Merge branch 'master' of github.com:yctercero/kibana into exceptions_…

…ui_find

docs/setup/production.asciidoc

@@ -167,7 +167,7 @@ These can be used to automatically update the list of hosts as a cluster is resi
 Kibana has a default maximum memory limit of 1.4 GB, and in most cases, we recommend leaving this unconfigured.  In some scenarios, such as large reporting jobs,
 it may make sense to tweak limits to meet more specific requirements.
 
-You can modify this limit by setting `--max-old-space-size` in the `node.options` config file that can be found inside `kibana/config` folder or any other configured with the environment variable `KIBANA_PATH_CONF` (for example in debian based system would be `/etc/kibana`).
+You can modify this limit by setting `--max-old-space-size` in the `node.options` config file that can be found inside `kibana/config` folder or any other configured with the environment variable `KBN_PATH_CONF` (for example in debian based system would be `/etc/kibana`).
 
 The option accepts a limit in MB:
 --------

src/core/server/config/deprecation/core_deprecations.test.ts

@@ -51,7 +51,7 @@ describe('core deprecations', () => {
       const { messages } = applyCoreDeprecations();
       expect(messages).toMatchInlineSnapshot(`
         Array [
-          "Environment variable CONFIG_PATH is deprecated. It has been replaced with KIBANA_PATH_CONF pointing to a config folder",
+          "Environment variable CONFIG_PATH is deprecated. It has been replaced with KBN_PATH_CONF pointing to a config folder",
         ]
       `);
     });

src/core/server/config/deprecation/core_deprecations.ts

@@ -23,7 +23,7 @@ import { ConfigDeprecationProvider, ConfigDeprecation } from './types';
 const configPathDeprecation: ConfigDeprecation = (settings, fromPath, log) => {
   if (has(process.env, 'CONFIG_PATH')) {
     log(
-      `Environment variable CONFIG_PATH is deprecated. It has been replaced with KIBANA_PATH_CONF pointing to a config folder`
+      `Environment variable CONFIG_PATH is deprecated. It has been replaced with KBN_PATH_CONF pointing to a config folder`
     );
   }
   return settings;

src/core/server/path/index.ts

@@ -25,14 +25,18 @@ import { fromRoot } from '../utils';
 const isString = (v: any): v is string => typeof v === 'string';
 
 const CONFIG_PATHS = [
+  process.env.KBN_PATH_CONF && join(process.env.KBN_PATH_CONF, 'kibana.yml'),
   process.env.KIBANA_PATH_CONF && join(process.env.KIBANA_PATH_CONF, 'kibana.yml'),
   process.env.CONFIG_PATH, // deprecated
   fromRoot('config/kibana.yml'),
 ].filter(isString);
 
-const CONFIG_DIRECTORIES = [process.env.KIBANA_PATH_CONF, fromRoot('config'), '/etc/kibana'].filter(
-  isString
-);
+const CONFIG_DIRECTORIES = [
+  process.env.KBN_PATH_CONF,
+  process.env.KIBANA_PATH_CONF,
+  fromRoot('config'),
+  '/etc/kibana',
+].filter(isString);
 
 const DATA_PATHS = [
   process.env.DATA_PATH, // deprecated

src/dev/build/tasks/bin/scripts/kibana-keystore

@@ -14,7 +14,7 @@ while [ -h "$SCRIPT" ] ; do
 done
 
 DIR="$(dirname "${SCRIPT}")/.."
-CONFIG_DIR=${KIBANA_PATH_CONF:-"$DIR/config"}
+CONFIG_DIR=${KBN_PATH_CONF:-"$DIR/config"}
 NODE="${DIR}/node/bin/node"
 test -x "$NODE"
 if [ ! -x "$NODE" ]; then

src/dev/build/tasks/bin/scripts/kibana-keystore.bat

@@ -12,8 +12,8 @@ If Not Exist "%NODE%" (
   Exit /B 1
 )
 
-set CONFIG_DIR=%KIBANA_PATH_CONF%
-If [%KIBANA_PATH_CONF%] == [] (
+set CONFIG_DIR=%KBN_PATH_CONF%
+If [%KBN_PATH_CONF%] == [] (
   set CONFIG_DIR=%DIR%\config
 )
 

src/dev/build/tasks/bin/scripts/kibana-plugin

@@ -14,7 +14,7 @@ while [ -h "$SCRIPT" ] ; do
 done
 
 DIR="$(dirname "${SCRIPT}")/.."
-CONFIG_DIR=${KIBANA_PATH_CONF:-"$DIR/config"}
+CONFIG_DIR=${KBN_PATH_CONF:-"$DIR/config"}
 NODE="${DIR}/node/bin/node"
 test -x "$NODE"
 if [ ! -x "$NODE" ]; then

src/dev/build/tasks/bin/scripts/kibana-plugin.bat

@@ -13,8 +13,8 @@ If Not Exist "%NODE%" (
   Exit /B 1
 )
 
-set CONFIG_DIR=%KIBANA_PATH_CONF%
-If [%KIBANA_PATH_CONF%] == [] (
+set CONFIG_DIR=%KBN_PATH_CONF%
+If [%KBN_PATH_CONF%] == [] (
   set CONFIG_DIR=%DIR%\config
 )
 

src/dev/build/tasks/bin/scripts/kibana.bat

@@ -14,8 +14,8 @@ If Not Exist "%NODE%" (
   Exit /B 1
 )
 
-set CONFIG_DIR=%KIBANA_PATH_CONF%
-If [%KIBANA_PATH_CONF%] == [] (
+set CONFIG_DIR=%KBN_PATH_CONF%
+If [%KBN_PATH_CONF%] == [] (
   set CONFIG_DIR=%DIR%\config
 )
 

src/dev/build/tasks/os_packages/package_scripts/post_install.sh

@@ -31,6 +31,10 @@ case $1 in
       --ingroup "<%= group %>" --shell /bin/false "<%= user %>"
     fi
 
+    if [ -n "$2" ]; then
+      IS_UPGRADE=true
+    fi
+
     set_access
   ;;
   abort-deconfigure|abort-upgrade|abort-remove)
@@ -47,6 +51,10 @@ case $1 in
       -c "kibana service user" "<%= user %>"
     fi
 
+    if [ "$1" = "2" ]; then
+      IS_UPGRADE=true
+    fi
+
     set_access
   ;;
 
@@ -55,3 +63,9 @@ case $1 in
       exit 1
   ;;
 esac
+
+if [ "$IS_UPGRADE" = "true" ]; then
+  if command -v systemctl >/dev/null; then
+      systemctl daemon-reload
+  fi
+fi

src/dev/build/tasks/os_packages/service_templates/sysv/etc/default/kibana

@@ -12,4 +12,4 @@ KILL_ON_STOP_TIMEOUT=0
 
 BABEL_CACHE_PATH="/var/lib/kibana/optimize/.babel_register_cache.json"
 
-KIBANA_PATH_CONF="/etc/kibana"
+KBN_PATH_CONF="/etc/kibana"

x-pack/plugins/security_solution/common/endpoint/generate_data.ts

@@ -1041,7 +1041,7 @@ export class EndpointDocGenerator {
           config: {
             artifact_manifest: {
               value: {
-                manifest_version: 'WzAsMF0=',
+                manifest_version: '1.0.0',
                 schema_version: 'v1',
                 artifacts: {},
               },

x-pack/plugins/security_solution/common/endpoint/schema/common.ts

@@ -23,8 +23,6 @@ export const encryptionAlgorithm = t.keyof({
 
 export const identifier = t.string;
 
-export const manifestVersion = t.string;
-
 export const manifestSchemaVersion = t.keyof({
   v1: null,
 });
@@ -34,4 +32,7 @@ export const relativeUrl = t.string;
 
 export const sha256 = t.string;
 
+export const semanticVersion = t.string;
+export type SemanticVersion = t.TypeOf<typeof semanticVersion>;
+
 export const size = t.number;

x-pack/plugins/security_solution/common/endpoint/schema/manifest.ts

@@ -11,9 +11,9 @@ import {
   encryptionAlgorithm,
   identifier,
   manifestSchemaVersion,
-  manifestVersion,
   relativeUrl,
   sha256,
+  semanticVersion,
   size,
 } from './common';
 
@@ -50,7 +50,7 @@ export type ManifestEntryDispatchSchema = t.TypeOf<typeof manifestEntryDispatchS
 
 export const manifestBaseSchema = t.exact(
   t.type({
-    manifest_version: manifestVersion,
+    manifest_version: semanticVersion,
     schema_version: manifestSchemaVersion,
   })
 );

x-pack/plugins/security_solution/public/common/components/exceptions/add_exception_modal/index.tsx

@@ -234,7 +234,7 @@ export const AddExceptionModal = memo(function AddExceptionModal({
   );
 
   const retrieveAlertOsTypes = useCallback(() => {
-    const osDefaults = ['windows', 'macos', 'linux'];
+    const osDefaults = ['windows', 'macos'];
     if (alertData) {
       const osTypes = getMappedNonEcsValue({
         data: alertData.nonEcsData,

x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/malware.tsx

@@ -7,16 +7,26 @@
 import React, { useCallback, useMemo } from 'react';
 import { useDispatch } from 'react-redux';
 import styled from 'styled-components';
-import { EuiRadio, EuiSwitch, EuiTitle, EuiSpacer, htmlIdGenerator } from '@elastic/eui';
+import {
+  EuiRadio,
+  EuiSwitch,
+  EuiTitle,
+  EuiSpacer,
+  htmlIdGenerator,
+  EuiCallOut,
+} from '@elastic/eui';
 import { i18n } from '@kbn/i18n';
 import { FormattedMessage } from '@kbn/i18n/react';
+import { APP_ID } from '../../../../../../../common/constants';
+import { SecurityPageName } from '../../../../../../app/types';
 
 import { Immutable, ProtectionModes } from '../../../../../../../common/endpoint/types';
 import { OS, MalwareProtectionOSes } from '../../../types';
 import { ConfigForm } from '../config_form';
 import { policyConfig } from '../../../store/policy_details/selectors';
 import { usePolicyDetailsSelector } from '../../policy_hooks';
 import { clone } from '../../../models/policy_details_config';
+import { LinkToApp } from '../../../../../../common/components/endpoint/link_to_app';
 
 const ProtectionRadioGroup = styled.div`
   display: flex;
@@ -177,6 +187,23 @@ export const MalwareProtections = React.memo(() => {
       rightCorner={protectionSwitch}
     >
       {radioButtons}
+      <EuiSpacer size="m" />
+      <EuiCallOut iconType="iInCircle">
+        <FormattedMessage
+          id="xpack.securitySolution.endpoint.policy.details.detectionRulesMessage"
+          defaultMessage="View {detectionRulesLink}. Prebuilt rules are tagged “Elastic” on the Detection Rules page."
+          values={{
+            detectionRulesLink: (
+              <LinkToApp appId={`${APP_ID}:${SecurityPageName.detections}`} appPath={`/rules`}>
+                <FormattedMessage
+                  id="xpack.securitySolution.endpoint.policy.details.detectionRulesLink"
+                  defaultMessage="related detection rules"
+                />
+              </LinkToApp>
+            ),
+          }}
+        />
+      </EuiCallOut>
     </ConfigForm>
   );
 });

x-pack/plugins/security_solution/public/overview/components/endpoint_notice/index.tsx

@@ -33,7 +33,7 @@ export const EndpointNotice = memo<{ onDismiss: () => void }>(({ onDismiss }) =>
           </b>
           <FormattedMessage
             id="xpack.securitySolution.overview.endpointNotice.title"
-            defaultMessage="Elastic Endpoint Security Beta"
+            defaultMessage="Elastic Endpoint Security (beta)"
           />
         </>
       }
@@ -49,7 +49,7 @@ export const EndpointNotice = memo<{ onDismiss: () => void }>(({ onDismiss }) =>
         <EuiButton onClick={handleGetStartedClick} href={endpointsLink}>
           <FormattedMessage
             id="xpack.securitySolution.overview.endpointNotice.tryButton"
-            defaultMessage="Try Elastic Endpoint Security Beta"
+            defaultMessage="Try Elastic Endpoint Security (beta)"
           />
         </EuiButton>
         <EuiButtonEmpty onClick={onDismiss}>

x-pack/plugins/security_solution/server/config.ts

@@ -29,6 +29,12 @@ export const configSchema = schema.object({
     from: schema.string({ defaultValue: 'now-15m' }),
     to: schema.string({ defaultValue: 'now' }),
   }),
+
+  /**
+   * Artifacts Configuration
+   */
+  packagerTaskInterval: schema.string({ defaultValue: '60s' }),
+  validateArtifactDownloads: schema.boolean({ defaultValue: true }),
 });
 
 export const createConfig$ = (context: PluginInitializerContext) =>

x-pack/plugins/security_solution/server/endpoint/config.ts

@@ -27,6 +27,12 @@ export const EndpointConfigSchema = schema.object({
     from: schema.string({ defaultValue: 'now-15m' }),
     to: schema.string({ defaultValue: 'now' }),
   }),
+
+  /**
+   * Artifacts Configuration
+   */
+  packagerTaskInterval: schema.string({ defaultValue: '60s' }),
+  validateArtifactDownloads: schema.boolean({ defaultValue: true }),
 });
 
 export function createConfig$(context: PluginInitializerContext) {

x-pack/plugins/security_solution/server/endpoint/ingest_integration.test.ts

@@ -12,7 +12,6 @@ import {
   ManifestManagerMockType,
 } from './services/artifacts/manifest_manager/manifest_manager.mock';
 import { getPackageConfigCreateCallback } from './ingest_integration';
-import { ManifestConstants } from './lib/artifacts';
 
 describe('ingest_integration tests ', () => {
   describe('ingest_integration sanity checks', () => {
@@ -30,16 +29,6 @@ describe('ingest_integration tests ', () => {
       expect(newPolicyConfig.inputs[0]!.config!.policy.value).toEqual(policyConfigFactory());
       expect(newPolicyConfig.inputs[0]!.config!.artifact_manifest.value).toEqual({
         artifacts: {
-          'endpoint-exceptionlist-linux-v1': {
-            compression_algorithm: 'zlib',
-            decoded_sha256: 'd801aa1fb7ddcc330a5e3173372ea6af4a3d08ec58074478e85aa5603e926658',
-            decoded_size: 14,
-            encoded_sha256: 'f8e6afa1d5662f5b37f83337af774b5785b5b7f1daee08b7b00c2d6813874cda',
-            encoded_size: 22,
-            encryption_algorithm: 'none',
-            relative_url:
-              '/api/endpoint/artifacts/download/endpoint-exceptionlist-linux-v1/d801aa1fb7ddcc330a5e3173372ea6af4a3d08ec58074478e85aa5603e926658',
-          },
           'endpoint-exceptionlist-macos-v1': {
             compression_algorithm: 'zlib',
             decoded_sha256: 'd801aa1fb7ddcc330a5e3173372ea6af4a3d08ec58074478e85aa5603e926658',
@@ -61,7 +50,7 @@ describe('ingest_integration tests ', () => {
               '/api/endpoint/artifacts/download/endpoint-exceptionlist-windows-v1/d801aa1fb7ddcc330a5e3173372ea6af4a3d08ec58074478e85aa5603e926658',
           },
         },
-        manifest_version: 'a9b7ef358a363f327f479e31efc4f228b2277a7fb4d1914ca9b4e7ca9ffcf537',
+        manifest_version: '1.0.0',
         schema_version: 'v1',
       });
     });
@@ -70,9 +59,7 @@ describe('ingest_integration tests ', () => {
       const logger = loggingSystemMock.create().get('ingest_integration.test');
       const manifestManager = getManifestManagerMock();
       manifestManager.pushArtifacts = jest.fn().mockResolvedValue([new Error('error updating')]);
-      const lastComputed = await manifestManager.getLastComputedManifest(
-        ManifestConstants.SCHEMA_VERSION
-      );
+      const lastComputed = await manifestManager.getLastComputedManifest();
 
       const callback = getPackageConfigCreateCallback(logger, manifestManager);
       const policyConfig = createNewPackageConfigMock();
@@ -90,9 +77,7 @@ describe('ingest_integration tests ', () => {
       const manifestManager = getManifestManagerMock({
         mockType: ManifestManagerMockType.InitialSystemState,
       });
-      const lastComputed = await manifestManager.getLastComputedManifest(
-        ManifestConstants.SCHEMA_VERSION
-      );
+      const lastComputed = await manifestManager.getLastComputedManifest();
       expect(lastComputed).toEqual(null);
 
       manifestManager.buildNewManifest = jest.fn().mockRejectedValue(new Error('abcd'));
@@ -107,9 +92,7 @@ describe('ingest_integration tests ', () => {
     test('subsequent policy creations succeed', async () => {
       const logger = loggingSystemMock.create().get('ingest_integration.test');
       const manifestManager = getManifestManagerMock();
-      const lastComputed = await manifestManager.getLastComputedManifest(
-        ManifestConstants.SCHEMA_VERSION
-      );
+      const lastComputed = await manifestManager.getLastComputedManifest();
 
       manifestManager.buildNewManifest = jest.fn().mockResolvedValue(lastComputed); // no diffs
       const callback = getPackageConfigCreateCallback(logger, manifestManager);

x-pack/plugins/security_solution/server/endpoint/ingest_integration.ts

@@ -10,22 +10,22 @@ import { factory as policyConfigFactory } from '../../common/endpoint/models/pol
 import { NewPolicyData } from '../../common/endpoint/types';
 import { ManifestManager } from './services/artifacts';
 import { Manifest } from './lib/artifacts';
-import { reportErrors, ManifestConstants } from './lib/artifacts/common';
+import { reportErrors } from './lib/artifacts/common';
 import { InternalArtifactCompleteSchema } from './schemas/artifacts';
 import { manifestDispatchSchema } from '../../common/endpoint/schema/manifest';
 
 const getManifest = async (logger: Logger, manifestManager: ManifestManager): Promise<Manifest> => {
   let manifest: Manifest | null = null;
 
   try {
-    manifest = await manifestManager.getLastComputedManifest(ManifestConstants.SCHEMA_VERSION);
+    manifest = await manifestManager.getLastComputedManifest();
 
     // If we have not yet computed a manifest, then we have to do so now. This should only happen
     // once.
     if (manifest == null) {
       // New computed manifest based on current state of exception list
-      const newManifest = await manifestManager.buildNewManifest(ManifestConstants.SCHEMA_VERSION);
-      const diffs = newManifest.diff(Manifest.getDefault(ManifestConstants.SCHEMA_VERSION));
+      const newManifest = await manifestManager.buildNewManifest();
+      const diffs = newManifest.diff(Manifest.getDefault());
 
       // Compress new artifacts
       const adds = diffs.filter((diff) => diff.type === 'add').map((diff) => diff.id);
@@ -63,7 +63,7 @@ const getManifest = async (logger: Logger, manifestManager: ManifestManager): Pr
     logger.error(err);
   }
 
-  return manifest ?? Manifest.getDefault(ManifestConstants.SCHEMA_VERSION);
+  return manifest ?? Manifest.getDefault();
 };
 
 /**