Skip to content

Comments

[9.1] [Investigations][Bug] - Check for empty dataView (#235144)#235215

Merged
kibanamachine merged 1 commit intoelastic:9.1from
kibanamachine:backport/9.1/pr-235144
Sep 16, 2025
Merged

[9.1] [Investigations][Bug] - Check for empty dataView (#235144)#235215
kibanamachine merged 1 commit intoelastic:9.1from
kibanamachine:backport/9.1/pr-235144

Conversation

@kibanamachine
Copy link
Contributor

@kibanamachine kibanamachine commented Sep 16, 2025

Backport

This will backport the following commits from main to 9.1:

Questions ?

Please refer to the Backport tool documentation

@michaelolo24
[Investigations][Bug] - Check for empty dataView (elastic#235144)
6ccc3e4 
## Summary

This PR fixes an issue with the alert page filtering when the below
config is enabled:

<img width="627" height="181" alt="image"
src="https://github.com/user-attachments/assets/39fc9a61-d794-407d-bea9-16792c9a6535"
/>

When enabled, the config looks to make sure that searches are only done
against index patterns that are mapped to the given dataView. When
introducing the code to migrate to our new dataView picker
[here](https://github.com/elastic/kibana/blob/9659a525327b2e46478f45d03ce39103848361cc/x-pack/solutions/security/plugins/security_solution/public/common/lib/kuery/index.ts#L231)
in the following PR elastic#225726, a
check was done to only apply the new DataView when it was provided. To
fix a separate issue regarding flashing of the alerts page, this
following [initial
dataView](https://github.com/elastic/kibana/blob/9659a525327b2e46478f45d03ce39103848361cc/x-pack/solutions/security/plugins/security_solution/public/data_view_manager/hooks/use_data_view.ts#L45)
was introduced with this pr:
elastic#225675

In short, the dataView object was always defined, even if it was just an
initial dataView leading to the fields being queried against not being
mapped.

The necessary checks are added in this PR

### Checklist

Check the PR satisfies following conditions.

Reviewers should verify this PR satisfies this list as well.

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

(cherry picked from commit 128528c)
@kibanamachine kibanamachine added the backport This PR is a backport of another PR label Sep 16, 2025
@kibanamachine kibanamachine enabled auto-merge (squash) September 16, 2025 14:17
@kibanamachine kibanamachine mentioned this pull request Sep 16, 2025
Merged
1 task
@kibanamachine kibanamachine merged commit a1b49f6 into elastic:9.1 Sep 16, 2025
16 checks passed
@elasticmachine
Copy link
Contributor

elasticmachine commented Sep 16, 2025

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 9.9MB 9.9MB +62.0B

Saved Objects .kibana field count

Every field in each saved object type adds overhead to Elasticsearch. Kibana needs to keep the total field count below Elasticsearch's default limit of 1000 fields. Only specify field mappings for the fields you wish to search on or query. See https://www.elastic.co/guide/en/kibana/master/saved-objects-service.html#_mappings

id before after diff
_data_stream_timestamp 1 - -1
_doc_count 1 - -1
_ignored_source 1 - -1
_index_mode 1 - -1
_inference_fields 1 - -1
_tier 1 - -1
apm-custom-dashboards 5 - -5
apm-server-schema 2 - -2
apm-service-group 5 - -5
application_usage_daily 2 - -2
config 2 - -2
config-global 2 - -2
coreMigrationVersion 1 - -1
created_at 1 - -1
created_by 1 - -1
entity-definition 9 - -9
entity-discovery-api-key 2 - -2
event_loop_delays_daily 2 - -2
favorites 4 - -4
file 11 - -11
file-upload-usage-collection-telemetry 3 - -3
fileShare 5 - -5
guided-onboarding-guide-state 3 - -3
infra-custom-dashboards 4 - -4
infrastructure-monitoring-log-view 2 - -2
intercept_trigger_record 5 - -5
legacy-url-alias 7 - -7
managed 1 - -1
ml-job 6 - -6
ml-module 13 - -13
ml-trained-model 7 - -7
monitoring-telemetry 2 - -2
namespace 1 - -1
namespaces 1 - -1
observability-onboarding-state 2 - -2
originId 1 - -1
product-doc-install-status 7 - -7
references 4 - -4
sample-data-telemetry 3 - -3
security-ai-prompt 8 - -8
slo 11 - -11
space 5 - -5
synthetics-monitor 34 - -34
synthetics-monitor-multi-space 34 - -34
tag 4 - -4
type 1 - -1
typeMigrationVersion 1 - -1
ui-metric 2 - -2
updated_at 1 - -1
updated_by 1 - -1
upgrade-assistant-ml-upgrade-operation 3 - -3
upgrade-assistant-reindex-operation 3 - -3
uptime-synthetics-api-key 2 - -2
url 5 - -5
usage-counters 2 - -2
total -249

cc @michaelolo24

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

@michaelolo24 michaelolo24

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kibanamachine @elasticmachine @michaelolo24