diff --git a/docs/developer/architecture/security/feature-registration.asciidoc b/docs/developer/architecture/security/feature-registration.asciidoc
index 8c80c2e5f2ffb..4e0c220477faf 100644
--- a/docs/developer/architecture/security/feature-registration.asciidoc
+++ b/docs/developer/architecture/security/feature-registration.asciidoc
@@ -198,7 +198,10 @@ server.route({
 === Example 3: Discover
 
 Discover takes advantage of subfeature privileges to allow fine-grained access control. In this example,
-a single "Create Short URLs" subfeature privilege is defined, which allows users to grant access to this feature without having to grant the `all` privilege to Discover. In other words, you can grant `read` access to Discover, and also grant the ability to create short URLs.
+two subfeature privileges are defined: "Create Short URLs", and "Generate PDF Reports". These allow users to grant access to this feature without having to grant the `all` privilege to Discover. In other words, you can grant `read` access to Discover, and also grant the ability to create short URLs or generate PDF reports.
+
+Notice the "Generate PDF Reports" subfeature privilege has an additional `minimumPrivilege` option. Kibana will only offer this subfeature privilege if the
+license requirement is satisfied.
 
 ["source","javascript"]
 -----------
@@ -259,6 +262,28 @@ public setup(core, { features }) {
                 },
               ],
             },
+            {
+              groupType: 'independent',
+              privileges: [
+                {
+                  id: 'pdf_generate',
+                  name: i18n.translate(
+                    'xpack.features.ossFeatures.discoverGeneratePDFReportsPrivilegeName',
+                    {
+                      defaultMessage: 'Generate PDF Reports',
+                    }
+                  ),
+                  minimumLicense: 'platinum',
+                  includeIn: 'all',
+                  savedObject: {
+                    all: [],
+                    read: [],
+                  },
+                  api: ['generatePDFReports'],
+                  ui: ['generatePDFReports'],
+                },
+              ],
+            },
           ],
         },
       ],
diff --git a/docs/getting-started/quick-start-guide.asciidoc b/docs/getting-started/quick-start-guide.asciidoc
index f239b7ae6ca88..ccb6e931d69e3 100644
--- a/docs/getting-started/quick-start-guide.asciidoc
+++ b/docs/getting-started/quick-start-guide.asciidoc
@@ -140,4 +140,4 @@ For more information, refer to <<lens, *Lens*>>.
 
 If you are you ready to add your own data, refer to <<connect-to-elasticsearch,Add data to {kib}>>.
 
-If you want to ingest your data, refer to {ingest-guide}/ingest-management-getting-started.html[Quick start: Get logs and metrics into the Elastic Stack].
+If you want to ingest your data, refer to {ingest-guide}/fleet-quick-start.html[Quick start: Get logs and metrics into the Elastic Stack].
diff --git a/docs/setup/connect-to-elasticsearch.asciidoc b/docs/setup/connect-to-elasticsearch.asciidoc
index 03a728a15351e..0af953ec2cb09 100644
--- a/docs/setup/connect-to-elasticsearch.asciidoc
+++ b/docs/setup/connect-to-elasticsearch.asciidoc
@@ -37,7 +37,7 @@ ship with dashboards and visualizations,
 so you can quickly get insights into your data.
 
 To get started, refer to
-{ingest-guide}/ingest-management-getting-started.html[Quick start: Get logs and metrics into the Elastic Stack].
+{ingest-guide}/fleet-quick-start.html[Quick start: Get logs and metrics into the Elastic Stack].
 
 [role="screenshot"]
 image::images/add-data-fleet.png[Add data using Fleet]
diff --git a/docs/user/security/authentication/index.asciidoc b/docs/user/security/authentication/index.asciidoc
index bd37351e9b60a..c88fa9750b3e4 100644
--- a/docs/user/security/authentication/index.asciidoc
+++ b/docs/user/security/authentication/index.asciidoc
@@ -116,6 +116,7 @@ You can also configure both PKI and basic authentication for the same {kib} inst
 
 [source,yaml]
 --------------------------------------------------------------------------------
+server.ssl.clientAuthentication: optional
 xpack.security.authc.providers:
   pki.pki1:
     order: 0
diff --git a/package.json b/package.json
index 1a19b322bf655..2a0c292435403 100644
--- a/package.json
+++ b/package.json
@@ -723,7 +723,7 @@
     "less": "npm:@elastic/less@2.7.3-kibana",
     "license-checker": "^16.0.0",
     "listr": "^0.14.1",
-    "lmdb-store": "^0.6.10",
+    "lmdb-store": "^0.8.11",
     "load-grunt-config": "^3.0.1",
     "loader-utils": "^1.2.3",
     "log-symbols": "^2.2.0",
diff --git a/packages/kbn-optimizer/src/node/cache.ts b/packages/kbn-optimizer/src/node/cache.ts
index 1ce3b9eeeafd0..dc96bf47fafcf 100644
--- a/packages/kbn-optimizer/src/node/cache.ts
+++ b/packages/kbn-optimizer/src/node/cache.ts
@@ -19,7 +19,6 @@
 
 import Path from 'path';
 
-// @ts-expect-error no types available
 import * as LmdbStore from 'lmdb-store';
 import { REPO_ROOT, UPSTREAM_BRANCH } from '@kbn/dev-utils';
 
@@ -37,25 +36,11 @@ const MINUTE = 1000 * 60;
 const HOUR = MINUTE * 60;
 const DAY = HOUR * 24;
 
-interface Lmdb<T> {
-  get(key: string): T | undefined;
-  put(key: string, value: T, version?: number, ifVersion?: number): Promise<boolean>;
-  remove(key: string, ifVersion?: number): Promise<boolean>;
-  openDB<T>(options: { name: string; encoding: 'msgpack' | 'string' | 'json' | 'binary' }): Lmdb<T>;
-  getRange(options?: {
-    start?: T;
-    end?: T;
-    reverse?: boolean;
-    limit?: number;
-    versions?: boolean;
-  }): Iterable<{ key: string; value: T }>;
-}
-
 export class Cache {
-  private readonly codes: Lmdb<string>;
-  private readonly atimes: Lmdb<string>;
-  private readonly mtimes: Lmdb<string>;
-  private readonly sourceMaps: Lmdb<any>;
+  private readonly codes: LmdbStore.RootDatabase;
+  private readonly atimes: LmdbStore.Database;
+  private readonly mtimes: LmdbStore.Database;
+  private readonly sourceMaps: LmdbStore.Database;
   private readonly prefix: string;
 
   constructor(config: { prefix: string }) {
@@ -64,19 +49,23 @@ export class Cache {
     this.codes = LmdbStore.open({
       name: 'codes',
       path: CACHE_DIR,
+      // @ts-expect-error See https://github.com/DoctorEvidence/lmdb-store/pull/18
       maxReaders: 500,
     });
 
+    // @ts-expect-error See https://github.com/DoctorEvidence/lmdb-store/pull/18
     this.atimes = this.codes.openDB({
       name: 'atimes',
       encoding: 'string',
     });
 
+    // @ts-expect-error See https://github.com/DoctorEvidence/lmdb-store/pull/18
     this.mtimes = this.codes.openDB({
       name: 'mtimes',
       encoding: 'string',
     });
 
+    // @ts-expect-error See https://github.com/DoctorEvidence/lmdb-store/pull/18
     this.sourceMaps = this.codes.openDB({
       name: 'sourceMaps',
       encoding: 'msgpack',
@@ -92,7 +81,7 @@ export class Cache {
   }
 
   getMtime(path: string) {
-    return this.mtimes.get(this.getKey(path));
+    return this.safeGet<string>(this.mtimes, this.getKey(path));
   }
 
   getCode(path: string) {
@@ -103,11 +92,11 @@ export class Cache {
     // touched in a long time (currently 30 days)
     this.atimes.put(key, GLOBAL_ATIME).catch(reportError);
 
-    return this.codes.get(key);
+    return this.safeGet<string>(this.codes, key);
   }
 
   getSourceMap(path: string) {
-    return this.sourceMaps.get(this.getKey(path));
+    return this.safeGet<any>(this.sourceMaps, this.getKey(path));
   }
 
   update(path: string, file: { mtime: string; code: string; map: any }) {
@@ -125,17 +114,27 @@ export class Cache {
     return `${this.prefix}${path}`;
   }
 
+  private safeGet<V>(db: LmdbStore.Database, key: string) {
+    try {
+      return db.get(key) as V | undefined;
+    } catch (error) {
+      // get errors indicate that a key value is corrupt in some way, so remove it
+      db.removeSync(key);
+    }
+  }
+
   private async pruneOldKeys() {
     try {
       const ATIME_LIMIT = Date.now() - 30 * DAY;
       const BATCH_SIZE = 1000;
 
-      const validKeys: string[] = [];
-      const invalidKeys: string[] = [];
+      const validKeys: LmdbStore.Key[] = [];
+      const invalidKeys: LmdbStore.Key[] = [];
 
+      // @ts-expect-error See https://github.com/DoctorEvidence/lmdb-store/pull/18
       for (const { key, value } of this.atimes.getRange()) {
-        const atime = parseInt(value, 10);
-        if (atime < ATIME_LIMIT) {
+        const atime = parseInt(`${value}`, 10);
+        if (Number.isNaN(atime) || atime < ATIME_LIMIT) {
           invalidKeys.push(key);
         } else {
           validKeys.push(key);
diff --git a/packages/kbn-plugin-helpers/src/cli.ts b/packages/kbn-plugin-helpers/src/cli.ts
index 21b6559f63650..81db3b0bbebc0 100644
--- a/packages/kbn-plugin-helpers/src/cli.ts
+++ b/packages/kbn-plugin-helpers/src/cli.ts
@@ -90,6 +90,7 @@ export function runCli() {
 
         await Tasks.initTargets(context);
         await Tasks.optimize(context);
+        await Tasks.writePublicAssets(context);
         await Tasks.writeServerFiles(context);
         await Tasks.yarnInstall(context);
 
diff --git a/packages/kbn-plugin-helpers/src/integration_tests/build.test.ts b/packages/kbn-plugin-helpers/src/integration_tests/build.test.ts
index 5c1ecc4ee4ee4..a9f8ed045f6e3 100644
--- a/packages/kbn-plugin-helpers/src/integration_tests/build.test.ts
+++ b/packages/kbn-plugin-helpers/src/integration_tests/build.test.ts
@@ -77,7 +77,8 @@ it('builds a generated plugin into a viable archive', async () => {
      │ info initialized, 0 bundles cached
      │ info starting worker [1 bundle]
      │ succ 1 bundles compiled successfully after <time>
-     info copying source into the build and converting with babel
+     info copying assets from \`public/assets\` to build
+     info copying server source into the build and converting with babel
      info running yarn to install dependencies
      info compressing plugin into [fooTestPlugin-7.5.0.zip]"
   `);
diff --git a/packages/kbn-plugin-helpers/src/tasks/index.ts b/packages/kbn-plugin-helpers/src/tasks/index.ts
index 92bb5b1510ad3..9d7dba4c055ac 100644
--- a/packages/kbn-plugin-helpers/src/tasks/index.ts
+++ b/packages/kbn-plugin-helpers/src/tasks/index.ts
@@ -20,5 +20,6 @@
 export * from './clean';
 export * from './create_archive';
 export * from './optimize';
+export * from './write_public_assets';
 export * from './write_server_files';
 export * from './yarn_install';
diff --git a/packages/kbn-plugin-helpers/src/tasks/write_public_assets.ts b/packages/kbn-plugin-helpers/src/tasks/write_public_assets.ts
new file mode 100644
index 0000000000000..7a8f7c189e268
--- /dev/null
+++ b/packages/kbn-plugin-helpers/src/tasks/write_public_assets.ts
@@ -0,0 +1,45 @@
+/*
+ * Licensed to Elasticsearch B.V. under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch B.V. licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import { pipeline } from 'stream';
+import { promisify } from 'util';
+
+import vfs from 'vinyl-fs';
+
+import { BuildContext } from '../build_context';
+
+const asyncPipeline = promisify(pipeline);
+
+export async function writePublicAssets({ log, plugin, sourceDir, buildDir }: BuildContext) {
+  if (!plugin.manifest.ui) {
+    return;
+  }
+
+  log.info('copying assets from `public/assets` to build');
+
+  await asyncPipeline(
+    vfs.src(['public/assets/**/*'], {
+      cwd: sourceDir,
+      base: sourceDir,
+      buffer: true,
+      allowEmpty: true,
+    }),
+    vfs.dest(buildDir)
+  );
+}
diff --git a/packages/kbn-plugin-helpers/src/tasks/write_server_files.ts b/packages/kbn-plugin-helpers/src/tasks/write_server_files.ts
index 64e309822b673..9c3212b7d08c0 100644
--- a/packages/kbn-plugin-helpers/src/tasks/write_server_files.ts
+++ b/packages/kbn-plugin-helpers/src/tasks/write_server_files.ts
@@ -35,7 +35,7 @@ export async function writeServerFiles({
   buildDir,
   kibanaVersion,
 }: BuildContext) {
-  log.info('copying source into the build and converting with babel');
+  log.info('copying server source into the build and converting with babel');
 
   // copy source files and apply some babel transformations in the process
   await asyncPipeline(
diff --git a/packages/kbn-telemetry-tools/src/tools/__fixture__/all_extracted_collectors.ts b/packages/kbn-telemetry-tools/src/tools/__fixture__/all_extracted_collectors.ts
new file mode 100644
index 0000000000000..f531608dda50a
--- /dev/null
+++ b/packages/kbn-telemetry-tools/src/tools/__fixture__/all_extracted_collectors.ts
@@ -0,0 +1,37 @@
+/*
+ * Licensed to Elasticsearch B.V. under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch B.V. licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import { parsedExternallyDefinedCollector } from './parsed_externally_defined_collector';
+import { parsedImportedSchemaCollector } from './parsed_imported_schema';
+import { parsedImportedUsageInterface } from './parsed_imported_usage_interface';
+import { parsedIndexedInterfaceWithNoMatchingSchema } from './parsed_indexed_interface_with_not_matching_schema';
+import { parsedNestedCollector } from './parsed_nested_collector';
+import { parsedSchemaDefinedWithSpreadsCollector } from './parsed_schema_defined_with_spreads_collector';
+import { parsedWorkingCollector } from './parsed_working_collector';
+import { ParsedUsageCollection } from '../ts_parser';
+
+export const allExtractedCollectors: ParsedUsageCollection[] = [
+  ...parsedExternallyDefinedCollector,
+  ...parsedImportedSchemaCollector,
+  ...parsedImportedUsageInterface,
+  parsedIndexedInterfaceWithNoMatchingSchema,
+  parsedNestedCollector,
+  parsedSchemaDefinedWithSpreadsCollector,
+  parsedWorkingCollector,
+];
diff --git a/packages/kbn-telemetry-tools/src/tools/__fixture__/parsed_indexed_interface_with_not_matching_schema.ts b/packages/kbn-telemetry-tools/src/tools/__fixture__/parsed_indexed_interface_with_not_matching_schema.ts
index 109fc045b6ee0..572684fbe83fb 100644
--- a/packages/kbn-telemetry-tools/src/tools/__fixture__/parsed_indexed_interface_with_not_matching_schema.ts
+++ b/packages/kbn-telemetry-tools/src/tools/__fixture__/parsed_indexed_interface_with_not_matching_schema.ts
@@ -36,16 +36,14 @@ export const parsedIndexedInterfaceWithNoMatchingSchema: ParsedUsageCollection =
     fetch: {
       typeName: 'Usage',
       typeDescriptor: {
-        '': {
-          '@@INDEX@@': {
-            count_1: {
-              kind: SyntaxKind.NumberKeyword,
-              type: 'NumberKeyword',
-            },
-            count_2: {
-              kind: SyntaxKind.NumberKeyword,
-              type: 'NumberKeyword',
-            },
+        '@@INDEX@@': {
+          count_1: {
+            kind: SyntaxKind.NumberKeyword,
+            type: 'NumberKeyword',
+          },
+          count_2: {
+            kind: SyntaxKind.NumberKeyword,
+            type: 'NumberKeyword',
           },
         },
       },
diff --git a/packages/kbn-telemetry-tools/src/tools/__snapshots__/extract_collectors.test.ts.snap b/packages/kbn-telemetry-tools/src/tools/__snapshots__/extract_collectors.test.ts.snap
deleted file mode 100644
index fe589be7993d0..0000000000000
--- a/packages/kbn-telemetry-tools/src/tools/__snapshots__/extract_collectors.test.ts.snap
+++ /dev/null
@@ -1,295 +0,0 @@
-// Jest Snapshot v1, https://goo.gl/fbAQLP
-
-exports[`extractCollectors extracts collectors given rc file 1`] = `
-Array [
-  Array [
-    "src/fixtures/telemetry_collectors/externally_defined_collector.ts",
-    Object {
-      "collectorName": "from_variable_collector",
-      "fetch": Object {
-        "typeDescriptor": Object {
-          "locale": Object {
-            "kind": 146,
-            "type": "StringKeyword",
-          },
-        },
-        "typeName": "Usage",
-      },
-      "schema": Object {
-        "value": Object {
-          "locale": Object {
-            "type": "keyword",
-          },
-        },
-      },
-    },
-  ],
-  Array [
-    "src/fixtures/telemetry_collectors/externally_defined_collector.ts",
-    Object {
-      "collectorName": "from_fn_collector",
-      "fetch": Object {
-        "typeDescriptor": Object {
-          "locale": Object {
-            "kind": 146,
-            "type": "StringKeyword",
-          },
-        },
-        "typeName": "Usage",
-      },
-      "schema": Object {
-        "value": Object {
-          "locale": Object {
-            "type": "keyword",
-          },
-        },
-      },
-    },
-  ],
-  Array [
-    "src/fixtures/telemetry_collectors/imported_schema.ts",
-    Object {
-      "collectorName": "with_imported_schema",
-      "fetch": Object {
-        "typeDescriptor": Object {
-          "locale": Object {
-            "kind": 146,
-            "type": "StringKeyword",
-          },
-        },
-        "typeName": "Usage",
-      },
-      "schema": Object {
-        "value": Object {
-          "locale": Object {
-            "type": "keyword",
-          },
-        },
-      },
-    },
-  ],
-  Array [
-    "src/fixtures/telemetry_collectors/imported_usage_interface.ts",
-    Object {
-      "collectorName": "imported_usage_interface_collector",
-      "fetch": Object {
-        "typeDescriptor": Object {
-          "locale": Object {
-            "kind": 146,
-            "type": "StringKeyword",
-          },
-        },
-        "typeName": "Usage",
-      },
-      "schema": Object {
-        "value": Object {
-          "locale": Object {
-            "type": "keyword",
-          },
-        },
-      },
-    },
-  ],
-  Array [
-    "src/fixtures/telemetry_collectors/indexed_interface_with_not_matching_schema.ts",
-    Object {
-      "collectorName": "indexed_interface_with_not_matching_schema",
-      "fetch": Object {
-        "typeDescriptor": Object {
-          "@@INDEX@@": Object {
-            "count_1": Object {
-              "kind": 143,
-              "type": "NumberKeyword",
-            },
-            "count_2": Object {
-              "kind": 143,
-              "type": "NumberKeyword",
-            },
-          },
-        },
-        "typeName": "Usage",
-      },
-      "schema": Object {
-        "value": Object {
-          "something": Object {
-            "count_1": Object {
-              "type": "long",
-            },
-          },
-        },
-      },
-    },
-  ],
-  Array [
-    "src/fixtures/telemetry_collectors/nested_collector.ts",
-    Object {
-      "collectorName": "my_nested_collector",
-      "fetch": Object {
-        "typeDescriptor": Object {
-          "locale": Object {
-            "kind": 146,
-            "type": "StringKeyword",
-          },
-        },
-        "typeName": "Usage",
-      },
-      "schema": Object {
-        "value": Object {
-          "locale": Object {
-            "type": "keyword",
-          },
-        },
-      },
-    },
-  ],
-  Array [
-    "src/fixtures/telemetry_collectors/schema_defined_with_spreads_collector.ts",
-    Object {
-      "collectorName": "schema_defined_with_spreads",
-      "fetch": Object {
-        "typeDescriptor": Object {
-          "flat": Object {
-            "kind": 146,
-            "type": "StringKeyword",
-          },
-          "my_objects": Object {
-            "total": Object {
-              "kind": 143,
-              "type": "NumberKeyword",
-            },
-            "type": Object {
-              "kind": 131,
-              "type": "BooleanKeyword",
-            },
-          },
-          "my_str": Object {
-            "kind": 146,
-            "type": "StringKeyword",
-          },
-        },
-        "typeName": "Usage",
-      },
-      "schema": Object {
-        "value": Object {
-          "flat": Object {
-            "type": "keyword",
-          },
-          "my_objects": Object {
-            "total": Object {
-              "type": "long",
-            },
-            "type": Object {
-              "type": "boolean",
-            },
-          },
-          "my_str": Object {
-            "type": "text",
-          },
-        },
-      },
-    },
-  ],
-  Array [
-    "src/fixtures/telemetry_collectors/working_collector.ts",
-    Object {
-      "collectorName": "my_working_collector",
-      "fetch": Object {
-        "typeDescriptor": Object {
-          "flat": Object {
-            "kind": 146,
-            "type": "StringKeyword",
-          },
-          "my_array": Object {
-            "items": Object {
-              "total": Object {
-                "kind": 143,
-                "type": "NumberKeyword",
-              },
-              "type": Object {
-                "kind": 131,
-                "type": "BooleanKeyword",
-              },
-            },
-          },
-          "my_index_signature_prop": Object {
-            "@@INDEX@@": Object {
-              "kind": 143,
-              "type": "NumberKeyword",
-            },
-          },
-          "my_objects": Object {
-            "total": Object {
-              "kind": 143,
-              "type": "NumberKeyword",
-            },
-            "type": Object {
-              "kind": 131,
-              "type": "BooleanKeyword",
-            },
-          },
-          "my_str": Object {
-            "kind": 146,
-            "type": "StringKeyword",
-          },
-          "my_str_array": Object {
-            "items": Object {
-              "kind": 146,
-              "type": "StringKeyword",
-            },
-          },
-        },
-        "typeName": "Usage",
-      },
-      "schema": Object {
-        "value": Object {
-          "flat": Object {
-            "type": "keyword",
-          },
-          "my_array": Object {
-            "items": Object {
-              "total": Object {
-                "type": "long",
-              },
-              "type": Object {
-                "type": "boolean",
-              },
-            },
-            "type": "array",
-          },
-          "my_index_signature_prop": Object {
-            "avg": Object {
-              "type": "float",
-            },
-            "count": Object {
-              "type": "long",
-            },
-            "max": Object {
-              "type": "long",
-            },
-            "min": Object {
-              "type": "long",
-            },
-          },
-          "my_objects": Object {
-            "total": Object {
-              "type": "long",
-            },
-            "type": Object {
-              "type": "boolean",
-            },
-          },
-          "my_str": Object {
-            "type": "text",
-          },
-          "my_str_array": Object {
-            "items": Object {
-              "type": "keyword",
-            },
-            "type": "array",
-          },
-        },
-      },
-    },
-  ],
-]
-`;
diff --git a/packages/kbn-telemetry-tools/src/tools/check_collector__integrity.test.ts b/packages/kbn-telemetry-tools/src/tools/check_collector__integrity.test.ts
index b6ea9d49cf6d0..b4e934746dc45 100644
--- a/packages/kbn-telemetry-tools/src/tools/check_collector__integrity.test.ts
+++ b/packages/kbn-telemetry-tools/src/tools/check_collector__integrity.test.ts
@@ -90,10 +90,10 @@ describe('checkCompatibleTypeDescriptor', () => {
     expect(incompatibles).toHaveLength(1);
     const { diff, message } = incompatibles[0];
     // eslint-disable-next-line @typescript-eslint/naming-convention
-    expect(diff).toEqual({ '.@@INDEX@@.count_2.kind': 'number' });
+    expect(diff).toEqual({ '@@INDEX@@.count_2.kind': 'number' });
     expect(message).toHaveLength(1);
     expect(message).toEqual([
-      'incompatible Type key (Usage..@@INDEX@@.count_2): expected (undefined) got ("number").',
+      'incompatible Type key (Usage.@@INDEX@@.count_2): expected (undefined) got ("number").',
     ]);
   });
 
diff --git a/packages/kbn-telemetry-tools/src/tools/extract_collectors.test.ts b/packages/kbn-telemetry-tools/src/tools/extract_collectors.test.ts
index b03db75b219f6..9f1a1a2052791 100644
--- a/packages/kbn-telemetry-tools/src/tools/extract_collectors.test.ts
+++ b/packages/kbn-telemetry-tools/src/tools/extract_collectors.test.ts
@@ -21,6 +21,7 @@ import * as ts from 'typescript';
 import * as path from 'path';
 import { extractCollectors, getProgramPaths } from './extract_collectors';
 import { parseTelemetryRC } from './config';
+import { allExtractedCollectors } from './__fixture__/all_extracted_collectors';
 
 describe('extractCollectors', () => {
   it('extracts collectors given rc file', async () => {
@@ -35,6 +36,6 @@ describe('extractCollectors', () => {
 
     const results = [...extractCollectors(programPaths, tsConfig)];
     expect(results).toHaveLength(8);
-    expect(results).toMatchSnapshot();
+    expect(results).toStrictEqual(allExtractedCollectors);
   });
 });
diff --git a/src/core/server/i18n/i18n_service.test.mocks.ts b/src/core/server/i18n/i18n_service.test.mocks.ts
index 23f97a1404fff..d35141ecb111f 100644
--- a/src/core/server/i18n/i18n_service.test.mocks.ts
+++ b/src/core/server/i18n/i18n_service.test.mocks.ts
@@ -26,3 +26,8 @@ export const initTranslationsMock = jest.fn();
 jest.doMock('./init_translations', () => ({
   initTranslations: initTranslationsMock,
 }));
+
+export const registerRoutesMock = jest.fn();
+jest.doMock('./routes', () => ({
+  registerRoutes: registerRoutesMock,
+}));
diff --git a/src/core/server/i18n/i18n_service.test.ts b/src/core/server/i18n/i18n_service.test.ts
index 87de39a92ab26..e9deb96ccf88b 100644
--- a/src/core/server/i18n/i18n_service.test.ts
+++ b/src/core/server/i18n/i18n_service.test.ts
@@ -17,13 +17,18 @@
  * under the License.
  */
 
-import { getKibanaTranslationFilesMock, initTranslationsMock } from './i18n_service.test.mocks';
+import {
+  getKibanaTranslationFilesMock,
+  initTranslationsMock,
+  registerRoutesMock,
+} from './i18n_service.test.mocks';
 
 import { BehaviorSubject } from 'rxjs';
 import { I18nService } from './i18n_service';
 
 import { configServiceMock } from '../config/mocks';
 import { mockCoreContext } from '../core_context.mock';
+import { httpServiceMock } from '../http/http_service.mock';
 
 const getConfigService = (locale = 'en') => {
   const configService = configServiceMock.create();
@@ -41,6 +46,7 @@ const getConfigService = (locale = 'en') => {
 describe('I18nService', () => {
   let service: I18nService;
   let configService: ReturnType<typeof configServiceMock.create>;
+  let http: ReturnType<typeof httpServiceMock.createInternalSetupContract>;
 
   beforeEach(() => {
     jest.clearAllMocks();
@@ -48,6 +54,8 @@ describe('I18nService', () => {
 
     const coreContext = mockCoreContext.create({ configService });
     service = new I18nService(coreContext);
+
+    http = httpServiceMock.createInternalSetupContract();
   });
 
   describe('#setup', () => {
@@ -55,7 +63,7 @@ describe('I18nService', () => {
       getKibanaTranslationFilesMock.mockResolvedValue([]);
 
       const pluginPaths = ['/pathA', '/pathB'];
-      await service.setup({ pluginPaths });
+      await service.setup({ pluginPaths, http });
 
       expect(getKibanaTranslationFilesMock).toHaveBeenCalledTimes(1);
       expect(getKibanaTranslationFilesMock).toHaveBeenCalledWith('en', pluginPaths);
@@ -65,17 +73,27 @@ describe('I18nService', () => {
       const translationFiles = ['/path/to/file', 'path/to/another/file'];
       getKibanaTranslationFilesMock.mockResolvedValue(translationFiles);
 
-      await service.setup({ pluginPaths: [] });
+      await service.setup({ pluginPaths: [], http });
 
       expect(initTranslationsMock).toHaveBeenCalledTimes(1);
       expect(initTranslationsMock).toHaveBeenCalledWith('en', translationFiles);
     });
 
+    it('calls `registerRoutesMock` with the correct parameters', async () => {
+      await service.setup({ pluginPaths: [], http });
+
+      expect(registerRoutesMock).toHaveBeenCalledTimes(1);
+      expect(registerRoutesMock).toHaveBeenCalledWith({
+        locale: 'en',
+        router: expect.any(Object),
+      });
+    });
+
     it('returns accessors for locale and translation files', async () => {
       const translationFiles = ['/path/to/file', 'path/to/another/file'];
       getKibanaTranslationFilesMock.mockResolvedValue(translationFiles);
 
-      const { getLocale, getTranslationFiles } = await service.setup({ pluginPaths: [] });
+      const { getLocale, getTranslationFiles } = await service.setup({ pluginPaths: [], http });
 
       expect(getLocale()).toEqual('en');
       expect(getTranslationFiles()).toEqual(translationFiles);
diff --git a/src/core/server/i18n/i18n_service.ts b/src/core/server/i18n/i18n_service.ts
index fd32dd7fdd6ef..4a609ca5e2aea 100644
--- a/src/core/server/i18n/i18n_service.ts
+++ b/src/core/server/i18n/i18n_service.ts
@@ -21,11 +21,14 @@ import { take } from 'rxjs/operators';
 import { Logger } from '../logging';
 import { IConfigService } from '../config';
 import { CoreContext } from '../core_context';
+import { InternalHttpServiceSetup } from '../http';
 import { config as i18nConfigDef, I18nConfigType } from './i18n_config';
 import { getKibanaTranslationFiles } from './get_kibana_translation_files';
 import { initTranslations } from './init_translations';
+import { registerRoutes } from './routes';
 
 interface SetupDeps {
+  http: InternalHttpServiceSetup;
   pluginPaths: string[];
 }
 
@@ -53,7 +56,7 @@ export class I18nService {
     this.configService = coreContext.configService;
   }
 
-  public async setup({ pluginPaths }: SetupDeps): Promise<I18nServiceSetup> {
+  public async setup({ pluginPaths, http }: SetupDeps): Promise<I18nServiceSetup> {
     const i18nConfig = await this.configService
       .atPath<I18nConfigType>(i18nConfigDef.path)
       .pipe(take(1))
@@ -67,6 +70,9 @@ export class I18nService {
     this.log.debug(`Using translation files: [${translationFiles.join(', ')}]`);
     await initTranslations(locale, translationFiles);
 
+    const router = http.createRouter('');
+    registerRoutes({ router, locale });
+
     return {
       getLocale: () => locale,
       getTranslationFiles: () => translationFiles,
diff --git a/src/core/server/i18n/routes/index.ts b/src/core/server/i18n/routes/index.ts
new file mode 100644
index 0000000000000..b0cce67b0aa4d
--- /dev/null
+++ b/src/core/server/i18n/routes/index.ts
@@ -0,0 +1,25 @@
+/*
+ * Licensed to Elasticsearch B.V. under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch B.V. licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import { IRouter } from '../../http';
+import { registerTranslationsRoute } from './translations';
+
+export const registerRoutes = ({ router, locale }: { router: IRouter; locale: string }) => {
+  registerTranslationsRoute(router, locale);
+};
diff --git a/src/core/server/i18n/routes/translations.ts b/src/core/server/i18n/routes/translations.ts
new file mode 100644
index 0000000000000..c5cc9525d54aa
--- /dev/null
+++ b/src/core/server/i18n/routes/translations.ts
@@ -0,0 +1,69 @@
+/*
+ * Licensed to Elasticsearch B.V. under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch B.V. licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import { createHash } from 'crypto';
+import { i18n } from '@kbn/i18n';
+import { schema } from '@kbn/config-schema';
+import { IRouter } from '../../http';
+
+interface TranslationCache {
+  translations: string;
+  hash: string;
+}
+
+export const registerTranslationsRoute = (router: IRouter, locale: string) => {
+  let translationCache: TranslationCache;
+
+  router.get(
+    {
+      path: '/translations/{locale}.json',
+      validate: {
+        params: schema.object({
+          locale: schema.string(),
+        }),
+      },
+      options: {
+        authRequired: false,
+      },
+    },
+    (ctx, req, res) => {
+      if (req.params.locale.toLowerCase() !== locale.toLowerCase()) {
+        return res.notFound({
+          body: `Unknown locale: ${req.params.locale}`,
+        });
+      }
+      if (!translationCache) {
+        const translations = JSON.stringify(i18n.getTranslation());
+        const hash = createHash('sha1').update(translations).digest('hex');
+        translationCache = {
+          translations,
+          hash,
+        };
+      }
+      return res.ok({
+        headers: {
+          'content-type': 'application/json',
+          'cache-control': 'must-revalidate',
+          etag: translationCache.hash,
+        },
+        body: translationCache.translations,
+      });
+    }
+  );
+};
diff --git a/src/core/server/server.ts b/src/core/server/server.ts
index 55ed88e55a9f5..0f7e8cced999c 100644
--- a/src/core/server/server.ts
+++ b/src/core/server/server.ts
@@ -131,9 +131,6 @@ export class Server {
       await ensureValidConfiguration(this.configService, legacyConfigSetup);
     }
 
-    // setup i18n prior to any other service, to have translations ready
-    const i18nServiceSetup = await this.i18n.setup({ pluginPaths });
-
     const contextServiceSetup = this.context.setup({
       // We inject a fake "legacy plugin" with dependencies on every plugin so that legacy plugins:
       // 1) Can access context from any KP plugin
@@ -149,6 +146,9 @@ export class Server {
       context: contextServiceSetup,
     });
 
+    // setup i18n prior to any other service, to have translations ready
+    const i18nServiceSetup = await this.i18n.setup({ http: httpSetup, pluginPaths });
+
     const capabilitiesSetup = this.capabilities.setup({ http: httpSetup });
 
     const elasticsearchServiceSetup = await this.elasticsearch.setup({
diff --git a/src/dev/build/tasks/os_packages/package_scripts/post_install.sh b/src/dev/build/tasks/os_packages/package_scripts/post_install.sh
index 728278dae746b..6eb111e066c83 100644
--- a/src/dev/build/tasks/os_packages/package_scripts/post_install.sh
+++ b/src/dev/build/tasks/os_packages/package_scripts/post_install.sh
@@ -17,6 +17,7 @@ set_chmod() {
 
 set_chown() {
   chown <%= user %>:<%= group %> <%= logDir %>
+  chown <%= user %>:<%= group %> <%= pidDir %>
   chown -R <%= user %>:<%= group %> <%= dataDir %>
   chown -R root:<%= group %> ${KBN_PATH_CONF}
 }
diff --git a/src/dev/build/tasks/os_packages/run_fpm.ts b/src/dev/build/tasks/os_packages/run_fpm.ts
index f16eaea1daa2f..7dff592eb9b83 100644
--- a/src/dev/build/tasks/os_packages/run_fpm.ts
+++ b/src/dev/build/tasks/os_packages/run_fpm.ts
@@ -112,6 +112,8 @@ export async function runFpm(
     '--template-value',
     `logDir=/var/log/kibana`,
     '--template-value',
+    `pidDir=/run/kibana`,
+    '--template-value',
     `envFile=/etc/default/kibana`,
     // config and data directories are copied to /usr/share and /var/lib
     // below, so exclude them from the main package source located in
@@ -120,6 +122,8 @@ export async function runFpm(
     `usr/share/kibana/config`,
     '--exclude',
     `usr/share/kibana/data`,
+    '--exclude',
+    'run/kibana/.gitempty',
 
     // flags specific to the package we are building, supplied by tasks below
     ...pkgSpecificFlags,
diff --git a/src/dev/build/tasks/os_packages/service_templates/systemd/run/kibana/.gitempty b/src/dev/build/tasks/os_packages/service_templates/systemd/run/kibana/.gitempty
new file mode 100644
index 0000000000000..e69de29bb2d1d
diff --git a/src/dev/storybook/aliases.ts b/src/dev/storybook/aliases.ts
index 153725fc48e7b..36c742dc40403 100644
--- a/src/dev/storybook/aliases.ts
+++ b/src/dev/storybook/aliases.ts
@@ -22,6 +22,7 @@ export const storybookAliases = {
   canvas: 'x-pack/plugins/canvas/storybook',
   codeeditor: 'src/plugins/kibana_react/public/code_editor/.storybook',
   dashboard_enhanced: 'x-pack/plugins/dashboard_enhanced/.storybook',
+  data_enhanced: 'x-pack/plugins/data_enhanced/.storybook',
   embeddable: 'src/plugins/embeddable/.storybook',
   infra: 'x-pack/plugins/infra/.storybook',
   security_solution: 'x-pack/plugins/security_solution/.storybook',
diff --git a/src/legacy/ui/ui_render/ui_render_mixin.js b/src/legacy/ui/ui_render/ui_render_mixin.js
index a02c2fca14c18..b8e80300957ba 100644
--- a/src/legacy/ui/ui_render/ui_render_mixin.js
+++ b/src/legacy/ui/ui_render/ui_render_mixin.js
@@ -17,9 +17,7 @@
  * under the License.
  */
 
-import { createHash } from 'crypto';
 import Boom from '@hapi/boom';
-import { i18n } from '@kbn/i18n';
 import * as UiSharedDeps from '@kbn/ui-shared-deps';
 import { KibanaRequest } from '../../../core/server';
 import { AppBootstrap } from './bootstrap';
@@ -37,36 +35,6 @@ import { getApmConfig } from '../apm';
  * @param {KbnServer['config']} config
  */
 export function uiRenderMixin(kbnServer, server, config) {
-  const translationsCache = { translations: null, hash: null };
-  server.route({
-    path: '/translations/{locale}.json',
-    method: 'GET',
-    config: { auth: false },
-    handler(request, h) {
-      // Kibana server loads translations only for a single locale
-      // that is specified in `i18n.locale` config value.
-      const { locale } = request.params;
-      if (i18n.getLocale() !== locale.toLowerCase()) {
-        throw Boom.notFound(`Unknown locale: ${locale}`);
-      }
-
-      // Stringifying thousands of labels and calculating hash on the resulting
-      // string can be expensive so it makes sense to do it once and cache.
-      if (translationsCache.translations == null) {
-        translationsCache.translations = JSON.stringify(i18n.getTranslation());
-        translationsCache.hash = createHash('sha1')
-          .update(translationsCache.translations)
-          .digest('hex');
-      }
-
-      return h
-        .response(translationsCache.translations)
-        .header('cache-control', 'must-revalidate')
-        .header('content-type', 'application/json')
-        .etag(translationsCache.hash);
-    },
-  });
-
   const authEnabled = !!server.auth.settings.default;
   server.route({
     path: '/bootstrap.js',
diff --git a/src/plugins/advanced_settings/public/management_app/lib/get_category_name.ts b/src/plugins/advanced_settings/public/management_app/lib/get_category_name.ts
index 31df6875c97d9..c8fbe8009c9bb 100644
--- a/src/plugins/advanced_settings/public/management_app/lib/get_category_name.ts
+++ b/src/plugins/advanced_settings/public/management_app/lib/get_category_name.ts
@@ -25,6 +25,12 @@ const names: Record<string, string> = {
   general: i18n.translate('advancedSettings.categoryNames.generalLabel', {
     defaultMessage: 'General',
   }),
+  machineLearning: i18n.translate('advancedSettings.categoryNames.machineLearningLabel', {
+    defaultMessage: 'Machine Learning',
+  }),
+  observability: i18n.translate('advancedSettings.categoryNames.observabilityLabel', {
+    defaultMessage: 'Observability',
+  }),
   timelion: i18n.translate('advancedSettings.categoryNames.timelionLabel', {
     defaultMessage: 'Timelion',
   }),
diff --git a/src/plugins/data/common/search/session/mocks.ts b/src/plugins/data/common/search/session/mocks.ts
index 2b64bbbd27565..370faaa640c56 100644
--- a/src/plugins/data/common/search/session/mocks.ts
+++ b/src/plugins/data/common/search/session/mocks.ts
@@ -17,6 +17,7 @@
  * under the License.
  */
 
+import { BehaviorSubject } from 'rxjs';
 import { ISessionService } from './types';
 
 export function getSessionServiceMock(): jest.Mocked<ISessionService> {
@@ -25,6 +26,6 @@ export function getSessionServiceMock(): jest.Mocked<ISessionService> {
     start: jest.fn(),
     restore: jest.fn(),
     getSessionId: jest.fn(),
-    getSession$: jest.fn(),
+    getSession$: jest.fn(() => new BehaviorSubject(undefined).asObservable()),
   };
 }
diff --git a/src/plugins/kibana_react/public/table_list_view/table_list_view.tsx b/src/plugins/kibana_react/public/table_list_view/table_list_view.tsx
index 4f509876a75f4..75fd2c30a995a 100644
--- a/src/plugins/kibana_react/public/table_list_view/table_list_view.tsx
+++ b/src/plugins/kibana_react/public/table_list_view/table_list_view.tsx
@@ -57,7 +57,7 @@ export interface TableListViewProps {
   listingLimit: number;
   initialFilter: string;
   initialPageSize: number;
-  noItemsFragment: JSX.Element;
+  noItemsFragment?: JSX.Element;
   tableColumns: Array<EuiBasicTableColumn<any>>;
   tableListTitle: string;
   toastNotifications: ToastsStart;
@@ -73,7 +73,7 @@ export interface TableListViewProps {
   /**
    * Describes the content of the table. If not specified, the caption will be "This table contains {itemCount} rows."
    */
-  tableCaption: string;
+  tableCaption?: string;
   searchFilters?: SearchFilterConfig[];
 }
 
@@ -445,6 +445,7 @@ class TableListView extends React.Component<TableListViewProps, TableListViewSta
       defaultQuery: this.state.filter,
       box: {
         incremental: true,
+        'data-test-subj': 'tableListSearchBox',
       },
       filters: searchFilters ?? [],
     };
diff --git a/src/plugins/timelion/public/index.scss b/src/plugins/timelion/public/index.scss
index f39e0c18a2870..b93e99bf9bcc4 100644
--- a/src/plugins/timelion/public/index.scss
+++ b/src/plugins/timelion/public/index.scss
@@ -15,4 +15,4 @@
 // styles for timelion visualization are lazy loaded only while a vis is opened
 // this will duplicate styles only if both Timelion app and timelion visualization are loaded
 // could be left here as it is since the Timelion app is deprecated
-@import '../../vis_type_timelion/public/components/index.scss';
+@import '../../vis_type_timelion/public/components/timelion_vis.scss';
diff --git a/src/plugins/vis_type_timelion/public/components/index.scss b/src/plugins/vis_type_timelion/public/components/index.scss
deleted file mode 100644
index a541c66e6e913..0000000000000
--- a/src/plugins/vis_type_timelion/public/components/index.scss
+++ /dev/null
@@ -1,2 +0,0 @@
-@import 'timelion_vis';
-@import 'timelion_expression_input';
diff --git a/src/plugins/vis_type_timelion/public/components/_timelion_vis.scss b/src/plugins/vis_type_timelion/public/components/timelion_vis.scss
similarity index 88%
rename from src/plugins/vis_type_timelion/public/components/_timelion_vis.scss
rename to src/plugins/vis_type_timelion/public/components/timelion_vis.scss
index 6729d400523cd..c4d591bc82cad 100644
--- a/src/plugins/vis_type_timelion/public/components/_timelion_vis.scss
+++ b/src/plugins/vis_type_timelion/public/components/timelion_vis.scss
@@ -58,11 +58,3 @@
   white-space: nowrap;
   font-weight: $euiFontWeightBold;
 }
-
-.visEditor--timelion {
-  .visEditorSidebar__timelionOptions {
-    flex: 1 1 auto;
-    display: flex;
-    flex-direction: column;
-  }
-}
diff --git a/src/plugins/vis_type_timelion/public/components/timelion_vis_component.tsx b/src/plugins/vis_type_timelion/public/components/timelion_vis_component.tsx
index 953ec5e819f44..a448b58afe8a4 100644
--- a/src/plugins/vis_type_timelion/public/components/timelion_vis_component.tsx
+++ b/src/plugins/vis_type_timelion/public/components/timelion_vis_component.tsx
@@ -40,7 +40,7 @@ import { tickFormatters } from '../helpers/tick_formatters';
 import { generateTicksProvider } from '../helpers/tick_generator';
 import { TimelionVisDependencies } from '../plugin';
 
-import './index.scss';
+import './timelion_vis.scss';
 
 interface CrosshairPlot extends jquery.flot.plot {
   setCrosshair: (pos: Position) => void;
diff --git a/src/plugins/vis_type_timelion/public/components/_timelion_expression_input.scss b/src/plugins/vis_type_timelion/public/timelion_options.scss
similarity index 77%
rename from src/plugins/vis_type_timelion/public/components/_timelion_expression_input.scss
rename to src/plugins/vis_type_timelion/public/timelion_options.scss
index 3f274520cce63..7cd0c855653c8 100644
--- a/src/plugins/vis_type_timelion/public/components/_timelion_expression_input.scss
+++ b/src/plugins/vis_type_timelion/public/timelion_options.scss
@@ -26,3 +26,11 @@
     max-height: $euiSize * 15;
   }
 }
+
+.visEditor--timelion {
+  .visEditorSidebar__timelionOptions {
+    flex: 1 1 auto;
+    display: flex;
+    flex-direction: column;
+  }
+}
diff --git a/src/plugins/vis_type_timelion/public/timelion_options.tsx b/src/plugins/vis_type_timelion/public/timelion_options.tsx
index 1ef8088c7a714..90a39c2c90e26 100644
--- a/src/plugins/vis_type_timelion/public/timelion_options.tsx
+++ b/src/plugins/vis_type_timelion/public/timelion_options.tsx
@@ -27,6 +27,8 @@ import { TimelionVisParams } from './timelion_vis_fn';
 import { TimelionInterval, TimelionExpressionInput } from './components';
 import { TimelionVisDependencies } from './plugin';
 
+import './timelion_options.scss';
+
 export type TimelionOptionsProps = VisOptionsProps<TimelionVisParams>;
 
 function TimelionOptions({
diff --git a/src/plugins/vis_type_vislib/public/vislib/_vislib_vis_type.scss b/src/plugins/vis_type_vislib/public/vislib/_vislib_vis_type.scss
index 843bb9d3f03eb..9e737fc87e895 100644
--- a/src/plugins/vis_type_vislib/public/vislib/_vislib_vis_type.scss
+++ b/src/plugins/vis_type_vislib/public/vislib/_vislib_vis_type.scss
@@ -29,3 +29,15 @@
   min-height: 0;
   min-width: 0;
 }
+
+.vislib__wrapper {
+  position: relative;
+}
+
+.vislib__container {
+  position: absolute;
+  top: 0;
+  right: 0;
+  bottom: 0;
+  left: 0;
+}
diff --git a/test/api_integration/apis/core/compression.ts b/test/api_integration/apis/core/compression.ts
new file mode 100644
index 0000000000000..d7184e28ca3a4
--- /dev/null
+++ b/test/api_integration/apis/core/compression.ts
@@ -0,0 +1,55 @@
+/*
+ * Licensed to Elasticsearch B.V. under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch B.V. licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import expect from '@kbn/expect';
+import { FtrProviderContext } from '../../ftr_provider_context';
+
+export default function ({ getService }: FtrProviderContext) {
+  const supertest = getService('supertest');
+
+  describe('compression', () => {
+    it(`uses compression when there isn't a referer`, async () => {
+      await supertest
+        .get('/app/kibana')
+        .set('accept-encoding', 'gzip')
+        .then((response) => {
+          expect(response.header).to.have.property('content-encoding', 'gzip');
+        });
+    });
+
+    it(`uses compression when there is a whitelisted referer`, async () => {
+      await supertest
+        .get('/app/kibana')
+        .set('accept-encoding', 'gzip')
+        .set('referer', 'https://some-host.com')
+        .then((response) => {
+          expect(response.header).to.have.property('content-encoding', 'gzip');
+        });
+    });
+
+    it(`doesn't use compression when there is a non-whitelisted referer`, async () => {
+      await supertest
+        .get('/app/kibana')
+        .set('accept-encoding', 'gzip')
+        .set('referer', 'https://other.some-host.com')
+        .then((response) => {
+          expect(response.header).not.to.have.property('content-encoding');
+        });
+    });
+  });
+}
diff --git a/test/api_integration/apis/core/index.js b/test/api_integration/apis/core/index.js
deleted file mode 100644
index ab9bb8d33c2dc..0000000000000
--- a/test/api_integration/apis/core/index.js
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Licensed to Elasticsearch B.V. under one or more contributor
- * license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright
- * ownership. Elasticsearch B.V. licenses this file to you under
- * the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-import expect from '@kbn/expect';
-
-export default function ({ getService }) {
-  const supertest = getService('supertest');
-
-  describe('core', () => {
-    describe('compression', () => {
-      it(`uses compression when there isn't a referer`, async () => {
-        await supertest
-          .get('/app/kibana')
-          .set('accept-encoding', 'gzip')
-          .then((response) => {
-            expect(response.headers).to.have.property('content-encoding', 'gzip');
-          });
-      });
-
-      it(`uses compression when there is a whitelisted referer`, async () => {
-        await supertest
-          .get('/app/kibana')
-          .set('accept-encoding', 'gzip')
-          .set('referer', 'https://some-host.com')
-          .then((response) => {
-            expect(response.headers).to.have.property('content-encoding', 'gzip');
-          });
-      });
-
-      it(`doesn't use compression when there is a non-whitelisted referer`, async () => {
-        await supertest
-          .get('/app/kibana')
-          .set('accept-encoding', 'gzip')
-          .set('referer', 'https://other.some-host.com')
-          .then((response) => {
-            expect(response.headers).not.to.have.property('content-encoding');
-          });
-      });
-    });
-  });
-}
diff --git a/test/api_integration/apis/core/index.ts b/test/api_integration/apis/core/index.ts
new file mode 100644
index 0000000000000..6a1d7db769df5
--- /dev/null
+++ b/test/api_integration/apis/core/index.ts
@@ -0,0 +1,27 @@
+/*
+ * Licensed to Elasticsearch B.V. under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch B.V. licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import { FtrProviderContext } from '../../ftr_provider_context';
+
+export default function ({ loadTestFile }: FtrProviderContext) {
+  describe('core', () => {
+    loadTestFile(require.resolve('./compression'));
+    loadTestFile(require.resolve('./translations'));
+  });
+}
diff --git a/test/api_integration/apis/core/translations.ts b/test/api_integration/apis/core/translations.ts
new file mode 100644
index 0000000000000..865d3d070f39a
--- /dev/null
+++ b/test/api_integration/apis/core/translations.ts
@@ -0,0 +1,42 @@
+/*
+ * Licensed to Elasticsearch B.V. under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch B.V. licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import expect from '@kbn/expect';
+import { FtrProviderContext } from '../../ftr_provider_context';
+
+export default function ({ getService }: FtrProviderContext) {
+  const supertest = getService('supertest');
+
+  describe('translations', () => {
+    it(`returns the translations with the correct headers`, async () => {
+      await supertest.get('/translations/en.json').then((response) => {
+        expect(response.body.locale).to.eql('en');
+
+        expect(response.header).to.have.property('content-type', 'application/json; charset=utf-8');
+        expect(response.header).to.have.property('cache-control', 'must-revalidate');
+        expect(response.header).to.have.property('etag');
+      });
+    });
+
+    it(`returns a 404 when not using the correct locale`, async () => {
+      await supertest.get('/translations/foo.json').then((response) => {
+        expect(response.status).to.eql(404);
+      });
+    });
+  });
+}
diff --git a/test/functional/page_objects/dashboard_page.ts b/test/functional/page_objects/dashboard_page.ts
index 21f0991f7efde..265f47773dd45 100644
--- a/test/functional/page_objects/dashboard_page.ts
+++ b/test/functional/page_objects/dashboard_page.ts
@@ -126,9 +126,7 @@ export function DashboardPageProvider({ getService, getPageObjects }: FtrProvide
      */
     public async onDashboardLandingPage() {
       log.debug(`onDashboardLandingPage`);
-      return await testSubjects.exists('dashboardLandingPage', {
-        timeout: 5000,
-      });
+      return await listingTable.onListingPage('dashboard');
     }
 
     public async expectExistsDashboardLandingPage() {
diff --git a/test/functional/services/listing_table.ts b/test/functional/services/listing_table.ts
index 0778fe954879d..53b45697136ed 100644
--- a/test/functional/services/listing_table.ts
+++ b/test/functional/services/listing_table.ts
@@ -20,21 +20,19 @@
 import expect from '@kbn/expect';
 import { FtrProviderContext } from '../ftr_provider_context';
 
+type AppName = 'visualize' | 'dashboard' | 'map';
+
 export function ListingTableProvider({ getService, getPageObjects }: FtrProviderContext) {
   const testSubjects = getService('testSubjects');
   const find = getService('find');
   const log = getService('log');
   const retry = getService('retry');
   const { common, header } = getPageObjects(['common', 'header']);
-  const prefixMap = { visualize: 'vis', dashboard: 'dashboard' };
+  const prefixMap = { visualize: 'vis', dashboard: 'dashboard', map: 'map' };
 
-  /**
-   * This class provides functions for dashboard and visualize landing pages
-   */
   class ListingTable {
     private async getSearchFilter() {
-      const searchFilter = await find.allByCssSelector('main .euiFieldSearch');
-      return searchFilter[0];
+      return await testSubjects.find('tableListSearchBox');
     }
 
     /**
@@ -86,9 +84,8 @@ export function ListingTableProvider({ getService, getPageObjects }: FtrProvider
 
     /**
      * Returns items count on landing page
-     * @param appName 'visualize' | 'dashboard'
      */
-    public async expectItemsCount(appName: 'visualize' | 'dashboard', count: number) {
+    public async expectItemsCount(appName: AppName, count: number) {
       await retry.try(async () => {
         const elements = await find.allByCssSelector(
           `[data-test-subj^="${prefixMap[appName]}ListingTitleLink"]`
@@ -126,14 +123,8 @@ export function ListingTableProvider({ getService, getPageObjects }: FtrProvider
 
     /**
      * Searches for item on Landing page and retruns items count that match `ListingTitleLink-${name}` pattern
-     * @param appName 'visualize' | 'dashboard'
-     * @param name item name
      */
-    public async searchAndExpectItemsCount(
-      appName: 'visualize' | 'dashboard',
-      name: string,
-      count: number
-    ) {
+    public async searchAndExpectItemsCount(appName: AppName, name: string, count: number) {
       await this.searchForItemWithName(name);
       await retry.try(async () => {
         const links = await testSubjects.findAll(
@@ -165,10 +156,8 @@ export function ListingTableProvider({ getService, getPageObjects }: FtrProvider
 
     /**
      * Clicks item on Landing page by link name if it is present
-     * @param appName 'dashboard' | 'visualize'
-     * @param name item name
      */
-    public async clickItemLink(appName: 'dashboard' | 'visualize', name: string) {
+    public async clickItemLink(appName: AppName, name: string) {
       await testSubjects.click(
         `${prefixMap[appName]}ListingTitleLink-${name.split(' ').join('-')}`
       );
@@ -204,6 +193,12 @@ export function ListingTableProvider({ getService, getPageObjects }: FtrProvider
         }
       });
     }
+
+    public async onListingPage(appName: AppName) {
+      return await testSubjects.exists(`${appName}LandingPage`, {
+        timeout: 5000,
+      });
+    }
   }
 
   return new ListingTable();
diff --git a/x-pack/plugins/apm/jest.config.js b/x-pack/plugins/apm/jest.config.js
index 5be8ad141ffd0..ffd3a39e8afd1 100644
--- a/x-pack/plugins/apm/jest.config.js
+++ b/x-pack/plugins/apm/jest.config.js
@@ -29,7 +29,7 @@ module.exports = {
   roots: [`${rootDir}/common`, `${rootDir}/public`, `${rootDir}/server`],
   collectCoverage: true,
   collectCoverageFrom: [
-    ...jestConfig.collectCoverageFrom,
+    ...(jestConfig.collectCoverageFrom ?? []),
     '**/*.{js,mjs,jsx,ts,tsx}',
     '!**/*.stories.{js,mjs,ts,tsx}',
     '!**/dev_docs/**',
diff --git a/x-pack/plugins/apm/public/components/app/service_overview/index.tsx b/x-pack/plugins/apm/public/components/app/service_overview/index.tsx
index 44bd7d6c73d8e..50667d3135f1a 100644
--- a/x-pack/plugins/apm/public/components/app/service_overview/index.tsx
+++ b/x-pack/plugins/apm/public/components/app/service_overview/index.tsx
@@ -13,7 +13,6 @@ import {
 } from '@elastic/eui';
 import { i18n } from '@kbn/i18n';
 import React from 'react';
-import styled from 'styled-components';
 import { useTrackPageview } from '../../../../../observability/public';
 import { isRumAgentName } from '../../../../common/agent_name';
 import { ChartsSyncContextProvider } from '../../../context/charts_sync_context';
@@ -24,16 +23,11 @@ import { SearchBar } from '../../shared/search_bar';
 import { ServiceOverviewErrorsTable } from './service_overview_errors_table';
 import { TableLinkFlexItem } from './table_link_flex_item';
 
-const rowHeight = 310;
-const latencyChartRowHeight = 230;
-
-const Row = styled(EuiFlexItem)`
-  height: ${rowHeight}px;
-`;
-
-const LatencyChartRow = styled(EuiFlexItem)`
-  height: ${latencyChartRowHeight}px;
-`;
+/**
+ * The height a chart should be if it's next to a table with 5 rows and a title.
+ * Add the height of the pagination row.
+ */
+export const chartHeight = 322;
 
 interface ServiceOverviewProps {
   agentName?: string;
@@ -52,7 +46,7 @@ export function ServiceOverview({
       <SearchBar />
       <EuiPage>
         <EuiFlexGroup direction="column" gutterSize="s">
-          <LatencyChartRow>
+          <EuiFlexItem>
             <EuiPanel>
               <EuiTitle size="xs">
                 <h2>
@@ -65,8 +59,8 @@ export function ServiceOverview({
                 </h2>
               </EuiTitle>
             </EuiPanel>
-          </LatencyChartRow>
-          <Row>
+          </EuiFlexItem>
+          <EuiFlexItem>
             <EuiFlexGroup gutterSize="s">
               <EuiFlexItem grow={4}>
                 <EuiPanel>
@@ -111,12 +105,15 @@ export function ServiceOverview({
                 </EuiPanel>
               </EuiFlexItem>
             </EuiFlexGroup>
-          </Row>
-          <Row>
+          </EuiFlexItem>
+          <EuiFlexItem>
             <EuiFlexGroup gutterSize="s">
               {!isRumAgentName(agentName) && (
                 <EuiFlexItem grow={4}>
-                  <TransactionErrorRateChart showAnnotations={false} />
+                  <TransactionErrorRateChart
+                    height={chartHeight}
+                    showAnnotations={false}
+                  />
                 </EuiFlexItem>
               )}
               <EuiFlexItem grow={6}>
@@ -125,8 +122,8 @@ export function ServiceOverview({
                 </EuiPanel>
               </EuiFlexItem>
             </EuiFlexGroup>
-          </Row>
-          <Row>
+          </EuiFlexItem>
+          <EuiFlexItem>
             <EuiFlexGroup gutterSize="s">
               <EuiFlexItem grow={4}>
                 <EuiPanel>
@@ -175,8 +172,8 @@ export function ServiceOverview({
                 </EuiPanel>
               </EuiFlexItem>
             </EuiFlexGroup>
-          </Row>
-          <Row>
+          </EuiFlexItem>
+          <EuiFlexItem>
             <EuiFlexGroup gutterSize="s">
               <EuiFlexItem grow={4}>
                 <EuiPanel>
@@ -207,7 +204,7 @@ export function ServiceOverview({
                 </EuiPanel>
               </EuiFlexItem>
             </EuiFlexGroup>
-          </Row>
+          </EuiFlexItem>
         </EuiFlexGroup>
       </EuiPage>
     </ChartsSyncContextProvider>
diff --git a/x-pack/plugins/apm/public/components/app/service_overview/service_overview_errors_table/fetch_wrapper.tsx b/x-pack/plugins/apm/public/components/app/service_overview/service_overview_errors_table/fetch_wrapper.tsx
index 4c8d368811a0c..912490d866e88 100644
--- a/x-pack/plugins/apm/public/components/app/service_overview/service_overview_errors_table/fetch_wrapper.tsx
+++ b/x-pack/plugins/apm/public/components/app/service_overview/service_overview_errors_table/fetch_wrapper.tsx
@@ -4,27 +4,20 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 
-import React from 'react';
+import React, { ReactNode } from 'react';
 import { FETCH_STATUS } from '../../../../hooks/useFetcher';
 import { ErrorStatePrompt } from '../../../shared/ErrorStatePrompt';
-import { LoadingStatePrompt } from '../../../shared/LoadingStatePrompt';
 
 export function FetchWrapper({
-  hasData,
   status,
   children,
 }: {
-  hasData: boolean;
   status: FETCH_STATUS;
-  children: React.ReactNode;
+  children: ReactNode;
 }) {
   if (status === FETCH_STATUS.FAILURE) {
     return <ErrorStatePrompt />;
   }
 
-  if (!hasData && status !== FETCH_STATUS.SUCCESS) {
-    return <LoadingStatePrompt />;
-  }
-
   return <>{children}</>;
 }
diff --git a/x-pack/plugins/apm/public/components/app/service_overview/service_overview_errors_table/index.tsx b/x-pack/plugins/apm/public/components/app/service_overview/service_overview_errors_table/index.tsx
index a5a002cf3aca4..34b934c41cca3 100644
--- a/x-pack/plugins/apm/public/components/app/service_overview/service_overview_errors_table/index.tsx
+++ b/x-pack/plugins/apm/public/components/app/service_overview/service_overview_errors_table/index.tsx
@@ -3,25 +3,27 @@
  * or more contributor license agreements. Licensed under the Elastic License;
  * you may not use this file except in compliance with the Elastic License.
  */
-import React, { useState } from 'react';
-import { EuiTitle } from '@elastic/eui';
-import { EuiFlexItem } from '@elastic/eui';
-import { EuiFlexGroup } from '@elastic/eui';
+import {
+  EuiBasicTableColumn,
+  EuiFlexGroup,
+  EuiFlexItem,
+  EuiTitle,
+  EuiToolTip,
+} from '@elastic/eui';
 import { i18n } from '@kbn/i18n';
-import { EuiBasicTable } from '@elastic/eui';
-import { EuiBasicTableColumn } from '@elastic/eui';
+import React, { useState } from 'react';
 import styled from 'styled-components';
-import { EuiToolTip } from '@elastic/eui';
 import { asInteger } from '../../../../../common/utils/formatters';
 import { FETCH_STATUS, useFetcher } from '../../../../hooks/useFetcher';
 import { useUrlParams } from '../../../../hooks/useUrlParams';
-import { ErrorOverviewLink } from '../../../shared/Links/apm/ErrorOverviewLink';
-import { TableLinkFlexItem } from '../table_link_flex_item';
-import { SparkPlotWithValueLabel } from '../../../shared/charts/spark_plot/spark_plot_with_value_label';
 import { callApmApi } from '../../../../services/rest/createCallApmApi';
-import { TimestampTooltip } from '../../../shared/TimestampTooltip';
-import { ErrorDetailLink } from '../../../shared/Links/apm/ErrorDetailLink';
 import { px, truncate, unit } from '../../../../style/variables';
+import { SparkPlotWithValueLabel } from '../../../shared/charts/spark_plot/spark_plot_with_value_label';
+import { ErrorDetailLink } from '../../../shared/Links/apm/ErrorDetailLink';
+import { ErrorOverviewLink } from '../../../shared/Links/apm/ErrorOverviewLink';
+import { TimestampTooltip } from '../../../shared/TimestampTooltip';
+import { ServiceOverviewTable } from '../service_overview_table';
+import { TableLinkFlexItem } from '../table_link_flex_item';
 import { FetchWrapper } from './fetch_wrapper';
 
 interface Props {
@@ -108,7 +110,7 @@ export function ServiceOverviewErrorsTable({ serviceName }: Props) {
       render: (_, { last_seen: lastSeen }) => {
         return <TimestampTooltip time={lastSeen} timeUnit="minutes" />;
       },
-      width: px(unit * 8),
+      width: px(unit * 9),
     },
     {
       field: 'occurrences',
@@ -223,8 +225,8 @@ export function ServiceOverviewErrorsTable({ serviceName }: Props) {
         </EuiFlexGroup>
       </EuiFlexItem>
       <EuiFlexItem>
-        <FetchWrapper hasData={!!items.length} status={status}>
-          <EuiBasicTable
+        <FetchWrapper status={status}>
+          <ServiceOverviewTable
             columns={columns}
             items={items}
             pagination={{
diff --git a/x-pack/plugins/apm/public/components/app/service_overview/service_overview_table.tsx b/x-pack/plugins/apm/public/components/app/service_overview/service_overview_table.tsx
new file mode 100644
index 0000000000000..b54458e4555f7
--- /dev/null
+++ b/x-pack/plugins/apm/public/components/app/service_overview/service_overview_table.tsx
@@ -0,0 +1,56 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { EuiBasicTable, EuiBasicTableProps } from '@elastic/eui';
+import React from 'react';
+import styled from 'styled-components';
+
+/**
+ * The height for a table on the overview page. Is the height of a 5-row basic
+ * table.
+ */
+const tableHeight = 298;
+
+/**
+ * A container for the table. Sets height and flex properties on the EUI Basic
+ * Table contained within and the first child div of that. This makes it so the
+ * pagination controls always stay fixed at the bottom in the same position.
+ *
+ * Hide the empty message when we don't yet have any items and are still loading.
+ */
+const ServiceOverviewTableContainer = styled.div<{
+  isEmptyAndLoading: boolean;
+}>`
+  height: ${tableHeight}px;
+  display: flex;
+  flex-direction: column;
+
+  .euiBasicTable {
+    display: flex;
+    flex-direction: column;
+    flex-grow: 1;
+
+    > :first-child {
+      flex-grow: 1;
+    }
+  }
+
+  .euiTableRowCell {
+    visibility: ${({ isEmptyAndLoading }) =>
+      isEmptyAndLoading ? 'hidden' : 'visible'};
+  }
+`;
+
+export function ServiceOverviewTable<T>(props: EuiBasicTableProps<T>) {
+  const { items, loading } = props;
+  const isEmptyAndLoading = !!(items.length === 0 && loading);
+
+  return (
+    <ServiceOverviewTableContainer isEmptyAndLoading={isEmptyAndLoading}>
+      <EuiBasicTable {...props} />
+    </ServiceOverviewTableContainer>
+  );
+}
diff --git a/x-pack/plugins/apm/public/components/shared/charts/line_chart/index.tsx b/x-pack/plugins/apm/public/components/shared/charts/line_chart/index.tsx
index 507acc49d89db..b40df89a22c33 100644
--- a/x-pack/plugins/apm/public/components/shared/charts/line_chart/index.tsx
+++ b/x-pack/plugins/apm/public/components/shared/charts/line_chart/index.tsx
@@ -31,6 +31,7 @@ import { onBrushEnd } from '../helper/helper';
 interface Props {
   id: string;
   fetchStatus: FETCH_STATUS;
+  height?: number;
   onToggleLegend?: LegendItemListener;
   timeseries: TimeSeries[];
   /**
@@ -44,10 +45,9 @@ interface Props {
   showAnnotations?: boolean;
 }
 
-const XY_HEIGHT = unit * 16;
-
 export function LineChart({
   id,
+  height = unit * 16,
   fetchStatus,
   onToggleLegend,
   timeseries,
@@ -88,7 +88,7 @@ export function LineChart({
     );
 
   return (
-    <ChartContainer status={fetchStatus} hasData={!isEmpty} height={XY_HEIGHT}>
+    <ChartContainer hasData={!isEmpty} height={height} status={fetchStatus}>
       <Chart ref={chartRef} id={id}>
         <Settings
           onBrushEnd={({ x }) => onBrushEnd({ x, history })}
diff --git a/x-pack/plugins/apm/public/components/shared/charts/transaction_error_rate_chart/index.tsx b/x-pack/plugins/apm/public/components/shared/charts/transaction_error_rate_chart/index.tsx
index 2743d12a3eb04..5b977b6991612 100644
--- a/x-pack/plugins/apm/public/components/shared/charts/transaction_error_rate_chart/index.tsx
+++ b/x-pack/plugins/apm/public/components/shared/charts/transaction_error_rate_chart/index.tsx
@@ -27,10 +27,14 @@ function yTickFormat(y?: number | null) {
 }
 
 interface Props {
+  height?: number;
   showAnnotations?: boolean;
 }
 
-export function TransactionErrorRateChart({ showAnnotations = true }: Props) {
+export function TransactionErrorRateChart({
+  height,
+  showAnnotations = true,
+}: Props) {
   const theme = useTheme();
   const { serviceName } = useParams<{ serviceName?: string }>();
   const { urlParams, uiFilters } = useUrlParams();
@@ -71,6 +75,7 @@ export function TransactionErrorRateChart({ showAnnotations = true }: Props) {
       </EuiTitle>
       <LineChart
         id="errorRate"
+        height={height}
         showAnnotations={showAnnotations}
         fetchStatus={status}
         timeseries={[
diff --git a/x-pack/plugins/apm/server/lib/anomaly_detection/create_anomaly_detection_jobs.ts b/x-pack/plugins/apm/server/lib/anomaly_detection/create_anomaly_detection_jobs.ts
index 73e590064bac0..a10762622b2c6 100644
--- a/x-pack/plugins/apm/server/lib/anomaly_detection/create_anomaly_detection_jobs.ts
+++ b/x-pack/plugins/apm/server/lib/anomaly_detection/create_anomaly_detection_jobs.ts
@@ -77,6 +77,7 @@ async function createAnomalyDetectionJob({
     prefix: `${APM_ML_JOB_GROUP}-${snakeCase(environment)}-${randomToken}-`,
     groups: [APM_ML_JOB_GROUP],
     indexPatternName,
+    applyToAllSpaces: true,
     query: {
       bool: {
         filter: [
diff --git a/x-pack/plugins/apm/server/ui_settings.ts b/x-pack/plugins/apm/server/ui_settings.ts
index fe5b11d89d716..4932d9f79a383 100644
--- a/x-pack/plugins/apm/server/ui_settings.ts
+++ b/x-pack/plugins/apm/server/ui_settings.ts
@@ -17,7 +17,7 @@ import {
  */
 export const uiSettings: Record<string, UiSettingsParams<boolean>> = {
   [enableCorrelations]: {
-    category: ['Observability'],
+    category: ['observability'],
     name: i18n.translate('xpack.apm.enableCorrelationsExperimentName', {
       defaultMessage: 'APM Correlations',
     }),
@@ -32,7 +32,7 @@ export const uiSettings: Record<string, UiSettingsParams<boolean>> = {
     schema: schema.boolean(),
   },
   [enableServiceOverview]: {
-    category: ['Observability'],
+    category: ['observability'],
     name: i18n.translate('xpack.apm.enableServiceOverviewExperimentName', {
       defaultMessage: 'APM Service overview',
     }),
diff --git a/x-pack/plugins/case/server/connectors/case/index.ts b/x-pack/plugins/case/server/connectors/case/index.ts
index f2f8f659f3a2c..dc647d288ec65 100644
--- a/x-pack/plugins/case/server/connectors/case/index.ts
+++ b/x-pack/plugins/case/server/connectors/case/index.ts
@@ -33,7 +33,7 @@ export function getActionType({
 }: GetActionTypeParams): CaseActionType {
   return {
     id: CASE_ACTION_TYPE_ID,
-    minimumLicenseRequired: 'gold',
+    minimumLicenseRequired: 'basic',
     name: i18n.NAME,
     validate: {
       config: CaseConfigurationSchema,
diff --git a/x-pack/plugins/data_enhanced/.storybook/main.js b/x-pack/plugins/data_enhanced/.storybook/main.js
new file mode 100644
index 0000000000000..1818aa44a9399
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/.storybook/main.js
@@ -0,0 +1,7 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+module.exports = require('@kbn/storybook').defaultConfig;
diff --git a/x-pack/plugins/data_enhanced/common/search/es_search/es_search_rxjs_utils.ts b/x-pack/plugins/data_enhanced/common/search/es_search/es_search_rxjs_utils.ts
index f38bec6d1f59f..8b25a59ed857a 100644
--- a/x-pack/plugins/data_enhanced/common/search/es_search/es_search_rxjs_utils.ts
+++ b/x-pack/plugins/data_enhanced/common/search/es_search/es_search_rxjs_utils.ts
@@ -5,7 +5,8 @@
  */
 
 import { of, merge, timer, throwError } from 'rxjs';
-import { takeWhile, switchMap, expand, mergeMap, tap } from 'rxjs/operators';
+import { map, takeWhile, switchMap, expand, mergeMap, tap } from 'rxjs/operators';
+import { ApiResponse } from '@elastic/elasticsearch';
 
 import {
   doSearch,
@@ -35,6 +36,15 @@ export const doPartialSearch = <SearchResponse = any>(
     takeWhile((response) => !isCompleteResponse(response), true)
   );
 
+export const normalizeEqlResponse = <SearchResponse extends ApiResponse = ApiResponse>() =>
+  map<SearchResponse, SearchResponse>((eqlResponse) => ({
+    ...eqlResponse,
+    body: {
+      ...eqlResponse.body,
+      ...eqlResponse,
+    },
+  }));
+
 export const throwOnEsError = () =>
   mergeMap((r: IKibanaSearchResponse) =>
     isErrorResponse(r) ? merge(of(r), throwError(new AbortError())) : of(r)
diff --git a/x-pack/plugins/data_enhanced/config.ts b/x-pack/plugins/data_enhanced/config.ts
new file mode 100644
index 0000000000000..9838f0959ef19
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/config.ts
@@ -0,0 +1,17 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { schema, TypeOf } from '@kbn/config-schema';
+
+export const configSchema = schema.object({
+  search: schema.object({
+    sendToBackground: schema.object({
+      enabled: schema.boolean({ defaultValue: false }),
+    }),
+  }),
+});
+
+export type ConfigSchema = TypeOf<typeof configSchema>;
diff --git a/x-pack/plugins/data_enhanced/kibana.json b/x-pack/plugins/data_enhanced/kibana.json
index 5ded0f8f0dec3..bc7c8410d3df1 100644
--- a/x-pack/plugins/data_enhanced/kibana.json
+++ b/x-pack/plugins/data_enhanced/kibana.json
@@ -12,5 +12,5 @@
   "optionalPlugins": ["kibanaUtils", "usageCollection"],
   "server": true,
   "ui": true,
-  "requiredBundles": ["kibanaUtils"]
+  "requiredBundles": ["kibanaUtils", "kibanaReact"]
 }
diff --git a/x-pack/plugins/data_enhanced/public/index.ts b/x-pack/plugins/data_enhanced/public/index.ts
index 22ac0c9883966..7fe34e21fde5c 100644
--- a/x-pack/plugins/data_enhanced/public/index.ts
+++ b/x-pack/plugins/data_enhanced/public/index.ts
@@ -4,9 +4,12 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 
+import { PluginInitializerContext } from 'kibana/public';
 import { DataEnhancedPlugin, DataEnhancedSetup, DataEnhancedStart } from './plugin';
+import { ConfigSchema } from '../config';
 
-export const plugin = () => new DataEnhancedPlugin();
+export const plugin = (initializerContext: PluginInitializerContext<ConfigSchema>) =>
+  new DataEnhancedPlugin(initializerContext);
 
 export { DataEnhancedSetup, DataEnhancedStart };
 
diff --git a/x-pack/plugins/data_enhanced/public/plugin.ts b/x-pack/plugins/data_enhanced/public/plugin.ts
index 43ad4a9ed9b8b..948858a5ed4c1 100644
--- a/x-pack/plugins/data_enhanced/public/plugin.ts
+++ b/x-pack/plugins/data_enhanced/public/plugin.ts
@@ -4,12 +4,16 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 
-import { CoreSetup, CoreStart, Plugin } from 'src/core/public';
+import React from 'react';
+import { CoreSetup, CoreStart, Plugin, PluginInitializerContext } from 'src/core/public';
 import { DataPublicPluginSetup, DataPublicPluginStart } from '../../../../src/plugins/data/public';
+
 import { setAutocompleteService } from './services';
 import { setupKqlQuerySuggestionProvider, KUERY_LANGUAGE_NAME } from './autocomplete';
-
 import { EnhancedSearchInterceptor } from './search/search_interceptor';
+import { toMountPoint } from '../../../../src/plugins/kibana_react/public';
+import { createConnectedBackgroundSessionIndicator } from './search';
+import { ConfigSchema } from '../config';
 
 export interface DataEnhancedSetupDependencies {
   data: DataPublicPluginSetup;
@@ -25,6 +29,8 @@ export class DataEnhancedPlugin
   implements Plugin<void, void, DataEnhancedSetupDependencies, DataEnhancedStartDependencies> {
   private enhancedSearchInterceptor!: EnhancedSearchInterceptor;
 
+  constructor(private initializerContext: PluginInitializerContext<ConfigSchema>) {}
+
   public setup(
     core: CoreSetup<DataEnhancedStartDependencies>,
     { data }: DataEnhancedSetupDependencies
@@ -52,6 +58,18 @@ export class DataEnhancedPlugin
 
   public start(core: CoreStart, plugins: DataEnhancedStartDependencies) {
     setAutocompleteService(plugins.data.autocomplete);
+
+    if (this.initializerContext.config.get().search.sendToBackground.enabled) {
+      core.chrome.setBreadcrumbsAppendExtension({
+        content: toMountPoint(
+          React.createElement(
+            createConnectedBackgroundSessionIndicator({
+              sessionService: plugins.data.search.session,
+            })
+          )
+        ),
+      });
+    }
   }
 
   public stop() {
diff --git a/x-pack/plugins/data_enhanced/public/search/index.ts b/x-pack/plugins/data_enhanced/public/search/index.ts
new file mode 100644
index 0000000000000..1a33812ca8566
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/public/search/index.ts
@@ -0,0 +1,7 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export * from './ui';
diff --git a/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/background_session_indicator.scss b/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/background_session_indicator.scss
new file mode 100644
index 0000000000000..2d13d320ae78b
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/background_session_indicator.scss
@@ -0,0 +1,23 @@
+.backgroundSessionIndicator {
+  padding: 0 $euiSizeXS;
+}
+
+@include euiBreakpoint('xs', 's') {
+  .backgroundSessionIndicator__popoverContainer.euiFlexGroup--responsive .euiFlexItem {
+    margin-bottom: $euiSizeXS !important;
+  }
+}
+
+.backgroundSessionIndicator__verticalDivider {
+  @include euiBreakpoint('xs', 's') {
+    margin-left: $euiSizeXS;
+    padding-left: $euiSizeXS;
+  }
+
+  @include euiBreakpoint('m', 'l', 'xl') {
+    border-left: $euiBorderThin;
+    align-self: stretch;
+    margin-left: $euiSizeS;
+    padding-left: $euiSizeS;
+  }
+}
diff --git a/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/background_session_indicator.stories.tsx b/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/background_session_indicator.stories.tsx
new file mode 100644
index 0000000000000..9cef76c62279c
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/background_session_indicator.stories.tsx
@@ -0,0 +1,30 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import React from 'react';
+import { storiesOf } from '@storybook/react';
+import { BackgroundSessionIndicator } from './background_session_indicator';
+import { BackgroundSessionViewState } from '../connected_background_session_indicator';
+
+storiesOf('components/BackgroundSessionIndicator', module).add('default', () => (
+  <>
+    <div>
+      <BackgroundSessionIndicator state={BackgroundSessionViewState.Loading} />
+    </div>
+    <div>
+      <BackgroundSessionIndicator state={BackgroundSessionViewState.Completed} />
+    </div>
+    <div>
+      <BackgroundSessionIndicator state={BackgroundSessionViewState.BackgroundLoading} />
+    </div>
+    <div>
+      <BackgroundSessionIndicator state={BackgroundSessionViewState.BackgroundCompleted} />
+    </div>
+    <div>
+      <BackgroundSessionIndicator state={BackgroundSessionViewState.Restored} />
+    </div>
+  </>
+));
diff --git a/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/background_session_indicator.test.tsx b/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/background_session_indicator.test.tsx
new file mode 100644
index 0000000000000..5b7ab2e4f9b1f
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/background_session_indicator.test.tsx
@@ -0,0 +1,98 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import React, { ReactNode } from 'react';
+import { screen, render } from '@testing-library/react';
+import userEvent from '@testing-library/user-event';
+import { BackgroundSessionIndicator } from './background_session_indicator';
+import { BackgroundSessionViewState } from '../connected_background_session_indicator';
+import { IntlProvider } from 'react-intl';
+
+function Container({ children }: { children?: ReactNode }) {
+  return <IntlProvider locale="en">{children}</IntlProvider>;
+}
+
+test('Loading state', async () => {
+  const onCancel = jest.fn();
+  render(
+    <Container>
+      <BackgroundSessionIndicator state={BackgroundSessionViewState.Loading} onCancel={onCancel} />
+    </Container>
+  );
+
+  await userEvent.click(screen.getByLabelText('Loading results'));
+  await userEvent.click(screen.getByText('Cancel'));
+
+  expect(onCancel).toBeCalled();
+});
+
+test('Completed state', async () => {
+  const onSave = jest.fn();
+  render(
+    <Container>
+      <BackgroundSessionIndicator
+        state={BackgroundSessionViewState.Completed}
+        onSaveResults={onSave}
+      />
+    </Container>
+  );
+
+  await userEvent.click(screen.getByLabelText('Results loaded'));
+  await userEvent.click(screen.getByText('Save'));
+
+  expect(onSave).toBeCalled();
+});
+
+test('Loading in the background state', async () => {
+  const onCancel = jest.fn();
+  render(
+    <Container>
+      <BackgroundSessionIndicator
+        state={BackgroundSessionViewState.BackgroundLoading}
+        onCancel={onCancel}
+      />
+    </Container>
+  );
+
+  await userEvent.click(screen.getByLabelText('Loading results in the background'));
+  await userEvent.click(screen.getByText('Cancel'));
+
+  expect(onCancel).toBeCalled();
+});
+
+test('BackgroundCompleted state', async () => {
+  const onViewSession = jest.fn();
+  render(
+    <Container>
+      <BackgroundSessionIndicator
+        state={BackgroundSessionViewState.BackgroundCompleted}
+        onViewBackgroundSessions={onViewSession}
+      />
+    </Container>
+  );
+
+  await userEvent.click(screen.getByLabelText('Results loaded in the background'));
+  await userEvent.click(screen.getByText('View background sessions'));
+
+  expect(onViewSession).toBeCalled();
+});
+
+test('Restored state', async () => {
+  const onRefresh = jest.fn();
+  render(
+    <Container>
+      <BackgroundSessionIndicator
+        state={BackgroundSessionViewState.Restored}
+        onRefresh={onRefresh}
+      />
+    </Container>
+  );
+
+  await userEvent.click(screen.getByLabelText('Results no longer current'));
+  await userEvent.click(screen.getByText('Refresh'));
+
+  expect(onRefresh).toBeCalled();
+});
diff --git a/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/background_session_indicator.tsx b/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/background_session_indicator.tsx
new file mode 100644
index 0000000000000..b55bd6b655371
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/background_session_indicator.tsx
@@ -0,0 +1,286 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import React from 'react';
+import {
+  EuiButtonEmpty,
+  EuiButtonEmptyProps,
+  EuiButtonIcon,
+  EuiButtonIconProps,
+  EuiFlexGroup,
+  EuiFlexItem,
+  EuiLoadingSpinner,
+  EuiPopover,
+  EuiText,
+  EuiToolTip,
+} from '@elastic/eui';
+import { FormattedMessage } from '@kbn/i18n/react';
+import { i18n } from '@kbn/i18n';
+import { BackgroundSessionViewState } from '../connected_background_session_indicator';
+import './background_session_indicator.scss';
+
+export interface BackgroundSessionIndicatorProps {
+  state: BackgroundSessionViewState;
+  onContinueInBackground?: () => void;
+  onCancel?: () => void;
+  onViewBackgroundSessions?: () => void;
+  onSaveResults?: () => void;
+  onRefresh?: () => void;
+}
+
+type ActionButtonProps = BackgroundSessionIndicatorProps & { buttonProps: EuiButtonEmptyProps };
+
+const CancelButton = ({ onCancel = () => {}, buttonProps = {} }: ActionButtonProps) => (
+  <EuiButtonEmpty onClick={onCancel} {...buttonProps}>
+    <FormattedMessage
+      id="xpack.data.backgroundSessionIndicator.cancelButtonText"
+      defaultMessage="Cancel"
+    />
+  </EuiButtonEmpty>
+);
+
+const ContinueInBackgroundButton = ({
+  onContinueInBackground = () => {},
+  buttonProps = {},
+}: ActionButtonProps) => (
+  <EuiButtonEmpty onClick={onContinueInBackground} {...buttonProps}>
+    <FormattedMessage
+      id="xpack.data.backgroundSessionIndicator.continueInBackgroundButtonText"
+      defaultMessage="Continue in background"
+    />
+  </EuiButtonEmpty>
+);
+
+const ViewBackgroundSessionsButton = ({
+  onViewBackgroundSessions = () => {},
+  buttonProps = {},
+}: ActionButtonProps) => (
+  // TODO: make this a link
+  <EuiButtonEmpty onClick={onViewBackgroundSessions} {...buttonProps}>
+    <FormattedMessage
+      id="xpack.data.backgroundSessionIndicator.viewBackgroundSessionsLinkText"
+      defaultMessage="View background sessions"
+    />
+  </EuiButtonEmpty>
+);
+
+const RefreshButton = ({ onRefresh = () => {}, buttonProps = {} }: ActionButtonProps) => (
+  <EuiButtonEmpty onClick={onRefresh} {...buttonProps}>
+    <FormattedMessage
+      id="xpack.data.backgroundSessionIndicator.refreshButtonText"
+      defaultMessage="Refresh"
+    />
+  </EuiButtonEmpty>
+);
+
+const SaveButton = ({ onSaveResults = () => {}, buttonProps = {} }: ActionButtonProps) => (
+  <EuiButtonEmpty onClick={onSaveResults} {...buttonProps}>
+    <FormattedMessage
+      id="xpack.data.backgroundSessionIndicator.saveButtonText"
+      defaultMessage="Save"
+    />
+  </EuiButtonEmpty>
+);
+
+const backgroundSessionIndicatorViewStateToProps: {
+  [state in BackgroundSessionViewState]: {
+    button: Pick<EuiButtonIconProps, 'color' | 'iconType' | 'aria-label'> & { tooltipText: string };
+    popover: {
+      text: string;
+      primaryAction?: React.ComponentType<ActionButtonProps>;
+      secondaryAction?: React.ComponentType<ActionButtonProps>;
+    };
+  };
+} = {
+  [BackgroundSessionViewState.Loading]: {
+    button: {
+      color: 'subdued',
+      iconType: 'clock',
+      'aria-label': i18n.translate(
+        'xpack.data.backgroundSessionIndicator.loadingResultsIconAriaLabel',
+        { defaultMessage: 'Loading results' }
+      ),
+      tooltipText: i18n.translate(
+        'xpack.data.backgroundSessionIndicator.loadingResultsIconTooltipText',
+        { defaultMessage: 'Loading results' }
+      ),
+    },
+    popover: {
+      text: i18n.translate('xpack.data.backgroundSessionIndicator.loadingResultsText', {
+        defaultMessage: 'Loading',
+      }),
+      primaryAction: CancelButton,
+      secondaryAction: ContinueInBackgroundButton,
+    },
+  },
+  [BackgroundSessionViewState.Completed]: {
+    button: {
+      color: 'subdued',
+      iconType: 'checkInCircleFilled',
+      'aria-label': i18n.translate(
+        'xpack.data.backgroundSessionIndicator.resultsLoadedIconAriaLabel',
+        {
+          defaultMessage: 'Results loaded',
+        }
+      ),
+      tooltipText: i18n.translate(
+        'xpack.data.backgroundSessionIndicator.resultsLoadedIconTooltipText',
+        {
+          defaultMessage: 'Results loaded',
+        }
+      ),
+    },
+    popover: {
+      text: i18n.translate('xpack.data.backgroundSessionIndicator.resultsLoadedText', {
+        defaultMessage: 'Results loaded',
+      }),
+      primaryAction: SaveButton,
+      secondaryAction: ViewBackgroundSessionsButton,
+    },
+  },
+  [BackgroundSessionViewState.BackgroundLoading]: {
+    button: {
+      iconType: EuiLoadingSpinner,
+      'aria-label': i18n.translate(
+        'xpack.data.backgroundSessionIndicator.loadingInTheBackgroundIconAriaLabel',
+        {
+          defaultMessage: 'Loading results in the background',
+        }
+      ),
+      tooltipText: i18n.translate(
+        'xpack.data.backgroundSessionIndicator.loadingInTheBackgroundIconTooltipText',
+        {
+          defaultMessage: 'Loading results in the background',
+        }
+      ),
+    },
+    popover: {
+      text: i18n.translate('xpack.data.backgroundSessionIndicator.loadingInTheBackgroundText', {
+        defaultMessage: 'Loading in the background',
+      }),
+      primaryAction: CancelButton,
+      secondaryAction: ViewBackgroundSessionsButton,
+    },
+  },
+  [BackgroundSessionViewState.BackgroundCompleted]: {
+    button: {
+      color: 'success',
+      iconType: 'checkInCircleFilled',
+      'aria-label': i18n.translate(
+        'xpack.data.backgroundSessionIndicator.resultLoadedInTheBackgroundIconAraText',
+        {
+          defaultMessage: 'Results loaded in the background',
+        }
+      ),
+      tooltipText: i18n.translate(
+        'xpack.data.backgroundSessionIndicator.resultLoadedInTheBackgroundIconTooltipText',
+        {
+          defaultMessage: 'Results loaded in the background',
+        }
+      ),
+    },
+    popover: {
+      text: i18n.translate(
+        'xpack.data.backgroundSessionIndicator.resultLoadedInTheBackgroundText',
+        {
+          defaultMessage: 'Results loaded',
+        }
+      ),
+      primaryAction: ViewBackgroundSessionsButton,
+    },
+  },
+  [BackgroundSessionViewState.Restored]: {
+    button: {
+      color: 'warning',
+      iconType: 'refresh',
+      'aria-label': i18n.translate(
+        'xpack.data.backgroundSessionIndicator.restoredResultsIconAriaLabel',
+        {
+          defaultMessage: 'Results no longer current',
+        }
+      ),
+      tooltipText: i18n.translate(
+        'xpack.data.backgroundSessionIndicator.restoredResultsTooltipText',
+        {
+          defaultMessage: 'Results no longer current',
+        }
+      ),
+    },
+    popover: {
+      text: i18n.translate('xpack.data.backgroundSessionIndicator.restoredText', {
+        defaultMessage: 'Results no longer current',
+      }),
+      primaryAction: RefreshButton,
+      secondaryAction: ViewBackgroundSessionsButton,
+    },
+  },
+};
+
+const VerticalDivider: React.FC = () => (
+  <div className="backgroundSessionIndicator__verticalDivider" />
+);
+
+export const BackgroundSessionIndicator: React.FC<BackgroundSessionIndicatorProps> = (props) => {
+  const [isPopoverOpen, setIsPopoverOpen] = React.useState(false);
+  const onButtonClick = () => setIsPopoverOpen((isOpen) => !isOpen);
+  const closePopover = () => setIsPopoverOpen(false);
+
+  const { button, popover } = backgroundSessionIndicatorViewStateToProps[props.state];
+
+  return (
+    <EuiPopover
+      ownFocus
+      isOpen={isPopoverOpen}
+      closePopover={closePopover}
+      anchorPosition={'rightCenter'}
+      panelPaddingSize={'s'}
+      className="backgroundSessionIndicator"
+      data-test-subj={'backgroundSessionIndicator'}
+      button={
+        <EuiToolTip content={button.tooltipText}>
+          <EuiButtonIcon
+            color={button.color}
+            aria-label={button['aria-label']}
+            iconType={button.iconType}
+            onClick={onButtonClick}
+          />
+        </EuiToolTip>
+      }
+    >
+      <EuiFlexGroup
+        responsive={true}
+        alignItems={'center'}
+        gutterSize={'s'}
+        className="backgroundSessionIndicator__popoverContainer"
+      >
+        <EuiFlexItem grow={true}>
+          <EuiText size="s" color={'subdued'}>
+            <p>{popover.text}</p>
+          </EuiText>
+        </EuiFlexItem>
+        <EuiFlexItem grow={false}>
+          <EuiFlexGroup wrap={true} responsive={false} alignItems={'center'} gutterSize={'s'}>
+            {popover.primaryAction && (
+              <EuiFlexItem grow={false}>
+                <popover.primaryAction {...props} buttonProps={{ size: 'xs', flush: 'both' }} />
+              </EuiFlexItem>
+            )}
+            {popover.primaryAction && popover.secondaryAction && <VerticalDivider />}
+            {popover.secondaryAction && (
+              <EuiFlexItem grow={false}>
+                <popover.secondaryAction {...props} buttonProps={{ size: 'xs', flush: 'both' }} />
+              </EuiFlexItem>
+            )}
+          </EuiFlexGroup>
+        </EuiFlexItem>
+      </EuiFlexGroup>
+    </EuiPopover>
+  );
+};
+
+// React.lazy() needs default:
+// eslint-disable-next-line import/no-default-export
+export default BackgroundSessionIndicator;
diff --git a/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/index.tsx b/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/index.tsx
new file mode 100644
index 0000000000000..55c8c453dd5d2
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/public/search/ui/background_session_indicator/index.tsx
@@ -0,0 +1,23 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { EuiDelayRender, EuiLoadingSpinner } from '@elastic/eui';
+import React from 'react';
+import type { BackgroundSessionIndicatorProps } from './background_session_indicator';
+export type { BackgroundSessionIndicatorProps };
+
+const Fallback = () => (
+  <EuiDelayRender>
+    <EuiLoadingSpinner />
+  </EuiDelayRender>
+);
+
+const LazyBackgroundSessionIndicator = React.lazy(() => import('./background_session_indicator'));
+export const BackgroundSessionIndicator = (props: BackgroundSessionIndicatorProps) => (
+  <React.Suspense fallback={<Fallback />}>
+    <LazyBackgroundSessionIndicator {...props} />
+  </React.Suspense>
+);
diff --git a/x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/background_session_view_state.ts b/x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/background_session_view_state.ts
new file mode 100644
index 0000000000000..b75c2a536f624
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/background_session_view_state.ts
@@ -0,0 +1,33 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export enum BackgroundSessionViewState {
+  /**
+   * Pending search request has not been sent to the background yet
+   */
+  Loading = 'loading',
+
+  /**
+   * No action was taken and the page completed loading without background session creation.
+   */
+  Completed = 'completed',
+
+  /**
+   * Search request was sent to the background.
+   * The page is loading in background.
+   */
+  BackgroundLoading = 'backgroundLoading',
+
+  /**
+   * Page load completed with background session created.
+   */
+  BackgroundCompleted = 'backgroundCompleted',
+
+  /**
+   * Revisiting the page after background completion
+   */
+  Restored = 'restored',
+}
diff --git a/x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/connected_background_session_indicator.test.tsx b/x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/connected_background_session_indicator.test.tsx
new file mode 100644
index 0000000000000..b21081e10bbe1
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/connected_background_session_indicator.test.tsx
@@ -0,0 +1,37 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import React from 'react';
+import { render, waitFor } from '@testing-library/react';
+import { dataPluginMock } from '../../../../../../../src/plugins/data/public/mocks';
+import { createConnectedBackgroundSessionIndicator } from './connected_background_session_indicator';
+import { BehaviorSubject } from 'rxjs';
+import { ISessionService } from '../../../../../../../src/plugins/data/public';
+
+const sessionService = dataPluginMock.createStartContract().search.session as jest.Mocked<
+  ISessionService
+>;
+
+test("shouldn't show indicator in case no active search session", async () => {
+  const BackgroundSessionIndicator = createConnectedBackgroundSessionIndicator({ sessionService });
+  const { getByTestId, container } = render(<BackgroundSessionIndicator />);
+
+  // make sure `backgroundSessionIndicator` isn't appearing after some time (lazy-loading)
+  await expect(
+    waitFor(() => getByTestId('backgroundSessionIndicator'), { timeout: 100 })
+  ).rejects.toThrow();
+  expect(container).toMatchInlineSnapshot(`<div />`);
+});
+
+test('should show indicator in case there is an active search session', async () => {
+  const session$ = new BehaviorSubject('session_id');
+  sessionService.getSession$.mockImplementation(() => session$);
+  sessionService.getSessionId.mockImplementation(() => session$.getValue());
+  const BackgroundSessionIndicator = createConnectedBackgroundSessionIndicator({ sessionService });
+  const { getByTestId } = render(<BackgroundSessionIndicator />);
+
+  await waitFor(() => getByTestId('backgroundSessionIndicator'));
+});
diff --git a/x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/connected_background_session_indicator.tsx b/x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/connected_background_session_indicator.tsx
new file mode 100644
index 0000000000000..d097a1aecb66a
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/connected_background_session_indicator.tsx
@@ -0,0 +1,32 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import React from 'react';
+import useObservable from 'react-use/lib/useObservable';
+import { distinctUntilChanged, map } from 'rxjs/operators';
+import { BackgroundSessionIndicator } from '../background_session_indicator';
+import { ISessionService } from '../../../../../../../src/plugins/data/public/';
+import { BackgroundSessionViewState } from './background_session_view_state';
+
+export interface BackgroundSessionIndicatorDeps {
+  sessionService: ISessionService;
+}
+
+export const createConnectedBackgroundSessionIndicator = ({
+  sessionService,
+}: BackgroundSessionIndicatorDeps): React.FC => {
+  const sessionId$ = sessionService.getSession$();
+  const hasActiveSession$ = sessionId$.pipe(
+    map((sessionId) => !!sessionId),
+    distinctUntilChanged()
+  );
+
+  return () => {
+    const isSession = useObservable(hasActiveSession$, !!sessionService.getSessionId());
+    if (!isSession) return null;
+    return <BackgroundSessionIndicator state={BackgroundSessionViewState.Loading} />;
+  };
+};
diff --git a/x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/index.ts b/x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/index.ts
new file mode 100644
index 0000000000000..adbb6edbbfcf3
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/index.ts
@@ -0,0 +1,11 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export {
+  BackgroundSessionIndicatorDeps,
+  createConnectedBackgroundSessionIndicator,
+} from './connected_background_session_indicator';
+export { BackgroundSessionViewState } from './background_session_view_state';
diff --git a/x-pack/plugins/data_enhanced/public/search/ui/index.ts b/x-pack/plugins/data_enhanced/public/search/ui/index.ts
new file mode 100644
index 0000000000000..04201325eb5db
--- /dev/null
+++ b/x-pack/plugins/data_enhanced/public/search/ui/index.ts
@@ -0,0 +1,7 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export * from './connected_background_session_indicator';
diff --git a/x-pack/plugins/data_enhanced/server/index.ts b/x-pack/plugins/data_enhanced/server/index.ts
index a0edd2e26ebef..c3907b3b67439 100644
--- a/x-pack/plugins/data_enhanced/server/index.ts
+++ b/x-pack/plugins/data_enhanced/server/index.ts
@@ -4,10 +4,18 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 
-import { PluginInitializerContext } from 'kibana/server';
+import { PluginConfigDescriptor, PluginInitializerContext } from 'kibana/server';
 import { EnhancedDataServerPlugin } from './plugin';
+import { configSchema, ConfigSchema } from '../config';
 
-export function plugin(initializerContext: PluginInitializerContext) {
+export const config: PluginConfigDescriptor<ConfigSchema> = {
+  exposeToBrowser: {
+    search: true,
+  },
+  schema: configSchema,
+};
+
+export function plugin(initializerContext: PluginInitializerContext<ConfigSchema>) {
   return new EnhancedDataServerPlugin(initializerContext);
 }
 
diff --git a/x-pack/plugins/data_enhanced/server/search/eql_search_strategy.test.ts b/x-pack/plugins/data_enhanced/server/search/eql_search_strategy.test.ts
index 88aaee8eb7da2..cd94d91db8c5e 100644
--- a/x-pack/plugins/data_enhanced/server/search/eql_search_strategy.test.ts
+++ b/x-pack/plugins/data_enhanced/server/search/eql_search_strategy.test.ts
@@ -22,6 +22,8 @@ const getMockEqlResponse = () => ({
       sequences: [],
     },
   },
+  meta: {},
+  statusCode: 200,
 });
 
 describe('EQL search strategy', () => {
@@ -193,5 +195,20 @@ describe('EQL search strategy', () => {
         expect(requestOptions).toEqual(expect.objectContaining({ ignore: [400] }));
       });
     });
+
+    describe('response', () => {
+      it('contains a rawResponse field containing the full search response', async () => {
+        const eqlSearch = await eqlSearchStrategyProvider(mockLogger);
+        const response = await eqlSearch
+          .search({ id: 'my-search-id', options: { ignore: [400] } }, {}, mockDeps)
+          .toPromise();
+
+        expect(response).toEqual(
+          expect.objectContaining({
+            rawResponse: expect.objectContaining(getMockEqlResponse()),
+          })
+        );
+      });
+    });
   });
 });
diff --git a/x-pack/plugins/data_enhanced/server/search/eql_search_strategy.ts b/x-pack/plugins/data_enhanced/server/search/eql_search_strategy.ts
index a75f2617a9bf3..7b3d0db450b04 100644
--- a/x-pack/plugins/data_enhanced/server/search/eql_search_strategy.ts
+++ b/x-pack/plugins/data_enhanced/server/search/eql_search_strategy.ts
@@ -8,7 +8,10 @@ import type { Logger } from 'kibana/server';
 import type { ApiResponse } from '@elastic/elasticsearch';
 
 import { search } from '../../../../../src/plugins/data/server';
-import { doPartialSearch } from '../../common/search/es_search/es_search_rxjs_utils';
+import {
+  doPartialSearch,
+  normalizeEqlResponse,
+} from '../../common/search/es_search/es_search_rxjs_utils';
 import { getAsyncOptions, getDefaultSearchParams } from './get_default_search_params';
 
 import type { ISearchStrategy, IEsRawSearchResponse } from '../../../../../src/plugins/data/server';
@@ -64,7 +67,7 @@ export const eqlSearchStrategyProvider = (
         (response) => response.body.id,
         request.id,
         options
-      ).pipe(utils.toKibanaSearchResponse());
+      ).pipe(normalizeEqlResponse(), utils.toKibanaSearchResponse());
     },
   };
 };
diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_overview/engine_overview_logic.test.ts b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_overview/engine_overview_logic.test.ts
new file mode 100644
index 0000000000000..d35bde20f4f1e
--- /dev/null
+++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_overview/engine_overview_logic.test.ts
@@ -0,0 +1,163 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { resetContext } from 'kea';
+
+import { mockHttpValues } from '../../../__mocks__';
+jest.mock('../../../shared/http', () => ({
+  HttpLogic: { values: mockHttpValues },
+}));
+const { http } = mockHttpValues;
+
+jest.mock('../../../shared/flash_messages', () => ({
+  flashAPIErrors: jest.fn(),
+}));
+import { flashAPIErrors } from '../../../shared/flash_messages';
+
+jest.mock('../engine', () => ({
+  EngineLogic: { values: { engineName: 'some-engine' } },
+}));
+
+import { EngineOverviewLogic } from './';
+
+describe('EngineOverviewLogic', () => {
+  const mockEngineMetrics = {
+    apiLogsUnavailable: true,
+    documentCount: 10,
+    startDate: '1970-01-30',
+    endDate: '1970-01-31',
+    operationsPerDay: [0, 0, 0, 0, 0, 0, 0],
+    queriesPerDay: [0, 0, 0, 0, 0, 25, 50],
+    totalClicks: 50,
+    totalQueries: 75,
+  };
+
+  const DEFAULT_VALUES = {
+    dataLoading: true,
+    apiLogsUnavailable: false,
+    documentCount: 0,
+    startDate: '',
+    endDate: '',
+    operationsPerDay: [],
+    queriesPerDay: [],
+    totalClicks: 0,
+    totalQueries: 0,
+    timeoutId: null,
+  };
+
+  const mount = () => {
+    resetContext({});
+    EngineOverviewLogic.mount();
+  };
+
+  beforeEach(() => {
+    jest.clearAllMocks();
+  });
+
+  it('has expected default values', () => {
+    mount();
+    expect(EngineOverviewLogic.values).toEqual(DEFAULT_VALUES);
+  });
+
+  describe('actions', () => {
+    describe('setPolledData', () => {
+      it('should set all received data as top-level values and set dataLoading to false', () => {
+        mount();
+        EngineOverviewLogic.actions.setPolledData(mockEngineMetrics);
+
+        expect(EngineOverviewLogic.values).toEqual({
+          ...DEFAULT_VALUES,
+          ...mockEngineMetrics,
+          dataLoading: false,
+        });
+      });
+    });
+
+    describe('setTimeoutId', () => {
+      describe('timeoutId', () => {
+        it('should be set to the provided value', () => {
+          mount();
+          EngineOverviewLogic.actions.setTimeoutId(123);
+
+          expect(EngineOverviewLogic.values).toEqual({
+            ...DEFAULT_VALUES,
+            timeoutId: 123,
+          });
+        });
+      });
+    });
+
+    describe('pollForOverviewMetrics', () => {
+      it('fetches data and calls onPollingSuccess', async () => {
+        mount();
+        jest.spyOn(EngineOverviewLogic.actions, 'onPollingSuccess');
+        const promise = Promise.resolve(mockEngineMetrics);
+        http.get.mockReturnValueOnce(promise);
+
+        EngineOverviewLogic.actions.pollForOverviewMetrics();
+        await promise;
+
+        expect(http.get).toHaveBeenCalledWith('/api/app_search/engines/some-engine/overview');
+        expect(EngineOverviewLogic.actions.onPollingSuccess).toHaveBeenCalledWith(
+          mockEngineMetrics
+        );
+      });
+
+      it('handles errors', async () => {
+        mount();
+        const promise = Promise.reject('An error occurred');
+        http.get.mockReturnValue(promise);
+
+        try {
+          EngineOverviewLogic.actions.pollForOverviewMetrics();
+          await promise;
+        } catch {
+          // Do nothing
+        }
+        expect(flashAPIErrors).toHaveBeenCalledWith('An error occurred');
+      });
+    });
+
+    describe('onPollingSuccess', () => {
+      it('starts a polling timeout and sets data', async () => {
+        mount();
+        jest.useFakeTimers();
+        jest.spyOn(EngineOverviewLogic.actions, 'setTimeoutId');
+        jest.spyOn(EngineOverviewLogic.actions, 'setPolledData');
+
+        EngineOverviewLogic.actions.onPollingSuccess(mockEngineMetrics);
+
+        expect(setTimeout).toHaveBeenCalledWith(
+          EngineOverviewLogic.actions.pollForOverviewMetrics,
+          5000
+        );
+        expect(EngineOverviewLogic.actions.setTimeoutId).toHaveBeenCalledWith(expect.any(Number));
+        expect(EngineOverviewLogic.actions.setPolledData).toHaveBeenCalledWith(mockEngineMetrics);
+      });
+    });
+  });
+
+  describe('unmount', () => {
+    let unmount: Function;
+
+    beforeEach(() => {
+      jest.useFakeTimers();
+      resetContext({});
+      unmount = EngineOverviewLogic.mount();
+    });
+
+    it('clears existing polling timeouts on unmount', () => {
+      EngineOverviewLogic.actions.setTimeoutId(123);
+      unmount();
+      expect(clearTimeout).toHaveBeenCalled();
+    });
+
+    it("does not clear timeout if one hasn't been set", () => {
+      unmount();
+      expect(clearTimeout).not.toHaveBeenCalled();
+    });
+  });
+});
diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_overview/engine_overview_logic.ts b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_overview/engine_overview_logic.ts
new file mode 100644
index 0000000000000..3fc7ce8083e03
--- /dev/null
+++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_overview/engine_overview_logic.ts
@@ -0,0 +1,130 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { kea, MakeLogicType } from 'kea';
+
+import { flashAPIErrors } from '../../../shared/flash_messages';
+import { HttpLogic } from '../../../shared/http';
+import { EngineLogic } from '../engine';
+
+const POLLING_DURATION = 5000;
+
+interface EngineOverviewApiData {
+  apiLogsUnavailable: boolean;
+  documentCount: number;
+  startDate: string;
+  endDate: string;
+  operationsPerDay: number[];
+  queriesPerDay: number[];
+  totalClicks: number;
+  totalQueries: number;
+}
+interface EngineOverviewValues extends EngineOverviewApiData {
+  dataLoading: boolean;
+  timeoutId: number | null;
+}
+
+interface EngineOverviewActions {
+  setPolledData(engineMetrics: EngineOverviewApiData): EngineOverviewApiData;
+  setTimeoutId(timeoutId: number): { timeoutId: number };
+  pollForOverviewMetrics(): void;
+  onPollingSuccess(engineMetrics: EngineOverviewApiData): EngineOverviewApiData;
+}
+
+export const EngineOverviewLogic = kea<MakeLogicType<EngineOverviewValues, EngineOverviewActions>>({
+  path: ['enterprise_search', 'app_search', 'engine_overview_logic'],
+  actions: () => ({
+    setPolledData: (engineMetrics) => engineMetrics,
+    setTimeoutId: (timeoutId) => ({ timeoutId }),
+    pollForOverviewMetrics: true,
+    onPollingSuccess: (engineMetrics) => engineMetrics,
+  }),
+  reducers: () => ({
+    dataLoading: [
+      true,
+      {
+        setPolledData: () => false,
+      },
+    ],
+    apiLogsUnavailable: [
+      false,
+      {
+        setPolledData: (_, { apiLogsUnavailable }) => apiLogsUnavailable,
+      },
+    ],
+    startDate: [
+      '',
+      {
+        setPolledData: (_, { startDate }) => startDate,
+      },
+    ],
+    endDate: [
+      '',
+      {
+        setPolledData: (_, { endDate }) => endDate,
+      },
+    ],
+    queriesPerDay: [
+      [],
+      {
+        setPolledData: (_, { queriesPerDay }) => queriesPerDay,
+      },
+    ],
+    operationsPerDay: [
+      [],
+      {
+        setPolledData: (_, { operationsPerDay }) => operationsPerDay,
+      },
+    ],
+    totalQueries: [
+      0,
+      {
+        setPolledData: (_, { totalQueries }) => totalQueries,
+      },
+    ],
+    totalClicks: [
+      0,
+      {
+        setPolledData: (_, { totalClicks }) => totalClicks,
+      },
+    ],
+    documentCount: [
+      0,
+      {
+        setPolledData: (_, { documentCount }) => documentCount,
+      },
+    ],
+    timeoutId: [
+      null,
+      {
+        setTimeoutId: (_, { timeoutId }) => timeoutId,
+      },
+    ],
+  }),
+  listeners: ({ actions }) => ({
+    pollForOverviewMetrics: async () => {
+      const { http } = HttpLogic.values;
+      const { engineName } = EngineLogic.values;
+
+      try {
+        const response = await http.get(`/api/app_search/engines/${engineName}/overview`);
+        actions.onPollingSuccess(response);
+      } catch (e) {
+        flashAPIErrors(e);
+      }
+    },
+    onPollingSuccess: (engineMetrics) => {
+      const timeoutId = window.setTimeout(actions.pollForOverviewMetrics, POLLING_DURATION);
+      actions.setTimeoutId(timeoutId);
+      actions.setPolledData(engineMetrics);
+    },
+  }),
+  events: ({ values }) => ({
+    beforeUnmount() {
+      if (values.timeoutId !== null) clearTimeout(values.timeoutId);
+    },
+  }),
+});
diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_overview/index.ts b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_overview/index.ts
new file mode 100644
index 0000000000000..fcd92ba6a338c
--- /dev/null
+++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_overview/index.ts
@@ -0,0 +1,7 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export { EngineOverviewLogic } from './engine_overview_logic';
diff --git a/x-pack/plugins/enterprise_search/public/applications/shared/layout/side_nav.test.tsx b/x-pack/plugins/enterprise_search/public/applications/shared/layout/side_nav.test.tsx
index e3e9872f892a4..9eaa2ba4c4d6f 100644
--- a/x-pack/plugins/enterprise_search/public/applications/shared/layout/side_nav.test.tsx
+++ b/x-pack/plugins/enterprise_search/public/applications/shared/layout/side_nav.test.tsx
@@ -105,6 +105,32 @@ describe('SideNavLink', () => {
     expect(wrapper.find('.enterpriseSearchNavLinks__subNav')).toHaveLength(1);
     expect(wrapper.find('[data-test-subj="subNav"]')).toHaveLength(1);
   });
+
+  describe('shouldShowActiveForSubroutes', () => {
+    it("won't set an active class when route is a subroute of 'to'", () => {
+      (useLocation as jest.Mock).mockImplementationOnce(() => ({ pathname: '/documents/1234' }));
+
+      const wrapper = shallow(
+        <SideNavLink to="/documents" isRoot>
+          Link
+        </SideNavLink>
+      );
+
+      expect(wrapper.find('.enterpriseSearchNavLinks__item--isActive')).toHaveLength(0);
+    });
+
+    it('sets an active class if the current path is a subRoute of "to", and shouldShowActiveForSubroutes is true', () => {
+      (useLocation as jest.Mock).mockImplementationOnce(() => ({ pathname: '/documents/1234' }));
+
+      const wrapper = shallow(
+        <SideNavLink to="/documents" isRoot shouldShowActiveForSubroutes>
+          Link
+        </SideNavLink>
+      );
+
+      expect(wrapper.find('.enterpriseSearchNavLinks__item--isActive')).toHaveLength(1);
+    });
+  });
 });
 
 describe('SideNavItem', () => {
diff --git a/x-pack/plugins/enterprise_search/public/applications/shared/layout/side_nav.tsx b/x-pack/plugins/enterprise_search/public/applications/shared/layout/side_nav.tsx
index 6c4e1d084c16d..c75a48d5af41d 100644
--- a/x-pack/plugins/enterprise_search/public/applications/shared/layout/side_nav.tsx
+++ b/x-pack/plugins/enterprise_search/public/applications/shared/layout/side_nav.tsx
@@ -63,6 +63,7 @@ export const SideNav: React.FC<SideNavProps> = ({ product, children }) => {
 
 interface SideNavLinkProps {
   to: string;
+  shouldShowActiveForSubroutes?: boolean;
   isExternal?: boolean;
   className?: string;
   isRoot?: boolean;
@@ -70,8 +71,9 @@ interface SideNavLinkProps {
 }
 
 export const SideNavLink: React.FC<SideNavLinkProps> = ({
-  isExternal,
   to,
+  shouldShowActiveForSubroutes = false,
+  isExternal,
   children,
   className,
   isRoot,
@@ -82,7 +84,10 @@ export const SideNavLink: React.FC<SideNavLinkProps> = ({
 
   const { pathname } = useLocation();
   const currentPath = stripTrailingSlash(pathname);
-  const isActive = currentPath === to || (isRoot && currentPath === '');
+  const isActive =
+    currentPath === to ||
+    (shouldShowActiveForSubroutes && currentPath.startsWith(to)) ||
+    (isRoot && currentPath === '');
 
   const classes = classNames('enterpriseSearchNavLinks__item', className, {
     'enterpriseSearchNavLinks__item--isActive': !isExternal && isActive, // eslint-disable-line @typescript-eslint/naming-convention
diff --git a/x-pack/plugins/enterprise_search/public/applications/workplace_search/constants.ts b/x-pack/plugins/enterprise_search/public/applications/workplace_search/constants.ts
index 3b911b87dea12..4e093f472d562 100644
--- a/x-pack/plugins/enterprise_search/public/applications/workplace_search/constants.ts
+++ b/x-pack/plugins/enterprise_search/public/applications/workplace_search/constants.ts
@@ -54,4 +54,194 @@ export const SOURCE_STATUSES = {
   ALWAYS_SYNCED: 'always_synced',
 };
 
+export const SOURCE_NAMES = {
+  CONFLUENCE: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.confluence',
+    { defaultMessage: 'Confluence' }
+  ),
+  CONFLUENCE_SERVER: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.confluenceServer',
+    { defaultMessage: 'Confluence (Server)' }
+  ),
+  DROPBOX: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.dropbox', {
+    defaultMessage: 'Dropbox',
+  }),
+  GITHUB: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.github', {
+    defaultMessage: 'GitHub',
+  }),
+  GITHUB_ENTERPRISE: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.githubEnterprise',
+    { defaultMessage: 'GitHub Enterprise Server' }
+  ),
+  GMAIL: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.gmail', {
+    defaultMessage: 'Gmail',
+  }),
+  GOOGLE_DRIVE: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.googleDrive',
+    { defaultMessage: 'Google Drive' }
+  ),
+  JIRA: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.jira', {
+    defaultMessage: 'Jira',
+  }),
+  JIRA_SERVER: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.jiraServer',
+    { defaultMessage: 'Jira (Server)' }
+  ),
+  ONEDRIVE: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.oneDrive', {
+    defaultMessage: 'OneDrive',
+  }),
+  SALESFORCE: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.salesforce',
+    { defaultMessage: 'Salesforce' }
+  ),
+  SALESFORCE_SANDBOX: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.salesforceSandbox',
+    { defaultMessage: 'Salesforce Sandbox' }
+  ),
+  SERVICENOW: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.serviceNow',
+    { defaultMessage: 'ServiceNow' }
+  ),
+  SHAREPOINT: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.sharePoint',
+    { defaultMessage: 'SharePoint Online' }
+  ),
+  SLACK: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.slack', {
+    defaultMessage: 'Slack',
+  }),
+  ZENDESK: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.zendesk', {
+    defaultMessage: 'Zendesk',
+  }),
+  CUSTOM: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.sourceNames.custom', {
+    defaultMessage: 'Custom API Source',
+  }),
+};
+
+export const SOURCE_OBJ_TYPES = {
+  PAGES: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.pages', {
+    defaultMessage: 'Pages',
+  }),
+  ATTACHMENTS: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.objTypes.attachments',
+    { defaultMessage: 'Attachments' }
+  ),
+  BLOG_POSTS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.blogPosts', {
+    defaultMessage: 'Blog Posts',
+  }),
+  SITES: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.sites', {
+    defaultMessage: 'Sites',
+  }),
+  SPACES: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.spaces', {
+    defaultMessage: 'Spaces',
+  }),
+  ALL_FILES: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.allFiles', {
+    defaultMessage:
+      'All Files (including images, PDFs, spreadsheets, textual documents, presentations)',
+  }),
+  ALL_STORED_FILES: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.objTypes.allStoredFiles',
+    {
+      defaultMessage:
+        'All Stored Files (including images, videos, PDFs, spreadsheets, textual documents, presentations)',
+    }
+  ),
+  G_SUITE_FILES: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.objTypes.gSuiteFiles',
+    {
+      defaultMessage: 'Google G Suite Documents (Docs, Sheets, Slides)',
+    }
+  ),
+  EPICS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.epics', {
+    defaultMessage: 'Epics',
+  }),
+  PROJECTS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.projects', {
+    defaultMessage: 'Projects',
+  }),
+  TASKS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.tasks', {
+    defaultMessage: 'Tasks',
+  }),
+  STORIES: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.stories', {
+    defaultMessage: 'Stories',
+  }),
+  BUGS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.bugs', {
+    defaultMessage: 'Bugs',
+  }),
+  ISSUES: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.issues', {
+    defaultMessage: 'Issues',
+  }),
+  PULL_REQUESTS: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.objTypes.pullRequests',
+    {
+      defaultMessage: 'Pull Requests',
+    }
+  ),
+  REPOSITORY_LIST: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.objTypes.repositoryList',
+    {
+      defaultMessage: 'Repository List',
+    }
+  ),
+  EMAILS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.emails', {
+    defaultMessage: 'Emails',
+  }),
+  CONTACTS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.contacts', {
+    defaultMessage: 'Contacts',
+  }),
+  OPPORTUNITIES: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.objTypes.opportunities',
+    {
+      defaultMessage: 'Opportunities',
+    }
+  ),
+  LEADS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.leads', {
+    defaultMessage: 'Leads',
+  }),
+  ACCOUNTS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.accounts', {
+    defaultMessage: 'Accounts',
+  }),
+  CAMPAIGNS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.campaigns', {
+    defaultMessage: 'Campaigns',
+  }),
+  USERS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.users', {
+    defaultMessage: 'Users',
+  }),
+  INCIDENTS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.incidents', {
+    defaultMessage: 'Incidents',
+  }),
+  ITEMS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.items', {
+    defaultMessage: 'Items',
+  }),
+  ARTICLES: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.articles', {
+    defaultMessage: 'Articles',
+  }),
+  TICKETS: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.objTypes.tickets', {
+    defaultMessage: 'Tickets',
+  }),
+  PUBLIC_MESSAGES: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.objTypes.publicMessages',
+    {
+      defaultMessage: 'Public channel messages',
+    }
+  ),
+  PRIVATE_MESSAGES: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.objTypes.privateMessages',
+    {
+      defaultMessage: 'Private channel messages in which you are an active participant',
+    }
+  ),
+  DIRECT_MESSAGES: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.objTypes.directMessages',
+    {
+      defaultMessage: 'Direct messages',
+    }
+  ),
+};
+
+export const GITHUB_LINK_TITLE = i18n.translate(
+  'xpack.enterpriseSearch.workplaceSearch.sources.applicationLinkTitles.github',
+  {
+    defaultMessage: 'GitHub Developer Portal',
+  }
+);
+
 export const CUSTOM_SERVICE_TYPE = 'custom';
diff --git a/x-pack/plugins/enterprise_search/public/applications/workplace_search/routes.ts b/x-pack/plugins/enterprise_search/public/applications/workplace_search/routes.ts
index fb47b0a090f56..6099a42e6d7cb 100644
--- a/x-pack/plugins/enterprise_search/public/applications/workplace_search/routes.ts
+++ b/x-pack/plugins/enterprise_search/public/applications/workplace_search/routes.ts
@@ -30,10 +30,10 @@ export const GMAIL_DOCS_URL = `${DOCS_PREFIX}/workplace-search-gmail-connector.h
 export const GOOGLE_DRIVE_DOCS_URL = `${DOCS_PREFIX}/workplace-search-google-drive-connector.html`;
 export const JIRA_DOCS_URL = `${DOCS_PREFIX}/workplace-search-jira-cloud-connector.html`;
 export const JIRA_SERVER_DOCS_URL = `${DOCS_PREFIX}/workplace-search-jira-server-connector.html`;
-export const ONE_DRIVE_DOCS_URL = `${DOCS_PREFIX}/workplace-search-onedrive-connector.html`;
+export const ONEDRIVE_DOCS_URL = `${DOCS_PREFIX}/workplace-search-onedrive-connector.html`;
 export const SALESFORCE_DOCS_URL = `${DOCS_PREFIX}/workplace-search-salesforce-connector.html`;
-export const SERVICE_NOW_DOCS_URL = `${DOCS_PREFIX}/workplace-search-servicenow-connector.html`;
-export const SHARE_POINT_DOCS_URL = `${DOCS_PREFIX}/workplace-search-sharepoint-online-connector.html`;
+export const SERVICENOW_DOCS_URL = `${DOCS_PREFIX}/workplace-search-servicenow-connector.html`;
+export const SHAREPOINT_DOCS_URL = `${DOCS_PREFIX}/workplace-search-sharepoint-online-connector.html`;
 export const SLACK_DOCS_URL = `${DOCS_PREFIX}/workplace-search-slack-connector.html`;
 export const ZENDESK_DOCS_URL = `${DOCS_PREFIX}/workplace-search-zendesk-connector.html`;
 export const CUSTOM_SOURCE_DOCS_URL = `${DOCS_PREFIX}/workplace-search-custom-api-sources.html`;
@@ -68,10 +68,11 @@ export const ADD_GMAIL_PATH = `${SOURCES_PATH}/add/gmail`;
 export const ADD_GOOGLE_DRIVE_PATH = `${SOURCES_PATH}/add/google-drive`;
 export const ADD_JIRA_PATH = `${SOURCES_PATH}/add/jira-cloud`;
 export const ADD_JIRA_SERVER_PATH = `${SOURCES_PATH}/add/jira-server`;
-export const ADD_ONE_DRIVE_PATH = `${SOURCES_PATH}/add/one-drive`;
+export const ADD_ONEDRIVE_PATH = `${SOURCES_PATH}/add/onedrive`;
 export const ADD_SALESFORCE_PATH = `${SOURCES_PATH}/add/salesforce`;
-export const ADD_SERVICE_NOW_PATH = `${SOURCES_PATH}/add/service-now`;
-export const ADD_SHARE_POINT_PATH = `${SOURCES_PATH}/add/share-point`;
+export const ADD_SALESFORCE_SANDBOX_PATH = `${SOURCES_PATH}/add/salesforce-sandbox`;
+export const ADD_SERVICENOW_PATH = `${SOURCES_PATH}/add/servicenow`;
+export const ADD_SHAREPOINT_PATH = `${SOURCES_PATH}/add/sharepoint`;
 export const ADD_SLACK_PATH = `${SOURCES_PATH}/add/slack`;
 export const ADD_ZENDESK_PATH = `${SOURCES_PATH}/add/zendesk`;
 export const ADD_CUSTOM_PATH = `${SOURCES_PATH}/add/custom`;
@@ -101,10 +102,11 @@ export const EDIT_GMAIL_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/gmail/edit`;
 export const EDIT_GOOGLE_DRIVE_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/google-drive/edit`;
 export const EDIT_JIRA_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/jira-cloud/edit`;
 export const EDIT_JIRA_SERVER_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/jira-server/edit`;
-export const EDIT_ONE_DRIVE_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/one-drive/edit`;
+export const EDIT_ONEDRIVE_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/onedrive/edit`;
 export const EDIT_SALESFORCE_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/salesforce/edit`;
-export const EDIT_SERVICE_NOW_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/service-now/edit`;
-export const EDIT_SHARE_POINT_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/share-point/edit`;
+export const EDIT_SALESFORCE_SANDBOX_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/salesforce-sandbox/edit`;
+export const EDIT_SERVICENOW_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/servicenow/edit`;
+export const EDIT_SHAREPOINT_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/sharepoint/edit`;
 export const EDIT_SLACK_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/slack/edit`;
 export const EDIT_ZENDESK_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/zendesk/edit`;
 export const EDIT_CUSTOM_PATH = `${ORG_SETTINGS_CONNECTORS_PATH}/custom/edit`;
diff --git a/x-pack/plugins/enterprise_search/public/applications/workplace_search/types.ts b/x-pack/plugins/enterprise_search/public/applications/workplace_search/types.ts
index 8f44fcacc17f6..f09160d513344 100644
--- a/x-pack/plugins/enterprise_search/public/applications/workplace_search/types.ts
+++ b/x-pack/plugins/enterprise_search/public/applications/workplace_search/types.ts
@@ -57,3 +57,13 @@ export interface ContentSourceDetails extends ContentSource {
 export interface SourcePriority {
   [id: string]: number;
 }
+
+export enum FeatureIds {
+  SyncFrequency = 'SyncFrequency',
+  SyncedItems = 'SyncedItems',
+  SearchableContent = 'SearchableContent',
+  Remote = 'Remote',
+  Private = 'Private',
+  GlobalAccessPermissions = 'GlobalAccessPermissions',
+  DocumentLevelPermissions = 'DocumentLevelPermissions',
+}
diff --git a/x-pack/plugins/enterprise_search/public/applications/workplace_search/views/content_sources/source_data.tsx b/x-pack/plugins/enterprise_search/public/applications/workplace_search/views/content_sources/source_data.tsx
new file mode 100644
index 0000000000000..d04b2cb16d308
--- /dev/null
+++ b/x-pack/plugins/enterprise_search/public/applications/workplace_search/views/content_sources/source_data.tsx
@@ -0,0 +1,743 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { i18n } from '@kbn/i18n';
+
+import {
+  ADD_CONFLUENCE_PATH,
+  ADD_CONFLUENCE_SERVER_PATH,
+  ADD_DROPBOX_PATH,
+  ADD_GITHUB_ENTERPRISE_PATH,
+  ADD_GITHUB_PATH,
+  ADD_GMAIL_PATH,
+  ADD_GOOGLE_DRIVE_PATH,
+  ADD_JIRA_PATH,
+  ADD_JIRA_SERVER_PATH,
+  ADD_ONEDRIVE_PATH,
+  ADD_SALESFORCE_PATH,
+  ADD_SALESFORCE_SANDBOX_PATH,
+  ADD_SERVICENOW_PATH,
+  ADD_SHAREPOINT_PATH,
+  ADD_SLACK_PATH,
+  ADD_ZENDESK_PATH,
+  ADD_CUSTOM_PATH,
+  EDIT_CONFLUENCE_PATH,
+  EDIT_CONFLUENCE_SERVER_PATH,
+  EDIT_DROPBOX_PATH,
+  EDIT_GITHUB_ENTERPRISE_PATH,
+  EDIT_GITHUB_PATH,
+  EDIT_GMAIL_PATH,
+  EDIT_GOOGLE_DRIVE_PATH,
+  EDIT_JIRA_PATH,
+  EDIT_JIRA_SERVER_PATH,
+  EDIT_ONEDRIVE_PATH,
+  EDIT_SALESFORCE_PATH,
+  EDIT_SALESFORCE_SANDBOX_PATH,
+  EDIT_SERVICENOW_PATH,
+  EDIT_SHAREPOINT_PATH,
+  EDIT_SLACK_PATH,
+  EDIT_ZENDESK_PATH,
+  EDIT_CUSTOM_PATH,
+  CONFLUENCE_DOCS_URL,
+  CONFLUENCE_SERVER_DOCS_URL,
+  GITHUB_ENTERPRISE_DOCS_URL,
+  DROPBOX_DOCS_URL,
+  GITHUB_DOCS_URL,
+  GMAIL_DOCS_URL,
+  GOOGLE_DRIVE_DOCS_URL,
+  JIRA_DOCS_URL,
+  JIRA_SERVER_DOCS_URL,
+  ONEDRIVE_DOCS_URL,
+  SALESFORCE_DOCS_URL,
+  SERVICENOW_DOCS_URL,
+  SHAREPOINT_DOCS_URL,
+  SLACK_DOCS_URL,
+  ZENDESK_DOCS_URL,
+  CUSTOM_SOURCE_DOCS_URL,
+} from '../../routes';
+
+import { FeatureIds } from '../../types';
+
+import { SOURCE_NAMES, SOURCE_OBJ_TYPES, GITHUB_LINK_TITLE } from '../../constants';
+
+const connectStepDescription = {
+  attachments: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.connectStepDescription.attachments',
+    {
+      defaultMessage:
+        'Content found within Attachments (PDFs, Microsoft Office Files, and other popular textual file formats) will be automatically indexed and searchable.',
+    }
+  ),
+  files: i18n.translate(
+    'xpack.enterpriseSearch.workplaceSearch.sources.connectStepDescription.files',
+    {
+      defaultMessage:
+        'Content found within PDFs, Microsoft Office Files, and other popular textual file formats will be automatically indexed and searchable.',
+    }
+  ),
+  empty: '',
+};
+
+export const staticSourceData = [
+  {
+    name: SOURCE_NAMES.CONFLUENCE,
+    serviceType: 'confluence_cloud',
+    addPath: ADD_CONFLUENCE_PATH,
+    editPath: EDIT_CONFLUENCE_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: true,
+      needsBaseUrl: true,
+      documentationUrl: CONFLUENCE_DOCS_URL,
+      applicationPortalUrl: 'https://developer.atlassian.com/apps/',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.confluence',
+      {
+        defaultMessage:
+          '{sourceName} is a team workspace, where knowledge and collaboration meet. Often used as an organizational wiki and intranet, it usually houses valuable information for staff across multiple areas of your business.',
+        values: { sourceName: SOURCE_NAMES.CONFLUENCE },
+      }
+    ),
+    connectStepDescription: connectStepDescription.attachments,
+    objTypes: [
+      SOURCE_OBJ_TYPES.PAGES,
+      SOURCE_OBJ_TYPES.ATTACHMENTS,
+      SOURCE_OBJ_TYPES.BLOG_POSTS,
+      SOURCE_OBJ_TYPES.SPACES,
+    ],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.CONFLUENCE_SERVER,
+    serviceType: 'confluence_server',
+    addPath: ADD_CONFLUENCE_SERVER_PATH,
+    editPath: EDIT_CONFLUENCE_SERVER_PATH,
+    configuration: {
+      isPublicKey: true,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      documentationUrl: CONFLUENCE_SERVER_DOCS_URL,
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.confluenceServer',
+      {
+        defaultMessage:
+          '{sourceName} is a team workspace, where knowledge and collaboration meet. Often used as an organizational wiki and intranet, it usually houses valuable information for staff across multiple areas of your business.',
+        values: { sourceName: SOURCE_NAMES.CONFLUENCE },
+      }
+    ),
+    connectStepDescription: connectStepDescription.attachments,
+    objTypes: [
+      SOURCE_OBJ_TYPES.PAGES,
+      SOURCE_OBJ_TYPES.ATTACHMENTS,
+      SOURCE_OBJ_TYPES.BLOG_POSTS,
+      SOURCE_OBJ_TYPES.SPACES,
+    ],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.DROPBOX,
+    serviceType: 'dropbox',
+    addPath: ADD_DROPBOX_PATH,
+    editPath: EDIT_DROPBOX_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      documentationUrl: DROPBOX_DOCS_URL,
+      applicationPortalUrl: 'https://www.dropbox.com/developers/apps',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.dropbox',
+      {
+        defaultMessage:
+          '{sourceName} is a cloud-based storage service for organizations of all sizes. Create, store, share and automatically synchronize documents across your desktop and web.',
+        values: { sourceName: SOURCE_NAMES.DROPBOX },
+      }
+    ),
+    connectStepDescription: connectStepDescription.files,
+    objTypes: [SOURCE_OBJ_TYPES.ALL_FILES],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.GITHUB,
+    serviceType: 'github',
+    addPath: ADD_GITHUB_PATH,
+    editPath: EDIT_GITHUB_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      needsConfiguration: true,
+      documentationUrl: GITHUB_DOCS_URL,
+      applicationPortalUrl: 'https://github.com/settings/developers',
+      applicationLinkTitle: GITHUB_LINK_TITLE,
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.github',
+      {
+        defaultMessage:
+          '{sourceName} is a development platform, version control and collaboration platform for teams of all sizes. From open source to business, you can host and review code, manage projects, and build software across departments and continents.',
+        values: { sourceName: SOURCE_NAMES.GITHUB },
+      }
+    ),
+    connectStepDescription: connectStepDescription.empty,
+    objTypes: [
+      SOURCE_OBJ_TYPES.ISSUES,
+      SOURCE_OBJ_TYPES.PULL_REQUESTS,
+      SOURCE_OBJ_TYPES.REPOSITORY_LIST,
+    ],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.GITHUB_ENTERPRISE,
+    serviceType: 'github_enterprise_server',
+    addPath: ADD_GITHUB_ENTERPRISE_PATH,
+    editPath: EDIT_GITHUB_ENTERPRISE_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: true,
+      needsConfiguration: true,
+      needsBaseUrl: true,
+      baseUrlTitle: i18n.translate(
+        'xpack.enterpriseSearch.workplaceSearch.sources.baseUrlTitles.github',
+        {
+          defaultMessage: 'GitHub Enterprise URL',
+        }
+      ),
+      documentationUrl: GITHUB_ENTERPRISE_DOCS_URL,
+      applicationPortalUrl: 'https://github.com/settings/developers',
+      applicationLinkTitle: GITHUB_LINK_TITLE,
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.githubEnterprise',
+      {
+        defaultMessage:
+          '{sourceName} is a development platform, version control and collaboration platform for teams of all sizes. From open source to business, you can host and review code, manage projects, and build software across departments and continents.',
+        values: { sourceName: SOURCE_NAMES.GITHUB_ENTERPRISE },
+      }
+    ),
+    connectStepDescription: connectStepDescription.empty,
+    objTypes: [
+      SOURCE_OBJ_TYPES.ISSUES,
+      SOURCE_OBJ_TYPES.PULL_REQUESTS,
+      SOURCE_OBJ_TYPES.REPOSITORY_LIST,
+    ],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.GMAIL,
+    serviceType: 'gmail',
+    addPath: ADD_GMAIL_PATH,
+    editPath: EDIT_GMAIL_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      documentationUrl: GMAIL_DOCS_URL,
+      applicationPortalUrl: 'https://console.developers.google.com/',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.gmail',
+      {
+        defaultMessage:
+          '{sourceName} is a free email service developed by Google. It is fast, reliable, and trusted by millions of people and organizations around the world. Workplace Search brings all of your Gmail content into one relevant and ease-to-use search experience.',
+        values: { sourceName: SOURCE_NAMES.GMAIL },
+      }
+    ),
+    connectStepDescription: connectStepDescription.empty,
+    objTypes: [SOURCE_OBJ_TYPES.EMAILS],
+    features: {
+      platinumPrivateContext: [FeatureIds.Remote, FeatureIds.Private, FeatureIds.SearchableContent],
+    },
+    accountContextOnly: true,
+  },
+  {
+    name: SOURCE_NAMES.GOOGLE_DRIVE,
+    serviceType: 'google_drive',
+    addPath: ADD_GOOGLE_DRIVE_PATH,
+    editPath: EDIT_GOOGLE_DRIVE_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      documentationUrl: GOOGLE_DRIVE_DOCS_URL,
+      applicationPortalUrl: 'https://console.developers.google.com/',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.googleDrive',
+      {
+        defaultMessage:
+          '{sourceName} is a cloud-based storage and collaboration service for organizations of all sizes, with a focus on G Suite document (Google Docs, Sheets, Slides, etc) storage and collaboration. Create, store, share and automatically synchronize documents across your desktop and web.',
+        values: { sourceName: SOURCE_NAMES.GOOGLE_DRIVE },
+      }
+    ),
+    connectStepDescription: connectStepDescription.files,
+    objTypes: [SOURCE_OBJ_TYPES.G_SUITE_FILES, SOURCE_OBJ_TYPES.ALL_STORED_FILES],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      basicOrgContextExcludedFeatures: [FeatureIds.DocumentLevelPermissions],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.JIRA,
+    serviceType: 'jira_cloud',
+    addPath: ADD_JIRA_PATH,
+    editPath: EDIT_JIRA_PATH,
+    configuration: {
+      isPublicKey: true,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      documentationUrl: JIRA_DOCS_URL,
+      applicationPortalUrl: '',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.jira',
+      {
+        defaultMessage:
+          '{sourceName} is an issue tracking product that provides bug tracking, workflow automation, and agile project management tools for teams of all sizes. ',
+        values: { sourceName: SOURCE_NAMES.JIRA },
+      }
+    ),
+    connectStepDescription: connectStepDescription.files,
+    objTypes: [
+      SOURCE_OBJ_TYPES.EPICS,
+      SOURCE_OBJ_TYPES.PROJECTS,
+      SOURCE_OBJ_TYPES.TASKS,
+      SOURCE_OBJ_TYPES.STORIES,
+      SOURCE_OBJ_TYPES.BUGS,
+      SOURCE_OBJ_TYPES.ATTACHMENTS,
+    ],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.JIRA_SERVER,
+    serviceType: 'jira_server',
+    addPath: ADD_JIRA_SERVER_PATH,
+    editPath: EDIT_JIRA_SERVER_PATH,
+    configuration: {
+      isPublicKey: true,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      documentationUrl: JIRA_SERVER_DOCS_URL,
+      applicationPortalUrl: '',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.jiraServer',
+      {
+        defaultMessage:
+          '{sourceName} is an issue tracking product that provides bug tracking, workflow automation, and agile project management tools for teams of all sizes. ',
+        values: { sourceName: SOURCE_NAMES.JIRA_SERVER },
+      }
+    ),
+    connectStepDescription: connectStepDescription.files,
+    objTypes: [
+      SOURCE_OBJ_TYPES.EPICS,
+      SOURCE_OBJ_TYPES.PROJECTS,
+      SOURCE_OBJ_TYPES.TASKS,
+      SOURCE_OBJ_TYPES.STORIES,
+      SOURCE_OBJ_TYPES.BUGS,
+      SOURCE_OBJ_TYPES.ATTACHMENTS,
+    ],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.ONEDRIVE,
+    serviceType: 'one_drive',
+    addPath: ADD_ONEDRIVE_PATH,
+    editPath: EDIT_ONEDRIVE_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      documentationUrl: ONEDRIVE_DOCS_URL,
+      applicationPortalUrl: 'https://portal.azure.com/',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.oneDrive',
+      {
+        defaultMessage:
+          '{sourceName} is a cloud-based storage service for organizations of all sizes, with a focus on Office 365 document storage and collaboration. Create, store, share and automatically synchronize documents across your organization.',
+        values: { sourceName: SOURCE_NAMES.ONEDRIVE },
+      }
+    ),
+    connectStepDescription: connectStepDescription.files,
+    objTypes: [SOURCE_OBJ_TYPES.ALL_FILES],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      basicOrgContextExcludedFeatures: [FeatureIds.DocumentLevelPermissions],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.SALESFORCE,
+    serviceType: 'salesforce',
+    addPath: ADD_SALESFORCE_PATH,
+    editPath: EDIT_SALESFORCE_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      documentationUrl: SALESFORCE_DOCS_URL,
+      applicationPortalUrl: 'https://salesforce.com/',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.salesforce',
+      {
+        defaultMessage:
+          '{sourceName} is a cloud-based customer relationship management (CRM) platform with a focus on customer service, marketing automation, analytics, and sales operation tooling.',
+        values: { sourceName: SOURCE_NAMES.SALESFORCE },
+      }
+    ),
+    connectStepDescription: connectStepDescription.attachments,
+    objTypes: [
+      SOURCE_OBJ_TYPES.CONTACTS,
+      SOURCE_OBJ_TYPES.OPPORTUNITIES,
+      SOURCE_OBJ_TYPES.LEADS,
+      SOURCE_OBJ_TYPES.ACCOUNTS,
+      SOURCE_OBJ_TYPES.CAMPAIGNS,
+    ],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.SALESFORCE_SANDBOX,
+    serviceType: 'salesforce_sandbox',
+    addPath: ADD_SALESFORCE_SANDBOX_PATH,
+    editPath: EDIT_SALESFORCE_SANDBOX_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      documentationUrl: SALESFORCE_DOCS_URL,
+      applicationPortalUrl: 'https://test.salesforce.com/',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.salesforceSandbox',
+      {
+        defaultMessage:
+          '{sourceName} is a cloud-based customer relationship management (CRM) platform with a focus on customer service, marketing automation, analytics, and sales operation tooling.',
+        values: { sourceName: SOURCE_NAMES.SALESFORCE_SANDBOX },
+      }
+    ),
+    connectStepDescription: connectStepDescription.attachments,
+    objTypes: [
+      SOURCE_OBJ_TYPES.CONTACTS,
+      SOURCE_OBJ_TYPES.OPPORTUNITIES,
+      SOURCE_OBJ_TYPES.LEADS,
+      SOURCE_OBJ_TYPES.ACCOUNTS,
+      SOURCE_OBJ_TYPES.CAMPAIGNS,
+    ],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.SERVICENOW,
+    serviceType: 'service_now',
+    addPath: ADD_SERVICENOW_PATH,
+    editPath: EDIT_SERVICENOW_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: false,
+      needsBaseUrl: true,
+      documentationUrl: SERVICENOW_DOCS_URL,
+      applicationPortalUrl: 'https://www.servicenow.com/my-account/sign-in.html',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.serviceNow',
+      {
+        defaultMessage:
+          '{sourceName} is a cloud-based IT Service Management (ITSM) platform focusing on workflow automation and internal organizational support.',
+        values: { sourceName: SOURCE_NAMES.SERVICENOW },
+      }
+    ),
+    connectStepDescription: connectStepDescription.empty,
+    objTypes: [
+      SOURCE_OBJ_TYPES.USERS,
+      SOURCE_OBJ_TYPES.INCIDENTS,
+      SOURCE_OBJ_TYPES.ITEMS,
+      SOURCE_OBJ_TYPES.ARTICLES,
+    ],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.SHAREPOINT,
+    serviceType: 'share_point',
+    addPath: ADD_SHAREPOINT_PATH,
+    editPath: EDIT_SHAREPOINT_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      documentationUrl: SHAREPOINT_DOCS_URL,
+      applicationPortalUrl: 'https://portal.azure.com/',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.sharePoint',
+      {
+        defaultMessage:
+          '{sourceName} is a cloud-based collaboration, knowledge management and storage platform for organizations of all sizes. Often used as a centralized content management system (CMS), SharePoint Online stores a wealth of information across departments and teams.',
+        values: { sourceName: SOURCE_NAMES.SHAREPOINT },
+      }
+    ),
+    connectStepDescription: connectStepDescription.files,
+    objTypes: [SOURCE_OBJ_TYPES.SITES, SOURCE_OBJ_TYPES.ALL_FILES],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      basicOrgContextExcludedFeatures: [FeatureIds.DocumentLevelPermissions],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.SLACK,
+    serviceType: 'slack',
+    addPath: ADD_SLACK_PATH,
+    editPath: EDIT_SLACK_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      documentationUrl: SLACK_DOCS_URL,
+      applicationPortalUrl: 'https://api.slack.com/apps/',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.slack',
+      {
+        defaultMessage:
+          '{sourceName} is a communication tool that enables real-time collaboration and decision making. With {sourceName}, keep track of the work happening across teams, engage directly with your coworkers on ongoing projects and communicate with other organizations.',
+        values: { sourceName: SOURCE_NAMES.SLACK },
+      }
+    ),
+    connectStepDescription: connectStepDescription.empty,
+    objTypes: [
+      SOURCE_OBJ_TYPES.PUBLIC_MESSAGES,
+      SOURCE_OBJ_TYPES.PRIVATE_MESSAGES,
+      SOURCE_OBJ_TYPES.DIRECT_MESSAGES,
+    ],
+    features: {
+      platinumPrivateContext: [FeatureIds.Remote, FeatureIds.Private, FeatureIds.SearchableContent],
+    },
+    accountContextOnly: true,
+  },
+  {
+    name: SOURCE_NAMES.ZENDESK,
+    serviceType: 'zendesk',
+    addPath: ADD_ZENDESK_PATH,
+    editPath: EDIT_ZENDESK_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: true,
+      needsBaseUrl: false,
+      needsSubdomain: true,
+      documentationUrl: ZENDESK_DOCS_URL,
+      applicationPortalUrl: 'https://www.zendesk.com/login/',
+    },
+    sourceDescription: i18n.translate(
+      'xpack.enterpriseSearch.workplaceSearch.sources.sourceDescriptions.zendesk',
+      {
+        defaultMessage:
+          '{sourceName} is cloud-based customer relationship management and customer support platform that provides tools for tracking, prioritizing, and solving customer support tickets.',
+        values: { sourceName: SOURCE_NAMES.ZENDESK },
+      }
+    ),
+    connectStepDescription: connectStepDescription.empty,
+    objTypes: [SOURCE_OBJ_TYPES.TICKETS],
+    features: {
+      basicOrgContext: [
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+        FeatureIds.GlobalAccessPermissions,
+      ],
+      platinumOrgContext: [FeatureIds.SyncFrequency, FeatureIds.SyncedItems],
+      platinumPrivateContext: [
+        FeatureIds.Private,
+        FeatureIds.SyncFrequency,
+        FeatureIds.SyncedItems,
+      ],
+    },
+    accountContextOnly: false,
+  },
+  {
+    name: SOURCE_NAMES.CUSTOM,
+    serviceType: 'custom',
+    addPath: ADD_CUSTOM_PATH,
+    editPath: EDIT_CUSTOM_PATH,
+    configuration: {
+      isPublicKey: false,
+      hasOauthRedirect: false,
+      needsBaseUrl: false,
+      helpText: i18n.translate('xpack.enterpriseSearch.workplaceSearch.sources.helpText.custom', {
+        defaultMessage:
+          'To create a Custom API Source, provide a human-readable and descriptive name. The name will appear as-is in the various search experiences and management interfaces.',
+      }),
+      documentationUrl: CUSTOM_SOURCE_DOCS_URL,
+      applicationPortalUrl: '',
+    },
+    sourceDescription: '',
+    connectStepDescription: connectStepDescription.empty,
+    accountContextOnly: false,
+  },
+];
diff --git a/x-pack/plugins/enterprise_search/server/routes/app_search/engines.test.ts b/x-pack/plugins/enterprise_search/server/routes/app_search/engines.test.ts
index b7009c1b76fbc..ed6847a029100 100644
--- a/x-pack/plugins/enterprise_search/server/routes/app_search/engines.test.ts
+++ b/x-pack/plugins/enterprise_search/server/routes/app_search/engines.test.ts
@@ -116,7 +116,6 @@ describe('engine routes', () => {
       mockRouter = new MockRouter({
         method: 'get',
         path: '/api/app_search/engines/{name}',
-        payload: 'params',
       });
 
       registerEnginesRoutes({
@@ -133,4 +132,29 @@ describe('engine routes', () => {
       });
     });
   });
+
+  describe('GET /api/app_search/engines/{name}/overview', () => {
+    let mockRouter: MockRouter;
+
+    beforeEach(() => {
+      jest.clearAllMocks();
+      mockRouter = new MockRouter({
+        method: 'get',
+        path: '/api/app_search/engines/{name}/overview',
+      });
+
+      registerEnginesRoutes({
+        ...mockDependencies,
+        router: mockRouter.router,
+      });
+    });
+
+    it('creates a request to enterprise search', () => {
+      mockRouter.callRoute({ params: { name: 'some-engine' } });
+
+      expect(mockRequestHandler.createRequest).toHaveBeenCalledWith({
+        path: '/as/engines/some-engine/overview_metrics',
+      });
+    });
+  });
 });
diff --git a/x-pack/plugins/enterprise_search/server/routes/app_search/engines.ts b/x-pack/plugins/enterprise_search/server/routes/app_search/engines.ts
index 2c4e235556ae3..f9169d8795f4b 100644
--- a/x-pack/plugins/enterprise_search/server/routes/app_search/engines.ts
+++ b/x-pack/plugins/enterprise_search/server/routes/app_search/engines.ts
@@ -60,4 +60,19 @@ export function registerEnginesRoutes({
       })(context, request, response);
     }
   );
+  router.get(
+    {
+      path: '/api/app_search/engines/{name}/overview',
+      validate: {
+        params: schema.object({
+          name: schema.string(),
+        }),
+      },
+    },
+    async (context, request, response) => {
+      return enterpriseSearchRequestHandler.createRequest({
+        path: `/as/engines/${request.params.name}/overview_metrics`,
+      })(context, request, response);
+    }
+  );
 }
diff --git a/x-pack/plugins/features/common/sub_feature.ts b/x-pack/plugins/features/common/sub_feature.ts
index 0651bad883ea5..f791db6154731 100644
--- a/x-pack/plugins/features/common/sub_feature.ts
+++ b/x-pack/plugins/features/common/sub_feature.ts
@@ -5,6 +5,7 @@
  */
 
 import { RecursiveReadonly } from '@kbn/utility-types';
+import { LicenseType } from '../../licensing/common/types';
 import { FeatureKibanaPrivileges } from './feature_kibana_privileges';
 
 /**
@@ -68,6 +69,13 @@ export interface SubFeaturePrivilegeConfig
    * `read` is also included in `all` automatically.
    */
   includeIn: 'all' | 'read' | 'none';
+
+  /**
+   * The minimum supported license level for this sub-feature privilege.
+   * If no license level is supplied, then this privilege will be available for all licences
+   * that are valid for the overall feature.
+   */
+  minimumLicense?: LicenseType;
 }
 
 export class SubFeature {
diff --git a/x-pack/plugins/features/server/__snapshots__/oss_features.test.ts.snap b/x-pack/plugins/features/server/__snapshots__/oss_features.test.ts.snap
index f616daebf662a..e18acbfea8f48 100644
--- a/x-pack/plugins/features/server/__snapshots__/oss_features.test.ts.snap
+++ b/x-pack/plugins/features/server/__snapshots__/oss_features.test.ts.snap
@@ -1,6 +1,6 @@
 // Jest Snapshot v1, https://goo.gl/fbAQLP
 
-exports[`buildOSSFeatures returns the advancedSettings feature augmented with appropriate sub feature privileges 1`] = `
+exports[`buildOSSFeatures with a basic license returns the advancedSettings feature augmented with appropriate sub feature privileges 1`] = `
 Array [
   Object {
     "privilege": Object {
@@ -51,7 +51,7 @@ Array [
 ]
 `;
 
-exports[`buildOSSFeatures returns the dashboard feature augmented with appropriate sub feature privileges 1`] = `
+exports[`buildOSSFeatures with a basic license returns the dashboard feature augmented with appropriate sub feature privileges 1`] = `
 Array [
   Object {
     "privilege": Object {
@@ -128,7 +128,7 @@ Array [
 ]
 `;
 
-exports[`buildOSSFeatures returns the dev_tools feature augmented with appropriate sub feature privileges 1`] = `
+exports[`buildOSSFeatures with a basic license returns the dev_tools feature augmented with appropriate sub feature privileges 1`] = `
 Array [
   Object {
     "privilege": Object {
@@ -182,7 +182,7 @@ Array [
 ]
 `;
 
-exports[`buildOSSFeatures returns the discover feature augmented with appropriate sub feature privileges 1`] = `
+exports[`buildOSSFeatures with a basic license returns the discover feature augmented with appropriate sub feature privileges 1`] = `
 Array [
   Object {
     "privilege": Object {
@@ -243,7 +243,7 @@ Array [
 ]
 `;
 
-exports[`buildOSSFeatures returns the indexPatterns feature augmented with appropriate sub feature privileges 1`] = `
+exports[`buildOSSFeatures with a basic license returns the indexPatterns feature augmented with appropriate sub feature privileges 1`] = `
 Array [
   Object {
     "privilege": Object {
@@ -296,7 +296,7 @@ Array [
 ]
 `;
 
-exports[`buildOSSFeatures returns the savedObjectsManagement feature augmented with appropriate sub feature privileges 1`] = `
+exports[`buildOSSFeatures with a basic license returns the savedObjectsManagement feature augmented with appropriate sub feature privileges 1`] = `
 Array [
   Object {
     "privilege": Object {
@@ -363,7 +363,7 @@ Array [
 ]
 `;
 
-exports[`buildOSSFeatures returns the timelion feature augmented with appropriate sub feature privileges 1`] = `
+exports[`buildOSSFeatures with a basic license returns the timelion feature augmented with appropriate sub feature privileges 1`] = `
 Array [
   Object {
     "privilege": Object {
@@ -411,7 +411,489 @@ Array [
 ]
 `;
 
-exports[`buildOSSFeatures returns the visualize feature augmented with appropriate sub feature privileges 1`] = `
+exports[`buildOSSFeatures with a basic license returns the visualize feature augmented with appropriate sub feature privileges 1`] = `
+Array [
+  Object {
+    "privilege": Object {
+      "alerting": Object {
+        "all": Array [],
+        "read": Array [],
+      },
+      "api": Array [],
+      "app": Array [
+        "visualize",
+        "lens",
+        "kibana",
+      ],
+      "catalogue": Array [
+        "visualize",
+      ],
+      "management": Object {},
+      "savedObject": Object {
+        "all": Array [
+          "visualization",
+          "query",
+          "lens",
+          "url",
+        ],
+        "read": Array [
+          "index-pattern",
+          "search",
+          "tag",
+        ],
+      },
+      "ui": Array [
+        "show",
+        "delete",
+        "save",
+        "saveQuery",
+        "createShortUrl",
+      ],
+    },
+    "privilegeId": "all",
+  },
+  Object {
+    "privilege": Object {
+      "app": Array [
+        "visualize",
+        "lens",
+        "kibana",
+      ],
+      "catalogue": Array [
+        "visualize",
+      ],
+      "savedObject": Object {
+        "all": Array [],
+        "read": Array [
+          "index-pattern",
+          "search",
+          "visualization",
+          "query",
+          "lens",
+          "tag",
+        ],
+      },
+      "ui": Array [
+        "show",
+      ],
+    },
+    "privilegeId": "read",
+  },
+]
+`;
+
+exports[`buildOSSFeatures with a enterprise license returns the advancedSettings feature augmented with appropriate sub feature privileges 1`] = `
+Array [
+  Object {
+    "privilege": Object {
+      "app": Array [
+        "kibana",
+      ],
+      "catalogue": Array [
+        "advanced_settings",
+      ],
+      "management": Object {
+        "kibana": Array [
+          "settings",
+        ],
+      },
+      "savedObject": Object {
+        "all": Array [
+          "config",
+        ],
+        "read": Array [],
+      },
+      "ui": Array [
+        "save",
+      ],
+    },
+    "privilegeId": "all",
+  },
+  Object {
+    "privilege": Object {
+      "app": Array [
+        "kibana",
+      ],
+      "catalogue": Array [
+        "advanced_settings",
+      ],
+      "management": Object {
+        "kibana": Array [
+          "settings",
+        ],
+      },
+      "savedObject": Object {
+        "all": Array [],
+        "read": Array [],
+      },
+      "ui": Array [],
+    },
+    "privilegeId": "read",
+  },
+]
+`;
+
+exports[`buildOSSFeatures with a enterprise license returns the dashboard feature augmented with appropriate sub feature privileges 1`] = `
+Array [
+  Object {
+    "privilege": Object {
+      "alerting": Object {
+        "all": Array [],
+        "read": Array [],
+      },
+      "api": Array [],
+      "app": Array [
+        "dashboards",
+        "kibana",
+      ],
+      "catalogue": Array [
+        "dashboard",
+      ],
+      "management": Object {},
+      "savedObject": Object {
+        "all": Array [
+          "dashboard",
+          "query",
+          "url",
+        ],
+        "read": Array [
+          "index-pattern",
+          "search",
+          "visualization",
+          "timelion-sheet",
+          "canvas-workpad",
+          "lens",
+          "map",
+          "tag",
+        ],
+      },
+      "ui": Array [
+        "createNew",
+        "show",
+        "showWriteControls",
+        "saveQuery",
+        "createShortUrl",
+      ],
+    },
+    "privilegeId": "all",
+  },
+  Object {
+    "privilege": Object {
+      "app": Array [
+        "dashboards",
+        "kibana",
+      ],
+      "catalogue": Array [
+        "dashboard",
+      ],
+      "savedObject": Object {
+        "all": Array [],
+        "read": Array [
+          "index-pattern",
+          "search",
+          "visualization",
+          "timelion-sheet",
+          "canvas-workpad",
+          "lens",
+          "map",
+          "dashboard",
+          "query",
+          "tag",
+        ],
+      },
+      "ui": Array [
+        "show",
+      ],
+    },
+    "privilegeId": "read",
+  },
+]
+`;
+
+exports[`buildOSSFeatures with a enterprise license returns the dev_tools feature augmented with appropriate sub feature privileges 1`] = `
+Array [
+  Object {
+    "privilege": Object {
+      "api": Array [
+        "console",
+      ],
+      "app": Array [
+        "dev_tools",
+        "kibana",
+      ],
+      "catalogue": Array [
+        "console",
+        "searchprofiler",
+        "grokdebugger",
+      ],
+      "savedObject": Object {
+        "all": Array [],
+        "read": Array [],
+      },
+      "ui": Array [
+        "show",
+        "save",
+      ],
+    },
+    "privilegeId": "all",
+  },
+  Object {
+    "privilege": Object {
+      "api": Array [
+        "console",
+      ],
+      "app": Array [
+        "dev_tools",
+        "kibana",
+      ],
+      "catalogue": Array [
+        "console",
+        "searchprofiler",
+        "grokdebugger",
+      ],
+      "savedObject": Object {
+        "all": Array [],
+        "read": Array [],
+      },
+      "ui": Array [
+        "show",
+      ],
+    },
+    "privilegeId": "read",
+  },
+]
+`;
+
+exports[`buildOSSFeatures with a enterprise license returns the discover feature augmented with appropriate sub feature privileges 1`] = `
+Array [
+  Object {
+    "privilege": Object {
+      "alerting": Object {
+        "all": Array [],
+        "read": Array [],
+      },
+      "api": Array [],
+      "app": Array [
+        "discover",
+        "kibana",
+      ],
+      "catalogue": Array [
+        "discover",
+      ],
+      "management": Object {},
+      "savedObject": Object {
+        "all": Array [
+          "search",
+          "query",
+          "index-pattern",
+          "url",
+        ],
+        "read": Array [],
+      },
+      "ui": Array [
+        "show",
+        "save",
+        "saveQuery",
+        "createShortUrl",
+      ],
+    },
+    "privilegeId": "all",
+  },
+  Object {
+    "privilege": Object {
+      "app": Array [
+        "discover",
+        "kibana",
+      ],
+      "catalogue": Array [
+        "discover",
+      ],
+      "savedObject": Object {
+        "all": Array [],
+        "read": Array [
+          "index-pattern",
+          "search",
+          "query",
+        ],
+      },
+      "ui": Array [
+        "show",
+      ],
+    },
+    "privilegeId": "read",
+  },
+]
+`;
+
+exports[`buildOSSFeatures with a enterprise license returns the indexPatterns feature augmented with appropriate sub feature privileges 1`] = `
+Array [
+  Object {
+    "privilege": Object {
+      "app": Array [
+        "kibana",
+      ],
+      "catalogue": Array [
+        "indexPatterns",
+      ],
+      "management": Object {
+        "kibana": Array [
+          "indexPatterns",
+        ],
+      },
+      "savedObject": Object {
+        "all": Array [
+          "index-pattern",
+        ],
+        "read": Array [],
+      },
+      "ui": Array [
+        "save",
+      ],
+    },
+    "privilegeId": "all",
+  },
+  Object {
+    "privilege": Object {
+      "app": Array [
+        "kibana",
+      ],
+      "catalogue": Array [
+        "indexPatterns",
+      ],
+      "management": Object {
+        "kibana": Array [
+          "indexPatterns",
+        ],
+      },
+      "savedObject": Object {
+        "all": Array [],
+        "read": Array [
+          "index-pattern",
+        ],
+      },
+      "ui": Array [],
+    },
+    "privilegeId": "read",
+  },
+]
+`;
+
+exports[`buildOSSFeatures with a enterprise license returns the savedObjectsManagement feature augmented with appropriate sub feature privileges 1`] = `
+Array [
+  Object {
+    "privilege": Object {
+      "api": Array [
+        "copySavedObjectsToSpaces",
+      ],
+      "app": Array [
+        "kibana",
+      ],
+      "catalogue": Array [
+        "saved_objects",
+      ],
+      "management": Object {
+        "kibana": Array [
+          "objects",
+        ],
+      },
+      "savedObject": Object {
+        "all": Array [
+          "foo",
+          "bar",
+        ],
+        "read": Array [],
+      },
+      "ui": Array [
+        "read",
+        "edit",
+        "delete",
+        "copyIntoSpace",
+        "shareIntoSpace",
+      ],
+    },
+    "privilegeId": "all",
+  },
+  Object {
+    "privilege": Object {
+      "api": Array [
+        "copySavedObjectsToSpaces",
+      ],
+      "app": Array [
+        "kibana",
+      ],
+      "catalogue": Array [
+        "saved_objects",
+      ],
+      "management": Object {
+        "kibana": Array [
+          "objects",
+        ],
+      },
+      "savedObject": Object {
+        "all": Array [],
+        "read": Array [
+          "foo",
+          "bar",
+        ],
+      },
+      "ui": Array [
+        "read",
+      ],
+    },
+    "privilegeId": "read",
+  },
+]
+`;
+
+exports[`buildOSSFeatures with a enterprise license returns the timelion feature augmented with appropriate sub feature privileges 1`] = `
+Array [
+  Object {
+    "privilege": Object {
+      "app": Array [
+        "timelion",
+        "kibana",
+      ],
+      "catalogue": Array [
+        "timelion",
+      ],
+      "savedObject": Object {
+        "all": Array [
+          "timelion-sheet",
+        ],
+        "read": Array [
+          "index-pattern",
+        ],
+      },
+      "ui": Array [
+        "save",
+      ],
+    },
+    "privilegeId": "all",
+  },
+  Object {
+    "privilege": Object {
+      "app": Array [
+        "timelion",
+        "kibana",
+      ],
+      "catalogue": Array [
+        "timelion",
+      ],
+      "savedObject": Object {
+        "all": Array [],
+        "read": Array [
+          "index-pattern",
+          "timelion-sheet",
+        ],
+      },
+      "ui": Array [],
+    },
+    "privilegeId": "read",
+  },
+]
+`;
+
+exports[`buildOSSFeatures with a enterprise license returns the visualize feature augmented with appropriate sub feature privileges 1`] = `
 Array [
   Object {
     "privilege": Object {
diff --git a/x-pack/plugins/features/server/feature_registry.test.ts b/x-pack/plugins/features/server/feature_registry.test.ts
index fda72e4536939..6deb7cd968490 100644
--- a/x-pack/plugins/features/server/feature_registry.test.ts
+++ b/x-pack/plugins/features/server/feature_registry.test.ts
@@ -6,6 +6,7 @@
 
 import { FeatureRegistry } from './feature_registry';
 import { ElasticsearchFeatureConfig, KibanaFeatureConfig } from '../common';
+import { licensingMock } from '../../licensing/server/mocks';
 
 describe('FeatureRegistry', () => {
   describe('Kibana Features', () => {
@@ -1280,6 +1281,123 @@ describe('FeatureRegistry', () => {
       );
     });
 
+    it('allows independent sub-feature privileges to register a minimumLicense', () => {
+      const feature1: KibanaFeatureConfig = {
+        id: 'test-feature',
+        name: 'Test Feature',
+        app: [],
+        category: { id: 'foo', label: 'foo' },
+        privileges: {
+          all: {
+            savedObject: {
+              all: [],
+              read: [],
+            },
+            ui: [],
+          },
+          read: {
+            savedObject: {
+              all: [],
+              read: [],
+            },
+            ui: [],
+          },
+        },
+        subFeatures: [
+          {
+            name: 'foo',
+            privilegeGroups: [
+              {
+                groupType: 'independent',
+                privileges: [
+                  {
+                    id: 'foo',
+                    name: 'foo',
+                    minimumLicense: 'platinum',
+                    includeIn: 'all',
+                    savedObject: {
+                      all: [],
+                      read: [],
+                    },
+                    ui: [],
+                  },
+                ],
+              },
+            ],
+          },
+        ],
+      };
+
+      const featureRegistry = new FeatureRegistry();
+      featureRegistry.registerKibanaFeature(feature1);
+    });
+
+    it('prevents mutually exclusive sub-feature privileges from registering a minimumLicense', () => {
+      const feature1: KibanaFeatureConfig = {
+        id: 'test-feature',
+        name: 'Test Feature',
+        app: [],
+        category: { id: 'foo', label: 'foo' },
+        privileges: {
+          all: {
+            savedObject: {
+              all: [],
+              read: [],
+            },
+            ui: [],
+          },
+          read: {
+            savedObject: {
+              all: [],
+              read: [],
+            },
+            ui: [],
+          },
+        },
+        subFeatures: [
+          {
+            name: 'foo',
+            privilegeGroups: [
+              {
+                groupType: 'mutually_exclusive',
+                privileges: [
+                  {
+                    id: 'foo',
+                    name: 'foo',
+                    minimumLicense: 'platinum',
+                    includeIn: 'all',
+                    savedObject: {
+                      all: [],
+                      read: [],
+                    },
+                    ui: [],
+                  },
+                  {
+                    id: 'bar',
+                    name: 'Bar',
+                    minimumLicense: 'platinum',
+                    includeIn: 'all',
+                    savedObject: {
+                      all: [],
+                      read: [],
+                    },
+                    ui: [],
+                  },
+                ],
+              },
+            ],
+          },
+        ],
+      };
+
+      const featureRegistry = new FeatureRegistry();
+      expect(() => {
+        featureRegistry.registerKibanaFeature(feature1);
+      }).toThrowErrorMatchingInlineSnapshot(
+        `"child \\"subFeatures\\" fails because [\\"subFeatures\\" at position 0 fails because [child \\"privilegeGroups\\" fails because [\\"privilegeGroups\\" at position 0 fails because [child \\"privileges\\" fails because [\\"privileges\\" at position 0 fails because [child \\"minimumLicense\\" fails because [\\"minimumLicense\\" is not allowed]]]]]]]"`
+      );
+    });
+
     it('cannot register feature after getAll has been called', () => {
       const feature1: KibanaFeatureConfig = {
         id: 'test-feature',
@@ -1305,6 +1423,89 @@ describe('FeatureRegistry', () => {
         `"Features are locked, can't register new features. Attempt to register test-feature-2 failed."`
       );
     });
+    describe('#getAllKibanaFeatures', () => {
+      const features: KibanaFeatureConfig[] = [
+        {
+          id: 'gold-feature',
+          name: 'Test Feature',
+          app: [],
+          category: { id: 'foo', label: 'foo' },
+          minimumLicense: 'gold',
+          privileges: null,
+        },
+        {
+          id: 'unlicensed-feature',
+          name: 'Test Feature',
+          app: [],
+          category: { id: 'foo', label: 'foo' },
+          privileges: null,
+        },
+        {
+          id: 'with-sub-feature',
+          name: 'Test Feature',
+          app: [],
+          category: { id: 'foo', label: 'foo' },
+          privileges: {
+            all: { savedObject: { all: [], read: [] }, ui: [] },
+            read: { savedObject: { all: [], read: [] }, ui: [] },
+          },
+          minimumLicense: 'platinum',
+          subFeatures: [
+            {
+              name: 'licensed-sub-feature',
+              privilegeGroups: [
+                {
+                  groupType: 'independent',
+                  privileges: [
+                    {
+                      id: 'sub-feature',
+                      includeIn: 'all',
+                      minimumLicense: 'enterprise',
+                      name: 'sub feature',
+                      savedObject: { all: [], read: [] },
+                      ui: [],
+                    },
+                  ],
+                },
+              ],
+            },
+          ],
+        },
+      ];
+
+      const registry = new FeatureRegistry();
+      features.forEach((f) => registry.registerKibanaFeature(f));
+
+      it('returns all features and sub-feature privileges by default', () => {
+        const result = registry.getAllKibanaFeatures();
+        expect(result).toHaveLength(3);
+        const [, , withSubFeature] = result;
+        expect(withSubFeature.subFeatures).toHaveLength(1);
+        expect(withSubFeature.subFeatures[0].privilegeGroups).toHaveLength(1);
+        expect(withSubFeature.subFeatures[0].privilegeGroups[0].privileges).toHaveLength(1);
+      });
+
+      it('returns features which are satisfied by the current license', () => {
+        const license = licensingMock.createLicense({ license: { type: 'gold' } });
+        const result = registry.getAllKibanaFeatures(license);
+        expect(result).toHaveLength(2);
+        const ids = result.map((f) => f.id);
+        expect(ids).toEqual(['gold-feature', 'unlicensed-feature']);
+      });
+
+      it('filters out sub-feature privileges which do not match the current license', () => {
+        const license = licensingMock.createLicense({ license: { type: 'platinum' } });
+        const result = registry.getAllKibanaFeatures(license);
+        expect(result).toHaveLength(3);
+        const ids = result.map((f) => f.id);
+        expect(ids).toEqual(['gold-feature', 'unlicensed-feature', 'with-sub-feature']);
+
+        const [, , withSubFeature] = result;
+        expect(withSubFeature.subFeatures).toHaveLength(1);
+        expect(withSubFeature.subFeatures[0].privilegeGroups).toHaveLength(1);
+        expect(withSubFeature.subFeatures[0].privilegeGroups[0].privileges).toHaveLength(0);
+      });
+    });
   });
 
   describe('Elasticsearch Features', () => {
diff --git a/x-pack/plugins/features/server/feature_registry.ts b/x-pack/plugins/features/server/feature_registry.ts
index e9e556ba22fd2..cdceb5a2d1c77 100644
--- a/x-pack/plugins/features/server/feature_registry.ts
+++ b/x-pack/plugins/features/server/feature_registry.ts
@@ -5,6 +5,7 @@
  */
 
 import { cloneDeep, uniq } from 'lodash';
+import { ILicense } from '../../licensing/server';
 import {
   KibanaFeatureConfig,
   KibanaFeature,
@@ -55,11 +56,30 @@ export class FeatureRegistry {
     this.esFeatures[feature.id] = featureCopy;
   }
 
-  public getAllKibanaFeatures(): KibanaFeature[] {
+  public getAllKibanaFeatures(license?: ILicense, ignoreLicense = false): KibanaFeature[] {
     this.locked = true;
-    return Object.values(this.kibanaFeatures).map(
-      (featureConfig) => new KibanaFeature(featureConfig)
-    );
+    let features = Object.values(this.kibanaFeatures);
+
+    const performLicenseCheck = license && !ignoreLicense;
+
+    if (performLicenseCheck) {
+      features = features.filter((feature) => {
+        const filter = !feature.minimumLicense || license!.hasAtLeast(feature.minimumLicense);
+        if (!filter) return false;
+
+        feature.subFeatures?.forEach((subFeature) => {
+          subFeature.privilegeGroups.forEach((group) => {
+            group.privileges = group.privileges.filter(
+              (privilege) =>
+                !privilege.minimumLicense || license!.hasAtLeast(privilege.minimumLicense)
+            );
+          });
+        });
+
+        return true;
+      });
+    }
+    return features.map((featureConfig) => new KibanaFeature(featureConfig));
   }
 
   public getAllElasticsearchFeatures(): ElasticsearchFeature[] {
diff --git a/x-pack/plugins/features/server/feature_schema.ts b/x-pack/plugins/features/server/feature_schema.ts
index 78ffcdb087360..3d8b649802168 100644
--- a/x-pack/plugins/features/server/feature_schema.ts
+++ b/x-pack/plugins/features/server/feature_schema.ts
@@ -21,6 +21,11 @@ const managementSectionIdRegex = /^[a-zA-Z0-9_-]+$/;
 const reservedFeaturePrrivilegePartRegex = /^(?!reserved_)[a-zA-Z0-9_-]+$/;
 export const uiCapabilitiesRegex = /^[a-zA-Z0-9:_-]+$/;
 
+const validLicenses = ['basic', 'standard', 'gold', 'platinum', 'enterprise', 'trial'];
+// sub-feature privileges are only available with a `gold` license or better, so restricting sub-feature privileges
+// for `gold` or below doesn't make a whole lot of sense.
+const validSubFeaturePrivilegeLicenses = ['platinum', 'enterprise', 'trial'];
+
 const managementSchema = Joi.object().pattern(
   managementSectionIdRegex,
   Joi.array().items(Joi.string().regex(uiCapabilitiesRegex))
@@ -53,10 +58,11 @@ const kibanaPrivilegeSchema = Joi.object({
   ui: Joi.array().items(Joi.string().regex(uiCapabilitiesRegex)).required(),
 });
 
-const kibanaSubFeaturePrivilegeSchema = Joi.object({
+const kibanaIndependentSubFeaturePrivilegeSchema = Joi.object({
   id: Joi.string().regex(subFeaturePrivilegePartRegex).required(),
   name: Joi.string().required(),
   includeIn: Joi.string().allow('all', 'read', 'none').required(),
+  minimumLicense: Joi.string().valid(...validSubFeaturePrivilegeLicenses),
   management: managementSchema,
   catalogue: catalogueSchema,
   alerting: Joi.object({
@@ -72,12 +78,22 @@ const kibanaSubFeaturePrivilegeSchema = Joi.object({
   ui: Joi.array().items(Joi.string().regex(uiCapabilitiesRegex)).required(),
 });
 
+const kibanaMutuallyExclusiveSubFeaturePrivilegeSchema = kibanaIndependentSubFeaturePrivilegeSchema.keys(
+  {
+    minimumLicense: Joi.forbidden(),
+  }
+);
+
 const kibanaSubFeatureSchema = Joi.object({
   name: Joi.string().required(),
   privilegeGroups: Joi.array().items(
     Joi.object({
       groupType: Joi.string().valid('mutually_exclusive', 'independent').required(),
-      privileges: Joi.array().items(kibanaSubFeaturePrivilegeSchema).min(1),
+      privileges: Joi.when('groupType', {
+        is: 'mutually_exclusive',
+        then: Joi.array().items(kibanaMutuallyExclusiveSubFeaturePrivilegeSchema).min(1),
+        otherwise: Joi.array().items(kibanaIndependentSubFeaturePrivilegeSchema).min(1),
+      }),
     })
   ),
 });
@@ -91,14 +107,7 @@ const kibanaFeatureSchema = Joi.object({
   category: appCategorySchema,
   order: Joi.number(),
   excludeFromBasePrivileges: Joi.boolean(),
-  minimumLicense: Joi.string().valid(
-    'basic',
-    'standard',
-    'gold',
-    'platinum',
-    'enterprise',
-    'trial'
-  ),
+  minimumLicense: Joi.string().valid(...validLicenses),
   app: Joi.array().items(Joi.string()).required(),
   management: managementSchema,
   catalogue: catalogueSchema,
diff --git a/x-pack/plugins/features/server/oss_features.test.ts b/x-pack/plugins/features/server/oss_features.test.ts
index 961656aba8bfd..a22e95105ba05 100644
--- a/x-pack/plugins/features/server/oss_features.test.ts
+++ b/x-pack/plugins/features/server/oss_features.test.ts
@@ -7,6 +7,7 @@
 import { buildOSSFeatures } from './oss_features';
 import { featurePrivilegeIterator } from '../../security/server/authorization';
 import { KibanaFeature } from '.';
+import { LicenseType } from '../../licensing/server';
 
 describe('buildOSSFeatures', () => {
   it('returns features including timelion', () => {
@@ -46,14 +47,22 @@ Array [
 
   const features = buildOSSFeatures({ savedObjectTypes: ['foo', 'bar'], includeTimelion: true });
   features.forEach((featureConfig) => {
-    it(`returns the ${featureConfig.id} feature augmented with appropriate sub feature privileges`, () => {
-      const privileges = [];
-      for (const featurePrivilege of featurePrivilegeIterator(new KibanaFeature(featureConfig), {
-        augmentWithSubFeaturePrivileges: true,
-      })) {
-        privileges.push(featurePrivilege);
-      }
-      expect(privileges).toMatchSnapshot();
+    (['enterprise', 'basic'] as LicenseType[]).forEach((licenseType) => {
+      describe(`with a ${licenseType} license`, () => {
+        it(`returns the ${featureConfig.id} feature augmented with appropriate sub feature privileges`, () => {
+          const privileges = [];
+          for (const featurePrivilege of featurePrivilegeIterator(
+            new KibanaFeature(featureConfig),
+            {
+              augmentWithSubFeaturePrivileges: true,
+              licenseType,
+            }
+          )) {
+            privileges.push(featurePrivilege);
+          }
+          expect(privileges).toMatchSnapshot();
+        });
+      });
     });
   });
 });
diff --git a/x-pack/plugins/features/server/routes/index.test.ts b/x-pack/plugins/features/server/routes/index.test.ts
index 7080f18906146..a3a038533777c 100644
--- a/x-pack/plugins/features/server/routes/index.test.ts
+++ b/x-pack/plugins/features/server/routes/index.test.ts
@@ -11,15 +11,78 @@ import { httpServerMock, httpServiceMock, coreMock } from '../../../../../src/co
 import { LicenseType } from '../../../licensing/server/';
 import { licensingMock } from '../../../licensing/server/mocks';
 import { RequestHandler } from '../../../../../src/core/server';
-import { KibanaFeatureConfig } from '../../common';
+import { FeatureKibanaPrivileges, KibanaFeatureConfig, SubFeatureConfig } from '../../common';
 
-function createContextMock(licenseType: LicenseType = 'gold') {
+function createContextMock(licenseType: LicenseType = 'platinum') {
   return {
     core: coreMock.createRequestHandlerContext(),
     licensing: licensingMock.createRequestHandlerContext({ license: { type: licenseType } }),
   };
 }
 
+function createPrivilege(partial: Partial<FeatureKibanaPrivileges> = {}): FeatureKibanaPrivileges {
+  return {
+    savedObject: {
+      all: [],
+      read: [],
+    },
+    ui: [],
+    ...partial,
+  };
+}
+
+function getExpectedSubFeatures(licenseType: LicenseType = 'platinum'): SubFeatureConfig[] {
+  return [
+    {
+      name: 'basicFeature',
+      privilegeGroups: [
+        {
+          groupType: 'independent',
+          privileges: [
+            {
+              id: 'basicSub1',
+              name: 'basic sub 1',
+              includeIn: 'all',
+              ...createPrivilege(),
+            },
+          ],
+        },
+      ],
+    },
+    {
+      name: 'platinumFeature',
+      privilegeGroups: [
+        {
+          groupType: 'independent',
+          privileges:
+            licenseType !== 'basic'
+              ? [
+                  {
+                    id: 'platinumFeatureSub1',
+                    name: 'platinum sub 1',
+                    includeIn: 'all',
+                    minimumLicense: 'platinum',
+                    ...createPrivilege(),
+                  },
+                ]
+              : [],
+        },
+        {
+          groupType: 'mutually_exclusive',
+          privileges: [
+            {
+              id: 'platinumFeatureMutExSub1',
+              name: 'platinum sub 1',
+              includeIn: 'all',
+              ...createPrivilege(),
+            },
+          ],
+        },
+      ],
+    },
+  ];
+}
+
 describe('GET /api/features', () => {
   let routeHandler: RequestHandler<any, any, any>;
   beforeEach(() => {
@@ -29,7 +92,11 @@ describe('GET /api/features', () => {
       name: 'Feature 1',
       app: [],
       category: { id: 'foo', label: 'foo' },
-      privileges: null,
+      privileges: {
+        all: createPrivilege(),
+        read: createPrivilege(),
+      },
+      subFeatures: getExpectedSubFeatures(),
     });
 
     featureRegistry.registerKibanaFeature({
@@ -76,7 +143,12 @@ describe('GET /api/features', () => {
     const [call] = mockResponse.ok.mock.calls;
     const body = call[0]!.body as KibanaFeatureConfig[];
 
-    const features = body.map((feature) => ({ id: feature.id, order: feature.order }));
+    const features = body.map((feature) => ({
+      id: feature.id,
+      order: feature.order,
+      subFeatures: feature.subFeatures,
+    }));
+
     expect(features).toEqual([
       {
         id: 'feature_3',
@@ -89,6 +161,7 @@ describe('GET /api/features', () => {
       {
         id: 'feature_1',
         order: undefined,
+        subFeatures: getExpectedSubFeatures(),
       },
       {
         id: 'licensed_feature',
@@ -105,7 +178,11 @@ describe('GET /api/features', () => {
     const [call] = mockResponse.ok.mock.calls;
     const body = call[0]!.body as KibanaFeatureConfig[];
 
-    const features = body.map((feature) => ({ id: feature.id, order: feature.order }));
+    const features = body.map((feature) => ({
+      id: feature.id,
+      order: feature.order,
+      subFeatures: feature.subFeatures,
+    }));
 
     expect(features).toEqual([
       {
@@ -119,6 +196,7 @@ describe('GET /api/features', () => {
       {
         id: 'feature_1',
         order: undefined,
+        subFeatures: getExpectedSubFeatures('basic'),
       },
     ]);
   });
@@ -135,7 +213,11 @@ describe('GET /api/features', () => {
     const [call] = mockResponse.ok.mock.calls;
     const body = call[0]!.body as KibanaFeatureConfig[];
 
-    const features = body.map((feature) => ({ id: feature.id, order: feature.order }));
+    const features = body.map((feature) => ({
+      id: feature.id,
+      order: feature.order,
+      subFeatures: feature.subFeatures,
+    }));
 
     expect(features).toEqual([
       {
@@ -149,6 +231,7 @@ describe('GET /api/features', () => {
       {
         id: 'feature_1',
         order: undefined,
+        subFeatures: getExpectedSubFeatures('basic'),
       },
     ]);
   });
@@ -165,7 +248,11 @@ describe('GET /api/features', () => {
     const [call] = mockResponse.ok.mock.calls;
     const body = call[0]!.body as KibanaFeatureConfig[];
 
-    const features = body.map((feature) => ({ id: feature.id, order: feature.order }));
+    const features = body.map((feature) => ({
+      id: feature.id,
+      order: feature.order,
+      subFeatures: feature.subFeatures,
+    }));
 
     expect(features).toEqual([
       {
@@ -179,6 +266,7 @@ describe('GET /api/features', () => {
       {
         id: 'feature_1',
         order: undefined,
+        subFeatures: getExpectedSubFeatures(),
       },
       {
         id: 'licensed_feature',
diff --git a/x-pack/plugins/features/server/routes/index.ts b/x-pack/plugins/features/server/routes/index.ts
index 1b0cd20775352..b2bfa8b0296b7 100644
--- a/x-pack/plugins/features/server/routes/index.ts
+++ b/x-pack/plugins/features/server/routes/index.ts
@@ -26,17 +26,15 @@ export function defineRoutes({ router, featureRegistry }: RouteDefinitionParams)
       },
     },
     (context, request, response) => {
-      const allFeatures = featureRegistry.getAllKibanaFeatures();
+      const currentLicense = context.licensing!.license;
+
+      const allFeatures = featureRegistry.getAllKibanaFeatures(
+        currentLicense,
+        request.query.ignoreValidLicenses
+      );
 
       return response.ok({
         body: allFeatures
-          .filter(
-            (feature) =>
-              request.query.ignoreValidLicenses ||
-              !feature.minimumLicense ||
-              (context.licensing!.license &&
-                context.licensing!.license.hasAtLeast(feature.minimumLicense))
-          )
           .sort(
             (f1, f2) =>
               (f1.order ?? Number.MAX_SAFE_INTEGER) - (f2.order ?? Number.MAX_SAFE_INTEGER)
diff --git a/x-pack/plugins/fleet/public/applications/fleet/components/alpha_flyout.tsx b/x-pack/plugins/fleet/public/applications/fleet/components/alpha_flyout.tsx
index a6a162dbdeafa..6f986ced6cc62 100644
--- a/x-pack/plugins/fleet/public/applications/fleet/components/alpha_flyout.tsx
+++ b/x-pack/plugins/fleet/public/applications/fleet/components/alpha_flyout.tsx
@@ -48,7 +48,7 @@ export const AlphaFlyout: React.FunctionComponent<Props> = ({ onClose }) => {
               values={{
                 docsLink: (
                   <EuiLink
-                    href="https://www.elastic.co/guide/en/ingest-management/current/index.html"
+                    href="https://www.elastic.co/guide/en/fleet/current/index.html"
                     external
                     target="_blank"
                   >
diff --git a/x-pack/plugins/fleet/public/applications/fleet/components/enrollment_instructions/manual/index.tsx b/x-pack/plugins/fleet/public/applications/fleet/components/enrollment_instructions/manual/index.tsx
index 343ddfab23c71..d0145601b8a0b 100644
--- a/x-pack/plugins/fleet/public/applications/fleet/components/enrollment_instructions/manual/index.tsx
+++ b/x-pack/plugins/fleet/public/applications/fleet/components/enrollment_instructions/manual/index.tsx
@@ -78,7 +78,7 @@ export const ManualInstructions: React.FunctionComponent<Props> = ({
               <EuiLink
                 target="_blank"
                 external
-                href="https://www.elastic.co/guide/en/ingest-management/current/elastic-agent-installation-configuration.html"
+                href="https://www.elastic.co/guide/en/fleet/current/elastic-agent-installation-configuration.html"
               >
                 <FormattedMessage
                   id="xpack.fleet.enrollmentInstructions.moreInstructionsLink"
diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agents/setup_page/index.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agents/setup_page/index.tsx
index 884a2a12f71c5..60ee791ace5eb 100644
--- a/x-pack/plugins/fleet/public/applications/fleet/sections/agents/setup_page/index.tsx
+++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agents/setup_page/index.tsx
@@ -236,7 +236,7 @@ xpack.security.authc.api_key.enabled: true`}
               values={{
                 encryptionKeyLink: (
                   <EuiLink
-                    href="https://www.elastic.co/guide/en/kibana/current/ingest-manager-settings-kb.html"
+                    href="https://www.elastic.co/guide/en/kibana/current/fleet-settings-kb.html"
                     target="_blank"
                     external
                   >
@@ -262,7 +262,7 @@ xpack.encryptedSavedObjects.encryptionKey: "something_at_least_32_characters"`}
             values={{
               link: (
                 <EuiLink
-                  href="https://www.elastic.co/guide/en/ingest-management/current/index.html"
+                  href="https://www.elastic.co/guide/en/fleet/current/index.html"
                   target="_blank"
                   external
                 >
diff --git a/x-pack/plugins/index_management/__jest__/client_integration/helpers/constants.ts b/x-pack/plugins/index_management/__jest__/client_integration/helpers/constants.ts
new file mode 100644
index 0000000000000..14ef9760d7a05
--- /dev/null
+++ b/x-pack/plugins/index_management/__jest__/client_integration/helpers/constants.ts
@@ -0,0 +1,7 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export const BRANCH = '8.x';
diff --git a/x-pack/plugins/index_management/__jest__/client_integration/helpers/index.ts b/x-pack/plugins/index_management/__jest__/client_integration/helpers/index.ts
index d2d7eb0165d30..65af41033561e 100644
--- a/x-pack/plugins/index_management/__jest__/client_integration/helpers/index.ts
+++ b/x-pack/plugins/index_management/__jest__/client_integration/helpers/index.ts
@@ -11,3 +11,5 @@ export { nextTick, getRandomString, findTestSubject, TestBed } from '@kbn/test/j
 export { setupEnvironment, WithAppDependencies, services } from './setup_environment';
 
 export { TestSubjects } from './test_subjects';
+
+export { BRANCH } from './constants';
diff --git a/x-pack/plugins/index_management/__jest__/client_integration/index_template_wizard/template_edit.test.tsx b/x-pack/plugins/index_management/__jest__/client_integration/index_template_wizard/template_edit.test.tsx
index 37d489b6afe72..6ba2454025beb 100644
--- a/x-pack/plugins/index_management/__jest__/client_integration/index_template_wizard/template_edit.test.tsx
+++ b/x-pack/plugins/index_management/__jest__/client_integration/index_template_wizard/template_edit.test.tsx
@@ -8,7 +8,7 @@ import React from 'react';
 import { act } from 'react-dom/test-utils';
 
 import * as fixtures from '../../../test/fixtures';
-import { setupEnvironment } from '../helpers';
+import { setupEnvironment, BRANCH } from '../helpers';
 
 import { TEMPLATE_NAME, SETTINGS, ALIASES, MAPPINGS as DEFAULT_MAPPING } from './constants';
 import { setup } from './template_edit.helpers';
@@ -224,4 +224,69 @@ describe('<TemplateEdit />', () => {
       });
     });
   });
+
+  // @ts-expect-error
+  if (BRANCH === '7.x') {
+    describe('legacy index templates', () => {
+      const legacyTemplateToEdit = fixtures.getTemplate({
+        name: 'legacy_index_template',
+        indexPatterns: ['indexPattern1'],
+        isLegacy: true,
+        template: {
+          mappings: {
+            my_mapping_type: {},
+          },
+        },
+      });
+
+      beforeAll(() => {
+        httpRequestsMockHelpers.setLoadTemplateResponse(legacyTemplateToEdit);
+      });
+
+      beforeEach(async () => {
+        await act(async () => {
+          testBed = await setup();
+        });
+
+        testBed.component.update();
+      });
+
+      it('persists mappings type', async () => {
+        const { actions } = testBed;
+        // Logistics
+        await actions.completeStepOne();
+        // Note: "step 2" (component templates) doesn't exist for legacy templates
+        // Index settings
+        await actions.completeStepThree();
+        // Mappings
+        await actions.completeStepFour();
+        // Aliases
+        await actions.completeStepFive();
+
+        // Submit the form
+        await act(async () => {
+          actions.clickNextButton();
+        });
+
+        const latestRequest = server.requests[server.requests.length - 1];
+
+        const { version, template, name, indexPatterns, _kbnMeta, order } = legacyTemplateToEdit;
+
+        const expected = {
+          name,
+          indexPatterns,
+          version,
+          order,
+          template: {
+            aliases: undefined,
+            mappings: template!.mappings,
+            settings: undefined,
+          },
+          _kbnMeta,
+        };
+
+        expect(JSON.parse(JSON.parse(latestRequest.requestBody).body)).toEqual(expected);
+      });
+    });
+  }
 });
diff --git a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/filters/filter_popover.tsx b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/filters/filter_popover.tsx
index b023a9a5a3ec5..b9d9d6306b9ae 100644
--- a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/filters/filter_popover.tsx
+++ b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/filters/filter_popover.tsx
@@ -32,9 +32,13 @@ export const FilterPopover = ({
   const [isPopoverOpen, setIsPopoverOpen] = useState(false);
   const inputRef = React.useRef<HTMLInputElement>();
 
-  const setPopoverOpen = (isOpen: boolean) => {
-    setIsPopoverOpen(isOpen);
-    setIsOpenByCreation(isOpen);
+  const closePopover = () => {
+    if (isOpenByCreation) {
+      setIsOpenByCreation(false);
+    }
+    if (isPopoverOpen) {
+      setIsPopoverOpen(false);
+    }
   };
 
   const setFilterLabel = (label: string) => setFilter({ ...filter, label });
@@ -57,14 +61,14 @@ export const FilterPopover = ({
       panelClassName="lnsIndexPatternDimensionEditor__filtersEditor"
       isOpen={isOpenByCreation || isPopoverOpen}
       ownFocus
-      closePopover={() => {
-        setPopoverOpen(false);
-      }}
+      closePopover={() => closePopover()}
       button={
         <Button
           onClick={() => {
+            if (isOpenByCreation) {
+              setIsOpenByCreation(false);
+            }
             setIsPopoverOpen((open) => !open);
-            setIsOpenByCreation(false);
           }}
         />
       }
@@ -84,7 +88,7 @@ export const FilterPopover = ({
         onChange={setFilterLabel}
         placeholder={getPlaceholder(filter.input.query)}
         inputRef={inputRef}
-        onSubmit={() => setPopoverOpen(false)}
+        onSubmit={() => closePopover()}
         dataTestSubj="indexPattern-filters-label"
       />
     </EuiPopover>
diff --git a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/helpers.tsx b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/helpers.tsx
new file mode 100644
index 0000000000000..a5c08a93467af
--- /dev/null
+++ b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/helpers.tsx
@@ -0,0 +1,30 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { useRef } from 'react';
+import useDebounce from 'react-use/lib/useDebounce';
+
+export const useDebounceWithOptions = (
+  fn: Function,
+  { skipFirstRender }: { skipFirstRender: boolean } = { skipFirstRender: false },
+  ms?: number | undefined,
+  deps?: React.DependencyList | undefined
+) => {
+  const isFirstRender = useRef(true);
+  const newDeps = [...(deps || []), isFirstRender];
+
+  return useDebounce(
+    () => {
+      if (skipFirstRender && isFirstRender.current) {
+        isFirstRender.current = false;
+        return;
+      }
+      return fn();
+    },
+    ms,
+    newDeps
+  );
+};
diff --git a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/ranges/advanced_editor.tsx b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/ranges/advanced_editor.tsx
index 2eb971aa03c55..127f261efa7ad 100644
--- a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/ranges/advanced_editor.tsx
+++ b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/ranges/advanced_editor.tsx
@@ -8,7 +8,6 @@ import './advanced_editor.scss';
 
 import React, { useState, MouseEventHandler } from 'react';
 import { i18n } from '@kbn/i18n';
-import useDebounce from 'react-use/lib/useDebounce';
 import {
   EuiFlexGroup,
   EuiFlexItem,
@@ -31,6 +30,7 @@ import {
   DraggableBucketContainer,
   LabelInput,
 } from '../shared_components';
+import { useDebounceWithOptions } from '../helpers';
 
 const generateId = htmlIdGenerator();
 
@@ -86,9 +86,12 @@ export const RangePopover = ({
   });
 
   const onSubmit = () => {
-    setIsPopoverOpen(false);
-    setIsOpenByCreation(false);
-    saveRangeAndReset(tempRange, true);
+    if (isOpenByCreation) {
+      setIsOpenByCreation(false);
+    }
+    if (isPopoverOpen) {
+      setIsPopoverOpen(false);
+    }
   };
 
   return (
@@ -100,8 +103,10 @@ export const RangePopover = ({
       button={
         <Button
           onClick={() => {
+            if (isOpenByCreation) {
+              setIsOpenByCreation(false);
+            }
             setIsPopoverOpen((isOpen) => !isOpen);
-            setIsOpenByCreation(false);
           }}
         />
       }
@@ -208,12 +213,13 @@ export const AdvancedRangeEditor = ({
 
   const lastIndex = localRanges.length - 1;
 
-  // Update locally all the time, but bounce the parents prop function
-  // to aviod too many requests
-  useDebounce(
+  // Update locally all the time, but bounce the parents prop function to avoid too many requests
+  // Avoid to trigger on first render
+  useDebounceWithOptions(
     () => {
       setRanges(localRanges.map(({ id, ...rest }) => ({ ...rest })));
     },
+    { skipFirstRender: true },
     TYPING_DEBOUNCE_TIME,
     [localRanges]
   );
@@ -249,7 +255,11 @@ export const AdvancedRangeEditor = ({
       <>
         <DragDropBuckets
           onDragEnd={setLocalRanges}
-          onDragStart={() => setIsOpenByCreation(false)}
+          onDragStart={() => {
+            if (isOpenByCreation) {
+              setIsOpenByCreation(false);
+            }
+          }}
           droppableId="RANGES_DROPPABLE_AREA"
           items={localRanges}
         >
diff --git a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/ranges/range_editor.tsx b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/ranges/range_editor.tsx
index a18c47f9dedd1..df955be6b490a 100644
--- a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/ranges/range_editor.tsx
+++ b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/ranges/range_editor.tsx
@@ -6,7 +6,6 @@
 
 import React, { useEffect, useState } from 'react';
 import { i18n } from '@kbn/i18n';
-import useDebounce from 'react-use/lib/useDebounce';
 import {
   EuiButtonEmpty,
   EuiFormRow,
@@ -21,6 +20,7 @@ import { IFieldFormat } from 'src/plugins/data/public';
 import { RangeColumnParams, UpdateParamsFnType, MODES_TYPES } from './ranges';
 import { AdvancedRangeEditor } from './advanced_editor';
 import { TYPING_DEBOUNCE_TIME, MODES, MIN_HISTOGRAM_BARS } from './constants';
+import { useDebounceWithOptions } from '../helpers';
 
 const BaseRangeEditor = ({
   maxBars,
@@ -37,10 +37,11 @@ const BaseRangeEditor = ({
 }) => {
   const [maxBarsValue, setMaxBarsValue] = useState(String(maxBars));
 
-  useDebounce(
+  useDebounceWithOptions(
     () => {
       onMaxBarsChange(Number(maxBarsValue));
     },
+    { skipFirstRender: true },
     TYPING_DEBOUNCE_TIME,
     [maxBarsValue]
   );
@@ -151,13 +152,14 @@ export const RangeEditor = ({
 }) => {
   const [isAdvancedEditor, toggleAdvancedEditor] = useState(params.type === MODES.Range);
 
-  // if the maxBars in the params is set to auto refresh it with the default value
-  // only on bootstrap
+  // if the maxBars in the params is set to auto refresh it with the default value only on bootstrap
   useEffect(() => {
-    if (params.maxBars !== maxBars) {
-      setParam('maxBars', maxBars);
+    if (!isAdvancedEditor) {
+      if (params.maxBars !== maxBars) {
+        setParam('maxBars', maxBars);
+      }
     }
-  }, [maxBars, params.maxBars, setParam]);
+  }, [maxBars, params.maxBars, setParam, isAdvancedEditor]);
 
   if (isAdvancedEditor) {
     return (
diff --git a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/ranges/ranges.test.tsx b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/ranges/ranges.test.tsx
index ce015284e544b..87dcdb45cf58f 100644
--- a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/ranges/ranges.test.tsx
+++ b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/ranges/ranges.test.tsx
@@ -284,7 +284,11 @@ describe('ranges', () => {
           />
         );
 
+        // There's a useEffect in the component that updates the value on bootstrap
+        // because there's a debouncer, wait a bit before calling onChange
         act(() => {
+          jest.advanceTimersByTime(TYPING_DEBOUNCE_TIME * 4);
+
           instance.find(EuiRange).prop('onChange')!(
             {
               currentTarget: {
@@ -293,26 +297,27 @@ describe('ranges', () => {
             } as React.ChangeEvent<HTMLInputElement>,
             true
           );
+
           jest.advanceTimersByTime(TYPING_DEBOUNCE_TIME * 4);
+        });
 
-          expect(setStateSpy).toHaveBeenCalledWith({
-            ...state,
-            layers: {
-              first: {
-                ...state.layers.first,
-                columns: {
-                  ...state.layers.first.columns,
-                  col1: {
-                    ...state.layers.first.columns.col1,
-                    params: {
-                      ...state.layers.first.columns.col1.params,
-                      maxBars: MAX_HISTOGRAM_VALUE,
-                    },
+        expect(setStateSpy).toHaveBeenCalledWith({
+          ...state,
+          layers: {
+            first: {
+              ...state.layers.first,
+              columns: {
+                ...state.layers.first.columns,
+                col1: {
+                  ...state.layers.first.columns.col1,
+                  params: {
+                    ...state.layers.first.columns.col1.params,
+                    maxBars: MAX_HISTOGRAM_VALUE,
                   },
                 },
               },
             },
-          });
+          },
         });
       });
 
@@ -330,59 +335,65 @@ describe('ranges', () => {
           />
         );
 
+        // There's a useEffect in the component that updates the value on bootstrap
+        // because there's a debouncer, wait a bit before calling onChange
         act(() => {
+          jest.advanceTimersByTime(TYPING_DEBOUNCE_TIME * 4);
           // minus button
           instance
             .find('[data-test-subj="lns-indexPattern-range-maxBars-minus"]')
             .find('button')
             .prop('onClick')!({} as ReactMouseEvent);
           jest.advanceTimersByTime(TYPING_DEBOUNCE_TIME * 4);
+        });
 
-          expect(setStateSpy).toHaveBeenCalledWith({
-            ...state,
-            layers: {
-              first: {
-                ...state.layers.first,
-                columns: {
-                  ...state.layers.first.columns,
-                  col1: {
-                    ...state.layers.first.columns.col1,
-                    params: {
-                      ...state.layers.first.columns.col1.params,
-                      maxBars: GRANULARITY_DEFAULT_VALUE - GRANULARITY_STEP,
-                    },
+        expect(setStateSpy).toHaveBeenCalledWith({
+          ...state,
+          layers: {
+            first: {
+              ...state.layers.first,
+              columns: {
+                ...state.layers.first.columns,
+                col1: {
+                  ...state.layers.first.columns.col1,
+                  params: {
+                    ...state.layers.first.columns.col1.params,
+                    maxBars: GRANULARITY_DEFAULT_VALUE - GRANULARITY_STEP,
                   },
                 },
               },
             },
-          });
+          },
+        });
 
+        act(() => {
           // plus button
           instance
             .find('[data-test-subj="lns-indexPattern-range-maxBars-plus"]')
             .find('button')
             .prop('onClick')!({} as ReactMouseEvent);
           jest.advanceTimersByTime(TYPING_DEBOUNCE_TIME * 4);
+        });
 
-          expect(setStateSpy).toHaveBeenCalledWith({
-            ...state,
-            layers: {
-              first: {
-                ...state.layers.first,
-                columns: {
-                  ...state.layers.first.columns,
-                  col1: {
-                    ...state.layers.first.columns.col1,
-                    params: {
-                      ...state.layers.first.columns.col1.params,
-                      maxBars: GRANULARITY_DEFAULT_VALUE,
-                    },
+        expect(setStateSpy).toHaveBeenCalledWith({
+          ...state,
+          layers: {
+            first: {
+              ...state.layers.first,
+              columns: {
+                ...state.layers.first.columns,
+                col1: {
+                  ...state.layers.first.columns.col1,
+                  params: {
+                    ...state.layers.first.columns.col1.params,
+                    maxBars: GRANULARITY_DEFAULT_VALUE,
                   },
                 },
               },
             },
-          });
+          },
         });
+        // });
       });
     });
 
@@ -749,6 +760,22 @@ describe('ranges', () => {
         );
       });
 
+      it('should not update the state on mount', () => {
+        const setStateSpy = jest.fn();
+
+        mount(
+          <InlineOptions
+            {...defaultOptions}
+            state={state}
+            setState={setStateSpy}
+            columnId="col1"
+            currentColumn={state.layers.first.columns.col1 as RangeIndexPatternColumn}
+            layerId="first"
+          />
+        );
+        expect(setStateSpy.mock.calls.length).toBe(0);
+      });
+
       it('should not reset formatters when switching between custom ranges and auto histogram', () => {
         const setStateSpy = jest.fn();
         // now set a format on the range operation
diff --git a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/terms/values_range_input.test.tsx b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/terms/values_range_input.test.tsx
index 18b9b5b1e8b98..759bda43efe67 100644
--- a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/terms/values_range_input.test.tsx
+++ b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/terms/values_range_input.test.tsx
@@ -20,6 +20,13 @@ describe('ValuesRangeInput', () => {
     expect(instance.find(EuiRange).prop('value')).toEqual('5');
   });
 
+  it('should not run onChange function on mount', () => {
+    const onChangeSpy = jest.fn();
+    shallow(<ValuesRangeInput value={5} onChange={onChangeSpy} />);
+
+    expect(onChangeSpy.mock.calls.length).toBe(0);
+  });
+
   it('should run onChange function on update', () => {
     const onChangeSpy = jest.fn();
     const instance = shallow(<ValuesRangeInput value={5} onChange={onChangeSpy} />);
@@ -30,11 +37,10 @@ describe('ValuesRangeInput', () => {
       );
     });
     expect(instance.find(EuiRange).prop('value')).toEqual('7');
-    // useDebounce runs on initialization and on change
-    expect(onChangeSpy.mock.calls.length).toBe(2);
-    expect(onChangeSpy.mock.calls[0][0]).toBe(5);
-    expect(onChangeSpy.mock.calls[1][0]).toBe(7);
+    expect(onChangeSpy.mock.calls.length).toBe(1);
+    expect(onChangeSpy.mock.calls[0][0]).toBe(7);
   });
+
   it('should not run onChange function on update when value is out of 1-100 range', () => {
     const onChangeSpy = jest.fn();
     const instance = shallow(<ValuesRangeInput value={5} onChange={onChangeSpy} />);
@@ -46,9 +52,7 @@ describe('ValuesRangeInput', () => {
     });
     instance.update();
     expect(instance.find(EuiRange).prop('value')).toEqual('107');
-    // useDebounce only runs on initialization
-    expect(onChangeSpy.mock.calls.length).toBe(2);
-    expect(onChangeSpy.mock.calls[0][0]).toBe(5);
-    expect(onChangeSpy.mock.calls[1][0]).toBe(100);
+    expect(onChangeSpy.mock.calls.length).toBe(1);
+    expect(onChangeSpy.mock.calls[0][0]).toBe(100);
   });
 });
diff --git a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/terms/values_range_input.tsx b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/terms/values_range_input.tsx
index ef42f2d4a7175..7018ba3083f04 100644
--- a/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/terms/values_range_input.tsx
+++ b/x-pack/plugins/lens/public/indexpattern_datasource/operations/definitions/terms/values_range_input.tsx
@@ -5,9 +5,9 @@
  */
 
 import React, { useState } from 'react';
-import useDebounce from 'react-use/lib/useDebounce';
 import { i18n } from '@kbn/i18n';
 import { EuiRange } from '@elastic/eui';
+import { useDebounceWithOptions } from '../helpers';
 
 export const ValuesRangeInput = ({
   value,
@@ -20,7 +20,8 @@ export const ValuesRangeInput = ({
   const MAX_NUMBER_OF_VALUES = 100;
 
   const [inputValue, setInputValue] = useState(String(value));
-  useDebounce(
+
+  useDebounceWithOptions(
     () => {
       if (inputValue === '') {
         return;
@@ -28,6 +29,7 @@ export const ValuesRangeInput = ({
       const inputNumber = Number(inputValue);
       onChange(Math.min(MAX_NUMBER_OF_VALUES, Math.max(inputNumber, MIN_NUMBER_OF_VALUES)));
     },
+    { skipFirstRender: true },
     256,
     [inputValue]
   );
diff --git a/x-pack/plugins/maps/common/descriptor_types/source_descriptor_types.ts b/x-pack/plugins/maps/common/descriptor_types/source_descriptor_types.ts
index a6afbe4d55f9b..c11ee59768a91 100644
--- a/x-pack/plugins/maps/common/descriptor_types/source_descriptor_types.ts
+++ b/x-pack/plugins/maps/common/descriptor_types/source_descriptor_types.ts
@@ -40,12 +40,28 @@ export type AbstractESSourceDescriptor = AbstractSourceDescriptor & {
   applyGlobalTime: boolean;
 };
 
-export type AggDescriptor = {
-  field?: string; // count aggregation does not require field. All other aggregation types do
-  label?: string;
+type AbstractAggDescriptor = {
   type: AGG_TYPE;
+  label?: string;
+};
+
+export type CountAggDescriptor = AbstractAggDescriptor & {
+  type: AGG_TYPE.COUNT;
 };
 
+export type FieldedAggDescriptor = AbstractAggDescriptor & {
+  type:
+    | AGG_TYPE.UNIQUE_COUNT
+    | AGG_TYPE.MAX
+    | AGG_TYPE.MIN
+    | AGG_TYPE.SUM
+    | AGG_TYPE.AVG
+    | AGG_TYPE.TERMS;
+  field?: string;
+};
+
+export type AggDescriptor = CountAggDescriptor | FieldedAggDescriptor;
+
 export type AbstractESAggSourceDescriptor = AbstractESSourceDescriptor & {
   metrics: AggDescriptor[];
 };
diff --git a/x-pack/plugins/maps/common/migrations/join_agg_key.ts b/x-pack/plugins/maps/common/migrations/join_agg_key.ts
index 4dc70d3c0fa22..b961637218dd6 100644
--- a/x-pack/plugins/maps/common/migrations/join_agg_key.ts
+++ b/x-pack/plugins/maps/common/migrations/join_agg_key.ts
@@ -82,7 +82,7 @@ export function migrateJoinAggKey({
         _.get(joinDescriptor, 'right.metrics', []).forEach((aggDescriptor: AggDescriptor) => {
           const legacyAggKey = getLegacyAggKey({
             aggType: aggDescriptor.type,
-            aggFieldName: aggDescriptor.field,
+            aggFieldName: 'field' in aggDescriptor ? aggDescriptor.field : undefined,
             indexPatternTitle: _.get(joinDescriptor, 'right.indexPatternTitle', ''),
             termFieldName: _.get(joinDescriptor, 'right.term', ''),
           });
diff --git a/x-pack/plugins/maps/kibana.json b/x-pack/plugins/maps/kibana.json
index 8983d4ab1a4da..e47968b027cc3 100644
--- a/x-pack/plugins/maps/kibana.json
+++ b/x-pack/plugins/maps/kibana.json
@@ -19,7 +19,7 @@
     "savedObjects",
     "share"
   ],
-  "optionalPlugins": ["home"],
+  "optionalPlugins": ["home", "savedObjectsTagging"],
   "ui": true,
   "server": true,
   "extraPublicDirs": ["common/constants"],
diff --git a/x-pack/plugins/maps/public/classes/fields/agg/agg_field.test.ts b/x-pack/plugins/maps/public/classes/fields/agg/agg_field.test.ts
new file mode 100644
index 0000000000000..49a599326d54c
--- /dev/null
+++ b/x-pack/plugins/maps/public/classes/fields/agg/agg_field.test.ts
@@ -0,0 +1,60 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { AggField } from './agg_field';
+import { AGG_TYPE, FIELD_ORIGIN } from '../../../../common/constants';
+import { IESAggSource } from '../../sources/es_agg_source';
+import { IIndexPattern } from 'src/plugins/data/public';
+
+const mockIndexPattern = {
+  title: 'wildIndex',
+  fields: [
+    {
+      name: 'foo*',
+    },
+  ],
+} as IIndexPattern;
+
+const mockEsAggSource = {
+  getAggKey: (aggType: AGG_TYPE, fieldName: string) => {
+    return 'agg_key';
+  },
+  getAggLabel: (aggType: AGG_TYPE, fieldName: string) => {
+    return 'agg_label';
+  },
+  getIndexPattern: async () => {
+    return mockIndexPattern;
+  },
+} as IESAggSource;
+
+const defaultParams = {
+  label: 'my agg field',
+  source: mockEsAggSource,
+  origin: FIELD_ORIGIN.SOURCE,
+};
+
+describe('supportsFieldMeta', () => {
+  test('Non-counting aggregations should support field meta', () => {
+    const avgMetric = new AggField({ ...defaultParams, aggType: AGG_TYPE.AVG });
+    expect(avgMetric.supportsFieldMeta()).toBe(true);
+    const maxMetric = new AggField({ ...defaultParams, aggType: AGG_TYPE.MAX });
+    expect(maxMetric.supportsFieldMeta()).toBe(true);
+    const minMetric = new AggField({ ...defaultParams, aggType: AGG_TYPE.MIN });
+    expect(minMetric.supportsFieldMeta()).toBe(true);
+    const termsMetric = new AggField({ ...defaultParams, aggType: AGG_TYPE.TERMS });
+    expect(termsMetric.supportsFieldMeta()).toBe(true);
+  });
+
+  test('Counting aggregations should not support field meta', () => {
+    const sumMetric = new AggField({ ...defaultParams, aggType: AGG_TYPE.SUM });
+    expect(sumMetric.supportsFieldMeta()).toBe(false);
+    const uniqueCountMetric = new AggField({
+      ...defaultParams,
+      aggType: AGG_TYPE.UNIQUE_COUNT,
+    });
+    expect(uniqueCountMetric.supportsFieldMeta()).toBe(false);
+  });
+});
diff --git a/x-pack/plugins/maps/public/classes/fields/agg/agg_field.ts b/x-pack/plugins/maps/public/classes/fields/agg/agg_field.ts
new file mode 100644
index 0000000000000..31595327a64b8
--- /dev/null
+++ b/x-pack/plugins/maps/public/classes/fields/agg/agg_field.ts
@@ -0,0 +1,78 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { IndexPattern } from 'src/plugins/data/public';
+import { AGG_TYPE } from '../../../../common/constants';
+import { CountAggField } from './count_agg_field';
+import { isMetricCountable } from '../../util/is_metric_countable';
+import { CountAggFieldParams } from './agg_field_types';
+import { addFieldToDSL, getField } from '../../../../common/elasticsearch_util';
+import { IField } from '../field';
+
+const TERMS_AGG_SHARD_SIZE = 5;
+
+export interface AggFieldParams extends CountAggFieldParams {
+  esDocField?: IField;
+  aggType: AGG_TYPE;
+}
+
+export class AggField extends CountAggField {
+  private readonly _esDocField?: IField;
+  private readonly _aggType: AGG_TYPE;
+
+  constructor(params: AggFieldParams) {
+    super(params);
+    this._esDocField = params.esDocField;
+    this._aggType = params.aggType;
+  }
+
+  isValid(): boolean {
+    return !!this._esDocField;
+  }
+
+  supportsFieldMeta(): boolean {
+    // count and sum aggregations are not within field bounds so they do not support field meta.
+    return !isMetricCountable(this._getAggType());
+  }
+
+  canValueBeFormatted(): boolean {
+    return this._getAggType() !== AGG_TYPE.UNIQUE_COUNT;
+  }
+
+  _getAggType(): AGG_TYPE {
+    return this._aggType;
+  }
+
+  getValueAggDsl(indexPattern: IndexPattern): unknown {
+    const field = getField(indexPattern, this.getRootName());
+    const aggType = this._getAggType();
+    const aggBody = aggType === AGG_TYPE.TERMS ? { size: 1, shard_size: TERMS_AGG_SHARD_SIZE } : {};
+    return {
+      [aggType]: addFieldToDSL(aggBody, field),
+    };
+  }
+
+  getRootName(): string {
+    return this._esDocField ? this._esDocField.getName() : '';
+  }
+
+  async getDataType(): Promise<string> {
+    return this._getAggType() === AGG_TYPE.TERMS ? 'string' : 'number';
+  }
+
+  getBucketCount(): number {
+    // terms aggregation increases the overall number of buckets per split bucket
+    return this._getAggType() === AGG_TYPE.TERMS ? TERMS_AGG_SHARD_SIZE : 0;
+  }
+
+  async getOrdinalFieldMetaRequest(): Promise<unknown> {
+    return this._esDocField ? await this._esDocField.getOrdinalFieldMetaRequest() : null;
+  }
+
+  async getCategoricalFieldMetaRequest(size: number): Promise<unknown> {
+    return this._esDocField ? await this._esDocField.getCategoricalFieldMetaRequest(size) : null;
+  }
+}
diff --git a/x-pack/plugins/maps/public/classes/fields/agg/agg_field_types.ts b/x-pack/plugins/maps/public/classes/fields/agg/agg_field_types.ts
new file mode 100644
index 0000000000000..74f03a3f31909
--- /dev/null
+++ b/x-pack/plugins/maps/public/classes/fields/agg/agg_field_types.ts
@@ -0,0 +1,22 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { IField } from '../field';
+import { IndexPattern } from '../../../../../../../src/plugins/data/common/index_patterns/index_patterns';
+import { IESAggSource } from '../../sources/es_agg_source';
+import { FIELD_ORIGIN } from '../../../../common/constants';
+
+export interface IESAggField extends IField {
+  getValueAggDsl(indexPattern: IndexPattern): unknown | null;
+  getBucketCount(): number;
+}
+
+export interface CountAggFieldParams {
+  label?: string;
+  source: IESAggSource;
+  origin: FIELD_ORIGIN;
+  canReadFromGeoJson?: boolean;
+}
diff --git a/x-pack/plugins/maps/public/classes/fields/agg/count_agg_field.test.ts b/x-pack/plugins/maps/public/classes/fields/agg/count_agg_field.test.ts
new file mode 100644
index 0000000000000..a313b59643c34
--- /dev/null
+++ b/x-pack/plugins/maps/public/classes/fields/agg/count_agg_field.test.ts
@@ -0,0 +1,45 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { CountAggField } from './count_agg_field';
+import { AGG_TYPE, FIELD_ORIGIN } from '../../../../common/constants';
+import { IESAggSource } from '../../sources/es_agg_source';
+import { IIndexPattern } from 'src/plugins/data/public';
+
+const mockIndexPattern = {
+  title: 'wildIndex',
+  fields: [
+    {
+      name: 'foo*',
+    },
+  ],
+} as IIndexPattern;
+
+const mockEsAggSource = {
+  getAggKey: (aggType: AGG_TYPE, fieldName: string) => {
+    return 'agg_key';
+  },
+  getAggLabel: (aggType: AGG_TYPE, fieldName: string) => {
+    return 'agg_label';
+  },
+  getIndexPattern: async () => {
+    return mockIndexPattern;
+  },
+} as IESAggSource;
+
+const defaultParams = {
+  label: 'my agg field',
+  source: mockEsAggSource,
+  aggType: AGG_TYPE.COUNT,
+  origin: FIELD_ORIGIN.SOURCE,
+};
+
+describe('supportsFieldMeta', () => {
+  test('Counting aggregations should not support field meta', () => {
+    const countMetric = new CountAggField({ ...defaultParams });
+    expect(countMetric.supportsFieldMeta()).toBe(false);
+  });
+});
diff --git a/x-pack/plugins/maps/public/classes/fields/agg/count_agg_field.ts b/x-pack/plugins/maps/public/classes/fields/agg/count_agg_field.ts
new file mode 100644
index 0000000000000..a4562c91e92a6
--- /dev/null
+++ b/x-pack/plugins/maps/public/classes/fields/agg/count_agg_field.ts
@@ -0,0 +1,100 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { IndexPattern } from 'src/plugins/data/public';
+import { IESAggSource } from '../../sources/es_agg_source';
+import { IVectorSource } from '../../sources/vector_source';
+import { AGG_TYPE, FIELD_ORIGIN } from '../../../../common/constants';
+import { ITooltipProperty, TooltipProperty } from '../../tooltips/tooltip_property';
+import { ESAggTooltipProperty } from '../../tooltips/es_agg_tooltip_property';
+import { IESAggField, CountAggFieldParams } from './agg_field_types';
+
+// Agg without field. Essentially a count-aggregation.
+export class CountAggField implements IESAggField {
+  private readonly _source: IESAggSource;
+  private readonly _origin: FIELD_ORIGIN;
+  private readonly _label?: string;
+  private readonly _canReadFromGeoJson: boolean;
+
+  constructor({ label, source, origin, canReadFromGeoJson = true }: CountAggFieldParams) {
+    this._source = source;
+    this._origin = origin;
+    this._label = label;
+    this._canReadFromGeoJson = canReadFromGeoJson;
+  }
+
+  _getAggType(): AGG_TYPE {
+    return AGG_TYPE.COUNT;
+  }
+
+  getSource(): IVectorSource {
+    return this._source;
+  }
+
+  getOrigin(): FIELD_ORIGIN {
+    return this._origin;
+  }
+
+  getName(): string {
+    return this._source.getAggKey(this._getAggType(), this.getRootName());
+  }
+
+  getRootName(): string {
+    return '';
+  }
+
+  async getLabel(): Promise<string> {
+    return this._label
+      ? this._label
+      : this._source.getAggLabel(this._getAggType(), this.getRootName());
+  }
+
+  isValid(): boolean {
+    return true;
+  }
+
+  async getDataType(): Promise<string> {
+    return 'number';
+  }
+
+  async createTooltipProperty(value: string | string[] | undefined): Promise<ITooltipProperty> {
+    const indexPattern = await this._source.getIndexPattern();
+    const tooltipProperty = new TooltipProperty(this.getName(), await this.getLabel(), value);
+    return new ESAggTooltipProperty(tooltipProperty, indexPattern, this, this._getAggType());
+  }
+
+  getValueAggDsl(indexPattern: IndexPattern): unknown | null {
+    return null;
+  }
+
+  supportsFieldMeta(): boolean {
+    return false;
+  }
+
+  getBucketCount() {
+    return 0;
+  }
+
+  canValueBeFormatted(): boolean {
+    return false;
+  }
+
+  async getOrdinalFieldMetaRequest(): Promise<unknown> {
+    return null;
+  }
+
+  async getCategoricalFieldMetaRequest(size: number): Promise<unknown> {
+    return null;
+  }
+
+  supportsAutoDomain(): boolean {
+    return this._canReadFromGeoJson ? true : this.supportsFieldMeta();
+  }
+
+  canReadFromGeoJson(): boolean {
+    return this._canReadFromGeoJson;
+  }
+}
diff --git a/x-pack/plugins/maps/public/classes/fields/agg/es_agg_factory.test.ts b/x-pack/plugins/maps/public/classes/fields/agg/es_agg_factory.test.ts
new file mode 100644
index 0000000000000..cb0bb51e374fb
--- /dev/null
+++ b/x-pack/plugins/maps/public/classes/fields/agg/es_agg_factory.test.ts
@@ -0,0 +1,51 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { esAggFieldsFactory } from './es_agg_factory';
+import { AGG_TYPE, FIELD_ORIGIN } from '../../../../common/constants';
+import { IESAggSource } from '../../sources/es_agg_source';
+import { IIndexPattern } from '../../../../../../../src/plugins/data/common/index_patterns';
+
+const mockIndexPattern = {
+  title: 'wildIndex',
+  fields: [
+    {
+      name: 'foo*',
+    },
+  ],
+} as IIndexPattern;
+
+const mockEsAggSource = {
+  getAggKey: (aggType: AGG_TYPE, fieldName: string) => {
+    return 'agg_key';
+  },
+  getAggLabel: (aggType: AGG_TYPE, fieldName: string) => {
+    return 'agg_label';
+  },
+  getIndexPattern: async () => {
+    return mockIndexPattern;
+  },
+} as IESAggSource;
+
+describe('esAggFieldsFactory', () => {
+  test('Should only create top terms field when term field is not provided', () => {
+    const fields = esAggFieldsFactory(
+      { type: AGG_TYPE.TERMS },
+      mockEsAggSource,
+      FIELD_ORIGIN.SOURCE
+    );
+    expect(fields.length).toBe(1);
+  });
+
+  test('Should create top terms and top terms percentage fields', () => {
+    const fields = esAggFieldsFactory(
+      { type: AGG_TYPE.TERMS, field: 'myField' },
+      mockEsAggSource,
+      FIELD_ORIGIN.SOURCE
+    );
+    expect(fields.length).toBe(2);
+  });
+});
diff --git a/x-pack/plugins/maps/public/classes/fields/agg/es_agg_factory.ts b/x-pack/plugins/maps/public/classes/fields/agg/es_agg_factory.ts
new file mode 100644
index 0000000000000..a734432d03ca2
--- /dev/null
+++ b/x-pack/plugins/maps/public/classes/fields/agg/es_agg_factory.ts
@@ -0,0 +1,51 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { AggDescriptor } from '../../../../common/descriptor_types';
+import { IESAggSource } from '../../sources/es_agg_source';
+import { AGG_TYPE, FIELD_ORIGIN } from '../../../../common/constants';
+import { ESDocField } from '../es_doc_field';
+import { TopTermPercentageField } from './top_term_percentage_field';
+import { CountAggField } from './count_agg_field';
+import { IESAggField } from './agg_field_types';
+import { AggField } from './agg_field';
+
+export function esAggFieldsFactory(
+  aggDescriptor: AggDescriptor,
+  source: IESAggSource,
+  origin: FIELD_ORIGIN,
+  canReadFromGeoJson: boolean = true
+): IESAggField[] {
+  let aggField;
+  if (aggDescriptor.type === AGG_TYPE.COUNT) {
+    aggField = new CountAggField({
+      label: aggDescriptor.label,
+      source,
+      origin,
+      canReadFromGeoJson,
+    });
+  } else {
+    aggField = new AggField({
+      label: aggDescriptor.label,
+      esDocField:
+        'field' in aggDescriptor && aggDescriptor.field
+          ? new ESDocField({ fieldName: aggDescriptor.field, source, origin })
+          : undefined,
+      aggType: aggDescriptor.type,
+      source,
+      origin,
+      canReadFromGeoJson,
+    });
+  }
+
+  const aggFields: IESAggField[] = [aggField];
+
+  if ('field' in aggDescriptor && aggDescriptor.type === AGG_TYPE.TERMS) {
+    aggFields.push(new TopTermPercentageField(aggField, canReadFromGeoJson));
+  }
+
+  return aggFields;
+}
diff --git a/x-pack/plugins/maps/public/classes/fields/agg/index.ts b/x-pack/plugins/maps/public/classes/fields/agg/index.ts
new file mode 100644
index 0000000000000..e6aeb7ba9e7b1
--- /dev/null
+++ b/x-pack/plugins/maps/public/classes/fields/agg/index.ts
@@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export { esAggFieldsFactory } from './es_agg_factory';
+export { IESAggField } from './agg_field_types';
diff --git a/x-pack/plugins/maps/public/classes/fields/top_term_percentage_field.ts b/x-pack/plugins/maps/public/classes/fields/agg/top_term_percentage_field.ts
similarity index 86%
rename from x-pack/plugins/maps/public/classes/fields/top_term_percentage_field.ts
rename to x-pack/plugins/maps/public/classes/fields/agg/top_term_percentage_field.ts
index 50db04d08b2aa..e3d62afaca921 100644
--- a/x-pack/plugins/maps/public/classes/fields/top_term_percentage_field.ts
+++ b/x-pack/plugins/maps/public/classes/fields/agg/top_term_percentage_field.ts
@@ -4,11 +4,10 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 
-import { IESAggField } from './es_agg_field';
-import { IVectorSource } from '../sources/vector_source';
-import { ITooltipProperty, TooltipProperty } from '../tooltips/tooltip_property';
-import { TOP_TERM_PERCENTAGE_SUFFIX } from '../../../common/constants';
-import { FIELD_ORIGIN } from '../../../common/constants';
+import { IESAggField } from './agg_field_types';
+import { IVectorSource } from '../../sources/vector_source';
+import { ITooltipProperty, TooltipProperty } from '../../tooltips/tooltip_property';
+import { TOP_TERM_PERCENTAGE_SUFFIX, FIELD_ORIGIN } from '../../../../common/constants';
 
 export class TopTermPercentageField implements IESAggField {
   private readonly _topTermAggField: IESAggField;
diff --git a/x-pack/plugins/maps/public/classes/fields/es_agg_field.test.ts b/x-pack/plugins/maps/public/classes/fields/es_agg_field.test.ts
deleted file mode 100644
index 7a65b5f9f6b46..0000000000000
--- a/x-pack/plugins/maps/public/classes/fields/es_agg_field.test.ts
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License;
- * you may not use this file except in compliance with the Elastic License.
- */
-
-import { ESAggField, esAggFieldsFactory } from './es_agg_field';
-import { AGG_TYPE, FIELD_ORIGIN } from '../../../common/constants';
-import { IESAggSource } from '../sources/es_agg_source';
-import { IIndexPattern } from 'src/plugins/data/public';
-
-const mockIndexPattern = {
-  title: 'wildIndex',
-  fields: [
-    {
-      name: 'foo*',
-    },
-  ],
-} as IIndexPattern;
-
-const mockEsAggSource = {
-  getAggKey: (aggType: AGG_TYPE, fieldName: string) => {
-    return 'agg_key';
-  },
-  getAggLabel: (aggType: AGG_TYPE, fieldName: string) => {
-    return 'agg_label';
-  },
-  getIndexPattern: async () => {
-    return mockIndexPattern;
-  },
-} as IESAggSource;
-
-const defaultParams = {
-  label: 'my agg field',
-  source: mockEsAggSource,
-  aggType: AGG_TYPE.COUNT,
-  origin: FIELD_ORIGIN.SOURCE,
-};
-
-describe('supportsFieldMeta', () => {
-  test('Non-counting aggregations should support field meta', () => {
-    const avgMetric = new ESAggField({ ...defaultParams, aggType: AGG_TYPE.AVG });
-    expect(avgMetric.supportsFieldMeta()).toBe(true);
-    const maxMetric = new ESAggField({ ...defaultParams, aggType: AGG_TYPE.MAX });
-    expect(maxMetric.supportsFieldMeta()).toBe(true);
-    const minMetric = new ESAggField({ ...defaultParams, aggType: AGG_TYPE.MIN });
-    expect(minMetric.supportsFieldMeta()).toBe(true);
-    const termsMetric = new ESAggField({ ...defaultParams, aggType: AGG_TYPE.TERMS });
-    expect(termsMetric.supportsFieldMeta()).toBe(true);
-  });
-
-  test('Counting aggregations should not support field meta', () => {
-    const countMetric = new ESAggField({ ...defaultParams, aggType: AGG_TYPE.COUNT });
-    expect(countMetric.supportsFieldMeta()).toBe(false);
-    const sumMetric = new ESAggField({ ...defaultParams, aggType: AGG_TYPE.SUM });
-    expect(sumMetric.supportsFieldMeta()).toBe(false);
-    const uniqueCountMetric = new ESAggField({ ...defaultParams, aggType: AGG_TYPE.UNIQUE_COUNT });
-    expect(uniqueCountMetric.supportsFieldMeta()).toBe(false);
-  });
-});
-
-describe('esAggFieldsFactory', () => {
-  test('Should only create top terms field when term field is not provided', () => {
-    const fields = esAggFieldsFactory(
-      { type: AGG_TYPE.TERMS },
-      mockEsAggSource,
-      FIELD_ORIGIN.SOURCE
-    );
-    expect(fields.length).toBe(1);
-  });
-
-  test('Should create top terms and top terms percentage fields', () => {
-    const fields = esAggFieldsFactory(
-      { type: AGG_TYPE.TERMS, field: 'myField' },
-      mockEsAggSource,
-      FIELD_ORIGIN.SOURCE
-    );
-    expect(fields.length).toBe(2);
-  });
-});
diff --git a/x-pack/plugins/maps/public/classes/fields/es_agg_field.ts b/x-pack/plugins/maps/public/classes/fields/es_agg_field.ts
deleted file mode 100644
index 8cff98205186f..0000000000000
--- a/x-pack/plugins/maps/public/classes/fields/es_agg_field.ts
+++ /dev/null
@@ -1,171 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License;
- * you may not use this file except in compliance with the Elastic License.
- */
-
-import { IndexPattern } from 'src/plugins/data/public';
-import { IField } from './field';
-import { AggDescriptor } from '../../../common/descriptor_types';
-import { IESAggSource } from '../sources/es_agg_source';
-import { IVectorSource } from '../sources/vector_source';
-import { ESDocField } from './es_doc_field';
-import { AGG_TYPE, FIELD_ORIGIN } from '../../../common/constants';
-import { isMetricCountable } from '../util/is_metric_countable';
-import { getField, addFieldToDSL } from '../../../common/elasticsearch_util';
-import { TopTermPercentageField } from './top_term_percentage_field';
-import { ITooltipProperty, TooltipProperty } from '../tooltips/tooltip_property';
-import { ESAggTooltipProperty } from '../tooltips/es_agg_tooltip_property';
-
-const TERMS_AGG_SHARD_SIZE = 5;
-
-export interface IESAggField extends IField {
-  getValueAggDsl(indexPattern: IndexPattern): unknown | null;
-  getBucketCount(): number;
-}
-
-export class ESAggField implements IESAggField {
-  private readonly _source: IESAggSource;
-  private readonly _origin: FIELD_ORIGIN;
-  private readonly _label?: string;
-  private readonly _aggType: AGG_TYPE;
-  private readonly _esDocField?: IField | undefined;
-  private readonly _canReadFromGeoJson: boolean;
-
-  constructor({
-    label,
-    source,
-    aggType,
-    esDocField,
-    origin,
-    canReadFromGeoJson = true,
-  }: {
-    label?: string;
-    source: IESAggSource;
-    aggType: AGG_TYPE;
-    esDocField?: IField;
-    origin: FIELD_ORIGIN;
-    canReadFromGeoJson?: boolean;
-  }) {
-    this._source = source;
-    this._origin = origin;
-    this._label = label;
-    this._aggType = aggType;
-    this._esDocField = esDocField;
-    this._canReadFromGeoJson = canReadFromGeoJson;
-  }
-
-  getSource(): IVectorSource {
-    return this._source;
-  }
-
-  getOrigin(): FIELD_ORIGIN {
-    return this._origin;
-  }
-
-  getName(): string {
-    return this._source.getAggKey(this.getAggType(), this.getRootName());
-  }
-
-  getRootName(): string {
-    return this._getESDocFieldName();
-  }
-
-  async getLabel(): Promise<string> {
-    return this._label
-      ? this._label
-      : this._source.getAggLabel(this.getAggType(), this.getRootName());
-  }
-
-  getAggType(): AGG_TYPE {
-    return this._aggType;
-  }
-
-  isValid(): boolean {
-    return this.getAggType() === AGG_TYPE.COUNT ? true : !!this._esDocField;
-  }
-
-  async getDataType(): Promise<string> {
-    return this.getAggType() === AGG_TYPE.TERMS ? 'string' : 'number';
-  }
-
-  _getESDocFieldName(): string {
-    return this._esDocField ? this._esDocField.getName() : '';
-  }
-
-  async createTooltipProperty(value: string | string[] | undefined): Promise<ITooltipProperty> {
-    const indexPattern = await this._source.getIndexPattern();
-    const tooltipProperty = new TooltipProperty(this.getName(), await this.getLabel(), value);
-    return new ESAggTooltipProperty(tooltipProperty, indexPattern, this, this.getAggType());
-  }
-
-  getValueAggDsl(indexPattern: IndexPattern): unknown | null {
-    if (this.getAggType() === AGG_TYPE.COUNT) {
-      return null;
-    }
-
-    const field = getField(indexPattern, this.getRootName());
-    const aggType = this.getAggType();
-    const aggBody = aggType === AGG_TYPE.TERMS ? { size: 1, shard_size: TERMS_AGG_SHARD_SIZE } : {};
-    return {
-      [aggType]: addFieldToDSL(aggBody, field),
-    };
-  }
-
-  getBucketCount(): number {
-    // terms aggregation increases the overall number of buckets per split bucket
-    return this.getAggType() === AGG_TYPE.TERMS ? TERMS_AGG_SHARD_SIZE : 0;
-  }
-
-  supportsFieldMeta(): boolean {
-    // count and sum aggregations are not within field bounds so they do not support field meta.
-    return !isMetricCountable(this.getAggType());
-  }
-
-  canValueBeFormatted(): boolean {
-    // Do not use field formatters for counting metrics
-    return ![AGG_TYPE.COUNT, AGG_TYPE.UNIQUE_COUNT].includes(this.getAggType());
-  }
-
-  async getOrdinalFieldMetaRequest(): Promise<unknown> {
-    return this._esDocField ? this._esDocField.getOrdinalFieldMetaRequest() : null;
-  }
-
-  async getCategoricalFieldMetaRequest(size: number): Promise<unknown> {
-    return this._esDocField ? this._esDocField.getCategoricalFieldMetaRequest(size) : null;
-  }
-
-  supportsAutoDomain(): boolean {
-    return this._canReadFromGeoJson ? true : this.supportsFieldMeta();
-  }
-
-  canReadFromGeoJson(): boolean {
-    return this._canReadFromGeoJson;
-  }
-}
-
-export function esAggFieldsFactory(
-  aggDescriptor: AggDescriptor,
-  source: IESAggSource,
-  origin: FIELD_ORIGIN,
-  canReadFromGeoJson: boolean = true
-): IESAggField[] {
-  const aggField = new ESAggField({
-    label: aggDescriptor.label,
-    esDocField: aggDescriptor.field
-      ? new ESDocField({ fieldName: aggDescriptor.field, source, origin })
-      : undefined,
-    aggType: aggDescriptor.type,
-    source,
-    origin,
-    canReadFromGeoJson,
-  });
-
-  const aggFields: IESAggField[] = [aggField];
-
-  if (aggDescriptor.field && aggDescriptor.type === AGG_TYPE.TERMS) {
-    aggFields.push(new TopTermPercentageField(aggField, canReadFromGeoJson));
-  }
-
-  return aggFields;
-}
diff --git a/x-pack/plugins/maps/public/classes/layers/choropleth_layer_wizard/create_choropleth_layer_descriptor.ts b/x-pack/plugins/maps/public/classes/layers/choropleth_layer_wizard/create_choropleth_layer_descriptor.ts
index 43d1d39c170c0..cdfe60946f5f9 100644
--- a/x-pack/plugins/maps/public/classes/layers/choropleth_layer_wizard/create_choropleth_layer_descriptor.ts
+++ b/x-pack/plugins/maps/public/classes/layers/choropleth_layer_wizard/create_choropleth_layer_descriptor.ts
@@ -16,8 +16,8 @@ import {
 } from '../../../../common/constants';
 import { getJoinAggKey } from '../../../../common/get_agg_key';
 import {
-  AggDescriptor,
   ColorDynamicOptions,
+  CountAggDescriptor,
   EMSFileSourceDescriptor,
   ESSearchSourceDescriptor,
 } from '../../../../common/descriptor_types';
@@ -43,11 +43,11 @@ function createChoroplethLayerDescriptor({
   rightIndexPatternTitle: string;
   rightTermField: string;
 }) {
-  const metricsDescriptor: AggDescriptor = { type: AGG_TYPE.COUNT };
+  const metricsDescriptor: CountAggDescriptor = { type: AGG_TYPE.COUNT };
   const joinId = uuid();
   const joinKey = getJoinAggKey({
     aggType: metricsDescriptor.type,
-    aggFieldName: metricsDescriptor.field ? metricsDescriptor.field : '',
+    aggFieldName: '',
     rightSourceId: joinId,
   });
   return VectorLayer.createDescriptor({
diff --git a/x-pack/plugins/maps/public/classes/layers/create_region_map_layer_descriptor.ts b/x-pack/plugins/maps/public/classes/layers/create_region_map_layer_descriptor.ts
index 8830831b8b656..6f9bb686459b5 100644
--- a/x-pack/plugins/maps/public/classes/layers/create_region_map_layer_descriptor.ts
+++ b/x-pack/plugins/maps/public/classes/layers/create_region_map_layer_descriptor.ts
@@ -69,7 +69,7 @@ export function createRegionMapLayerDescriptor({
   const joinId = uuid();
   const joinKey = getJoinAggKey({
     aggType: metricsDescriptor.type,
-    aggFieldName: metricsDescriptor.field ? metricsDescriptor.field : '',
+    aggFieldName: 'field' in metricsDescriptor ? metricsDescriptor.field : '',
     rightSourceId: joinId,
   });
   const colorPallette = NUMERICAL_COLOR_PALETTES.find((pallette) => {
diff --git a/x-pack/plugins/maps/public/classes/layers/create_tile_map_layer_descriptor.ts b/x-pack/plugins/maps/public/classes/layers/create_tile_map_layer_descriptor.ts
index 05a8620e436d5..5b89373f2db48 100644
--- a/x-pack/plugins/maps/public/classes/layers/create_tile_map_layer_descriptor.ts
+++ b/x-pack/plugins/maps/public/classes/layers/create_tile_map_layer_descriptor.ts
@@ -103,7 +103,7 @@ export function createTileMapLayerDescriptor({
 
   const metricSourceKey = getSourceAggKey({
     aggType: metricsDescriptor.type,
-    aggFieldName: metricsDescriptor.field,
+    aggFieldName: 'field' in metricsDescriptor ? metricsDescriptor.field : '',
   });
   const metricStyleField = {
     name: metricSourceKey,
diff --git a/x-pack/plugins/maps/public/classes/layers/layer.tsx b/x-pack/plugins/maps/public/classes/layers/layer.tsx
index 7c76df7f6e877..b982e6452e8cb 100644
--- a/x-pack/plugins/maps/public/classes/layers/layer.tsx
+++ b/x-pack/plugins/maps/public/classes/layers/layer.tsx
@@ -173,12 +173,12 @@ export class AbstractLayer implements ILayer {
           metrics.forEach((metricsDescriptor: AggDescriptor) => {
             const originalJoinKey = getJoinAggKey({
               aggType: metricsDescriptor.type,
-              aggFieldName: metricsDescriptor.field ? metricsDescriptor.field : '',
+              aggFieldName: 'field' in metricsDescriptor ? metricsDescriptor.field : '',
               rightSourceId: originalJoinId,
             });
             const newJoinKey = getJoinAggKey({
               aggType: metricsDescriptor.type,
-              aggFieldName: metricsDescriptor.field ? metricsDescriptor.field : '',
+              aggFieldName: 'field' in metricsDescriptor ? metricsDescriptor.field : '',
               rightSourceId: joinDescriptor.right.id!,
             });
 
diff --git a/x-pack/plugins/maps/public/classes/layers/solution_layers/observability/create_layer_descriptor.ts b/x-pack/plugins/maps/public/classes/layers/solution_layers/observability/create_layer_descriptor.ts
index 5dbf07ed2a535..dea551866f4a9 100644
--- a/x-pack/plugins/maps/public/classes/layers/solution_layers/observability/create_layer_descriptor.ts
+++ b/x-pack/plugins/maps/public/classes/layers/solution_layers/observability/create_layer_descriptor.ts
@@ -161,7 +161,7 @@ export function createLayerDescriptor({
     const joinId = uuid();
     const joinKey = getJoinAggKey({
       aggType: metricsDescriptor.type,
-      aggFieldName: metricsDescriptor.field ? metricsDescriptor.field : '',
+      aggFieldName: 'field' in metricsDescriptor ? metricsDescriptor.field : '',
       rightSourceId: joinId,
     });
     return VectorLayer.createDescriptor({
@@ -219,7 +219,7 @@ export function createLayerDescriptor({
 
   const metricSourceKey = getSourceAggKey({
     aggType: metricsDescriptor.type,
-    aggFieldName: metricsDescriptor.field,
+    aggFieldName: 'field' in metricsDescriptor ? metricsDescriptor.field : undefined,
   });
   const metricStyleField = {
     name: metricSourceKey,
diff --git a/x-pack/plugins/maps/public/classes/sources/es_agg_source/es_agg_source.test.ts b/x-pack/plugins/maps/public/classes/sources/es_agg_source/es_agg_source.test.ts
index d31e8366e4ef4..a731fcee3f6f5 100644
--- a/x-pack/plugins/maps/public/classes/sources/es_agg_source/es_agg_source.test.ts
+++ b/x-pack/plugins/maps/public/classes/sources/es_agg_source/es_agg_source.test.ts
@@ -6,7 +6,7 @@
 
 import { AbstractESAggSource } from '../es_agg_source';
 import { IField } from '../../fields/field';
-import { IESAggField } from '../../fields/es_agg_field';
+import { IESAggField } from '../../fields/agg';
 import _ from 'lodash';
 import { AGG_TYPE } from '../../../../common/constants';
 import { AggDescriptor } from '../../../../common/descriptor_types';
diff --git a/x-pack/plugins/maps/public/classes/sources/es_agg_source/es_agg_source.ts b/x-pack/plugins/maps/public/classes/sources/es_agg_source/es_agg_source.ts
index dc95632032fa9..b88ae9a4727a8 100644
--- a/x-pack/plugins/maps/public/classes/sources/es_agg_source/es_agg_source.ts
+++ b/x-pack/plugins/maps/public/classes/sources/es_agg_source/es_agg_source.ts
@@ -9,9 +9,8 @@ import { Adapters } from 'src/plugins/inspector/public';
 import { GeoJsonProperties } from 'geojson';
 import { IESSource } from '../es_source';
 import { AbstractESSource } from '../es_source';
-import { esAggFieldsFactory } from '../../fields/es_agg_field';
+import { esAggFieldsFactory, IESAggField } from '../../fields/agg';
 import { AGG_TYPE, COUNT_PROP_LABEL, FIELD_ORIGIN } from '../../../../common/constants';
-import { IESAggField } from '../../fields/es_agg_field';
 import { getSourceAggKey } from '../../../../common/get_agg_key';
 import { AbstractESAggSourceDescriptor, AggDescriptor } from '../../../../common/descriptor_types';
 import { IndexPattern } from '../../../../../../../src/plugins/data/public';
diff --git a/x-pack/plugins/maps/public/components/metrics_editor/metric_editor.tsx b/x-pack/plugins/maps/public/components/metrics_editor/metric_editor.tsx
index 543d144efdcc7..61d8a143549e1 100644
--- a/x-pack/plugins/maps/public/components/metrics_editor/metric_editor.tsx
+++ b/x-pack/plugins/maps/public/components/metrics_editor/metric_editor.tsx
@@ -57,30 +57,31 @@ export function MetricEditor({
     if (!metricAggregationType) {
       return;
     }
-    const newMetricProps = {
-      ...metric,
+
+    const descriptor = {
       type: metricAggregationType,
+      label: metric.label,
     };
 
-    // unset field when new agg type does not support currently selected field.
-    if (metric.field && metricAggregationType !== AGG_TYPE.COUNT) {
-      const fieldsForNewAggType = filterFieldsForAgg(fields, metricAggregationType);
-      const found = fieldsForNewAggType.find((field) => {
-        return field.name === metric.field;
-      });
-      if (!found) {
-        newMetricProps.field = undefined;
-      }
+    if (metricAggregationType === AGG_TYPE.COUNT || !('field' in metric) || !metric.field) {
+      onChange(descriptor);
+      return;
     }
 
-    onChange(newMetricProps);
+    const fieldsForNewAggType = filterFieldsForAgg(fields, metricAggregationType);
+    const found = fieldsForNewAggType.find((field) => field.name === metric.field);
+    onChange({
+      ...descriptor,
+      field: found ? metric.field : undefined,
+    });
   };
   const onFieldChange = (fieldName?: string) => {
-    if (!fieldName) {
+    if (!fieldName || metric.type === AGG_TYPE.COUNT) {
       return;
     }
     onChange({
-      ...metric,
+      label: metric.label,
+      type: metric.type,
       field: fieldName,
     });
   };
diff --git a/x-pack/plugins/maps/public/kibana_services.ts b/x-pack/plugins/maps/public/kibana_services.ts
index 4dcc9193420c0..02b875257a5ac 100644
--- a/x-pack/plugins/maps/public/kibana_services.ts
+++ b/x-pack/plugins/maps/public/kibana_services.ts
@@ -48,6 +48,7 @@ export const getCoreI18n = () => coreStart.i18n;
 export const getSearchService = () => pluginsStart.data.search;
 export const getEmbeddableService = () => pluginsStart.embeddable;
 export const getNavigateToApp = () => coreStart.application.navigateToApp;
+export const getSavedObjectsTagging = () => pluginsStart.savedObjectsTagging;
 
 // xpack.maps.* kibana.yml settings from this plugin
 let mapAppConfig: MapsConfigType;
diff --git a/x-pack/plugins/maps/public/map_attribute_service.ts b/x-pack/plugins/maps/public/map_attribute_service.ts
index 0e3ef1b9ea518..9b2f3105f6870 100644
--- a/x-pack/plugins/maps/public/map_attribute_service.ts
+++ b/x-pack/plugins/maps/public/map_attribute_service.ts
@@ -4,6 +4,7 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 
+import { SavedObjectReference } from 'src/core/types';
 import { AttributeService } from '../../../../src/plugins/embeddable/public';
 import { MapSavedObjectAttributes } from '../common/map_saved_object_type';
 import { MAP_SAVED_OBJECT_TYPE } from '../common/constants';
@@ -14,11 +15,9 @@ import { getCoreOverlays, getEmbeddableService, getSavedObjectsClient } from './
 import { extractReferences, injectReferences } from '../common/migrations/references';
 import { MapByValueInput, MapByReferenceInput } from './embeddable/types';
 
-export type MapAttributeService = AttributeService<
-  MapSavedObjectAttributes,
-  MapByValueInput,
-  MapByReferenceInput
->;
+type MapDoc = MapSavedObjectAttributes & { references?: SavedObjectReference[] };
+
+export type MapAttributeService = AttributeService<MapDoc, MapByValueInput, MapByReferenceInput>;
 
 let mapAttributeService: MapAttributeService | null = null;
 
@@ -28,30 +27,37 @@ export function getMapAttributeService(): MapAttributeService {
   }
 
   mapAttributeService = getEmbeddableService().getAttributeService<
-    MapSavedObjectAttributes,
+    MapDoc,
     MapByValueInput,
     MapByReferenceInput
   >(MAP_SAVED_OBJECT_TYPE, {
-    saveMethod: async (attributes: MapSavedObjectAttributes, savedObjectId?: string) => {
-      const { attributes: attributesWithExtractedReferences, references } = extractReferences({
-        attributes,
+    saveMethod: async (attributes: MapDoc, savedObjectId?: string) => {
+      // AttributeService "attributes" contains "references" as a child.
+      // SavedObjectClient "attributes" uses "references" as a sibling.
+      // https://github.com/elastic/kibana/issues/83133
+      const savedObjectClientReferences = attributes.references;
+      const savedObjectClientAttributes = { ...attributes };
+      delete savedObjectClientAttributes.references;
+      const { attributes: updatedAttributes, references } = extractReferences({
+        attributes: savedObjectClientAttributes,
+        references: savedObjectClientReferences,
       });
 
       const savedObject = await (savedObjectId
         ? getSavedObjectsClient().update<MapSavedObjectAttributes>(
             MAP_SAVED_OBJECT_TYPE,
             savedObjectId,
-            attributesWithExtractedReferences,
+            updatedAttributes,
             { references }
           )
         : getSavedObjectsClient().create<MapSavedObjectAttributes>(
             MAP_SAVED_OBJECT_TYPE,
-            attributesWithExtractedReferences,
+            updatedAttributes,
             { references }
           ));
       return { id: savedObject.id };
     },
-    unwrapMethod: async (savedObjectId: string): Promise<MapSavedObjectAttributes> => {
+    unwrapMethod: async (savedObjectId: string): Promise<MapDoc> => {
       const savedObject = await getSavedObjectsClient().get<MapSavedObjectAttributes>(
         MAP_SAVED_OBJECT_TYPE,
         savedObjectId
@@ -62,7 +68,7 @@ export function getMapAttributeService(): MapAttributeService {
       }
 
       const { attributes } = injectReferences(savedObject);
-      return attributes;
+      return { ...attributes, references: savedObject.references };
     },
     checkForDuplicateTitle: (props: OnSaveProps) => {
       return checkForDuplicateTitle(
diff --git a/x-pack/plugins/maps/public/plugin.ts b/x-pack/plugins/maps/public/plugin.ts
index 3da346aaf4443..ecb647cbb61b2 100644
--- a/x-pack/plugins/maps/public/plugin.ts
+++ b/x-pack/plugins/maps/public/plugin.ts
@@ -63,6 +63,7 @@ import {
   setLicensingPluginStart,
 } from './licensed_features';
 import { EMSSettings } from '../common/ems_settings';
+import { SavedObjectTaggingPluginStart } from '../../saved_objects_tagging/public';
 
 export interface MapsPluginSetupDependencies {
   inspector: InspectorSetupContract;
@@ -86,6 +87,7 @@ export interface MapsPluginStartDependencies {
   visualizations: VisualizationsStart;
   savedObjects: SavedObjectsStart;
   dashboard: DashboardStart;
+  savedObjectsTagging?: SavedObjectTaggingPluginStart;
 }
 
 /**
diff --git a/x-pack/plugins/maps/public/routes/list_page/maps_list_view.tsx b/x-pack/plugins/maps/public/routes/list_page/maps_list_view.tsx
index 97ed3d428d341..a579e3f122cc6 100644
--- a/x-pack/plugins/maps/public/routes/list_page/maps_list_view.tsx
+++ b/x-pack/plugins/maps/public/routes/list_page/maps_list_view.tsx
@@ -5,45 +5,68 @@
  */
 
 import React, { MouseEvent } from 'react';
-import _ from 'lodash';
-import {
-  EuiTitle,
-  EuiFieldSearch,
-  EuiBasicTable,
-  EuiPage,
-  EuiPageBody,
-  EuiPageContent,
-  EuiLink,
-  EuiFlexGroup,
-  EuiFlexItem,
-  EuiButton,
-  EuiSpacer,
-  EuiOverlayMask,
-  EuiConfirmModal,
-  EuiCallOut,
-} from '@elastic/eui';
+import { SavedObjectReference } from 'src/core/types';
 import { i18n } from '@kbn/i18n';
-import { FormattedMessage } from '@kbn/i18n/react';
-import { Direction } from '@elastic/eui';
-import {
-  CriteriaWithPagination,
-  EuiBasicTableColumn,
-} from '@elastic/eui/src/components/basic_table/basic_table';
-import { EuiTableSortingType } from '@elastic/eui';
+import { EuiLink } from '@elastic/eui';
+import { EuiBasicTableColumn } from '@elastic/eui/src/components/basic_table/basic_table';
+import { TableListView } from '../../../../../../src/plugins/kibana_react/public';
 import { goToSpecifiedPath } from '../../render_app';
 import { APP_ID, MAP_PATH, MAP_SAVED_OBJECT_TYPE } from '../../../common/constants';
 import {
   getMapsCapabilities,
-  getUiSettings,
   getToasts,
   getCoreChrome,
   getNavigateToApp,
   getSavedObjectsClient,
+  getSavedObjectsTagging,
+  getSavedObjects,
 } from '../../kibana_services';
 import { getAppTitle } from '../../../common/i18n_getters';
 import { MapSavedObjectAttributes } from '../../../common/map_saved_object_type';
 
-export const EMPTY_FILTER = '';
+interface MapItem {
+  id: string;
+  title: string;
+  description?: string;
+  references?: SavedObjectReference[];
+}
+
+const savedObjectsTagging = getSavedObjectsTagging();
+const searchFilters = savedObjectsTagging
+  ? [savedObjectsTagging.ui.getSearchBarFilter({ useName: true })]
+  : [];
+
+const tableColumns: Array<EuiBasicTableColumn<any>> = [
+  {
+    field: 'title',
+    name: i18n.translate('xpack.maps.mapListing.titleFieldTitle', {
+      defaultMessage: 'Title',
+    }),
+    sortable: true,
+    render: (field: string, record: MapItem) => (
+      <EuiLink
+        onClick={(e: MouseEvent) => {
+          e.preventDefault();
+          goToSpecifiedPath(`/${MAP_PATH}/${record.id}`);
+        }}
+        data-test-subj={`mapListingTitleLink-${record.title.split(' ').join('-')}`}
+      >
+        {field}
+      </EuiLink>
+    ),
+  },
+  {
+    field: 'description',
+    name: i18n.translate('xpack.maps.mapListing.descriptionFieldTitle', {
+      defaultMessage: 'Description',
+    }),
+    dataType: 'string',
+    sortable: true,
+  },
+];
+if (savedObjectsTagging) {
+  tableColumns.push(savedObjectsTagging.ui.getTableColumnDefinition());
+}
 
 function navigateToNewMap() {
   const navigateToApp = getNavigateToApp();
@@ -51,447 +74,76 @@ function navigateToNewMap() {
     path: MAP_PATH,
   });
 }
-interface State {
-  sortField?: string | number | symbol;
-  sortDirection?: Direction;
-  hasInitialFetchReturned: boolean;
-  isFetchingItems: boolean;
-  showDeleteModal: boolean;
-  showLimitError: boolean;
-  filter: string;
-  items: TableRow[];
-  selectedIds: string[];
-  page: number;
-  perPage: number;
-  readOnly: boolean;
-  listingLimit: number;
-  totalItems?: number;
-}
-
-interface TableRow {
-  id: string;
-  title: string;
-  description?: string;
-}
-
-export class MapsListView extends React.Component {
-  _isMounted: boolean = false;
-  state: State = {
-    hasInitialFetchReturned: false,
-    isFetchingItems: false,
-    showDeleteModal: false,
-    showLimitError: false,
-    filter: EMPTY_FILTER,
-    items: [],
-    selectedIds: [],
-    page: 0,
-    perPage: 20,
-    readOnly: !getMapsCapabilities().save,
-    listingLimit: getUiSettings().get('savedObjects:listingLimit'),
-  };
 
-  componentWillUnmount() {
-    this._isMounted = false;
-    this.debouncedFetch.cancel();
-  }
+async function findMaps(searchQuery: string) {
+  let searchTerm = searchQuery;
+  let tagReferences;
 
-  componentDidMount() {
-    this._isMounted = true;
-    this.initMapList();
-  }
-
-  async initMapList() {
-    this.fetchItems();
-    getCoreChrome().docTitle.change(getAppTitle());
-    getCoreChrome().setBreadcrumbs([{ text: getAppTitle() }]);
-  }
-
-  debouncedFetch = _.debounce(async (filter) => {
-    const response = await getSavedObjectsClient().find<MapSavedObjectAttributes>({
-      type: MAP_SAVED_OBJECT_TYPE,
-      search: filter ? `${filter}*` : undefined,
-      perPage: this.state.listingLimit,
-      page: 1,
-      searchFields: ['title^3', 'description'],
-      defaultSearchOperator: 'AND',
-      fields: ['description', 'title'],
-    });
-
-    if (!this._isMounted) {
-      return;
-    }
-
-    // We need this check to handle the case where search results come back in a different
-    // order than they were sent out. Only load results for the most recent search.
-    if (filter === this.state.filter) {
-      this.setState({
-        hasInitialFetchReturned: true,
-        isFetchingItems: false,
-        items: response.savedObjects.map((savedObject) => {
-          return {
-            id: savedObject.id,
-            title: savedObject.attributes.title,
-            description: savedObject.attributes.description,
-          };
-        }),
-        totalItems: response.total,
-        showLimitError: response.total > this.state.listingLimit,
-      });
-    }
-  }, 300);
-
-  fetchItems = () => {
-    this.setState(
-      {
-        isFetchingItems: true,
-      },
-      this.debouncedFetch.bind(null, this.state.filter)
-    );
-  };
-
-  deleteSelectedItems = async () => {
-    try {
-      const deletions = this.state.selectedIds.map((id) => {
-        return getSavedObjectsClient().delete(MAP_SAVED_OBJECT_TYPE, id);
-      });
-      await Promise.all(deletions);
-    } catch (error) {
-      getToasts().addDanger({
-        title: i18n.translate('xpack.maps.mapListing.unableToDeleteToastTitle', {
-          defaultMessage: `Unable to delete map(s)`,
-        }),
-        text: `${error}`,
-      });
-    }
-    this.fetchItems();
-    this.setState({
-      selectedIds: [],
+  if (savedObjectsTagging) {
+    const parsed = savedObjectsTagging.ui.parseSearchQuery(searchQuery, {
+      useName: true,
     });
-    this.closeDeleteModal();
-  };
-
-  closeDeleteModal = () => {
-    this.setState({ showDeleteModal: false });
-  };
-
-  openDeleteModal = () => {
-    this.setState({ showDeleteModal: true });
-  };
-
-  onTableChange = ({ page, sort }: CriteriaWithPagination<TableRow>) => {
-    const { index: pageIndex, size: pageSize } = page;
-
-    let { field: sortField, direction: sortDirection } = sort || {};
-
-    // 3rd sorting state that is not captured by sort - native order (no sort)
-    // when switching from desc to asc for the same field - use native order
-    if (
-      this.state.sortField === sortField &&
-      this.state.sortDirection === 'desc' &&
-      sortDirection === 'asc'
-    ) {
-      sortField = undefined;
-      sortDirection = undefined;
-    }
-
-    this.setState({
-      page: pageIndex,
-      perPage: pageSize,
-      sortField,
-      sortDirection,
-    });
-  };
-
-  getPageOfItems = () => {
-    // do not sort original list to preserve elasticsearch ranking order
-    const itemsCopy = this.state.items.slice();
-
-    if (this.state.sortField) {
-      itemsCopy.sort((a, b) => {
-        const fieldA = _.get(a, this.state.sortField!, '');
-        const fieldB = _.get(b, this.state.sortField!, '');
-        let order = 1;
-        if (this.state.sortDirection === 'desc') {
-          order = -1;
-        }
-        return order * fieldA.toLowerCase().localeCompare(fieldB.toLowerCase());
-      });
-    }
-
-    // If begin is greater than the length of the sequence, an empty array is returned.
-    const startIndex = this.state.page * this.state.perPage;
-    // If end is greater than the length of the sequence, slice extracts through to the end of the sequence (arr.length).
-    const lastIndex = startIndex + this.state.perPage;
-    return itemsCopy.slice(startIndex, lastIndex);
-  };
-
-  hasNoItems() {
-    if (!this.state.isFetchingItems && this.state.items.length === 0 && !this.state.filter) {
-      return true;
-    }
-
-    return false;
+    searchTerm = parsed.searchTerm;
+    tagReferences = parsed.tagReferences;
   }
 
-  renderConfirmDeleteModal() {
-    return (
-      <EuiOverlayMask>
-        <EuiConfirmModal
-          title={i18n.translate('xpack.maps.mapListing.deleteSelectedItemsTitle', {
-            defaultMessage: 'Delete selected items?',
-          })}
-          onCancel={this.closeDeleteModal}
-          onConfirm={this.deleteSelectedItems}
-          cancelButtonText={i18n.translate('xpack.maps.mapListing.cancelTitle', {
-            defaultMessage: 'Cancel',
-          })}
-          confirmButtonText={i18n.translate('xpack.maps.mapListing.deleteTitle', {
-            defaultMessage: 'Delete',
-          })}
-          defaultFocusedButton="cancel"
-        >
-          <p>
-            <FormattedMessage
-              id="xpack.maps.mapListing.deleteWarning"
-              defaultMessage="You can't recover deleted items."
-            />
-          </p>
-        </EuiConfirmModal>
-      </EuiOverlayMask>
-    );
-  }
-
-  renderListingLimitWarning() {
-    if (this.state.showLimitError) {
-      return (
-        <React.Fragment>
-          <EuiCallOut
-            title={i18n.translate('xpack.maps.mapListing.limitExceededTitle', {
-              defaultMessage: 'Listing limit exceeded',
-            })}
-            color="warning"
-            iconType="help"
-          >
-            <p>
-              <FormattedMessage
-                id="xpack.maps.mapListing.limitHelpDescription"
-                defaultMessage="You have {totalItems} items,
-            but your <strong>listingLimit</strong> setting prevents the table below from displaying more than {listingLimit}.
-            You can change this setting under "
-                values={{
-                  totalItems: this.state.totalItems,
-                  listingLimit: this.state.listingLimit,
-                }}
-              />
-              <EuiLink href="#/management/kibana/settings">
-                <FormattedMessage
-                  id="xpack.maps.mapListing.advancedSettingsLinkText"
-                  defaultMessage="Advanced Settings"
-                />
-              </EuiLink>
-              .
-            </p>
-          </EuiCallOut>
-          <EuiSpacer size="m" />
-        </React.Fragment>
-      );
-    }
-  }
-
-  renderNoResultsMessage() {
-    if (this.state.isFetchingItems) {
-      return '';
-    }
-
-    if (this.hasNoItems()) {
-      return i18n.translate('xpack.maps.mapListing.noItemsDescription', {
-        defaultMessage: `Looks like you don't have any maps. Click the create button to create one.`,
-      });
-    }
-
-    return i18n.translate('xpack.maps.mapListing.noMatchDescription', {
-      defaultMessage: 'No items matched your search.',
-    });
-  }
-
-  renderSearchBar() {
-    let deleteBtn;
-    if (this.state.selectedIds.length > 0) {
-      deleteBtn = (
-        <EuiFlexItem grow={false}>
-          <EuiButton
-            color="danger"
-            onClick={this.openDeleteModal}
-            data-test-subj="deleteSelectedItems"
-            key="delete"
-          >
-            <FormattedMessage
-              id="xpack.maps.mapListing.deleteSelectedButtonLabel"
-              defaultMessage="Delete selected"
-            />
-          </EuiButton>
-        </EuiFlexItem>
-      );
-    }
-
-    return (
-      <EuiFlexGroup>
-        {deleteBtn}
-        <EuiFlexItem grow={true}>
-          <EuiFieldSearch
-            aria-label={i18n.translate('xpack.maps.mapListing.searchAriaLabel', {
-              defaultMessage: 'Filter items',
-            })}
-            placeholder={i18n.translate('xpack.maps.mapListing.searchPlaceholder', {
-              defaultMessage: 'Search...',
-            })}
-            fullWidth
-            value={this.state.filter}
-            onChange={(e) => {
-              this.setState(
-                {
-                  filter: e.target.value,
-                },
-                this.fetchItems
-              );
-            }}
-            data-test-subj="searchFilter"
-          />
-        </EuiFlexItem>
-      </EuiFlexGroup>
-    );
-  }
-
-  renderTable() {
-    const tableColumns: Array<EuiBasicTableColumn<any>> = [
-      {
-        field: 'title',
-        name: i18n.translate('xpack.maps.mapListing.titleFieldTitle', {
-          defaultMessage: 'Title',
-        }),
-        sortable: true,
-        render: (field, record) => (
-          <EuiLink
-            onClick={(e: MouseEvent) => {
-              e.preventDefault();
-              goToSpecifiedPath(`/${MAP_PATH}/${record.id}`);
-            }}
-            data-test-subj={`mapListingTitleLink-${record.title.split(' ').join('-')}`}
-          >
-            {field}
-          </EuiLink>
-        ),
-      },
-      {
-        field: 'description',
-        name: i18n.translate('xpack.maps.mapListing.descriptionFieldTitle', {
-          defaultMessage: 'Description',
-        }),
-        dataType: 'string',
-        sortable: true,
-      },
-    ];
-    const pagination = {
-      pageIndex: this.state.page,
-      pageSize: this.state.perPage,
-      totalItemCount: this.state.items.length,
-      pageSizeOptions: [10, 20, 50],
-    };
-
-    let selection;
-    if (!this.state.readOnly) {
-      selection = {
-        onSelectionChange: (s: TableRow[]) => {
-          this.setState({
-            selectedIds: s.map((item) => {
-              return item.id;
-            }),
-          });
-        },
-      };
-    }
+  const resp = await getSavedObjectsClient().find<MapSavedObjectAttributes>({
+    type: MAP_SAVED_OBJECT_TYPE,
+    search: searchTerm ? `${searchTerm}*` : undefined,
+    perPage: getSavedObjects().settings.getListingLimit(),
+    page: 1,
+    searchFields: ['title^3', 'description'],
+    defaultSearchOperator: 'AND',
+    fields: ['description', 'title'],
+    hasReference: tagReferences,
+  });
 
-    const sorting: EuiTableSortingType<any> = {};
-    if (this.state.sortField) {
-      sorting.sort = {
-        field: this.state.sortField,
-        direction: this.state.sortDirection!,
+  return {
+    total: resp.total,
+    hits: resp.savedObjects.map((savedObject) => {
+      return {
+        id: savedObject.id,
+        title: savedObject.attributes.title,
+        description: savedObject.attributes.description,
+        references: savedObject.references,
       };
-    }
-    const items = this.state.items.length === 0 ? [] : this.getPageOfItems();
-
-    return (
-      <EuiBasicTable
-        itemId={'id'}
-        items={items}
-        loading={this.state.isFetchingItems}
-        columns={tableColumns}
-        selection={selection}
-        noItemsMessage={this.renderNoResultsMessage()}
-        pagination={pagination}
-        sorting={sorting}
-        onChange={this.onTableChange}
-      />
-    );
-  }
-
-  renderListing() {
-    let createButton;
-    if (!this.state.readOnly) {
-      createButton = (
-        <EuiButton data-test-subj="newMapLink" fill onClick={navigateToNewMap}>
-          <FormattedMessage
-            id="xpack.maps.mapListing.createMapButtonLabel"
-            defaultMessage="Create map"
-          />
-        </EuiButton>
-      );
-    }
-    return (
-      <React.Fragment>
-        {this.state.showDeleteModal && this.renderConfirmDeleteModal()}
-
-        <EuiFlexGroup justifyContent="spaceBetween" alignItems="center" data-test-subj="top-nav">
-          <EuiFlexItem grow={false}>
-            <EuiTitle size="l">
-              <h1>
-                <FormattedMessage
-                  id="xpack.maps.mapListing.listingTableTitle"
-                  defaultMessage="Maps"
-                />
-              </h1>
-            </EuiTitle>
-          </EuiFlexItem>
-
-          <EuiFlexItem grow={false}>{createButton}</EuiFlexItem>
-        </EuiFlexGroup>
-
-        <EuiSpacer size="m" />
-
-        {this.renderListingLimitWarning()}
-
-        {this.renderSearchBar()}
-
-        <EuiSpacer size="m" />
-
-        {this.renderTable()}
-      </React.Fragment>
-    );
-  }
-
-  renderPageContent() {
-    if (!this.state.hasInitialFetchReturned) {
-      return;
-    }
+    }),
+  };
+}
 
-    return <EuiPageContent horizontalPosition="center">{this.renderListing()}</EuiPageContent>;
-  }
+async function deleteMaps(items: object[]) {
+  const deletions = items.map((item) => {
+    return getSavedObjectsClient().delete(MAP_SAVED_OBJECT_TYPE, (item as MapItem).id);
+  });
+  await Promise.all(deletions);
+}
 
-  render() {
-    return (
-      <EuiPage data-test-subj="mapsListingPage" restrictWidth>
-        <EuiPageBody>{this.renderPageContent()}</EuiPageBody>
-      </EuiPage>
-    );
-  }
+export function MapsListView() {
+  const isReadOnly = !getMapsCapabilities().save;
+
+  getCoreChrome().docTitle.change(getAppTitle());
+  getCoreChrome().setBreadcrumbs([{ text: getAppTitle() }]);
+
+  return (
+    <TableListView
+      headingId="mapsListingPage"
+      rowHeader="title"
+      createItem={isReadOnly ? undefined : navigateToNewMap}
+      findItems={findMaps}
+      deleteItems={isReadOnly ? undefined : deleteMaps}
+      tableColumns={tableColumns}
+      listingLimit={getSavedObjects().settings.getListingLimit()}
+      initialFilter={''}
+      initialPageSize={getSavedObjects().settings.getPerPage()}
+      entityName={i18n.translate('xpack.maps.mapListing.entityName', {
+        defaultMessage: 'map',
+      })}
+      entityNamePlural={i18n.translate('xpack.maps.mapListing.entityNamePlural', {
+        defaultMessage: 'maps',
+      })}
+      tableListTitle={getAppTitle()}
+      toastNotifications={getToasts()}
+      searchFilters={searchFilters}
+    />
+  );
 }
diff --git a/x-pack/plugins/maps/public/routes/map_page/saved_map/saved_map.ts b/x-pack/plugins/maps/public/routes/map_page/saved_map/saved_map.ts
index 036f8cf11d374..98f428f9a2999 100644
--- a/x-pack/plugins/maps/public/routes/map_page/saved_map/saved_map.ts
+++ b/x-pack/plugins/maps/public/routes/map_page/saved_map/saved_map.ts
@@ -33,7 +33,12 @@ import { getIsLayerTOCOpen, getOpenTOCDetails } from '../../../selectors/ui_sele
 import { getMapAttributeService } from '../../../map_attribute_service';
 import { OnSaveProps } from '../../../../../../../src/plugins/saved_objects/public';
 import { MapByReferenceInput, MapEmbeddableInput } from '../../../embeddable/types';
-import { getCoreChrome, getToasts, getIsAllowByValueEmbeddables } from '../../../kibana_services';
+import {
+  getCoreChrome,
+  getToasts,
+  getIsAllowByValueEmbeddables,
+  getSavedObjectsTagging,
+} from '../../../kibana_services';
 import { goToSpecifiedPath } from '../../../render_app';
 import { LayerDescriptor } from '../../../../common/descriptor_types';
 import { getInitialLayers } from './get_initial_layers';
@@ -51,6 +56,7 @@ export class SavedMap {
   private _originatingApp?: string;
   private readonly _stateTransfer?: EmbeddableStateTransfer;
   private readonly _store: MapStore;
+  private _tags: string[] = [];
 
   constructor({
     defaultLayers = [],
@@ -87,7 +93,14 @@ export class SavedMap {
         description: '',
       };
     } else {
-      this._attributes = await getMapAttributeService().unwrapAttributes(this._mapEmbeddableInput);
+      const doc = await getMapAttributeService().unwrapAttributes(this._mapEmbeddableInput);
+      const references = doc.references;
+      delete doc.references;
+      this._attributes = doc;
+      const savedObjectsTagging = getSavedObjectsTagging();
+      if (savedObjectsTagging && references && references.length) {
+        this._tags = savedObjectsTagging.ui.getTagIdsFromReferences(references);
+      }
     }
 
     if (this._attributes?.mapStateJSON) {
@@ -216,6 +229,10 @@ export class SavedMap {
     return this._getStateTransfer().getAppNameFromId(appId);
   };
 
+  public getTags(): string[] {
+    return this._tags;
+  }
+
   public hasSaveAndReturnConfig() {
     const hasOriginatingApp = !!this._originatingApp;
     const isNewMap = !this.getSavedObjectId();
@@ -247,9 +264,11 @@ export class SavedMap {
     newTitle,
     newCopyOnSave,
     returnToOrigin,
+    newTags,
     saveByReference,
   }: OnSaveProps & {
     returnToOrigin: boolean;
+    newTags?: string[];
     saveByReference: boolean;
   }) {
     if (!this._attributes) {
@@ -264,8 +283,17 @@ export class SavedMap {
 
     let updatedMapEmbeddableInput: MapEmbeddableInput;
     try {
+      const savedObjectsTagging = getSavedObjectsTagging();
+      // Attribute service deviates from Saved Object client by including references as a child to attributes in stead of a sibling
+      const attributes =
+        savedObjectsTagging && newTags
+          ? {
+              ...this._attributes,
+              references: savedObjectsTagging.ui.updateTagsReferences([], newTags),
+            }
+          : this._attributes;
       updatedMapEmbeddableInput = (await getMapAttributeService().wrapAttributes(
-        this._attributes,
+        attributes,
         saveByReference,
         newCopyOnSave ? undefined : this._mapEmbeddableInput
       )) as MapEmbeddableInput;
diff --git a/x-pack/plugins/maps/public/routes/map_page/top_nav_config.tsx b/x-pack/plugins/maps/public/routes/map_page/top_nav_config.tsx
index 2d0a7d967a6cf..43a74a9c73012 100644
--- a/x-pack/plugins/maps/public/routes/map_page/top_nav_config.tsx
+++ b/x-pack/plugins/maps/public/routes/map_page/top_nav_config.tsx
@@ -14,6 +14,7 @@ import {
   getCoreI18n,
   getSavedObjectsClient,
   getCoreOverlays,
+  getSavedObjectsTagging,
 } from '../../kibana_services';
 import {
   checkForDuplicateTitle,
@@ -125,6 +126,19 @@ export function getTopNavConfig({
         }
       },
       run: () => {
+        let selectedTags = savedMap.getTags();
+        function onTagsSelected(newTags: string[]) {
+          selectedTags = newTags;
+        }
+
+        const savedObjectsTagging = getSavedObjectsTagging();
+        const tagSelector = savedObjectsTagging ? (
+          <savedObjectsTagging.ui.components.SavedObjectSaveModalTagSelector
+            initialSelection={selectedTags}
+            onTagsSelected={onTagsSelected}
+          />
+        ) : undefined;
+
         const saveModal = (
           <SavedObjectSaveModalOrigin
             originatingApp={savedMap.getOriginatingApp()}
@@ -154,6 +168,7 @@ export function getTopNavConfig({
 
               await savedMap.save({
                 ...props,
+                newTags: selectedTags,
                 saveByReference: true,
               });
               // showSaveModal wrapper requires onSave to return an object with an id to close the modal after successful save
@@ -168,6 +183,7 @@ export function getTopNavConfig({
             objectType={i18n.translate('xpack.maps.topNav.saveModalType', {
               defaultMessage: 'map',
             })}
+            options={tagSelector}
           />
         );
         showSaveModal(saveModal, getCoreI18n().Context);
diff --git a/x-pack/plugins/maps/server/plugin.ts b/x-pack/plugins/maps/server/plugin.ts
index 65d79272494f0..a79e5353048c8 100644
--- a/x-pack/plugins/maps/server/plugin.ts
+++ b/x-pack/plugins/maps/server/plugin.ts
@@ -185,7 +185,7 @@ export class MapsPlugin implements Plugin {
           catalogue: [APP_ID],
           savedObject: {
             all: [MAP_SAVED_OBJECT_TYPE, 'query'],
-            read: ['index-pattern'],
+            read: ['index-pattern', 'tag'],
           },
           ui: ['save', 'show', 'saveQuery'],
         },
@@ -194,7 +194,7 @@ export class MapsPlugin implements Plugin {
           catalogue: [APP_ID],
           savedObject: {
             all: [],
-            read: [MAP_SAVED_OBJECT_TYPE, 'index-pattern', 'query'],
+            read: [MAP_SAVED_OBJECT_TYPE, 'index-pattern', 'query', 'tag'],
           },
           ui: ['show'],
         },
diff --git a/x-pack/plugins/ml/common/types/saved_objects.ts b/x-pack/plugins/ml/common/types/saved_objects.ts
index 6fd1b2cc997be..dde235476f1f9 100644
--- a/x-pack/plugins/ml/common/types/saved_objects.ts
+++ b/x-pack/plugins/ml/common/types/saved_objects.ts
@@ -6,3 +6,12 @@
 
 export type JobType = 'anomaly-detector' | 'data-frame-analytics';
 export const ML_SAVED_OBJECT_TYPE = 'ml-job';
+
+type Result = Record<string, { success: boolean; error?: any }>;
+
+export interface RepairSavedObjectResponse {
+  savedObjectsCreated: Result;
+  savedObjectsDeleted: Result;
+  datafeedsAdded: Result;
+  datafeedsRemoved: Result;
+}
diff --git a/x-pack/plugins/ml/readme.md b/x-pack/plugins/ml/readme.md
index 0e50867e57ad6..2369f3d077037 100644
--- a/x-pack/plugins/ml/readme.md
+++ b/x-pack/plugins/ml/readme.md
@@ -6,7 +6,7 @@ Elastic.
 ## Requirements
 
 To use machine learning features, you must have a Platinum or Enterprise license 
-or a free 14-day trial. File Data Visualizer requires a Basic license. For more 
+or a free 14-day Trial. File Data Visualizer requires a Basic license. For more 
 info, refer to 
 [Set up machine learning features](https://www.elastic.co/guide/en/machine-learning/master/setup.html).
 
@@ -99,23 +99,37 @@ node scripts/jest plugins/ml --verbose
 Before running the test server, make sure to quit all other instances of 
 Elasticsearch.
 
-1. From one terminal, in the x-pack directory, run:
+Run the following commands from the `x-pack` directory and use separate terminals
+for test server and test runner. The test server command starts an Elasticsearch
+and Kibana instance that the tests will be run against.
 
-        node scripts/functional_tests_server.js --config test/functional/config.js
+1. Functional UI tests with `Trial` license (default config):
 
-   This command starts an Elasticsearch and Kibana instance that the tests will be run against.
+        node scripts/functional_tests_server.js
+        node scripts/functional_test_runner.js --include-tag mlqa
+
+    ML functional `Trial` license tests are located in `x-pack/test/functional/apps/ml`.
+
+1. Functional UI tests with `Basic` license:
 
-1. In another tab, run the following command to perform API integration tests (from the x-pack directory):
+        node scripts/functional_tests_server.js --config test/functional_basic/config.ts
+        node scripts/functional_test_runner.js --config test/functional_basic/config.ts --include-tag mlqa
 
-        node scripts/functional_test_runner.js --include-tag mlqa --config test/api_integration/config
+    ML functional `Basic` license tests are located in `x-pack/test/functional_basic/apps/ml`.
+
+1. API integration tests with `Trial` license:
+
+        node scripts/functional_tests_server.js
+        node scripts/functional_test_runner.js --config test/api_integration/config.ts --include-tag mlqa
         
-   ML API integration tests are located in `x-pack/test/api_integration/apis/ml`.
+   ML API integration `Trial` license tests are located in `x-pack/test/api_integration/apis/ml`.
 
-1. In another tab, run the following command to perform UI functional tests (from the x-pack directory):
+1. API integration tests with `Basic` license:
 
-        node scripts/functional_test_runner.js --include-tag mlqa
+        node scripts/functional_tests_server.js --config test/api_integration_basic/config.ts
+        node scripts/functional_test_runner.js --config test/api_integration_basic/config.ts --include-tag mlqa
         
-   ML functional tests are located in `x-pack/test/functional/apps/ml`.
+   ML API integration `Basic` license tests are located in `x-pack/test/api_integration_basic/apis/ml`.
 
 ## Shared functions
 
diff --git a/x-pack/plugins/ml/server/lib/register_settings.ts b/x-pack/plugins/ml/server/lib/register_settings.ts
index a9ee24fbb5cea..0cdaaadf7f172 100644
--- a/x-pack/plugins/ml/server/lib/register_settings.ts
+++ b/x-pack/plugins/ml/server/lib/register_settings.ts
@@ -27,7 +27,7 @@ export function registerKibanaSettings(coreSetup: CoreSetup) {
         defaultMessage:
           'Sets the file size limit when importing data in the File Data Visualizer. The highest supported value for this setting is 1GB.',
       }),
-      category: ['Machine Learning'],
+      category: ['machineLearning'],
       schema: schema.string(),
       validation: {
         regexString: '\\d+[mMgG][bB]',
@@ -49,7 +49,7 @@ export function registerKibanaSettings(coreSetup: CoreSetup) {
             'Use the default time filter in the Single Metric Viewer and Anomaly Explorer. If not enabled, the results for the full time range of the job are displayed.',
         }
       ),
-      category: ['Machine Learning'],
+      category: ['machineLearning'],
     },
     [ANOMALY_DETECTION_DEFAULT_TIME_RANGE]: {
       name: i18n.translate('xpack.ml.advancedSettings.anomalyDetectionDefaultTimeRangeName', {
@@ -69,7 +69,7 @@ export function registerKibanaSettings(coreSetup: CoreSetup) {
         to: schema.string(),
       }),
       requiresPageReload: true,
-      category: ['Machine Learning'],
+      category: ['machineLearning'],
     },
   });
 }
diff --git a/x-pack/plugins/ml/server/lib/route_guard.ts b/x-pack/plugins/ml/server/lib/route_guard.ts
index 390288ca197e9..68700048ce6e7 100644
--- a/x-pack/plugins/ml/server/lib/route_guard.ts
+++ b/x-pack/plugins/ml/server/lib/route_guard.ts
@@ -13,6 +13,7 @@ import {
   SavedObjectsClientContract,
 } from 'kibana/server';
 import { SpacesPluginSetup } from '../../../spaces/server';
+import type { SecurityPluginSetup } from '../../../security/server';
 
 import { jobSavedObjectServiceFactory, JobSavedObjectService } from '../saved_objects';
 import { MlLicense } from '../../common/license';
@@ -36,6 +37,7 @@ export class RouteGuard {
   private _getMlSavedObjectClient: GetMlSavedObjectClient;
   private _getInternalSavedObjectClient: GetInternalSavedObjectClient;
   private _spacesPlugin: SpacesPluginSetup | undefined;
+  private _authorization: SecurityPluginSetup['authz'] | undefined;
   private _isMlReady: () => Promise<void>;
 
   constructor(
@@ -43,12 +45,14 @@ export class RouteGuard {
     getSavedObject: GetMlSavedObjectClient,
     getInternalSavedObject: GetInternalSavedObjectClient,
     spacesPlugin: SpacesPluginSetup | undefined,
+    authorization: SecurityPluginSetup['authz'] | undefined,
     isMlReady: () => Promise<void>
   ) {
     this._mlLicense = mlLicense;
     this._getMlSavedObjectClient = getSavedObject;
     this._getInternalSavedObjectClient = getInternalSavedObject;
     this._spacesPlugin = spacesPlugin;
+    this._authorization = authorization;
     this._isMlReady = isMlReady;
   }
 
@@ -81,6 +85,7 @@ export class RouteGuard {
         mlSavedObjectClient,
         internalSavedObjectsClient,
         this._spacesPlugin !== undefined,
+        this._authorization,
         this._isMlReady
       );
       const client = context.core.elasticsearch.client;
diff --git a/x-pack/plugins/ml/server/models/data_recognizer/data_recognizer.test.ts b/x-pack/plugins/ml/server/models/data_recognizer/data_recognizer.test.ts
index af93c86978856..532a529db1cf2 100644
--- a/x-pack/plugins/ml/server/models/data_recognizer/data_recognizer.test.ts
+++ b/x-pack/plugins/ml/server/models/data_recognizer/data_recognizer.test.ts
@@ -8,6 +8,7 @@ import { SavedObjectsClientContract, KibanaRequest, IScopedClusterClient } from
 import { Module } from '../../../common/types/modules';
 import { DataRecognizer } from '../data_recognizer';
 import type { MlClient } from '../../lib/ml_client';
+import { JobSavedObjectService } from '../../saved_objects';
 
 const callAs = () => Promise.resolve({ body: {} });
 
@@ -26,6 +27,7 @@ describe('ML - data recognizer', () => {
       find: jest.fn(),
       bulkCreate: jest.fn(),
     } as unknown) as SavedObjectsClientContract,
+    {} as JobSavedObjectService,
     { headers: { authorization: '' } } as KibanaRequest
   );
 
diff --git a/x-pack/plugins/ml/server/models/data_recognizer/data_recognizer.ts b/x-pack/plugins/ml/server/models/data_recognizer/data_recognizer.ts
index 5afd00f259064..f875788d50c5e 100644
--- a/x-pack/plugins/ml/server/models/data_recognizer/data_recognizer.ts
+++ b/x-pack/plugins/ml/server/models/data_recognizer/data_recognizer.ts
@@ -44,6 +44,7 @@ import { jobServiceProvider } from '../job_service';
 import { resultsServiceProvider } from '../results_service';
 import { JobExistResult, JobStat } from '../../../common/types/data_recognizer';
 import { MlJobsStatsResponse } from '../job_service/jobs';
+import { JobSavedObjectService } from '../../saved_objects';
 
 const ML_DIR = 'ml';
 const KIBANA_DIR = 'kibana';
@@ -108,6 +109,8 @@ export class DataRecognizer {
   private _client: IScopedClusterClient;
   private _mlClient: MlClient;
   private _savedObjectsClient: SavedObjectsClientContract;
+  private _jobSavedObjectService: JobSavedObjectService;
+  private _request: KibanaRequest;
 
   private _authorizationHeader: object;
   private _modulesDir = `${__dirname}/modules`;
@@ -127,11 +130,14 @@ export class DataRecognizer {
     mlClusterClient: IScopedClusterClient,
     mlClient: MlClient,
     savedObjectsClient: SavedObjectsClientContract,
+    jobSavedObjectService: JobSavedObjectService,
     request: KibanaRequest
   ) {
     this._client = mlClusterClient;
     this._mlClient = mlClient;
     this._savedObjectsClient = savedObjectsClient;
+    this._jobSavedObjectService = jobSavedObjectService;
+    this._request = request;
     this._authorizationHeader = getAuthorizationHeader(request);
     this._jobsService = jobServiceProvider(mlClusterClient, mlClient);
     this._resultsService = resultsServiceProvider(mlClient);
@@ -394,7 +400,8 @@ export class DataRecognizer {
     end?: number,
     jobOverrides?: JobOverride | JobOverride[],
     datafeedOverrides?: DatafeedOverride | DatafeedOverride[],
-    estimateModelMemory: boolean = true
+    estimateModelMemory: boolean = true,
+    applyToAllSpaces: boolean = false
   ) {
     // load the config from disk
     const moduleConfig = await this.getModule(moduleId, jobPrefix);
@@ -458,7 +465,7 @@ export class DataRecognizer {
       if (useDedicatedIndex === true) {
         moduleConfig.jobs.forEach((job) => (job.config.results_index_name = job.id));
       }
-      saveResults.jobs = await this.saveJobs(moduleConfig.jobs);
+      saveResults.jobs = await this.saveJobs(moduleConfig.jobs, applyToAllSpaces);
     }
 
     // create the datafeeds
@@ -699,8 +706,8 @@ export class DataRecognizer {
   // save the jobs.
   // if any fail (e.g. it already exists), catch the error and mark the result
   // as success: false
-  async saveJobs(jobs: ModuleJob[]): Promise<JobResponse[]> {
-    return await Promise.all(
+  async saveJobs(jobs: ModuleJob[], applyToAllSpaces: boolean = false): Promise<JobResponse[]> {
+    const resp = await Promise.all(
       jobs.map(async (job) => {
         const jobId = job.id;
         try {
@@ -712,6 +719,19 @@ export class DataRecognizer {
         }
       })
     );
+    if (applyToAllSpaces === true) {
+      const canCreateGlobalJobs = await this._jobSavedObjectService.canCreateGlobalJobs(
+        this._request
+      );
+      if (canCreateGlobalJobs === true) {
+        await this._jobSavedObjectService.assignJobsToSpaces(
+          'anomaly-detector',
+          jobs.map((j) => j.id),
+          ['*']
+        );
+      }
+    }
+    return resp;
   }
 
   async saveJob(job: ModuleJob) {
diff --git a/x-pack/plugins/ml/server/plugin.ts b/x-pack/plugins/ml/server/plugin.ts
index f5e79427db616..669fc9a1d92e4 100644
--- a/x-pack/plugins/ml/server/plugin.ts
+++ b/x-pack/plugins/ml/server/plugin.ts
@@ -16,6 +16,7 @@ import {
   IClusterClient,
   SavedObjectsServiceStart,
 } from 'kibana/server';
+import type { SecurityPluginSetup } from '../../security/server';
 import { DEFAULT_APP_CATEGORIES } from '../../../../src/core/server';
 import { SpacesPluginSetup } from '../../spaces/server';
 import { PluginsSetup, RouteInitialization } from './types';
@@ -68,6 +69,7 @@ export class MlServerPlugin implements Plugin<MlPluginSetup, MlPluginStart, Plug
   private clusterClient: IClusterClient | null = null;
   private savedObjectsStart: SavedObjectsServiceStart | null = null;
   private spacesPlugin: SpacesPluginSetup | undefined;
+  private security: SecurityPluginSetup | undefined;
   private isMlReady: Promise<void>;
   private setMlReady: () => void = () => {};
 
@@ -80,6 +82,7 @@ export class MlServerPlugin implements Plugin<MlPluginSetup, MlPluginStart, Plug
 
   public setup(coreSetup: CoreSetup, plugins: PluginsSetup): MlPluginSetup {
     this.spacesPlugin = plugins.spaces;
+    this.security = plugins.security;
     const { admin, user, apmUser } = getPluginPrivileges();
 
     plugins.features.registerKibanaFeature({
@@ -140,6 +143,7 @@ export class MlServerPlugin implements Plugin<MlPluginSetup, MlPluginStart, Plug
         getMlSavedObjectsClient,
         getInternalSavedObjectsClient,
         plugins.spaces,
+        plugins.security?.authz,
         () => this.isMlReady
       ),
       mlLicense: this.mlLicense,
@@ -185,6 +189,7 @@ export class MlServerPlugin implements Plugin<MlPluginSetup, MlPluginStart, Plug
         this.mlLicense,
         plugins.spaces,
         plugins.cloud,
+        plugins.security?.authz,
         resolveMlCapabilities,
         () => this.clusterClient,
         () => getInternalSavedObjectsClient(),
@@ -202,6 +207,7 @@ export class MlServerPlugin implements Plugin<MlPluginSetup, MlPluginStart, Plug
     // and create them if needed.
     const { initializeJobs } = jobSavedObjectsInitializationFactory(
       coreStart,
+      this.security,
       this.spacesPlugin !== undefined
     );
     initializeJobs().finally(() => {
diff --git a/x-pack/plugins/ml/server/routes/modules.ts b/x-pack/plugins/ml/server/routes/modules.ts
index 95e1d85d793d1..0e5fde8a34c76 100644
--- a/x-pack/plugins/ml/server/routes/modules.ts
+++ b/x-pack/plugins/ml/server/routes/modules.ts
@@ -18,15 +18,23 @@ import {
 } from './schemas/modules';
 import { RouteInitialization } from '../types';
 import type { MlClient } from '../lib/ml_client';
+import type { JobSavedObjectService } from '../saved_objects';
 
 function recognize(
   client: IScopedClusterClient,
   mlClient: MlClient,
   savedObjectsClient: SavedObjectsClientContract,
+  jobSavedObjectService: JobSavedObjectService,
   request: KibanaRequest,
   indexPatternTitle: string
 ) {
-  const dr = new DataRecognizer(client, mlClient, savedObjectsClient, request);
+  const dr = new DataRecognizer(
+    client,
+    mlClient,
+    savedObjectsClient,
+    jobSavedObjectService,
+    request
+  );
   return dr.findMatches(indexPatternTitle);
 }
 
@@ -34,10 +42,17 @@ function getModule(
   client: IScopedClusterClient,
   mlClient: MlClient,
   savedObjectsClient: SavedObjectsClientContract,
+  jobSavedObjectService: JobSavedObjectService,
   request: KibanaRequest,
   moduleId: string
 ) {
-  const dr = new DataRecognizer(client, mlClient, savedObjectsClient, request);
+  const dr = new DataRecognizer(
+    client,
+    mlClient,
+    savedObjectsClient,
+    jobSavedObjectService,
+    request
+  );
   if (moduleId === undefined) {
     return dr.listModules();
   } else {
@@ -49,6 +64,7 @@ function setup(
   client: IScopedClusterClient,
   mlClient: MlClient,
   savedObjectsClient: SavedObjectsClientContract,
+  jobSavedObjectService: JobSavedObjectService,
   request: KibanaRequest,
   moduleId: string,
   prefix?: string,
@@ -61,9 +77,16 @@ function setup(
   end?: number,
   jobOverrides?: JobOverride | JobOverride[],
   datafeedOverrides?: DatafeedOverride | DatafeedOverride[],
-  estimateModelMemory?: boolean
+  estimateModelMemory?: boolean,
+  applyToAllSpaces?: boolean
 ) {
-  const dr = new DataRecognizer(client, mlClient, savedObjectsClient, request);
+  const dr = new DataRecognizer(
+    client,
+    mlClient,
+    savedObjectsClient,
+    jobSavedObjectService,
+    request
+  );
   return dr.setup(
     moduleId,
     prefix,
@@ -76,7 +99,8 @@ function setup(
     end,
     jobOverrides,
     datafeedOverrides,
-    estimateModelMemory
+    estimateModelMemory,
+    applyToAllSpaces
   );
 }
 
@@ -84,10 +108,17 @@ function dataRecognizerJobsExist(
   client: IScopedClusterClient,
   mlClient: MlClient,
   savedObjectsClient: SavedObjectsClientContract,
+  jobSavedObjectService: JobSavedObjectService,
   request: KibanaRequest,
   moduleId: string
 ) {
-  const dr = new DataRecognizer(client, mlClient, savedObjectsClient, request);
+  const dr = new DataRecognizer(
+    client,
+    mlClient,
+    savedObjectsClient,
+    jobSavedObjectService,
+    request
+  );
   return dr.dataRecognizerJobsExist(moduleId);
 }
 
@@ -132,22 +163,25 @@ export function dataRecognizer({ router, routeGuard }: RouteInitialization) {
         tags: ['access:ml:canCreateJob'],
       },
     },
-    routeGuard.fullLicenseAPIGuard(async ({ client, mlClient, request, response, context }) => {
-      try {
-        const { indexPatternTitle } = request.params;
-        const results = await recognize(
-          client,
-          mlClient,
-          context.core.savedObjects.client,
-          request,
-          indexPatternTitle
-        );
+    routeGuard.fullLicenseAPIGuard(
+      async ({ client, mlClient, request, response, context, jobSavedObjectService }) => {
+        try {
+          const { indexPatternTitle } = request.params;
+          const results = await recognize(
+            client,
+            mlClient,
+            context.core.savedObjects.client,
+            jobSavedObjectService,
+            request,
+            indexPatternTitle
+          );
 
-        return response.ok({ body: results });
-      } catch (e) {
-        return response.customError(wrapError(e));
+          return response.ok({ body: results });
+        } catch (e) {
+          return response.customError(wrapError(e));
+        }
       }
-    })
+    )
   );
 
   /**
@@ -268,27 +302,30 @@ export function dataRecognizer({ router, routeGuard }: RouteInitialization) {
         tags: ['access:ml:canGetJobs'],
       },
     },
-    routeGuard.fullLicenseAPIGuard(async ({ client, mlClient, request, response, context }) => {
-      try {
-        let { moduleId } = request.params;
-        if (moduleId === '') {
-          // if the endpoint is called with a trailing /
-          // the moduleId will be an empty string.
-          moduleId = undefined;
-        }
-        const results = await getModule(
-          client,
-          mlClient,
-          context.core.savedObjects.client,
-          request,
-          moduleId
-        );
+    routeGuard.fullLicenseAPIGuard(
+      async ({ client, mlClient, request, response, context, jobSavedObjectService }) => {
+        try {
+          let { moduleId } = request.params;
+          if (moduleId === '') {
+            // if the endpoint is called with a trailing /
+            // the moduleId will be an empty string.
+            moduleId = undefined;
+          }
+          const results = await getModule(
+            client,
+            mlClient,
+            context.core.savedObjects.client,
+            jobSavedObjectService,
+            request,
+            moduleId
+          );
 
-        return response.ok({ body: results });
-      } catch (e) {
-        return response.customError(wrapError(e));
+          return response.ok({ body: results });
+        } catch (e) {
+          return response.customError(wrapError(e));
+        }
       }
-    })
+    )
   );
 
   /**
@@ -442,49 +479,53 @@ export function dataRecognizer({ router, routeGuard }: RouteInitialization) {
         tags: ['access:ml:canCreateJob'],
       },
     },
-    routeGuard.fullLicenseAPIGuard(async ({ client, mlClient, request, response, context }) => {
-      try {
-        const { moduleId } = request.params;
-
-        const {
-          prefix,
-          groups,
-          indexPatternName,
-          query,
-          useDedicatedIndex,
-          startDatafeed,
-          start,
-          end,
-          jobOverrides,
-          datafeedOverrides,
-          estimateModelMemory,
-        } = request.body as TypeOf<typeof setupModuleBodySchema>;
+    routeGuard.fullLicenseAPIGuard(
+      async ({ client, mlClient, request, response, context, jobSavedObjectService }) => {
+        try {
+          const { moduleId } = request.params;
 
-        const result = await setup(
-          client,
-          mlClient,
+          const {
+            prefix,
+            groups,
+            indexPatternName,
+            query,
+            useDedicatedIndex,
+            startDatafeed,
+            start,
+            end,
+            jobOverrides,
+            datafeedOverrides,
+            estimateModelMemory,
+            applyToAllSpaces,
+          } = request.body as TypeOf<typeof setupModuleBodySchema>;
 
-          context.core.savedObjects.client,
-          request,
-          moduleId,
-          prefix,
-          groups,
-          indexPatternName,
-          query,
-          useDedicatedIndex,
-          startDatafeed,
-          start,
-          end,
-          jobOverrides,
-          datafeedOverrides,
-          estimateModelMemory
-        );
+          const result = await setup(
+            client,
+            mlClient,
+            context.core.savedObjects.client,
+            jobSavedObjectService,
+            request,
+            moduleId,
+            prefix,
+            groups,
+            indexPatternName,
+            query,
+            useDedicatedIndex,
+            startDatafeed,
+            start,
+            end,
+            jobOverrides,
+            datafeedOverrides,
+            estimateModelMemory,
+            applyToAllSpaces
+          );
 
-        return response.ok({ body: result });
-      } catch (e) {
-        return response.customError(wrapError(e));
+          return response.ok({ body: result });
+        } catch (e) {
+          return response.customError(wrapError(e));
+        }
       }
-    })
+    )
   );
 
   /**
@@ -549,22 +590,24 @@ export function dataRecognizer({ router, routeGuard }: RouteInitialization) {
         tags: ['access:ml:canGetJobs'],
       },
     },
-    routeGuard.fullLicenseAPIGuard(async ({ client, mlClient, request, response, context }) => {
-      try {
-        const { moduleId } = request.params;
-        const result = await dataRecognizerJobsExist(
-          client,
-          mlClient,
+    routeGuard.fullLicenseAPIGuard(
+      async ({ client, mlClient, request, response, context, jobSavedObjectService }) => {
+        try {
+          const { moduleId } = request.params;
+          const result = await dataRecognizerJobsExist(
+            client,
+            mlClient,
+            context.core.savedObjects.client,
+            jobSavedObjectService,
+            request,
+            moduleId
+          );
 
-          context.core.savedObjects.client,
-          request,
-          moduleId
-        );
-
-        return response.ok({ body: result });
-      } catch (e) {
-        return response.customError(wrapError(e));
+          return response.ok({ body: result });
+        } catch (e) {
+          return response.customError(wrapError(e));
+        }
       }
-    })
+    )
   );
 }
diff --git a/x-pack/plugins/ml/server/routes/schemas/modules.ts b/x-pack/plugins/ml/server/routes/schemas/modules.ts
index e2b58cf2ce8f2..5fe621fee5ea1 100644
--- a/x-pack/plugins/ml/server/routes/schemas/modules.ts
+++ b/x-pack/plugins/ml/server/routes/schemas/modules.ts
@@ -69,6 +69,11 @@ export const setupModuleBodySchema = schema.object({
    * should be made by checking the cardinality of fields in the job configurations (optional).
    */
   estimateModelMemory: schema.maybe(schema.boolean()),
+
+  /**
+   * Add each job created to the * space (optional)
+   */
+  applyToAllSpaces: schema.maybe(schema.boolean()),
 });
 
 export const optionalModuleIdParamSchema = schema.object({
diff --git a/x-pack/plugins/ml/server/saved_objects/authorization.ts b/x-pack/plugins/ml/server/saved_objects/authorization.ts
new file mode 100644
index 0000000000000..815ff29ae010c
--- /dev/null
+++ b/x-pack/plugins/ml/server/saved_objects/authorization.ts
@@ -0,0 +1,39 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { KibanaRequest } from 'kibana/server';
+import type { SecurityPluginSetup } from '../../../security/server';
+
+export function authorizationProvider(authorization: SecurityPluginSetup['authz']) {
+  async function authorizationCheck(request: KibanaRequest) {
+    const checkPrivilegesWithRequest = authorization.checkPrivilegesWithRequest(request);
+    // Checking privileges "dynamically" will check against the current space, if spaces are enabled.
+    // If spaces are disabled, then this will check privileges globally instead.
+    // SO, if spaces are disabled, then you don't technically need to perform this check, but I included it here
+    // for completeness.
+    const checkPrivilegesDynamicallyWithRequest = authorization.checkPrivilegesDynamicallyWithRequest(
+      request
+    );
+    const createMLJobAuthorizationAction = authorization.actions.savedObject.get(
+      'ml-job',
+      'create'
+    );
+    const canCreateGlobally = (
+      await checkPrivilegesWithRequest.globally({
+        kibana: [createMLJobAuthorizationAction],
+      })
+    ).hasAllRequested;
+    const canCreateAtSpace = (
+      await checkPrivilegesDynamicallyWithRequest({ kibana: [createMLJobAuthorizationAction] })
+    ).hasAllRequested;
+    return {
+      canCreateGlobally,
+      canCreateAtSpace,
+    };
+  }
+
+  return { authorizationCheck };
+}
diff --git a/x-pack/plugins/ml/server/saved_objects/initialization/index.ts b/x-pack/plugins/ml/server/saved_objects/initialization/index.ts
new file mode 100644
index 0000000000000..1438d55bfeced
--- /dev/null
+++ b/x-pack/plugins/ml/server/saved_objects/initialization/index.ts
@@ -0,0 +1,7 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export { jobSavedObjectsInitializationFactory } from './initialization';
diff --git a/x-pack/plugins/ml/server/saved_objects/initialization.ts b/x-pack/plugins/ml/server/saved_objects/initialization/initialization.ts
similarity index 78%
rename from x-pack/plugins/ml/server/saved_objects/initialization.ts
rename to x-pack/plugins/ml/server/saved_objects/initialization/initialization.ts
index a446433082ad7..5edf35c033177 100644
--- a/x-pack/plugins/ml/server/saved_objects/initialization.ts
+++ b/x-pack/plugins/ml/server/saved_objects/initialization/initialization.ts
@@ -5,11 +5,13 @@
  */
 
 import { IScopedClusterClient, CoreStart, SavedObjectsClientContract } from 'kibana/server';
-import { savedObjectClientsFactory } from './util';
-import { repairFactory } from './repair';
-import { jobSavedObjectServiceFactory, JobObject } from './service';
-import { mlLog } from '../lib/log';
-import { ML_SAVED_OBJECT_TYPE } from '../../common/types/saved_objects';
+import { savedObjectClientsFactory } from '../util';
+import { repairFactory } from '../repair';
+import { jobSavedObjectServiceFactory, JobObject } from '../service';
+import { mlLog } from '../../lib/log';
+import { ML_SAVED_OBJECT_TYPE } from '../../../common/types/saved_objects';
+import { createJobSpaceOverrides } from './space_overrides';
+import type { SecurityPluginSetup } from '../../../../security/server';
 
 /**
  * Creates initializeJobs function which is used to check whether
@@ -17,7 +19,11 @@ import { ML_SAVED_OBJECT_TYPE } from '../../common/types/saved_objects';
  *
  * @param core: CoreStart
  */
-export function jobSavedObjectsInitializationFactory(core: CoreStart, spacesEnabled: boolean) {
+export function jobSavedObjectsInitializationFactory(
+  core: CoreStart,
+  security: SecurityPluginSetup | undefined,
+  spacesEnabled: boolean
+) {
   const client = (core.elasticsearch.client as unknown) as IScopedClusterClient;
 
   /**
@@ -35,22 +41,26 @@ export function jobSavedObjectsInitializationFactory(core: CoreStart, spacesEnab
         return;
       }
 
+      if ((await _needsInitializing(savedObjectsClient)) === false) {
+        // ml job saved objects have already been initialized
+        return;
+      }
+
       const jobSavedObjectService = jobSavedObjectServiceFactory(
         savedObjectsClient,
         savedObjectsClient,
         spacesEnabled,
+        security?.authz,
         () => Promise.resolve() // pretend isMlReady, to allow us to initialize the saved objects
       );
 
-      if ((await _needsInitializing(savedObjectsClient)) === false) {
-        // ml job saved objects have already been initialized
-        return;
-      }
-
       mlLog.info('Initializing job saved objects');
+      // create space overrides for specific jobs
+      const jobSpaceOverrides = await createJobSpaceOverrides(client);
+      // initialize jobs
       const { initSavedObjects } = repairFactory(client, jobSavedObjectService);
-      const { jobs } = await initSavedObjects();
-      mlLog.info(`${jobs.length} job saved objects initialized for * space`);
+      const { jobs } = await initSavedObjects(false, jobSpaceOverrides);
+      mlLog.info(`${jobs.length} job saved objects initialized`);
     } catch (error) {
       mlLog.error(`Error Initializing jobs ${JSON.stringify(error)}`);
     }
diff --git a/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/index.ts b/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/index.ts
new file mode 100644
index 0000000000000..c6918bf905b4b
--- /dev/null
+++ b/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/index.ts
@@ -0,0 +1,7 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export { createJobSpaceOverrides } from './space_overrides';
diff --git a/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/logs.ts b/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/logs.ts
new file mode 100644
index 0000000000000..913692d40bb9d
--- /dev/null
+++ b/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/logs.ts
@@ -0,0 +1,54 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { IScopedClusterClient } from 'kibana/server';
+import RE2 from 're2';
+import { mlLog } from '../../../lib/log';
+import { Job } from '../../../../common/types/anomaly_detection_jobs';
+
+const GROUP = 'logs-ui';
+const MODULE_PREFIX = 'kibana-logs-ui';
+const SOURCES = ['default', 'internal-stack-monitoring'];
+const JOB_IDS = ['log-entry-rate', 'log-entry-categories-count'];
+
+// jobs created by the logs plugin will be in the logs-ui group
+// they contain the a space name in the job id, and so the id can be parsed
+// and the job assigned to the correct space.
+export async function logJobsSpaces({
+  asInternalUser,
+}: IScopedClusterClient): Promise<Array<{ id: string; space: string }>> {
+  try {
+    const { body } = await asInternalUser.ml.getJobs<{ jobs: Job[] }>({
+      job_id: GROUP,
+    });
+    if (body.jobs.length === 0) {
+      return [];
+    }
+
+    const findLogJobSpace = findLogJobSpaceFactory();
+    return body.jobs
+      .map((j) => ({ id: j.job_id, space: findLogJobSpace(j.job_id) }))
+      .filter((j) => j.space !== null) as Array<{ id: string; space: string }>;
+  } catch ({ body }) {
+    if (body.status !== 404) {
+      // 404s are expected if there are no logs-ui jobs
+      mlLog.error(`Error Initializing Logs job ${JSON.stringify(body)}`);
+    }
+  }
+  return [];
+}
+
+function findLogJobSpaceFactory() {
+  const reg = new RE2(`${MODULE_PREFIX}-(.+)-(${SOURCES.join('|')})-(${JOB_IDS.join('|')})`);
+
+  return (jobId: string) => {
+    const result = reg.exec(jobId);
+    if (result === null) {
+      return null;
+    }
+    return result[1] ?? null;
+  };
+}
diff --git a/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/metrics.ts b/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/metrics.ts
new file mode 100644
index 0000000000000..c0a88567a0c1d
--- /dev/null
+++ b/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/metrics.ts
@@ -0,0 +1,61 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { IScopedClusterClient } from 'kibana/server';
+import RE2 from 're2';
+import { mlLog } from '../../../lib/log';
+import { Job } from '../../../../common/types/anomaly_detection_jobs';
+
+const GROUP = 'metrics';
+const MODULE_PREFIX = 'kibana-metrics-ui';
+const SOURCES = ['default', 'internal-stack-monitoring'];
+const JOB_IDS = [
+  'k8s_memory_usage',
+  'k8s_network_in',
+  'k8s_network_out',
+  'hosts_memory_usage',
+  'hosts_network_in',
+  'hosts_network_out',
+];
+
+// jobs created by the logs plugin will be in the metrics group
+// they contain the a space name in the job id, and so the id can be parsed
+// and the job assigned to the correct space.
+export async function metricsJobsSpaces({
+  asInternalUser,
+}: IScopedClusterClient): Promise<Array<{ id: string; space: string }>> {
+  try {
+    const { body } = await asInternalUser.ml.getJobs<{ jobs: Job[] }>({
+      job_id: GROUP,
+    });
+    if (body.jobs.length === 0) {
+      return [];
+    }
+
+    const findMetricJobSpace = findMetricsJobSpaceFactory();
+    return body.jobs
+      .map((j) => ({ id: j.job_id, space: findMetricJobSpace(j.job_id) }))
+      .filter((j) => j.space !== null) as Array<{ id: string; space: string }>;
+  } catch ({ body }) {
+    if (body.status !== 404) {
+      // 404s are expected if there are no metrics jobs
+      mlLog.error(`Error Initializing Metrics job ${JSON.stringify(body)}`);
+    }
+  }
+  return [];
+}
+
+function findMetricsJobSpaceFactory() {
+  const reg = new RE2(`${MODULE_PREFIX}-(.+)-(${SOURCES.join('|')})-(${JOB_IDS.join('|')})`);
+
+  return (jobId: string) => {
+    const result = reg.exec(jobId);
+    if (result === null) {
+      return null;
+    }
+    return result[1] ?? null;
+  };
+}
diff --git a/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/space_overrides.test.ts b/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/space_overrides.test.ts
new file mode 100644
index 0000000000000..93d17f21a9c63
--- /dev/null
+++ b/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/space_overrides.test.ts
@@ -0,0 +1,72 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { IScopedClusterClient } from 'kibana/server';
+import { createJobSpaceOverrides } from './space_overrides';
+
+const jobs = [
+  {
+    job_id: 'kibana-logs-ui-default-default-log-entry-rate',
+  },
+  {
+    job_id: 'kibana-logs-ui-other_space-default-log-entry-rate',
+  },
+  {
+    job_id: 'kibana-logs-ui-other_space-default-log-entry-categories-count',
+  },
+  {
+    job_id: 'kibana-logs-ui-other_space-internal-stack-monitoring-log-entry-rate',
+  },
+  {
+    job_id: 'kibana-logs-ui-other_space-dinosaur-log-entry-rate', // shouldn't match
+  },
+  {
+    job_id: 'kibana-logs-ui-other_space-default-dinosaur', // shouldn't match
+  },
+  {
+    job_id: 'kibana-metrics-ui-default-default-k8s_memory_usage',
+  },
+  {
+    job_id: 'kibana-metrics-ui-other_space-default-hosts_network_in',
+  },
+];
+
+const result = {
+  overrides: {
+    'anomaly-detector': {
+      'kibana-logs-ui-default-default-log-entry-rate': ['default'],
+      'kibana-logs-ui-other_space-default-log-entry-rate': ['other_space'],
+      'kibana-logs-ui-other_space-default-log-entry-categories-count': ['other_space'],
+      'kibana-logs-ui-other_space-internal-stack-monitoring-log-entry-rate': ['other_space'],
+      'kibana-metrics-ui-default-default-k8s_memory_usage': ['default'],
+      'kibana-metrics-ui-other_space-default-hosts_network_in': ['other_space'],
+    },
+    'data-frame-analytics': {},
+  },
+};
+
+const callAs = {
+  ml: {
+    getJobs: jest.fn(() =>
+      Promise.resolve({
+        body: { jobs },
+      })
+    ),
+  },
+};
+
+const mlClusterClient = ({
+  asInternalUser: callAs,
+} as unknown) as IScopedClusterClient;
+
+describe('ML - job initialization', () => {
+  describe('createJobSpaceOverrides', () => {
+    it('should apply job overrides correctly', async () => {
+      const overrides = await createJobSpaceOverrides(mlClusterClient);
+      expect(overrides).toEqual(result);
+    });
+  });
+});
diff --git a/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/space_overrides.ts b/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/space_overrides.ts
new file mode 100644
index 0000000000000..d8c713888051f
--- /dev/null
+++ b/x-pack/plugins/ml/server/saved_objects/initialization/space_overrides/space_overrides.ts
@@ -0,0 +1,30 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { IScopedClusterClient } from 'kibana/server';
+import type { JobSpaceOverrides } from '../../repair';
+import { logJobsSpaces } from './logs';
+import { metricsJobsSpaces } from './metrics';
+
+// create a list of jobs and specific spaces to place them in
+// when the are being initialized.
+export async function createJobSpaceOverrides(
+  clusterClient: IScopedClusterClient
+): Promise<JobSpaceOverrides> {
+  const spaceOverrides: JobSpaceOverrides = {
+    overrides: {
+      'anomaly-detector': {},
+      'data-frame-analytics': {},
+    },
+  };
+  (await logJobsSpaces(clusterClient)).forEach(
+    (o) => (spaceOverrides.overrides['anomaly-detector'][o.id] = [o.space])
+  );
+  (await metricsJobsSpaces(clusterClient)).forEach(
+    (o) => (spaceOverrides.overrides['anomaly-detector'][o.id] = [o.space])
+  );
+  return spaceOverrides;
+}
diff --git a/x-pack/plugins/ml/server/saved_objects/repair.ts b/x-pack/plugins/ml/server/saved_objects/repair.ts
index 9271032f83aec..1b0b4b2609a91 100644
--- a/x-pack/plugins/ml/server/saved_objects/repair.ts
+++ b/x-pack/plugins/ml/server/saved_objects/repair.ts
@@ -7,11 +7,17 @@
 import Boom from '@hapi/boom';
 import { IScopedClusterClient } from 'kibana/server';
 import type { JobObject, JobSavedObjectService } from './service';
-import { JobType } from '../../common/types/saved_objects';
+import { JobType, RepairSavedObjectResponse } from '../../common/types/saved_objects';
 import { checksFactory } from './checks';
 
 import { Datafeed } from '../../common/types/anomaly_detection_jobs';
 
+export interface JobSpaceOverrides {
+  overrides: {
+    [type in JobType]: { [jobId: string]: string[] };
+  };
+}
+
 export function repairFactory(
   client: IScopedClusterClient,
   jobSavedObjectService: JobSavedObjectService
@@ -19,13 +25,7 @@ export function repairFactory(
   const { checkStatus } = checksFactory(client, jobSavedObjectService);
 
   async function repairJobs(simulate: boolean = false) {
-    type Result = Record<string, { success: boolean; error?: any }>;
-    const results: {
-      savedObjectsCreated: Result;
-      savedObjectsDeleted: Result;
-      datafeedsAdded: Result;
-      datafeedsRemoved: Result;
-    } = {
+    const results: RepairSavedObjectResponse = {
       savedObjectsCreated: {},
       savedObjectsDeleted: {},
       datafeedsAdded: {},
@@ -173,14 +173,14 @@ export function repairFactory(
     return results;
   }
 
-  async function initSavedObjects(simulate: boolean = false, namespaces: string[] = ['*']) {
+  async function initSavedObjects(simulate: boolean = false, spaceOverrides?: JobSpaceOverrides) {
     const results: { jobs: Array<{ id: string; type: string }>; success: boolean; error?: any } = {
       jobs: [],
       success: true,
     };
     const status = await checkStatus();
 
-    const jobs: JobObject[] = [];
+    const jobs: Array<{ job: JobObject; namespaces: string[] }> = [];
     const types: JobType[] = ['anomaly-detector', 'data-frame-analytics'];
 
     types.forEach((type) => {
@@ -190,22 +190,28 @@ export function repairFactory(
             results.jobs.push({ id: job.jobId, type });
           } else {
             jobs.push({
-              job_id: job.jobId,
-              datafeed_id: job.datafeedId ?? null,
-              type,
+              job: {
+                job_id: job.jobId,
+                datafeed_id: job.datafeedId ?? null,
+                type,
+              },
+              // allow some jobs to be assigned to specific spaces when initializing
+              namespaces: spaceOverrides?.overrides[type][job.jobId] ?? ['*'],
             });
           }
         }
       });
     });
+
     try {
-      const createResults = await jobSavedObjectService.bulkCreateJobs(jobs, namespaces);
+      const createResults = await jobSavedObjectService.bulkCreateJobs(jobs);
       createResults.saved_objects.forEach(({ attributes }) => {
         results.jobs.push({
           id: attributes.job_id,
           type: attributes.type,
         });
       });
+      return { jobs: jobs.map((j) => j.job.job_id) };
     } catch (error) {
       results.success = false;
       results.error = Boom.boomify(error).output;
diff --git a/x-pack/plugins/ml/server/saved_objects/service.ts b/x-pack/plugins/ml/server/saved_objects/service.ts
index a2453b9ab3fa1..1193dfde85f1c 100644
--- a/x-pack/plugins/ml/server/saved_objects/service.ts
+++ b/x-pack/plugins/ml/server/saved_objects/service.ts
@@ -5,9 +5,11 @@
  */
 
 import RE2 from 're2';
-import { SavedObjectsClientContract, SavedObjectsFindOptions } from 'kibana/server';
+import { KibanaRequest, SavedObjectsClientContract, SavedObjectsFindOptions } from 'kibana/server';
+import type { SecurityPluginSetup } from '../../../security/server';
 import { JobType, ML_SAVED_OBJECT_TYPE } from '../../common/types/saved_objects';
 import { MLJobNotFound } from '../lib/ml_client';
+import { authorizationProvider } from './authorization';
 
 export interface JobObject {
   job_id: string;
@@ -22,6 +24,7 @@ export function jobSavedObjectServiceFactory(
   savedObjectsClient: SavedObjectsClientContract,
   internalSavedObjectsClient: SavedObjectsClientContract,
   spacesEnabled: boolean,
+  authorization: SecurityPluginSetup['authz'] | undefined,
   isMlReady: () => Promise<void>
 ) {
   async function _getJobObjects(
@@ -58,29 +61,33 @@ export function jobSavedObjectServiceFactory(
 
   async function _createJob(jobType: JobType, jobId: string, datafeedId?: string) {
     await isMlReady();
-    await savedObjectsClient.create<JobObject>(
-      ML_SAVED_OBJECT_TYPE,
-      {
-        job_id: jobId,
-        datafeed_id: datafeedId ?? null,
-        type: jobType,
-      },
-      { id: jobId, overwrite: true }
-    );
+    const job: JobObject = {
+      job_id: jobId,
+      datafeed_id: datafeedId ?? null,
+      type: jobType,
+    };
+    await savedObjectsClient.create<JobObject>(ML_SAVED_OBJECT_TYPE, job, {
+      id: savedObjectId(job),
+      overwrite: true,
+    });
   }
 
-  async function _bulkCreateJobs(jobs: JobObject[], namespaces?: string[]) {
+  async function _bulkCreateJobs(jobs: Array<{ job: JobObject; namespaces: string[] }>) {
     await isMlReady();
     return await savedObjectsClient.bulkCreate<JobObject>(
       jobs.map((j) => ({
         type: ML_SAVED_OBJECT_TYPE,
-        id: j.job_id,
-        attributes: j,
-        initialNamespaces: namespaces,
+        id: savedObjectId(j.job),
+        attributes: j.job,
+        initialNamespaces: j.namespaces,
       }))
     );
   }
 
+  function savedObjectId(job: JobObject) {
+    return `${job.type}-${job.job_id}`;
+  }
+
   async function _deleteJob(jobType: JobType, jobId: string) {
     const jobs = await _getJobObjects(jobType, jobId);
     const job = jobs[0];
@@ -107,8 +114,8 @@ export function jobSavedObjectServiceFactory(
     await _deleteJob('data-frame-analytics', jobId);
   }
 
-  async function bulkCreateJobs(jobs: JobObject[], namespaces?: string[]) {
-    return await _bulkCreateJobs(jobs, namespaces);
+  async function bulkCreateJobs(jobs: Array<{ job: JobObject; namespaces: string[] }>) {
+    return await _bulkCreateJobs(jobs);
   }
 
   async function getAllJobObjects(jobType?: JobType, currentSpaceOnly: boolean = true) {
@@ -279,6 +286,14 @@ export function jobSavedObjectServiceFactory(
     return results;
   }
 
+  async function canCreateGlobalJobs(request: KibanaRequest) {
+    if (authorization === undefined) {
+      return true;
+    }
+    const { authorizationCheck } = authorizationProvider(authorization);
+    return (await authorizationCheck(request)).canCreateGlobally;
+  }
+
   return {
     getAllJobObjects,
     createAnomalyDetectionJob,
@@ -295,6 +310,7 @@ export function jobSavedObjectServiceFactory(
     removeJobsFromSpaces,
     bulkCreateJobs,
     getAllJobObjectsForAllSpaces,
+    canCreateGlobalJobs,
   };
 }
 
diff --git a/x-pack/plugins/ml/server/shared_services/providers/modules.ts b/x-pack/plugins/ml/server/shared_services/providers/modules.ts
index ede92208902ae..05a7dba1973eb 100644
--- a/x-pack/plugins/ml/server/shared_services/providers/modules.ts
+++ b/x-pack/plugins/ml/server/shared_services/providers/modules.ts
@@ -10,6 +10,7 @@ import { DataRecognizer } from '../../models/data_recognizer';
 import { GetGuards } from '../shared_services';
 import { moduleIdParamSchema, setupModuleBodySchema } from '../../routes/schemas/modules';
 import { MlClient } from '../../lib/ml_client';
+import { JobSavedObjectService } from '../../saved_objects';
 
 export type ModuleSetupPayload = TypeOf<typeof moduleIdParamSchema> &
   TypeOf<typeof setupModuleBodySchema>;
@@ -34,8 +35,14 @@ export function getModulesProvider(getGuards: GetGuards): ModulesProvider {
           return await getGuards(request, savedObjectsClient)
             .isFullLicense()
             .hasMlCapabilities(['canGetJobs'])
-            .ok(async ({ scopedClient, mlClient }) => {
-              const dr = dataRecognizerFactory(scopedClient, mlClient, savedObjectsClient, request);
+            .ok(async ({ scopedClient, mlClient, jobSavedObjectService }) => {
+              const dr = dataRecognizerFactory(
+                scopedClient,
+                mlClient,
+                savedObjectsClient,
+                jobSavedObjectService,
+                request
+              );
               return dr.findMatches(...args);
             });
         },
@@ -43,8 +50,14 @@ export function getModulesProvider(getGuards: GetGuards): ModulesProvider {
           return await getGuards(request, savedObjectsClient)
             .isFullLicense()
             .hasMlCapabilities(['canGetJobs'])
-            .ok(async ({ scopedClient, mlClient }) => {
-              const dr = dataRecognizerFactory(scopedClient, mlClient, savedObjectsClient, request);
+            .ok(async ({ scopedClient, mlClient, jobSavedObjectService }) => {
+              const dr = dataRecognizerFactory(
+                scopedClient,
+                mlClient,
+                savedObjectsClient,
+                jobSavedObjectService,
+                request
+              );
               return dr.getModule(moduleId);
             });
         },
@@ -52,8 +65,14 @@ export function getModulesProvider(getGuards: GetGuards): ModulesProvider {
           return await getGuards(request, savedObjectsClient)
             .isFullLicense()
             .hasMlCapabilities(['canGetJobs'])
-            .ok(async ({ scopedClient, mlClient }) => {
-              const dr = dataRecognizerFactory(scopedClient, mlClient, savedObjectsClient, request);
+            .ok(async ({ scopedClient, mlClient, jobSavedObjectService }) => {
+              const dr = dataRecognizerFactory(
+                scopedClient,
+                mlClient,
+                savedObjectsClient,
+                jobSavedObjectService,
+                request
+              );
               return dr.listModules();
             });
         },
@@ -61,8 +80,14 @@ export function getModulesProvider(getGuards: GetGuards): ModulesProvider {
           return await getGuards(request, savedObjectsClient)
             .isFullLicense()
             .hasMlCapabilities(['canCreateJob'])
-            .ok(async ({ scopedClient, mlClient }) => {
-              const dr = dataRecognizerFactory(scopedClient, mlClient, savedObjectsClient, request);
+            .ok(async ({ scopedClient, mlClient, jobSavedObjectService }) => {
+              const dr = dataRecognizerFactory(
+                scopedClient,
+                mlClient,
+                savedObjectsClient,
+                jobSavedObjectService,
+                request
+              );
               return dr.setup(
                 payload.moduleId,
                 payload.prefix,
@@ -88,7 +113,8 @@ function dataRecognizerFactory(
   client: IScopedClusterClient,
   mlClient: MlClient,
   savedObjectsClient: SavedObjectsClientContract,
+  jobSavedObjectService: JobSavedObjectService,
   request: KibanaRequest
 ) {
-  return new DataRecognizer(client, mlClient, savedObjectsClient, request);
+  return new DataRecognizer(client, mlClient, savedObjectsClient, jobSavedObjectService, request);
 }
diff --git a/x-pack/plugins/ml/server/shared_services/shared_services.ts b/x-pack/plugins/ml/server/shared_services/shared_services.ts
index 85e24dd7f2819..dc7bc06fde7d5 100644
--- a/x-pack/plugins/ml/server/shared_services/shared_services.ts
+++ b/x-pack/plugins/ml/server/shared_services/shared_services.ts
@@ -12,7 +12,8 @@ import { SpacesPluginSetup } from '../../../spaces/server';
 import { KibanaRequest } from '../../.././../../src/core/server/http';
 import { MlLicense } from '../../common/license';
 
-import { CloudSetup } from '../../../cloud/server';
+import type { CloudSetup } from '../../../cloud/server';
+import type { SecurityPluginSetup } from '../../../security/server';
 import { licenseChecks } from './license_checks';
 import { MlSystemProvider, getMlSystemProvider } from './providers/system';
 import { JobServiceProvider, getJobServiceProvider } from './providers/job_service';
@@ -26,7 +27,7 @@ import { ResolveMlCapabilities, MlCapabilitiesKey } from '../../common/types/cap
 import { hasMlCapabilitiesProvider, HasMlCapabilities } from '../lib/capabilities';
 import { MLClusterClientUninitialized } from './errors';
 import { MlClient, getMlClient } from '../lib/ml_client';
-import { jobSavedObjectServiceFactory } from '../saved_objects';
+import { jobSavedObjectServiceFactory, JobSavedObjectService } from '../saved_objects';
 
 export type SharedServices = JobServiceProvider &
   AnomalyDetectorsProvider &
@@ -53,6 +54,7 @@ export interface SharedServicesChecks {
 interface OkParams {
   scopedClient: IScopedClusterClient;
   mlClient: MlClient;
+  jobSavedObjectService: JobSavedObjectService;
 }
 
 type OkCallback = (okParams: OkParams) => any;
@@ -61,6 +63,7 @@ export function createSharedServices(
   mlLicense: MlLicense,
   spacesPlugin: SpacesPluginSetup | undefined,
   cloud: CloudSetup,
+  authorization: SecurityPluginSetup['authz'] | undefined,
   resolveMlCapabilities: ResolveMlCapabilities,
   getClusterClient: () => IClusterClient | null,
   getInternalSavedObjectsClient: () => SavedObjectsClientContract | null,
@@ -80,11 +83,14 @@ export function createSharedServices(
       getClusterClient,
       savedObjectsClient,
       internalSavedObjectsClient,
+      authorization,
       spacesPlugin !== undefined,
       isMlReady
     );
 
-    const { hasMlCapabilities, scopedClient, mlClient } = getRequestItems(request);
+    const { hasMlCapabilities, scopedClient, mlClient, jobSavedObjectService } = getRequestItems(
+      request
+    );
     const asyncGuards: Array<Promise<void>> = [];
 
     const guards: Guards = {
@@ -102,7 +108,7 @@ export function createSharedServices(
       },
       async ok(callback: OkCallback) {
         await Promise.all(asyncGuards);
-        return callback({ scopedClient, mlClient });
+        return callback({ scopedClient, mlClient, jobSavedObjectService });
       },
     };
     return guards;
@@ -122,6 +128,7 @@ function getRequestItemsProvider(
   getClusterClient: () => IClusterClient | null,
   savedObjectsClient: SavedObjectsClientContract,
   internalSavedObjectsClient: SavedObjectsClientContract,
+  authorization: SecurityPluginSetup['authz'] | undefined,
   spaceEnabled: boolean,
   isMlReady: () => Promise<void>
 ) {
@@ -138,6 +145,7 @@ function getRequestItemsProvider(
       savedObjectsClient,
       internalSavedObjectsClient,
       spaceEnabled,
+      authorization,
       isMlReady
     );
 
@@ -158,6 +166,6 @@ function getRequestItemsProvider(
       };
       mlClient = getMlClient(scopedClient, jobSavedObjectService);
     }
-    return { hasMlCapabilities, scopedClient, mlClient };
+    return { hasMlCapabilities, scopedClient, mlClient, jobSavedObjectService };
   };
 }
diff --git a/x-pack/plugins/security/common/licensing/index.mock.ts b/x-pack/plugins/security/common/licensing/index.mock.ts
index 87225f479ceed..df7d8cd7b416b 100644
--- a/x-pack/plugins/security/common/licensing/index.mock.ts
+++ b/x-pack/plugins/security/common/licensing/index.mock.ts
@@ -11,6 +11,7 @@ export const licenseMock = {
   create: (): jest.Mocked<SecurityLicense> => ({
     isLicenseAvailable: jest.fn(),
     isEnabled: jest.fn().mockReturnValue(true),
+    getType: jest.fn().mockReturnValue('basic'),
     getFeatures: jest.fn(),
     features$: of(),
   }),
diff --git a/x-pack/plugins/security/common/licensing/license_service.ts b/x-pack/plugins/security/common/licensing/license_service.ts
index 09b6ae95c282c..ca6366ef0bb8e 100644
--- a/x-pack/plugins/security/common/licensing/license_service.ts
+++ b/x-pack/plugins/security/common/licensing/license_service.ts
@@ -6,12 +6,13 @@
 
 import { Observable, Subscription } from 'rxjs';
 import { map } from 'rxjs/operators';
-import { ILicense } from '../../../licensing/common/types';
+import { ILicense, LicenseType } from '../../../licensing/common/types';
 import { SecurityLicenseFeatures } from './license_features';
 
 export interface SecurityLicense {
   isLicenseAvailable(): boolean;
   isEnabled(): boolean;
+  getType(): LicenseType | undefined;
   getFeatures(): SecurityLicenseFeatures;
   features$: Observable<SecurityLicenseFeatures>;
 }
@@ -36,6 +37,8 @@ export class SecurityLicenseService {
 
         isEnabled: () => this.isSecurityEnabledFromRawLicense(rawLicense),
 
+        getType: () => rawLicense?.type,
+
         getFeatures: () => this.calculateFeaturesFromRawLicense(rawLicense),
 
         features$: license$.pipe(
diff --git a/x-pack/plugins/security/public/management/roles/__fixtures__/kibana_privileges.ts b/x-pack/plugins/security/public/management/roles/__fixtures__/kibana_privileges.ts
index 02a18039cee74..66e8eff323313 100644
--- a/x-pack/plugins/security/public/management/roles/__fixtures__/kibana_privileges.ts
+++ b/x-pack/plugins/security/public/management/roles/__fixtures__/kibana_privileges.ts
@@ -23,6 +23,7 @@ export const createRawKibanaPrivileges = (
 
   const licensingService = {
     getFeatures: () => ({ allowSubFeaturePrivileges } as SecurityLicenseFeatures),
+    getType: () => 'basic' as const,
   };
 
   return privilegesFactory(
diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/__snapshots__/elasticsearch_privileges.test.tsx.snap b/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/__snapshots__/elasticsearch_privileges.test.tsx.snap
index a2e46af19bf34..173ae4f081ed7 100644
--- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/__snapshots__/elasticsearch_privileges.test.tsx.snap
+++ b/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/__snapshots__/elasticsearch_privileges.test.tsx.snap
@@ -183,6 +183,7 @@ exports[`it renders without crashing 1`] = `
           "_subscribe": [Function],
         },
         "getFeatures": [MockFunction],
+        "getType": [MockFunction],
         "isEnabled": [MockFunction],
         "isLicenseAvailable": [MockFunction],
       }
diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/sub_feature_form.test.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/sub_feature_form.test.tsx
index eba94338d52d3..e08871d1a645c 100644
--- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/sub_feature_form.test.tsx
+++ b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/sub_feature_form.test.tsx
@@ -14,6 +14,7 @@ import { mountWithIntl } from '@kbn/test/jest';
 import { SubFeatureForm } from './sub_feature_form';
 import { EuiCheckbox, EuiButtonGroup } from '@elastic/eui';
 import { act } from '@testing-library/react';
+import { KibanaFeature } from '../../../../../../../../features/public';
 
 // Note: these tests are not concerned with the proper display of privileges,
 // as that is verified by the feature_table and privilege_space_form tests.
@@ -234,4 +235,65 @@ describe('SubFeatureForm', () => {
 
     expect(onChange).toHaveBeenCalledWith([]);
   });
+
+  it('does not render empty privilege groups', () => {
+    // privilege groups are filtered server-side to only include the
+    // sub-feature privileges that are allowed by the current license.
+
+    const role = createRole([
+      {
+        base: [],
+        feature: {
+          with_sub_features: ['cool_all'],
+        },
+        spaces: [],
+      },
+    ]);
+    const feature = new KibanaFeature({
+      id: 'test_feature',
+      name: 'test feature',
+      category: { id: 'test', label: 'test' },
+      app: [],
+      privileges: {
+        all: {
+          savedObject: { all: [], read: [] },
+          ui: [],
+        },
+        read: {
+          savedObject: { all: [], read: [] },
+          ui: [],
+        },
+      },
+      subFeatures: [
+        {
+          name: 'subFeature1',
+          privilegeGroups: [
+            {
+              groupType: 'independent',
+              privileges: [],
+            },
+          ],
+        },
+      ],
+    });
+    const subFeature1 = new SecuredSubFeature(feature.toRaw().subFeatures![0]);
+    const kibanaPrivileges = createKibanaPrivileges([feature]);
+    const calculator = new PrivilegeFormCalculator(kibanaPrivileges, role);
+
+    const onChange = jest.fn();
+
+    const wrapper = mountWithIntl(
+      <SubFeatureForm
+        featureId={feature.id}
+        subFeature={subFeature1}
+        selectedFeaturePrivileges={['cool_all']}
+        privilegeCalculator={calculator}
+        privilegeIndex={0}
+        onChange={onChange}
+        disabled={false}
+      />
+    );
+
+    expect(wrapper.children()).toMatchInlineSnapshot(`null`);
+  });
 });
diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/sub_feature_form.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/sub_feature_form.tsx
index 41e15387f9c47..9ffb50066a58e 100644
--- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/sub_feature_form.tsx
+++ b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/sub_feature_form.tsx
@@ -27,12 +27,20 @@ interface Props {
 }
 
 export const SubFeatureForm = (props: Props) => {
+  const groupsWithPrivileges = props.subFeature
+    .getPrivilegeGroups()
+    .filter((group) => group.privileges.length > 0);
+
+  if (groupsWithPrivileges.length === 0) {
+    return null;
+  }
+
   return (
     <EuiFlexGroup>
       <EuiFlexItem>
         <EuiText size="s">{props.subFeature.name}</EuiText>
       </EuiFlexItem>
-      <EuiFlexItem>{props.subFeature.getPrivilegeGroups().map(renderPrivilegeGroup)}</EuiFlexItem>
+      <EuiFlexItem>{groupsWithPrivileges.map(renderPrivilegeGroup)}</EuiFlexItem>
     </EuiFlexGroup>
   );
 
diff --git a/x-pack/plugins/security/public/plugin.test.tsx b/x-pack/plugins/security/public/plugin.test.tsx
index 6f5a2a031a7b2..d16662922f696 100644
--- a/x-pack/plugins/security/public/plugin.test.tsx
+++ b/x-pack/plugins/security/public/plugin.test.tsx
@@ -45,6 +45,7 @@ describe('Security Plugin', () => {
         license: {
           isLicenseAvailable: expect.any(Function),
           isEnabled: expect.any(Function),
+          getType: expect.any(Function),
           getFeatures: expect.any(Function),
           features$: expect.any(Observable),
         },
@@ -73,6 +74,7 @@ describe('Security Plugin', () => {
         license: {
           isLicenseAvailable: expect.any(Function),
           isEnabled: expect.any(Function),
+          getType: expect.any(Function),
           getFeatures: expect.any(Function),
           features$: expect.any(Observable),
         },
diff --git a/x-pack/plugins/security/server/authorization/privileges/feature_privilege_iterator/feature_privilege_iterator.test.ts b/x-pack/plugins/security/server/authorization/privileges/feature_privilege_iterator/feature_privilege_iterator.test.ts
index bdf2c87f40f0b..4f545fd5d17a5 100644
--- a/x-pack/plugins/security/server/authorization/privileges/feature_privilege_iterator/feature_privilege_iterator.test.ts
+++ b/x-pack/plugins/security/server/authorization/privileges/feature_privilege_iterator/feature_privilege_iterator.test.ts
@@ -20,6 +20,7 @@ describe('featurePrivilegeIterator', () => {
     const actualPrivileges = Array.from(
       featurePrivilegeIterator(feature, {
         augmentWithSubFeaturePrivileges: true,
+        licenseType: 'basic',
       })
     );
 
@@ -72,6 +73,7 @@ describe('featurePrivilegeIterator', () => {
     const actualPrivileges = Array.from(
       featurePrivilegeIterator(feature, {
         augmentWithSubFeaturePrivileges: true,
+        licenseType: 'basic',
       })
     );
 
@@ -164,6 +166,7 @@ describe('featurePrivilegeIterator', () => {
     const actualPrivileges = Array.from(
       featurePrivilegeIterator(feature, {
         augmentWithSubFeaturePrivileges: true,
+        licenseType: 'basic',
         predicate: (privilegeId) => privilegeId === 'all',
       })
     );
@@ -270,6 +273,7 @@ describe('featurePrivilegeIterator', () => {
     const actualPrivileges = Array.from(
       featurePrivilegeIterator(feature, {
         augmentWithSubFeaturePrivileges: false,
+        licenseType: 'basic',
       })
     );
 
@@ -394,6 +398,7 @@ describe('featurePrivilegeIterator', () => {
     const actualPrivileges = Array.from(
       featurePrivilegeIterator(feature, {
         augmentWithSubFeaturePrivileges: true,
+        licenseType: 'basic',
       })
     );
 
@@ -519,6 +524,7 @@ describe('featurePrivilegeIterator', () => {
     const actualPrivileges = Array.from(
       featurePrivilegeIterator(feature, {
         augmentWithSubFeaturePrivileges: true,
+        licenseType: 'basic',
       })
     );
 
@@ -645,6 +651,7 @@ describe('featurePrivilegeIterator', () => {
     const actualPrivileges = Array.from(
       featurePrivilegeIterator(feature, {
         augmentWithSubFeaturePrivileges: true,
+        licenseType: 'basic',
       })
     );
 
@@ -771,6 +778,7 @@ describe('featurePrivilegeIterator', () => {
     const actualPrivileges = Array.from(
       featurePrivilegeIterator(feature, {
         augmentWithSubFeaturePrivileges: true,
+        licenseType: 'basic',
       })
     );
 
@@ -818,6 +826,133 @@ describe('featurePrivilegeIterator', () => {
     ]);
   });
 
+  it('excludes sub feature privileges when the minimum license is not met', () => {
+    const feature = new KibanaFeature({
+      id: 'foo',
+      name: 'foo',
+      app: [],
+      category: { id: 'foo', label: 'foo' },
+      privileges: {
+        all: {
+          api: ['all-api', 'read-api'],
+          app: ['foo'],
+          catalogue: ['foo-catalogue'],
+          management: {
+            section: ['foo-management'],
+          },
+          savedObject: {
+            all: ['all-type'],
+            read: ['read-type'],
+          },
+          alerting: {
+            all: ['alerting-all-type'],
+            read: ['alerting-read-type'],
+          },
+          ui: ['ui-action'],
+        },
+        read: {
+          api: ['read-api'],
+          app: ['foo'],
+          catalogue: ['foo-catalogue'],
+          management: {
+            section: ['foo-management'],
+          },
+          savedObject: {
+            all: [],
+            read: ['read-type'],
+          },
+          alerting: {
+            read: ['alerting-read-type'],
+          },
+          ui: ['ui-action'],
+        },
+      },
+      subFeatures: [
+        {
+          name: 'sub feature 1',
+          privilegeGroups: [
+            {
+              groupType: 'independent',
+              privileges: [
+                {
+                  id: 'sub-feature-priv-1',
+                  name: 'first sub feature privilege',
+                  includeIn: 'all',
+                  minimumLicense: 'gold',
+                  api: ['sub-feature-api'],
+                  app: ['sub-app'],
+                  catalogue: ['sub-catalogue'],
+                  management: {
+                    section: ['other-sub-management'],
+                    kibana: ['sub-management'],
+                  },
+                  savedObject: {
+                    all: ['all-sub-type'],
+                    read: ['read-sub-type'],
+                  },
+                  alerting: {
+                    all: ['alerting-all-sub-type'],
+                    read: ['alerting-read-sub-type'],
+                  },
+                  ui: ['ui-sub-type'],
+                },
+              ],
+            },
+          ],
+        },
+      ],
+    });
+
+    const actualPrivileges = Array.from(
+      featurePrivilegeIterator(feature, {
+        augmentWithSubFeaturePrivileges: true,
+        licenseType: 'basic',
+      })
+    );
+
+    expect(actualPrivileges).toEqual([
+      {
+        privilegeId: 'all',
+        privilege: {
+          api: ['all-api', 'read-api'],
+          app: ['foo'],
+          catalogue: ['foo-catalogue'],
+          management: {
+            section: ['foo-management'],
+          },
+          savedObject: {
+            all: ['all-type'],
+            read: ['read-type'],
+          },
+          alerting: {
+            all: ['alerting-all-type'],
+            read: ['alerting-read-type'],
+          },
+          ui: ['ui-action'],
+        },
+      },
+      {
+        privilegeId: 'read',
+        privilege: {
+          api: ['read-api'],
+          app: ['foo'],
+          catalogue: ['foo-catalogue'],
+          management: {
+            section: ['foo-management'],
+          },
+          savedObject: {
+            all: [],
+            read: ['read-type'],
+          },
+          alerting: {
+            read: ['alerting-read-type'],
+          },
+          ui: ['ui-action'],
+        },
+      },
+    ]);
+  });
+
   it(`can augment primary feature privileges even if they don't specify their own`, () => {
     const feature = new KibanaFeature({
       id: 'foo',
@@ -878,6 +1013,7 @@ describe('featurePrivilegeIterator', () => {
     const actualPrivileges = Array.from(
       featurePrivilegeIterator(feature, {
         augmentWithSubFeaturePrivileges: true,
+        licenseType: 'basic',
       })
     );
 
@@ -995,6 +1131,7 @@ describe('featurePrivilegeIterator', () => {
     const actualPrivileges = Array.from(
       featurePrivilegeIterator(feature, {
         augmentWithSubFeaturePrivileges: true,
+        licenseType: 'basic',
       })
     );
 
diff --git a/x-pack/plugins/security/server/authorization/privileges/feature_privilege_iterator/feature_privilege_iterator.ts b/x-pack/plugins/security/server/authorization/privileges/feature_privilege_iterator/feature_privilege_iterator.ts
index dba33f7a4f360..47216baea2025 100644
--- a/x-pack/plugins/security/server/authorization/privileges/feature_privilege_iterator/feature_privilege_iterator.ts
+++ b/x-pack/plugins/security/server/authorization/privileges/feature_privilege_iterator/feature_privilege_iterator.ts
@@ -5,11 +5,13 @@
  */
 
 import _ from 'lodash';
+import { LicenseType } from '../../../../../licensing/server';
 import { KibanaFeature, FeatureKibanaPrivileges } from '../../../../../features/server';
 import { subFeaturePrivilegeIterator } from './sub_feature_privilege_iterator';
 
 interface IteratorOptions {
   augmentWithSubFeaturePrivileges: boolean;
+  licenseType: LicenseType;
   predicate?: (privilegeId: string, privilege: FeatureKibanaPrivileges) => boolean;
 }
 
@@ -25,7 +27,10 @@ export function* featurePrivilegeIterator(
     }
 
     if (options.augmentWithSubFeaturePrivileges) {
-      yield { privilegeId, privilege: mergeWithSubFeatures(privilegeId, privilege, feature) };
+      yield {
+        privilegeId,
+        privilege: mergeWithSubFeatures(privilegeId, privilege, feature, options.licenseType),
+      };
     } else {
       yield { privilegeId, privilege };
     }
@@ -35,10 +40,11 @@ export function* featurePrivilegeIterator(
 function mergeWithSubFeatures(
   privilegeId: string,
   privilege: FeatureKibanaPrivileges,
-  feature: KibanaFeature
+  feature: KibanaFeature,
+  licenseType: LicenseType
 ) {
   const mergedConfig = _.cloneDeep(privilege);
-  for (const subFeaturePrivilege of subFeaturePrivilegeIterator(feature)) {
+  for (const subFeaturePrivilege of subFeaturePrivilegeIterator(feature, licenseType)) {
     if (subFeaturePrivilege.includeIn !== 'read' && subFeaturePrivilege.includeIn !== privilegeId) {
       continue;
     }
diff --git a/x-pack/plugins/security/server/authorization/privileges/feature_privilege_iterator/sub_feature_privilege_iterator.ts b/x-pack/plugins/security/server/authorization/privileges/feature_privilege_iterator/sub_feature_privilege_iterator.ts
index d54b6d458d913..3a282eb8279f0 100644
--- a/x-pack/plugins/security/server/authorization/privileges/feature_privilege_iterator/sub_feature_privilege_iterator.ts
+++ b/x-pack/plugins/security/server/authorization/privileges/feature_privilege_iterator/sub_feature_privilege_iterator.ts
@@ -4,14 +4,19 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 
+import { LicenseType } from '../../../../../licensing/server';
+
 import { KibanaFeature, SubFeaturePrivilegeConfig } from '../../../../../features/common';
 
 export function* subFeaturePrivilegeIterator(
-  feature: KibanaFeature
+  feature: KibanaFeature,
+  licenseType: LicenseType
 ): IterableIterator<SubFeaturePrivilegeConfig> {
   for (const subFeature of feature.subFeatures) {
     for (const group of subFeature.privilegeGroups) {
-      yield* group.privileges;
+      yield* group.privileges.filter(
+        (privilege) => !privilege.minimumLicense || privilege.minimumLicense <= licenseType
+      );
     }
   }
 }
diff --git a/x-pack/plugins/security/server/authorization/privileges/privileges.test.ts b/x-pack/plugins/security/server/authorization/privileges/privileges.test.ts
index c7b015b001ccf..d9b712025c064 100644
--- a/x-pack/plugins/security/server/authorization/privileges/privileges.test.ts
+++ b/x-pack/plugins/security/server/authorization/privileges/privileges.test.ts
@@ -48,6 +48,7 @@ describe('features', () => {
 
     const mockLicenseService = {
       getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+      getType: jest.fn().mockReturnValue('basic'),
     };
     const privileges = privilegesFactory(actions, mockFeaturesService, mockLicenseService);
 
@@ -89,6 +90,7 @@ describe('features', () => {
     };
     const mockLicenseService = {
       getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+      getType: jest.fn().mockReturnValue('basic'),
     };
     const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -177,6 +179,7 @@ describe('features', () => {
     };
     const mockLicenseService = {
       getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+      getType: jest.fn().mockReturnValue('basic'),
     };
     const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -245,6 +248,7 @@ describe('features', () => {
       };
       const mockLicenseService = {
         getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+        getType: jest.fn().mockReturnValue('basic'),
       };
       const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -368,6 +372,7 @@ describe('features', () => {
       };
       const mockLicenseService = {
         getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+        getType: jest.fn().mockReturnValue('basic'),
       };
       const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -443,6 +448,7 @@ describe('features', () => {
       };
       const mockLicenseService = {
         getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+        getType: jest.fn().mockReturnValue('basic'),
       };
       const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -508,6 +514,7 @@ describe('features', () => {
       };
       const mockLicenseService = {
         getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+        getType: jest.fn().mockReturnValue('basic'),
       };
       const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -574,6 +581,7 @@ describe('features', () => {
       };
       const mockLicenseService = {
         getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+        getType: jest.fn().mockReturnValue('basic'),
       };
       const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -633,6 +641,7 @@ describe('reserved', () => {
     };
     const mockLicenseService = {
       getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+      getType: jest.fn().mockReturnValue('basic'),
     };
     const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -671,6 +680,7 @@ describe('reserved', () => {
     };
     const mockLicenseService = {
       getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+      getType: jest.fn().mockReturnValue('basic'),
     };
     const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -737,6 +747,7 @@ describe('reserved', () => {
     };
     const mockLicenseService = {
       getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+      getType: jest.fn().mockReturnValue('basic'),
     };
     const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -800,6 +811,7 @@ describe('subFeatures', () => {
       };
       const mockLicenseService = {
         getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+        getType: jest.fn().mockReturnValue('basic'),
       };
       const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -928,6 +940,7 @@ describe('subFeatures', () => {
       };
       const mockLicenseService = {
         getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+        getType: jest.fn().mockReturnValue('basic'),
       };
       const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -1135,6 +1148,7 @@ describe('subFeatures', () => {
       };
       const mockLicenseService = {
         getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+        getType: jest.fn().mockReturnValue('basic'),
       };
       const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -1278,6 +1292,7 @@ describe('subFeatures', () => {
       };
       const mockLicenseService = {
         getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+        getType: jest.fn().mockReturnValue('basic'),
       };
       const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -1446,6 +1461,7 @@ describe('subFeatures', () => {
       };
       const mockLicenseService = {
         getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+        getType: jest.fn().mockReturnValue('basic'),
       };
       const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -1576,6 +1592,7 @@ describe('subFeatures', () => {
       };
       const mockLicenseService = {
         getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: false }),
+        getType: jest.fn().mockReturnValue('basic'),
       };
       const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
 
@@ -1705,4 +1722,502 @@ describe('subFeatures', () => {
       ]);
     });
   });
+
+  describe(`when license allows subfeatures, but not a specific sub feature`, () => {
+    test(`should create minimal privileges, but not augment the primary feature privileges or create the disallowed sub-feature privileges`, () => {
+      const features: KibanaFeature[] = [
+        new KibanaFeature({
+          id: 'foo',
+          name: 'Foo KibanaFeature',
+          app: [],
+          category: { id: 'foo', label: 'foo' },
+          privileges: {
+            all: {
+              savedObject: {
+                all: [],
+                read: [],
+              },
+              ui: ['foo'],
+            },
+            read: {
+              savedObject: {
+                all: [],
+                read: [],
+              },
+              ui: ['foo'],
+            },
+          },
+          subFeatures: [
+            {
+              name: 'subFeature1',
+              privilegeGroups: [
+                {
+                  groupType: 'independent',
+                  privileges: [
+                    {
+                      id: 'subFeaturePriv1',
+                      name: 'sub feature priv 1',
+                      includeIn: 'read',
+                      savedObject: {
+                        all: ['all-sub-feature-type'],
+                        read: ['read-sub-feature-type'],
+                      },
+                      ui: ['sub-feature-ui'],
+                    },
+                  ],
+                },
+                {
+                  groupType: 'independent',
+                  privileges: [
+                    {
+                      id: 'licensedSubFeaturePriv',
+                      name: 'licensed sub feature priv',
+                      includeIn: 'read',
+                      minimumLicense: 'platinum',
+                      savedObject: {
+                        all: ['all-licensed-sub-feature-type'],
+                        read: ['read-licensed-sub-feature-type'],
+                      },
+                      ui: ['licensed-sub-feature-ui'],
+                    },
+                  ],
+                },
+              ],
+            },
+          ],
+        }),
+      ];
+
+      const mockFeaturesPlugin = {
+        getKibanaFeatures: jest.fn().mockReturnValue(features),
+      };
+      const mockLicenseService = {
+        getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+        getType: jest.fn().mockReturnValue('gold'),
+      };
+      const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
+
+      const actual = privileges.get();
+      expect(actual.features).toHaveProperty(`foo.subFeaturePriv1`);
+      expect(actual.features).not.toHaveProperty(`foo.licensedSubFeaturePriv`);
+
+      expect(actual.features).toHaveProperty(`foo.all`, [
+        actions.login,
+        actions.version,
+        actions.savedObject.get('all-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-sub-feature-type', 'get'),
+        actions.savedObject.get('all-sub-feature-type', 'find'),
+        actions.savedObject.get('all-sub-feature-type', 'create'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-sub-feature-type', 'update'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('read-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-sub-feature-type', 'get'),
+        actions.savedObject.get('read-sub-feature-type', 'find'),
+        actions.ui.get('foo', 'foo'),
+        actions.ui.get('foo', 'sub-feature-ui'),
+      ]);
+
+      expect(actual.features).toHaveProperty(`foo.minimal_all`, [
+        actions.login,
+        actions.version,
+        actions.ui.get('foo', 'foo'),
+      ]);
+
+      expect(actual.features).toHaveProperty(`foo.read`, [
+        actions.login,
+        actions.version,
+        actions.savedObject.get('all-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-sub-feature-type', 'get'),
+        actions.savedObject.get('all-sub-feature-type', 'find'),
+        actions.savedObject.get('all-sub-feature-type', 'create'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-sub-feature-type', 'update'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('read-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-sub-feature-type', 'get'),
+        actions.savedObject.get('read-sub-feature-type', 'find'),
+        actions.ui.get('foo', 'foo'),
+        actions.ui.get('foo', 'sub-feature-ui'),
+      ]);
+
+      expect(actual.features).toHaveProperty(`foo.minimal_read`, [
+        actions.login,
+        actions.version,
+        actions.ui.get('foo', 'foo'),
+      ]);
+
+      expect(actual).toHaveProperty('global.all', [
+        actions.login,
+        actions.version,
+        actions.api.get('features'),
+        actions.space.manage,
+        actions.ui.get('spaces', 'manage'),
+        actions.ui.get('management', 'kibana', 'spaces'),
+        actions.ui.get('catalogue', 'spaces'),
+        actions.ui.get('enterpriseSearch', 'all'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-sub-feature-type', 'get'),
+        actions.savedObject.get('all-sub-feature-type', 'find'),
+        actions.savedObject.get('all-sub-feature-type', 'create'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-sub-feature-type', 'update'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('read-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-sub-feature-type', 'get'),
+        actions.savedObject.get('read-sub-feature-type', 'find'),
+        actions.ui.get('foo', 'foo'),
+        actions.ui.get('foo', 'sub-feature-ui'),
+      ]);
+      expect(actual).toHaveProperty('global.read', [
+        actions.login,
+        actions.version,
+        actions.savedObject.get('all-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-sub-feature-type', 'get'),
+        actions.savedObject.get('all-sub-feature-type', 'find'),
+        actions.savedObject.get('all-sub-feature-type', 'create'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-sub-feature-type', 'update'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('read-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-sub-feature-type', 'get'),
+        actions.savedObject.get('read-sub-feature-type', 'find'),
+        actions.ui.get('foo', 'foo'),
+        actions.ui.get('foo', 'sub-feature-ui'),
+      ]);
+
+      expect(actual).toHaveProperty('space.all', [
+        actions.login,
+        actions.version,
+        actions.savedObject.get('all-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-sub-feature-type', 'get'),
+        actions.savedObject.get('all-sub-feature-type', 'find'),
+        actions.savedObject.get('all-sub-feature-type', 'create'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-sub-feature-type', 'update'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('read-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-sub-feature-type', 'get'),
+        actions.savedObject.get('read-sub-feature-type', 'find'),
+        actions.ui.get('foo', 'foo'),
+        actions.ui.get('foo', 'sub-feature-ui'),
+      ]);
+      expect(actual).toHaveProperty('space.read', [
+        actions.login,
+        actions.version,
+        actions.savedObject.get('all-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-sub-feature-type', 'get'),
+        actions.savedObject.get('all-sub-feature-type', 'find'),
+        actions.savedObject.get('all-sub-feature-type', 'create'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-sub-feature-type', 'update'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('read-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-sub-feature-type', 'get'),
+        actions.savedObject.get('read-sub-feature-type', 'find'),
+        actions.ui.get('foo', 'foo'),
+        actions.ui.get('foo', 'sub-feature-ui'),
+      ]);
+    });
+  });
+
+  describe(`when license allows subfeatures, but and a licensed sub feature`, () => {
+    test(`should create minimal privileges, augment the primary feature privileges, and create the licensed sub-feature privileges`, () => {
+      const features: KibanaFeature[] = [
+        new KibanaFeature({
+          id: 'foo',
+          name: 'Foo KibanaFeature',
+          app: [],
+          category: { id: 'foo', label: 'foo' },
+          privileges: {
+            all: {
+              savedObject: {
+                all: [],
+                read: [],
+              },
+              ui: ['foo'],
+            },
+            read: {
+              savedObject: {
+                all: [],
+                read: [],
+              },
+              ui: ['foo'],
+            },
+          },
+          subFeatures: [
+            {
+              name: 'subFeature1',
+              privilegeGroups: [
+                {
+                  groupType: 'independent',
+                  privileges: [
+                    {
+                      id: 'subFeaturePriv1',
+                      name: 'sub feature priv 1',
+                      includeIn: 'read',
+                      savedObject: {
+                        all: ['all-sub-feature-type'],
+                        read: ['read-sub-feature-type'],
+                      },
+                      ui: ['sub-feature-ui'],
+                    },
+                  ],
+                },
+                {
+                  groupType: 'independent',
+                  privileges: [
+                    {
+                      id: 'licensedSubFeaturePriv',
+                      name: 'licensed sub feature priv',
+                      includeIn: 'read',
+                      minimumLicense: 'platinum',
+                      savedObject: {
+                        all: ['all-licensed-sub-feature-type'],
+                        read: ['read-licensed-sub-feature-type'],
+                      },
+                      ui: ['licensed-sub-feature-ui'],
+                    },
+                  ],
+                },
+              ],
+            },
+          ],
+        }),
+      ];
+
+      const mockFeaturesPlugin = {
+        getKibanaFeatures: jest.fn().mockReturnValue(features),
+      };
+      const mockLicenseService = {
+        getFeatures: jest.fn().mockReturnValue({ allowSubFeaturePrivileges: true }),
+        getType: jest.fn().mockReturnValue('platinum'),
+      };
+      const privileges = privilegesFactory(actions, mockFeaturesPlugin as any, mockLicenseService);
+
+      const actual = privileges.get();
+      expect(actual.features).toHaveProperty(`foo.subFeaturePriv1`);
+      expect(actual.features).toHaveProperty(`foo.licensedSubFeaturePriv`);
+
+      expect(actual.features).toHaveProperty(`foo.all`, [
+        actions.login,
+        actions.version,
+        actions.savedObject.get('all-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-sub-feature-type', 'get'),
+        actions.savedObject.get('all-sub-feature-type', 'find'),
+        actions.savedObject.get('all-sub-feature-type', 'create'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-sub-feature-type', 'update'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'get'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'find'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'create'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'update'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('read-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-sub-feature-type', 'get'),
+        actions.savedObject.get('read-sub-feature-type', 'find'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'get'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'find'),
+        actions.ui.get('foo', 'foo'),
+        actions.ui.get('foo', 'sub-feature-ui'),
+        actions.ui.get('foo', 'licensed-sub-feature-ui'),
+      ]);
+
+      expect(actual.features).toHaveProperty(`foo.minimal_all`, [
+        actions.login,
+        actions.version,
+        actions.ui.get('foo', 'foo'),
+      ]);
+
+      expect(actual.features).toHaveProperty(`foo.read`, [
+        actions.login,
+        actions.version,
+        actions.savedObject.get('all-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-sub-feature-type', 'get'),
+        actions.savedObject.get('all-sub-feature-type', 'find'),
+        actions.savedObject.get('all-sub-feature-type', 'create'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-sub-feature-type', 'update'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'get'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'find'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'create'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'update'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('read-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-sub-feature-type', 'get'),
+        actions.savedObject.get('read-sub-feature-type', 'find'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'get'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'find'),
+        actions.ui.get('foo', 'foo'),
+        actions.ui.get('foo', 'sub-feature-ui'),
+        actions.ui.get('foo', 'licensed-sub-feature-ui'),
+      ]);
+
+      expect(actual.features).toHaveProperty(`foo.minimal_read`, [
+        actions.login,
+        actions.version,
+        actions.ui.get('foo', 'foo'),
+      ]);
+
+      expect(actual).toHaveProperty('global.all', [
+        actions.login,
+        actions.version,
+        actions.api.get('features'),
+        actions.space.manage,
+        actions.ui.get('spaces', 'manage'),
+        actions.ui.get('management', 'kibana', 'spaces'),
+        actions.ui.get('catalogue', 'spaces'),
+        actions.ui.get('enterpriseSearch', 'all'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-sub-feature-type', 'get'),
+        actions.savedObject.get('all-sub-feature-type', 'find'),
+        actions.savedObject.get('all-sub-feature-type', 'create'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-sub-feature-type', 'update'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'get'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'find'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'create'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'update'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('read-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-sub-feature-type', 'get'),
+        actions.savedObject.get('read-sub-feature-type', 'find'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'get'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'find'),
+        actions.ui.get('foo', 'foo'),
+        actions.ui.get('foo', 'sub-feature-ui'),
+        actions.ui.get('foo', 'licensed-sub-feature-ui'),
+      ]);
+      expect(actual).toHaveProperty('global.read', [
+        actions.login,
+        actions.version,
+        actions.savedObject.get('all-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-sub-feature-type', 'get'),
+        actions.savedObject.get('all-sub-feature-type', 'find'),
+        actions.savedObject.get('all-sub-feature-type', 'create'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-sub-feature-type', 'update'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'get'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'find'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'create'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'update'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('read-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-sub-feature-type', 'get'),
+        actions.savedObject.get('read-sub-feature-type', 'find'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'get'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'find'),
+        actions.ui.get('foo', 'foo'),
+        actions.ui.get('foo', 'sub-feature-ui'),
+        actions.ui.get('foo', 'licensed-sub-feature-ui'),
+      ]);
+
+      expect(actual).toHaveProperty('space.all', [
+        actions.login,
+        actions.version,
+        actions.savedObject.get('all-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-sub-feature-type', 'get'),
+        actions.savedObject.get('all-sub-feature-type', 'find'),
+        actions.savedObject.get('all-sub-feature-type', 'create'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-sub-feature-type', 'update'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'get'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'find'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'create'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'update'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('read-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-sub-feature-type', 'get'),
+        actions.savedObject.get('read-sub-feature-type', 'find'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'get'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'find'),
+        actions.ui.get('foo', 'foo'),
+        actions.ui.get('foo', 'sub-feature-ui'),
+        actions.ui.get('foo', 'licensed-sub-feature-ui'),
+      ]);
+      expect(actual).toHaveProperty('space.read', [
+        actions.login,
+        actions.version,
+        actions.savedObject.get('all-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-sub-feature-type', 'get'),
+        actions.savedObject.get('all-sub-feature-type', 'find'),
+        actions.savedObject.get('all-sub-feature-type', 'create'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-sub-feature-type', 'update'),
+        actions.savedObject.get('all-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'get'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'find'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'create'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_create'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'update'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'bulk_update'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'delete'),
+        actions.savedObject.get('all-licensed-sub-feature-type', 'share_to_space'),
+        actions.savedObject.get('read-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-sub-feature-type', 'get'),
+        actions.savedObject.get('read-sub-feature-type', 'find'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'bulk_get'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'get'),
+        actions.savedObject.get('read-licensed-sub-feature-type', 'find'),
+        actions.ui.get('foo', 'foo'),
+        actions.ui.get('foo', 'sub-feature-ui'),
+        actions.ui.get('foo', 'licensed-sub-feature-ui'),
+      ]);
+    });
+  });
 });
diff --git a/x-pack/plugins/security/server/authorization/privileges/privileges.ts b/x-pack/plugins/security/server/authorization/privileges/privileges.ts
index 24b46222e7f35..1b2b0cd8a0a52 100644
--- a/x-pack/plugins/security/server/authorization/privileges/privileges.ts
+++ b/x-pack/plugins/security/server/authorization/privileges/privileges.ts
@@ -25,7 +25,7 @@ export interface PrivilegesService {
 export function privilegesFactory(
   actions: Actions,
   featuresService: FeaturesPluginSetup,
-  licenseService: Pick<SecurityLicense, 'getFeatures'>
+  licenseService: Pick<SecurityLicense, 'getFeatures' | 'getType'>
 ) {
   const featurePrivilegeBuilder = featurePrivilegeBuilderFactory(actions);
 
@@ -33,6 +33,7 @@ export function privilegesFactory(
     get() {
       const features = featuresService.getKibanaFeatures();
       const { allowSubFeaturePrivileges } = licenseService.getFeatures();
+      const licenseType = licenseService.getType()!;
       const basePrivilegeFeatures = features.filter(
         (feature) => !feature.excludeFromBasePrivileges
       );
@@ -43,6 +44,7 @@ export function privilegesFactory(
       basePrivilegeFeatures.forEach((feature) => {
         for (const { privilegeId, privilege } of featurePrivilegeIterator(feature, {
           augmentWithSubFeaturePrivileges: true,
+          licenseType,
           predicate: (pId, featurePrivilege) => !featurePrivilege.excludeFromBasePrivileges,
         })) {
           const privilegeActions = featurePrivilegeBuilder.getActions(privilege, feature);
@@ -61,6 +63,7 @@ export function privilegesFactory(
         featurePrivileges[feature.id] = {};
         for (const featurePrivilege of featurePrivilegeIterator(feature, {
           augmentWithSubFeaturePrivileges: true,
+          licenseType,
         })) {
           featurePrivileges[feature.id][featurePrivilege.privilegeId] = [
             actions.login,
@@ -72,6 +75,7 @@ export function privilegesFactory(
         if (allowSubFeaturePrivileges && feature.subFeatures?.length > 0) {
           for (const featurePrivilege of featurePrivilegeIterator(feature, {
             augmentWithSubFeaturePrivileges: false,
+            licenseType,
           })) {
             featurePrivileges[feature.id][`minimal_${featurePrivilege.privilegeId}`] = [
               actions.login,
@@ -80,7 +84,7 @@ export function privilegesFactory(
             ];
           }
 
-          for (const subFeaturePrivilege of subFeaturePrivilegeIterator(feature)) {
+          for (const subFeaturePrivilege of subFeaturePrivilegeIterator(feature, licenseType)) {
             featurePrivileges[feature.id][subFeaturePrivilege.id] = [
               actions.login,
               actions.version,
diff --git a/x-pack/plugins/security/server/plugin.test.ts b/x-pack/plugins/security/server/plugin.test.ts
index 9b08ba8c275fd..cf9a30b0b3857 100644
--- a/x-pack/plugins/security/server/plugin.test.ts
+++ b/x-pack/plugins/security/server/plugin.test.ts
@@ -110,6 +110,7 @@ describe('Security Plugin', () => {
                     },
                   },
                   "getFeatures": [Function],
+                  "getType": [Function],
                   "isEnabled": [Function],
                   "isLicenseAvailable": [Function],
                 },
diff --git a/x-pack/plugins/security_solution/common/endpoint/constants.ts b/x-pack/plugins/security_solution/common/endpoint/constants.ts
index 4cfa9347b2b58..8e19c2e8f219d 100644
--- a/x-pack/plugins/security_solution/common/endpoint/constants.ts
+++ b/x-pack/plugins/security_solution/common/endpoint/constants.ts
@@ -18,3 +18,7 @@ export const TRUSTED_APPS_SUPPORTED_OS_TYPES: readonly string[] = ['macos', 'win
 export const TRUSTED_APPS_LIST_API = '/api/endpoint/trusted_apps';
 export const TRUSTED_APPS_CREATE_API = '/api/endpoint/trusted_apps';
 export const TRUSTED_APPS_DELETE_API = '/api/endpoint/trusted_apps/{id}';
+
+export const BASE_POLICY_RESPONSE_ROUTE = `/api/endpoint/policy_response`;
+export const BASE_POLICY_ROUTE = `/api/endpoint/policy`;
+export const AGENT_POLICY_SUMMARY_ROUTE = `${BASE_POLICY_ROUTE}/summaries`;
diff --git a/x-pack/plugins/security_solution/common/endpoint/schema/policy.ts b/x-pack/plugins/security_solution/common/endpoint/schema/policy.ts
index 35ba1266066e9..7ab8fbc8a9c8e 100644
--- a/x-pack/plugins/security_solution/common/endpoint/schema/policy.ts
+++ b/x-pack/plugins/security_solution/common/endpoint/schema/policy.ts
@@ -10,3 +10,10 @@ export const GetPolicyResponseSchema = {
     agentId: schema.string(),
   }),
 };
+
+export const GetAgentPolicySummaryRequestSchema = {
+  query: schema.object({
+    package_name: schema.string(),
+    policy_id: schema.nullable(schema.string()),
+  }),
+};
diff --git a/x-pack/plugins/security_solution/common/endpoint/types/index.ts b/x-pack/plugins/security_solution/common/endpoint/types/index.ts
index 673d04c856935..66ba15431e603 100644
--- a/x-pack/plugins/security_solution/common/endpoint/types/index.ts
+++ b/x-pack/plugins/security_solution/common/endpoint/types/index.ts
@@ -1102,3 +1102,14 @@ export interface HostPolicyResponse {
 export interface GetHostPolicyResponse {
   policy_response: HostPolicyResponse;
 }
+
+/**
+ * REST API response for retrieving agent summary
+ */
+export interface GetAgentSummaryResponse {
+  summary_response: {
+    package: string;
+    policy_id?: string;
+    versions_count: { [key: string]: number };
+  };
+}
diff --git a/x-pack/plugins/security_solution/cypress/screens/create_new_rule.ts b/x-pack/plugins/security_solution/cypress/screens/create_new_rule.ts
index 5e7dce6966195..618ddbad9f44a 100644
--- a/x-pack/plugins/security_solution/cypress/screens/create_new_rule.ts
+++ b/x-pack/plugins/security_solution/cypress/screens/create_new_rule.ts
@@ -50,6 +50,10 @@ export const EQL_TYPE = '[data-test-subj="eqlRuleType"]';
 
 export const EQL_QUERY_INPUT = '[data-test-subj="eqlQueryBarTextInput"]';
 
+export const EQL_QUERY_PREVIEW_HISTOGRAM = '[data-test-subj="queryPreviewEqlHistogram"]';
+
+export const EQL_QUERY_VALIDATION_SPINNER = '[data-test-subj="eql-validation-loading"]';
+
 export const IMPORT_QUERY_FROM_SAVED_TIMELINE_LINK =
   '[data-test-subj="importQueryFromSavedTimeline"]';
 
@@ -80,6 +84,8 @@ export const MITRE_TACTIC_DROPDOWN = '[data-test-subj="mitreTactic"]';
 export const MITRE_TECHNIQUES_INPUT =
   '[data-test-subj="mitreTechniques"] [data-test-subj="comboBoxSearchInput"]';
 
+export const QUERY_PREVIEW_BUTTON = '[data-test-subj="queryPreviewButton"]';
+
 export const REFERENCE_URLS_INPUT =
   '[data-test-subj="detectionEngineStepAboutRuleReferenceUrls"] input';
 
diff --git a/x-pack/plugins/security_solution/cypress/screens/shared.ts b/x-pack/plugins/security_solution/cypress/screens/shared.ts
new file mode 100644
index 0000000000000..ccfe0f97c732c
--- /dev/null
+++ b/x-pack/plugins/security_solution/cypress/screens/shared.ts
@@ -0,0 +1,9 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export const NOTIFICATION_TOASTS = '[data-test-subj="globalToastList"]';
+
+export const TOAST_ERROR_CLASS = 'euiToast--danger';
diff --git a/x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts b/x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts
index 5b2c365dfd8c3..251a7ccc4b9c9 100644
--- a/x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts
+++ b/x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts
@@ -61,7 +61,11 @@ import {
   THRESHOLD_TYPE,
   EQL_TYPE,
   EQL_QUERY_INPUT,
+  QUERY_PREVIEW_BUTTON,
+  EQL_QUERY_PREVIEW_HISTOGRAM,
+  EQL_QUERY_VALIDATION_SPINNER,
 } from '../screens/create_new_rule';
+import { NOTIFICATION_TOASTS, TOAST_ERROR_CLASS } from '../screens/shared';
 import { TIMELINE } from '../screens/timelines';
 import { refreshPage } from './security_header';
 
@@ -225,8 +229,12 @@ export const fillDefineThresholdRuleAndContinue = (rule: ThresholdRule) => {
 
 export const fillDefineEqlRuleAndContinue = (rule: CustomRule) => {
   cy.get(EQL_QUERY_INPUT).type(rule.customQuery);
-  cy.get(DEFINE_CONTINUE_BUTTON).should('exist').click({ force: true });
+  cy.get(EQL_QUERY_VALIDATION_SPINNER).should('not.exist');
+  cy.get(QUERY_PREVIEW_BUTTON).should('not.be.disabled').click({ force: true });
+  cy.get(EQL_QUERY_PREVIEW_HISTOGRAM).should('contain.text', 'Hits');
+  cy.get(NOTIFICATION_TOASTS).children().should('not.have.class', TOAST_ERROR_CLASS); // asserts no error toast on page
 
+  cy.get(DEFINE_CONTINUE_BUTTON).should('exist').click({ force: true });
   cy.get(EQL_QUERY_INPUT).should('not.exist');
 };
 
diff --git a/x-pack/plugins/security_solution/public/common/components/ml_popover/api.ts b/x-pack/plugins/security_solution/public/common/components/ml_popover/api.ts
index dd0fb33fd2bc6..08850403f9994 100644
--- a/x-pack/plugins/security_solution/public/common/components/ml_popover/api.ts
+++ b/x-pack/plugins/security_solution/public/common/components/ml_popover/api.ts
@@ -83,6 +83,7 @@ export const setupMlJob = async ({
         indexPatternName,
         startDatafeed: false,
         useDedicatedIndex: true,
+        applyToAllSpaces: true,
       }),
       asSystemRequest: true,
     }
diff --git a/x-pack/plugins/security_solution/public/common/hooks/eql/api.ts b/x-pack/plugins/security_solution/public/common/hooks/eql/api.ts
index fb2e484c0e3f1..5b78a0e6ae582 100644
--- a/x-pack/plugins/security_solution/public/common/hooks/eql/api.ts
+++ b/x-pack/plugins/security_solution/public/common/hooks/eql/api.ts
@@ -32,8 +32,7 @@ export const validateEql = async ({
   const { rawResponse: response } = await data.search
     .search<EqlSearchStrategyRequest, EqlSearchStrategyResponse>(
       {
-        // @ts-expect-error allow_no_indices is missing on EqlSearch
-        params: { allow_no_indices: true, index: index.join(), body: { query, size: 0 } },
+        params: { index: index.join(), body: { query, size: 0 } },
         options: { ignore: [400] },
       },
       {
diff --git a/x-pack/plugins/security_solution/public/common/hooks/eql/use_eql_preview.ts b/x-pack/plugins/security_solution/public/common/hooks/eql/use_eql_preview.ts
index 1f4424a4f28b8..f259db6e932bf 100644
--- a/x-pack/plugins/security_solution/public/common/hooks/eql/use_eql_preview.ts
+++ b/x-pack/plugins/security_solution/public/common/hooks/eql/use_eql_preview.ts
@@ -74,8 +74,6 @@ export const useEqlPreview = (): [
           .search<EqlSearchStrategyRequest, EqlSearchStrategyResponse<EqlSearchResponse<Source>>>(
             {
               params: {
-                // @ts-expect-error allow_no_indices is missing on EqlSearch
-                allow_no_indices: true,
                 index: index.join(),
                 body: {
                   filter: {
diff --git a/x-pack/plugins/security_solution/public/common/utils/default_date_settings.ts b/x-pack/plugins/security_solution/public/common/utils/default_date_settings.ts
index 148143bb00bea..94545424512bc 100644
--- a/x-pack/plugins/security_solution/public/common/utils/default_date_settings.ts
+++ b/x-pack/plugins/security_solution/public/common/utils/default_date_settings.ts
@@ -34,8 +34,8 @@ export type DefaultIntervalSetting = DefaultInterval | null | undefined;
 
 // Defaults for if everything fails including dateMath.parse(DEFAULT_FROM) or dateMath.parse(DEFAULT_TO)
 // These should not really be hit unless we are in an extreme buggy state.
-const DEFAULT_FROM_MOMENT = moment().subtract(24, 'hours');
-const DEFAULT_TO_MOMENT = moment();
+export const DEFAULT_FROM_MOMENT = moment().subtract(24, 'hours');
+export const DEFAULT_TO_MOMENT = moment();
 
 /**
  * Retrieves timeRange settings to populate filters
diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/custom_histogram.test.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/custom_histogram.test.tsx
index 3dc3213d65314..8c1a59f912f94 100644
--- a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/custom_histogram.test.tsx
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/custom_histogram.test.tsx
@@ -51,7 +51,7 @@ describe('PreviewCustomQueryHistogram', () => {
 
     expect(wrapper.find('[data-test-subj="queryPreviewLoading"]').exists()).toBeTruthy();
     expect(
-      wrapper.find('[data-test-subj="queryPreviewCustomHistogram"]').at(0).prop('subtitle')
+      wrapper.find('[dataTestSubj="queryPreviewCustomHistogram"]').at(0).prop('subtitle')
     ).toEqual(i18n.QUERY_PREVIEW_SUBTITLE_LOADING);
   });
 
@@ -78,32 +78,32 @@ describe('PreviewCustomQueryHistogram', () => {
 
     expect(wrapper.find('[data-test-subj="queryPreviewLoading"]').exists()).toBeFalsy();
     expect(
-      wrapper.find('[data-test-subj="queryPreviewCustomHistogram"]').at(0).prop('subtitle')
+      wrapper.find('[dataTestSubj="queryPreviewCustomHistogram"]').at(0).prop('subtitle')
     ).toEqual(i18n.QUERY_PREVIEW_TITLE(9154));
-    expect(
-      wrapper.find('[data-test-subj="queryPreviewCustomHistogram"]').at(0).props().data
-    ).toEqual([
-      {
-        key: 'hits',
-        value: [
-          {
-            g: 'All others',
-            x: 1602247050000,
-            y: 2314,
-          },
-          {
-            g: 'All others',
-            x: 1602247162500,
-            y: 3471,
-          },
-          {
-            g: 'All others',
-            x: 1602247275000,
-            y: 3369,
-          },
-        ],
-      },
-    ]);
+    expect(wrapper.find('[dataTestSubj="queryPreviewCustomHistogram"]').at(0).props().data).toEqual(
+      [
+        {
+          key: 'hits',
+          value: [
+            {
+              g: 'All others',
+              x: 1602247050000,
+              y: 2314,
+            },
+            {
+              g: 'All others',
+              x: 1602247162500,
+              y: 3471,
+            },
+            {
+              g: 'All others',
+              x: 1602247275000,
+              y: 3369,
+            },
+          ],
+        },
+      ]
+    );
   });
 
   test('it invokes setQuery with id, inspect, isLoading and refetch', async () => {
diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/custom_histogram.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/custom_histogram.tsx
index 77b6fbb938e20..42243bca0fca5 100644
--- a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/custom_histogram.tsx
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/custom_histogram.tsx
@@ -69,7 +69,7 @@ export const PreviewCustomQueryHistogram = ({
       subtitle={subtitle}
       disclaimer={i18n.QUERY_PREVIEW_DISCLAIMER}
       isLoading={isLoading}
-      data-test-subj="queryPreviewCustomHistogram"
+      dataTestSubj="queryPreviewCustomHistogram"
     />
   );
 };
diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/eql_histogram.test.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/eql_histogram.test.tsx
index 3e7807f423be9..c39d14f6257b7 100644
--- a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/eql_histogram.test.tsx
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/eql_histogram.test.tsx
@@ -51,7 +51,7 @@ describe('PreviewEqlQueryHistogram', () => {
 
     expect(wrapper.find('[data-test-subj="queryPreviewLoading"]').exists()).toBeTruthy();
     expect(
-      wrapper.find('[data-test-subj="queryPreviewEqlHistogram"]').at(0).prop('subtitle')
+      wrapper.find('[dataTestSubj="queryPreviewEqlHistogram"]').at(0).prop('subtitle')
     ).toEqual(i18n.QUERY_PREVIEW_SUBTITLE_LOADING);
   });
 
@@ -78,9 +78,9 @@ describe('PreviewEqlQueryHistogram', () => {
 
     expect(wrapper.find('[data-test-subj="queryPreviewLoading"]').exists()).toBeFalsy();
     expect(
-      wrapper.find('[data-test-subj="queryPreviewEqlHistogram"]').at(0).prop('subtitle')
+      wrapper.find('[dataTestSubj="queryPreviewEqlHistogram"]').at(0).prop('subtitle')
     ).toEqual(i18n.QUERY_PREVIEW_TITLE(9154));
-    expect(wrapper.find('[data-test-subj="queryPreviewEqlHistogram"]').at(0).props().data).toEqual([
+    expect(wrapper.find('[dataTestSubj="queryPreviewEqlHistogram"]').at(0).props().data).toEqual([
       {
         key: 'hits',
         value: [
diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/eql_histogram.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/eql_histogram.tsx
index ed1fd5b7367d4..88fe228a364ab 100644
--- a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/eql_histogram.tsx
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/eql_histogram.tsx
@@ -66,7 +66,7 @@ export const PreviewEqlQueryHistogram = ({
       subtitle={subtitle}
       disclaimer={i18n.QUERY_PREVIEW_DISCLAIMER_EQL}
       isLoading={isLoading}
-      data-test-subj="queryPreviewEqlHistogram"
+      dataTestSubj="queryPreviewEqlHistogram"
     />
   );
 };
diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/histogram.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/histogram.tsx
index 2c43dac7b6bce..a7357672b486f 100644
--- a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/histogram.tsx
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/histogram.tsx
@@ -21,6 +21,7 @@ const LoadingChart = styled(EuiLoadingChart)`
 interface PreviewHistogramProps {
   id: string;
   data: ChartSeriesData[];
+  dataTestSubj?: string;
   barConfig: ChartSeriesConfigs;
   title: string;
   subtitle: string;
@@ -31,6 +32,7 @@ interface PreviewHistogramProps {
 export const PreviewHistogram = ({
   id,
   data,
+  dataTestSubj,
   barConfig,
   title,
   subtitle,
@@ -39,7 +41,7 @@ export const PreviewHistogram = ({
 }: PreviewHistogramProps) => {
   return (
     <>
-      <Panel height={300}>
+      <Panel height={300} data-test-subj={dataTestSubj}>
         <EuiFlexGroup gutterSize="none" direction="column">
           <EuiFlexItem grow={1}>
             <HeaderSection id={id} title={title} titleSize="xs" subtitle={subtitle} />
diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/index.test.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/index.test.tsx
index 26891dae1752a..3b6d3bca67574 100644
--- a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/index.test.tsx
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/index.test.tsx
@@ -79,9 +79,9 @@ describe('PreviewQuery', () => {
     expect(
       wrapper.find('[data-test-subj="queryPreviewButton"] button').props().disabled
     ).toBeFalsy();
-    expect(wrapper.find('[data-test-subj="previewNonEqlQueryHistogram"]').exists()).toBeFalsy();
-    expect(wrapper.find('[data-test-subj="previewThresholdQueryHistogram"]').exists()).toBeFalsy();
-    expect(wrapper.find('[data-test-subj="previewEqlQueryHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewCustomHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="thresholdQueryPreviewHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewEqlHistogram"]').exists()).toBeFalsy();
   });
 
   test('it renders preview button disabled if "isDisabled" is true', () => {
@@ -146,9 +146,9 @@ describe('PreviewQuery', () => {
     const mockCalls = (useKibana().services.data.search.search as jest.Mock).mock.calls;
 
     expect(mockCalls.length).toEqual(1);
-    expect(wrapper.find('[data-test-subj="previewNonEqlQueryHistogram"]').exists()).toBeTruthy();
-    expect(wrapper.find('[data-test-subj="previewThresholdQueryHistogram"]').exists()).toBeFalsy();
-    expect(wrapper.find('[data-test-subj="previewEqlQueryHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewCustomHistogram"]').exists()).toBeTruthy();
+    expect(wrapper.find('[data-test-subj="thresholdQueryPreviewHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewEqlHistogram"]').exists()).toBeFalsy();
   });
 
   test('it renders noise warning when rule type is query, timeframe is last hour and hit average is greater than 1/hour', async () => {
@@ -209,9 +209,9 @@ describe('PreviewQuery', () => {
     const mockCalls = (useKibana().services.data.search.search as jest.Mock).mock.calls;
 
     expect(mockCalls.length).toEqual(1);
-    expect(wrapper.find('[data-test-subj="previewNonEqlQueryHistogram"]').exists()).toBeTruthy();
-    expect(wrapper.find('[data-test-subj="previewThresholdQueryHistogram"]').exists()).toBeFalsy();
-    expect(wrapper.find('[data-test-subj="previewEqlQueryHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewCustomHistogram"]').exists()).toBeTruthy();
+    expect(wrapper.find('[data-test-subj="thresholdQueryPreviewHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewEqlHistogram"]').exists()).toBeFalsy();
   });
 
   test('it renders eql histogram when preview button clicked and rule type is eql', () => {
@@ -236,9 +236,9 @@ describe('PreviewQuery', () => {
     const mockCalls = (useKibana().services.data.search.search as jest.Mock).mock.calls;
 
     expect(mockCalls.length).toEqual(1);
-    expect(wrapper.find('[data-test-subj="previewNonEqlQueryHistogram"]').exists()).toBeFalsy();
-    expect(wrapper.find('[data-test-subj="previewThresholdQueryHistogram"]').exists()).toBeFalsy();
-    expect(wrapper.find('[data-test-subj="previewEqlQueryHistogram"]').exists()).toBeTruthy();
+    expect(wrapper.find('[data-test-subj="queryPreviewCustomHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="thresholdQueryPreviewHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewEqlHistogram"]').exists()).toBeTruthy();
   });
 
   test('it renders noise warning when rule type is eql, timeframe is last hour and hit average is greater than 1/hour', async () => {
@@ -314,9 +314,9 @@ describe('PreviewQuery', () => {
 
     expect(mockCalls.length).toEqual(1);
     expect(wrapper.find('[data-test-subj="previewQueryWarning"]').exists()).toBeFalsy();
-    expect(wrapper.find('[data-test-subj="previewNonEqlQueryHistogram"]').exists()).toBeFalsy();
-    expect(wrapper.find('[data-test-subj="previewThresholdQueryHistogram"]').exists()).toBeTruthy();
-    expect(wrapper.find('[data-test-subj="previewEqlQueryHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewCustomHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="thresholdQueryPreviewHistogram"]').exists()).toBeTruthy();
+    expect(wrapper.find('[data-test-subj="queryPreviewEqlHistogram"]').exists()).toBeFalsy();
   });
 
   test('it renders noise warning when rule type is threshold, and threshold field is defined, timeframe is last hour and hit average is greater than 1/hour', async () => {
@@ -380,9 +380,9 @@ describe('PreviewQuery', () => {
     const mockCalls = (useKibana().services.data.search.search as jest.Mock).mock.calls;
 
     expect(mockCalls.length).toEqual(1);
-    expect(wrapper.find('[data-test-subj="previewNonEqlQueryHistogram"]').exists()).toBeTruthy();
-    expect(wrapper.find('[data-test-subj="previewThresholdQueryHistogram"]').exists()).toBeFalsy();
-    expect(wrapper.find('[data-test-subj="previewEqlQueryHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewCustomHistogram"]').exists()).toBeTruthy();
+    expect(wrapper.find('[data-test-subj="thresholdQueryPreviewHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewEqlHistogram"]').exists()).toBeFalsy();
   });
 
   test('it renders query histogram when preview button clicked, rule type is threshold, and threshold field is empty string', () => {
@@ -407,9 +407,9 @@ describe('PreviewQuery', () => {
     const mockCalls = (useKibana().services.data.search.search as jest.Mock).mock.calls;
 
     expect(mockCalls.length).toEqual(1);
-    expect(wrapper.find('[data-test-subj="previewNonEqlQueryHistogram"]').exists()).toBeTruthy();
-    expect(wrapper.find('[data-test-subj="previewThresholdQueryHistogram"]').exists()).toBeFalsy();
-    expect(wrapper.find('[data-test-subj="previewEqlQueryHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewCustomHistogram"]').exists()).toBeTruthy();
+    expect(wrapper.find('[data-test-subj="thresholdQueryPreviewHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewEqlHistogram"]').exists()).toBeFalsy();
   });
 
   test('it hides histogram when timeframe changes', () => {
@@ -431,13 +431,13 @@ describe('PreviewQuery', () => {
 
     wrapper.find('[data-test-subj="queryPreviewButton"] button').at(0).simulate('click');
 
-    expect(wrapper.find('[data-test-subj="previewNonEqlQueryHistogram"]').exists()).toBeTruthy();
+    expect(wrapper.find('[data-test-subj="queryPreviewCustomHistogram"]').exists()).toBeTruthy();
 
     wrapper
       .find('[data-test-subj="queryPreviewTimeframeSelect"] select')
       .at(0)
       .simulate('change', { target: { value: 'd' } });
 
-    expect(wrapper.find('[data-test-subj="previewNonEqlQueryHistogram"]').exists()).toBeFalsy();
+    expect(wrapper.find('[data-test-subj="queryPreviewCustomHistogram"]').exists()).toBeFalsy();
   });
 });
diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/index.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/index.tsx
index 6669ea6d97969..52f19704ed917 100644
--- a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/index.tsx
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/index.tsx
@@ -312,7 +312,6 @@ export const PreviewQuery = ({
           inspect={inspect}
           refetch={refetch}
           isLoading={isMatrixHistogramLoading}
-          data-test-subj="previewNonEqlQueryHistogram"
         />
       )}
       {ruleType === 'threshold' && thresholdFieldExists && showHistogram && (
@@ -321,7 +320,6 @@ export const PreviewQuery = ({
           buckets={buckets}
           inspect={inspect}
           refetch={refetch}
-          data-test-subj="previewThresholdQueryHistogram"
         />
       )}
       {ruleType === 'eql' && showHistogram && (
@@ -333,7 +331,6 @@ export const PreviewQuery = ({
           inspect={eqlQueryInspect}
           refetch={eqlQueryRefetch}
           isLoading={eqlQueryLoading}
-          data-test-subj="previewEqlQueryHistogram"
         />
       )}
       {showHistogram &&
diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/threshold_histogram.test.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/threshold_histogram.test.tsx
index 8a0cfef1b6256..44655a91075a5 100644
--- a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/threshold_histogram.test.tsx
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/threshold_histogram.test.tsx
@@ -68,7 +68,7 @@ describe('PreviewThresholdQueryHistogram', () => {
 
     expect(wrapper.find('[data-test-subj="queryPreviewLoading"]').exists()).toBeFalsy();
     expect(
-      wrapper.find('[data-test-subj="thresholdQueryPreviewHistogram"]').at(0).props().data
+      wrapper.find('[dataTestSubj="thresholdQueryPreviewHistogram"]').at(0).props().data
     ).toEqual([
       {
         key: 'hits',
diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/threshold_histogram.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/threshold_histogram.tsx
index a102c567a98e8..360b834bb7722 100644
--- a/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/threshold_histogram.tsx
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/query_preview/threshold_histogram.tsx
@@ -75,7 +75,7 @@ export const PreviewThresholdQueryHistogram = ({
       subtitle={subtitle}
       disclaimer={i18n.QUERY_PREVIEW_DISCLAIMER}
       isLoading={isLoading}
-      data-test-subj="thresholdQueryPreviewHistogram"
+      dataTestSubj="thresholdQueryPreviewHistogram"
     />
   );
 };
diff --git a/x-pack/plugins/security_solution/public/timelines/components/open_timeline/__mocks__/index.ts b/x-pack/plugins/security_solution/public/timelines/components/open_timeline/__mocks__/index.ts
new file mode 100644
index 0000000000000..ce4b0f09e5c95
--- /dev/null
+++ b/x-pack/plugins/security_solution/public/timelines/components/open_timeline/__mocks__/index.ts
@@ -0,0 +1,420 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { TimelineStatus, TimelineType } from '../../../../../common/types/timeline';
+
+export const mockTimeline = {
+  data: {
+    getOneTimeline: {
+      savedObjectId: 'eb2781c0-1df5-11eb-8589-2f13958b79f7',
+      columns: [
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: '@timestamp',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: 'message',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: 'event.category',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: 'event.action',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: 'host.name',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: 'source.ip',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: 'destination.ip',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: 'user.name',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+      ],
+      dataProviders: [],
+      dateRange: {
+        start: '2020-11-01T14:30:59.935Z',
+        end: '2020-11-03T14:31:11.417Z',
+        __typename: 'DateRangePickerResult',
+      },
+      description: '',
+      eventType: 'all',
+      eventIdToNoteIds: [],
+      excludedRowRendererIds: [],
+      favorite: [],
+      filters: [],
+      kqlMode: 'filter',
+      kqlQuery: { filterQuery: null, __typename: 'SerializedFilterQueryResult' },
+      indexNames: [
+        'auditbeat-*',
+        'endgame-*',
+        'filebeat-*',
+        'logs-*',
+        'packetbeat-*',
+        'winlogbeat-*',
+        '.siem-signals-angelachuang-default',
+      ],
+      notes: [],
+      noteIds: [],
+      pinnedEventIds: [],
+      pinnedEventsSaveObject: [],
+      status: TimelineStatus.active,
+      title: 'my timeline',
+      timelineType: TimelineType.default,
+      templateTimelineId: null,
+      templateTimelineVersion: null,
+      savedQueryId: null,
+      sort: {
+        columnId: '@timestamp',
+        sortDirection: 'desc',
+        __typename: 'SortTimelineResult',
+      },
+      created: 1604497127973,
+      createdBy: 'elastic',
+      updated: 1604500278364,
+      updatedBy: 'elastic',
+      version: 'WzQ4NSwxXQ==',
+      __typename: 'TimelineResult',
+    },
+  },
+  loading: false,
+  networkStatus: 7,
+  stale: false,
+};
+
+export const mockTemplate = {
+  data: {
+    getOneTimeline: {
+      savedObjectId: '0c70a200-1de0-11eb-885c-6fc13fca1850',
+      columns: [
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: '@timestamp',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: 'signal.rule.description',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: 'event.action',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: 'process.name',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: true,
+          category: 'process',
+          columnHeaderType: 'not-filtered',
+          description: 'The working directory of the process.',
+          example: '/home/alice',
+          indexes: null,
+          id: 'process.working_directory',
+          name: null,
+          searchable: null,
+          type: 'string',
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: true,
+          category: 'process',
+          columnHeaderType: 'not-filtered',
+          description:
+            'Array of process arguments, starting with the absolute path to\nthe executable.\n\nMay be filtered to protect sensitive information.',
+          example: '["/usr/bin/ssh","-l","user","10.0.0.16"]',
+          indexes: null,
+          id: 'process.args',
+          name: null,
+          searchable: null,
+          type: 'string',
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: null,
+          category: null,
+          columnHeaderType: 'not-filtered',
+          description: null,
+          example: null,
+          indexes: null,
+          id: 'process.pid',
+          name: null,
+          searchable: null,
+          type: null,
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: true,
+          category: 'process',
+          columnHeaderType: 'not-filtered',
+          description: 'Absolute path to the process executable.',
+          example: '/usr/bin/ssh',
+          indexes: null,
+          id: 'process.parent.executable',
+          name: null,
+          searchable: null,
+          type: 'string',
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: true,
+          category: 'process',
+          columnHeaderType: 'not-filtered',
+          description:
+            'Array of process arguments.\n\nMay be filtered to protect sensitive information.',
+          example: '["ssh","-l","user","10.0.0.16"]',
+          indexes: null,
+          id: 'process.parent.args',
+          name: null,
+          searchable: null,
+          type: 'string',
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: true,
+          category: 'process',
+          columnHeaderType: 'not-filtered',
+          description: 'Process id.',
+          example: '4242',
+          indexes: null,
+          id: 'process.parent.pid',
+          name: null,
+          searchable: null,
+          type: 'number',
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: true,
+          category: 'user',
+          columnHeaderType: 'not-filtered',
+          description: 'Short name or login of the user.',
+          example: 'albert',
+          indexes: null,
+          id: 'user.name',
+          name: null,
+          searchable: null,
+          type: 'string',
+          __typename: 'ColumnHeaderResult',
+        },
+        {
+          aggregatable: true,
+          category: 'host',
+          columnHeaderType: 'not-filtered',
+          description:
+            'Name of the host.\n\nIt can contain what `hostname` returns on Unix systems, the fully qualified\ndomain name, or a name specified by the user. The sender decides which value\nto use.',
+          example: null,
+          indexes: null,
+          id: 'host.name',
+          name: null,
+          searchable: null,
+          type: 'string',
+          __typename: 'ColumnHeaderResult',
+        },
+      ],
+      dataProviders: [
+        {
+          id: 'timeline-1-8622010a-61fb-490d-b162-beac9c36a853',
+          name: '{process.name}',
+          enabled: true,
+          excluded: false,
+          kqlQuery: '',
+          type: 'template',
+          queryMatch: {
+            field: 'process.name',
+            displayField: null,
+            value: '{process.name}',
+            displayValue: null,
+            operator: ':',
+            __typename: 'QueryMatchResult',
+          },
+          and: [],
+          __typename: 'DataProviderResult',
+        },
+        {
+          id: 'timeline-1-4685da24-35c1-43f3-892d-1f926dbf5568',
+          name: '{event.type}',
+          enabled: true,
+          excluded: false,
+          kqlQuery: '',
+          type: 'template',
+          queryMatch: {
+            field: 'event.type',
+            displayField: null,
+            value: '{event.type}',
+            displayValue: null,
+            operator: ':*',
+            __typename: 'QueryMatchResult',
+          },
+          and: [],
+          __typename: 'DataProviderResult',
+        },
+      ],
+      dateRange: {
+        start: '2020-10-27T14:22:11.809Z',
+        end: '2020-11-03T14:22:11.809Z',
+        __typename: 'DateRangePickerResult',
+      },
+      description: '',
+      eventType: 'all',
+      eventIdToNoteIds: [],
+      excludedRowRendererIds: [],
+      favorite: [],
+      filters: [],
+      kqlMode: 'filter',
+      kqlQuery: {
+        filterQuery: {
+          kuery: { kind: 'kuery', expression: '', __typename: 'KueryFilterQueryResult' },
+          serializedQuery: '',
+          __typename: 'SerializedKueryQueryResult',
+        },
+        __typename: 'SerializedFilterQueryResult',
+      },
+      indexNames: [],
+      notes: [],
+      noteIds: [],
+      pinnedEventIds: [],
+      pinnedEventsSaveObject: [],
+      status: TimelineStatus.immutable,
+      title: 'Generic Process Timeline',
+      timelineType: 'template',
+      templateTimelineId: 'cd55e52b-7bce-4887-88e2-f1ece4c75447',
+      templateTimelineVersion: 1,
+      savedQueryId: null,
+      sort: {
+        columnId: '@timestamp',
+        sortDirection: 'desc',
+        __typename: 'SortTimelineResult',
+      },
+      created: 1604413368243,
+      createdBy: 'angela',
+      updated: 1604413368243,
+      updatedBy: 'angela',
+      version: 'WzQwMywxXQ==',
+      __typename: 'TimelineResult',
+    },
+  },
+  loading: false,
+  networkStatus: 7,
+  stale: false,
+};
diff --git a/x-pack/plugins/security_solution/public/timelines/components/open_timeline/helpers.test.ts b/x-pack/plugins/security_solution/public/timelines/components/open_timeline/helpers.test.ts
index c89114ec77138..921527a0079e3 100644
--- a/x-pack/plugins/security_solution/public/timelines/components/open_timeline/helpers.test.ts
+++ b/x-pack/plugins/security_solution/public/timelines/components/open_timeline/helpers.test.ts
@@ -3,8 +3,9 @@
  * or more contributor license agreements. Licensed under the Elastic License;
  * you may not use this file except in compliance with the Elastic License.
  */
-import { cloneDeep, omit } from 'lodash/fp';
+import { cloneDeep, getOr, omit } from 'lodash/fp';
 import { Dispatch } from 'redux';
+import ApolloClient from 'apollo-client';
 
 import {
   mockTimelineResults,
@@ -30,6 +31,9 @@ import {
   isUntitled,
   omitTypenameInTimeline,
   dispatchUpdateTimeline,
+  queryTimelineById,
+  QueryTimelineById,
+  formatTimelineResultToModel,
 } from './helpers';
 import { OpenTimelineResult, DispatchUpdateTimeline } from './types';
 import { KueryFilterQueryKind } from '../../../common/store/model';
@@ -37,6 +41,10 @@ import { Note } from '../../../common/lib/note';
 import moment from 'moment';
 import sinon from 'sinon';
 import { TimelineId, TimelineType, TimelineStatus } from '../../../../common/types/timeline';
+import {
+  mockTimeline as mockSelectedTimeline,
+  mockTemplate as mockSelectedTemplate,
+} from './__mocks__';
 
 jest.mock('../../../common/store/inputs/actions');
 jest.mock('../../../common/components/url_state/normalize_time_range.ts');
@@ -49,6 +57,15 @@ jest.mock('uuid', () => {
   };
 });
 
+jest.mock('../../../common/utils/default_date_settings', () => {
+  const actual = jest.requireActual('../../../common/utils/default_date_settings');
+  return {
+    ...actual,
+    DEFAULT_FROM_MOMENT: new Date('2020-10-27T11:37:31.655Z'),
+    DEFAULT_TO_MOMENT: new Date('2020-10-28T11:37:31.655Z'),
+  };
+});
+
 describe('helpers', () => {
   let mockResults: OpenTimelineResult[];
 
@@ -903,6 +920,395 @@ describe('helpers', () => {
         id: 'savedObject-1',
       });
     });
+
+    test('should override timerange if given an Elastic prebuilt template', () => {
+      const timeline = {
+        savedObjectId: 'savedObject-1',
+        title: 'Awesome Timeline',
+        version: '1',
+        status: TimelineStatus.immutable,
+        timelineType: TimelineType.template,
+      };
+
+      const newTimeline = defaultTimelineToTimelineModel(timeline, false, TimelineType.template);
+      expect(newTimeline).toEqual({
+        columns: [
+          {
+            columnHeaderType: 'not-filtered',
+            id: '@timestamp',
+            width: 190,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'message',
+            width: 180,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'event.category',
+            width: 180,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'event.action',
+            width: 180,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'host.name',
+            width: 180,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'source.ip',
+            width: 180,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'destination.ip',
+            width: 180,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'user.name',
+            width: 180,
+          },
+        ],
+        dataProviders: [],
+        dateRange: { end: '2020-10-28T11:37:31.655Z', start: '2020-10-27T11:37:31.655Z' },
+        description: '',
+        deletedEventIds: [],
+        eventIdToNoteIds: {},
+        eventType: 'all',
+        excludedRowRendererIds: [],
+        filters: [],
+        highlightedDropAndProviderId: '',
+        historyIds: [],
+        id: 'savedObject-1',
+        indexNames: [],
+        isFavorite: false,
+        isLive: false,
+        isSelectAllChecked: false,
+        isLoading: false,
+        isSaving: false,
+        itemsPerPage: 25,
+        itemsPerPageOptions: [10, 25, 50, 100],
+        kqlMode: 'filter',
+        kqlQuery: {
+          filterQuery: null,
+          filterQueryDraft: null,
+        },
+        loadingEventIds: [],
+        noteIds: [],
+        pinnedEventIds: {},
+        pinnedEventsSaveObject: {},
+        savedObjectId: 'savedObject-1',
+        selectedEventIds: {},
+        show: false,
+        showCheckboxes: false,
+        sort: {
+          columnId: '@timestamp',
+          sortDirection: 'desc',
+        },
+        status: TimelineStatus.immutable,
+        title: 'Awesome Timeline',
+        timelineType: TimelineType.template,
+        templateTimelineId: null,
+        templateTimelineVersion: null,
+        version: '1',
+        width: 1100,
+      });
+    });
+
+    test('should not override timerange if given a custom template or timeline', () => {
+      const timeline = {
+        savedObjectId: 'savedObject-1',
+        title: 'Awesome Timeline',
+        version: '1',
+        status: TimelineStatus.active,
+        timelineType: TimelineType.default,
+      };
+
+      const newTimeline = defaultTimelineToTimelineModel(timeline, false, TimelineType.default);
+      expect(newTimeline).toEqual({
+        columns: [
+          {
+            columnHeaderType: 'not-filtered',
+            id: '@timestamp',
+            width: 190,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'message',
+            width: 180,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'event.category',
+            width: 180,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'event.action',
+            width: 180,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'host.name',
+            width: 180,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'source.ip',
+            width: 180,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'destination.ip',
+            width: 180,
+          },
+          {
+            columnHeaderType: 'not-filtered',
+            id: 'user.name',
+            width: 180,
+          },
+        ],
+        dataProviders: [],
+        dateRange: { end: '2020-07-08T08:20:18.966Z', start: '2020-07-07T08:20:18.966Z' },
+        description: '',
+        deletedEventIds: [],
+        eventIdToNoteIds: {},
+        eventType: 'all',
+        excludedRowRendererIds: [],
+        filters: [],
+        highlightedDropAndProviderId: '',
+        historyIds: [],
+        id: 'savedObject-1',
+        indexNames: [],
+        isFavorite: false,
+        isLive: false,
+        isSelectAllChecked: false,
+        isLoading: false,
+        isSaving: false,
+        itemsPerPage: 25,
+        itemsPerPageOptions: [10, 25, 50, 100],
+        kqlMode: 'filter',
+        kqlQuery: {
+          filterQuery: null,
+          filterQueryDraft: null,
+        },
+        loadingEventIds: [],
+        noteIds: [],
+        pinnedEventIds: {},
+        pinnedEventsSaveObject: {},
+        savedObjectId: 'savedObject-1',
+        selectedEventIds: {},
+        show: false,
+        showCheckboxes: false,
+        sort: {
+          columnId: '@timestamp',
+          sortDirection: 'desc',
+        },
+        status: TimelineStatus.active,
+        title: 'Awesome Timeline',
+        timelineType: TimelineType.default,
+        templateTimelineId: null,
+        templateTimelineVersion: null,
+        version: '1',
+        width: 1100,
+      });
+    });
+  });
+
+  describe('queryTimelineById', () => {
+    describe('open a timeline', () => {
+      const updateIsLoading = jest.fn();
+      const selectedTimeline = {
+        ...mockSelectedTimeline,
+      };
+      const apolloClient = {
+        query: (jest.fn().mockResolvedValue(selectedTimeline) as unknown) as ApolloClient<{}>,
+      };
+      const onOpenTimeline = jest.fn();
+      const args = {
+        apolloClient,
+        duplicate: false,
+        graphEventId: '',
+        timelineId: '',
+        timelineType: TimelineType.default,
+        onOpenTimeline,
+        openTimeline: true,
+        updateIsLoading,
+        updateTimeline: jest.fn(),
+      };
+
+      beforeAll(async () => {
+        await queryTimelineById<{}>((args as unknown) as QueryTimelineById<{}>);
+      });
+
+      afterAll(() => {
+        jest.clearAllMocks();
+      });
+
+      test('dispatch updateIsLoading to true', () => {
+        expect(updateIsLoading.mock.calls[0][0]).toEqual({
+          id: TimelineId.active,
+          isLoading: true,
+        });
+      });
+
+      test('get timeline by Id', () => {
+        expect(apolloClient.query).toHaveBeenCalled();
+      });
+
+      test('Do not override daterange if TimelineStatus is active', () => {
+        const { timeline } = formatTimelineResultToModel(
+          omitTypenameInTimeline(getOr({}, 'data.getOneTimeline', selectedTimeline)),
+          args.duplicate,
+          args.timelineType
+        );
+        expect(onOpenTimeline).toBeCalledWith({
+          ...timeline,
+        });
+      });
+
+      test('dispatch updateIsLoading to false', () => {
+        expect(updateIsLoading.mock.calls[1][0]).toEqual({
+          id: TimelineId.active,
+          isLoading: false,
+        });
+      });
+    });
+
+    describe('update a timeline', () => {
+      const updateIsLoading = jest.fn();
+      const updateTimeline = jest.fn();
+      const selectedTimeline = { ...mockSelectedTimeline };
+      const apolloClient = {
+        query: (jest.fn().mockResolvedValue(selectedTimeline) as unknown) as ApolloClient<{}>,
+      };
+      const args = {
+        apolloClient,
+        duplicate: false,
+        graphEventId: '',
+        timelineId: '',
+        timelineType: TimelineType.default,
+        openTimeline: true,
+        updateIsLoading,
+        updateTimeline,
+      };
+
+      beforeAll(async () => {
+        await queryTimelineById<{}>((args as unknown) as QueryTimelineById<{}>);
+      });
+
+      afterAll(() => {
+        jest.clearAllMocks();
+      });
+
+      test('dispatch updateIsLoading to true', () => {
+        expect(updateIsLoading.mock.calls[0][0]).toEqual({
+          id: TimelineId.active,
+          isLoading: true,
+        });
+      });
+
+      test('get timeline by Id', () => {
+        expect(apolloClient.query).toHaveBeenCalled();
+      });
+
+      test('should not override daterange if TimelineStatus is active', () => {
+        const { timeline } = formatTimelineResultToModel(
+          omitTypenameInTimeline(getOr({}, 'data.getOneTimeline', selectedTimeline)),
+          args.duplicate,
+          args.timelineType
+        );
+        expect(updateTimeline).toBeCalledWith({
+          timeline: {
+            ...timeline,
+            graphEventId: '',
+            show: true,
+            dateRange: {
+              start: '2020-07-07T08:20:18.966Z',
+              end: '2020-07-08T08:20:18.966Z',
+            },
+          },
+          duplicate: false,
+          from: '2020-07-07T08:20:18.966Z',
+          to: '2020-07-08T08:20:18.966Z',
+          notes: [],
+          id: TimelineId.active,
+        });
+      });
+
+      test('dispatch updateIsLoading to false', () => {
+        expect(updateIsLoading.mock.calls[1][0]).toEqual({
+          id: TimelineId.active,
+          isLoading: false,
+        });
+      });
+    });
+
+    describe('open an immutable template', () => {
+      const updateIsLoading = jest.fn();
+      const template = { ...mockSelectedTemplate };
+      const apolloClient = {
+        query: (jest.fn().mockResolvedValue(template) as unknown) as ApolloClient<{}>,
+      };
+      const onOpenTimeline = jest.fn();
+      const args = {
+        apolloClient,
+        duplicate: false,
+        graphEventId: '',
+        timelineId: '',
+        timelineType: TimelineType.template,
+        onOpenTimeline,
+        openTimeline: true,
+        updateIsLoading,
+        updateTimeline: jest.fn(),
+      };
+
+      beforeAll(async () => {
+        await queryTimelineById<{}>((args as unknown) as QueryTimelineById<{}>);
+      });
+
+      afterAll(() => {
+        jest.clearAllMocks();
+      });
+
+      test('dispatch updateIsLoading to true', () => {
+        expect(updateIsLoading.mock.calls[0][0]).toEqual({
+          id: TimelineId.active,
+          isLoading: true,
+        });
+      });
+
+      test('get timeline by Id', () => {
+        expect(apolloClient.query).toHaveBeenCalled();
+      });
+
+      test('override daterange if TimelineStatus is immutable', () => {
+        const { timeline } = formatTimelineResultToModel(
+          omitTypenameInTimeline(getOr({}, 'data.getOneTimeline', template)),
+          args.duplicate,
+          args.timelineType
+        );
+        expect(onOpenTimeline).toBeCalledWith({
+          ...timeline,
+          dateRange: {
+            end: '2020-10-28T11:37:31.655Z',
+            start: '2020-10-27T11:37:31.655Z',
+          },
+        });
+      });
+
+      test('dispatch updateIsLoading to false', () => {
+        expect(updateIsLoading.mock.calls[1][0]).toEqual({
+          id: TimelineId.active,
+          isLoading: false,
+        });
+      });
+    });
   });
 
   describe('omitTypenameInTimeline', () => {
diff --git a/x-pack/plugins/security_solution/public/timelines/components/open_timeline/helpers.ts b/x-pack/plugins/security_solution/public/timelines/components/open_timeline/helpers.ts
index 4c3be81a4992a..a0090baeb9923 100644
--- a/x-pack/plugins/security_solution/public/timelines/components/open_timeline/helpers.ts
+++ b/x-pack/plugins/security_solution/public/timelines/components/open_timeline/helpers.ts
@@ -33,7 +33,10 @@ import {
   addNotes as dispatchAddNotes,
   updateNote as dispatchUpdateNote,
 } from '../../../common/store/app/actions';
-import { setTimelineRangeDatePicker as dispatchSetTimelineRangeDatePicker } from '../../../common/store/inputs/actions';
+import {
+  setTimelineRangeDatePicker as dispatchSetTimelineRangeDatePicker,
+  setRelativeRangeDatePicker as dispatchSetRelativeRangeDatePicker,
+} from '../../../common/store/inputs/actions';
 import {
   setKqlFilterQueryDraft as dispatchSetKqlFilterQueryDraft,
   applyKqlFilterQuery as dispatchApplyKqlFilterQuery,
@@ -58,6 +61,10 @@ import { IS_OPERATOR } from '../timeline/data_providers/data_provider';
 import { normalizeTimeRange } from '../../../common/components/url_state/normalize_time_range';
 import { sourcererActions } from '../../../common/store/sourcerer';
 import { SourcererScopeName } from '../../../common/store/sourcerer/model';
+import {
+  DEFAULT_FROM_MOMENT,
+  DEFAULT_TO_MOMENT,
+} from '../../../common/utils/default_date_settings';
 
 export const OPEN_TIMELINE_CLASS_NAME = 'open-timeline';
 
@@ -252,6 +259,14 @@ export const defaultTimelineToTimelineModel = (
   const timelineEntries = {
     ...timeline,
     columns: timeline.columns != null ? timeline.columns.map(setTimelineColumn) : defaultHeaders,
+    dateRange:
+      timeline.status === TimelineStatus.immutable &&
+      timeline.timelineType === TimelineType.template
+        ? {
+            start: DEFAULT_FROM_MOMENT.toISOString(),
+            end: DEFAULT_TO_MOMENT.toISOString(),
+          }
+        : timeline.dateRange,
     dataProviders: getDataProviders(duplicate, timeline.dataProviders, timelineType),
     eventIdToNoteIds: setEventIdToNoteIds(duplicate, timeline.eventIdToNoteIds),
     filters: timeline.filters != null ? timeline.filters.map(setTimelineFilters) : [],
@@ -340,6 +355,7 @@ export const queryTimelineById = <TCache>({
           duplicate,
           timelineType
         );
+
         if (onOpenTimeline != null) {
           onOpenTimeline(timeline);
         } else if (updateTimeline) {
@@ -356,6 +372,7 @@ export const queryTimelineById = <TCache>({
               ...timeline,
               graphEventId,
               show: openTimeline,
+              dateRange: { start: from, end: to },
             },
             to,
           })();
@@ -384,7 +401,22 @@ export const dispatchUpdateTimeline = (dispatch: Dispatch): DispatchUpdateTimeli
       eventType: timeline.eventType,
     })
   );
-  dispatch(dispatchSetTimelineRangeDatePicker({ from, to }));
+  if (
+    timeline.status === TimelineStatus.immutable &&
+    timeline.timelineType === TimelineType.template
+  ) {
+    dispatch(
+      dispatchSetRelativeRangeDatePicker({
+        id: 'timeline',
+        fromStr: 'now-24h',
+        toStr: 'now',
+        from: DEFAULT_FROM_MOMENT.toISOString(),
+        to: DEFAULT_TO_MOMENT.toISOString(),
+      })
+    );
+  } else {
+    dispatch(dispatchSetTimelineRangeDatePicker({ from, to }));
+  }
   dispatch(dispatchAddTimeline({ id, timeline, savedTimeline: duplicate }));
   if (
     timeline.kqlQuery != null &&
diff --git a/x-pack/plugins/security_solution/public/timelines/store/timeline/helpers.ts b/x-pack/plugins/security_solution/public/timelines/store/timeline/helpers.ts
index d4e807b4a9a07..9a0bf5ec4a940 100644
--- a/x-pack/plugins/security_solution/public/timelines/store/timeline/helpers.ts
+++ b/x-pack/plugins/security_solution/public/timelines/store/timeline/helpers.ts
@@ -26,6 +26,7 @@ import {
   TimelineTypeLiteral,
   TimelineType,
   RowRendererId,
+  TimelineStatus,
   TimelineId,
 } from '../../../../common/types/timeline';
 import { normalizeTimeRange } from '../../../common/components/url_state/normalize_time_range';
@@ -33,6 +34,10 @@ import { normalizeTimeRange } from '../../../common/components/url_state/normali
 import { timelineDefaults } from './defaults';
 import { ColumnHeaderOptions, KqlMode, TimelineModel } from './model';
 import { TimelineById } from './types';
+import {
+  DEFAULT_FROM_MOMENT,
+  DEFAULT_TO_MOMENT,
+} from '../../../common/utils/default_date_settings';
 import { activeTimeline } from '../../containers/active_timeline_context';
 
 export const isNotNull = <T>(value: T | null): value is T => value !== null;
@@ -144,6 +149,14 @@ export const addTimelineToStore = ({
     [id]: {
       ...timeline,
       isLoading: timelineById[id].isLoading,
+      dateRange:
+        timeline.status === TimelineStatus.immutable &&
+        timeline.timelineType === TimelineType.template
+          ? {
+              start: DEFAULT_FROM_MOMENT.toISOString(),
+              end: DEFAULT_TO_MOMENT.toISOString(),
+            }
+          : timeline.dateRange,
     },
   };
 };
diff --git a/x-pack/plugins/security_solution/public/timelines/store/timeline/reducer.test.ts b/x-pack/plugins/security_solution/public/timelines/store/timeline/reducer.test.ts
index c2f43625ab464..7bd86cd7e2452 100644
--- a/x-pack/plugins/security_solution/public/timelines/store/timeline/reducer.test.ts
+++ b/x-pack/plugins/security_solution/public/timelines/store/timeline/reducer.test.ts
@@ -48,6 +48,14 @@ import { timelineDefaults } from './defaults';
 import { TimelineById } from './types';
 
 jest.mock('../../../common/components/url_state/normalize_time_range.ts');
+jest.mock('../../../common/utils/default_date_settings', () => {
+  const actual = jest.requireActual('../../../common/utils/default_date_settings');
+  return {
+    ...actual,
+    DEFAULT_FROM_MOMENT: new Date('2020-10-27T11:37:31.655Z'),
+    DEFAULT_TO_MOMENT: new Date('2020-10-28T11:37:31.655Z'),
+  };
+});
 
 const basicDataProvider: DataProvider = {
   and: [],
@@ -141,6 +149,31 @@ describe('Timeline', () => {
         },
       });
     });
+
+    test('should override timerange if adding an immutable template', () => {
+      const update = addTimelineToStore({
+        id: 'foo',
+        timeline: {
+          ...basicTimeline,
+          status: TimelineStatus.immutable,
+          timelineType: TimelineType.template,
+        },
+        timelineById: timelineByIdMock,
+      });
+
+      expect(update).toEqual({
+        foo: {
+          ...basicTimeline,
+          status: TimelineStatus.immutable,
+          timelineType: TimelineType.template,
+          dateRange: {
+            start: '2020-10-27T11:37:31.655Z',
+            end: '2020-10-28T11:37:31.655Z',
+          },
+          show: true,
+        },
+      });
+    });
   });
 
   describe('#addNewTimeline', () => {
diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/policy/handlers.test.ts b/x-pack/plugins/security_solution/server/endpoint/routes/policy/handlers.test.ts
index 7dddc357fe53d..009ce043db85e 100644
--- a/x-pack/plugins/security_solution/server/endpoint/routes/policy/handlers.test.ts
+++ b/x-pack/plugins/security_solution/server/endpoint/routes/policy/handlers.test.ts
@@ -5,10 +5,11 @@
  */
 import { EndpointAppContextService } from '../../endpoint_app_context_services';
 import {
+  createMockAgentService,
   createMockEndpointAppContextServiceStartContract,
   createRouteHandlerContext,
 } from '../../mocks';
-import { getHostPolicyResponseHandler } from './handlers';
+import { getHostPolicyResponseHandler, getAgentPolicySummaryHandler } from './handlers';
 import {
   ILegacyScopedClusterClient,
   KibanaResponseFactory,
@@ -24,6 +25,8 @@ import { SearchResponse } from 'elasticsearch';
 import { GetHostPolicyResponse, HostPolicyResponse } from '../../../../common/endpoint/types';
 import { EndpointDocGenerator } from '../../../../common/endpoint/generate_data';
 import { createMockConfig } from '../../../lib/detection_engine/routes/__mocks__';
+import { Agent } from '../../../../../fleet/common/types/models';
+import { AgentService } from '../../../../../fleet/server/services';
 
 describe('test policy response handler', () => {
   let endpointAppContextService: EndpointAppContextService;
@@ -31,64 +34,198 @@ describe('test policy response handler', () => {
   let mockSavedObjectClient: jest.Mocked<SavedObjectsClientContract>;
   let mockResponse: jest.Mocked<KibanaResponseFactory>;
 
-  beforeEach(() => {
-    mockScopedClient = elasticsearchServiceMock.createLegacyScopedClusterClient();
-    mockSavedObjectClient = savedObjectsClientMock.create();
-    mockResponse = httpServerMock.createResponseFactory();
-    endpointAppContextService = new EndpointAppContextService();
-    endpointAppContextService.start(createMockEndpointAppContextServiceStartContract());
-  });
+  describe('test policy response handler', () => {
+    beforeEach(() => {
+      mockScopedClient = elasticsearchServiceMock.createLegacyScopedClusterClient();
+      mockSavedObjectClient = savedObjectsClientMock.create();
+      mockResponse = httpServerMock.createResponseFactory();
+      endpointAppContextService = new EndpointAppContextService();
+      endpointAppContextService.start(createMockEndpointAppContextServiceStartContract());
+    });
 
-  afterEach(() => endpointAppContextService.stop());
+    afterEach(() => endpointAppContextService.stop());
 
-  it('should return the latest policy response for a host', async () => {
-    const response = createSearchResponse(new EndpointDocGenerator().generatePolicyResponse());
-    const hostPolicyResponseHandler = getHostPolicyResponseHandler({
-      logFactory: loggingSystemMock.create(),
-      service: endpointAppContextService,
-      config: () => Promise.resolve(createMockConfig()),
-    });
+    it('should return the latest policy response for a host', async () => {
+      const response = createSearchResponse(new EndpointDocGenerator().generatePolicyResponse());
+      const hostPolicyResponseHandler = getHostPolicyResponseHandler({
+        logFactory: loggingSystemMock.create(),
+        service: endpointAppContextService,
+        config: () => Promise.resolve(createMockConfig()),
+      });
 
-    mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response));
-    const mockRequest = httpServerMock.createKibanaRequest({
-      params: { agentId: 'id' },
+      mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response));
+      const mockRequest = httpServerMock.createKibanaRequest({
+        params: { agentId: 'id' },
+      });
+
+      await hostPolicyResponseHandler(
+        createRouteHandlerContext(mockScopedClient, mockSavedObjectClient),
+        mockRequest,
+        mockResponse
+      );
+
+      expect(mockResponse.ok).toBeCalled();
+      const result = mockResponse.ok.mock.calls[0][0]?.body as GetHostPolicyResponse;
+      expect(result.policy_response.agent.id).toEqual(response.hits.hits[0]._source.agent.id);
     });
 
-    await hostPolicyResponseHandler(
-      createRouteHandlerContext(mockScopedClient, mockSavedObjectClient),
-      mockRequest,
-      mockResponse
-    );
+    it('should return not found when there is no response policy for host', async () => {
+      const hostPolicyResponseHandler = getHostPolicyResponseHandler({
+        logFactory: loggingSystemMock.create(),
+        service: endpointAppContextService,
+        config: () => Promise.resolve(createMockConfig()),
+      });
+
+      mockScopedClient.callAsCurrentUser.mockImplementationOnce(() =>
+        Promise.resolve(createSearchResponse())
+      );
 
-    expect(mockResponse.ok).toBeCalled();
-    const result = mockResponse.ok.mock.calls[0][0]?.body as GetHostPolicyResponse;
-    expect(result.policy_response.agent.id).toEqual(response.hits.hits[0]._source.agent.id);
+      const mockRequest = httpServerMock.createKibanaRequest({
+        params: { agentId: 'id' },
+      });
+
+      await hostPolicyResponseHandler(
+        createRouteHandlerContext(mockScopedClient, mockSavedObjectClient),
+        mockRequest,
+        mockResponse
+      );
+
+      expect(mockResponse.notFound).toBeCalled();
+      const message = mockResponse.notFound.mock.calls[0][0]?.body;
+      expect(message).toEqual('Policy Response Not Found');
+    });
   });
 
-  it('should return not found when there is no response policy for host', async () => {
-    const hostPolicyResponseHandler = getHostPolicyResponseHandler({
-      logFactory: loggingSystemMock.create(),
-      service: endpointAppContextService,
-      config: () => Promise.resolve(createMockConfig()),
+  describe('test agent policy summary handler', () => {
+    let mockAgentService: jest.Mocked<AgentService>;
+
+    let agentListResult: {
+      agents: Agent[];
+      total: number;
+      page: number;
+      perPage: number;
+    };
+
+    let emptyAgentListResult: {
+      agents: Agent[];
+      total: number;
+      page: number;
+      perPage: number;
+    };
+
+    beforeEach(() => {
+      mockScopedClient = elasticsearchServiceMock.createLegacyScopedClusterClient();
+      mockSavedObjectClient = savedObjectsClientMock.create();
+      mockResponse = httpServerMock.createResponseFactory();
+      endpointAppContextService = new EndpointAppContextService();
+      mockAgentService = createMockAgentService();
+      emptyAgentListResult = {
+        agents: [],
+        total: 2,
+        page: 1,
+        perPage: 1,
+      };
+
+      agentListResult = {
+        agents: [
+          ({
+            local_metadata: {
+              elastic: {
+                agent: {
+                  version: '8.0.0',
+                },
+              },
+            },
+          } as unknown) as Agent,
+          ({
+            local_metadata: {
+              elastic: {
+                agent: {
+                  version: '8.0.0',
+                },
+              },
+            },
+          } as unknown) as Agent,
+          ({
+            local_metadata: {
+              elastic: {
+                agent: {
+                  version: '8.1.0',
+                },
+              },
+            },
+          } as unknown) as Agent,
+        ],
+        total: 2,
+        page: 1,
+        perPage: 1,
+      };
+      endpointAppContextService.start({
+        ...createMockEndpointAppContextServiceStartContract(),
+        ...{ agentService: mockAgentService },
+      });
     });
 
-    mockScopedClient.callAsCurrentUser.mockImplementationOnce(() =>
-      Promise.resolve(createSearchResponse())
-    );
+    afterEach(() => endpointAppContextService.stop());
+
+    it('should return the summary of all the agent with the given policy name', async () => {
+      mockAgentService.listAgents
+        .mockImplementationOnce(() => Promise.resolve(agentListResult))
+        .mockImplementationOnce(() => Promise.resolve(emptyAgentListResult));
 
-    const mockRequest = httpServerMock.createKibanaRequest({
-      params: { agentId: 'id' },
+      const policySummarysHandler = getAgentPolicySummaryHandler({
+        logFactory: loggingSystemMock.create(),
+        service: endpointAppContextService,
+        config: () => Promise.resolve(createMockConfig()),
+      });
+
+      const mockRequest = httpServerMock.createKibanaRequest({
+        query: { policy_id: '41a1b470-221b-11eb-8fba-fb9c0d46ace3', package_name: 'endpoint' },
+      });
+
+      await policySummarysHandler(
+        createRouteHandlerContext(mockScopedClient, mockSavedObjectClient),
+        mockRequest,
+        mockResponse
+      );
+      expect(mockResponse.ok).toBeCalled();
+      expect(mockResponse.ok.mock.calls[0][0]?.body).toEqual({
+        summary_response: {
+          policy_id: '41a1b470-221b-11eb-8fba-fb9c0d46ace3',
+          package: 'endpoint',
+          versions_count: { '8.0.0': 2, '8.1.0': 1 },
+        },
+      });
     });
 
-    await hostPolicyResponseHandler(
-      createRouteHandlerContext(mockScopedClient, mockSavedObjectClient),
-      mockRequest,
-      mockResponse
-    );
+    it('should return the agent summary', async () => {
+      mockAgentService.listAgents
+        .mockImplementationOnce(() => Promise.resolve(agentListResult))
+        .mockImplementationOnce(() => Promise.resolve(emptyAgentListResult));
+
+      const agentPolicySummaryHandler = getAgentPolicySummaryHandler({
+        logFactory: loggingSystemMock.create(),
+        service: endpointAppContextService,
+        config: () => Promise.resolve(createMockConfig()),
+      });
 
-    expect(mockResponse.notFound).toBeCalled();
-    const message = mockResponse.notFound.mock.calls[0][0]?.body;
-    expect(message).toEqual('Policy Response Not Found');
+      const mockRequest = httpServerMock.createKibanaRequest({
+        query: { package_name: 'endpoint' },
+      });
+
+      await agentPolicySummaryHandler(
+        createRouteHandlerContext(mockScopedClient, mockSavedObjectClient),
+        mockRequest,
+        mockResponse
+      );
+      expect(mockResponse.ok).toBeCalled();
+      expect(mockResponse.ok.mock.calls[0][0]?.body).toEqual({
+        summary_response: {
+          package: 'endpoint',
+          versions_count: { '8.0.0': 2, '8.1.0': 1 },
+        },
+      });
+    });
   });
 });
 
diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/policy/handlers.ts b/x-pack/plugins/security_solution/server/endpoint/routes/policy/handlers.ts
index f3a7b08a4cd44..728e3279c52a4 100644
--- a/x-pack/plugins/security_solution/server/endpoint/routes/policy/handlers.ts
+++ b/x-pack/plugins/security_solution/server/endpoint/routes/policy/handlers.ts
@@ -6,9 +6,13 @@
 import { RequestHandler } from 'kibana/server';
 import { TypeOf } from '@kbn/config-schema';
 import { policyIndexPattern } from '../../../../common/endpoint/constants';
-import { GetPolicyResponseSchema } from '../../../../common/endpoint/schema/policy';
+import {
+  GetPolicyResponseSchema,
+  GetAgentPolicySummaryRequestSchema,
+} from '../../../../common/endpoint/schema/policy';
 import { EndpointAppContext } from '../../types';
-import { getPolicyResponseByAgentId } from './service';
+import { getAgentPolicySummary, getPolicyResponseByAgentId } from './service';
+import { GetAgentSummaryResponse } from '../../../../common/endpoint/types';
 
 export const getHostPolicyResponseHandler = function (
   endpointAppContext: EndpointAppContext
@@ -31,3 +35,35 @@ export const getHostPolicyResponseHandler = function (
     }
   };
 };
+
+export const getAgentPolicySummaryHandler = function (
+  endpointAppContext: EndpointAppContext
+): RequestHandler<undefined, TypeOf<typeof GetAgentPolicySummaryRequestSchema.query>, undefined> {
+  return async (context, request, response) => {
+    try {
+      const result = await getAgentPolicySummary(
+        endpointAppContext,
+        context.core.savedObjects.client,
+        request.query.package_name,
+        request.query?.policy_id || undefined
+      );
+      const responseBody = {
+        package: request.query.package_name,
+        versions_count: { ...result },
+      };
+
+      const body: GetAgentSummaryResponse = {
+        summary_response: request.query?.policy_id
+          ? { ...responseBody, ...{ policy_id: request.query?.policy_id } }
+          : responseBody,
+      };
+
+      return response.ok({
+        body,
+      });
+    } catch (err) {
+      endpointAppContext.logFactory.get('metadata').error(JSON.stringify(err, null, 2));
+      return response.internalError({ body: err });
+    }
+  };
+};
diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/policy/index.ts b/x-pack/plugins/security_solution/server/endpoint/routes/policy/index.ts
index 5993b0b0e752e..a924095b95be1 100644
--- a/x-pack/plugins/security_solution/server/endpoint/routes/policy/index.ts
+++ b/x-pack/plugins/security_solution/server/endpoint/routes/policy/index.ts
@@ -6,10 +6,15 @@
 
 import { IRouter } from 'kibana/server';
 import { EndpointAppContext } from '../../types';
-import { GetPolicyResponseSchema } from '../../../../common/endpoint/schema/policy';
-import { getHostPolicyResponseHandler } from './handlers';
-
-export const BASE_POLICY_RESPONSE_ROUTE = `/api/endpoint/policy_response`;
+import {
+  GetPolicyResponseSchema,
+  GetAgentPolicySummaryRequestSchema,
+} from '../../../../common/endpoint/schema/policy';
+import { getHostPolicyResponseHandler, getAgentPolicySummaryHandler } from './handlers';
+import {
+  AGENT_POLICY_SUMMARY_ROUTE,
+  BASE_POLICY_RESPONSE_ROUTE,
+} from '../../../../common/endpoint/constants';
 
 export const INITIAL_POLICY_ID = '00000000-0000-0000-0000-000000000000';
 
@@ -22,4 +27,13 @@ export function registerPolicyRoutes(router: IRouter, endpointAppContext: Endpoi
     },
     getHostPolicyResponseHandler(endpointAppContext)
   );
+
+  router.get(
+    {
+      path: AGENT_POLICY_SUMMARY_ROUTE,
+      validate: GetAgentPolicySummaryRequestSchema,
+      options: { authRequired: true },
+    },
+    getAgentPolicySummaryHandler(endpointAppContext)
+  );
 }
diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/policy/service.ts b/x-pack/plugins/security_solution/server/endpoint/routes/policy/service.ts
index 0019c97a6cced..e670ca6e20cb2 100644
--- a/x-pack/plugins/security_solution/server/endpoint/routes/policy/service.ts
+++ b/x-pack/plugins/security_solution/server/endpoint/routes/policy/service.ts
@@ -5,9 +5,12 @@
  */
 
 import { SearchResponse } from 'elasticsearch';
-import { ILegacyScopedClusterClient } from 'kibana/server';
+import { ILegacyScopedClusterClient, SavedObjectsClientContract } from 'kibana/server';
 import { GetHostPolicyResponse, HostPolicyResponse } from '../../../../common/endpoint/types';
 import { INITIAL_POLICY_ID } from './index';
+import { Agent } from '../../../../../fleet/common/types/models';
+import { EndpointAppContext } from '../../types';
+import { AGENT_SAVED_OBJECT_TYPE } from '../../../../../fleet/common/constants';
 
 export function getESQueryPolicyResponseByAgentID(agentID: string, index: string) {
   return {
@@ -57,3 +60,70 @@ export async function getPolicyResponseByAgentId(
     policy_response: response.hits.hits[0]._source,
   };
 }
+
+const transformAgentVersionMap = (versionMap: Map<string, number>): { [key: string]: number } => {
+  const data: { [key: string]: number } = {};
+  versionMap.forEach((value, key) => {
+    data[key] = value;
+  });
+  return data;
+};
+
+export async function getAgentPolicySummary(
+  endpointAppContext: EndpointAppContext,
+  soClient: SavedObjectsClientContract,
+  packageName: string,
+  policyId?: string,
+  pageSize: number = 1000
+): Promise<{ [key: string]: number }> {
+  const agentQuery = `${AGENT_SAVED_OBJECT_TYPE}.packages:"${packageName}"`;
+  if (policyId) {
+    return transformAgentVersionMap(
+      await agentVersionsMap(
+        endpointAppContext,
+        soClient,
+        `${agentQuery} AND ${AGENT_SAVED_OBJECT_TYPE}.policy_id:${policyId}`,
+        pageSize
+      )
+    );
+  }
+
+  return transformAgentVersionMap(
+    await agentVersionsMap(endpointAppContext, soClient, agentQuery, pageSize)
+  );
+}
+
+export async function agentVersionsMap(
+  endpointAppContext: EndpointAppContext,
+  soClient: SavedObjectsClientContract,
+  kqlQuery: string,
+  pageSize: number = 1000
+): Promise<Map<string, number>> {
+  const searchOptions = (pageNum: number) => {
+    return {
+      page: pageNum,
+      perPage: pageSize,
+      showInactive: false,
+      kuery: kqlQuery,
+    };
+  };
+
+  let page = 1;
+  const result: Map<string, number> = new Map<string, number>();
+  let hasMore = true;
+  while (hasMore) {
+    const queryResult = await endpointAppContext.service
+      .getAgentService()!
+      .listAgents(soClient, searchOptions(page++));
+    queryResult.agents.forEach((agent: Agent) => {
+      const agentVersion = agent.local_metadata?.elastic?.agent?.version;
+      if (result.has(agentVersion)) {
+        result.set(agentVersion, result.get(agentVersion)! + 1);
+      } else {
+        result.set(agentVersion, 1);
+      }
+    });
+    hasMore = queryResult.agents.length > 0;
+  }
+  return result;
+}
diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts
index f885445c29b04..a3b378a6ef04a 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts
@@ -115,12 +115,15 @@ export const createPrepackagedRules = async (
       );
     }
   }
-  const result = await Promise.all([
-    installPrepackagedRules(alertsClient, rulesToInstall, signalsIndex),
-    installPrepackagedTimelines(maxTimelineImportExportSize, frameworkRequest, true),
-  ]);
+
+  await Promise.all(installPrepackagedRules(alertsClient, rulesToInstall, signalsIndex));
+  const timeline = await installPrepackagedTimelines(
+    maxTimelineImportExportSize,
+    frameworkRequest,
+    true
+  );
   const [prepackagedTimelinesResult, timelinesErrors] = validate(
-    result[1],
+    timeline,
     importTimelineResultSchema
   );
   await updatePrepackagedRules(alertsClient, savedObjectsClient, rulesToUpdate, signalsIndex);
diff --git a/x-pack/plugins/security_solution/server/lib/timeline/routes/__mocks__/create_timelines.ts b/x-pack/plugins/security_solution/server/lib/timeline/routes/__mocks__/create_timelines.ts
new file mode 100644
index 0000000000000..e8242d9691032
--- /dev/null
+++ b/x-pack/plugins/security_solution/server/lib/timeline/routes/__mocks__/create_timelines.ts
@@ -0,0 +1,217 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export const mockTemplate = {
+  columns: [
+    {
+      columnHeaderType: 'not-filtered',
+      indexes: null,
+      id: '@timestamp',
+      name: null,
+      searchable: null,
+    },
+    {
+      columnHeaderType: 'not-filtered',
+      indexes: null,
+      id: 'signal.rule.description',
+      name: null,
+      searchable: null,
+    },
+    {
+      columnHeaderType: 'not-filtered',
+      indexes: null,
+      id: 'event.action',
+      name: null,
+      searchable: null,
+    },
+    {
+      columnHeaderType: 'not-filtered',
+      indexes: null,
+      id: 'process.name',
+      name: null,
+      searchable: null,
+    },
+    {
+      aggregatable: true,
+      category: 'process',
+      columnHeaderType: 'not-filtered',
+      description: 'The working directory of the process.',
+      example: '/home/alice',
+      indexes: null,
+      id: 'process.working_directory',
+      name: null,
+      searchable: null,
+      type: 'string',
+    },
+    {
+      aggregatable: true,
+      category: 'process',
+      columnHeaderType: 'not-filtered',
+      description:
+        'Array of process arguments, starting with the absolute path to\nthe executable.\n\nMay be filtered to protect sensitive information.',
+      example: '["/usr/bin/ssh","-l","user","10.0.0.16"]',
+      indexes: null,
+      id: 'process.args',
+      name: null,
+      searchable: null,
+      type: 'string',
+    },
+    {
+      columnHeaderType: 'not-filtered',
+      indexes: null,
+      id: 'process.pid',
+      name: null,
+      searchable: null,
+    },
+    {
+      aggregatable: true,
+      category: 'process',
+      columnHeaderType: 'not-filtered',
+      description: 'Absolute path to the process executable.',
+      example: '/usr/bin/ssh',
+      indexes: null,
+      id: 'process.parent.executable',
+      name: null,
+      searchable: null,
+      type: 'string',
+    },
+    {
+      aggregatable: true,
+      category: 'process',
+      columnHeaderType: 'not-filtered',
+      description:
+        'Array of process arguments.\n\nMay be filtered to protect sensitive information.',
+      example: '["ssh","-l","user","10.0.0.16"]',
+      indexes: null,
+      id: 'process.parent.args',
+      name: null,
+      searchable: null,
+      type: 'string',
+    },
+    {
+      aggregatable: true,
+      category: 'process',
+      columnHeaderType: 'not-filtered',
+      description: 'Process id.',
+      example: '4242',
+      indexes: null,
+      id: 'process.parent.pid',
+      name: null,
+      searchable: null,
+      type: 'number',
+    },
+    {
+      aggregatable: true,
+      category: 'user',
+      columnHeaderType: 'not-filtered',
+      description: 'Short name or login of the user.',
+      example: 'albert',
+      indexes: null,
+      id: 'user.name',
+      name: null,
+      searchable: null,
+      type: 'string',
+    },
+    {
+      aggregatable: true,
+      category: 'host',
+      columnHeaderType: 'not-filtered',
+      description:
+        'Name of the host.\n\nIt can contain what `hostname` returns on Unix systems, the fully qualified\ndomain name, or a name specified by the user. The sender decides which value\nto use.',
+      indexes: null,
+      id: 'host.name',
+      name: null,
+      searchable: null,
+      type: 'string',
+    },
+  ],
+  dataProviders: [
+    {
+      id: 'timeline-1-8622010a-61fb-490d-b162-beac9c36a853',
+      name: '{process.name}',
+      enabled: true,
+      excluded: false,
+      kqlQuery: '',
+      type: 'template',
+      queryMatch: {
+        field: 'process.name',
+        displayField: null,
+        value: '{process.name}',
+        displayValue: null,
+        operator: ':',
+      },
+      and: [],
+    },
+    {
+      id: 'timeline-1-4685da24-35c1-43f3-892d-1f926dbf5568',
+      name: '{event.type}',
+      enabled: true,
+      excluded: false,
+      kqlQuery: '',
+      type: 'template',
+      queryMatch: {
+        field: 'event.type',
+        displayField: null,
+        value: '{event.type}',
+        displayValue: null,
+        operator: ':*',
+      },
+      and: [],
+    },
+  ],
+  description: '',
+  eventType: 'all',
+  excludedRowRendererIds: [],
+  filters: [],
+  kqlMode: 'filter',
+  kqlQuery: { filterQuery: { kuery: { kind: 'kuery', expression: '' }, serializedQuery: '' } },
+  indexNames: [],
+  title: 'Generic Process Timeline - Duplicate - Duplicate',
+  timelineType: 'template',
+  templateTimelineVersion: null,
+  templateTimelineId: null,
+  dateRange: { start: '2020-10-01T11:37:31.655Z', end: '2020-10-02T11:37:31.655Z' },
+  savedQueryId: null,
+  sort: { columnId: '@timestamp', sortDirection: 'desc' },
+  status: 'active',
+};
+
+export const mockTimeline = {
+  columns: [
+    { columnHeaderType: 'not-filtered', id: '@timestamp' },
+    { columnHeaderType: 'not-filtered', id: 'message' },
+    { columnHeaderType: 'not-filtered', id: 'event.category' },
+    { columnHeaderType: 'not-filtered', id: 'event.action' },
+    { columnHeaderType: 'not-filtered', id: 'host.name' },
+    { columnHeaderType: 'not-filtered', id: 'source.ip' },
+    { columnHeaderType: 'not-filtered', id: 'destination.ip' },
+    { columnHeaderType: 'not-filtered', id: 'user.name' },
+  ],
+  dataProviders: [],
+  description: '',
+  eventType: 'all',
+  excludedRowRendererIds: [],
+  filters: [],
+  kqlMode: 'filter',
+  kqlQuery: { filterQuery: null },
+  indexNames: [
+    'auditbeat-*',
+    'endgame-*',
+    'filebeat-*',
+    'logs-*',
+    'packetbeat-*',
+    'winlogbeat-*',
+    '.siem-signals-angelachuang-default',
+  ],
+  title: 'my timeline',
+  timelineType: 'default',
+  templateTimelineVersion: null,
+  templateTimelineId: null,
+  dateRange: { start: '2020-11-03T13:34:40.339Z', end: '2020-11-04T13:34:40.339Z' },
+  savedQueryId: null,
+  sort: { columnId: '@timestamp', sortDirection: 'desc' },
+  status: 'draft',
+};
diff --git a/x-pack/plugins/security_solution/server/lib/timeline/routes/utils/create_timelines.test.ts b/x-pack/plugins/security_solution/server/lib/timeline/routes/utils/create_timelines.test.ts
new file mode 100644
index 0000000000000..933e71cc10255
--- /dev/null
+++ b/x-pack/plugins/security_solution/server/lib/timeline/routes/utils/create_timelines.test.ts
@@ -0,0 +1,166 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import * as module from './create_timelines';
+import { persistTimeline } from '../../saved_object';
+import { persistPinnedEventOnTimeline } from '../../../pinned_event/saved_object';
+import { persistNote, getNote } from '../../../note/saved_object';
+import { FrameworkRequest } from '../../../framework';
+import { SavedTimeline } from '../../../../../common/types/timeline';
+import { mockTemplate, mockTimeline } from '../__mocks__/create_timelines';
+
+const frameworkRequest = {} as FrameworkRequest;
+const template = { ...mockTemplate } as SavedTimeline;
+const timeline = { ...mockTimeline } as SavedTimeline;
+const timelineSavedObjectId = null;
+const timelineVersion = null;
+const pinnedEventIds = ['123'];
+const notes = [
+  { noteId: 'abc', note: 'new note', timelineId: '', created: 1603885051655, createdBy: 'elastic' },
+];
+const existingNoteIds = undefined;
+const isImmutable = true;
+const newTimelineSavedObjectId = 'eb2781c0-1df5-11eb-8589-2f13958b79f7';
+
+jest.mock('moment', () => {
+  const mockMoment = {
+    toISOString: jest
+      .fn()
+      .mockReturnValueOnce('2020-11-03T11:37:31.655Z')
+      .mockReturnValue('2020-11-04T11:37:31.655Z'),
+    subtract: jest.fn(),
+  };
+  mockMoment.subtract.mockReturnValue(mockMoment);
+  return jest.fn().mockReturnValue(mockMoment);
+});
+
+jest.mock('../../saved_object', () => ({
+  persistTimeline: jest.fn().mockResolvedValue({
+    timeline: {
+      savedObjectId: 'eb2781c0-1df5-11eb-8589-2f13958b79f7',
+      version: 'xJs23==',
+    },
+  }),
+}));
+
+jest.mock('../../../pinned_event/saved_object', () => ({
+  persistPinnedEventOnTimeline: jest.fn(),
+}));
+
+jest.mock('../../../note/saved_object', () => ({
+  getNote: jest.fn(),
+  persistNote: jest.fn(),
+}));
+
+describe('createTimelines', () => {
+  describe('create timelines', () => {
+    beforeAll(async () => {
+      await module.createTimelines({
+        frameworkRequest,
+        timeline,
+        timelineSavedObjectId,
+        timelineVersion,
+        pinnedEventIds,
+        notes,
+        existingNoteIds,
+        isImmutable: false,
+      });
+    });
+
+    afterAll(() => {
+      jest.clearAllMocks();
+    });
+
+    test('respect input timerange - start', () => {
+      expect((persistTimeline as jest.Mock).mock.calls[0][3].dateRange.start).toEqual(
+        '2020-11-03T13:34:40.339Z'
+      );
+    });
+
+    test('respect input timerange - end', () => {
+      expect((persistTimeline as jest.Mock).mock.calls[0][3].dateRange.end).toEqual(
+        '2020-11-04T13:34:40.339Z'
+      );
+    });
+
+    test('savePinnedEvents', () => {
+      expect((persistPinnedEventOnTimeline as jest.Mock).mock.calls[0][2]).toEqual('123');
+    });
+
+    test('saveNotes', () => {
+      expect((persistNote as jest.Mock).mock.calls[0][3]).toEqual({
+        eventId: undefined,
+        note: 'new note',
+        timelineId: newTimelineSavedObjectId,
+      });
+    });
+  });
+
+  describe('create immutable templates', () => {
+    beforeAll(async () => {
+      (getNote as jest.Mock).mockReturnValue({
+        ...notes[0],
+      });
+      await module.createTimelines({
+        frameworkRequest,
+        timeline: template,
+        timelineSavedObjectId,
+        timelineVersion,
+        pinnedEventIds,
+        notes,
+        existingNoteIds,
+        isImmutable,
+        overrideNotesOwner: false,
+      });
+    });
+
+    afterAll(() => {
+      jest.clearAllMocks();
+    });
+    test('override timerange - start', () => {
+      expect((persistTimeline as jest.Mock).mock.calls[0][3].dateRange.start).toEqual(
+        '2020-11-03T11:37:31.655Z'
+      );
+    });
+
+    test('override timerange - end', () => {
+      expect((persistTimeline as jest.Mock).mock.calls[0][3].dateRange.end).toEqual(
+        '2020-11-04T11:37:31.655Z'
+      );
+    });
+  });
+
+  describe('create custom templates', () => {
+    beforeAll(async () => {
+      await module.createTimelines({
+        frameworkRequest,
+        timeline: template,
+        timelineSavedObjectId,
+        timelineVersion,
+        pinnedEventIds,
+        notes,
+        existingNoteIds,
+        isImmutable: false,
+      });
+    });
+
+    afterAll(() => {
+      jest.clearAllMocks();
+    });
+
+    test('respect input timerange - start', () => {
+      expect((persistTimeline as jest.Mock).mock.calls[0][3].dateRange.start).toEqual(
+        '2020-10-01T11:37:31.655Z'
+      );
+    });
+
+    test('respect input timerange - end', () => {
+      expect((persistTimeline as jest.Mock).mock.calls[0][3].dateRange.end).toEqual(
+        '2020-10-02T11:37:31.655Z'
+      );
+    });
+  });
+});
diff --git a/x-pack/plugins/security_solution/server/lib/timeline/routes/utils/create_timelines.ts b/x-pack/plugins/security_solution/server/lib/timeline/routes/utils/create_timelines.ts
index dc0caaf67d738..83f97ddb01eaa 100644
--- a/x-pack/plugins/security_solution/server/lib/timeline/routes/utils/create_timelines.ts
+++ b/x-pack/plugins/security_solution/server/lib/timeline/routes/utils/create_timelines.ts
@@ -5,6 +5,7 @@
  */
 import { isEmpty } from 'lodash/fp';
 
+import moment from 'moment';
 import * as timelineLib from '../../saved_object';
 import * as pinnedEventLib from '../../../pinned_event/saved_object';
 import * as noteLib from '../../../note/saved_object';
@@ -128,15 +129,20 @@ export const createTimelines = async ({
   isImmutable,
   overrideNotesOwner = true,
 }: CreateTimelineProps): Promise<ResponseTimeline> => {
+  const timerangeStart = isImmutable
+    ? moment().subtract(24, 'hours').toISOString()
+    : timeline.dateRange?.start;
+  const timerangeEnd = isImmutable ? moment().toISOString() : timeline.dateRange?.end;
   const responseTimeline = await saveTimelines(
     frameworkRequest,
-    timeline,
+    { ...timeline, dateRange: { start: timerangeStart, end: timerangeEnd } },
     timelineSavedObjectId,
     timelineVersion,
     isImmutable
   );
   const newTimelineSavedObjectId = responseTimeline.timeline.savedObjectId;
   const newTimelineVersion = responseTimeline.timeline.version;
+
   let myPromises: unknown[] = [];
   if (pinnedEventIds != null && !isEmpty(pinnedEventIds)) {
     myPromises = [
diff --git a/x-pack/plugins/transform/readme.md b/x-pack/plugins/transform/readme.md
index 2ee2a7b70c5f1..07500876f55c2 100644
--- a/x-pack/plugins/transform/readme.md
+++ b/x-pack/plugins/transform/readme.md
@@ -98,20 +98,34 @@ node scripts/jest plugins/transform --verbose
 Before running the test server, make sure to quit all other instances of 
 Elasticsearch.
 
-1. From one terminal, in the x-pack directory, run:
+Run the following commands from the `x-pack` directory and use separate terminals
+for test server and test runner. The test server command starts an Elasticsearch
+and Kibana instance that the tests will be run against.
 
-        node scripts/functional_tests_server.js --config test/functional/config.js
+1. Functional UI tests with `Trial` license (default config):
 
-   This command starts an Elasticsearch and Kibana instance that the tests will be run against.
+        node scripts/functional_tests_server.js
+        node scripts/functional_test_runner.js --include-tag transform
+
+    Transform functional `Trial` license tests are located in `x-pack/test/functional/apps/transform`.
+
+1. Functional UI tests with `Basic` license:
 
-1. In another tab, run the following command to perform API integration tests (from the x-pack directory):
+        node scripts/functional_tests_server.js --config test/functional_basic/config.ts
+        node scripts/functional_test_runner.js --config test/functional_basic/config.ts --include-tag transform
 
-        node scripts/functional_test_runner.js --include-tag transform --config test/api_integration/config
+    Transform functional `Basic` license tests are located in `x-pack/test/functional_basic/apps/transform`.
+
+1. API integration tests with `Trial` license:
+
+        node scripts/functional_tests_server.js
+        node scripts/functional_test_runner.js --config test/api_integration/config.ts --include-tag transform
         
-   The transform API integration tests are located in `x-pack/test/api_integration/apis/transform`.
+   Transform API integration `Trial` license tests are located in `x-pack/test/api_integration/apis/transform`.
 
-1. In another tab, run the following command to perform UI functional tests (from the x-pack directory):
+1. API integration tests with `Basic` license:
 
-        node scripts/functional_test_runner.js --include-tag transform
+        node scripts/functional_tests_server.js --config test/api_integration_basic/config.ts
+        node scripts/functional_test_runner.js --config test/api_integration_basic/config.ts --include-tag transform
         
-   The transform functional tests are located in `x-pack/test/functional/apps/transform`.
+   Transform API integration `Basic` license tests are located in `x-pack/test/api_integration_basic/apis/ml`.
diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json
index ba6ac32f2e3d0..13159c4e824ac 100644
--- a/x-pack/plugins/translations/translations/ja-JP.json
+++ b/x-pack/plugins/translations/translations/ja-JP.json
@@ -11284,24 +11284,9 @@
     "xpack.maps.layerWizardSelect.solutionsCategoryLabel": "ソリューション",
     "xpack.maps.loadMap.errorAttemptingToLoadSavedMap": "マップを読み込めません",
     "xpack.maps.map.initializeErrorTitle": "マップを初期化できません",
-    "xpack.maps.mapListing.advancedSettingsLinkText": "高度な設定",
-    "xpack.maps.mapListing.cancelTitle": "キャンセル",
-    "xpack.maps.mapListing.createMapButtonLabel": "マップを作成",
-    "xpack.maps.mapListing.deleteSelectedButtonLabel": "選択項目を削除",
-    "xpack.maps.mapListing.deleteSelectedItemsTitle": "選択項目を削除しますか？",
-    "xpack.maps.mapListing.deleteTitle": "削除",
-    "xpack.maps.mapListing.deleteWarning": "削除されたアイテムは復元できません。",
     "xpack.maps.mapListing.descriptionFieldTitle": "説明",
     "xpack.maps.mapListing.errorAttemptingToLoadSavedMaps": "マップを読み込めません",
-    "xpack.maps.mapListing.limitExceededTitle": "リスティング制限超過",
-    "xpack.maps.mapListing.limitHelpDescription": "{totalItems} 個のアイテムがありますが、<strong>listingLimit</strong> の設定により {listingLimit} 個までしか下の表に表示できません。この設定は次の場所で変更できます ",
-    "xpack.maps.mapListing.listingTableTitle": "マップ",
-    "xpack.maps.mapListing.noItemsDescription": "マップがないようです。作成ボタンをクリックして作成してください。",
-    "xpack.maps.mapListing.noMatchDescription": "検索に一致するアイテムがありません。",
-    "xpack.maps.mapListing.searchAriaLabel": "フィルターアイテム",
-    "xpack.maps.mapListing.searchPlaceholder": "検索…",
     "xpack.maps.mapListing.titleFieldTitle": "タイトル",
-    "xpack.maps.mapListing.unableToDeleteToastTitle": "マップを削除できません",
     "xpack.maps.maps.choropleth.rightSourcePlaceholder": "インデックスパターンを選択",
     "xpack.maps.mapSavedObjectLabel": "マップ",
     "xpack.maps.mapSettingsPanel.autoFitToBoundsLocationLabel": "自動的にマップをデータ境界に合わせる",
diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json
index 822ccf5cc8409..2e9971f00dcc2 100644
--- a/x-pack/plugins/translations/translations/zh-CN.json
+++ b/x-pack/plugins/translations/translations/zh-CN.json
@@ -11297,24 +11297,9 @@
     "xpack.maps.layerWizardSelect.solutionsCategoryLabel": "解决方案",
     "xpack.maps.loadMap.errorAttemptingToLoadSavedMap": "无法加载地图",
     "xpack.maps.map.initializeErrorTitle": "无法初始化地图",
-    "xpack.maps.mapListing.advancedSettingsLinkText": "高级设置",
-    "xpack.maps.mapListing.cancelTitle": "取消",
-    "xpack.maps.mapListing.createMapButtonLabel": "创建地图",
-    "xpack.maps.mapListing.deleteSelectedButtonLabel": "删除选定",
-    "xpack.maps.mapListing.deleteSelectedItemsTitle": "删除选定项？",
-    "xpack.maps.mapListing.deleteTitle": "删除",
-    "xpack.maps.mapListing.deleteWarning": "您无法恢复已删除项。",
     "xpack.maps.mapListing.descriptionFieldTitle": "描述",
     "xpack.maps.mapListing.errorAttemptingToLoadSavedMaps": "无法加载地图",
-    "xpack.maps.mapListing.limitExceededTitle": "已超过列表限制",
-    "xpack.maps.mapListing.limitHelpDescription": "您有 {totalItems} 项，但您的 <strong>listingLimit</strong> 设置阻止下表显示 {listingLimit} 项以上。此设置可在以下选项下更改： ",
-    "xpack.maps.mapListing.listingTableTitle": "Maps",
-    "xpack.maps.mapListing.noItemsDescription": "似乎您没有任何地图。单击创建按钮来创建。",
-    "xpack.maps.mapListing.noMatchDescription": "没有任何项匹配您的搜索。",
-    "xpack.maps.mapListing.searchAriaLabel": "筛选项",
-    "xpack.maps.mapListing.searchPlaceholder": "搜索......",
     "xpack.maps.mapListing.titleFieldTitle": "标题",
-    "xpack.maps.mapListing.unableToDeleteToastTitle": "无法删除地图",
     "xpack.maps.maps.choropleth.rightSourcePlaceholder": "选择索引模式",
     "xpack.maps.mapSavedObjectLabel": "地图",
     "xpack.maps.mapSettingsPanel.autoFitToBoundsLocationLabel": "使地图自适应数据边界",
diff --git a/x-pack/plugins/triggers_actions_ui/public/application/sections/alert_details/components/alert_instances.tsx b/x-pack/plugins/triggers_actions_ui/public/application/sections/alert_details/components/alert_instances.tsx
index ed05d81646c4a..e0c4c663bc231 100644
--- a/x-pack/plugins/triggers_actions_ui/public/application/sections/alert_details/components/alert_instances.tsx
+++ b/x-pack/plugins/triggers_actions_ui/public/application/sections/alert_details/components/alert_instances.tsx
@@ -7,7 +7,7 @@
 import React, { Fragment, useState } from 'react';
 import moment, { Duration } from 'moment';
 import { i18n } from '@kbn/i18n';
-import { EuiBasicTable, EuiHealth, EuiSpacer, EuiSwitch } from '@elastic/eui';
+import { EuiBasicTable, EuiHealth, EuiSpacer, EuiSwitch, EuiToolTip } from '@elastic/eui';
 // @ts-ignore
 import { RIGHT_ALIGNMENT, CENTER_ALIGNMENT } from '@elastic/eui/lib/services';
 import { padStart, chunk } from 'lodash';
@@ -47,6 +47,13 @@ export const alertInstancesTableColumns = (
     sortable: false,
     truncateText: true,
     'data-test-subj': 'alertInstancesTableCell-instance',
+    render: (value: string) => {
+      return (
+        <EuiToolTip anchorClassName={'eui-textTruncate'} content={value}>
+          <span>{value}</span>
+        </EuiToolTip>
+      );
+    },
   },
   {
     field: 'status',
@@ -54,6 +61,7 @@ export const alertInstancesTableColumns = (
       'xpack.triggersActionsUI.sections.alertDetails.alertInstancesList.columns.status',
       { defaultMessage: 'Status' }
     ),
+    width: '100px',
     render: (value: AlertInstanceListItemStatus, instance: AlertInstanceListItem) => {
       return (
         <EuiHealth color={value.healthColor}>
@@ -67,6 +75,7 @@ export const alertInstancesTableColumns = (
   },
   {
     field: 'start',
+    width: '200px',
     render: (value: Date | undefined, instance: AlertInstanceListItem) => {
       return value ? moment(value).format('D MMM YYYY @ HH:mm:ss') : '';
     },
@@ -88,11 +97,13 @@ export const alertInstancesTableColumns = (
       { defaultMessage: 'Duration' }
     ),
     sortable: false,
+    width: '100px',
     'data-test-subj': 'alertInstancesTableCell-duration',
   },
   {
     field: '',
     align: RIGHT_ALIGNMENT,
+    width: '60px',
     name: i18n.translate(
       'xpack.triggersActionsUI.sections.alertDetails.alertInstancesList.columns.mute',
       { defaultMessage: 'Mute' }
@@ -180,6 +191,7 @@ export function AlertInstances({
         })}
         columns={alertInstancesTableColumns(onMuteAction, readOnly)}
         data-test-subj="alertInstancesList"
+        tableLayout="fixed"
       />
     </Fragment>
   );
diff --git a/x-pack/plugins/ui_actions_enhanced/server/dynamic_action_enhancement.ts b/x-pack/plugins/ui_actions_enhanced/server/dynamic_action_enhancement.ts
index ade78c31211ab..4cea7ddf4854a 100644
--- a/x-pack/plugins/ui_actions_enhanced/server/dynamic_action_enhancement.ts
+++ b/x-pack/plugins/ui_actions_enhanced/server/dynamic_action_enhancement.ts
@@ -6,23 +6,19 @@
 
 import { EnhancementRegistryDefinition } from '../../../../src/plugins/embeddable/server';
 import { SavedObjectReference } from '../../../../src/core/types';
-import { DynamicActionsState, SerializedEvent } from './types';
-import { AdvancedUiActionsServerPlugin } from './plugin';
+import { ActionFactory, DynamicActionsState, SerializedEvent } from './types';
 import { SerializableState } from '../../../../src/plugins/kibana_utils/common';
 
 export const dynamicActionEnhancement = (
-  uiActionsEnhanced: AdvancedUiActionsServerPlugin
+  getActionFactory: (id: string) => undefined | ActionFactory
 ): EnhancementRegistryDefinition => {
   return {
     id: 'dynamicActions',
     telemetry: (state: SerializableState, telemetry: Record<string, any>) => {
       let telemetryData = telemetry;
       (state as DynamicActionsState).events.forEach((event: SerializedEvent) => {
-        if (uiActionsEnhanced.getActionFactory(event.action.factoryId)) {
-          telemetryData = uiActionsEnhanced
-            .getActionFactory(event.action.factoryId)!
-            .telemetry(event, telemetryData);
-        }
+        const factory = getActionFactory(event.action.factoryId);
+        if (factory) telemetryData = factory.telemetry(event, telemetryData);
       });
       return telemetryData;
     },
@@ -30,8 +26,9 @@ export const dynamicActionEnhancement = (
       const references: SavedObjectReference[] = [];
       const newState: DynamicActionsState = {
         events: (state as DynamicActionsState).events.map((event: SerializedEvent) => {
-          const result = uiActionsEnhanced.getActionFactory(event.action.factoryId)
-            ? uiActionsEnhanced.getActionFactory(event.action.factoryId)!.extract(event)
+          const factory = getActionFactory(event.action.factoryId);
+          const result = factory
+            ? factory.extract(event)
             : {
                 state: event,
                 references: [],
@@ -45,9 +42,8 @@ export const dynamicActionEnhancement = (
     inject: (state: SerializableState, references: SavedObjectReference[]) => {
       return {
         events: (state as DynamicActionsState).events.map((event: SerializedEvent) => {
-          return uiActionsEnhanced.getActionFactory(event.action.factoryId)
-            ? uiActionsEnhanced.getActionFactory(event.action.factoryId)!.inject(event, references)
-            : event;
+          const factory = getActionFactory(event.action.factoryId);
+          return factory ? factory.inject(event, references) : event;
         }),
       } as DynamicActionsState;
     },
diff --git a/x-pack/plugins/ui_actions_enhanced/server/plugin.ts b/x-pack/plugins/ui_actions_enhanced/server/plugin.ts
index 718304018730d..e6362418efc66 100644
--- a/x-pack/plugins/ui_actions_enhanced/server/plugin.ts
+++ b/x-pack/plugins/ui_actions_enhanced/server/plugin.ts
@@ -5,15 +5,10 @@
  */
 
 import { identity } from 'lodash';
-import { CoreSetup, Plugin, SavedObjectReference } from '../../../../src/core/server';
+import { CoreSetup, Plugin } from '../../../../src/core/server';
 import { EmbeddableSetup } from '../../../../src/plugins/embeddable/server';
 import { dynamicActionEnhancement } from './dynamic_action_enhancement';
-import {
-  ActionFactoryRegistry,
-  SerializedEvent,
-  ActionFactoryDefinition,
-  DynamicActionsState,
-} from './types';
+import { ActionFactoryRegistry, SerializedEvent, ActionFactoryDefinition } from './types';
 
 export interface SetupContract {
   registerActionFactory: (definition: ActionFactoryDefinition) => void;
@@ -32,7 +27,9 @@ export class AdvancedUiActionsServerPlugin
   constructor() {}
 
   public setup(core: CoreSetup, { embeddable }: SetupDependencies) {
-    embeddable.registerEnhancement(dynamicActionEnhancement(this));
+    const getActionFactory = (actionFactoryId: string) => this.actionFactories.get(actionFactoryId);
+
+    embeddable.registerEnhancement(dynamicActionEnhancement(getActionFactory));
 
     return {
       registerActionFactory: this.registerActionFactory,
@@ -64,45 +61,4 @@ export class AdvancedUiActionsServerPlugin
       migrations: definition.migrations || {},
     });
   };
-
-  public readonly getActionFactory = (actionFactoryId: string) => {
-    const actionFactory = this.actionFactories.get(actionFactoryId);
-    return actionFactory;
-  };
-
-  public readonly telemetry = (state: DynamicActionsState, telemetry: Record<string, any> = {}) => {
-    state.events.forEach((event: SerializedEvent) => {
-      if (this.actionFactories.has(event.action.factoryId)) {
-        this.actionFactories.get(event.action.factoryId)!.telemetry(event, telemetry);
-      }
-    });
-    return telemetry;
-  };
-
-  public readonly extract = (state: DynamicActionsState) => {
-    const references: SavedObjectReference[] = [];
-    const newState = {
-      events: state.events.map((event: SerializedEvent) => {
-        const result = this.actionFactories.has(event.action.factoryId)
-          ? this.actionFactories.get(event.action.factoryId)!.extract(event)
-          : {
-              state: event,
-              references: [],
-            };
-        result.references.forEach((r) => references.push(r));
-        return result.state;
-      }),
-    };
-    return { state: newState, references };
-  };
-
-  public readonly inject = (state: DynamicActionsState, references: SavedObjectReference[]) => {
-    return {
-      events: state.events.map((event: SerializedEvent) => {
-        return this.actionFactories.has(event.action.factoryId)
-          ? this.actionFactories.get(event.action.factoryId)!.inject(event, references)
-          : event;
-      }),
-    };
-  };
 }
diff --git a/x-pack/plugins/uptime/public/state/api/ml_anomaly.ts b/x-pack/plugins/uptime/public/state/api/ml_anomaly.ts
index 1d25f35e8f38a..fa3d7ed834a9c 100644
--- a/x-pack/plugins/uptime/public/state/api/ml_anomaly.ts
+++ b/x-pack/plugins/uptime/public/state/api/ml_anomaly.ts
@@ -41,6 +41,7 @@ export const createMLJob = async ({
     startDatafeed: true,
     start: moment().subtract(2, 'w').valueOf(),
     indexPatternName: heartbeatIndices,
+    applyToAllSpaces: true,
     query: {
       bool: {
         filter: [
diff --git a/x-pack/plugins/uptime/server/lib/alerts/__tests__/status_check.test.ts b/x-pack/plugins/uptime/server/lib/alerts/__tests__/status_check.test.ts
index ccb1e5a40ad2d..4f795e2aaf29e 100644
--- a/x-pack/plugins/uptime/server/lib/alerts/__tests__/status_check.test.ts
+++ b/x-pack/plugins/uptime/server/lib/alerts/__tests__/status_check.test.ts
@@ -1205,10 +1205,10 @@ describe('status check alert', () => {
     it('creates a set of unique IDs from a list of composite unique objects', () => {
       expect(getUniqueIdsByLoc(downItems, availItems)).toEqual(
         new Set<string>([
-          'firstharrisburg',
-          'firstfairbanks',
-          'secondharrisburg',
-          'secondfairbanks',
+          'first-harrisburg',
+          'first-fairbanks',
+          'second-harrisburg',
+          'second-fairbanks',
         ])
       );
     });
diff --git a/x-pack/plugins/uptime/server/lib/alerts/status_check.ts b/x-pack/plugins/uptime/server/lib/alerts/status_check.ts
index b1b3666b40dc6..577262c231977 100644
--- a/x-pack/plugins/uptime/server/lib/alerts/status_check.ts
+++ b/x-pack/plugins/uptime/server/lib/alerts/status_check.ts
@@ -31,11 +31,21 @@ import { UMServerLibs } from '../lib';
 
 const { MONITOR_STATUS } = ACTION_GROUP_DEFINITIONS;
 
+const getMonIdByLoc = (monitorId: string, location: string) => {
+  return monitorId + '-' + location;
+};
+
 const uniqueDownMonitorIds = (items: GetMonitorStatusResult[]): Set<string> =>
-  items.reduce((acc, { monitorId, location }) => acc.add(monitorId + location), new Set<string>());
+  items.reduce(
+    (acc, { monitorId, location }) => acc.add(getMonIdByLoc(monitorId, location)),
+    new Set<string>()
+  );
 
 const uniqueAvailMonitorIds = (items: GetMonitorAvailabilityResult[]): Set<string> =>
-  items.reduce((acc, { monitorId, location }) => acc.add(monitorId + location), new Set<string>());
+  items.reduce(
+    (acc, { monitorId, location }) => acc.add(getMonIdByLoc(monitorId, location)),
+    new Set<string>()
+  );
 
 export const getUniqueIdsByLoc = (
   downMonitorsByLocation: GetMonitorStatusResult[],
@@ -157,6 +167,21 @@ export const getStatusMessage = (
   return statusMessage + availabilityMessage;
 };
 
+const getInstanceId = (monitorInfo: Ping, monIdByLoc: string) => {
+  const normalizeText = (txt: string) => {
+    // replace url and name special characters with -
+    return txt.replace(/[^A-Z0-9]+/gi, '_').toLowerCase();
+  };
+  const urlText = normalizeText(monitorInfo.url?.full || '');
+
+  const monName = normalizeText(monitorInfo.monitor.name || '');
+
+  if (monName) {
+    return `${monName}_${urlText}_${monIdByLoc}`;
+  }
+  return `${urlText}_${monIdByLoc}`;
+};
+
 export const statusCheckAlertFactory: UptimeAlertTypeFactory = (_server, libs) =>
   uptimeAlertWrapper({
     id: 'xpack.uptime.alerts.monitorStatus',
@@ -290,7 +315,9 @@ export const statusCheckAlertFactory: UptimeAlertTypeFactory = (_server, libs) =
         for (const monitorLoc of downMonitorsByLocation) {
           const monitorInfo = monitorLoc.monitorInfo;
 
-          const alertInstance = alertInstanceFactory(MONITOR_STATUS.id + monitorLoc.location);
+          const alertInstance = alertInstanceFactory(
+            getInstanceId(monitorInfo, monitorLoc.location)
+          );
 
           const monitorSummary = getMonitorSummary(monitorInfo);
           const statusMessage = getStatusMessage(monitorInfo);
@@ -320,19 +347,21 @@ export const statusCheckAlertFactory: UptimeAlertTypeFactory = (_server, libs) =
       const mergedIdsByLoc = getUniqueIdsByLoc(downMonitorsByLocation, availabilityResults);
 
       mergedIdsByLoc.forEach((monIdByLoc) => {
-        const alertInstance = alertInstanceFactory(MONITOR_STATUS.id + monIdByLoc);
-
         const availMonInfo = availabilityResults.find(
-          ({ monitorId, location }) => monitorId + location === monIdByLoc
+          ({ monitorId, location }) => getMonIdByLoc(monitorId, location) === monIdByLoc
         );
 
         const downMonInfo = downMonitorsByLocation.find(
-          ({ monitorId, location }) => monitorId + location === monIdByLoc
+          ({ monitorId, location }) => getMonIdByLoc(monitorId, location) === monIdByLoc
         )?.monitorInfo;
 
-        const monitorSummary = getMonitorSummary(downMonInfo || availMonInfo?.monitorInfo!);
+        const monitorInfo = downMonInfo || availMonInfo?.monitorInfo!;
+
+        const monitorSummary = getMonitorSummary(monitorInfo);
         const statusMessage = getStatusMessage(downMonInfo!, availMonInfo!, availability);
 
+        const alertInstance = alertInstanceFactory(getInstanceId(monitorInfo, monIdByLoc));
+
         alertInstance.replaceState({
           ...updateState(state, true),
           ...monitorSummary,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/generating_signals.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/generating_signals.ts
index 0ba2abb466f7b..f76bdb4ebc718 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/generating_signals.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/generating_signals.ts
@@ -6,7 +6,10 @@
 
 import expect from '@kbn/expect';
 
-import { QueryCreateSchema } from '../../../../plugins/security_solution/common/detection_engine/schemas/request';
+import {
+  EqlCreateSchema,
+  QueryCreateSchema,
+} from '../../../../plugins/security_solution/common/detection_engine/schemas/request';
 import { DEFAULT_SIGNALS_INDEX } from '../../../../plugins/security_solution/common/constants';
 import { FtrProviderContext } from '../../common/ftr_provider_context';
 import {
@@ -191,6 +194,130 @@ export default ({ getService }: FtrProviderContext) => {
           },
         });
       });
+
+      describe('EQL Rules', () => {
+        it('generates signals from EQL sequences in the expected form', async () => {
+          const rule: EqlCreateSchema = {
+            ...getSimpleRule(),
+            from: '1900-01-01T00:00:00.000Z',
+            rule_id: 'eql-rule',
+            type: 'eql',
+            language: 'eql',
+            query: 'sequence by host.name [any where true] [any where true]',
+          };
+          await createRule(supertest, rule);
+          await waitForSignalsToBePresent(supertest, 1);
+          const signals = await getSignalsByRuleIds(supertest, ['eql-rule']);
+          const signal = signals.hits.hits[0]._source.signal;
+
+          expect(signal).eql({
+            rule: signal.rule,
+            group: signal.group,
+            original_time: signal.original_time,
+            status: 'open',
+            depth: 1,
+            ancestors: [
+              {
+                depth: 0,
+                id: 'UBXOBmkBR346wHgnLP8T',
+                index: 'auditbeat-8.0.0-2019.02.19-000001',
+                type: 'event',
+              },
+            ],
+            original_event: {
+              action: 'boot',
+              dataset: 'login',
+              kind: 'event',
+              module: 'system',
+              origin: '/var/log/wtmp',
+            },
+            parent: {
+              depth: 0,
+              id: 'UBXOBmkBR346wHgnLP8T',
+              index: 'auditbeat-8.0.0-2019.02.19-000001',
+              type: 'event',
+            },
+            parents: [
+              {
+                depth: 0,
+                id: 'UBXOBmkBR346wHgnLP8T',
+                index: 'auditbeat-8.0.0-2019.02.19-000001',
+                type: 'event',
+              },
+            ],
+          });
+        });
+
+        it('generates building block signals from EQL sequences in the expected form', async () => {
+          const rule: EqlCreateSchema = {
+            ...getSimpleRule(),
+            from: '1900-01-01T00:00:00.000Z',
+            rule_id: 'eql-rule',
+            type: 'eql',
+            language: 'eql',
+            query: 'sequence by host.name [any where true] [any where true]',
+          };
+          await createRule(supertest, rule);
+          await waitForSignalsToBePresent(supertest, 1);
+          const signalsOpen = await getSignalsByRuleIds(supertest, ['eql-rule']);
+          const sequenceSignal = signalsOpen.hits.hits.find(
+            (signal) => signal._source.signal.depth === 2
+          );
+          const signal = sequenceSignal!._source.signal;
+          const eventIds = signal.parents.map((event) => event.id);
+
+          expect(signal).eql({
+            status: 'open',
+            depth: 2,
+            group: signal.group,
+            rule: signal.rule,
+            ancestors: [
+              {
+                depth: 0,
+                id: 'UBXOBmkBR346wHgnLP8T',
+                index: 'auditbeat-8.0.0-2019.02.19-000001',
+                type: 'event',
+              },
+              {
+                depth: 1,
+                id: eventIds[0],
+                index: '.siem-signals-default',
+                rule: signal.rule.id,
+                type: 'signal',
+              },
+              {
+                depth: 0,
+                id: 'URXOBmkBR346wHgnLP8T',
+                index: 'auditbeat-8.0.0-2019.02.19-000001',
+                type: 'event',
+              },
+              {
+                depth: 1,
+                id: eventIds[1],
+                index: '.siem-signals-default',
+                rule: signal.rule.id,
+                type: 'signal',
+              },
+            ],
+            parents: [
+              {
+                depth: 1,
+                id: eventIds[0],
+                index: '.siem-signals-default',
+                rule: signal.rule.id,
+                type: 'signal',
+              },
+              {
+                depth: 1,
+                id: eventIds[1],
+                index: '.siem-signals-default',
+                rule: signal.rule.id,
+                type: 'signal',
+              },
+            ],
+          });
+        });
+      });
     });
 
     /**
diff --git a/x-pack/test/functional/apps/logstash/pipeline_create.js b/x-pack/test/functional/apps/logstash/pipeline_create.js
index c3cf102c908a0..2b70dc1832367 100644
--- a/x-pack/test/functional/apps/logstash/pipeline_create.js
+++ b/x-pack/test/functional/apps/logstash/pipeline_create.js
@@ -5,6 +5,7 @@
  */
 
 import expect from '@kbn/expect';
+import { omit } from 'lodash';
 
 export default function ({ getService, getPageObjects }) {
   const browser = getService('browser');
@@ -15,8 +16,7 @@ export default function ({ getService, getPageObjects }) {
   const PageObjects = getPageObjects(['logstash']);
   const retry = getService('retry');
 
-  // FLAKY: https://github.com/elastic/kibana/issues/83231
-  describe.skip('pipeline create new', () => {
+  describe('pipeline create new', () => {
     let originalWindowSize;
 
     before(async () => {
@@ -89,6 +89,7 @@ export default function ({ getService, getPageObjects }) {
         await PageObjects.logstash.gotoPipelineList();
         await pipelineList.assertExists();
         const originalRows = await pipelineList.readRows();
+        const originalRowsWithoutTime = originalRows.map((row) => omit(row, 'lastModified'));
 
         await PageObjects.logstash.gotoNewPipelineEditor();
         await pipelineEditor.clickCancel();
@@ -96,7 +97,8 @@ export default function ({ getService, getPageObjects }) {
         await retry.try(async () => {
           await pipelineList.assertExists();
           const currentRows = await pipelineList.readRows();
-          expect(originalRows).to.eql(currentRows);
+          const currentRowsWithoutTime = currentRows.map((row) => omit(row, 'lastModified'));
+          expect(originalRowsWithoutTime).to.eql(currentRowsWithoutTime);
         });
       });
     });
diff --git a/x-pack/test/functional/apps/maps/mvt_super_fine.js b/x-pack/test/functional/apps/maps/mvt_super_fine.js
index b5a7935a81eb5..6d86b93c3ec44 100644
--- a/x-pack/test/functional/apps/maps/mvt_super_fine.js
+++ b/x-pack/test/functional/apps/maps/mvt_super_fine.js
@@ -19,7 +19,7 @@ export default function ({ getPageObjects, getService }) {
         ['global_maps_all', 'test_logstash_reader', 'geoshape_data_reader'],
         false
       );
-      await PageObjects.maps.loadSavedMap('geo grid vector grid example (SUPER_FINE resolution)');
+      await PageObjects.maps.loadSavedMap('geo grid vector grid example SUPER_FINE resolution');
     });
 
     after(async () => {
diff --git a/x-pack/test/functional/apps/maps/saved_object_management.js b/x-pack/test/functional/apps/maps/saved_object_management.js
index 277a8a5651453..8c62136472921 100644
--- a/x-pack/test/functional/apps/maps/saved_object_management.js
+++ b/x-pack/test/functional/apps/maps/saved_object_management.js
@@ -139,8 +139,8 @@ export default function ({ getPageObjects, getService }) {
         await PageObjects.maps.openNewMap();
 
         await PageObjects.maps.saveMap(MAP1_NAME);
-        const count = await PageObjects.maps.getMapCountWithName(MAP1_NAME);
-        expect(count).to.equal(1);
+
+        await PageObjects.maps.searchAndExpectItemsCount(MAP1_NAME, 1);
       });
 
       it('should allow saving map that crosses dateline', async () => {
@@ -148,8 +148,8 @@ export default function ({ getPageObjects, getService }) {
         await PageObjects.maps.setView('64', '179', '5');
 
         await PageObjects.maps.saveMap(MAP2_NAME);
-        const count = await PageObjects.maps.getMapCountWithName(MAP2_NAME);
-        expect(count).to.equal(1);
+
+        await PageObjects.maps.searchAndExpectItemsCount(MAP2_NAME, 1);
       });
     });
 
@@ -157,11 +157,9 @@ export default function ({ getPageObjects, getService }) {
       it('should delete selected saved objects', async () => {
         await PageObjects.maps.deleteSavedMaps(MAP_NAME_PREFIX);
 
-        const map1Count = await PageObjects.maps.getMapCountWithName(MAP1_NAME);
-        expect(map1Count).to.equal(0);
+        await PageObjects.maps.searchAndExpectItemsCount(MAP1_NAME, 0);
 
-        const map2Count = await PageObjects.maps.getMapCountWithName(MAP2_NAME);
-        expect(map2Count).to.equal(0);
+        await PageObjects.maps.searchAndExpectItemsCount(MAP2_NAME, 0);
       });
     });
   });
diff --git a/x-pack/test/functional/es_archives/maps/kibana/data.json b/x-pack/test/functional/es_archives/maps/kibana/data.json
index e3a8743e60897..79e8c14cc3982 100644
--- a/x-pack/test/functional/es_archives/maps/kibana/data.json
+++ b/x-pack/test/functional/es_archives/maps/kibana/data.json
@@ -638,7 +638,7 @@
         "description": "",
         "layerListJSON": "[{\"id\":\"g1xkv\",\"label\":null,\"minZoom\":0,\"maxZoom\":24,\"sourceDescriptor\":{\"resolution\": \"SUPER_FINE\",\"type\":\"ES_GEO_GRID\",\"id\":\"9305f6ea-4518-4c06-95b9-33321aa38d6a\",\"indexPatternId\":\"c698b940-e149-11e8-a35a-370a8516603a\",\"geoField\":\"geo.coordinates\",\"requestType\":\"grid\",\"metrics\":[{\"type\":\"count\"},{\"type\":\"max\",\"field\":\"bytes\"}]},\"visible\":true,\"temporary\":false,\"style\":{\"type\":\"VECTOR\",\"properties\":{\"fillColor\":{\"type\":\"DYNAMIC\",\"options\":{\"field\":{\"label\":\"max of bytes\",\"name\":\"max_of_bytes\",\"origin\":\"source\"},\"color\":\"Blues\"}},\"lineColor\":{\"type\":\"STATIC\",\"options\":{\"color\":\"#cccccc\"}},\"lineWidth\":{\"type\":\"STATIC\",\"options\":{\"size\":1}},\"iconSize\":{\"type\":\"DYNAMIC\",\"options\":{\"field\":{\"label\":\"Count\",\"name\":\"doc_count\",\"origin\":\"source\"},\"minSize\":4,\"maxSize\":32}}},\"temporary\":true,\"previousStyle\":null},\"type\":\"TILED_VECTOR\"}]",
         "mapStateJSON": "{\"zoom\":3.59,\"center\":{\"lon\":-98.05765,\"lat\":38.32288},\"timeFilters\":{\"from\":\"2015-09-20T00:00:00.000Z\",\"to\":\"2015-09-20T01:00:00.000Z\"},\"refreshConfig\":{\"isPaused\":true,\"interval\":1000}}",
-        "title": "geo grid vector grid example (SUPER_FINE resolution)",
+        "title": "geo grid vector grid example SUPER_FINE resolution",
         "uiStateJSON": "{\"isDarkMode\":false}"
       },
       "type": "map"
diff --git a/x-pack/test/functional/page_objects/gis_page.ts b/x-pack/test/functional/page_objects/gis_page.ts
index c4f1bd7dc2a6b..7e22acf785d36 100644
--- a/x-pack/test/functional/page_objects/gis_page.ts
+++ b/x-pack/test/functional/page_objects/gis_page.ts
@@ -21,6 +21,7 @@ export function GisPageProvider({ getService, getPageObjects }: FtrProviderConte
   const renderable = getService('renderable');
   const browser = getService('browser');
   const MenuToggle = getService('MenuToggle');
+  const listingTable = getService('listingTable');
 
   const setViewPopoverToggle = new MenuToggle({
     name: 'SetView Popover',
@@ -120,13 +121,10 @@ export function GisPageProvider({ getService, getPageObjects }: FtrProviderConte
 
       await retry.try(async () => {
         await this.searchForMapWithName(name);
-        await this.selectMap(name);
+        await listingTable.clickItemLink('map', name);
         await PageObjects.header.waitUntilLoadingHasFinished();
-
-        const onMapListingPage = await this.onMapListingPage();
-        if (onMapListingPage) {
-          throw new Error(`Failed to open map ${name}`);
-        }
+        // check Map landing page is not present
+        await testSubjects.missingOrFail('mapLandingPage', { timeout: 10000 });
       });
 
       await this.waitForLayersToLoad();
@@ -134,8 +132,8 @@ export function GisPageProvider({ getService, getPageObjects }: FtrProviderConte
 
     async deleteSavedMaps(search: string) {
       await this.searchForMapWithName(search);
-      await testSubjects.click('checkboxSelectAll');
-      await testSubjects.click('deleteSelectedItems');
+      await listingTable.checkListingSelectAllCheckbox();
+      await listingTable.clickDeleteSelected();
       await PageObjects.common.clickConfirmOnModal();
 
       await PageObjects.header.waitUntilLoadingHasFinished();
@@ -150,7 +148,7 @@ export function GisPageProvider({ getService, getPageObjects }: FtrProviderConte
       await renderable.waitForRender();
     }
 
-    async saveMap(name: string, uncheckReturnToOriginModeSwitch = false) {
+    async saveMap(name: string, uncheckReturnToOriginModeSwitch = false, tags?: string[]) {
       await testSubjects.click('mapSaveButton');
       await testSubjects.setValue('savedObjectTitle', name);
       if (uncheckReturnToOriginModeSwitch) {
@@ -162,6 +160,13 @@ export function GisPageProvider({ getService, getPageObjects }: FtrProviderConte
         }
         await testSubjects.setEuiSwitch('returnToOriginModeSwitch', 'uncheck');
       }
+      if (tags) {
+        await testSubjects.click('savedObjectTagSelector');
+        for (const tagName of tags) {
+          await testSubjects.click(`tagSelectorOption-${tagName.replace(' ', '_')}`);
+        }
+        await testSubjects.click('savedObjectTitle');
+      }
       await testSubjects.clickWhenNotDisabled('confirmSaveSavedObjectButton');
     }
 
@@ -174,7 +179,7 @@ export function GisPageProvider({ getService, getPageObjects }: FtrProviderConte
     }
 
     async expectMissingCreateNewButton() {
-      await testSubjects.missingOrFail('newMapLink');
+      await testSubjects.missingOrFail('newItemButton');
     }
 
     async expectMissingAddLayerButton() {
@@ -187,8 +192,7 @@ export function GisPageProvider({ getService, getPageObjects }: FtrProviderConte
 
     async onMapListingPage() {
       log.debug(`onMapListingPage`);
-      const exists = await testSubjects.exists('mapsListingPage', { timeout: 3500 });
-      return exists;
+      return await listingTable.onListingPage('map');
     }
 
     async searchForMapWithName(name: string) {
@@ -196,21 +200,11 @@ export function GisPageProvider({ getService, getPageObjects }: FtrProviderConte
 
       await this.gotoMapListingPage();
 
-      await retry.try(async () => {
-        const searchFilter = await testSubjects.find('searchFilter');
-        await searchFilter.clearValue();
-        await searchFilter.click();
-        await searchFilter.type(name);
-        await PageObjects.common.pressEnterKey();
-      });
+      await listingTable.searchForItemWithName(name);
 
       await PageObjects.header.waitUntilLoadingHasFinished();
     }
 
-    async selectMap(name: string) {
-      await testSubjects.click(`mapListingTitleLink-${name.split(' ').join('-')}`);
-    }
-
     async getHits() {
       await inspector.open();
       await inspector.openInspectorRequestsView();
@@ -232,13 +226,11 @@ export function GisPageProvider({ getService, getPageObjects }: FtrProviderConte
       }
     }
 
-    async getMapCountWithName(name: string) {
+    async searchAndExpectItemsCount(name: string, count: number) {
       await this.gotoMapListingPage();
 
-      log.debug(`getMapCountWithName: ${name}`);
-      await this.searchForMapWithName(name);
-      const buttons = await find.allByButtonText(name);
-      return buttons.length;
+      log.debug(`searchAndExpectItemsCount: ${name}`);
+      await listingTable.searchAndExpectItemsCount('map', name, count);
     }
 
     async setView(lat: number, lon: number, zoom: number) {
diff --git a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/_find.ts b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/_find.ts
index 4f08134365e95..8734b7cf5bb68 100644
--- a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/_find.ts
+++ b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/_find.ts
@@ -60,6 +60,7 @@ export default function ({ getService }: FtrProviderContext) {
         USERS.DEFAULT_SPACE_SO_TAGGING_WRITE_USER,
         USERS.DEFAULT_SPACE_DASHBOARD_READ_USER,
         USERS.DEFAULT_SPACE_VISUALIZE_READ_USER,
+        USERS.DEFAULT_SPACE_MAPS_READ_USER,
       ],
       unauthorized: [USERS.NOT_A_KIBANA_USER, USERS.DEFAULT_SPACE_ADVANCED_SETTINGS_READ_USER],
     };
diff --git a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/create.ts b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/create.ts
index 70884ba6c968b..8ca92ac472c6e 100644
--- a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/create.ts
+++ b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/create.ts
@@ -60,6 +60,7 @@ export default function ({ getService }: FtrProviderContext) {
         USERS.DEFAULT_SPACE_DASHBOARD_READ_USER,
         USERS.DEFAULT_SPACE_VISUALIZE_READ_USER,
         USERS.DEFAULT_SPACE_ADVANCED_SETTINGS_READ_USER,
+        USERS.DEFAULT_SPACE_MAPS_READ_USER,
         USERS.NOT_A_KIBANA_USER,
       ],
     };
diff --git a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/delete.ts b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/delete.ts
index 64f120fd75629..a2e3630622d67 100644
--- a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/delete.ts
+++ b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/delete.ts
@@ -53,6 +53,7 @@ export default function ({ getService }: FtrProviderContext) {
         USERS.DEFAULT_SPACE_DASHBOARD_READ_USER,
         USERS.DEFAULT_SPACE_VISUALIZE_READ_USER,
         USERS.DEFAULT_SPACE_ADVANCED_SETTINGS_READ_USER,
+        USERS.DEFAULT_SPACE_MAPS_READ_USER,
         USERS.NOT_A_KIBANA_USER,
       ],
     };
diff --git a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/get.ts b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/get.ts
index 1a354bbbcb660..9cde766b4f514 100644
--- a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/get.ts
+++ b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/get.ts
@@ -57,6 +57,7 @@ export default function ({ getService }: FtrProviderContext) {
         USERS.DEFAULT_SPACE_SO_TAGGING_WRITE_USER,
         USERS.DEFAULT_SPACE_DASHBOARD_READ_USER,
         USERS.DEFAULT_SPACE_VISUALIZE_READ_USER,
+        USERS.DEFAULT_SPACE_MAPS_READ_USER,
       ],
       unauthorized: [USERS.NOT_A_KIBANA_USER, USERS.DEFAULT_SPACE_ADVANCED_SETTINGS_READ_USER],
     };
diff --git a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/get_all.ts b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/get_all.ts
index 61b859cf81992..677bdee56ed8b 100644
--- a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/get_all.ts
+++ b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/get_all.ts
@@ -63,6 +63,7 @@ export default function ({ getService }: FtrProviderContext) {
         USERS.DEFAULT_SPACE_SO_TAGGING_WRITE_USER,
         USERS.DEFAULT_SPACE_DASHBOARD_READ_USER,
         USERS.DEFAULT_SPACE_VISUALIZE_READ_USER,
+        USERS.DEFAULT_SPACE_MAPS_READ_USER,
       ],
       unauthorized: [USERS.NOT_A_KIBANA_USER, USERS.DEFAULT_SPACE_ADVANCED_SETTINGS_READ_USER],
     };
diff --git a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/update.ts b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/update.ts
index 77bf9d7ca3287..3347eca9920d6 100644
--- a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/update.ts
+++ b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/update.ts
@@ -60,6 +60,7 @@ export default function ({ getService }: FtrProviderContext) {
         USERS.DEFAULT_SPACE_DASHBOARD_READ_USER,
         USERS.DEFAULT_SPACE_VISUALIZE_READ_USER,
         USERS.DEFAULT_SPACE_ADVANCED_SETTINGS_READ_USER,
+        USERS.DEFAULT_SPACE_MAPS_READ_USER,
         USERS.NOT_A_KIBANA_USER,
       ],
     };
diff --git a/x-pack/test/saved_object_tagging/common/fixtures/es_archiver/maps/data.json b/x-pack/test/saved_object_tagging/common/fixtures/es_archiver/maps/data.json
new file mode 100644
index 0000000000000..cdaf4fe171ec0
--- /dev/null
+++ b/x-pack/test/saved_object_tagging/common/fixtures/es_archiver/maps/data.json
@@ -0,0 +1,210 @@
+{
+  "type": "doc",
+  "value": {
+    "id": "space:default",
+    "index": ".kibana",
+    "source": {
+      "space": {
+        "_reserved": true,
+        "description": "This is the default space",
+        "name": "Default Space"
+      },
+      "type": "space",
+      "updated_at": "2017-09-21T18:49:16.270Z"
+    },
+    "type": "doc"
+  }
+}
+
+{
+  "type": "doc",
+  "value": {
+    "id": "tag:tag-1",
+    "index": ".kibana",
+    "source": {
+      "tag": {
+        "name": "tag-1",
+        "description": "My first tag!",
+        "color": "#FF00FF"
+      },
+      "type": "tag",
+      "updated_at": "2017-09-21T18:49:16.270Z"
+    },
+    "type": "doc"
+  }
+}
+
+{
+  "type": "doc",
+  "value": {
+    "id": "tag:tag-2",
+    "index": ".kibana",
+    "source": {
+      "tag": {
+        "name": "tag-2",
+        "description": "Another awesome tag",
+        "color": "#11FF22"
+      },
+      "type": "tag",
+      "updated_at": "2017-09-21T18:49:16.270Z"
+    },
+    "type": "doc"
+  }
+}
+
+{
+  "type": "doc",
+  "value": {
+    "id": "tag:tag-3",
+    "index": ".kibana",
+    "source": {
+      "tag": {
+        "name": "tag-3",
+        "description": "Last but not least",
+        "color": "#AA0077"
+      },
+      "type": "tag",
+      "updated_at": "2017-09-21T18:49:16.270Z"
+    },
+    "type": "doc"
+  }
+}
+
+{
+  "type": "doc",
+  "value": {
+    "id": "config:6.3.0",
+    "index": ".kibana",
+    "source": {
+      "config": {
+        "buildNum": 8467,
+        "defaultIndex": "0bf35f60-3dc9-11e8-8660-4d65aa086b3c"
+      },
+      "references": [
+      ],
+      "type": "config",
+      "updated_at": "2018-04-11T20:43:55.434Z"
+    }
+  }
+}
+
+{
+  "type": "doc",
+  "value": {
+    "id": "map:63af0ed0-2515-11eb-8f44-eda8d4b698b3",
+    "index": ".kibana",
+    "source": {
+      "map": {
+        "title" : "map 3 (tag-1 and tag-3)",
+        "description" : "",
+        "layerListJSON" : "[{\"sourceDescriptor\":{\"type\":\"EMS_TMS\",\"isAutoSelect\":true},\"id\":\"d897b506-e719-42b8-9927-351eedd7d357\",\"label\":null,\"minZoom\":0,\"maxZoom\":24,\"alpha\":1,\"visible\":true,\"style\":{\"type\":\"TILE\"},\"type\":\"VECTOR_TILE\"}]",
+        "mapStateJSON" : "{\"zoom\":0.97,\"center\":{\"lon\":0,\"lat\":19.94277},\"timeFilters\":{\"from\":\"now-15m\",\"to\":\"now\"},\"refreshConfig\":{\"isPaused\":true,\"interval\":0},\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filters\":[],\"settings\":{\"autoFitToDataBounds\":false,\"initialLocation\":\"LAST_SAVED_LOCATION\",\"fixedLocation\":{\"lat\":0,\"lon\":0,\"zoom\":2},\"browserLocation\":{\"zoom\":2},\"maxZoom\":24,\"minZoom\":0,\"showSpatialFilters\":true,\"spatialFiltersAlpa\":0.3,\"spatialFiltersFillColor\":\"#DA8B45\",\"spatialFiltersLineColor\":\"#DA8B45\"}}",
+        "uiStateJSON" : "{\"isLayerTOCOpen\":true,\"openTOCDetails\":[]}"
+      },
+      "type" : "map",
+      "references" : [
+        {
+          "type" : "tag",
+          "id" : "tag-1",
+          "name" : "tag-ref-tag-1"
+        },
+        {
+          "type" : "tag",
+          "id" : "tag-3",
+          "name" : "tag-ref-tag-3"
+        }
+      ],
+      "migrationVersion" : {
+        "map" : "7.10.0"
+      },
+      "updated_at" : "2020-11-12T18:32:16.189Z"
+    }
+  }
+}
+
+{
+  "type": "doc",
+  "value": {
+    "id": "map:4afc6d10-2515-11eb-8f44-eda8d4b698b3",
+    "index": ".kibana",
+    "source": {
+      "map" : {
+        "title" : "map 1 (tag-2)",
+        "description" : "",
+        "layerListJSON" : "[{\"sourceDescriptor\":{\"type\":\"EMS_TMS\",\"isAutoSelect\":true},\"id\":\"6a91fb66-465c-4193-8c59-9b3f5f262756\",\"label\":null,\"minZoom\":0,\"maxZoom\":24,\"alpha\":1,\"visible\":true,\"style\":{\"type\":\"TILE\"},\"type\":\"VECTOR_TILE\"}]",
+        "mapStateJSON" : "{\"zoom\":0.97,\"center\":{\"lon\":0,\"lat\":16.22097},\"timeFilters\":{\"from\":\"now-15m\",\"to\":\"now\"},\"refreshConfig\":{\"isPaused\":true,\"interval\":0},\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filters\":[],\"settings\":{\"autoFitToDataBounds\":false,\"initialLocation\":\"LAST_SAVED_LOCATION\",\"fixedLocation\":{\"lat\":0,\"lon\":0,\"zoom\":2},\"browserLocation\":{\"zoom\":2},\"maxZoom\":24,\"minZoom\":0,\"showSpatialFilters\":true,\"spatialFiltersAlpa\":0.3,\"spatialFiltersFillColor\":\"#DA8B45\",\"spatialFiltersLineColor\":\"#DA8B45\"}}",
+        "uiStateJSON" : "{\"isLayerTOCOpen\":true,\"openTOCDetails\":[]}"
+      },
+      "type" : "map",
+      "references" : [
+        {
+          "type" : "tag",
+          "id" : "tag-2",
+          "name" : "tag-ref-tag-2"
+        }
+      ],
+      "migrationVersion" : {
+        "map" : "7.10.0"
+      },
+      "updated_at" : "2020-11-12T18:31:34.753Z"
+    }
+  }
+}
+
+{
+  "type": "doc",
+  "value": {
+    "id": "map:562cce50-2515-11eb-8f44-eda8d4b698b3",
+    "index": ".kibana",
+    "source": {
+      "map" : {
+        "title" : "map 2 (tag-3)",
+        "description" : "",
+        "layerListJSON" : "[{\"sourceDescriptor\":{\"type\":\"EMS_TMS\",\"isAutoSelect\":true},\"id\":\"285d5190-aaf1-4dfc-912b-9c7d9e0104a8\",\"label\":null,\"minZoom\":0,\"maxZoom\":24,\"alpha\":1,\"visible\":true,\"style\":{\"type\":\"TILE\"},\"type\":\"VECTOR_TILE\"}]",
+        "mapStateJSON" : "{\"zoom\":0.97,\"center\":{\"lon\":0,\"lat\":19.94277},\"timeFilters\":{\"from\":\"now-15m\",\"to\":\"now\"},\"refreshConfig\":{\"isPaused\":true,\"interval\":0},\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filters\":[],\"settings\":{\"autoFitToDataBounds\":false,\"initialLocation\":\"LAST_SAVED_LOCATION\",\"fixedLocation\":{\"lat\":0,\"lon\":0,\"zoom\":2},\"browserLocation\":{\"zoom\":2},\"maxZoom\":24,\"minZoom\":0,\"showSpatialFilters\":true,\"spatialFiltersAlpa\":0.3,\"spatialFiltersFillColor\":\"#DA8B45\",\"spatialFiltersLineColor\":\"#DA8B45\"}}",
+        "uiStateJSON" : "{\"isLayerTOCOpen\":true,\"openTOCDetails\":[]}"
+      },
+      "type" : "map",
+      "references" : [
+        {
+          "type" : "tag",
+          "id" : "tag-3",
+          "name" : "tag-ref-tag-3"
+        }
+      ],
+      "migrationVersion" : {
+        "map" : "7.10.0"
+      },
+      "updated_at" : "2020-11-12T18:31:53.525Z"
+    }
+  }
+}
+
+{
+  "type": "doc",
+  "value": {
+    "id": "map:6f021340-2515-11eb-8f44-eda8d4b698b3",
+    "index": ".kibana",
+    "source": {
+      "map" : {
+        "title" : "map 4 (tag-1)",
+        "description" : "",
+        "layerListJSON" : "[{\"sourceDescriptor\":{\"type\":\"EMS_TMS\",\"isAutoSelect\":true},\"id\":\"3deeb666-33cf-4e9a-ab78-e453ed9d721d\",\"label\":null,\"minZoom\":0,\"maxZoom\":24,\"alpha\":1,\"visible\":true,\"style\":{\"type\":\"TILE\"},\"type\":\"VECTOR_TILE\"}]",
+        "mapStateJSON" : "{\"zoom\":0.97,\"center\":{\"lon\":0,\"lat\":19.94277},\"timeFilters\":{\"from\":\"now-15m\",\"to\":\"now\"},\"refreshConfig\":{\"isPaused\":true,\"interval\":0},\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filters\":[],\"settings\":{\"autoFitToDataBounds\":false,\"initialLocation\":\"LAST_SAVED_LOCATION\",\"fixedLocation\":{\"lat\":0,\"lon\":0,\"zoom\":2},\"browserLocation\":{\"zoom\":2},\"maxZoom\":24,\"minZoom\":0,\"showSpatialFilters\":true,\"spatialFiltersAlpa\":0.3,\"spatialFiltersFillColor\":\"#DA8B45\",\"spatialFiltersLineColor\":\"#DA8B45\"}}",
+        "uiStateJSON" : "{\"isLayerTOCOpen\":true,\"openTOCDetails\":[]}"
+      },
+      "type" : "map",
+      "references" : [
+        {
+          "type" : "tag",
+          "id" : "tag-1",
+          "name" : "tag-ref-tag-1"
+        }
+      ],
+      "migrationVersion" : {
+        "map" : "7.10.0"
+      },
+      "updated_at" : "2020-11-12T18:32:35.188Z"
+    }
+  }
+}
diff --git a/x-pack/test/saved_object_tagging/common/lib/authentication.ts b/x-pack/test/saved_object_tagging/common/lib/authentication.ts
index c318755bedcdd..8917057ad685e 100644
--- a/x-pack/test/saved_object_tagging/common/lib/authentication.ts
+++ b/x-pack/test/saved_object_tagging/common/lib/authentication.ts
@@ -118,6 +118,19 @@ export const ROLES = {
       ],
     },
   },
+  KIBANA_RBAC_DEFAULT_SPACE_MAPS_READ_USER: {
+    name: 'kibana_rbac_default_space_maps_read_user',
+    privileges: {
+      kibana: [
+        {
+          feature: {
+            maps: ['read'],
+          },
+          spaces: ['default'],
+        },
+      ],
+    },
+  },
 };
 
 export const USERS = {
@@ -185,4 +198,9 @@ export const USERS = {
     password: 'password',
     roles: [ROLES.KIBANA_RBAC_DEFAULT_SPACE_ADVANCED_SETTINGS_READ_USER.name],
   },
+  DEFAULT_SPACE_MAPS_READ_USER: {
+    username: 'a_kibana_rbac_default_space_maps_read_user',
+    password: 'password',
+    roles: [ROLES.KIBANA_RBAC_DEFAULT_SPACE_MAPS_READ_USER.name],
+  },
 };
diff --git a/x-pack/test/saved_object_tagging/functional/tests/index.ts b/x-pack/test/saved_object_tagging/functional/tests/index.ts
index 43673487ba74f..0ddfa64d682a8 100644
--- a/x-pack/test/saved_object_tagging/functional/tests/index.ts
+++ b/x-pack/test/saved_object_tagging/functional/tests/index.ts
@@ -23,5 +23,6 @@ export default function ({ loadTestFile, getService }: FtrProviderContext) {
     loadTestFile(require.resolve('./visualize_integration'));
     loadTestFile(require.resolve('./dashboard_integration'));
     loadTestFile(require.resolve('./feature_control'));
+    loadTestFile(require.resolve('./maps_integration'));
   });
 }
diff --git a/x-pack/test/saved_object_tagging/functional/tests/maps_integration.ts b/x-pack/test/saved_object_tagging/functional/tests/maps_integration.ts
new file mode 100644
index 0000000000000..4e44659b4fc67
--- /dev/null
+++ b/x-pack/test/saved_object_tagging/functional/tests/maps_integration.ts
@@ -0,0 +1,139 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import expect from '@kbn/expect';
+import { FtrProviderContext } from '../ftr_provider_context';
+
+// eslint-disable-next-line import/no-default-export
+export default function ({ getPageObjects, getService }: FtrProviderContext) {
+  const esArchiver = getService('esArchiver');
+  const listingTable = getService('listingTable');
+  const testSubjects = getService('testSubjects');
+  const find = getService('find');
+  const PageObjects = getPageObjects(['maps', 'tagManagement', 'common']);
+
+  /**
+   * Select tags in the searchbar's tag filter.
+   */
+  const selectFilterTags = async (...tagNames: string[]) => {
+    // open the filter dropdown
+    const filterButton = await find.byCssSelector('.euiFilterGroup .euiFilterButton');
+    await filterButton.click();
+    // select the tags
+    for (const tagName of tagNames) {
+      await testSubjects.click(
+        `tag-searchbar-option-${PageObjects.tagManagement.testSubjFriendly(tagName)}`
+      );
+    }
+    // click elsewhere to close the filter dropdown
+    const searchFilter = await find.byCssSelector('main .euiFieldSearch');
+    await searchFilter.click();
+  };
+
+  describe('maps integration', () => {
+    before(async () => {
+      await esArchiver.load('maps');
+    });
+    after(async () => {
+      await esArchiver.unload('maps');
+    });
+
+    describe('listing', () => {
+      beforeEach(async () => {
+        await PageObjects.common.navigateToUrlWithBrowserHistory('maps', '/');
+        await PageObjects.maps.gotoMapListingPage();
+      });
+
+      it('allows to manually type tag filter query', async () => {
+        await listingTable.searchForItemWithName('tag:(tag-1)', { escape: false });
+
+        await listingTable.expectItemsCount('map', 2);
+        const itemNames = await listingTable.getAllItemsNames();
+        expect(itemNames).to.eql(['map 3 (tag-1 and tag-3)', 'map 4 (tag-1)']);
+      });
+
+      it('allows to filter by selecting a tag in the filter menu', async () => {
+        await selectFilterTags('tag-3');
+
+        await listingTable.expectItemsCount('map', 2);
+        const itemNames = await listingTable.getAllItemsNames();
+        expect(itemNames).to.eql(['map 3 (tag-1 and tag-3)', 'map 2 (tag-3)']);
+      });
+
+      it('allows to filter by multiple tags', async () => {
+        await selectFilterTags('tag-2', 'tag-3');
+
+        await listingTable.expectItemsCount('map', 3);
+        const itemNames = await listingTable.getAllItemsNames();
+        expect(itemNames).to.eql(['map 3 (tag-1 and tag-3)', 'map 1 (tag-2)', 'map 2 (tag-3)']);
+      });
+    });
+
+    describe('creating', () => {
+      beforeEach(async () => {
+        await PageObjects.maps.openNewMap();
+      });
+
+      it('allows to select tags for a new map', async () => {
+        await PageObjects.maps.saveMap('my-new-map', false, ['tag-1', 'tag-3']);
+
+        await PageObjects.maps.gotoMapListingPage();
+        await selectFilterTags('tag-1');
+        const itemNames = await listingTable.getAllItemsNames();
+        expect(itemNames).to.contain('my-new-map');
+      });
+
+      it('allows to create a tag from the tag selector', async () => {
+        const { tagModal } = PageObjects.tagManagement;
+
+        await testSubjects.click('mapSaveButton');
+        await testSubjects.setValue('savedObjectTitle', 'map-with-new-tag');
+
+        await testSubjects.click('savedObjectTagSelector');
+        await testSubjects.click(`tagSelectorOption-action__create`);
+
+        expect(await tagModal.isOpened()).to.be(true);
+
+        await tagModal.fillForm(
+          {
+            name: 'my-new-tag',
+            color: '#FFCC33',
+            description: '',
+          },
+          {
+            submit: true,
+          }
+        );
+
+        expect(await tagModal.isOpened()).to.be(false);
+
+        await testSubjects.click('confirmSaveSavedObjectButton');
+
+        await PageObjects.maps.gotoMapListingPage();
+        await selectFilterTags('my-new-tag');
+        const itemNames = await listingTable.getAllItemsNames();
+        expect(itemNames).to.contain('map-with-new-tag');
+      });
+    });
+
+    describe('editing', () => {
+      beforeEach(async () => {
+        await PageObjects.common.navigateToUrlWithBrowserHistory('maps', '/');
+      });
+
+      it('allows to select tags for an existing map', async () => {
+        await listingTable.clickItemLink('map', 'map 4 (tag-1)');
+
+        await PageObjects.maps.saveMap('map 4 (tag-1)', false, ['tag-3']);
+
+        await PageObjects.maps.gotoMapListingPage();
+        await selectFilterTags('tag-3');
+        const itemNames = await listingTable.getAllItemsNames();
+        expect(itemNames).to.contain('map 4 (tag-1)');
+      });
+    });
+  });
+}
diff --git a/yarn.lock b/yarn.lock
index 1b01574ba66e7..3497fdf83d7dd 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -18793,17 +18793,29 @@ livereload-js@^2.3.0:
   resolved "https://registry.yarnpkg.com/livereload-js/-/livereload-js-2.4.0.tgz#447c31cf1ea9ab52fc20db615c5ddf678f78009c"
   integrity sha512-XPQH8Z2GDP/Hwz2PCDrh2mth4yFejwA1OZ/81Ti3LgKyhDcEjsSsqFWZojHG0va/duGd+WyosY7eXLDoOyqcPw==
 
-lmdb-store@^0.6.10:
-  version "0.6.10"
-  resolved "https://registry.yarnpkg.com/lmdb-store/-/lmdb-store-0.6.10.tgz#db8efde6e052aabd17ebc63c8a913e1f31694129"
-  integrity sha512-ZLvp3qbBQ5VlBmaWa4EUAPyYEZ8qdUHsW69HmxkDi84pFQ37WMxYhFaF/7PQkdtxS/vyiKkZigd9TFgHjek1Nw==
+lmdb-store-0.9@0.7.2:
+  version "0.7.2"
+  resolved "https://registry.yarnpkg.com/lmdb-store-0.9/-/lmdb-store-0.9-0.7.2.tgz#45b907a46d0a676fee955629bd2f70f06efb26bb"
+  integrity sha512-/MO8G6p4l7ku1ltCCdE/2ZOtSQBSM0B02vIemMHjoKgjE/fooanJYXIFwtZYM5r/hBDxmO+L3q5ASAXbfHQ6pQ==
   dependencies:
     fs-extra "^9.0.1"
-    msgpackr "^0.5.0"
+    msgpackr "^0.5.3"
     nan "^2.14.1"
     node-gyp-build "^4.2.3"
     weak-lru-cache "^0.2.0"
 
+lmdb-store@^0.8.11:
+  version "0.8.11"
+  resolved "https://registry.yarnpkg.com/lmdb-store/-/lmdb-store-0.8.11.tgz#7f7c756a115ceab32c51c0948444bfd5d1716ab3"
+  integrity sha512-CFgxh2/TL1NXyJ8FQPXY50O/gADxih7Gx0RjKRScGlyxihqSLd/fGzMkbvDdeAOAS8bsnYpLojAMTSeNiwN8dQ==
+  dependencies:
+    fs-extra "^9.0.1"
+    lmdb-store-0.9 "0.7.2"
+    msgpackr "^0.5.4"
+    nan "^2.14.1"
+    node-gyp-build "^4.2.3"
+    weak-lru-cache "^0.3.9"
+
 load-bmfont@^1.3.1, load-bmfont@^1.4.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/load-bmfont/-/load-bmfont-1.4.0.tgz#75f17070b14a8c785fe7f5bee2e6fd4f98093b6b"
@@ -20318,20 +20330,20 @@ ms@2.1.1, ms@^2.0.0, ms@^2.1.1:
   resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.1.tgz#30a5864eb3ebb0a66f2ebe6d727af06a09d86e0a"
   integrity sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==
 
-msgpackr-extract@^0.3.4:
-  version "0.3.4"
-  resolved "https://registry.yarnpkg.com/msgpackr-extract/-/msgpackr-extract-0.3.4.tgz#8ee5e73d1135340e564c498e8c593134365eb060"
-  integrity sha512-d3+qwTJzgqqsq2L2sQuH0SoO4StvpUhMqMAKy6tMimn7XdBaRtDlquFzRJsp0iMGt2hnU4UOqD8Tz9mb0KglTA==
+msgpackr-extract@^0.3.5:
+  version "0.3.5"
+  resolved "https://registry.yarnpkg.com/msgpackr-extract/-/msgpackr-extract-0.3.5.tgz#0f206da058bd3dad0f8605d324de001a8f4de967"
+  integrity sha512-zHhstybu+m/j3H6CVBMcILVIzATK6dWRGtlePJjsnSAj8kLT5joMa9i0v21Uc80BPNDcwFsnG/dz2318tfI81w==
   dependencies:
     nan "^2.14.1"
     node-gyp-build "^4.2.3"
 
-msgpackr@^0.5.0:
-  version "0.5.1"
-  resolved "https://registry.yarnpkg.com/msgpackr/-/msgpackr-0.5.1.tgz#7eecbf342645b7718dd2e3386894368d06732b3f"
-  integrity sha512-nK2uJl67Q5KU3MWkYBUlYynqKS1UUzJ5M1h6TQejuJtJzD3hW2Suv2T1pf01E9lUEr93xaLokf/xC+jwBShMPQ==
+msgpackr@^0.5.3, msgpackr@^0.5.4:
+  version "0.5.4"
+  resolved "https://registry.yarnpkg.com/msgpackr/-/msgpackr-0.5.4.tgz#c21c03d5e132d2e54d0b9ced02a75b1f48413380"
+  integrity sha512-ILEWtIWwd5ESWHKoVjJ4GP7JWkpuAUJ20qi2j2qEC6twecBmK4E6YG3QW847OpmvdAhMJGq2LoDJRn/kNERTeQ==
   optionalDependencies:
-    msgpackr-extract "^0.3.4"
+    msgpackr-extract "^0.3.5"
 
 multicast-dns-service-types@^1.1.0:
   version "1.1.0"
@@ -29129,6 +29141,11 @@ weak-lru-cache@^0.2.0:
   resolved "https://registry.yarnpkg.com/weak-lru-cache/-/weak-lru-cache-0.2.0.tgz#447379ccff6dfda1b7a9566c9ef168260be859d1"
   integrity sha512-M1l5CzKvM7maa7tCbtL0NW6sOnp8gqup853+9Aq7GL0XNWKNnFOkeE3v3Z5X2IeMzedPwQyPbi4RlFvD6rxs7A==
 
+weak-lru-cache@^0.3.9:
+  version "0.3.9"
+  resolved "https://registry.yarnpkg.com/weak-lru-cache/-/weak-lru-cache-0.3.9.tgz#9e56920d4115e8542625d8ef8cc278cbd97f7624"
+  integrity sha512-WqAu3wzbHQvjSi/vgYhidZkf2p7L3Z8iDEIHnqvE31EQQa7Vh7PDOphrRJ1oxlW8JIjgr2HvMcRe9Q1GhW2NPw==
+
 web-namespaces@^1.0.0:
   version "1.1.4"
   resolved "https://registry.yarnpkg.com/web-namespaces/-/web-namespaces-1.1.4.tgz#bc98a3de60dadd7faefc403d1076d529f5e030ec"