Skip to content

[8.19] [ska] relocate solutions ES archives (#229914)#231833

Closed
fake-haris wants to merge 4 commits intoelastic:8.19from
fake-haris:backport/8.19/pr-229914
Closed

[8.19] [ska] relocate solutions ES archives (#229914)#231833
fake-haris wants to merge 4 commits intoelastic:8.19from
fake-haris:backport/8.19/pr-229914

Conversation

@fake-haris
Copy link
Contributor

@fake-haris fake-haris commented Aug 14, 2025

Backport

This will backport the following commits from main to 8.19:

Questions ?

Please refer to the Backport tool documentation

@fake-haris fake-haris added the backport This PR is a backport of another PR label Aug 14, 2025
@fake-haris fake-haris enabled auto-merge (squash) August 14, 2025 13:58
@fake-haris fake-haris mentioned this pull request Aug 14, 2025
Merged
@fake-haris fake-haris requested a review from dmlemeshko August 14, 2025 14:14
@elasticmachine
Copy link
Contributor

elasticmachine commented Aug 18, 2025
edited
Loading

💔 Build Failed

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #86 / Actions APIs - Trial License/Complete Tier @serverless @serverlessQA @ess add_actions adding actions "after all" hook for "expects rule with a webhook action and meta field runs successfully"
  • [job] [logs] FTR Configs #86 / Actions APIs - Trial License/Complete Tier @serverless @serverlessQA @ess add_actions adding actions "after all" hook for "expects rule with a webhook action and meta field runs successfully"
  • [job] [logs] FTR Configs #86 / Actions APIs - Trial License/Complete Tier @serverless @serverlessQA @ess add_actions adding actions "before all" hook for "should create a case if a rule with the cases system action finds matching alerts"
  • [job] [logs] FTR Configs #86 / Actions APIs - Trial License/Complete Tier @serverless @serverlessQA @ess add_actions adding actions "before all" hook for "should create a case if a rule with the cases system action finds matching alerts"
  • [job] [logs] FTR Configs #52 / alerting api integration security and spaces enabled - Group 2 Alerts legacy alerts alerts "after all" hook in "alerts"
  • [job] [logs] FTR Configs #72 / alerting api integration security and spaces enabled - Group 2 Alerts legacy alerts alerts "after all" hook in "alerts"
  • [job] [logs] FTR Configs #52 / alerting api integration security and spaces enabled - Group 2 Alerts legacy alerts alerts "after all" hook in "alerts"
  • [job] [logs] FTR Configs #72 / alerting api integration security and spaces enabled - Group 2 Alerts legacy alerts alerts "after all" hook in "alerts"
  • [job] [logs] FTR Configs #52 / alerting api integration security and spaces enabled - Group 2 Alerts legacy alerts alerts "before all" hook in "alerts"
  • [job] [logs] FTR Configs #72 / alerting api integration security and spaces enabled - Group 2 Alerts legacy alerts alerts "before all" hook in "alerts"
  • [job] [logs] FTR Configs #52 / alerting api integration security and spaces enabled - Group 2 Alerts legacy alerts alerts "before all" hook in "alerts"
  • [job] [logs] FTR Configs #72 / alerting api integration security and spaces enabled - Group 2 Alerts legacy alerts alerts "before all" hook in "alerts"
  • [job] [logs] FTR Configs #13 / Alerting scheduled task id "before all" hook for "cannot create rule with same ID as a scheduled task ID used by another rule"
  • [job] [logs] FTR Configs #13 / Alerting scheduled task id "before all" hook for "cannot create rule with same ID as a scheduled task ID used by another rule"
  • [job] [logs] FTR Configs #60 / Alerts and alerts index related logic - Basic License/Essentials Tier Alert status APIs @ess change alert status endpoints ESS specific logic authentication checks "after all" hook for "should NOT be able to close alerts with reader user"
  • [job] [logs] FTR Configs #60 / Alerts and alerts index related logic - Basic License/Essentials Tier Alert status APIs @ess change alert status endpoints ESS specific logic authentication checks "after all" hook for "should NOT be able to close alerts with reader user"
  • [job] [logs] FTR Configs #60 / Alerts and alerts index related logic - Basic License/Essentials Tier Alert status APIs @ess change alert status endpoints ESS specific logic authentication checks "before all" hook for "should be able to close alerts while logged in and populate workflow_user"
  • [job] [logs] FTR Configs #60 / Alerts and alerts index related logic - Basic License/Essentials Tier Alert status APIs @ess change alert status endpoints ESS specific logic authentication checks "before all" hook for "should be able to close alerts while logged in and populate workflow_user"
  • [job] [logs] FTR Configs #47 / Alerts APIs - Trial License/Complete Tier Alert assignments API @ess @serverless @serverlessQA Alert User Assignment - ESS & Serverless tests with auditbeat data "after all" hook in "tests with auditbeat data"
  • [job] [logs] FTR Configs #47 / Alerts APIs - Trial License/Complete Tier Alert assignments API @ess @serverless @serverlessQA Alert User Assignment - ESS & Serverless tests with auditbeat data "after all" hook in "tests with auditbeat data"
  • [job] [logs] FTR Configs #47 / Alerts APIs - Trial License/Complete Tier Alert assignments API @ess @serverless @serverlessQA Alert User Assignment - ESS & Serverless tests with auditbeat data "before all" hook in "tests with auditbeat data"
  • [job] [logs] FTR Configs #47 / Alerts APIs - Trial License/Complete Tier Alert assignments API @ess @serverless @serverlessQA Alert User Assignment - ESS & Serverless tests with auditbeat data "before all" hook in "tests with auditbeat data"
  • [job] [logs] FTR Configs #10 / cases security and spaces enabled: basic Common migrations migrations 7.11.1 -> latest stack version "before all" hook for "adds rule info to only alert comments for 7.12"
  • [job] [logs] FTR Configs #10 / cases security and spaces enabled: basic Common migrations migrations 7.11.1 -> latest stack version "before all" hook for "adds rule info to only alert comments for 7.12"
  • [job] [logs] FTR Configs #83 / cases security and spaces enabled: trial Common migrations migrations 7.11.1 -> latest stack version "before all" hook for "adds rule info to only alert comments for 7.12"
  • [job] [logs] FTR Configs #83 / cases security and spaces enabled: trial Common migrations migrations 7.11.1 -> latest stack version "before all" hook for "adds rule info to only alert comments for 7.12"
  • [job] [logs] FTR Configs #41 / Detection Engine - Exception workflows APIs @serverless @serverlessQA @ess rule exceptions execution "after all" hook in "@serverless @serverlessQA @ess rule exceptions execution"
  • [job] [logs] FTR Configs #41 / Detection Engine - Exception workflows APIs @serverless @serverlessQA @ess rule exceptions execution "after all" hook in "@serverless @serverlessQA @ess rule exceptions execution"
  • [job] [logs] FTR Configs #41 / Detection Engine - Exception workflows APIs @serverless @serverlessQA @ess rule exceptions execution "before all" hook in "@serverless @serverlessQA @ess rule exceptions execution"
  • [job] [logs] FTR Configs #41 / Detection Engine - Exception workflows APIs @serverless @serverlessQA @ess rule exceptions execution "before all" hook in "@serverless @serverlessQA @ess rule exceptions execution"
  • [job] [logs] FTR Configs #40 / Detection Engine - Rule preview API @serverless @ess @serverlessQA preview_rules previewing rules "after all" hook in "previewing rules"
  • [job] [logs] FTR Configs #40 / Detection Engine - Rule preview API @serverless @ess @serverlessQA preview_rules previewing rules "after all" hook in "previewing rules"
  • [job] [logs] FTR Configs #40 / Detection Engine - Rule preview API @serverless @ess @serverlessQA preview_rules previewing rules "before all" hook in "previewing rules"
  • [job] [logs] FTR Configs #40 / Detection Engine - Rule preview API @serverless @ess @serverlessQA preview_rules previewing rules "before all" hook in "previewing rules"
  • [job] [logs] FTR Configs #77 / EQL execution logic API @ess @serverless @serverlessQA EQL type rules "after all" hook for "uses the provided filters"
  • [job] [logs] FTR Configs #77 / EQL execution logic API @ess @serverless @serverlessQA EQL type rules "after all" hook for "uses the provided filters"
  • [job] [logs] FTR Configs #77 / EQL execution logic API @ess @serverless @serverlessQA EQL type rules "before all" hook for "generates a correctly formatted alert from EQL non-sequence queries"
  • [job] [logs] FTR Configs #77 / EQL execution logic API @ess @serverless @serverlessQA EQL type rules "before all" hook for "generates a correctly formatted alert from EQL non-sequence queries"
  • [job] [logs] FTR Configs #45 / event_log Event Log public API Index Lifecycle should query across indices matching the Event Log data view
  • [job] [logs] FTR Configs #45 / event_log Event Log public API Index Lifecycle should query across indices matching the Event Log data view
  • [job] [logs] FTR Configs #27 / Indicator match execution logic API @ess @serverless @serverlessQA Threat match type rules "after all" hook for "should return 0 alerts when using an AND and one of the clauses has a made up value that does not exist"
  • [job] [logs] FTR Configs #27 / Indicator match execution logic API @ess @serverless @serverlessQA Threat match type rules "after all" hook for "should return 0 alerts when using an AND and one of the clauses has a made up value that does not exist"
  • [job] [logs] FTR Configs #27 / Indicator match execution logic API @ess @serverless @serverlessQA Threat match type rules "before all" hook for "should be able to execute and get all alerts when doing a specific query (terms query)"
  • [job] [logs] FTR Configs #27 / Indicator match execution logic API @ess @serverless @serverlessQA Threat match type rules "before all" hook for "should be able to execute and get all alerts when doing a specific query (terms query)"
  • [job] [logs] FTR Configs #77 / InfraOps App Logs UI Logs Source Configuration Allows indices configuration "after all" hook for "renders the changed log columns with their headers"
  • [job] [logs] FTR Configs #77 / InfraOps App Logs UI Logs Source Configuration Allows indices configuration "before all" hook for "renders the correct page title"
  • [job] [logs] FTR Configs #77 / InfraOps App Metrics UI Metrics UI Anomaly Flyout anomalies table in flyout with anomalies present should take users to hosts list when 'Show affected Hosts' is clicked
  • [job] [logs] FTR Configs #64 / Logs UI routes log highlight apis "after all" hook in "log highlight apis"
  • [job] [logs] FTR Configs #64 / Logs UI routes log highlight apis "after all" hook in "log highlight apis"
  • [job] [logs] FTR Configs #64 / Logs UI routes log highlight apis "before all" hook in "log highlight apis"
  • [job] [logs] FTR Configs #64 / Logs UI routes log highlight apis "before all" hook in "log highlight apis"
  • [job] [logs] FTR Configs #38 / Machine learning rule execution logic API @ess @serverless Machine learning type rules "after all" hook for "@skipInServerlessMKI should create 7 alerts from ML rule when records meet anomaly_threshold"
  • [job] [logs] FTR Configs #38 / Machine learning rule execution logic API @ess @serverless Machine learning type rules "after all" hook for "@skipInServerlessMKI should create 7 alerts from ML rule when records meet anomaly_threshold"
  • [job] [logs] FTR Configs #38 / Machine learning rule execution logic API @ess @serverless Machine learning type rules "before all" hook for "should create 1 alert from ML rule when record meets anomaly_threshold"
  • [job] [logs] FTR Configs #38 / Machine learning rule execution logic API @ess @serverless Machine learning type rules "before all" hook for "should create 1 alert from ML rule when record meets anomaly_threshold"
  • [job] [logs] FTR Configs #2 / New terms rule execution logic API @ess @serverless @serverlessQA New terms type rules "after all" hook for "should work for max alerts > 100"
  • [job] [logs] FTR Configs #2 / New terms rule execution logic API @ess @serverless @serverlessQA New terms type rules "after all" hook for "should work for max alerts > 100"
  • [job] [logs] FTR Configs #2 / New terms rule execution logic API @ess @serverless @serverlessQA New terms type rules "before all" hook for "should generate 1 alert with 1 selected field"
  • [job] [logs] FTR Configs #2 / New terms rule execution logic API @ess @serverless @serverlessQA New terms type rules "before all" hook for "should generate 1 alert with 1 selected field"
  • [job] [logs] FTR Configs #37 / Observability Logs Explorer DataSourceSelector with installed integrations and uncategorized data streams "after all" hook in "with installed integrations and uncategorized data streams"
  • [job] [logs] FTR Configs #37 / Observability Logs Explorer DataSourceSelector with installed integrations and uncategorized data streams "after all" hook in "with installed integrations and uncategorized data streams"
  • [job] [logs] FTR Configs #37 / Observability Logs Explorer DataSourceSelector with installed integrations and uncategorized data streams "before all" hook in "with installed integrations and uncategorized data streams"
  • [job] [logs] FTR Configs #37 / Observability Logs Explorer DataSourceSelector with installed integrations and uncategorized data streams "before all" hook in "with installed integrations and uncategorized data streams"
  • [job] [logs] FTR Configs #63 / ObservabilityApp Observability overview > "after all" hook in "Observability overview >"
  • [job] [logs] FTR Configs #63 / ObservabilityApp Observability overview > "after all" hook in "Observability overview >"
  • [job] [logs] FTR Configs #63 / ObservabilityApp Observability overview > "before all" hook in "Observability overview >"
  • [job] [logs] FTR Configs #63 / ObservabilityApp Observability overview > "before all" hook in "Observability overview >"
  • [job] [logs] FTR Configs #46 / Query rule execution logic API @ess @serverless @serverlessQA Query type rules "after all" hook for "should generate alerts with the correct intended timestamp fields"
  • [job] [logs] FTR Configs #46 / Query rule execution logic API @ess @serverless @serverlessQA Query type rules "after all" hook for "should generate alerts with the correct intended timestamp fields"
  • [job] [logs] FTR Configs #46 / Query rule execution logic API @ess @serverless @serverlessQA Query type rules "before all" hook for "should have the specific audit record for _id or none of these tests below will pass"
  • [job] [logs] FTR Configs #46 / Query rule execution logic API @ess @serverless @serverlessQA Query type rules "before all" hook for "should have the specific audit record for _id or none of these tests below will pass"
  • [job] [logs] FTR Configs #61 / Rule execution logic API - Basic License/Essentials Tier @ess @serverless @serverlessQA timestamp tests alerts generated from events with timestamp override field and ensures search_after continues to work when documents are missing timestamp override field "after all" hook in "alerts generated from events with timestamp override field and ensures search_after continues to work when documents are missing timestamp override field"
  • [job] [logs] FTR Configs #61 / Rule execution logic API - Basic License/Essentials Tier @ess @serverless @serverlessQA timestamp tests alerts generated from events with timestamp override field and ensures search_after continues to work when documents are missing timestamp override field "after all" hook in "alerts generated from events with timestamp override field and ensures search_after continues to work when documents are missing timestamp override field"
  • [job] [logs] FTR Configs #61 / Rule execution logic API - Basic License/Essentials Tier @ess @serverless @serverlessQA timestamp tests alerts generated from events with timestamp override field and ensures search_after continues to work when documents are missing timestamp override field "before all" hook in "alerts generated from events with timestamp override field and ensures search_after continues to work when documents are missing timestamp override field"
  • [job] [logs] FTR Configs #61 / Rule execution logic API - Basic License/Essentials Tier @ess @serverless @serverlessQA timestamp tests alerts generated from events with timestamp override field and ensures search_after continues to work when documents are missing timestamp override field "before all" hook in "alerts generated from events with timestamp override field and ensures search_after continues to work when documents are missing timestamp override field"
  • [job] [logs] FTR Configs #36 / Rules Management - Rule Creation APIs @ess @serverless @serverlessQA create_rules creating rules "after all" hook for "should cause a 409 conflict if we attempt to create the same rule_id twice"
  • [job] [logs] FTR Configs #36 / Rules Management - Rule Creation APIs @ess @serverless @serverlessQA create_rules creating rules "after all" hook for "should cause a 409 conflict if we attempt to create the same rule_id twice"
  • [job] [logs] FTR Configs #36 / Rules Management - Rule Creation APIs @ess @serverless @serverlessQA create_rules creating rules "before all" hook for "should create a single rule with a rule_id"
  • [job] [logs] FTR Configs #36 / Rules Management - Rule Creation APIs @ess @serverless @serverlessQA create_rules creating rules "before all" hook for "should create a single rule with a rule_id"
  • [job] [logs] FTR Configs #68 / task_manager with update by query task claimer not registered task types "before all" hook for "should successfully schedule registered tasks, not claim unregistered tasks and mark removed task types as unrecognized"
  • [job] [logs] FTR Configs #68 / task_manager with update by query task claimer not registered task types "before all" hook for "should successfully schedule registered tasks, not claim unregistered tasks and mark removed task types as unrecognized"
  • [job] [logs] FTR Configs #19 / Threshold rule execution logic API @ess @serverless @serverlessQA Threshold type rules "after all" hook for "generates 1 alert when threshold is met and rule query has wildcard in field name"
  • [job] [logs] FTR Configs #19 / Threshold rule execution logic API @ess @serverless @serverlessQA Threshold type rules "after all" hook for "generates 1 alert when threshold is met and rule query has wildcard in field name"
  • [job] [logs] FTR Configs #19 / Threshold rule execution logic API @ess @serverless @serverlessQA Threshold type rules "before all" hook for "generates 1 alert from Threshold rules when threshold is met"
  • [job] [logs] FTR Configs #19 / Threshold rule execution logic API @ess @serverless @serverlessQA Threshold type rules "before all" hook for "generates 1 alert from Threshold rules when threshold is met"

Metrics [docs]

✅ unchanged

History

@dmlemeshko
Copy link
Contributor

dmlemeshko commented Aug 26, 2025

Closing since I got it in my PR

@dmlemeshko dmlemeshko closed this Aug 26, 2025
auto-merge was automatically disabled August 26, 2025 15:46

Pull request was closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kibanamachine kibanamachine Awaiting requested review from kibanamachine kibanamachine is a code owner

@dmlemeshko dmlemeshko Awaiting requested review from dmlemeshko

Assignees

No one assigned

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@fake-haris @elasticmachine @dmlemeshko