Commit Graph

54119 Commits

Author SHA1 Message Date
James Rodewig af9e96d681
[DOCS] EQL: Update `allow_no_indices` default (#63748) (#63891)
Co-authored-by: Adam Locke <adam.locke@elastic.co>
2020-10-19 12:31:22 -04:00
Rene Groeschke 34ccd3f0dc Explicitly use TLS 1.2 in Gradle (#63880) 2020-10-19 08:57:26 -07:00
Aref Razavi 2950818d44 Remove useless parentheses in bucket_key formula (#63868) 2020-10-19 11:53:33 +02:00
István Zoltán Szabó eef670f004
[DOCS] Clarifies destination index mappings for Transforms. (#63794) (#63804) 2020-10-19 10:03:08 +02:00
Julie Tibshirani f122b88bc5 Remove dependency from version plugin. 2020-10-18 14:09:32 -07:00
Julie Tibshirani ff312512c5 Mark the search 'fields' option as beta. (#63699)
We've identified two important enhancements that may affect the API. We expect
any API changes from these enhancements to be minor, but want to leave open the
possibility for small breaks. For example, we may end up returning unmapped
fields by default, or omitting nested fields from the root hit. The impact to
users should be quite small.

We're tracking the issues we need to resolve before removing the 'beta' label
here: #60985.
2020-10-18 14:09:27 -07:00
Lisa Cawley e6959d0d20
[7.10][DOCS] Add grant API key API and grant_api_key privilege (#63853) 2020-10-16 15:41:46 -07:00
Andrei Stefan 5f3c79d64b
Remove filter from QL's field_caps requests (#63840) (#63845)
(cherry picked from commit f009e6341d0fc0471f212d5a41c91e7aab77e006)
2020-10-17 01:36:26 +03:00
Jay Greenberg 3e5e54b884 [DOCS] Add monitoring note (#61793) 2020-10-16 13:36:28 -07:00
James Rodewig 07e4129328
[DOCS] Remove 7.9.2 coming tags (#62872) (#63830)
Removes coming tags from 7.9.2 Release Notes.

Co-authored-by: Kaarina Tungseth <kaarina.tungseth@elastic.co>
2020-10-16 12:44:53 -04:00
James Rodewig 309bb9bb3a
[7.10] Release notes for 7.9.2 (#62664) (#63827)
Co-authored-by: Dan Hermann <danhermann@users.noreply.github.com>
2020-10-16 12:18:36 -04:00
James Rodewig df8070722a
[DOC] Review integration page (#63799) (#63816)
Co-authored-by: James Rodewig <40268737+jrodewig@users.noreply.github.com>
Co-authored-by: Aaron Bull Schaefer <abs@elastic.co>
Co-authored-by: Luca Belluccini <luca.belluccini@elastic.co>
2020-10-16 11:40:09 -04:00
Mayya Sharipova c0c1a7a9a6 Apply boost only once for distance_feature query (#63767)
Currently if distance_feature query contains boost,
it incorrectly  gets applied twice: in AbstractQueryBuilder::toQuery and
we also pass this boost to Lucene's LongPoint.newDistanceFeatureQuery.
As a result we get incorrect scores.

This fixes this error to ensure that boost is applied only once.

Closes #63691
2020-10-16 10:02:55 -04:00
James Rodewig 179c6d4014
[DOCS] Fix role template snippet (#63774) (#63779) 2020-10-16 08:24:29 -04:00
Enrico Zimuel e724be5f41
Specify security.get_role_mapping and security.get_role name as list (#53207) (#63785)
This commit updates the rest API specs for

- security.get_role_mapping to specify name as a list type.
- security.get_role to specify name as a list type.

Co-authored-by: Russ Cam <russ.cam@elastic.co>
2020-10-16 14:22:37 +02:00
Ioannis Kakavas 364511395d
[7.10] Move RestRequestFilter to core (#63507)
Move RestRequestFilter to core so that Rest requests outside xpack can use 
it to filter fields and expand its usage.

Backport of #63507
2020-10-16 13:57:52 +03:00
Andrei Dan f4a856d423
Update 7.10 release notes after respin (#63725) (#63757)
Adds PRs diff to the release notes.

(cherry picked from commit 1ede4b332e5f87591710723e1a6ff9353384e2ff)
Signed-off-by: Andrei Dan <andrei.dan@elastic.co>
2020-10-16 09:06:08 +01:00
Tanguy Leroux 7ea44d20c3
Try to fix DiskThresholdDeciderIT (#63614) (#63721)
This is another attempt to fix #62326 as my previous 
attempts failed (#63112, #63385).
2020-10-16 09:20:54 +02:00
Jim Ferenczi 1d78bd0f72 Async search should retry updates on version conflict (#63652)
* Async search should retry updates on version conflict

The _async_search APIs can throw version conflict exception when the internal response
is updated concurrently. That can happen if the final response is written while the user
extends the expiration time. That scenario should be rare but it happened in Kibana for
several users so this change ensures that updates are retried at least 5 times. That
should resolve the transient errors for Kibana. This change also preserves the version
conflict exception in case the retry didn't work instead of returning a confusing 404.
This commit also ensures that we don't delete the response if the search was cancelled
internally and not deleted explicitly by the user.

Closes #63213
2020-10-16 08:49:02 +02:00
Albert Zaharovits f4e1e6893d Add view_index_metadata over metricbeat-* for monitoring agent (#63750)
The `remote_monitoring_agent` reserved role is extended to grant more privileges
over the metricbeat-* index pattern.
In addition to the index and create_index index privileges that it granted already,
it now also grants the view_index_metadata privilege.

Closes #63203
2020-10-16 02:13:55 +03:00
James Rodewig da84622764
[DOCS] Document `discovery.seed_hosts` only supports YAML sequences and arrays (#63746) (#63776) 2020-10-15 16:56:48 -04:00
Ryan Ernst d62981fb27
Remove opensuse 42 from vagrant tests (#63759)
Opensuse 42 has not worked in a while. The test image is unmaintained,
and cannot be launched. It was removed from CI packaging test runs, but
still remained in vagrant tests. This commit removes it from vagrant
tests.
2020-10-15 13:05:46 -07:00
Jay Modi ebdaeb2f9a
Ensure cancelled jobs do not continue to run (#63771)
This commit ensures that jobs within the SchedulerEngine do not
continue to run after they are cancelled. There was no synchronization
between the cancel method of an ActiveSchedule and the run method, so
an actively running schedule would go ahead and reschedule itself even
if the cancel method had been called.

This commit adds synchronization between cancelling and the scheduling
of the next run to ensure that the job is cancelled. In real life
scenarios this could manifest as a job running multiple times for
SLM. This could happen if a job had been triggered and was cancelled
prior to completing its run such as if the node was no longer the
master node or if SLM was stopping/stopped.

Closes #63754
Backport of #63762
2020-10-15 14:01:14 -06:00
Jay Modi 4d6daa6e40
Handle missing logstash index exceptions (#63753)
This commit updates the APIs in the logstash plugin to handle
IndexNotFoundExceptions that are returned by client calls. Until we
have the creation of this index in place, we need to handle this case
and not let the exception propagate out of the API.

Backport of #63698
2020-10-15 09:45:02 -06:00
Marios Trivyzas 1dbd3a90ae
EQL: [Tests] Use snapshot from 7.10
To be able to run the tests from 7.10 onwards use a snapshot created
with 7.10.

Follows: #63735
2020-10-15 17:28:52 +02:00
Bogdan Pintea 35f5c49e54
SQL: integer parameter validation in string functions (#63338) (#63728)
* SQL: integer parameter validation in string functions (#58923)

In insert, locate, substring function, when argument `start` or `length` is greater than Integer.MAX_INT OR less then Integer.MIN_INT + 1 (note that `start` need to minus 1), it causes overflow and leads to unexpected results.

* Add range checks for BinaryStringNumericProcessors

- Add range checks for Left, Right, Repeat.
- Minor refactorings on initial PR changes.

Co-authored-by: yinanwu <yinanwu@tencent.com>
(cherry picked from commit bf6dc58b93529f977d035a846d083b1c31867694)

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
2020-10-15 16:00:48 +02:00
James Rodewig 41ee8df334
[DOCS] Clarifies the effect of per-field boosting (#63733) (#63744)
The original description of per-field boosting is incorrect. Boosting a
field does not imply that it is more important relative to other fields.
It simply means that the score is multiplied by the supplied boost
value. Due to the differences in each field's term and document
statistics, it's not possible to imply relative importance of fields
based on the per-field boost value alone.

Co-authored-by: Josh Devins <josh.devins@elastic.co>
2020-10-15 09:46:36 -04:00
Marios Trivyzas 095f979060
EQL: [Tests] Add correctness integration tests (#63644) (#63735)
Add a new gradle module under eql/qa which runs and validates a set of
queries over a 4m event dataset (restored from a snapshot residing in a
gcs bucket). The results are providing by running the exact set of queries
with Python EQL against the same dataset.

Co-authored-by: Marios Trivyzas <matriv@users.noreply.github.com>
(cherry picked from commit 1cf789e5fcfb0f364f665bfaac021e24a4c2f556)

Co-authored-by: Mark Vieira <portugee@gmail.com>
2020-10-15 15:28:26 +02:00
James Rodewig eb3ae9a204
[DOCS] Replace xref with external link (#63736) 2020-10-15 08:47:04 -04:00
Costin Leau 06eae58d40 EQL: Fix translation of bool fields (#63694)
This commit fixes two issues in dealing with bool fields in EQL:
- avoid simplifications of field == true expressions
- adding comparison to clauses on fields missing logic (where bool)

Fix #63693

(cherry picked from commit d10a5d0e842bbd4e0031834de948ceb24da3872b)
(cherry picked from commit 0227da3a275c7f22ff524d99d53e1a79146f9e28)
2020-10-15 14:38:31 +03:00
Andrei Dan 2cc0ccb110
Docs: sync breaking changes from release notes (#63479)
This syncs breaking changes from release notes

Co-authored-by: Lisa Cawley <lcawley@elastic.co>
Co-authored-by: James Rodewig <40268737+jrodewig@users.noreply.github.com>
2020-10-15 08:45:26 +01:00
Andrei Dan e011d0328b
Add release notes for 7.10.0 (#63460)
This adds the release notes for 7.10.0

Co-authored-by: David Roberts <dave.roberts@elastic.co>
Co-authored-by: James Rodewig <40268737+jrodewig@users.noreply.github.com>
Co-authored-by: lcawl <lcawley@elastic.co>
2020-10-15 08:38:43 +01:00
Hendrik Muhs 65ef399563 [Transform] increase timeout in testStopWaitForCheckpoint (#63657)
increase the overall timeout by increasing the wait time after every retry.

fixes #63365
2020-10-15 08:51:33 +02:00
Jay Modi 822fea9889
Fix threadpool setting test for system_write (#63706)
This commit fixes the UpdateThreadPoolSettingsTests to be aware of the
hard limit on the maximum size of the system_write executor. This
executor has a hard limit that matches the write executor, which is
the number of allocated processors.

Closes #63131
Backport #63700
2020-10-14 14:57:43 -06:00
Christoph Büscher fe75bf5cf3 [Docs] Correct default scroll_size for update by query (#63656)
The current _update_by_query documentation mentions a scroll_size default of 100 and later another default of 1000.
We use the default of 1000 defined in AbstractBulkByScrollRequest and this PR changes the documentation accordingly.

Closes #63637
2020-10-14 16:43:36 +02:00
James Rodewig bd7633482b
[DOCS] EQL: Remove `match` fn (#63271) (#63677) 2020-10-14 10:13:00 -04:00
James Rodewig 5fc25442c4 [DOCS] Reword EQL intro 2020-10-14 10:03:21 -04:00
James Rodewig ac2b668016
[DOCS] Fix AbstractDiffable typo (#59034) (#63668)
Co-authored-by: Howard <danielhuang@tencent.com>
2020-10-14 09:56:56 -04:00
James Rodewig f9adb36d7d
[DOCS] Update `ignore_unavailable` default for EQL search API (#63210) (#63674) 2020-10-14 09:56:46 -04:00
James Rodewig 5de05ba69c
[DOCS] EQL: Add `:` operator, remove wildcard operator (#63195) (#63666) 2020-10-14 09:31:20 -04:00
James Rodewig e4b4351a43
[DOCS] EQL: Remove Endgame EQL refs (#63636) (#63664) 2020-10-14 08:48:56 -04:00
Albert Zaharovits 2b7fbe9957 Add the missing apikey.* fields to the logfile audit layout for docker builds (#63609)
The layout pattern for the security audit for docker builds was missing the apiKey.* fields.
2020-10-14 13:58:41 +03:00
Tanguy Leroux 57b5715bf7
Add CCR repository test for snapshot shard size (#63649)
Following #61906 this commit adds two new integration tests
that verifies the sizes of snapshotted shards for CCR repositories.

Backport of #63590
2020-10-14 12:51:42 +02:00
Armin Braun 424b313784
Adapt Shard Generation Assertion for 7.x (#63625) (#63642)
In 7.x we can have `null` generations so we need to adjust the `assert`
accordingly.
See e.g. failure https://gradle-enterprise.elastic.co/s/dgypleytdotfu/tests/:server:internalClusterTest/org.elasticsearch.snapshots.ConcurrentSnapshotsIT/testConcurrentSnapshotWorksWithOldVersionRepo
2020-10-14 06:57:25 +02:00
Ryland Herrick 7e8769a666
EQL: make allow_no_indices true by default (#63573) (#63645)
* Allow all indices options variants
Irrespective of allow_no_indices value, throw VerificationException when
there is no index validated

Co-authored-by: Andrei Stefan <astefan@users.noreply.github.com>
2020-10-14 03:41:04 +03:00
Nhat Nguyen 9015b50e1b
Check docs limit before indexing on primary (#63273)
Today indexing to a shard with 2147483519 documents will fail that
shard. We should check the number of documents and reject the write
requests instead.

Closes #51136
2020-10-13 17:39:08 -04:00
James Rodewig 8455cf8ff0 [DOCS] Remove unneeded word in EQL docs 2020-10-13 13:57:41 -04:00
James Rodewig 086df0636e
[DOCS] EQL: Document multi-value field support (#63622) (#63633) 2020-10-13 12:44:48 -04:00
Lee Hinman 7371e51583
[7.10] Add DiscoveryNodeRole compatibility role for bwc tier serialization (#63581) (#63613)
Backports the following commits to 7.10:

    Add DiscoveryNodeRole compatibility role for bwc tier serialization (#63581)
2020-10-13 09:17:15 -06:00
Andras Palinkas f9c8ae5f77 SQL: Improve parser error message for `ESCAPE` (#63616)
Mentions the list of wildchars in case a wildchar is used as an
`ESCAPE` character.

Relates #63428

(cherry picked from commit 74cbcf871e9593b3640e382ae6845168fd14966b)
2020-10-13 10:47:06 -04:00