Release Notes - Kibana 7.7.0 - 《Kibana v7.9 Guide》

Kibana 7.7.0

Kibana 7.7.0

See breaking changes in 7.7.

Security updates

In 7.7.0 to 7.6.2, the Upgrade Assistant contains a prototype pollution flaw. An authenticated attacker with privileges to write to the Kibana index can insert data that could cause Kibana to execute arbitrary code. This could lead to an attacker executing code with the permissions of the Kibana process on the host system, CVE-2020-7012.

By default, the Upgrade Assistant flaw is mitigated in all Kibana instances accessed through Elasticsearch Service.

For all other installations, you must upgrade to 7.7.0. If you are unable to upgrade, set xpack.upgrade_assistant_enabled:false in your kibana.yml file to disable the Upgrade Assistant.
In 7.7.0 and earlier, TSVB contains a prototype pollution flaw. Authenticated attackers with privileges to create TSVB visualizations can insert data that could cause Kibana to execute arbitrary code. This could lead to an attacker executing code with the permissions of the Kibana process on the host system, CVE-2020-7013.

By default, the Upgrade Assistant flaw is mitigated in all Kibana instances accessed through Elasticsearch Service.

For all other installations, you must upgrade to 7.7.0. If you are unable to upgrade, set metrics.enabled:false in your kibana.yml file to disable TSVB.

Known issues

SIEM

When you deactivate an action within a rule, the rule fails #64870
When you add a timestamp to the PagerDuty action, the rule fails #64871

Management

Editing Saved Objects (eg. Dashboards) via the “Inspect” JSON editor in Management corrupts objects #66542

Configuration

The server.customResponseHeaders option prevents Kibana from starting if headers are set using a type other than string. To fix this, convert your boolean and number headers to strings. For example, use my-header: "true" instead of my-header: true. #66146

Enhancements

Alerting

Notifies user when security is enabled but TLS is not #60270
Displays warning when a permanent encryption key is missing and hides alerting UI appropriately #62772
Edits alert flyout #58964
Moves index params fields to connector config #60349
Adds the AlertDetails page #55671
License checks for actions plugin #59070

APM

Updates monospace font family variable #57555
Shows missing permissions message to the user on the Services overview #56374
Settings list page for managing custom actions #56853
Divides “Actions menu” into sections to improve readability #56623
Creates settings page to manage Custom Links #57788
Creates custom link from Trace summary #59648
Writes tests for the Custom Link API #60899
Threshold alerts #59566
Adds additional (java) options #59860
Sync badge #55113
Client.ip to metadata for RUM transactions #56546

Canvas

Adds Lens embeddables #57499
Switches to using EUI SuperDatePicker in time filter element #59249
Adds Visualize embeddable #60859
Adds argument to open all links in new tab within markdown element #57017
Updates esdocs datasource #59512
Improves expression autocomplete #52035

Dashboard

Use Elasticsearch _async_search instead of _search when it is available (excluding TSVB, Timelion, and Vega) https://github.com/elastic/kibana/pull/59224[#59224}
When queries run more than 10 seconds, show a pop-up to allow users to run the queries beyond the configured Elasticsearch query timeout or cancel the queries #60706
Dashboard/add panel flow #59918
Moves the “Create New” button in add panel flyout to the top to make it more visible to the user #56428

Lens and visualizations

Creates Lens filters on click with bar, line, area charts #57261
Allows number formatting within Lens #56253
Shows a warning when you have partially configured a visualization, such as a bar chart with only an X axis #58279
Improves suggestion logic when dragging fields into the chart #60687
Disallows duplicate percentiles #58299
EUICodeEditor for Visualize JSON #58679
Supports Histogram Data Type #59387
Median aggregation labels now show “Median” instead of “50th percentile of” in Visualize. Custom labels are also used #58521
Adds positive_rate as a new aggregation to TSVB #59843
Makes linked saved search work when user navigates back using browser back button #59690
Visualization editor UI has been updated to the new styles, consistent with the rest of the platform and a more logical left-to-right flow of creating content #49864

Logs

Uses the Super date picker in the log stream #54280
Adds expandable rows with category examples #54586
Shows navigation bar while loading source configuration #59997

Machine Learning

Processes delimited files like semi-structured text #56038
Supports multi-line JSON notation #58870
Validates manual model memory input #59056
Clones analytics job #59791
Uses a new ML endpoint to estimate a model memory #60376
Module setup with dynamic model memory estimation #60656
Adds text fields to datafeed start modal #55560
Categorization examples privilege check #57375
Adds filebeat config to file dataviz #58152
Global calendars #57890
Adds indices_options to datafeed #59119
Displays multi-class results in evaluate panel #60760
Adds support for date_nanos time field in anomaly job wizard #59017
Uses EuiDataGrid for outlier result page #58235
Supports multi-line JSON notation in advanced editor #58015
Adds support for percentiles aggregation to Transform wizard #60763
Adds clone feature to transforms list #57837
Uses EuiDataGrid for transform wizard #52510
Replaces KqlFilterBar with QueryStringInput #59723

Management

The Remote Clusters UI added support for enabling “proxy” mode when creating or editing a remote cluster #59221
Adds filter for ILM phase to Index Management #57402
Creates Painless Lab app #57538
Moves out of legacy #55331
Moves out of legacy and migrates server side to New Platform #55690
Updates Console progress bar #56628
Auto follow pause & resume #56615
Supports triple quoted JSON strings and Painless highlighting to Watcher and SearchProfiler #57563
Server-side batch reindexing #58598
Better handling of closed indices #58890
Advanced settings UI change to centralize save state #53693
The autocomplete in the dev console now supports many different types of Elasticsearch pipeline processors #60553

Maps

Improves Layer Style UI #58406
Shows field type icons in data driven styling field select #55166
Style icons by category #55747
Adds type icons to SingleFieldSelect component #56313
Disables style forms when they are not applied due to other style settings #55858
Autocompletes for custom color palettes and custom icon palettes #56446
Allows simultaneous opening of multiple tooltips #57226
Adds Top term aggregation #57875
Direct Discover “visualize” to open Maps application #58549
Top term percentage field property #59386
Adds UI to disable style meta and get top categories from current features #59707
Adds draw control to create distance filter #58163
Blended layer that switches between documents and clusters #57879
Default ES document layer scaling type to clusters and show scaling UI in the create wizard #60668
Disables add layer button when flyout is open #54932
Supports categorical styling for numbers and dates #57908

Metrics

Setup commonly used time ranges in timepicker #56701
Custom Metrics for Inventory View #58072
Alerting for metrics explorer and inventory #58779
Creates a new menu for observability links #54847
Creates Metric Threshold Alert Type and Executor #57606

Monitoring

Supports shipping directly to the monitoring cluster #57022

Platform

Improves validation in truncate field formatter editor #56521
Variable support for interpreter #54788

Reporting

Handles page setup errors and capture the page, don’t fail the job #58683
Adds the ability to search and delete historical reports in Management > Kibana > Reporting #60077

SIEM

Recent cases widget #60993
Adds custom reputation link #57814
Exports timeline #58368
Rule activity monitoring #60816
Removes has manage api keys requirement #62446
Adds release notes link and updates one UI section #60825
Adds rule notifications #59004
Version 7.7 rule import #61903
Creates ML Rules #58053
Case workflow api schema #51535
Service Now Kibana Action #53890
API with io-ts validation #59265
Status / Batch update #59856
Imports timeline #60880
Bug/clean up phase I #61354
Cases clean up Phase II #61750
Modifies gap detection util to accept all dateMath formats #56055
Adds note markdown field to backend #59796
Adds rule markdown field to rule create, detail, and edit flows #60108
Adds rule markdown to timeline global notes #61026
ServiceNow executor #58894
ServiceNow action improvements #60052

Security

Uses links instead of click handlers when switching spaces #57730
Introduce a login selector screen when multiple auth providers are enabled #53010
Warn when using deprecated roles #57209
Support for subfeature privileges #60563

Telemetry

Application Usage implemented in @kbn/analytics #58401
Server-side Migration to NP #60485
Use EuiTokens for ES field types #57911
Adds 7 day metrics to Application Usage telemetry #59846

Uptime

Adds Settings Page #53550
Adds Alerting UI #57919
Adds configurable page size to monitor list #60573
Adds Green Icon for all up Monitors #56770
Implements drag and select on charts #57089
Fix/filter group autocomplete #57686
Ml detection of duration anomalies #59785

Bug fixes

Alerting

Retains empty AlertsList when filter has removed all items #60501
Fixes alert threshold line disappears #61499
Cleanup action task params objects after successful execution #55227
Disables action plugin functionality when ESO plugin is using an ephemeral encryption key #56906
Makes slack param validation handle empty messages #60468
Makes user and password secrets optional #56823

APM

Changes “url” to “urls” in APM agent instructions #60790
Uses ES Permission API to check if a user has permissions to read from APM indices #57311
Filters are not prefilled when the custom link flyout is opened from a transaction page #61650
.apm-agent-configuration is not created if Kibana is started while ES is not ready #61610
Don’t include UI filters when fetching a specific transaction #57934
Uses docLinks API for APM doc links #61880
Updates APM index pattern #61265

Canvas

Toggles footer editable controls when you turn off edit mode #52786 #58044
Fixes map embeddables not showing up on PDF reports #61149
Limits rows in debug element #60804

Dashboard

Puts embed param into short url instead of behind it #58846
Allows markdown in error embeddable #62427

Discover

Removes flickering when opening filter bar popover #56222
Retains pinned filters when loading and clearing saved queries #54307

Graph

Specifies valid licenses for the Graph feature #55911
Improves graph missing workspace error message #58876

Lens and visualizations

Filters out pinned filters from saved object of Lens #57197
Adds using queries/filters for field existence endpoint #59033
Fixes display single bar in XYChart Bar Vis #61452
Resetting a layer generates new suggestions #60674
Fixes disabled switches in the editor #62911
Fixes broken Handlebar documentation links #55866
Shows timepicker in Timelion and TSVB #58857
Makes Vega remove filter work #58871
Makes d3 place nicely with object values #62004
Fixes position calculation of ticks in non-horizontal axes #62309

Logs

Correctly update the expanded log rate table rows #60306

Machine Learning

Handles Empty Partition Field Values in Single Metric Viewer #61649
Fixes job wizard model memory limit warnings #62331
Files data viz fix index pattern warning after index change #57807
Uses real datafeed ID for datafeed preview #60275
Disables start trial option when license management ui is disabled #60987
Fixes jobs list filter in url #61822
Fixes job ID in edit job flyout #61840
Fixes reporting of http request errors #61811
Ensures confusion matrix label column is correct #60308
Ensures column in correct position after reselect #61342
Ensures query bar syntax errors are shown #61333
Ensures job state is up to date #61678
Increases number of items that can be paged in calendars and filters lists #61842
Uses index pattern field format if one exists #61709
Ensures filter works as expected #62041
Ensures destination index pattern created #62450
Fixes page heading structure #56741
Fixes handling of index pattern with special characters #59884
Fixes to error handling for analytics jobs and file data viz #60249
Fixes Anomaly Explorer swimlane label and chart tooltips #61327
Prevents training_percent of 0 for analytics job #61789
Removes duplicate page main landmarks #56883
Fixes license check #58343
Clears Kibana index pattern cache on creation or form reset #62184

Management

Adds support for additional watch action statuses #55092
Fixes the Upgrade Assistant where the reindexing of an index was incorrectly marked as “Done”, when it still required to be reindexed. This scenario could occur if a user reindexed an index, deleted it, then restored a snapshot of the index of an older version #60789
Fixes several invalid documentation links in the Snapshot and Restore UI #61331
Fixes for console error handling and loading of autocomplete #58587
Fixes a bug that caused Grokdebugger simulation to break in non-Default Kibana spaces #61423
Fixes an issue where Console would not render the request output if localStorage quota was reached #62424
Fixes a bug with Console’s Copy As cURL functionality that would not properly escape single quotes in JSON string values which created issues with copying SQL queries from Console to cURL #63229
System index templates can’t be edited #55229
Not possible to edit a watch that was created with the API if the ID contains a dot #59383
Fixes console a11y failures #57520

Maps

Do not show border color for icon in legend when border width is zero #57501
Uses blended layer when linking discover to maps #61467
Fixes tooltip overflow #61564
Cleans up unsaved state check #61705
Fixes regression in loading left join fields #63325
Fixes cross origin error for icon spritesheets when Kibana secured via OAuth proxy #53896
Correctly open layer settings from add layer wizard #48971

Metrics

Limits group by selector to only 2 fields #56800
Uses CPU Usage limits for Kubernetes pods when available #58424
Fixes toolbar popover for metrics table row #56796

Monitoring

Handles setup mode if security is disabled #53306
Protects against no monitoring data near end of time series #61273
Adds new config for logging index name #56920

Platform

Rollup index pattern error: must match one rollup index #56732
In scripted fields, unable to switch the Type #59285
Duplicates query filters in es request #60106
Bugfix dashboard unpins filters #62301
Fixes plugin enabled config options #60998
Fixes tabifyAggResponse #61214
Fixes parse interval #62267
Avoid app not found flickering while awaiting for mount #56483
Creates empty string filters when value not specified #57442
Range aggregations now use the field formatter from the index pattern, instead of no formatter #58651

Reporting

Fixes error handling for job handler in route #60161

Security

Handling a 404 when the space’s telemetry collector runs #55921

SIEM

Allows Import timeline for authorised users #61438
Imports timeline schema update #61622
Fixes bug with timeline templates not working #60476
Fixes export of single rule and the icons #62394
Updates process and TLS tables to use ECS 1.5 fields #60854

Telemetry

Fixes bug introduced in #55859 #57441
UI Metrics use findAll to retrieve all Saved Objects #59891

Uptime

Updates heartbeat index name for 7.7 #62172
Shows only total in snapshot heading #58376
Fixes PingList pagination #61481
Fixes es query function null reference errors #61465
Fixes issue with Kibana Icon in Uptime App #56837
Adds tests for pages #56736

Deprecations

Monitoring

Changes all configs to monitoring.* #54919, #56215

Platform

Migrates Vega and Graph configs to new platform #57011

Kibana 7.7.0

Kibana 7.7.0

Security updates

Known issues

Enhancements

Bug fixes

Deprecations

Most Popular