Generative AI","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[AI4DSOC] [Attack discovery] In AI4DSOC projects, don't prompt the user to update the `kibana.alert.workflow_status` of alerts","number":227326,"url":"https://github.com/elastic/kibana/pull/227326","mergeCommit":{"message":"[AI4DSOC] [Attack discovery] In AI4DSOC projects, don't prompt the user to update the `kibana.alert.workflow_status` of alerts (elastic#227326)\n\n## [AI4DSOC] [Attack discovery] In AI4DSOC projects, don't prompt the user to update the `kibana.alert.workflow_status` of alerts\n\nThis PR updates Attack discovery for AI4DSOC projects, such that it does NOT prompt the user with a modal to [optionally update the kibana.alert.workflow_status of alerts associated with Attack discoveries](elastic#225029), as illustrated by the animated gif below:\n\n\n\n_Above: AI4DSOC: The modal is NOT displayed, and the associated alerts are NOT updated_\n\nThe animated gif above illustrates that in AI4DSOC projects:\n\n- The modal prompting the user to update the `kibana.alert.workflow_status` of alerts is NOT displayed\n- Only the workflow status of the Attack discovery is updated\n\n### All other serverless projects\n\nAll other (non-AI4DSOC) serverless projects display the modal, and optionally update the workflow status of the alerts, as illustrated by the animated gif below:\n\n\n\n_Above: All other serverless projects: The modal is displayed, and the associated alerts are updated_\n\nThe animated gif above illustrates that for all other serverless projects:\n\n- The modal prompting the user to update the `kibana.alert.workflow_status` of alerts is displayed\n- The workflow status of the Attack discovery is (optionally) updated\n\n### Elastic Cloud and self manged\n\nElastic Cloud and self manged deployments display the modal, and optionally update the workflow status of the alerts, as illustrated by the animated gif below:\n\n\n\n_Above: Self managed: The modal is displayed, and the associated alerts are updated_\n\nThe animated gif above illustrates that for Elastic cloud and self manged:\n\n- The modal prompting the user to update the `kibana.alert.workflow_status` of alerts is displayed\n- The workflow status of the Attack discovery is (optionally) updated\n\n### Feature flags\n\nEnable the required and recommended `assistantAttackDiscoverySchedulingEnabled` features flag in `config/kibana.dev.yml`:\n\n```yaml\nfeature_flags.overrides:\n securitySolution.attackDiscoveryAlertsEnabled: true\n securitySolution.assistantAttackDiscoverySchedulingEnabled: true\n```\n\n### AI4DSOC\n\n- To test with an AI4DSOC project, add the following setting to `config/serverless.security.dev.yaml`:\n\n```yaml\nxpack.securitySolutionServerless.productTypes:\n[\n { product_line: 'ai_soc', product_tier: 'search_ai_lake' },\n]\n```\n\n### Desk testing\n\n1) Navigate to Security > Attack discovery\n\n2) Click `Generate` to generate attack discoveries\n\n3) Click the `Take action` dropdown on an Attack discovery\n\n4) Click `Mark as acknowledged`\n\n**Expected result**\n\nThe modal is displayed, and alerts are (optionally) updated for the deployment, for the deployment-type in the table below:\n\n| Deployment | Modal displayed | Alerts (optionally) updated |\n|-------------------------------|-----------------|-----------------------------|\n| AI4DSOC | ❌ | ❌ |\n| All other serverless projects | ✅ | ✅ |\n| Elastic Cloud and self manged | ✅ | ✅ |\n\n5) Select (at least) 2 discoveries via their checkboxes\n\n6) Click the `Selected 2 Attack discoveries` popover menu\n\n7) Click `Mark as closed` from the popover menu\n\n**Expected result**\n\nOnce again, the modal is displayed, and alerts are (optionally) updated for the deployment, for the deployment-type in the table below:\n\n| Deployment | Modal displayed | Alerts (optionally) updated |\n|-------------------------------|-----------------|-----------------------------|\n| AI4DSOC | ❌ | ❌ |\n| All other serverless projects | ✅ | ✅ |\n| Elastic Cloud and self manged | ✅ | ✅ |","sha":"a4aa6a04c3db7d793e334fd1b38273cfca141c09"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227326","number":227326,"mergeCommit":{"message":"[AI4DSOC] [Attack discovery] In AI4DSOC projects, don't prompt the user to update the `kibana.alert.workflow_status` of alerts (elastic#227326)\n\n## [AI4DSOC] [Attack discovery] In AI4DSOC projects, don't prompt the user to update the `kibana.alert.workflow_status` of alerts\n\nThis PR updates Attack discovery for AI4DSOC projects, such that it does NOT prompt the user with a modal to [optionally update the kibana.alert.workflow_status of alerts associated with Attack discoveries](elastic#225029), as illustrated by the animated gif below:\n\n\n\n_Above: AI4DSOC: The modal is NOT displayed, and the associated alerts are NOT updated_\n\nThe animated gif above illustrates that in AI4DSOC projects:\n\n- The modal prompting the user to update the `kibana.alert.workflow_status` of alerts is NOT displayed\n- Only the workflow status of the Attack discovery is updated\n\n### All other serverless projects\n\nAll other (non-AI4DSOC) serverless projects display the modal, and optionally update the workflow status of the alerts, as illustrated by the animated gif below:\n\n\n\n_Above: All other serverless projects: The modal is displayed, and the associated alerts are updated_\n\nThe animated gif above illustrates that for all other serverless projects:\n\n- The modal prompting the user to update the `kibana.alert.workflow_status` of alerts is displayed\n- The workflow status of the Attack discovery is (optionally) updated\n\n### Elastic Cloud and self manged\n\nElastic Cloud and self manged deployments display the modal, and optionally update the workflow status of the alerts, as illustrated by the animated gif below:\n\n\n\n_Above: Self managed: The modal is displayed, and the associated alerts are updated_\n\nThe animated gif above illustrates that for Elastic cloud and self manged:\n\n- The modal prompting the user to update the `kibana.alert.workflow_status` of alerts is displayed\n- The workflow status of the Attack discovery is (optionally) updated\n\n### Feature flags\n\nEnable the required and recommended `assistantAttackDiscoverySchedulingEnabled` features flag in `config/kibana.dev.yml`:\n\n```yaml\nfeature_flags.overrides:\n securitySolution.attackDiscoveryAlertsEnabled: true\n securitySolution.assistantAttackDiscoverySchedulingEnabled: true\n```\n\n### AI4DSOC\n\n- To test with an AI4DSOC project, add the following setting to `config/serverless.security.dev.yaml`:\n\n```yaml\nxpack.securitySolutionServerless.productTypes:\n[\n { product_line: 'ai_soc', product_tier: 'search_ai_lake' },\n]\n```\n\n### Desk testing\n\n1) Navigate to Security > Attack discovery\n\n2) Click `Generate` to generate attack discoveries\n\n3) Click the `Take action` dropdown on an Attack discovery\n\n4) Click `Mark as acknowledged`\n\n**Expected result**\n\nThe modal is displayed, and alerts are (optionally) updated for the deployment, for the deployment-type in the table below:\n\n| Deployment | Modal displayed | Alerts (optionally) updated |\n|-------------------------------|-----------------|-----------------------------|\n| AI4DSOC | ❌ | ❌ |\n| All other serverless projects | ✅ | ✅ |\n| Elastic Cloud and self manged | ✅ | ✅ |\n\n5) Select (at least) 2 discoveries via their checkboxes\n\n6) Click the `Selected 2 Attack discoveries` popover menu\n\n7) Click `Mark as closed` from the popover menu\n\n**Expected result**\n\nOnce again, the modal is displayed, and alerts are (optionally) updated for the deployment, for the deployment-type in the table below:\n\n| Deployment | Modal displayed | Alerts (optionally) updated |\n|-------------------------------|-----------------|-----------------------------|\n| AI4DSOC | ❌ | ❌ |\n| All other serverless projects | ✅ | ✅ |\n| Elastic Cloud and self manged | ✅ | ✅ |","sha":"a4aa6a04c3db7d793e334fd1b38273cfca141c09"}}]}] BACKPORT--> Co-authored-by: Andrew Macri <andrew.macri@elastic.co>
…astic#227723) # Backport This will backport the following commits from `main` to `9.1`: - [[Inference] regex worker for anonymization (elastic#227113)](elastic#227113) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Sandra G","email":"neptunian@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-11T20:52:28Z","message":"[Inference] regex worker for anonymization (elastic#227113)\n\n## Summary\n\nFollowup to https://github.com/elastic/kibana/pull/225539\n\nAdds an anonymization-regex worker pool to run user-defined regex\npatterns out-of-process, protecting the Node event-loop from\ncatastrophic back-tracking.\n\nFor internal use we have config to adjust or turn off the worker:\n• `enabled` – turn worker on/off\n• `minThreads` / `maxThreads` – worker size\n• `idleTimeout` – how long a worker thread is allowed to be idle\n• `taskTimeout` – per-regex task limit\n\nContributions by windsurf(o3).","sha":"1b9063a61e2deaa56fae1f89cfce020a99f733d5","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Obs AI Assistant","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Inference] regex worker for anonymization","number":227113,"url":"https://github.com/elastic/kibana/pull/227113","mergeCommit":{"message":"[Inference] regex worker for anonymization (elastic#227113)\n\n## Summary\n\nFollowup to https://github.com/elastic/kibana/pull/225539\n\nAdds an anonymization-regex worker pool to run user-defined regex\npatterns out-of-process, protecting the Node event-loop from\ncatastrophic back-tracking.\n\nFor internal use we have config to adjust or turn off the worker:\n• `enabled` – turn worker on/off\n• `minThreads` / `maxThreads` – worker size\n• `idleTimeout` – how long a worker thread is allowed to be idle\n• `taskTimeout` – per-regex task limit\n\nContributions by windsurf(o3).","sha":"1b9063a61e2deaa56fae1f89cfce020a99f733d5"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227113","number":227113,"mergeCommit":{"message":"[Inference] regex worker for anonymization (elastic#227113)\n\n## Summary\n\nFollowup to https://github.com/elastic/kibana/pull/225539\n\nAdds an anonymization-regex worker pool to run user-defined regex\npatterns out-of-process, protecting the Node event-loop from\ncatastrophic back-tracking.\n\nFor internal use we have config to adjust or turn off the worker:\n• `enabled` – turn worker on/off\n• `minThreads` / `maxThreads` – worker size\n• `idleTimeout` – how long a worker thread is allowed to be idle\n• `taskTimeout` – per-regex task limit\n\nContributions by windsurf(o3).","sha":"1b9063a61e2deaa56fae1f89cfce020a99f733d5"}}]}] BACKPORT--> Co-authored-by: Sandra G <neptunian@users.noreply.github.com>
…elastic#227562) (elastic#227729) # Backport This will backport the following commits from `main` to `9.1`: - [[Discover][APM] Fix inconsistent font size when APM is disabled (elastic#227562)](elastic#227562) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Nathan L Smith","email":"nathan.smith@elastic.co"},"sourceCommit":{"committedDate":"2025-07-11T22:00:03Z","message":"[Discover][APM] Fix inconsistent font size when APM is disabled (elastic#227562)\n\nWhen you're viewing a span or transaction and APM is disabled, for some\nfields it shows the same information but not as a link.\n\nIt also makes the font size of those field values larger. This change\nmakes it so they are the same size:\n\n## Before\n\n| APM On | APM Off |\n| :----------: | :----------: |\n|<img width=\"1068\" height=\"1214\" alt=\"CleanShot 2025-07-10 at 23 55\n26@2x\"\nsrc=\"https://github.com/user-attachments/assets/f0b6f9a9-b5bd-4858-9913-cf5fed94269c\"\n/> | <img width=\"1158\" height=\"1206\" alt=\"CleanShot 2025-07-10 at 23 55\n59@2x\"\nsrc=\"https://github.com/user-attachments/assets/26fed55b-1cc6-42ab-b46e-f44a7e784800\"\n/> |\n\n## After\n\n\n| APM On | APM Off |\n| :----------: | :----------: |\n|<img width=\"1108\" height=\"1220\" alt=\"CleanShot 2025-07-10 at 23 56\n58@2x\"\nsrc=\"https://github.com/user-attachments/assets/46b353a2-8ac9-483e-8670-cb485ecda4ce\"\n/>| <img width=\"1146\" height=\"1232\" alt=\"CleanShot 2025-07-10 at 23 57\n24@2x\"\nsrc=\"https://github.com/user-attachments/assets/66c3970a-d7d4-4a30-8d08-0582a67165ee\"\n/> |\n\nThe service name was changed by using the existing `content` flex group,\nwhile the trace ID uses EuiText component to make itself the same size\nas the EuiLink.","sha":"e9c4b69906ae7c392677b35efa0e752c1bc2570e","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport:all-open","Team:obs-ux-infra_services","v9.2.0"],"title":"[Discover][APM] Fix inconsistent font size when APM is disabled","number":227562,"url":"https://github.com/elastic/kibana/pull/227562","mergeCommit":{"message":"[Discover][APM] Fix inconsistent font size when APM is disabled (elastic#227562)\n\nWhen you're viewing a span or transaction and APM is disabled, for some\nfields it shows the same information but not as a link.\n\nIt also makes the font size of those field values larger. This change\nmakes it so they are the same size:\n\n## Before\n\n| APM On | APM Off |\n| :----------: | :----------: |\n|<img width=\"1068\" height=\"1214\" alt=\"CleanShot 2025-07-10 at 23 55\n26@2x\"\nsrc=\"https://github.com/user-attachments/assets/f0b6f9a9-b5bd-4858-9913-cf5fed94269c\"\n/> | <img width=\"1158\" height=\"1206\" alt=\"CleanShot 2025-07-10 at 23 55\n59@2x\"\nsrc=\"https://github.com/user-attachments/assets/26fed55b-1cc6-42ab-b46e-f44a7e784800\"\n/> |\n\n## After\n\n\n| APM On | APM Off |\n| :----------: | :----------: |\n|<img width=\"1108\" height=\"1220\" alt=\"CleanShot 2025-07-10 at 23 56\n58@2x\"\nsrc=\"https://github.com/user-attachments/assets/46b353a2-8ac9-483e-8670-cb485ecda4ce\"\n/>| <img width=\"1146\" height=\"1232\" alt=\"CleanShot 2025-07-10 at 23 57\n24@2x\"\nsrc=\"https://github.com/user-attachments/assets/66c3970a-d7d4-4a30-8d08-0582a67165ee\"\n/> |\n\nThe service name was changed by using the existing `content` flex group,\nwhile the trace ID uses EuiText component to make itself the same size\nas the EuiLink.","sha":"e9c4b69906ae7c392677b35efa0e752c1bc2570e"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227562","number":227562,"mergeCommit":{"message":"[Discover][APM] Fix inconsistent font size when APM is disabled (elastic#227562)\n\nWhen you're viewing a span or transaction and APM is disabled, for some\nfields it shows the same information but not as a link.\n\nIt also makes the font size of those field values larger. This change\nmakes it so they are the same size:\n\n## Before\n\n| APM On | APM Off |\n| :----------: | :----------: |\n|<img width=\"1068\" height=\"1214\" alt=\"CleanShot 2025-07-10 at 23 55\n26@2x\"\nsrc=\"https://github.com/user-attachments/assets/f0b6f9a9-b5bd-4858-9913-cf5fed94269c\"\n/> | <img width=\"1158\" height=\"1206\" alt=\"CleanShot 2025-07-10 at 23 55\n59@2x\"\nsrc=\"https://github.com/user-attachments/assets/26fed55b-1cc6-42ab-b46e-f44a7e784800\"\n/> |\n\n## After\n\n\n| APM On | APM Off |\n| :----------: | :----------: |\n|<img width=\"1108\" height=\"1220\" alt=\"CleanShot 2025-07-10 at 23 56\n58@2x\"\nsrc=\"https://github.com/user-attachments/assets/46b353a2-8ac9-483e-8670-cb485ecda4ce\"\n/>| <img width=\"1146\" height=\"1232\" alt=\"CleanShot 2025-07-10 at 23 57\n24@2x\"\nsrc=\"https://github.com/user-attachments/assets/66c3970a-d7d4-4a30-8d08-0582a67165ee\"\n/> |\n\nThe service name was changed by using the existing `content` flex group,\nwhile the trace ID uses EuiText component to make itself the same size\nas the EuiLink.","sha":"e9c4b69906ae7c392677b35efa0e752c1bc2570e"}}]}] BACKPORT--> Co-authored-by: Nathan L Smith <nathan.smith@elastic.co>
…tion of Agentless connectors infra service (elastic#227560) (elastic#227725) # Backport This will backport the following commits from `main` to `9.1`: - [[Content Connectors] Fix race condition error for task registration of Agentless connectors infra service (elastic#227560)](elastic#227560) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Yuliia Naumenko","email":"jo.naumenko@gmail.com"},"sourceCommit":{"committedDate":"2025-07-11T21:26:29Z","message":"[Content Connectors] Fix race condition error for task registration of Agentless connectors infra service (elastic#227560)\n\nThis PR fixing Content connectors task failing to schedule with error:\n`Error scheduling search:agentless-connectors-manager-task...`\n\nReplaced plugin setup logic dependent to the start services with the\nfactory.\n\nServerless:\n\n<img width=\"2148\" height=\"962\" alt=\"Screenshot 2025-07-11 at 1 04 05 PM\"\nsrc=\"https://github.com/user-attachments/assets/c5b32502-623f-4590-b959-d62c1dde8933\"\n/>\n\nESS:\n\n<img width=\"1694\" height=\"978\" alt=\"Screenshot 2025-07-11 at 1 06 31 PM\"\nsrc=\"https://github.com/user-attachments/assets/86b0b596-2547-4156-9231-5f8109a5e6be\"\n/>\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"8040842ae2e1962f86ad12b5b5b44106547db02c","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","backport:prev-minor","ci:cloud-deploy","ci:cloud-redeploy","ci:build-serverless-image","ci:project-deploy-security","backport:version","9.1 candidate","v9.1.0","v9.2.0"],"title":"[Content Connectors] Fix race condition error for task registration of Agentless connectors infra service","number":227560,"url":"https://github.com/elastic/kibana/pull/227560","mergeCommit":{"message":"[Content Connectors] Fix race condition error for task registration of Agentless connectors infra service (elastic#227560)\n\nThis PR fixing Content connectors task failing to schedule with error:\n`Error scheduling search:agentless-connectors-manager-task...`\n\nReplaced plugin setup logic dependent to the start services with the\nfactory.\n\nServerless:\n\n<img width=\"2148\" height=\"962\" alt=\"Screenshot 2025-07-11 at 1 04 05 PM\"\nsrc=\"https://github.com/user-attachments/assets/c5b32502-623f-4590-b959-d62c1dde8933\"\n/>\n\nESS:\n\n<img width=\"1694\" height=\"978\" alt=\"Screenshot 2025-07-11 at 1 06 31 PM\"\nsrc=\"https://github.com/user-attachments/assets/86b0b596-2547-4156-9231-5f8109a5e6be\"\n/>\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"8040842ae2e1962f86ad12b5b5b44106547db02c"}},"sourceBranch":"main","suggestedTargetBranches":["9.1"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227560","number":227560,"mergeCommit":{"message":"[Content Connectors] Fix race condition error for task registration of Agentless connectors infra service (elastic#227560)\n\nThis PR fixing Content connectors task failing to schedule with error:\n`Error scheduling search:agentless-connectors-manager-task...`\n\nReplaced plugin setup logic dependent to the start services with the\nfactory.\n\nServerless:\n\n<img width=\"2148\" height=\"962\" alt=\"Screenshot 2025-07-11 at 1 04 05 PM\"\nsrc=\"https://github.com/user-attachments/assets/c5b32502-623f-4590-b959-d62c1dde8933\"\n/>\n\nESS:\n\n<img width=\"1694\" height=\"978\" alt=\"Screenshot 2025-07-11 at 1 06 31 PM\"\nsrc=\"https://github.com/user-attachments/assets/86b0b596-2547-4156-9231-5f8109a5e6be\"\n/>\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"8040842ae2e1962f86ad12b5b5b44106547db02c"}}]}] BACKPORT--> Co-authored-by: Yuliia Naumenko <jo.naumenko@gmail.com>
…lastic#227308) (elastic#227732) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Assistant] Hide Security AI Prompts package from UI (elastic#227308)](elastic#227308) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Steph Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2025-07-11T22:13:48Z","message":"[Security Assistant] Hide Security AI Prompts package from UI (elastic#227308)","sha":"ce8c5bcc1268ce53b431612a9b1ee035c4af39cf","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","Team: SecuritySolution","Team:Security Generative AI","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Security Assistant] Hide Security AI Prompts package from UI","number":227308,"url":"https://github.com/elastic/kibana/pull/227308","mergeCommit":{"message":"[Security Assistant] Hide Security AI Prompts package from UI (elastic#227308)","sha":"ce8c5bcc1268ce53b431612a9b1ee035c4af39cf"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227308","number":227308,"mergeCommit":{"message":"[Security Assistant] Hide Security AI Prompts package from UI (elastic#227308)","sha":"ce8c5bcc1268ce53b431612a9b1ee035c4af39cf"}}]}] BACKPORT--> Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
…#227390) (elastic#227740) # Backport This will backport the following commits from `main` to `9.1`: - [[ResponseOps] Fixes embeddable alerts panel flaky test (elastic#227390)](elastic#227390) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Christos Nasikas","email":"christos.nasikas@elastic.co"},"sourceCommit":{"committedDate":"2025-07-12T10:58:39Z","message":"[ResponseOps] Fixes embeddable alerts panel flaky test (elastic#227390)\n\n## Summary\n\nI changed the code to use API calls to create resources like rules and\ninstall the data sample data instead of using the UI. I also fixed a\nsmall issue with the time range selector that caused the tests to fail.\n\nFixes: https://github.com/elastic/kibana/issues/220807.\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"45db4add3c3365c9538adf35529577462e5baf6d","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[ResponseOps] Fixes embeddable alerts panel flaky test","number":227390,"url":"https://github.com/elastic/kibana/pull/227390","mergeCommit":{"message":"[ResponseOps] Fixes embeddable alerts panel flaky test (elastic#227390)\n\n## Summary\n\nI changed the code to use API calls to create resources like rules and\ninstall the data sample data instead of using the UI. I also fixed a\nsmall issue with the time range selector that caused the tests to fail.\n\nFixes: https://github.com/elastic/kibana/issues/220807.\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"45db4add3c3365c9538adf35529577462e5baf6d"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227390","number":227390,"mergeCommit":{"message":"[ResponseOps] Fixes embeddable alerts panel flaky test (elastic#227390)\n\n## Summary\n\nI changed the code to use API calls to create resources like rules and\ninstall the data sample data instead of using the UI. I also fixed a\nsmall issue with the time range selector that caused the tests to fail.\n\nFixes: https://github.com/elastic/kibana/issues/220807.\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"45db4add3c3365c9538adf35529577462e5baf6d"}}]}] BACKPORT--> Co-authored-by: Christos Nasikas <christos.nasikas@elastic.co>
…c#226592) (elastic#227781) # Backport This will backport the following commits from `main` to `9.1`: - [[Discover] Fix drag & drop when animations are disabled (elastic#226592)](elastic#226592) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Julia Rechkunova","email":"julia.rechkunova@elastic.co"},"sourceCommit":{"committedDate":"2025-07-14T10:04:59Z","message":"[Discover] Fix drag & drop when animations are disabled (elastic#226592)\n\n- Close https://github.com/elastic/kibana/issues/226029\n\n## Summary\n\nThis PR makes sure that drag&drop action finishes correctly.\nWhen testing enable `accessibility:disableAnimations` in Advanced\nSettings, reload the page, and check reordering of grid columns or tabs\nin Discover.","sha":"55144143282c42c42349e87e83351c5a48b43832","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:DataDiscovery","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Discover] Fix drag & drop when animations are disabled","number":226592,"url":"https://github.com/elastic/kibana/pull/226592","mergeCommit":{"message":"[Discover] Fix drag & drop when animations are disabled (elastic#226592)\n\n- Close https://github.com/elastic/kibana/issues/226029\n\n## Summary\n\nThis PR makes sure that drag&drop action finishes correctly.\nWhen testing enable `accessibility:disableAnimations` in Advanced\nSettings, reload the page, and check reordering of grid columns or tabs\nin Discover.","sha":"55144143282c42c42349e87e83351c5a48b43832"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226592","number":226592,"mergeCommit":{"message":"[Discover] Fix drag & drop when animations are disabled (elastic#226592)\n\n- Close https://github.com/elastic/kibana/issues/226029\n\n## Summary\n\nThis PR makes sure that drag&drop action finishes correctly.\nWhen testing enable `accessibility:disableAnimations` in Advanced\nSettings, reload the page, and check reordering of grid columns or tabs\nin Discover.","sha":"55144143282c42c42349e87e83351c5a48b43832"}}]}] BACKPORT--> Co-authored-by: Julia Rechkunova <julia.rechkunova@elastic.co>
…#227801) # Backport This will backport the following commits from `main` to `9.1`: - [Dev Console: add simplified retriever (elastic#227444)](elastic#227444) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Mridula","email":"mridula.s@elastic.co"},"sourceCommit":{"committedDate":"2025-07-14T11:31:10Z","message":"Dev Console: add simplified retriever (elastic#227444)\n\n## Summary\n\nThis PR updates the Dev Console autocomplete for simplified retrievers\nin the retriever spec.\n\n**Screenshot:** \n_Please see attached screenshot showing `simplified retriever options`\nin the autocomplete suggestions._\n\n<img width=\"721\" height=\"479\" alt=\"Screenshot 2025-07-10 at 14 06 24\"\nsrc=\"https://github.com/user-attachments/assets/e9440eb0-7dec-413a-bd7b-838ce2d50f35\"\n/>\n<img width=\"508\" height=\"406\" alt=\"Screenshot 2025-07-10 at 14 19 31\"\nsrc=\"https://github.com/user-attachments/assets/a474add1-fc9d-4e38-bdcd-36379c8f55ea\"\n/>\n\n\n\n\n\n\n\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"c60505c9d9d5e6adc314299eeaef0fbc1418c97f","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["non-issue","release_note:skip","Team:Search","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"Dev Console: add simplified retriever","number":227444,"url":"https://github.com/elastic/kibana/pull/227444","mergeCommit":{"message":"Dev Console: add simplified retriever (elastic#227444)\n\n## Summary\n\nThis PR updates the Dev Console autocomplete for simplified retrievers\nin the retriever spec.\n\n**Screenshot:** \n_Please see attached screenshot showing `simplified retriever options`\nin the autocomplete suggestions._\n\n<img width=\"721\" height=\"479\" alt=\"Screenshot 2025-07-10 at 14 06 24\"\nsrc=\"https://github.com/user-attachments/assets/e9440eb0-7dec-413a-bd7b-838ce2d50f35\"\n/>\n<img width=\"508\" height=\"406\" alt=\"Screenshot 2025-07-10 at 14 19 31\"\nsrc=\"https://github.com/user-attachments/assets/a474add1-fc9d-4e38-bdcd-36379c8f55ea\"\n/>\n\n\n\n\n\n\n\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"c60505c9d9d5e6adc314299eeaef0fbc1418c97f"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227444","number":227444,"mergeCommit":{"message":"Dev Console: add simplified retriever (elastic#227444)\n\n## Summary\n\nThis PR updates the Dev Console autocomplete for simplified retrievers\nin the retriever spec.\n\n**Screenshot:** \n_Please see attached screenshot showing `simplified retriever options`\nin the autocomplete suggestions._\n\n<img width=\"721\" height=\"479\" alt=\"Screenshot 2025-07-10 at 14 06 24\"\nsrc=\"https://github.com/user-attachments/assets/e9440eb0-7dec-413a-bd7b-838ce2d50f35\"\n/>\n<img width=\"508\" height=\"406\" alt=\"Screenshot 2025-07-10 at 14 19 31\"\nsrc=\"https://github.com/user-attachments/assets/a474add1-fc9d-4e38-bdcd-36379c8f55ea\"\n/>\n\n\n\n\n\n\n\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"c60505c9d9d5e6adc314299eeaef0fbc1418c97f"}}]}] BACKPORT--> Co-authored-by: Mridula <mridula.s@elastic.co>
…tic#227804) # Backport This will backport the following commits from `main` to `9.1`: - [[Profiling] Fix failing e2e tests in 9.1 (elastic#227459)](elastic#227459) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Milosz Marcinkowski","email":"38698566+miloszmarcinkowski@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-14T11:53:14Z","message":"[Profiling] Fix failing e2e tests in 9.1 (elastic#227459)\n\nCloses elastic#224515 elastic#224514 elastic#224516\n\nFix Cypress e2e tests that failed in version 9.1.0. Mock API responses\nto prevent periodical failures caused by changes to the API in\nElasticsearch.","sha":"7d50d3fb89b4685bcc56dca1f2196627c17ec53d","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport:version","v9.1.0","v9.2.0"],"title":"[Profiling] Fix failing e2e tests in 9.1","number":227459,"url":"https://github.com/elastic/kibana/pull/227459","mergeCommit":{"message":"[Profiling] Fix failing e2e tests in 9.1 (elastic#227459)\n\nCloses elastic#224515 elastic#224514 elastic#224516\n\nFix Cypress e2e tests that failed in version 9.1.0. Mock API responses\nto prevent periodical failures caused by changes to the API in\nElasticsearch.","sha":"7d50d3fb89b4685bcc56dca1f2196627c17ec53d"}},"sourceBranch":"main","suggestedTargetBranches":["9.1"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227459","number":227459,"mergeCommit":{"message":"[Profiling] Fix failing e2e tests in 9.1 (elastic#227459)\n\nCloses elastic#224515 elastic#224514 elastic#224516\n\nFix Cypress e2e tests that failed in version 9.1.0. Mock API responses\nto prevent periodical failures caused by changes to the API in\nElasticsearch.","sha":"7d50d3fb89b4685bcc56dca1f2196627c17ec53d"}}]}] BACKPORT--> Co-authored-by: Milosz Marcinkowski <38698566+miloszmarcinkowski@users.noreply.github.com>
…fined values gracefully for tiles on Privmon dashboard (elastic#226387) (elastic#227577) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Solution][Entity Analytics][PrivMon] Handle null/undefined values gracefully for tiles on Privmon dashboard (elastic#226387)](elastic#226387) <!--- Backport version: 10.0.1 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Abhishek Bhatia","email":"117628830+abhishekbhatia1710@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-11T07:55:23Z","message":"[Security Solution][Entity Analytics][PrivMon] Handle null/undefined values gracefully for tiles on Privmon dashboard (elastic#226387)\n\n## Summary\n\nWhat changed:\n\nAdded error handling for PrivMon dashboard tiles when ES queries fail\n(like missing ML indices)\nInstead of showing broken visualizations, tiles now display a clean\n\"Data not available\" message\nThe error tiles maintain consistent styling and layout with working\ntiles\n\nAdded state tracking to detect when visualization loading completes\n- Check for missing [tables] property in visualization response to\nidentify errors\n- Render a styled error state using EUI components that matches the\ndesign of working tiles\n- Made error message i18n compliant for proper localization\n\nScreenshot Ref : \n\n\n\n\nWith data : \n\n\n\n\n\nTesting Steps : \n1. Checkout this PR\n2. Start the privmon engine : `POST\nkbn:/api/entity_analytics/monitoring/engine/init`\n3. Add some privileged users either using a CSV file or from dev\nconsole.\n4. Add relevant data for different indexes using the\nsecurity-documents-generator.\n6. Enable the risk score and Asset criticality.\n7. Change filters for timerange or any KQL query to get the desired\nresults.\n8. The tile visualisations on the privmon dashboard should not display\nany errors. It should either display the Count or `Data not available`.\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [ ] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n---------\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"df7732aab8d3cb1ba494f9fea0445b2cb8d108bc","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Entity Analytics","backport:version","v9.1.0","v9.2.0"],"title":"[Security Solution][Entity Analytics][PrivMon] Handle null/undefined values gracefully for tiles on Privmon dashboard","number":226387,"url":"https://github.com/elastic/kibana/pull/226387","mergeCommit":{"message":"[Security Solution][Entity Analytics][PrivMon] Handle null/undefined values gracefully for tiles on Privmon dashboard (elastic#226387)\n\n## Summary\n\nWhat changed:\n\nAdded error handling for PrivMon dashboard tiles when ES queries fail\n(like missing ML indices)\nInstead of showing broken visualizations, tiles now display a clean\n\"Data not available\" message\nThe error tiles maintain consistent styling and layout with working\ntiles\n\nAdded state tracking to detect when visualization loading completes\n- Check for missing [tables] property in visualization response to\nidentify errors\n- Render a styled error state using EUI components that matches the\ndesign of working tiles\n- Made error message i18n compliant for proper localization\n\nScreenshot Ref : \n\n\n\n\nWith data : \n\n\n\n\n\nTesting Steps : \n1. Checkout this PR\n2. Start the privmon engine : `POST\nkbn:/api/entity_analytics/monitoring/engine/init`\n3. Add some privileged users either using a CSV file or from dev\nconsole.\n4. Add relevant data for different indexes using the\nsecurity-documents-generator.\n6. Enable the risk score and Asset criticality.\n7. Change filters for timerange or any KQL query to get the desired\nresults.\n8. The tile visualisations on the privmon dashboard should not display\nany errors. It should either display the Count or `Data not available`.\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [ ] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n---------\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"df7732aab8d3cb1ba494f9fea0445b2cb8d108bc"}},"sourceBranch":"main","suggestedTargetBranches":["9.1"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226387","number":226387,"mergeCommit":{"message":"[Security Solution][Entity Analytics][PrivMon] Handle null/undefined values gracefully for tiles on Privmon dashboard (elastic#226387)\n\n## Summary\n\nWhat changed:\n\nAdded error handling for PrivMon dashboard tiles when ES queries fail\n(like missing ML indices)\nInstead of showing broken visualizations, tiles now display a clean\n\"Data not available\" message\nThe error tiles maintain consistent styling and layout with working\ntiles\n\nAdded state tracking to detect when visualization loading completes\n- Check for missing [tables] property in visualization response to\nidentify errors\n- Render a styled error state using EUI components that matches the\ndesign of working tiles\n- Made error message i18n compliant for proper localization\n\nScreenshot Ref : \n\n\n\n\nWith data : \n\n\n\n\n\nTesting Steps : \n1. Checkout this PR\n2. Start the privmon engine : `POST\nkbn:/api/entity_analytics/monitoring/engine/init`\n3. Add some privileged users either using a CSV file or from dev\nconsole.\n4. Add relevant data for different indexes using the\nsecurity-documents-generator.\n6. Enable the risk score and Asset criticality.\n7. Change filters for timerange or any KQL query to get the desired\nresults.\n8. The tile visualisations on the privmon dashboard should not display\nany errors. It should either display the Count or `Data not available`.\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [ ] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n---------\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"df7732aab8d3cb1ba494f9fea0445b2cb8d108bc"}}]}] BACKPORT-->
…) (elastic#227816) # Backport This will backport the following commits from `main` to `9.1`: - [Polish MultiSelectFilter appearance in Rules page (elastic#227676)](elastic#227676) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Alberto Blázquez","email":"albertoblaz@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-14T12:36:34Z","message":"Polish MultiSelectFilter appearance in Rules page (elastic#227676)\n\n## Summary\n\nPolish inner border in `<MultiSelectFilter>` component, rendered upon\nclicking on `<RulesTableHeader>` in the Rule page.\n\n[Link to EuiSelectable\ndocs](https://eui.elastic.co/docs/components/forms/selection/selectable/#the-basics).\n\n### Screenshots\n\n<details><summary>Before</summary>\n<img width=\"525\" height=\"375\" alt=\"Screenshot 2025-07-11 at 16 44 06\"\nsrc=\"https://github.com/user-attachments/assets/f100ce36-0450-476c-ba40-d7b4c34f5b50\"\n/>\n<img width=\"502\" height=\"363\" alt=\"Screenshot 2025-07-11 at 16 44 17\"\nsrc=\"https://github.com/user-attachments/assets/7760c929-bf9c-4986-81ec-06f9604de109\"\n/>\n</details> \n\n<details><summary>After</summary>\n<img width=\"515\" height=\"338\" alt=\"Screenshot 2025-07-11 at 16 43 25\"\nsrc=\"https://github.com/user-attachments/assets/b8a2e524-57cf-4bb6-a0f5-a47bfd17fd8e\"\n/>\n<img width=\"491\" height=\"345\" alt=\"Screenshot 2025-07-11 at 16 43 34\"\nsrc=\"https://github.com/user-attachments/assets/26fc1bbf-f1a7-440c-a050-2f7f6ee59d01\"\n/>\n</details> \n\n### Checklist\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [x] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [ ] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n### Identify risks\n\nOnly risk is we're keeping style overrides in EUI components, which\nshould happen as little as possible. But the override enhances the\nappearance when putting these components together, which is an edge\ncase.","sha":"f9424c700cbc34c2b6d7885cc6863841c0af3c86","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud Security","ci:cloud-deploy","backport:version","v9.1.0","v9.2.0"],"title":"Polish MultiSelectFilter appearance in Rules page","number":227676,"url":"https://github.com/elastic/kibana/pull/227676","mergeCommit":{"message":"Polish MultiSelectFilter appearance in Rules page (elastic#227676)\n\n## Summary\n\nPolish inner border in `<MultiSelectFilter>` component, rendered upon\nclicking on `<RulesTableHeader>` in the Rule page.\n\n[Link to EuiSelectable\ndocs](https://eui.elastic.co/docs/components/forms/selection/selectable/#the-basics).\n\n### Screenshots\n\n<details><summary>Before</summary>\n<img width=\"525\" height=\"375\" alt=\"Screenshot 2025-07-11 at 16 44 06\"\nsrc=\"https://github.com/user-attachments/assets/f100ce36-0450-476c-ba40-d7b4c34f5b50\"\n/>\n<img width=\"502\" height=\"363\" alt=\"Screenshot 2025-07-11 at 16 44 17\"\nsrc=\"https://github.com/user-attachments/assets/7760c929-bf9c-4986-81ec-06f9604de109\"\n/>\n</details> \n\n<details><summary>After</summary>\n<img width=\"515\" height=\"338\" alt=\"Screenshot 2025-07-11 at 16 43 25\"\nsrc=\"https://github.com/user-attachments/assets/b8a2e524-57cf-4bb6-a0f5-a47bfd17fd8e\"\n/>\n<img width=\"491\" height=\"345\" alt=\"Screenshot 2025-07-11 at 16 43 34\"\nsrc=\"https://github.com/user-attachments/assets/26fc1bbf-f1a7-440c-a050-2f7f6ee59d01\"\n/>\n</details> \n\n### Checklist\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [x] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [ ] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n### Identify risks\n\nOnly risk is we're keeping style overrides in EUI components, which\nshould happen as little as possible. But the override enhances the\nappearance when putting these components together, which is an edge\ncase.","sha":"f9424c700cbc34c2b6d7885cc6863841c0af3c86"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","9.1"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227676","number":227676,"mergeCommit":{"message":"Polish MultiSelectFilter appearance in Rules page (elastic#227676)\n\n## Summary\n\nPolish inner border in `<MultiSelectFilter>` component, rendered upon\nclicking on `<RulesTableHeader>` in the Rule page.\n\n[Link to EuiSelectable\ndocs](https://eui.elastic.co/docs/components/forms/selection/selectable/#the-basics).\n\n### Screenshots\n\n<details><summary>Before</summary>\n<img width=\"525\" height=\"375\" alt=\"Screenshot 2025-07-11 at 16 44 06\"\nsrc=\"https://github.com/user-attachments/assets/f100ce36-0450-476c-ba40-d7b4c34f5b50\"\n/>\n<img width=\"502\" height=\"363\" alt=\"Screenshot 2025-07-11 at 16 44 17\"\nsrc=\"https://github.com/user-attachments/assets/7760c929-bf9c-4986-81ec-06f9604de109\"\n/>\n</details> \n\n<details><summary>After</summary>\n<img width=\"515\" height=\"338\" alt=\"Screenshot 2025-07-11 at 16 43 25\"\nsrc=\"https://github.com/user-attachments/assets/b8a2e524-57cf-4bb6-a0f5-a47bfd17fd8e\"\n/>\n<img width=\"491\" height=\"345\" alt=\"Screenshot 2025-07-11 at 16 43 34\"\nsrc=\"https://github.com/user-attachments/assets/26fc1bbf-f1a7-440c-a050-2f7f6ee59d01\"\n/>\n</details> \n\n### Checklist\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [x] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [ ] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n### Identify risks\n\nOnly risk is we're keeping style overrides in EUI components, which\nshould happen as little as possible. But the override enhances the\nappearance when putting these components together, which is an edge\ncase.","sha":"f9424c700cbc34c2b6d7885cc6863841c0af3c86"}}]}] BACKPORT--> Co-authored-by: Alberto Blázquez <albertoblaz@users.noreply.github.com>
…) (elastic#227823) # Backport This will backport the following commits from `main` to `9.1`: - [[AI Infra] Fix inference id for default EIS ELSER (elastic#227737)](elastic#227737) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Quynh Nguyen (Quinn)","email":"43350163+qn895@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-14T13:07:24Z","message":"[AI Infra] Fix inference id for default EIS ELSER (elastic#227737)\n\n## Summary\n\nAnalogous change to\nhttps://github.com/elastic/elasticsearch/pull/130336, related to\nhttps://github.com/elastic/pull/225852. This PR fixes the naming\nmismatch with the rename of the ELSER EIS inference id.\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [ ] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [ ] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"6e1f536bf3ac734004d73fe01eab23a3968a1950","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","backport:version","v9.1.0","v8.19.0","v9.2.0","v9.0.4"],"title":"[AI Infra] Fix inference id for default EIS ELSER","number":227737,"url":"https://github.com/elastic/kibana/pull/227737","mergeCommit":{"message":"[AI Infra] Fix inference id for default EIS ELSER (elastic#227737)\n\n## Summary\n\nAnalogous change to\nhttps://github.com/elastic/elasticsearch/pull/130336, related to\nhttps://github.com/elastic/pull/225852. This PR fixes the naming\nmismatch with the rename of the ELSER EIS inference id.\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [ ] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [ ] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"6e1f536bf3ac734004d73fe01eab23a3968a1950"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19","9.0"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/227737","number":227737,"mergeCommit":{"message":"[AI Infra] Fix inference id for default EIS ELSER (elastic#227737)\n\n## Summary\n\nAnalogous change to\nhttps://github.com/elastic/elasticsearch/pull/130336, related to\nhttps://github.com/elastic/pull/225852. This PR fixes the naming\nmismatch with the rename of the ELSER EIS inference id.\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [ ] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [ ] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"6e1f536bf3ac734004d73fe01eab23a3968a1950"}},{"branch":"9.0","label":"v9.0.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Quynh Nguyen (Quinn) <43350163+qn895@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
…I assistant (elastic#226556) (elastic#227772) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Solution] [Ai Assistant] Enable the Global Security AI assistant (elastic#226556)](elastic#226556) <!--- Backport version: 10.0.1 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Kenneth Kreindler","email":"42113355+KDKHD@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-14T09:23:41Z","message":"[Security Solution] [Ai Assistant] Enable the Global Security AI assistant (elastic#226556)\n\n## Summary\n\nSummarize your PR. If it involves visual changes include a screenshot or\ngif.\n\nModify AI assistant visibility settings to allow for the Security AI\nassistant to be global.\n\nThis fixes an issue in the product that several users have raised. It is\nvery unintuitive for them that when in the Security Solution view, they\ncan not open the AI assistant when in the Discover page.\n\n> Users couldn’t add the AI Assistant to the Discover flyout and hadn’t\nbeen able to resolve it for weeks\n\nChanges:\n- Add \"Security\" as an option in the\n`aiAssistant:preferredAIAssistantType` setting (this is the setting used\nin stateful Kibana to determine assistant visibility).\n- Modify setting labels and options inside of serverless oblt and\nserverless security to be relevant to the project type.\n\n### Screenshots\n\n<details>\n\n<summary>Stateful</summary>\n\nThe same setting is used across all solution views in stateful Kibana.\nThis is not a perfect solution, as when a user is in the Security\nsolution, they can technically still select the Oblt assistant (in this\ncase no assistant will be shown). In the next minor release, this will\nbe fixed with a new AI assistant settings page.\n\n### Classic\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/d601eb42-60a9-40ff-922c-0369249f2b70\"\n/>\n\n### Oblt\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/04a167f3-d55a-4ff7-bdfe-10cc21b0a9cf\"\n/>\n\n### Security\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/23d055e6-c1dc-4335-8e9e-0d805215cadf\"\n/>\n\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/20d37509-73da-4f23-9020-b089ee249af9\"\n/>\n\n### ES\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/21b34bb7-d540-4411-84f8-7e2f95942378\"\n/>\n\n\n</details>\n\n\n<details>\n\n<summary>Serverless Security</summary>\n\n\n\n\n\n\n\n\n</details>\n\n<details>\n\n<summary>Serverless Oblt</summary>\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/53c14d2c-3f78-430b-8198-139f59c3a268\"\n/>\n\n</details>\n\n<details>\n\n<summary>Serverless ES</summary>\n\nIn serverless ES there is no ability to change the visibility of the AI\nassistant. This is the current behaviour and this has not changed in\nthis PR.\n\n\n\n\n</details>\n\n### How to test:\n\n#### Stateful\n- Start Kibana (in classic/traditional flavour) \n```\n// Start ES\nyarn es snapshot --license trial -E xpack.security.authc.api_key.enabled=true\n// Start Kibana\nyarn start --no-base-path\n```\n- Create spaces for Classic, Security, Oblt and Search \n- In Classic, go to Stack Management > Advanced Settings and search for\nAI Assistant visibility\n- Verify that when selecting:\n- Only in their solutions -> only displays the Search/Oblt and Security\nAssistants in their respective solutions.\n- Observability and Search AI Assistants in other apps -> Shows the Oblt\nand Search assistant on the Discover page.\n- Security AI Assistants in other apps -> Shows the Security assistant\non the Discover page.\n - Hide all assistants -> Does not show assistants anywhere\n\n#### Stateless\n- Start Kibana (in serverless) \n```\n// Start ES\nnode scripts/es serverless --projectType security\n// Start Kibana\nnode --no-experimental-require-module scripts/kibana --dev --serverless=security --no-base-path\n``` \n(please try try different project types too. Instead of security you can\nuse `oblt` or `es` )\n- Go to stack management > advanced settings and search for AI Assistant\nvisibility\n- Check that the options you have available look like this:\n\n\n\n\n- Verify that when you select security, the Security assistant appears\neverywhere (including Discover)\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [X] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [X]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [X] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [X] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [X] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [X] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [X] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [X] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\nCo-authored-by: Ievgen Sorokopud <e40pud@gmail.com>\nCo-authored-by: Dario Gieselaar <dario.gieselaar@elastic.co>","sha":"6536c766d7470b1f754803a303fdca9a068e2b7b","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","ci:project-deploy-observability","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Security Solution] [Ai Assistant] Enable the Global Security AI assistant","number":226556,"url":"https://github.com/elastic/kibana/pull/226556","mergeCommit":{"message":"[Security Solution] [Ai Assistant] Enable the Global Security AI assistant (elastic#226556)\n\n## Summary\n\nSummarize your PR. If it involves visual changes include a screenshot or\ngif.\n\nModify AI assistant visibility settings to allow for the Security AI\nassistant to be global.\n\nThis fixes an issue in the product that several users have raised. It is\nvery unintuitive for them that when in the Security Solution view, they\ncan not open the AI assistant when in the Discover page.\n\n> Users couldn’t add the AI Assistant to the Discover flyout and hadn’t\nbeen able to resolve it for weeks\n\nChanges:\n- Add \"Security\" as an option in the\n`aiAssistant:preferredAIAssistantType` setting (this is the setting used\nin stateful Kibana to determine assistant visibility).\n- Modify setting labels and options inside of serverless oblt and\nserverless security to be relevant to the project type.\n\n### Screenshots\n\n<details>\n\n<summary>Stateful</summary>\n\nThe same setting is used across all solution views in stateful Kibana.\nThis is not a perfect solution, as when a user is in the Security\nsolution, they can technically still select the Oblt assistant (in this\ncase no assistant will be shown). In the next minor release, this will\nbe fixed with a new AI assistant settings page.\n\n### Classic\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/d601eb42-60a9-40ff-922c-0369249f2b70\"\n/>\n\n### Oblt\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/04a167f3-d55a-4ff7-bdfe-10cc21b0a9cf\"\n/>\n\n### Security\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/23d055e6-c1dc-4335-8e9e-0d805215cadf\"\n/>\n\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/20d37509-73da-4f23-9020-b089ee249af9\"\n/>\n\n### ES\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/21b34bb7-d540-4411-84f8-7e2f95942378\"\n/>\n\n\n</details>\n\n\n<details>\n\n<summary>Serverless Security</summary>\n\n\n\n\n\n\n\n\n</details>\n\n<details>\n\n<summary>Serverless Oblt</summary>\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/53c14d2c-3f78-430b-8198-139f59c3a268\"\n/>\n\n</details>\n\n<details>\n\n<summary>Serverless ES</summary>\n\nIn serverless ES there is no ability to change the visibility of the AI\nassistant. This is the current behaviour and this has not changed in\nthis PR.\n\n\n\n\n</details>\n\n### How to test:\n\n#### Stateful\n- Start Kibana (in classic/traditional flavour) \n```\n// Start ES\nyarn es snapshot --license trial -E xpack.security.authc.api_key.enabled=true\n// Start Kibana\nyarn start --no-base-path\n```\n- Create spaces for Classic, Security, Oblt and Search \n- In Classic, go to Stack Management > Advanced Settings and search for\nAI Assistant visibility\n- Verify that when selecting:\n- Only in their solutions -> only displays the Search/Oblt and Security\nAssistants in their respective solutions.\n- Observability and Search AI Assistants in other apps -> Shows the Oblt\nand Search assistant on the Discover page.\n- Security AI Assistants in other apps -> Shows the Security assistant\non the Discover page.\n - Hide all assistants -> Does not show assistants anywhere\n\n#### Stateless\n- Start Kibana (in serverless) \n```\n// Start ES\nnode scripts/es serverless --projectType security\n// Start Kibana\nnode --no-experimental-require-module scripts/kibana --dev --serverless=security --no-base-path\n``` \n(please try try different project types too. Instead of security you can\nuse `oblt` or `es` )\n- Go to stack management > advanced settings and search for AI Assistant\nvisibility\n- Check that the options you have available look like this:\n\n\n\n\n- Verify that when you select security, the Security assistant appears\neverywhere (including Discover)\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [X] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [X]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [X] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [X] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [X] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [X] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [X] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [X] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\nCo-authored-by: Ievgen Sorokopud <e40pud@gmail.com>\nCo-authored-by: Dario Gieselaar <dario.gieselaar@elastic.co>","sha":"6536c766d7470b1f754803a303fdca9a068e2b7b"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/226556","number":226556,"mergeCommit":{"message":"[Security Solution] [Ai Assistant] Enable the Global Security AI assistant (elastic#226556)\n\n## Summary\n\nSummarize your PR. If it involves visual changes include a screenshot or\ngif.\n\nModify AI assistant visibility settings to allow for the Security AI\nassistant to be global.\n\nThis fixes an issue in the product that several users have raised. It is\nvery unintuitive for them that when in the Security Solution view, they\ncan not open the AI assistant when in the Discover page.\n\n> Users couldn’t add the AI Assistant to the Discover flyout and hadn’t\nbeen able to resolve it for weeks\n\nChanges:\n- Add \"Security\" as an option in the\n`aiAssistant:preferredAIAssistantType` setting (this is the setting used\nin stateful Kibana to determine assistant visibility).\n- Modify setting labels and options inside of serverless oblt and\nserverless security to be relevant to the project type.\n\n### Screenshots\n\n<details>\n\n<summary>Stateful</summary>\n\nThe same setting is used across all solution views in stateful Kibana.\nThis is not a perfect solution, as when a user is in the Security\nsolution, they can technically still select the Oblt assistant (in this\ncase no assistant will be shown). In the next minor release, this will\nbe fixed with a new AI assistant settings page.\n\n### Classic\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/d601eb42-60a9-40ff-922c-0369249f2b70\"\n/>\n\n### Oblt\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/04a167f3-d55a-4ff7-bdfe-10cc21b0a9cf\"\n/>\n\n### Security\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/23d055e6-c1dc-4335-8e9e-0d805215cadf\"\n/>\n\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/20d37509-73da-4f23-9020-b089ee249af9\"\n/>\n\n### ES\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/21b34bb7-d540-4411-84f8-7e2f95942378\"\n/>\n\n\n</details>\n\n\n<details>\n\n<summary>Serverless Security</summary>\n\n\n\n\n\n\n\n\n</details>\n\n<details>\n\n<summary>Serverless Oblt</summary>\n\n<img width=\"1840\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/53c14d2c-3f78-430b-8198-139f59c3a268\"\n/>\n\n</details>\n\n<details>\n\n<summary>Serverless ES</summary>\n\nIn serverless ES there is no ability to change the visibility of the AI\nassistant. This is the current behaviour and this has not changed in\nthis PR.\n\n\n\n\n</details>\n\n### How to test:\n\n#### Stateful\n- Start Kibana (in classic/traditional flavour) \n```\n// Start ES\nyarn es snapshot --license trial -E xpack.security.authc.api_key.enabled=true\n// Start Kibana\nyarn start --no-base-path\n```\n- Create spaces for Classic, Security, Oblt and Search \n- In Classic, go to Stack Management > Advanced Settings and search for\nAI Assistant visibility\n- Verify that when selecting:\n- Only in their solutions -> only displays the Search/Oblt and Security\nAssistants in their respective solutions.\n- Observability and Search AI Assistants in other apps -> Shows the Oblt\nand Search assistant on the Discover page.\n- Security AI Assistants in other apps -> Shows the Security assistant\non the Discover page.\n - Hide all assistants -> Does not show assistants anywhere\n\n#### Stateless\n- Start Kibana (in serverless) \n```\n// Start ES\nnode scripts/es serverless --projectType security\n// Start Kibana\nnode --no-experimental-require-module scripts/kibana --dev --serverless=security --no-base-path\n``` \n(please try try different project types too. Instead of security you can\nuse `oblt` or `es` )\n- Go to stack management > advanced settings and search for AI Assistant\nvisibility\n- Check that the options you have available look like this:\n\n\n\n\n- Verify that when you select security, the Security assistant appears\neverywhere (including Discover)\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [X] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [X]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [X] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [X] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [X] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [X] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [X] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [X] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\nCo-authored-by: Ievgen Sorokopud <e40pud@gmail.com>\nCo-authored-by: Dario Gieselaar <dario.gieselaar@elastic.co>","sha":"6536c766d7470b1f754803a303fdca9a068e2b7b"}}]}] BACKPORT-->
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@types/sinon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinon) ([source](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon)) | devDependencies | major | [`^7.0.13` -> `^17.0.3`](https://renovatebot.com/diffs/npm/@types%2fsinon/7.0.13/17.0.3) | | [sinon](https://sinonjs.org/) ([source](https://github.com/sinonjs/sinon)) | devDependencies | major | [`^7.4.2` -> `^19.0.2`](https://renovatebot.com/diffs/npm/sinon/7.5.0/19.0.2) | ---
Contributor
|
🤖 Jobs for this PR can be triggered through checkboxes. 🚧
ℹ️ To trigger the CI, please tick the checkbox below 👇
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport
This will backport the following commits from
mainto9.1: