Merge branch 'master' of github.com:elastic/kibana into es_ui_shared/…

…chore/put-all-xjson-together

* 'master' of github.com:elastic/kibana:
  [EPM] Update UI copy to use `integration` (elastic#63077)
  [NP] Inline buildPointSeriesData and buildHierarchicalData dependencies (elastic#61575)
  [Maps] create NOT EXISTS filter for tooltip property with no value (elastic#62849)
  [Endpoint] Add link to Logs UI to the Host Details view (elastic#62852)
  [UI COPY] Fixes typo in max_shingle_size for search_as_you_type (elastic#63071)
  [APM] docs: add alerting examples for APM (elastic#62864)
  [EPM] Change PACKAGES_SAVED_OBJECT_TYPE id (elastic#62818)
  docs: fix rendering of bulleted list (elastic#62855)
  Exposed AddMessageVariables as separate component (elastic#63007)
  Add Data - Adding cloud reset password link to cloud instructions (elastic#62835)
  [ML] DF Analytics:  update memory estimate after adding exclude fields (elastic#62850)
  [Table Vis] Fix visualization overflow (elastic#62630)
  [Endpoint][EPM] Endpoint depending on ingest manager to initialize (elastic#62871)
  [Remote clusters] Fix flaky jest tests (elastic#58768)
  [Discover] Hide time picker when an indexpattern without timefield is selected (elastic#62134)
  Move search source parsing and serializing to data (elastic#59919)
  [ML] Functional tests - stabilize typing in mml input (elastic#63091)
  [data.search.aggs]: Clean up TimeBuckets implementation (elastic#62123)
  [ML] Functional transform tests - stabilize source selection (elastic#63087)
  add embed flag to saved object url as well (elastic#62926)

# Conflicts:
#	x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/es_index.tsx

.github/CODEOWNERS

@@ -202,7 +202,8 @@
 # Endpoint
 /x-pack/plugins/endpoint/ @elastic/endpoint-app-team
 /x-pack/test/api_integration/apis/endpoint/ @elastic/endpoint-app-team
-/x-pack/test/functional/apps/endpoint/ @elastic/endpoint-app-team
+/x-pack/test/functional_endpoint/ @elastic/endpoint-app-team
+/x-pack/test/functional_endpoint_ingest_failure/ @elastic/endpoint-app-team
 /x-pack/test/functional/es_archives/endpoint/ @elastic/endpoint-app-team
 
 # SIEM

docs/apm/apm-alerts.asciidoc

@@ -0,0 +1,97 @@
+[role="xpack"]
+[[apm-alerts]]
+=== Create an alert
+
+beta::[]
+
+The APM app is integrated with Kibana's {kibana-ref}/alerting-getting-started.html[alerting and actions] feature.
+It provides a set of built-in **actions** and APM specific threshold **alerts** for you to use,
+and allows all alerts to be centrally managed from <<management,Kibana Management>>.
+
+[role="screenshot"]
+image::apm/images/apm-alert.png[Create an alert in the APM app]
+
+There are two different types of threshold alerts: transaction duration, and error rate.
+Below, we'll create one of each.
+
+[float]
+[[apm-create-transaction-alert]]
+=== Create a transaction duration alert
+
+This guide creates an alert for the `opbeans-java` service based on the following criteria:
+
+* Transaction type: `transaction.type:request`
+* Average request is above `1500ms` for the last 5 minutes
+* Check every 10 minutes, and repeat the alert every 30 minutes
+* Send the alert via Slack
+
+From the APM app, navigate to the `opbeans-java` service and select
+**Alerts** > **Create threshold alert** > **Transaction duration**.
+
+The name of your alert will automatically be set as `Transaction duration | opbeans-java`,
+and the alert will be tagged with `apm` and `service.name:opbeans-java`.
+Feel free to edit either of these defaults.
+
+Based on the alert criteria, define the following alert details:
+
+* **Check every** - `10 minutes`
+* **Notify every** - `30 minutes`
+* **TYPE** - `request`
+* **WHEN** - `avg`
+* **IS ABOVE** - `1500ms`
+* **FOR THE LAST** - `5 minutes`
+
+Select an action type.
+Multiple action types can be selected, but in this example we want to post to a slack channel.
+Select **Slack** > **Create a connector**.
+Enter a name for the connector,
+and paste the webhook URL.
+See Slack's webhook documentation if you need to create one.
+
+Select **Save**. The alert has been created and is now active!
+
+[float]
+[[apm-create-error-alert]]
+=== Create an error rate alert
+
+This guide creates an alert for the `opbeans-python` service based on the following criteria:
+
+* Error rate is above 25 for the last minute
+* Check every 1 minute, and repeat the alert every 10 minutes
+* Send the alert via email to the `opbeans-python` team
+
+From the APM app, navigate to the `opbeans-python` service and select
+**Alerts** > **Create threshold alert** > **Error rate**.
+
+The name of your alert will automatically be set as `Error rate | opbeans-python`,
+and the alert will be tagged with `apm` and `service.name:opbeans-python`.
+Feel free to edit either of these defaults.
+
+Based on the alert criteria, define the following alert details:
+
+* **Check every** - `1 minute`
+* **Notify every** - `10 minutes`
+* **IS ABOVE** - `25 errors`
+* **FOR THE LAST** - `1 minute`
+
+Select the **Email** action type and click **Create a connector**.
+Fill out the required details: sender, host, port, etc., and click **save**.
+
+Select **Save**. The alert has been created and is now active!
+
+[float]
+[[apm-alert-manage]]
+=== Manage alerts and actions
+
+From the APM app, select **Alerts** > **View active alerts** to be taken to the Kibana alerts and actions management page.
+From this page, you can create, edit, disable, mute, and delete alerts, and create, edit, and disable connectors.
+
+[float]
+[[apm-alert-more-info]]
+=== More information
+
+See {kibana-ref}/alerting-getting-started.html[alerting and actions] for more information.
+
+NOTE: If you are using an **on-premise** Elastic Stack deployment with security,
+TLS must be configured for communication between Elasticsearch and Kibana.
+More information is in the alerting {kibana-ref}/alerting-getting-started.html#alerting-setup-prerequisites[prerequisites].

docs/apm/using-the-apm-ui.asciidoc

@@ -15,6 +15,7 @@ APM is available via the navigation sidebar in {Kib}.
 * <<spans>>
 * <<errors>>
 * <<metrics>>
+* <<apm-alerts>>
 * <<machine-learning-integration>>
 * <<agent-configuration>>
 * <<advanced-queries>>
@@ -37,6 +38,8 @@ include::errors.asciidoc[]
 
 include::metrics.asciidoc[]
 
+include::apm-alerts.asciidoc[]
+
 include::agent-configuration.asciidoc[]
 
 include::custom-links.asciidoc[]

docs/development/plugins/data/public/kibana-plugin-plugins-data-public.createsearchsource.md

@@ -0,0 +1,15 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [kibana-plugin-plugins-data-public](./kibana-plugin-plugins-data-public.md) &gt; [createSearchSource](./kibana-plugin-plugins-data-public.createsearchsource.md)
+
+## createSearchSource variable
+
+Deserializes a json string and a set of referenced objects to a `SearchSource` instance. Use this method to re-create the search source serialized using `searchSource.serialize`<!-- -->.
+
+This function is a factory function that returns the actual utility when calling it with the required service dependency (index patterns contract). A pre-wired version is also exposed in the start contract of the data plugin as part of the search service
+
+<b>Signature:</b>
+
+```typescript
+createSearchSource: (indexPatterns: Pick<import("../../index_patterns/index_patterns").IndexPatternsService, "get" | "clearCache" | "getFieldsForTimePattern" | "getFieldsForWildcard" | "getIds" | "getTitles" | "getFields" | "getCache" | "getDefault" | "make">) => (searchSourceJson: string, references: SavedObjectReference[]) => Promise<SearchSource>
+```

docs/development/plugins/data/public/kibana-plugin-plugins-data-public.md

@@ -102,6 +102,7 @@
 |  [castEsToKbnFieldTypeName](./kibana-plugin-plugins-data-public.castestokbnfieldtypename.md) | Get the KbnFieldType name for an esType string |
 |  [connectToQueryState](./kibana-plugin-plugins-data-public.connecttoquerystate.md) | Helper to setup two-way syncing of global data and a state container |
 |  [createSavedQueryService](./kibana-plugin-plugins-data-public.createsavedqueryservice.md) |  |
+|  [createSearchSource](./kibana-plugin-plugins-data-public.createsearchsource.md) | Deserializes a json string and a set of referenced objects to a <code>SearchSource</code> instance. Use this method to re-create the search source serialized using <code>searchSource.serialize</code>.<!-- -->This function is a factory function that returns the actual utility when calling it with the required service dependency (index patterns contract). A pre-wired version is also exposed in the start contract of the data plugin as part of the search service |
 |  [ES\_SEARCH\_STRATEGY](./kibana-plugin-plugins-data-public.es_search_strategy.md) |  |
 |  [esFilters](./kibana-plugin-plugins-data-public.esfilters.md) |  |
 |  [esKuery](./kibana-plugin-plugins-data-public.eskuery.md) |  |

docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.md

@@ -38,6 +38,7 @@ export declare class SearchSource
 |  [getParent()](./kibana-plugin-plugins-data-public.searchsource.getparent.md) |  | Get the parent of this SearchSource  {<!-- -->undefined\|searchSource<!-- -->} |
 |  [getSearchRequestBody()](./kibana-plugin-plugins-data-public.searchsource.getsearchrequestbody.md) |  |  |
 |  [onRequestStart(handler)](./kibana-plugin-plugins-data-public.searchsource.onrequeststart.md) |  | Add a handler that will be notified whenever requests start |
+|  [serialize()](./kibana-plugin-plugins-data-public.searchsource.serialize.md) |  | Serializes the instance to a JSON string and a set of referenced objects. Use this method to get a representation of the search source which can be stored in a saved object.<!-- -->The references returned by this function can be mixed with other references in the same object, however make sure there are no name-collisions. The references will be named <code>kibanaSavedObjectMeta.searchSourceJSON.index</code> and <code>kibanaSavedObjectMeta.searchSourceJSON.filter[&lt;number&gt;].meta.index</code>.<!-- -->Using <code>createSearchSource</code>, the instance can be re-created. |
 |  [setField(field, value)](./kibana-plugin-plugins-data-public.searchsource.setfield.md) |  |  |
 |  [setFields(newFields)](./kibana-plugin-plugins-data-public.searchsource.setfields.md) |  |  |
 |  [setParent(parent, options)](./kibana-plugin-plugins-data-public.searchsource.setparent.md) |  | Set a searchSource that this source should inherit from |

docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.serialize.md

@@ -0,0 +1,27 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [kibana-plugin-plugins-data-public](./kibana-plugin-plugins-data-public.md) &gt; [SearchSource](./kibana-plugin-plugins-data-public.searchsource.md) &gt; [serialize](./kibana-plugin-plugins-data-public.searchsource.serialize.md)
+
+## SearchSource.serialize() method
+
+Serializes the instance to a JSON string and a set of referenced objects. Use this method to get a representation of the search source which can be stored in a saved object.
+
+The references returned by this function can be mixed with other references in the same object, however make sure there are no name-collisions. The references will be named `kibanaSavedObjectMeta.searchSourceJSON.index` and `kibanaSavedObjectMeta.searchSourceJSON.filter[<number>].meta.index`<!-- -->.
+
+Using `createSearchSource`<!-- -->, the instance can be re-created.
+
+<b>Signature:</b>
+
+```typescript
+serialize(): {
+        searchSourceJSON: string;
+        references: SavedObjectReference[];
+    };
+```
+<b>Returns:</b>
+
+`{
+        searchSourceJSON: string;
+        references: SavedObjectReference[];
+    }`
+

docs/user/alerting/index.asciidoc

@@ -163,7 +163,8 @@ If you are using an *on-premises* Elastic Stack deployment with <<using-kibana-w
 [[alerting-security]]
 == Security
 
-To access alerting in a space, a user must have access to one of the following features: 
+To access alerting in a space, a user must have access to one of the following features:
+
 * <<xpack-apm,*APM*>>
 * <<xpack-infra,*Metrics*>>
 * <<xpack-siem,*SIEM*>>

src/legacy/core_plugins/kibana/public/discover/build_services.ts

@@ -72,6 +72,7 @@ export async function buildServices(
   const services = {
     savedObjectsClient: core.savedObjects.client,
     indexPatterns: plugins.data.indexPatterns,
+    search: plugins.data.search,
     chrome: core.chrome,
     overlays: core.overlays,
   };

src/legacy/core_plugins/kibana/public/discover/kibana_services.ts

@@ -76,5 +76,3 @@ export {
   EsQuerySortValue,
   SortDirection,
 } from '../../../../../plugins/data/public';
-// @ts-ignore
-export { buildPointSeriesData } from 'ui/agg_response/point_series/point_series';

src/legacy/core_plugins/kibana/public/discover/np_ready/angular/directives/histogram.tsx

@@ -46,9 +46,10 @@ import { IUiSettingsClient } from 'kibana/public';
 import { EuiChartThemeType } from '@elastic/eui/dist/eui_charts_theme';
 import { Subscription } from 'rxjs';
 import { getServices } from '../../../kibana_services';
+import { Chart as IChart } from '../helpers/point_series';
 
 export interface DiscoverHistogramProps {
-  chartData: any;
+  chartData: IChart;
   timefilterUpdateHandler: (ranges: { from: number; to: number }) => void;
 }
 
@@ -163,7 +164,7 @@ export class DiscoverHistogram extends Component<DiscoverHistogramProps, Discove
   };
 
   public formatXValue = (val: string) => {
-    const xAxisFormat = this.props.chartData.xAxisFormat.params.pattern;
+    const xAxisFormat = this.props.chartData.xAxisFormat.params!.pattern;
 
     return moment(val).format(xAxisFormat);
   };
@@ -208,18 +209,19 @@ export class DiscoverHistogram extends Component<DiscoverHistogramProps, Discove
     const { chartData } = this.props;
     const { chartsTheme } = this.state;
 
-    if (!chartData || !chartData.series[0]) {
+    if (!chartData) {
       return null;
     }
 
-    const data = chartData.series[0].values;
+    const data = chartData.values;
 
     /**
      * Deprecation: [interval] on [date_histogram] is deprecated, use [fixed_interval] or [calendar_interval].
      * see https://github.com/elastic/kibana/issues/27410
      * TODO: Once the Discover query has been update, we should change the below to use the new field
      */
-    const { intervalESValue, intervalESUnit, interval: xInterval } = chartData.ordered;
+    const { intervalESValue, intervalESUnit, interval } = chartData.ordered;
+    const xInterval = interval.asMilliseconds();
 
     const xValues = chartData.xAxisOrderedValues;
     const lastXValue = xValues[xValues.length - 1];
@@ -228,7 +230,7 @@ export class DiscoverHistogram extends Component<DiscoverHistogramProps, Discove
     const domainStart = domain.min.valueOf();
     const domainEnd = domain.max.valueOf();
 
-    const domainMin = data[0].x > domainStart ? domainStart : data[0].x;
+    const domainMin = data[0]?.x > domainStart ? domainStart : data[0]?.x;
     const domainMax = domainEnd - xInterval > lastXValue ? domainEnd - xInterval : lastXValue;
 
     const xDomain = {

src/legacy/core_plugins/kibana/public/discover/np_ready/angular/discover.html

@@ -11,7 +11,7 @@ <h1 class="euiScreenReaderOnly">{{screenTitle}}</h1>
     query="state.query"
     saved-query-id="state.savedQuery"
     screen-title="screenTitle"
-    show-date-picker="enableTimeRangeSelector"
+    show-date-picker="indexPattern.isTimeBased()"
     show-save-query="showSaveQuery"
     show-search-bar="true"
     use-default-behaviors="true"

src/legacy/core_plugins/kibana/public/discover/np_ready/angular/helpers/point_series.ts

@@ -0,0 +1,111 @@
+/*
+ * Licensed to Elasticsearch B.V. under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch B.V. licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import { uniq } from 'lodash';
+import { Duration, Moment } from 'moment';
+import { Unit } from '@elastic/datemath';
+
+import { SerializedFieldFormat } from '../../../../../../../../plugins/expressions/common/types';
+
+export interface Column {
+  id: string;
+  name: string;
+}
+
+export interface Row {
+  [key: string]: number | 'NaN';
+}
+
+export interface Table {
+  columns: Column[];
+  rows: Row[];
+}
+
+interface HistogramParams {
+  date: true;
+  interval: Duration;
+  intervalESValue: number;
+  intervalESUnit: Unit;
+  format: string;
+  bounds: {
+    min: Moment;
+    max: Moment;
+  };
+}
+export interface Dimension {
+  accessor: 0 | 1;
+  format: SerializedFieldFormat<{ pattern: string }>;
+}
+
+export interface Dimensions {
+  x: Dimension & { params: HistogramParams };
+  y: Dimension;
+}
+
+interface Ordered {
+  date: true;
+  interval: Duration;
+  intervalESUnit: string;
+  intervalESValue: number;
+  min: Moment;
+  max: Moment;
+}
+export interface Chart {
+  values: Array<{
+    x: number;
+    y: number;
+  }>;
+  xAxisOrderedValues: number[];
+  xAxisFormat: Dimension['format'];
+  xAxisLabel: Column['name'];
+  yAxisLabel?: Column['name'];
+  ordered: Ordered;
+}
+
+export const buildPointSeriesData = (table: Table, dimensions: Dimensions) => {
+  const { x, y } = dimensions;
+  const xAccessor = table.columns[x.accessor].id;
+  const yAccessor = table.columns[y.accessor].id;
+  const chart = {} as Chart;
+
+  chart.xAxisOrderedValues = uniq(table.rows.map(r => r[xAccessor] as number));
+  chart.xAxisFormat = x.format;
+  chart.xAxisLabel = table.columns[x.accessor].name;
+
+  const { intervalESUnit, intervalESValue, interval, bounds } = x.params;
+  chart.ordered = {
+    date: true,
+    interval,
+    intervalESUnit,
+    intervalESValue,
+    min: bounds.min,
+    max: bounds.max,
+  };
+
+  chart.yAxisLabel = table.columns[y.accessor].name;
+
+  chart.values = table.rows
+    .filter(row => row && row[yAccessor] !== 'NaN')
+    .map(row => ({
+      x: row[xAccessor] as number,
+      y: row[yAccessor] as number,
+    }));
+
+  return chart;
+};

src/legacy/core_plugins/kibana/public/discover/np_ready/angular/response_handler.js

@@ -17,7 +17,8 @@
  * under the License.
  */
 
-import { buildPointSeriesData, getServices } from '../../kibana_services';
+import { getServices } from '../../kibana_services';
+import { buildPointSeriesData } from './helpers';
 
 function tableResponseHandler(table, dimensions) {
   const converted = { tables: [] };