This change allows native users and roles to be used on tribe nodes. The tribe node will actually
use the security index of one of the tribes, which must be specified with the `tribe.on_conflict`
setting. User and role modifications are not permitted when running on a tribe node.
Closeselastic/elasticsearch#3451
Original commit: elastic/x-pack-elasticsearch@2b762ca648
When deleting a watch the version was used as part of
the delete request. However a watch deletion means the
user really wants to get rid of it and not accidentally
run into a version exception because the watch was running in
between.
Original commit: elastic/x-pack-elasticsearch@e585f717f1
In preparation for elastic/elasticsearch#2957, I found we have things both in the root level
dev-tools, as well as elasticsearch/x-dev-tools. Most of this stuff can
be removed as it had to do with the old manual release process. There
was also a signed license file checked in. I removed it here, we really
should not have licenses checked in IMO, and it is unclear what the
purpose of this license was for. The two remaining scripts were moved to
the root dev-tools.
Original commit: elastic/x-pack-elasticsearch@3e24ea2d56
When running as a node, we check the `xpack.security.transport.filter.enabled` setting to see
if we should create the IPFilter but this check is not really correct. The HTTP filter could be
enabled or a profile filter could be enabled so there are times when we may not be filtering connections
when we should. Additionally, since we do not bind the IPFilter to a null provider, Guice will try to create
one during startup to inject into the security transport. This results in an exception and startup fails.
This change always creates the IPFilter when running as a node. This IPFilter has its own settings and
logic to determine whether it should be filtering on a given network transport.
Closeselastic/elasticsearch#3592
Original commit: elastic/x-pack-elasticsearch@95c25651c4
Some methods have been renamed in elastic/elasticsearchelastic/elasticsearch#20560. This commit change a .bytes() call to a .getBytes() call.
Original commit: elastic/x-pack-elasticsearch@4a0ff77361
This commit fixes the cat.templates REST tests so that it works when other templates exist (like monitoring)
Original commit: elastic/x-pack-elasticsearch@2e27ad88b4
This change switches the build to use the licensing prod key when
building the xpack jar for release.
Original commit: elastic/x-pack-elasticsearch@54a21dae5b
This adds an "interval" placeholder parameter that is required to the Monitoring Bulk API, and adds it to the Kibana side of the plumbing.
Having this will allow us to add it to all incoming documents and start to report against it with the Insights, as well as to detect the _lack_ of incoming documents.
By adding it now, we can avoid having a non-BWC API change for Kibana in 5.1. We'll just pickup new data in our documents.
Original commit: elastic/x-pack-elasticsearch@5ba8aafe03
This is a followup for elastic/elasticsearchelastic/elasticsearch#20526 removes the pluggability of
transport / http server transport via guice.
Original commit: elastic/x-pack-elasticsearch@5fb84949aa
The x-pack client jar and api jar are exactly the same: the entirety of
x-pack. Since we added the x-pack-transport jar, we no longer really
want the client jar as it is confusing. Additionally, it causes jar hell
when a test for an extension uses the transport client. This change
removes the client jar, and makes the x-pack transport client use the
api jar instead. This sounds odd at first, but since transport client is
going away eventually, it is a stopgap, and works.
closeselastic/elasticsearch#3309
Original commit: elastic/x-pack-elasticsearch@ee7a2c12c0
Due to untested code there was an NPE happening in production,
when a chained input execution failed, but the chained input
tried to access the resulting payload (which is never set on
failures). This payload now defaults to being empty.
This commit also drive-by fixes a broken logging statement, that
on the one side returned not the watch id, but a useless watch
toString() representation, and on the other hand only logs an error
message, but not a stack trace into the log, as this is what the
history is for.
Original commit: elastic/x-pack-elasticsearch@7dbe1afd90
Whenever a watch is updated (put, delete, set state), until now we
happened to reject those operations when a watch was executed at the
same time. However with long running reporting this might mean, that a
watch can never be changed, because it always gets executed.
* Removes the ability of write requests to obtain a lock at all (executing watches is still protected by a lock)
* Replaced the FairKeyedLock in watcher with the KeyedLock in Elasticsearch, which also takes a fair option, removed the FairKeyedLock
* Removed all the timeout parameters that are no longer needed, because there is no lock anymore
* Removed also the force parameter for watch deletion. Just do it[tm]
* Added a test that deleting a watch while it is being executed does not leave any leftovers
In case of a deletion of a watch during an execution, so that updating the status of the watch fails,
a warning is logged.
Closeselastic/elasticsearch#3417
Original commit: elastic/x-pack-elasticsearch@22fad1b797
As part of the review of elastic/elasticsearch#3287, the stopping of the IndexAuditTrail was moved to the tearDown
method. This works sometimes but other times it fails because tearDown is run after
ESIntegTestCase#after, so the IndexAuditTrail is still running during the after checks which will
cause the test to fail since the shard lock cannot be obtained.
Closeselastic/elasticsearch#3520
Original commit: elastic/x-pack-elasticsearch@4cb52b15a2
Today the operation mode can be set to default for a short amout of
time until it's reset to the actual mode this can cause weird sideeffects
for users if it's read concurrently. Also the test relies on a certain
happens before relationship that is not guaranteed since the operation
mode is set before the listerner is run. This change also rewrites the test
to not use busy waiting but wait for the actual listern to be executed.
Original commit: elastic/x-pack-elasticsearch@a2a42b89e5
1. We only support indexes created by Marvel 2.3+. All other indexes
are just ignored.
2. The tests don't assert a ton of interesting stuff because there
isn't a java API for Monitoring that we can just use. Instead we assert
that a few objects are there and look sane.
3. We don't migrate the contents of the data index. Instead we just
rely on Monitoring recreating it.
Original commit: elastic/x-pack-elasticsearch@86216c2d61
The IndexAuditTrail had both a stop and close method that needed to be called in order
to stop the service. There was a race where we called either flush or close in a non
blocking fashion and then immediately closed the underlying client. This change makes
the stop method wait for up to 10 seconds when closing the bulk processor.
Closeselastic/elasticsearch#3279
Original commit: elastic/x-pack-elasticsearch@0d776bc91a
TransportService is not pluggable anymore in core. Instead we now have a interceptor
infrastructure that allows to intercept send and receive calls on the transport layer.
Relates to elastic/elasticsearchelastic/elasticsearch#20505
Original commit: elastic/x-pack-elasticsearch@04194ecb09
This adds proxy support to the hipchat action. Right now
neither hipchat nor slack nor pagerduty allow for this,
but if you dont need a proxy for internal http connections,
but you do for external, then this configuration cannot be done
without setting a proxy for those actions.
You can set it like this in the JSON
```
"actions" : {
"notify-hipchat" : {
"hipchat" : {
"account" : "integration-account",
"proxy" : {
"host" : "localhost",
"port" : 8080
},
"message" : {
...
}
}
}
}
```
Relates elastic/elasticsearch#3372
Original commit: elastic/x-pack-elasticsearch@4e8447ce37
This cleans up some of the reported stats to be a little clearer, including making the JVM Heap chart behave like Kibana's memory chart. This solves two problems: you can now determine the max heap size and you know what "x%" actually means relative to it.
Original commit: elastic/x-pack-elasticsearch@450f6fd546
This commit fixes the logging audit tests which were broken due to an
upstream change in core Elasticsearch relating to the fact that prefixes
are no longer considered part of the log message, but are instead
implemented via markers.
Original commit: elastic/x-pack-elasticsearch@abd7ec23d8
To deny access to a fields users can name exceptions to field permissions with the following syntax:
"fields": {
"grant": [list of field names patterns],
"except": [list of patterns that are forbidden]
}
See doc for the rules for this.
This commit also reverts elastic/elasticsearch#2720closeselastic/elasticsearch#2681
Original commit: elastic/x-pack-elasticsearch@d6537028ec
Ryan Ernst
jaymode
Jay Modi
Tyler Smalley
Alexander Reelsen
Tim Sullivan
Igor Motov
Simon Willnauer
Tanguy Leroux
Chris Earle
Simon Willnauer
Nik Everett
Boaz Leskes
Yannick Welsch
Jason Tedor
Britta Weber
Shaunak Kashyap
Dimitrios Liappis
Martijn van Groningen