Commit Graph

6758 Commits

Author SHA1 Message Date
David Kyle cba4421a75 [ML] Fix streaming the process update request (elastic/x-pack-elasticsearch#2928)
Original commit: elastic/x-pack-elasticsearch@cf76c13a2b
2017-11-08 16:29:12 +00:00
Christoph Büscher 17ae4899c8 [Test] Change expected exception type after changes in core
Original commit: elastic/x-pack-elasticsearch@0ad2e06970
2017-11-08 12:54:54 +01:00
David Roberts 7b25e7d9ed [ML] Remove Watcher middleman from ML dependency on core (elastic/x-pack-elasticsearch#2926)
I imagine this needless indirection arose from accepting the wrong
IntelliJ suggestion for an import.

Original commit: elastic/x-pack-elasticsearch@54d7e854d3
2017-11-08 10:33:48 +00:00
Tim Vernum 59b453e1c8 [Security] Fix concrete security index name (elastic/x-pack-elasticsearch#2905)
The 5.6 Upgrade API will reindex .security to .security-6 and create a .security alias.
But the 6.0 default was to create a .security-v6 index and a .security alias if none existed (e.g. fresh x-pack install)

Having two different index names based on the method of install/upgrade complicates the code and testing, so we're unifying on the .security-6 index name that already exists in the wild.

Original commit: elastic/x-pack-elasticsearch@d78f569c5f
2017-11-08 10:22:42 +11:00
David Roberts 027f64b221 [ML] Fix a race condition simultaneous close requests are made for a job (elastic/x-pack-elasticsearch#2913)
When simultaneous close requests were made for the same job it was possible
that one of the requests would inappropriately log error messages about the
job having failed.  This change prevents that problem, whilst continuing to
adhere to the requirement that close requests for already closing jobs do not
return until the close request that is doing the work completes.

relates elastic/x-pack-elasticsearch#2912

Original commit: elastic/x-pack-elasticsearch@513b7fa1d6
2017-11-07 14:30:59 +00:00
Tim Vernum 8e5855e62e Allow XPack user read-only access to index audit log (elastic/x-pack-elasticsearch#2906)
The default internal XPack user no longer has access to the security index, but it should have read-only access to the audit log so that watches can be triggered based on audit events (but cannot write audit records)

Original commit: elastic/x-pack-elasticsearch@5c37720dad
2017-11-07 19:31:24 +11:00
lcawley 7fe8bf3080 [DOCS] Fixed broken link to Logstash monitoring
Original commit: elastic/x-pack-elasticsearch@1f64dd6637
2017-11-06 22:45:24 -08:00
Jay Modi be773363c9 Do not fail requests on exceptions from native roles store (elastic/x-pack-elasticsearch#2857)
This commit changes the handling of exceptions when retrieving roles from the native roles store.
Previously, exceptions would have caused the request to terminate and the exception would be
sent back to the user. This makes for a bad experience when a cluster hasn't been upgraded to the
latest index format and anonymous access is enabled with a native role as all requests without
preemptive basic authentication would result in an exception. The change here is to allow the
request to continue processing. Once the security index is up to date, the roles cache is cleared
so that the native roles can be picked up.

relates elastic/x-pack-elasticsearch#2686

Original commit: elastic/x-pack-elasticsearch@ef5149140f
2017-11-06 10:27:56 -07:00
Simon Willnauer 457c49c332 Apply Renames from split shards (elastic/x-pack-elasticsearch#2716)
XPack side of elastic/elasticsearch#26931

Original commit: elastic/x-pack-elasticsearch@6e7c3d4242
2017-11-06 11:38:21 +01:00
Tim Vernum dd3a800745 Fix ASN.1 encoding of "cn" OtherName in CertGen/CertUtil (elastic/x-pack-elasticsearch#2858)
Certgen was generating "other name" SANs without the explicit [0] tag that is required.
This was masked by the fact that the JRE X.509 classes always wrap the "other name" name-value in a [0] tag  (even if it already has one)

Also switched to a UTF8 String from an IA5 string to match the configuration being used for testing in openssl.

Original commit: elastic/x-pack-elasticsearch@1b87964ec7
2017-11-06 10:04:17 +11:00
David Roberts 7b36046f33 Use TestEnvironment factory method to create test Environment objects (elastic/x-pack-elasticsearch#2860)
This is the X-Pack side of elastic/elasticsearch#27235.  To force people
who construct an Environment object in production code to think about the
correct setting of configPath there is no longer a single argument
constructor in the Environment class.  Instead there is a factory method
in the test framework to replace it.  Having this in the test framework
ensures that there is no way to use it in production code.

Original commit: elastic/x-pack-elasticsearch@4860e92d90
2017-11-04 13:25:56 +00:00
Chris Earle 5b85453c9a [TEST] Use the test's Settings.Builder in the test rather than Settings.EMPTY
Original commit: elastic/x-pack-elasticsearch@5b7d7bc652
2017-11-03 16:56:01 -04:00
lcawley e492f3c654 [DOCS] Rename X-Pack settings page
Original commit: elastic/x-pack-elasticsearch@f2101c5974
2017-11-03 12:20:31 -07:00
lcawley 58dd5b748b [DOCS] Single-source X-Pack Settings
Original commit: elastic/x-pack-elasticsearch@9c0f0b0479
2017-11-03 10:36:03 -07:00
Lisa Cawley 9cd40747e9 [DOCS] Add X-Pack license settings (elastic/x-pack-elasticsearch#2833)
Original commit: elastic/x-pack-elasticsearch@6bab830682
2017-11-03 09:27:20 -07:00
David Roberts ba5dbc4daf Remove uses of single argument Environment constructor from production code (elastic/x-pack-elasticsearch#2852)
Following elastic/elasticsearch#27235 the single argument Environment constructor
is forbidden in production code.  This change removes the last such uses from
X-Pack.

Original commit: elastic/x-pack-elasticsearch@87e72d0d07
2017-11-03 09:12:35 +00:00
lcawley 1a28f57e0d [DOCS] Added link to product compatibility matrix
Original commit: elastic/x-pack-elasticsearch@19f04e486f
2017-11-02 11:45:16 -07:00
Lisa Cawley 7e91fc3feb [DOCS] Fixed typo in Watcher email actions (elastic/x-pack-elasticsearch#2829)
Original commit: elastic/x-pack-elasticsearch@1468a76b6d
2017-11-02 09:55:51 -07:00
David Roberts 14211b47f2 Use the correct Environment object in NativeControllerHolder (elastic/x-pack-elasticsearch#2847)
We should not be constructing a temporary Environment object in production
code.  This currently isn't causing any problems, but it might in the future
if elastic/elasticsearch#27144 or something similar is ever merged.  Instead
the master Environment of the node should always be used.

Original commit: elastic/x-pack-elasticsearch@6276a54a45
2017-11-02 16:36:09 +00:00
Lisa Cawley 8888922af8 [DOCS] Fixed email action typo in watcher (elastic/x-pack-elasticsearch#2849)
Original commit: elastic/x-pack-elasticsearch@80795a0c07
2017-11-02 09:29:20 -07:00
Lisa Cawley aa41f27d93 [DOCS] Added X-Pack monitoring to Elasticsearch Reference (elastic/x-pack-elasticsearch#2831)
Original commit: elastic/x-pack-elasticsearch@123738556e
2017-11-02 09:25:10 -07:00
Chris Earle 2acd0afdd5 [Monitoring] Add Data to Warn on lack of Transport TLS (elastic/x-pack-elasticsearch#2820)
This adds the data necessary to add a warning to the alerts UI representing each cluster when xpack.security.transport.tls.enabled is not set to true for a trial licensed cluster running with
xpack.security.enabled.

Original commit: elastic/x-pack-elasticsearch@28fe8bad76
2017-11-02 15:26:04 +00:00
Lisa Cawley 2bc0d8698d [DOCS] Add SSL info to setup-passwords (elastic/x-pack-elasticsearch#2734)
* [DOCS] Add SSL info to setup-passwords

* [DOCS] Addressed feedback in setup-passwords

* [DOCS] Added link to setup-passwords troubleshooting page

Original commit: elastic/x-pack-elasticsearch@2bf820c303
2017-11-02 08:22:48 -07:00
Nik Everett d66d88c5cd Fix tset compile
Test wasn't compiling after a change to core.

Original commit: elastic/x-pack-elasticsearch@8017b29f0b
2017-11-02 00:14:27 -04:00
Jason Tedor 400184bd1c Adjust number of files assertion in packaging tests
This commit adjusts the number of files assertions in the packaging
tests after the number was increased by the addition of certutil and
certutil.bat.

Relates elastic/x-pack-elasticsearch#2561

Original commit: elastic/x-pack-elasticsearch@b1a7800dd6
2017-11-01 22:08:47 -04:00
lcawley 61864c3a67 [DOCS] Added troubleshooting for setup-passwords command
Original commit: elastic/x-pack-elasticsearch@6196c1e2bf
2017-11-01 09:35:53 -07:00
Lisa Cawley da3d9dcf69 [DOCS] Added hide_settings to security settings (elastic/x-pack-elasticsearch#2801)
* [DOCS] Added hide_settings to security settings

* [DOCS] Addressed feedback about hide_settings

Original commit: elastic/x-pack-elasticsearch@6a6d394c71
2017-11-01 09:21:11 -07:00
lcawley b8aefcc1e7 [DOCS] Added testresponse substitution to avoid gradle issues
Original commit: elastic/x-pack-elasticsearch@531579a626
2017-11-01 08:25:46 -07:00
Albert Zaharovits fb13299714 Log when encountered cert but expecting key and vice-versa.. (elastic/x-pack-elasticsearch#2670)
Log when encountered cert but expecting key and vice-versa.

relates elastic/x-pack-elasticsearch#2657

Original commit: elastic/x-pack-elasticsearch@4e26d8044f
2017-11-01 15:20:28 +02:00
David Kyle fe21003341 [DOCS] Mute failing test snippet
Original commit: elastic/x-pack-elasticsearch@0a2a90bbed
2017-11-01 11:05:17 +00:00
Chris Earle 31741a85d9 [Monitoring] Add Shard-level Details to Index Stats Collection (elastic/x-pack-elasticsearch#2817)
This adds details about the shards and the health of the index. By adding these stats directly to the document, the UI can avoid many aggregations and enable better searching and sorting against indices.

Original commit: elastic/x-pack-elasticsearch@f38ae5ce69
2017-10-31 16:41:40 +00:00
Tanguy Leroux f416c5b3c9 Replace empty index block checks with global block checks in get/put license actions (elastic/x-pack-elasticsearch#2766)
Related to elastic/x-pack-elasticsearch#10530

Original commit: elastic/x-pack-elasticsearch@f4c9924d62
2017-10-31 16:15:14 +01:00
Jay Modi 4f65d9b527 Retry startup for IndexAuditTrail and version templates (elastic/x-pack-elasticsearch#2755)
This commit removes the FAILED state for the IndexAuditTrail so that we always try to keep starting
the service. Previously, on any exception during startup we moved to a failed state and never tried
to start again. The users only option was to restart the node. This was problematic in the case of
large clusters as there could be common timeouts of cluster state listeners that would cause the
startup of this service to fail.

Additionally, the logic in the IndexAuditTrail to update the template on the current cluster has
been removed and replaced with the use of the TemplateUpgradeService. However, we still need to
maintain the ability to determine if a template on a remote cluster should be PUT. To avoid always
PUTing the template, the version field has been added so it only needs to be PUT once on upgrade.

Finally, the default queue size has been increased as this is another common issue that users hit
with high traffic clusters.

relates elastic/x-pack-elasticsearch#2658

Original commit: elastic/x-pack-elasticsearch@27e2ce7223
2017-10-30 09:11:18 -06:00
Lisa Cawley f69f6cd341 [DOCS] Enabled code snippet testing for datafeed APIs (elastic/x-pack-elasticsearch#2811)
* [DOCS] Enabled code snippet testing for put datafeed API

* [DOCS] Addressed gradle errors in put datafeed API

* [DOCS] Added job creation test to build.gradle

Original commit: elastic/x-pack-elasticsearch@3548d920c7
2017-10-30 07:54:33 -07:00
Chris Earle c335b00c9b [Monitoring] Add "cluster_state.nodes_hash" to document (elastic/x-pack-elasticsearch#2798)
Adding this field enables a very simple mechanism for detecting node changes in the cluster state via Watcher (and other mechanisms). The next step is to add the cluster alert that uses it.

Original commit: elastic/x-pack-elasticsearch@1eacc25cff
2017-10-30 13:13:57 +00:00
Martijn van Groningen 9706d07209 disabled test assertion
Original commit: elastic/x-pack-elasticsearch@5a05c607e5
2017-10-30 10:15:45 +01:00
Martijn van Groningen f96153143b test: added logging and don't use replicas
Original commit: elastic/x-pack-elasticsearch@917ef8177d
2017-10-30 09:39:10 +01:00
Martijn van Groningen 2d89394896 test: removed refresh workaround
Original commit: elastic/x-pack-elasticsearch@75b571c23f
2017-10-30 09:29:43 +01:00
Martijn van Groningen 9a1c103bb2 security: Fail search request if profile is used and DLS is active.
Original commit: elastic/x-pack-elasticsearch@b83536460d
2017-10-30 09:12:27 +01:00
Tim Vernum 0c7caabea1 Usability enhancements for certificate generation (elastic/x-pack-elasticsearch#2561)
This commit adds a new `certutil` command and deprecates the `certgen` command.
 
The new certuil consists of sub commands that are (by default) are simpler to use than the old monolithic command, but still support all the previous behaviours.

Original commit: elastic/x-pack-elasticsearch@3f57687da9
2017-10-30 13:08:31 +11:00
Nhat ba29971323 test: updates DocsStats with totalSizeInBytes
Relates https://github.com/elastic/elasticsearch/pull/27117

Original commit: elastic/x-pack-elasticsearch@9bf177d90b
2017-10-28 13:04:21 -04:00
Alexander Reelsen 940eabd5f3 Watcher: Add thread pool rejection to execution state (elastic/x-pack-elasticsearch#2805)
The execution state of a watch did not differentiate between failures of
the execution like a broken painless script and a thread pool rejection.

This adds an own state, which allows to aggregate on such data in the
watch history, which should ease debugging issues a bit.

Original commit: elastic/x-pack-elasticsearch@351e64e14d
2017-10-27 16:37:14 +02:00
Martijn van Groningen 96b0b4e96d test: refresh only once to workaround phrase suggester edge case
Relates to elastic/x-pack-elasticsearch#2804

Original commit: elastic/x-pack-elasticsearch@3f2b6b7eea
2017-10-27 15:05:18 +02:00
Hendrik Muhs f74e680142 [ML] add detectorIndex to modelplot and forecast (elastic/x-pack-elasticsearch#2796)
add detector_index to model plots and forecast

relates elastic/x-pack-elasticsearch#2547

corresponding ml-cpp change: elastic/machine-learning-cpp#361

Original commit: elastic/x-pack-elasticsearch@5927d8578e
2017-10-27 12:54:42 +02:00
Dimitris Athanasiou c7e94b3b4c [ML] Enable overall buckets aggregation at a custom bucket span (elastic/x-pack-elasticsearch#2782)
For the purpose of getting this API consumed by our UI, returning
overall buckets that match the job's largest `bucket_span` can
result in too much data. The UI only ever displays a few buckets
in the swimlane. Their span depends on the time range selected and
the screen resolution, but it will only ever be a relatively
low number.

This PR adds the ability to aggregate overall buckets in a user
specified `bucket_span`. That `bucket_span` may be equal or
greater to the largest job's `bucket_span`. The `overall_score`
of the result overall buckets is the max score of the
corresponding overall buckets with a span equal to the job's
largest `bucket_span`.

The implementation is now chunking the bucket requests
as otherwise the aggregation would fail when too many buckets
are matching.

Original commit: elastic/x-pack-elasticsearch@981f7a40e5
2017-10-27 11:14:13 +01:00
Martijn van Groningen e028716bec test: use a single primary shard to workaround an edge case with the phrase suggester
Relates to elastic/x-pack-elasticsearch#2804

Original commit: elastic/x-pack-elasticsearch@afd028faf7
2017-10-27 10:41:19 +02:00
Lisa Cawley 215f289a8c [DOCS] Reformatted security troubleshooting pages (elastic/x-pack-elasticsearch#2799)
Original commit: elastic/x-pack-elasticsearch@ec9969ec7a
2017-10-26 13:56:57 -07:00
Lisa Cawley 61bfa39331 [DOCS] Added setup-passwords command parameters (elastic/x-pack-elasticsearch#2735)
* [DOCS] Added setup-passwords command parameters

* [DOCS] Addressed feedback in setup-passwords command

Original commit: elastic/x-pack-elasticsearch@5401994c56
2017-10-26 08:28:32 -07:00
Martijn van Groningen 62215f1fae security: Fail request if suggesters are used and DLS is active.
Original commit: elastic/x-pack-elasticsearch@056c735e77
2017-10-26 08:02:31 +02:00
Tim Vernum 8985625ea5 [Security] BulkShardRequest may have multiple indices (elastic/x-pack-elasticsearch#2742)
If a bulk update references aliases rather than concrete indices,
it is possible that a single shard level request could have multiple distinct "index names", potentially including "date math".
Those names will resolve to the same concrete index, but they might have different privileges.

Original commit: elastic/x-pack-elasticsearch@34cfd11df8
2017-10-26 15:34:58 +11:00