diff --git a/docs/images/apm-settings.png b/docs/images/apm-settings.png deleted file mode 100644 index f3adae184348f..0000000000000 Binary files a/docs/images/apm-settings.png and /dev/null differ diff --git a/docs/reference/cloud/elastic-cloud-kibana-settings.md b/docs/reference/cloud/elastic-cloud-kibana-settings.md index 8c725b7cd76a7..3041ef812d53a 100644 --- a/docs/reference/cloud/elastic-cloud-kibana-settings.md +++ b/docs/reference/cloud/elastic-cloud-kibana-settings.md @@ -5,289 +5,8 @@ mapped_pages: # Elastic Cloud Kibana settings [ec-manage-kibana-settings] -Elasticsearch Service supports most of the standard Kibana and X-Pack settings. Through a YAML editor in the console, you can append Kibana properties to the `kibana.yml` file. Your changes to the configuration file are read on startup. - -::::{important} -Be aware that some settings that could break your cluster if set incorrectly and that the syntax might change between major versions. Before upgrading, be sure to review the full list of the [latest Kibana settings and syntax](/reference/configuration-reference/general-settings.md). -:::: - - -To change Kibana settings: - -1. Log in to the [Elasticsearch Service Console](https://cloud.elastic.co?page=docs&placement=docs-body). -2. Find your deployment on the home page in the Elasticsearch Service card and select **Manage** to access it directly. Or, select **Hosted deployments** to go to the deployments page to view all of your deployments. - - On the deployments page you can narrow your deployments by name, ID, or choose from several other filters. To customize your view, use a combination of filters, or change the format from a grid to a list. - -3. From your deployment menu, go to the **Edit** page. -4. In the **Kibana** section, select **Edit user settings**. (For deployments with existing user settings, you may have to expand the **Edit kibana.yml** caret instead.) -5. Update the user settings. -6. Select **Save changes**. - -Saving your changes initiates a configuration plan change that restarts Kibana automatically for you. - -::::{note} -If a setting is not supported by Elasticsearch Service, you will get an error message when you try to save. -:::: - - ## Supported Kibana settings [ec-kibana-config] -### Version 8.12.0+ [ec_version_8_12_0] - -`xpack.reporting.csv.maxConcurrentShardRequests` -: Sets the maximum number of concurrent shard requests that each sub-search request executes per node during Kibana CSV export. Defaults to `5`. - - -### Version 8.11.0+ [ec_version_8_11_0] - -`xpack.action.queued.max` -: Specifies the maximum number of actions that can be queued. Defaults to `1000000`. - - -### Version 8.9.0+ [ec_version_8_9_0] - -`xpack.fleet.createArtifactsBulkBatchSize` -: Allow to configure batch size for creating and updating Fleet user artifacts. Examples include creation of Trusted Applications and Endpoint Exceptions in Security. To learn more, check [Fleet settings in Kibana](/reference/configuration-reference/fleet-settings.md). - -`xpack.securitySolution.maxUploadResponseActionFileBytes` -: Allow to configure the max file upload size for use with the Upload File Repsonse action available with the Defend Integration. To learn more, check [Endpoint Response actions](docs-content://solutions/security/endpoint-response-actions.md). - - -### Version 8.7.0+ [ec_version_8_7_0] - -`xpack.security.session.concurrentSessions.maxSessions` -: Set the maximum number of sessions each user is allowed to have active in {{kib}}. By default, no limit is applied. If set, the value of this option should be an integer between 1 and 1000. When the limit is exceeded, the oldest session is automatically invalidated. To learn more, check [Session management](docs-content://deploy-manage/security/kibana-session-management.md#session-max-sessions). - -`server.securityResponseHeaders.crossOriginOpenerPolicy` -: Controls whether the [`Cross-Origin-Opener-Policy`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy) header is used in all responses to the client from the Kibana server. To learn more, see [Configure Kibana](/reference/configuration-reference/general-settings.md#server-securityResponseHeaders-crossOriginOpenerPolicy). - - -### Version 8.6.0+ [ec_version_8_6_0] - -`server.compression.brotli.enabled` -: Enable brotli compression format for browser-server communications. Default: false. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md). - -`xpack.fleet.enableExperimental` -: Allow to configure experimental feature for Fleet. To learn more, check [Fleet settings in Kibana](/reference/configuration-reference/fleet-settings.md). - - -### Version 8.4.0+ [ec_version_8_4_0] - -`migrations.discardUnknownObjects` -: Discard saved objects with unknown types during a migration. Must be set to the target version, e.g.: `8.4.0`. Default: undefined. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md). - -`migrations.discardCorruptObjects` -: Discard corrupt saved objects, as well as those that cause transform errors during a migration. Must be set to the target version, e.g.: `8.4.0`. Default: undefined. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md). - - -### Version 8.3.0+ [ec_version_8_3_0] - -`elasticsearch.compression` -: Enable compression for communications with Elasticsearch. Default: false. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md). - - -### Version 8.2.0+ [ec_version_8_2_0] - -`elasticsearch.maxSockets` -: The maximum number of sockets that can be used for communications with Elasticsearch. Default: Infinity. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md). - - -### Version 8.1.0+ [ec_version_8_1_0] - -`execution_context.enabled` -: Propagate request-specific metadata to Elasticsearch server by way of the `x-opaque-id` header. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md). - - -### Supported versions before 8.x [ec_supported_versions_before_8_x] - -`vis_type_table.legacyVisEnabled` -: For 7.x versions version 7.11 and higher, a new version of the datatable visualization is used. Set to `true` to enable the legacy version. In version 8.0, the old implementation is removed and this setting is no longer supported. - -`vega.enableExternalUrls` -: Set to `true` to allow Vega vizualizations to use data from sources other than the linked Elasticsearch cluster. In stack version 8.0 and above, the `vega.enableExternalUrls` is not supported. Use `vis_type_vega.enableExternalUrls` instead. - - -### All supported versions [ec_all_supported_versions_2] - -`migrations.maxBatchSizeBytes` -: Defines the maximum payload size for indexing batches of saved objects during upgrade migrations. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md). - -`server.maxPayload` -: The maximum payload size in bytes for incoming server requests. Default: 1048576. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md#server-maxPayload). - -`server.securityResponseHeaders.strictTransportSecurity` -: Controls whether the [`Strict-Transport-Security`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) header is used in all responses to the client from the Kibana server. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md#server-securityResponseHeaders-strictTransportSecurity). - -`server.securityResponseHeaders.xContentTypeOptions` -: Controls whether the [`X-Content-Type-Options`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) header is used in all responses to the client from the Kibana server. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md#server-securityResponseHeaders-xContentTypeOptions). - -`server.securityResponseHeaders.referrerPolicy` -: Controls whether the [`Referrer-Policy`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) header is used in all responses to the client from the Kibana server. To learn more, see [Configure Kibana](/reference/configuration-reference/general-settings.md#server-securityResponseHeaders-referrerPolicy). - -`server.securityResponseHeaders.permissionsPolicy` -: Controls whether the `Permissions-Policy` header is used in all responses to the client from the Kibana server. To learn more, see [Configure Kibana](/reference/configuration-reference/general-settings.md#server-securityResponseHeaders-permissionsPolicy). - -`server.securityResponseHeaders.permissionsPolicyReportOnly` -: Controls whether the `Permissions-Policy-Report-Only` header is used in all responses to the client from the Kibana server. To learn more, see [Configure Kibana](/reference/configuration-reference/general-settings.md#server-securityResponseHeaders-permissionsPolicy). - -`server.securityResponseHeaders.disableEmbedding` -: Controls whether the [`Content-Security-Policy`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) and [`X-Frame-Options`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) headers are configured to disable embedding Kibana in other webpages using iframes. To learn more, see [Configure Kibana](/reference/configuration-reference/general-settings.md#server-securityResponseHeaders-disableEmbedding). - -`data.autocomplete.valueSuggestions.timeout` -: Specifies the time in milliseconds to wait for autocomplete suggestions from Elasticsearch. The default is 1000. Allowed values are between 1 and 1200000. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md). - -`data.autocomplete.valueSuggestions.terminateAfter` -: Specifies the max number of documents loaded by each shard to generate autocomplete suggestions. The default is 100000. Allowed values are between 1 and 10000000. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md). - -`map.tilemap.options.attribution` -: Adds the map attribution string. - -`map.tilemap.options.maxZoom` -: Sets the maximum zoom level. - -`map.tilemap.options.minZoom` -: Sets the minimum zoom level. - -`map.tilemap.options.subdomains` -: Provides an array of subdomains used by the tile service. Specify the position of the subdomain the URL with the token `{{s}}`. - -`map.tilemap.url` -: Lists the URL to the tileservice that Kibana uses to display map tiles in tilemap visualizations. - -`i18n.locale` -: Specifies the locale for all strings, dates, and number formats that can be localized. Defaults to `en` (English). - -`migrations.batchSize` -: Defines the number of documents migrated at a time during saved object upgrade migrations. To learn more, check [Configure Kibana](/reference/configuration-reference/general-settings.md). - -`server.defaultRoute` -: Specifies the default route when opening Kibana. You can use this setting to modify the landing page when opening Kibana. - -`server.customResponseHeaders` -: Specifies HTTP header names and values that the Kibana backend will return to the client. - -#### Map settings [ec_map_settings] - -`map.regionmap:` -: Specifies additional vector layers for use in [Region Map](docs-content://explore-analyze/visualize/maps/maps-getting-started.md) visualizations. Each layer object points to an external vector file that contains a geojson FeatureCollection. The file must use the [WGS84 coordinate reference system](https://en.wikipedia.org/wiki/World_Geodetic_System) and only include polygons. If the file is hosted on a separate domain from Kibana, the server needs to be CORS-enabled so Kibana can download the file. The following example shows a valid regionmap configuration. - - ```yaml - map.regionmap: - includeElasticMapsService: false - layers: - - name: "Departments of France" - url: "http://my.cors.enabled.server.org/france_departements.geojson" - attribution: "INRAP" - fields: - - name: "department" - description: "Full department name" - - name: "INSEE" - description: "INSEE numeric identifier" - ``` - - -`map.regionmap.includeElasticMapsService:` -: Turns on or off whether layers from the Elastic Maps Service should be included in the vector layer option list. Supported on Elastic Cloud Enterprise. By turning this off, only the layers that are configured here will be included. The default is `true`. - -`map.regionmap.layers[].attribution:` -: Optional. References the originating source of the geojson file. - -`map.regionmap.layers[].fields[]:` -: Mandatory. Each layer can contain multiple fields to indicate what properties from the geojson features you wish to expose. The previous example shows how to define multiple properties. - -`map.regionmap.layers[].fields[].description:` -: Mandatory. The human readable text that is shown under the Options tab when building the Region Map visualization. - -`map.regionmap.layers[].fields[].name:` -: Mandatory. This value is used to do an inner-join between the document stored in Elasticsearch and the geojson file. For example, if the field in the geojson is called `Location` and has city names, there must be a field in Elasticsearch that holds the same values that Kibana can then use to lookup for the geoshape data. - -`map.regionmap.layers[].name:` -: Mandatory. A description of the map being provided. - -`map.regionmap.layers[].url:` -: Mandatory. The location of the geojson file as provided by a webserver. - -`tilemap.options.attribution` -: Adds the map attribution string. - -`tilemap.options.maxZoom` -: Sets the maximum zoom level. - -`tilemap.options.minZoom` -: Sets the minimum zoom level. - -`tilemap.options.subdomains` -: Provides an array of subdomains used by the tile service. Specify the position of the subdomain the URL with the token `{{s}}`. - -`tilemap.url` -: Lists the URL to the tileservice that Kibana uses to display map tiles in tilemap visualizations. - - - -### SAML settings [ec_saml_settings] - -If you are using SAML to secure your clusters, these settings are supported in Elasticsearch Service. - -To learn more, refer to [configuring Kibana to use SAML](docs-content://deploy-manage/users-roles/cluster-or-deployment-auth/saml.md). - -#### Version 8.0.0+ [ec_version_8_0_0] - -The following additional setting is supported: - -`server.xsrf.allowlist` -: Allows the SAML authentication URL within Kibana, so that the Kibana server doesn’t reject external authentication messages that originate from your Identity Provider. - - -#### All supported versions [ec_all_supported_versions_3] - -`xpack.security.authc.providers.saml..useRelayStateDeepLink` -: Specifies if Kibana should treat the `RelayState` parameter as a deep link when Identity Provider Initiated login flow is used. - -`xpack.security.authc.providers.saml..order` -: Specifies order of the SAML authentication provider in the authentication chain. - -`xpack.security.authc.providers.saml..realm` -: Specifies which SAML realm in Elasticsearch should be used. - -`xpack.security.authc.providers.saml..maxRedirectURLSize` -: Specifies the maximum size of the URL that Kibana is allowed to store during the SAML handshake. - -`xpack.security.authc.providers.saml..description` -: Specifies how SAML login should be titled in the Login Selector UI. - -`xpack.security.authc.saml.maxRedirectURLSize` -: Specifies the maximum size of the URL that Kibana is allowed to store during the SAML handshake. - -`xpack.security.authc.saml.realm` -: Specifies which SAML realm in Elasticsearch should be used. - -`xpack.security.authc.providers` -: Specifies which providers are going to be used in Kibana. - - -#### All supported versions before 8.x [ec_all_supported_versions_before_8_x] - -`xpack.security.authProviders` -: Set to `saml` to instruct Kibana to use SAML SSO as the authentication method. - -`xpack.security.public.protocol` -: Set to HTTP or HTTPS. To access Kibana, HTTPS protocol is recommended. - -`xpack.security.public.hostname` -: Set to a fully qualified hostname to connect your users to the proxy server. - -`xpack.security.public.port` -: The port number that connects your users to the proxy server (for example, 80 for HTTP or 443 for HTTPS). - -`xpack.security.authc.saml.useRelayStateDeepLink` -: Specifies if Kibana should treat the `RelayState` parameter as a deep link when Identity Provider Initiated login flow is used. - -`server.xsrf.whitelist` -: Explicitly allows the SAML authentication URL within Kibana, so that the Kibana server doesn’t reject external authentication messages that originate from your Identity Provider. This setting is renamed to `server.xsrf.allowlist` in version 8.0.0. - - - ### OpenID Connect [ec_openid_connect] If you are using OpenID Connect to secure your clusters, these settings are supported in Elasticsearch Service. diff --git a/docs/reference/configuration-reference.md b/docs/reference/configuration-reference.md index b9f60fd97541d..2e2971367628c 100644 --- a/docs/reference/configuration-reference.md +++ b/docs/reference/configuration-reference.md @@ -6,7 +6,7 @@ navigation_title: "Configuration" Configuration settings enable you to customize the behavior of Kibana apps and features. This reference provides details about each setting, such as its purpose, default behavior, and availability in Elastic Cloud environments. -% TO-DO: For information about how to update these settings, refer to "Configure Kibana" (link to appropriate deployment pages) % +For information about how to update these settings, refer to the appropriate instructions for your environment. For example, [{{ecloud}} Hosted](docs-content://deploy-manage/deploy/elastic-cloud/edit-stack-settings.md), [{{ece}}](docs-content://deploy-manage/deploy/cloud-enterprise/edit-stack-settings-kibana.md), or [self-managed clusters](docs-content://deploy-manage/deploy/self-managed/configure-kibana.md). The settings are grouped by feature or purpose, for example: @@ -16,9 +16,11 @@ The settings are grouped by feature or purpose, for example: - [Banners](/reference/configuration-reference/banner-settings.md) - [Cases](/reference/configuration-reference/cases-settings.md) - [Fleet](/reference/configuration-reference/fleet-settings.md) +- [General](/reference/configuration-reference/general-settings.md) - [Internationalization](/reference/configuration-reference/internationalization-settings.md) - [Logging](/reference/configuration-reference/logging-settings.md) - [Logs](/reference/configuration-reference/logs-settings.md) +- [Maps](/reference/configuration-reference/map-settings.md) - [Metrics](/reference/configuration-reference/metrics-settings.md) - [Monitoring](/reference/configuration-reference/monitoring-settings.md) - [Reporting](/reference/configuration-reference/reporting-settings.md) diff --git a/docs/reference/configuration-reference/ai-assistant-settings.md b/docs/reference/configuration-reference/ai-assistant-settings.md index 5c2663d5358d4..4e04d29f35c35 100644 --- a/docs/reference/configuration-reference/ai-assistant-settings.md +++ b/docs/reference/configuration-reference/ai-assistant-settings.md @@ -2,11 +2,13 @@ navigation_title: "AI Assistant settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/ai-assistant-settings-kb.html +applies_to: + deployment: + self: all --- # AI Assistant settings in {{kib}} [ai-assistant-settings-kb] - `xpack.productDocBase.artifactRepositoryUrl` : Url of the repository to use to download and install the Elastic product documentation artifacts for the AI assistants. Defaults to `https://kibana-knowledge-base-artifacts.elastic.co` diff --git a/docs/reference/configuration-reference/alerting-settings.md b/docs/reference/configuration-reference/alerting-settings.md index fcf4e89ea493a..d0664af7ab4da 100644 --- a/docs/reference/configuration-reference/alerting-settings.md +++ b/docs/reference/configuration-reference/alerting-settings.md @@ -2,6 +2,10 @@ navigation_title: "Alerting and action settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/alert-action-settings-kb.html +applies_to: + deployment: + ess: all + self: all --- # Alerting and action settings in {{kib}} [alert-action-settings-kb] @@ -13,405 +17,292 @@ Alerting and actions are enabled by default in {{kib}}, but require you to confi 2. [Set up TLS encryption between {{kib}} and {{es}}](docs-content://deploy-manage/security/set-up-basic-security-plus-https.md#encrypt-kibana-http). 3. If you are using an **on-premises** Elastic Stack deployment, [specify a value for `xpack.encryptedSavedObjects.encryptionKey`](#general-alert-action-settings). -You can configure the following settings in the `kibana.yml` file. - +:::{note} +If a setting is applicable to {{ecloud}} Hosted environments, its name is followed by this icon: ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on Elastic Cloud Hosted") +::: ## General settings [general-alert-action-settings] `xpack.encryptedSavedObjects.encryptionKey` -: ::::{admonition} -A string of 32 or more characters used to encrypt sensitive properties on alerting rules and actions before they’re stored in Elasticsearch. Third party credentials — such as the username and password used to connect to an SMTP service — are an example of encrypted properties. - -Kibana offers a [CLI tool](/reference/commands/kibana-encryption-keys.md) to help generate this encryption key. - -If not set, Kibana will generate a random key on startup, but all alerting and action functions will be blocked. Generated keys are not allowed for alerting and actions because when a new key is generated on restart, existing encrypted data becomes inaccessible. For the same reason, alerting and actions in high-availability deployments of Kibana will behave unexpectedly if the key isn’t the same on all instances of Kibana. +: A string of 32 or more characters used to encrypt sensitive properties on alerting rules and actions before they’re stored in Elasticsearch. Third party credentials — such as the username and password used to connect to an SMTP service — are an example of encrypted properties. -Although the key can be specified in clear text in `kibana.yml`, it’s recommended to store this key securely in the [Kibana Keystore](docs-content://deploy-manage/security/secure-settings.md). Be sure to back up the encryption key value somewhere safe, as your alerting rules and actions will cease to function due to decryption failures should you lose it. If you want to rotate the encryption key, be sure to follow the instructions on [encryption key rotation](docs-content://deploy-manage/security/secure-saved-objects.md#encryption-key-rotation). + Kibana offers a [CLI tool](/reference/commands/kibana-encryption-keys.md) to help generate this encryption key. -Data type: `string`
- -:::: + If not set, Kibana will generate a random key on startup, but all alerting and action functions will be blocked. Generated keys are not allowed for alerting and actions because when a new key is generated on restart, existing encrypted data becomes inaccessible. For the same reason, alerting and actions in high-availability deployments of Kibana will behave unexpectedly if the key isn’t the same on all instances of Kibana. + Although the key can be specified in clear text in `kibana.yml`, it’s recommended to store this key securely in the [Kibana Keystore](docs-content://deploy-manage/security/secure-settings.md). Be sure to back up the encryption key value somewhere safe, as your alerting rules and actions will cease to function due to decryption failures should you lose it. If you want to rotate the encryption key, be sure to follow the instructions on [encryption key rotation](docs-content://deploy-manage/security/secure-saved-objects.md#encryption-key-rotation). + Data type: `string` ## Action settings [action-settings] `xpack.actions.allowedHosts` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -A list of hostnames that Kibana is allowed to connect to when built-in actions are triggered. It defaults to `["*"]`, allowing any host, but keep in mind the potential for SSRF attacks when hosts are not explicitly added to the allowed hosts. An empty list `[]` can be used to block built-in actions from making any external connections. - -Note that hosts associated with built-in actions, such as Slack and PagerDuty, are not automatically added to allowed hosts. If you are not using the default `["*"]` setting, you must ensure that the corresponding endpoints are added to the allowed hosts as well. - -Data type: `string`
- -:::: +: A list of hostnames that Kibana is allowed to connect to when built-in actions are triggered. It defaults to `["*"]`, allowing any host, but keep in mind the potential for SSRF attacks when hosts are not explicitly added to the allowed hosts. An empty list `[]` can be used to block built-in actions from making any external connections. + Note that hosts associated with built-in actions, such as Slack and PagerDuty, are not automatically added to allowed hosts. If you are not using the default `["*"]` setting, you must ensure that the corresponding endpoints are added to the allowed hosts as well. + Data type: `string` `xpack.actions.customHostSettings` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -A list of custom host settings to override existing global settings. - -Each entry in the list must have a `url` property, to associate a connection type (mail or https), hostname and port with the remaining options in the entry. - -The settings in `xpack.actions.customHostSettings` can be used to override the global option `xpack.actions.ssl.verificationMode` and provide customized TLS settings on a per-server basis. Set `xpack.actions.ssl.verificationMode` to the value to be used by default for all servers, then add an entry in `xpack.actions.customHostSettings` for every server that requires customized settings. - -Data type: `string`
Default: `an empty list`
- -In the following example, two custom host settings are defined. The first provides a custom host setting for mail server `mail.example.com` using port 465 that supplies server certificate authentication data from both a file and inline, and requires TLS for the connection. The second provides a custom host setting for https server `webhook.example.com` which turns off server certificate authentication, that will allow Kibana to connect to the server if it’s using a self-signed certificate. The individual properties that can be used in the settings are documented below. - -```yaml -xpack.actions.customHostSettings: - - url: smtp://mail.example.com:465 - ssl: - verificationMode: 'full' - certificateAuthoritiesFiles: [ 'one.crt' ] - certificateAuthoritiesData: | - -----BEGIN CERTIFICATE----- - MIIDTD... - CwUAMD... - ... multiple lines of certificate data ... - -----END CERTIFICATE----- - smtp: - requireTLS: true - - url: https://webhook.example.com - ssl: - verificationMode: 'none' -``` - -:::: - - +: A list of custom host settings to override existing global settings. + + Each entry in the list must have a `url` property, to associate a connection type (mail or https), hostname and port with the remaining options in the entry. + + The settings in `xpack.actions.customHostSettings` can be used to override the global option `xpack.actions.ssl.verificationMode` and provide customized TLS settings on a per-server basis. Set `xpack.actions.ssl.verificationMode` to the value to be used by default for all servers, then add an entry in `xpack.actions.customHostSettings` for every server that requires customized settings. + + Data type: `string` + Default: `an empty list` + + In the following example, two custom host settings are defined. The first provides a custom host setting for mail server `mail.example.com` using port 465 that supplies server certificate authentication data from both a file and inline, and requires TLS for the connection. The second provides a custom host setting for https server `webhook.example.com` which turns off server certificate authentication, that will allow Kibana to connect to the server if it’s using a self-signed certificate. The individual properties that can be used in the settings are documented below. + + ```yaml + xpack.actions.customHostSettings: + - url: smtp://mail.example.com:465 + ssl: + verificationMode: 'full' + certificateAuthoritiesFiles: [ 'one.crt' ] + certificateAuthoritiesData: | + -----BEGIN CERTIFICATE----- + MIIDTD... + CwUAMD... + ... multiple lines of certificate data ... + -----END CERTIFICATE----- + smtp: + requireTLS: true + - url: https://webhook.example.com + ssl: + verificationMode: 'none' + ``` `xpack.actions.customHostSettings[n].url` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -A URL associated with this custom host setting. Should be in the form of `protocol://hostname:port`, where `protocol` is `https` or `smtp`. If the port is not provided, 443 is used for `https` and 25 is used for `smtp`. The `smtp` URLs are used for the Email actions that use this server, and the `https` URLs are used for actions which use `https` to connect to services. +: A URL associated with this custom host setting. Should be in the form of `protocol://hostname:port`, where `protocol` is `https` or `smtp`. If the port is not provided, 443 is used for `https` and 25 is used for `smtp`. The `smtp` URLs are used for the Email actions that use this server, and the `https` URLs are used for actions which use `https` to connect to services. -Entries with `https` URLs can use the `ssl` options, and entries with `smtp` URLs can use both the `ssl` and `smtp` options. + Entries with `https` URLs can use the `ssl` options, and entries with `smtp` URLs can use both the `ssl` and `smtp` options. -No other URL values should be part of this URL, including paths, query strings, and authentication information. When an http or smtp request is made as part of running an action, only the protocol, hostname, and port of the URL for that request are used to look up these configuration values. - -Data type: `string`
- -:::: + No other URL values should be part of this URL, including paths, query strings, and authentication information. When an http or smtp request is made as part of running an action, only the protocol, hostname, and port of the URL for that request are used to look up these configuration values. + Data type: `string` `xpack.actions.customHostSettings[n].smtp.ignoreTLS` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -A boolean value indicating that TLS must not be used for this connection. The options `smtp.ignoreTLS` and `smtp.requireTLS` can not both be set to true. - -Data type: `bool`
Default: `false`
- -:::: +: A boolean value indicating that TLS must not be used for this connection. The options `smtp.ignoreTLS` and `smtp.requireTLS` can not both be set to true. + Data type: `bool` + Default: `false` `xpack.actions.customHostSettings[n].smtp.requireTLS` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -A boolean value indicating that TLS must be used for this connection. The options `smtp.ignoreTLS` and `smtp.requireTLS` can not both be set to true. - -Data type: `bool`
Default: `false`
- -:::: - +: A boolean value indicating that TLS must be used for this connection. The options `smtp.ignoreTLS` and `smtp.requireTLS` can not both be set to true. + Data type: `bool` + Default: `false` $$$action-config-custom-host-verification-mode$$$ `xpack.actions.customHostSettings[n].ssl.verificationMode` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Controls the verification of the server certificate that Kibana receives when making an outbound SSL/TLS connection to the host server. Valid values are `full`, `certificate`, and `none`. Use `full` to perform hostname verification, `certificate` to skip hostname verification, and `none` to skip verification. Default: `full`. [Equivalent Kibana setting](/reference/configuration-reference/general-settings.md#elasticsearch-ssl-verificationMode). Overrides the general `xpack.actions.ssl.verificationMode` configuration for requests made for this hostname/port. - -Data type: `enum`
+: Controls the verification of the server certificate that Kibana receives when making an outbound SSL/TLS connection to the host server. Valid values are `full`, `certificate`, and `none`. Use `full` to perform hostname verification, `certificate` to skip hostname verification, and `none` to skip verification. Default: `full`. [Equivalent Kibana setting](/reference/configuration-reference/general-settings.md#elasticsearch-ssl-verificationMode). Overrides the general `xpack.actions.ssl.verificationMode` configuration for requests made for this hostname/port. -Options: + Data type: `enum` -* `full` -* `certificate` -* `none` - -Default: `full`
- -:::: + Options: + * `full` + * `certificate` + * `none` + Default: `full` `xpack.actions.customHostSettings[n].ssl.certificateAuthoritiesFiles` -: ::::{admonition} -A file name or list of file names of PEM-encoded certificate files to use to validate the server. - -Data type: `string`
- -:::: - +: A file name or list of file names of PEM-encoded certificate files to use to validate the server. + Data type: `string` `xpack.actions.customHostSettings[n].ssl.certificateAuthoritiesData` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -The contents of one or more PEM-encoded certificate files in multiline format. This configuration can be used for environments where the files cannot be made available. - -Data type: `string`
- -:::: - +: The contents of one or more PEM-encoded certificate files in multiline format. This configuration can be used for environments where the files cannot be made available. + Data type: `string` $$$action-config-email-domain-allowlist$$$ `xpack.actions.email.domain_allowlist` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: :::::{admonition} -A list of allowed email domains which can be used with the email connector. When this setting is not used, all email domains are allowed. When this setting is used, if any email is attempted to be sent that (a) includes an addressee with an email domain that is not in the allowlist, or (b) includes a from address domain that is not in the allowlist, it will fail with a message indicating the email is not allowed. - -::::{warning} -This feature is available in Kibana 7.17.4 and 8.3.0 onwards but is not supported in Kibana 8.0, 8.1 or 8.2. As such, this setting should be removed before upgrading from 7.17 to 8.0, 8.1 or 8.2. It is possible to configure the settings in 7.17.4 and then upgrade to 8.3.0 directly. Data type: `string`
-:::: - - -::::: +: A list of allowed email domains which can be used with the email connector. When this setting is not used, all email domains are allowed. When this setting is used, if any email is attempted to be sent that (a) includes an addressee with an email domain that is not in the allowlist, or (b) includes a from address domain that is not in the allowlist, it will fail with a message indicating the email is not allowed. + ::::{warning} + This feature is available in Kibana 7.17.4 and 8.3.0 onwards but is not supported in Kibana 8.0, 8.1 or 8.2. As such, this setting should be removed before upgrading from 7.17 to 8.0, 8.1 or 8.2. It is possible to configure the settings in 7.17.4 and then upgrade to 8.3.0 directly. + :::: + Data type: `string` `xpack.actions.enableFooterInEmail` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -A boolean value indicating that a footer with a relevant link should be added to emails sent as alerting actions. - -Data type: `bool`
Default: `true`
- -:::: - +: A boolean value indicating that a footer with a relevant link should be added to emails sent as alerting actions. + Data type: `bool` + Default: `true` `xpack.actions.enabledActionTypes` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: :::::{admonition} -A list of action types that are enabled. It defaults to `["*"]`, enabling all types. The names for built-in Kibana action types are prefixed with a `.` and include: `.email`, `.index`, `.jira`, `.opsgenie`, `.pagerduty`, `.resilient`, `.server-log`, `.servicenow`, .`servicenow-itom`, `.servicenow-sir`, `.slack`, `.swimlane`, `.teams`, `.tines`, `.torq`, `.xmatters`, `.gen-ai`, `.bedrock`, `.gemini`, `.d3security`, and `.webhook`. An empty list `[]` will disable all action types. - -Disabled action types will not appear as an option when creating new connectors, but existing connectors and actions of that type will remain in Kibana and will not function. - -::::{important} -[Preconfigured connectors](/reference/connectors-kibana/pre-configured-connectors.md) are not affected by this setting. Data type: `string`
Default: `["*"]`
-:::: +: A list of action types that are enabled. It defaults to `["*"]`, enabling all types. The names for built-in Kibana action types are prefixed with a `.` and include: `.email`, `.index`, `.jira`, `.opsgenie`, `.pagerduty`, `.resilient`, `.server-log`, `.servicenow`, .`servicenow-itom`, `.servicenow-sir`, `.slack`, `.swimlane`, `.teams`, `.tines`, `.torq`, `.xmatters`, `.gen-ai`, `.bedrock`, `.gemini`, `.d3security`, and `.webhook`. An empty list `[]` will disable all action types. + Disabled action types will not appear as an option when creating new connectors, but existing connectors and actions of that type will remain in Kibana and will not function. -::::: - + ::::{important} + [Preconfigured connectors](/reference/connectors-kibana/pre-configured-connectors.md) are not affected by this setting. + :::: + Data type: `string` + Default: `["*"]` `xpack.actions.microsoftExchangeUrl` -: ::::{admonition} -The URL for the Microsoft Azure Active Directory endpoint to use for MS Exchange email authentication. - -Data type: `string`
Default: `https://login.microsoftonline.com`
- -:::: - +: The URL for the Microsoft Azure Active Directory endpoint to use for MS Exchange email authentication. + Data type: `string` + Default: `https://login.microsoftonline.com` `xpack.actions.microsoftGraphApiUrl` -: ::::{admonition} -The URL for the Microsoft Graph API endpoint to use for MS Exchange email authentication. - -Data type: `string`
Default: `https://graph.microsoft.com/v1.0`
- -:::: - +: The URL for the Microsoft Graph API endpoint to use for MS Exchange email authentication. + Data type: `string` + Default: `https://graph.microsoft.com/v1.0` `xpack.actions.microsoftGraphApiScope` -: ::::{admonition} -The URL for the Microsoft Graph API scope endpoint to use for MS Exchange email authentication. - -Data type: `string`
Default: `https://graph.microsoft.com/.default`
- -:::: - +: The URL for the Microsoft Graph API scope endpoint to use for MS Exchange email authentication. + Data type: `string` + Default: `https://graph.microsoft.com/.default` `xpack.actions.proxyUrl` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies the proxy URL to use, if using a proxy for actions. By default, no proxy is used. - -Proxies may be used to proxy http or https requests through a proxy using the http or https protocol. Kibana only uses proxies in "CONNECT" mode (sometimes referred to as "tunneling" TCP mode, compared to HTTP mode). That is, Kibana will always make requests through a proxy using the HTTP `CONNECT` method. - -If your proxy is using the https protocol (vs the http protocol), the setting `xpack.actions.ssl.proxyVerificationMode: none` will likely be needed, unless your proxy’s certificates are signed using a publicly available certificate authority. - -There is currently no support for using basic authentication with a proxy (authentication for the proxy itself, not the URL being requested through the proxy). +: Specifies the proxy URL to use, if using a proxy for actions. By default, no proxy is used. -Data type: `string`
+ Proxies may be used to proxy http or https requests through a proxy using the http or https protocol. Kibana only uses proxies in "CONNECT" mode (sometimes referred to as "tunneling" TCP mode, compared to HTTP mode). That is, Kibana will always make requests through a proxy using the HTTP `CONNECT` method. -To help diagnose problems using a proxy, you can use the `curl` command with options to use your proxy, and log debug information, with the following command, replacing the proxy and target URLs as appropriate. This will force the request to be made to the proxy in tunneling mode, and display some of the interaction between the client and the proxy. + If your proxy is using the https protocol (vs the http protocol), the setting `xpack.actions.ssl.proxyVerificationMode: none` will likely be needed, unless your proxy’s certificates are signed using a publicly available certificate authority. -```sh -curl --verbose --proxytunnel --proxy http://localhost:8080 http://example.com -``` + There is currently no support for using basic authentication with a proxy (authentication for the proxy itself, not the URL being requested through the proxy). -:::: + Data type: `string` + To help diagnose problems using a proxy, you can use the `curl` command with options to use your proxy, and log debug information, with the following command, replacing the proxy and target URLs as appropriate. This will force the request to be made to the proxy in tunneling mode, and display some of the interaction between the client and the proxy. + ```sh + curl --verbose --proxytunnel --proxy http://localhost:8080 http://example.com + ``` `xpack.actions.proxyBypassHosts` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies hostnames which should not use the proxy, if using a proxy for actions. The value is an array of hostnames as strings. - -By default, all hosts will use the proxy, but if an action’s hostname is in this list, the proxy will not be used. The settings `xpack.actions.proxyBypassHosts` and `xpack.actions.proxyOnlyHosts` cannot be used at the same time. - -Data type: `string`
+: Specifies hostnames which should not use the proxy, if using a proxy for actions. The value is an array of hostnames as strings. -For example: + By default, all hosts will use the proxy, but if an action’s hostname is in this list, the proxy will not be used. The settings `xpack.actions.proxyBypassHosts` and `xpack.actions.proxyOnlyHosts` cannot be used at the same time. -```yaml -xpack.actions.proxyBypassHosts: [ "events.pagerduty.com" ] -``` + Data type: `string` -If applicable, include the subdomain in the hostname - -:::: + For example: + ```yaml + xpack.actions.proxyBypassHosts: [ "events.pagerduty.com" ] + ``` + If applicable, include the subdomain in the hostname `xpack.actions.proxyOnlyHosts` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies hostnames which should only use the proxy, if using a proxy for actions. The value is an array of hostnames as strings. - -By default, no hosts will use the proxy, but if an action’s hostname is in this list, the proxy will be used. The settings `xpack.actions.proxyBypassHosts` and `xpack.actions.proxyOnlyHosts` cannot be used at the same time. +: Specifies hostnames which should only use the proxy, if using a proxy for actions. The value is an array of hostnames as strings. -Data type: `string`
+ By default, no hosts will use the proxy, but if an action’s hostname is in this list, the proxy will be used. The settings `xpack.actions.proxyBypassHosts` and `xpack.actions.proxyOnlyHosts` cannot be used at the same time. -For example: + Data type: `string` -```yaml -xpack.actions.proxyOnlyHosts: [ "events.pagerduty.com" ] -``` + For example: -If applicable, include the subdomain in the hostname - -:::: + ```yaml + xpack.actions.proxyOnlyHosts: [ "events.pagerduty.com" ] + ``` + If applicable, include the subdomain in the hostname `xpack.actions.proxyHeaders` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies HTTP headers for the proxy, if using a proxy for actions. - -Data type: `string`
Default: `{}`
- -:::: - +: Specifies HTTP headers for the proxy, if using a proxy for actions. + Data type: `string` + Default: `{}` $$$action-config-proxy-verification-mode$$$ `xpack.actions.ssl.proxyVerificationMode` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Controls the verification for the proxy server certificate that Kibana receives when making an outbound SSL/TLS connection to the proxy server. - -Use `full` to perform hostname verification, `certificate` to skip hostname verification, and `none` to skip verification. - -[Equivalent Kibana setting](/reference/configuration-reference/general-settings.md#elasticsearch-ssl-verificationMode) +: Controls the verification for the proxy server certificate that Kibana receives when making an outbound SSL/TLS connection to the proxy server. -Data type: `enum`
+ Use `full` to perform hostname verification, `certificate` to skip hostname verification, and `none` to skip verification. -Options: + [Equivalent Kibana setting](/reference/configuration-reference/general-settings.md#elasticsearch-ssl-verificationMode) -* `full` -* `certificate` -* `none` + Data type: `enum` -Default: `full`
- -:::: + Options: + * `full` + * `certificate` + * `none` + Default: `full` $$$action-config-verification-mode$$$ `xpack.actions.ssl.verificationMode` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Controls the verification for the server certificate that Elastic Maps Server receives when making an outbound SSL/TLS connection for actions. Valid values are `full`, `certificate`, and `none`. Use `full` to perform hostname verification, `certificate` to skip hostname verification, and `none` to skip verification. - -[Equivalent Kibana setting](/reference/configuration-reference/general-settings.md#elasticsearch-ssl-verificationMode) - -This setting can be overridden for specific URLs by using the setting `xpack.actions.customHostSettings[n].ssl.verificationMode` (described above) to a different value. +: Controls the verification for the server certificate that Elastic Maps Server receives when making an outbound SSL/TLS connection for actions. Valid values are `full`, `certificate`, and `none`. Use `full` to perform hostname verification, `certificate` to skip hostname verification, and `none` to skip verification. -Data type: `enum`
+ [Equivalent Kibana setting](/reference/configuration-reference/general-settings.md#elasticsearch-ssl-verificationMode) -Options: + This setting can be overridden for specific URLs by using the setting `xpack.actions.customHostSettings[n].ssl.verificationMode` (described above) to a different value. -* `full` -* `certificate` -* `none` + Data type: `enum` -Default: `full`
- -:::: + Options: + * `full` + * `certificate` + * `none` + Default: `full` `xpack.actions.maxResponseContentLength` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies the max number of bytes of the http response for requests to external resources. - -Data type: `int`
Default: `1000000 (1MB)`
- -:::: - +: Specifies the max number of bytes of the http response for requests to external resources. + Data type: `int` + Default: `1000000 (1MB)` `xpack.actions.responseTimeout` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies the time allowed for requests to external resources. Requests that take longer are canceled. The time is formatted as a number and a time unit (`ms`, `s`, `m`, `h`, `d`, `w`, `M`, or `Y`). For example, `20m`, `24h`, `7d`, `1w`. Default: `60s`. - -Data type: `string`
- -:::: - +: Specifies the time allowed for requests to external resources. Requests that take longer are canceled. The time is formatted as a number and a time unit (`ms`, `s`, `m`, `h`, `d`, `w`, `M`, or `Y`). For example, `20m`, `24h`, `7d`, `1w`. Default: `60s`. + Data type: `string` `xpack.actions.run.maxAttempts` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies the maximum number of times an action can be attempted to run. +: Specifies the maximum number of times an action can be attempted to run. -Data type: `int`
- -Options: - -* `minimum 1 and maximum 10` - -:::: + Data type: `int` + Options: + * `minimum 1 and maximum 10` `xpack.actions.run.connectorTypeOverrides` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Overrides the configs under `xpack.actions.run` for the connector type with the given ID. List the connector type identifier and its settings in an array of objects. - -Data type: `string`
- -For example: - -```yaml -xpack.actions.run: - maxAttempts: 1 - connectorTypeOverrides: - - id: '.server-log' - maxAttempts: 5 -``` +: Overrides the configs under `xpack.actions.run` for the connector type with the given ID. List the connector type identifier and its settings in an array of objects. -:::: + Data type: `string` + For example: + ```yaml + xpack.actions.run: + maxAttempts: 1 + connectorTypeOverrides: + - id: '.server-log' + maxAttempts: 5 + ``` `xpack.actions.queued.max` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies the maximum number of actions that can be queued. - -Data type: `int`
Default: `1000000`
- -:::: - - +: Specifies the maximum number of actions that can be queued. + It is available in {{ecloud}} 8.11.0 and later versions. + Data type: `int` + Default: `1000000` ## Preconfigured connector settings [preconfigured-connector-settings] @@ -429,959 +320,581 @@ xpack.actions.preconfigured: For more examples, go to [Preconfigured connectors](/reference/connectors-kibana/pre-configured-connectors.md). `xpack.actions.preconfiguredAlertHistoryEsIndex` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Enables a preconfigured alert history Elasticsearch [Index](/reference/connectors-kibana/index-action-type.md) connector. - -Data type: `bool`
Default: `false`
- -:::: - +: Enables a preconfigured alert history Elasticsearch [Index](/reference/connectors-kibana/index-action-type.md) connector. + Data type: `bool` + Default: `false` `xpack.actions.preconfigured` -: ::::{admonition} -Specifies configuration details that are specific to the type of preconfigured connector. - -Data type: `string`
- -:::: - +: Specifies configuration details that are specific to the type of preconfigured connector. + Data type: `string` `xpack.actions.preconfigured..actionTypeId` -: ::::{admonition} -The type of preconfigured connector. - -Options: - -* `.email` -* `.index` -* `.opsgenie` -* `.server-log` -* `.resilient` -* `.slack` -* `.webhook` - -:::: +: The type of preconfigured connector. + Options: + * `.email` + * `.index` + * `.opsgenie` + * `.server-log` + * `.resilient` + * `.slack` + * `.webhook` `xpack.actions.preconfigured..config` -: ::::{admonition} -The configuration details, which are specific to the type of preconfigured connector. - -Data type: `string`
- -:::: - +: The configuration details, which are specific to the type of preconfigured connector. + Data type: `string` `xpack.actions.preconfigured..config.apiProvider` -: ::::{admonition} -For a [OpenAI connector](/reference/connectors-kibana/openai-action-type.md), specifies the OpenAI API provider. +: For a [OpenAI connector](/reference/connectors-kibana/openai-action-type.md), specifies the OpenAI API provider. -Data type: `enum`
- -Options: - -* `OpenAI` -* `Azure OpenAI` - -:::: + Data type: `enum` + Options: + * `OpenAI` + * `Azure OpenAI` `xpack.actions.preconfigured..config.apiUrl` -: :::::{admonition} -A configuration URL that varies by connector: - -* For an [{{bedrock}} connector](/reference/connectors-kibana/bedrock-action-type.md), specifies the {{bedrock}} request URL. -* For an [{{gemini}} connector](/reference/connectors-kibana/gemini-action-type.md), specifies the {{gemini}} request URL. -* For a [OpenAI connector](/reference/connectors-kibana/openai-action-type.md), specifies the OpenAI request URL. -* For a [{{ibm-r}} connector](/reference/connectors-kibana/resilient-action-type.md), specifies the {{ibm-r}} instance URL. -* For a [Jira connector](/reference/connectors-kibana/jira-action-type.md), specifies the Jira instance URL. -* For an [{{opsgenie}} connector](/reference/connectors-kibana/opsgenie-action-type.md), specifies the {{opsgenie}} URL. For example, `https://api.opsgenie.com` or `https://api.eu.opsgenie.com`. -* For a [PagerDuty connector](/reference/connectors-kibana/pagerduty-action-type.md), specifies the PagerDuty event URL. Defaults to `https://events.pagerduty.com/v2/enqueue`. -* For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md) specifies the ServiceNow instance URL. -* For a [{{swimlane}} connector](/reference/connectors-kibana/swimlane-action-type.md), specifies the {{swimlane}} instance URL. - -::::{note} -If you are using the `xpack.actions.allowedHosts` setting, make sure the hostname in the URL is added to the allowed hosts. Data type: `string`
-:::: - +: A configuration URL that varies by connector: -::::: + * For an [{{bedrock}} connector](/reference/connectors-kibana/bedrock-action-type.md), specifies the {{bedrock}} request URL. + * For an [{{gemini}} connector](/reference/connectors-kibana/gemini-action-type.md), specifies the {{gemini}} request URL. + * For a [OpenAI connector](/reference/connectors-kibana/openai-action-type.md), specifies the OpenAI request URL. + * For a [{{ibm-r}} connector](/reference/connectors-kibana/resilient-action-type.md), specifies the {{ibm-r}} instance URL. + * For a [Jira connector](/reference/connectors-kibana/jira-action-type.md), specifies the Jira instance URL. + * For an [{{opsgenie}} connector](/reference/connectors-kibana/opsgenie-action-type.md), specifies the {{opsgenie}} URL. For example, `https://api.opsgenie.com` or `https://api.eu.opsgenie.com`. + * For a [PagerDuty connector](/reference/connectors-kibana/pagerduty-action-type.md), specifies the PagerDuty event URL. Defaults to `https://events.pagerduty.com/v2/enqueue`. + * For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md) specifies the ServiceNow instance URL. + * For a [{{swimlane}} connector](/reference/connectors-kibana/swimlane-action-type.md), specifies the {{swimlane}} instance URL. + ::::{note} + If you are using the `xpack.actions.allowedHosts` setting, make sure the hostname in the URL is added to the allowed hosts. + :::: + Data type: `string` `xpack.actions.preconfigured..config.appId` -: ::::{admonition} -An application ID that varies by connector: - -* For a [{{swimlane}} connector](/reference/connectors-kibana/swimlane-action-type.md), specifies a {{swimlane}} application identifier. - -Data type: `string`
- -:::: +: An application ID that varies by connector: + * For a [{{swimlane}} connector](/reference/connectors-kibana/swimlane-action-type.md), specifies a {{swimlane}} application identifier. + Data type: `string` `xpack.actions.preconfigured..config.clientId` -: ::::{admonition} -A client identifier that varies by connector: - -* For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies a GUID format value that corresponds to the client ID, which is a part of OAuth 2.0 client credentials authentication. -* For a [{{sn-itom}}](/reference/connectors-kibana/servicenow-itom-action-type.md), [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), or [{{sn-sir}} connector](/reference/connectors-kibana/servicenow-sir-action-type.md) specifies the client identifier assigned to the OAuth application. - -Data type: `string`
- -:::: +: A client identifier that varies by connector: + * For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies a GUID format value that corresponds to the client ID, which is a part of OAuth 2.0 client credentials authentication. + * For a [{{sn-itom}}](/reference/connectors-kibana/servicenow-itom-action-type.md), [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), or [{{sn-sir}} connector](/reference/connectors-kibana/servicenow-sir-action-type.md) specifies the client identifier assigned to the OAuth application. + Data type: `string` `xpack.actions.preconfigured..config.configUrl` -: ::::{admonition} -For an [xMatters connector](/reference/connectors-kibana/xmatters-action-type.md) with basic authentication, specifies the request URL for the Elastic Alerts trigger in xMatters. - -Data type: `string`
- -:::: - +: For an [xMatters connector](/reference/connectors-kibana/xmatters-action-type.md) with basic authentication, specifies the request URL for the Elastic Alerts trigger in xMatters. + Data type: `string` `xpack.actions.preconfigured..config.createCommentJson` -: :::::{admonition} -For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a stringified JSON payload with Mustache variables that is sent to the create comment URL to create a case comment. The required variable is `case.description`. - -::::{note} -The JSON is validated after the Mustache variables have been placed when the REST method runs. You should manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. Data type: `string`
-:::: - - -::::: +: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a stringified JSON payload with Mustache variables that is sent to the create comment URL to create a case comment. The required variable is `case.description`. + ::::{note} + The JSON is validated after the Mustache variables have been placed when the REST method runs. You should manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. + :::: + Data type: `string` `xpack.actions.preconfigured..config.createCommentMethod` -: ::::{admonition} -For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies the REST API HTTP request method to create a case comment in the third-party system. - -Data type: `string`
- -Options: - -* `post` -* `put` -* `patch` +: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies the REST API HTTP request method to create a case comment in the third-party system. -Default: `put`
+ Data type: `string` -:::: + Options: + * `post` + * `put` + * `patch` + Default: `put` `xpack.actions.preconfigured..config.createCommentUrl` -: :::::{admonition} -For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a REST API URL string to create a case comment by ID in the third-party system. - -::::{note} -If you are using the `xpack.actions.allowedHosts` setting, make sure the hostname in the URL is added to the allowed hosts. Data type: `string`
-:::: - - -::::: +: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a REST API URL string to create a case comment by ID in the third-party system. + ::::{note} + If you are using the `xpack.actions.allowedHosts` setting, make sure the hostname in the URL is added to the allowed hosts. + :::: + Data type: `string` `xpack.actions.preconfigured..config.createIncidentJson` -: :::::{admonition} -For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a stringified JSON payload with Mustache variables that is sent to the create case URL to create a case. Required variables are `case.title` and `case.description`. - -::::{note} -The JSON is validated after the Mustache variables have been placed when the REST method runs. You should manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. Data type: `string`
-:::: - - -::::: +: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a stringified JSON payload with Mustache variables that is sent to the create case URL to create a case. Required variables are `case.title` and `case.description`. + ::::{note} + The JSON is validated after the Mustache variables have been placed when the REST method runs. You should manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. + :::: + Data type: `string` `xpack.actions.preconfigured..config.createIncidentMethod` -: ::::{admonition} -For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies the REST API HTTP request method to create a case in the third-party system +: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies the REST API HTTP request method to create a case in the third-party system -Data type: `string`
+ Data type: `string` -Options: - -* `post` -* `put` -* `patch` - -Default: `post`
- -:::: + Options: + * `post` + * `put` + * `patch` + Default: `post` `xpack.actions.preconfigured..config.createIncidentUrl` -: :::::{admonition} -For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a REST API URL string to create a case in the third-party system. - -::::{note} -If you are using the `xpack.actions.allowedHosts` setting, make sure the hostname in the URL is added to the allowed hosts. Data type: `string`
-:::: - - -::::: +: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a REST API URL string to create a case in the third-party system. + ::::{note} + If you are using the `xpack.actions.allowedHosts` setting, make sure the hostname in the URL is added to the allowed hosts. + :::: + Data type: `string` `xpack.actions.preconfigured..config.createIncidentResponseKey` -: ::::{admonition} -For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a string from the response body of the create case method that corresponds to the external service identifier. - -Data type: `string`
- -:::: - +: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a string from the response body of the create case method that corresponds to the external service identifier. + Data type: `string` `xpack.actions.preconfigured..config.defaultModel` -: ::::{admonition} -The default model to use for requests, which varies by connector: - -* For an [{{bedrock}} connector](/reference/connectors-kibana/bedrock-action-type.md), current support is for the Anthropic Claude models. Defaults to `anthropic.claude-3-5-sonnet-20240620-v1:0`. -* For a [{{gemini}} connector](/reference/connectors-kibana/gemini-action-type.md), current support is for the Gemini models. Defaults to `gemini-1.5-pro-002`. -* For a [OpenAI connector](/reference/connectors-kibana/openai-action-type.md), it is optional and applicable only when `xpack.actions.preconfigured..config.apiProvider` is `OpenAI`. - -Data type: `string`
- -:::: +: The default model to use for requests, which varies by connector: + * For an [{{bedrock}} connector](/reference/connectors-kibana/bedrock-action-type.md), current support is for the Anthropic Claude models. Defaults to `anthropic.claude-3-5-sonnet-20240620-v1:0`. + * For a [{{gemini}} connector](/reference/connectors-kibana/gemini-action-type.md), current support is for the Gemini models. Defaults to `gemini-1.5-pro-002`. + * For a [OpenAI connector](/reference/connectors-kibana/openai-action-type.md), it is optional and applicable only when `xpack.actions.preconfigured..config.apiProvider` is `OpenAI`. + Data type: `string` `xpack.actions.preconfigured..config.executionTimeField` -: ::::{admonition} -For an [index connector](/reference/connectors-kibana/index-action-type.md), a field that indicates when the document was indexed. - -Data type: `string`
- -:::: - +: For an [index connector](/reference/connectors-kibana/index-action-type.md), a field that indicates when the document was indexed. + Data type: `string` `xpack.actions.preconfigured..config.from` -: ::::{admonition} -For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies the from address for all emails sent by the connector. It must be specified in `user@host-name` format. - -Data type: `string`
- -:::: - +: For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies the from address for all emails sent by the connector. It must be specified in `user@host-name` format. + Data type: `string` `xpack.actions.preconfigured..config.getIncidentResponseExternalTitleKey` -: ::::{admonition} -* "For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a string from the response body of the get case method that corresponds to the external service title." - -Data type: `string`
- -:::: - +: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a string from the response body of the get case method that corresponds to the external service title. + Data type: `string` `xpack.actions.preconfigured..config.getIncidentUrl` -: :::::{admonition} -For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a REST API URL string with an external service ID Mustache variable to get the case from the third-party system. - -::::{note} -If you are using the `xpack.actions.allowedHosts` setting, make sure the hostname in the URL is added to the allowed hosts. Data type: `string`
-:::: - - -::::: +: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a REST API URL string with an external service ID Mustache variable to get the case from the third-party system. + ::::{note} + If you are using the `xpack.actions.allowedHosts` setting, make sure the hostname in the URL is added to the allowed hosts. + :::: + Data type: `string` `xpack.actions.preconfigured..config.hasAuth` -: ::::{admonition} -For an [email](/reference/connectors-kibana/email-action-type.md), [webhook](/reference/connectors-kibana/webhook-action-type.md), or [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies whether a user and password are required inside the secrets configuration. - -Data type: `bool`
Default: `true`
- -:::: - +: For an [email](/reference/connectors-kibana/email-action-type.md), [webhook](/reference/connectors-kibana/webhook-action-type.md), or [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies whether a user and password are required inside the secrets configuration. + Data type: `bool` + Default: `true` `xpack.actions.preconfigured..config.headers` -: ::::{admonition} -For a [webhook](/reference/connectors-kibana/webhook-action-type.md) or [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a set of key-value pairs sent as headers with the request. - -Data type: `string`
- -:::: - +: For a [webhook](/reference/connectors-kibana/webhook-action-type.md) or [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a set of key-value pairs sent as headers with the request. + Data type: `string` `xpack.actions.preconfigured..config.host` -: ::::{admonition} -For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies the host name of the service provider. - -Data type: `string`
- -:::: - +: For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies the host name of the service provider. + Data type: `string` `xpack.actions.preconfigured..config.index` -: ::::{admonition} -For an [index connector](/reference/connectors-kibana/index-action-type.md), specifies the Elasticsearch index. - -Data type: `string`
- -:::: - +: For an [index connector](/reference/connectors-kibana/index-action-type.md), specifies the Elasticsearch index. + Data type: `string` `xpack.actions.preconfigured..config.isOAuth` -: ::::{admonition} -For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies whether to use basic or OAuth authentication. - -Data type: `string`
- -:::: - +: For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies whether to use basic or OAuth authentication. + Data type: `string` `xpack.actions.preconfigured..config.jwtKeyId` -: ::::{admonition} -For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies the key ID assigned to the JWT verifier map of your OAuth application. It is required when `xpack.actions.preconfigured..config.isOAuth` is `true`. - -Data type: `string`
- -:::: - +: For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies the key ID assigned to the JWT verifier map of your OAuth application. It is required when `xpack.actions.preconfigured..config.isOAuth` is `true`. + Data type: `string` `xpack.actions.preconfigured..config.mappings` -: ::::{admonition} -For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), specifies field mappings. - -Data type: `string`
- -:::: - +: For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), specifies field mappings. + Data type: `string` `xpack.actions.preconfigured..config.mappings.alertIdConfig` -: ::::{admonition} -For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), field mapping for the alert identifier. You must provide `fieldtype`, `id`, `key`, and `name` values. - -Data type: `string`
- -:::: - +: For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), field mapping for the alert identifier. You must provide `fieldtype`, `id`, `key`, and `name` values. + Data type: `string` `xpack.actions.preconfigured..config.mappings.caseIdConfig` -: ::::{admonition} -For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), field mapping for the case identifier. You must provide `fieldtype`, `id`, `key`, and `name` values. - -Data type: `string`
- -:::: - +: For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), field mapping for the case identifier. You must provide `fieldtype`, `id`, `key`, and `name` values. + Data type: `string` `xpack.actions.preconfigured..config.mappings.caseNameConfig` -: ::::{admonition} -For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), field mapping for the case name. You must provide `fieldtype`, `id`, `key`, and `name` values. - -Data type: `string`
- -:::: - +: For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), field mapping for the case name. You must provide `fieldtype`, `id`, `key`, and `name` values. + Data type: `string` `xpack.actions.preconfigured..config.mappings.commentsConfig` -: ::::{admonition} -For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), field mapping for the case comments. You must provide `fieldtype`, `id`, `key`, and `name` values. - -Data type: `string`
- -:::: - +: For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), field mapping for the case comments. You must provide `fieldtype`, `id`, `key`, and `name` values. + Data type: `string` `xpack.actions.preconfigured..config.mappings.descriptionConfig` -: ::::{admonition} -For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), field mapping for the case description. You must provide `fieldtype`, `id`, `key`, and `name` values. - -Data type: `string`
- -:::: - +: For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), field mapping for the case description. You must provide `fieldtype`, `id`, `key`, and `name` values. + Data type: `string` `xpack.actions.preconfigured..config.mappings.ruleNameConfig` -: ::::{admonition} -For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), field mapping for the rule name. You must provide `fieldtype`, `id`, `key`, and `name` values. - -Data type: `string`
- -:::: - +: For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), field mapping for the rule name. You must provide `fieldtype`, `id`, `key`, and `name` values. + Data type: `string` `xpack.actions.preconfigured..config.mappings.severityConfig` -: ::::{admonition} -For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), specifies a field mapping for the severity. You must provide `fieldtype`, `id`, `key`, and `name` values. - -Data type: `string`
- -:::: - +: For a [Swimlane connector](/reference/connectors-kibana/swimlane-action-type.md), specifies a field mapping for the severity. You must provide `fieldtype`, `id`, `key`, and `name` values. + Data type: `string` `xpack.actions.preconfigured..config.method` -: ::::{admonition} -For a [webhook connector](/reference/connectors-kibana/webhook-action-type.md), specifies the HTTP request method, either `post` or `put`. Defaults to `post`. - -Data type: `enum`
- -Options: +: For a [webhook connector](/reference/connectors-kibana/webhook-action-type.md), specifies the HTTP request method, either `post` or `put`. Defaults to `post`. -* `post` -* `put` + Data type: `enum` -Default: `post`
- -:::: + Options: + * `post` + * `put` + Default: `post` `xpack.actions.preconfigured..config.orgId` -: ::::{admonition} -For an [{{ibm-r}} connector](/reference/connectors-kibana/resilient-action-type.md), specifies the {{ibm-r}} organization identifier. - -Data type: `string`
- -:::: - +: For an [{{ibm-r}} connector](/reference/connectors-kibana/resilient-action-type.md), specifies the {{ibm-r}} organization identifier. + Data type: `string` `xpack.actions.preconfigured..config.port` -: ::::{admonition} -For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies the port to connect to on the service provider. - -Data type: `string`
- -:::: - +: For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies the port to connect to on the service provider. + Data type: `string` `xpack.actions.preconfigured..config.projectKey` -: ::::{admonition} -For a [Jira connector](/reference/connectors-kibana/jira-action-type.md), specifies the Jira project key. - -Data type: `string`
- -:::: - +: For a [Jira connector](/reference/connectors-kibana/jira-action-type.md), specifies the Jira project key. + Data type: `string` `xpack.actions.preconfigured..config.secure` -: ::::{admonition} -For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies whether the connection will use TLS when connecting to the service provider. If not true, the connection will initially connect over TCP then attempt to switch to TLS via the SMTP STARTTLS command. - -Data type: `bool`
- -:::: - +: For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies whether the connection will use TLS when connecting to the service provider. If not true, the connection will initially connect over TCP then attempt to switch to TLS via the SMTP STARTTLS command. + Data type: `bool` `xpack.actions.preconfigured..config.service` -: ::::{admonition} -For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies the name of the email service. For example, `elastic_cloud`, `exchange_server`, `gmail`, `other`, `outlook365`, or `ses`. - -Data type: `string`
- -:::: - +: For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies the name of the email service. For example, `elastic_cloud`, `exchange_server`, `gmail`, `other`, `outlook365`, or `ses`. + Data type: `string` `xpack.actions.preconfigured..config.tenantId` -: ::::{admonition} -For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies a GUID format value that corresponds to a tenant ID, which is a part of OAuth 2.0 client credentials authentication. - -Data type: `string`
- -:::: - +: For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies a GUID format value that corresponds to a tenant ID, which is a part of OAuth 2.0 client credentials authentication. + Data type: `string` `xpack.actions.preconfigured..config.updateIncidentJson` -: :::::{admonition} -For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a stringified JSON payload with Mustache variables that is sent to the update case URL to update a case. Required variables are `case.title` and `case.description`. - -::::{note} -The JSON is validated after the Mustache variables have been placed when the REST method runs. You should manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. Data type: `string`
-:::: - - -::::: +: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a stringified JSON payload with Mustache variables that is sent to the update case URL to update a case. Required variables are `case.title` and `case.description`. + ::::{note} + The JSON is validated after the Mustache variables have been placed when the REST method runs. You should manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. + :::: + Data type: `string` `xpack.actions.preconfigured..config.updateIncidentMethod` -: ::::{admonition} -For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies the REST API HTTP request method to update the case in the third-party system. - -Data type: `enum`
+: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies the REST API HTTP request method to update the case in the third-party system. -Options: + Data type: `enum` -* `post` -* `put` -* `patch` - -Default: `put`
- -:::: + Options: + * `post` + * `put` + * `patch` + Default: `put` `xpack.actions.preconfigured..config.updateIncidentUrl` -: :::::{admonition} -For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies the REST API URL to update the case by ID in the third-party system. - -::::{note} -If you are using the `xpack.actions.allowedHosts` setting, make sure the hostname in the URL is added to the allowed hosts. Data type: `string`
-:::: - - -::::: +: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies the REST API URL to update the case by ID in the third-party system. + ::::{note} + If you are using the `xpack.actions.allowedHosts` setting, make sure the hostname in the URL is added to the allowed hosts. + :::: + Data type: `string` `xpack.actions.preconfigured..config.url` -: :::::{admonition} -A configuration URL that varies by connector: - -* For a [D3 Security connector](/reference/connectors-kibana/d3security-action-type.md), specifies the D3 Security API request URL. -* For a [Tines connector](/reference/connectors-kibana/tines-action-type.md), specifies the Tines tenant URL. -* For a [webhook connector](/reference/connectors-kibana/webhook-action-type.md), specifies the web service request URL. +: A configuration URL that varies by connector: -::::{note} -If you are using the `xpack.actions.allowedHosts` setting, make sure this hostname is added to the allowed hosts. Data type: `stringm`
-:::: - - -::::: + * For a [D3 Security connector](/reference/connectors-kibana/d3security-action-type.md), specifies the D3 Security API request URL. + * For a [Tines connector](/reference/connectors-kibana/tines-action-type.md), specifies the Tines tenant URL. + * For a [webhook connector](/reference/connectors-kibana/webhook-action-type.md), specifies the web service request URL. + ::::{note} + If you are using the `xpack.actions.allowedHosts` setting, make sure this hostname is added to the allowed hosts. + :::: + Data type: `string` `xpack.actions.preconfigured..config.userIdentifierValue` -: ::::{admonition} -For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies the user identifier. It is required when required when `xpack.actions.preconfigured..config.isOAuth` is `true`. - -Data type: `string`
- -:::: - +: For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies the user identifier. It is required when required when `xpack.actions.preconfigured..config.isOAuth` is `true`. + Data type: `string` `xpack.actions.preconfigured..config.usesBasic` -: ::::{admonition} -For an [xMatters connector](/reference/connectors-kibana/xmatters-action-type.md), specifies whether it uses HTTP basic authentication. - -Data type: `bool`
Default: `true`
- -:::: - +: For an [xMatters connector](/reference/connectors-kibana/xmatters-action-type.md), specifies whether it uses HTTP basic authentication. + Data type: `bool` + Default: `true` `xpack.actions.preconfigured..config.usesTableApi` -: ::::{admonition} -For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md) or [{{sn-sir}} connector](/reference/connectors-kibana/servicenow-sir-action-type.md), specifies whether the connector uses the Table API or the Import Set API. If set to `false`, the Elastic application should be installed in ServiceNow. - -Data type: `bool`
- -:::: - +: For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md) or [{{sn-sir}} connector](/reference/connectors-kibana/servicenow-sir-action-type.md), specifies whether the connector uses the Table API or the Import Set API. If set to `false`, the Elastic application should be installed in ServiceNow. + Data type: `bool` `xpack.actions.preconfigured..config.viewIncidentUrl` -: ::::{admonition} -For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a URL string with either the external service ID or external service title Mustache variable to view a case in the external system. - -Data type: `string`
- -:::: - +: For a [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a URL string with either the external service ID or external service title Mustache variable to view a case in the external system. + Data type: `string` `xpack.actions.preconfigured..config.webhookIntegrationUrl` -: ::::{admonition} -For a [Torq connector](/reference/connectors-kibana/torq-action-type.md), specifies the endpoint URL of the Elastic Security integration in Torq. - -Data type: `string`
- -:::: - +: For a [Torq connector](/reference/connectors-kibana/torq-action-type.md), specifies the endpoint URL of the Elastic Security integration in Torq. + Data type: `string` `xpack.actions.preconfigured..name` -: ::::{admonition} -The name of the preconfigured connector. - -Data type: `string`
- -:::: - +: The name of the preconfigured connector. + Data type: `string` `xpack.actions.preconfigured..secrets` -: :::::{admonition} -Sensitive configuration details, such as username, password, and keys, which are specific to the connector type. - -::::{tip} -Sensitive properties, such as passwords, should be stored in the [Kibana keystore](docs-content://deploy-manage/security/secure-settings.md#creating-keystore). Data type: `string`
-:::: - - -::::: +: Sensitive configuration details, such as username, password, and keys, which are specific to the connector type. + ::::{tip} + Sensitive properties, such as passwords, should be stored in the [Kibana keystore](docs-content://deploy-manage/security/secure-settings.md#creating-keystore). + :::: + Data type: `string` `xpack.actions.preconfigured..secrets.accessKey` -: ::::{admonition} -For an [{{bedrock}} connector](/reference/connectors-kibana/bedrock-action-type.md), specifies the AWS access key for authentication. - -Data type: `string`
- -:::: - +: For an [{{bedrock}} connector](/reference/connectors-kibana/bedrock-action-type.md), specifies the AWS access key for authentication. + Data type: `string` `xpack.actions.preconfigured..secrets.apikey` -: ::::{admonition} -An API key secret that varies by connector. - -Data type: `string`
- -:::: - +: An API key secret that varies by connector. + Data type: `string` `xpack.actions.preconfigured..secrets.credentialsJson` -: ::::{admonition} -For an [{{gemini}} connector](/reference/connectors-kibana/gemini-action-type.md), specifies the GCP service account credentials JSON file for authentication. - -* For a [OpenAI connector](/reference/connectors-kibana/openai-action-type.md), specifies the OpenAI or Azure OpenAI API key for authentication. -* For an [{{opsgenie}} connector](/reference/connectors-kibana/opsgenie-action-type.md), specifies the {{opsgenie}} API authentication key for HTTP basic authentication. - -Data type: `string`
- -:::: +: For an [{{gemini}} connector](/reference/connectors-kibana/gemini-action-type.md), specifies the GCP service account credentials JSON file for authentication. + * For a [OpenAI connector](/reference/connectors-kibana/openai-action-type.md), specifies the OpenAI or Azure OpenAI API key for authentication. + * For an [{{opsgenie}} connector](/reference/connectors-kibana/opsgenie-action-type.md), specifies the {{opsgenie}} API authentication key for HTTP basic authentication. + Data type: `string` `xpack.actions.preconfigured..secrets.apiKeyId` -: ::::{admonition} -For an [{{ibm-r}} connector](/reference/connectors-kibana/resilient-action-type.md), specifies the authentication key ID for HTTP basic authentication. - -Data type: `string`
- -:::: - +: For an [{{ibm-r}} connector](/reference/connectors-kibana/resilient-action-type.md), specifies the authentication key ID for HTTP basic authentication. + Data type: `string` `xpack.actions.preconfigured..secrets.apiKeySecret` -: ::::{admonition} -For an [{{ibm-r}} connector](/reference/connectors-kibana/resilient-action-type.md), specifies the authentication key secret for HTTP basic authentication. - -Data type: `string`
- -:::: - +: For an [{{ibm-r}} connector](/reference/connectors-kibana/resilient-action-type.md), specifies the authentication key secret for HTTP basic authentication. + Data type: `string` `xpack.actions.preconfigured..secrets.apiToken` -: ::::{admonition} -For a [Jira](/reference/connectors-kibana/jira-action-type.md) or [{{swimlane}} connector](/reference/connectors-kibana/swimlane-action-type.md), specifies the API authentication token for HTTP basic authentication. - -Data type: `string`
- -:::: - +: For a [Jira](/reference/connectors-kibana/jira-action-type.md) or [{{swimlane}} connector](/reference/connectors-kibana/swimlane-action-type.md), specifies the API authentication token for HTTP basic authentication. + Data type: `string` `xpack.actions.preconfigured..secrets.clientSecret` -: :::::{admonition} -A client secret that varies by connector: - -* For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies the client secret that you generated for your app in the app registration portal. It is required when the email service is `exchange_server`, which uses OAuth 2.0 client credentials authentication. -* For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies the client secret assigned to the OAuth application. It is required when `xpack.actions.preconfigured..config.isOAuth` is `true`. - -::::{note} -The client secret must be URL-encoded. Data type: `string`
-:::: +: A client secret that varies by connector: + * For an [email connector](/reference/connectors-kibana/email-action-type.md), specifies the client secret that you generated for your app in the app registration portal. It is required when the email service is `exchange_server`, which uses OAuth 2.0 client credentials authentication. + * For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies the client secret assigned to the OAuth application. It is required when `xpack.actions.preconfigured..config.isOAuth` is `true`. -::::: - + ::::{note} + The client secret must be URL-encoded. + :::: + Data type: `string` `xpack.actions.preconfigured..secrets.email` -: ::::{admonition} -An email address that varies by connector: - -* For a [Jira connector](/reference/connectors-kibana/jira-action-type.md), specifies the account email for HTTP basic authentication. -* For a [Tines connector](/reference/connectors-kibana/tines-action-type.md), specifies the email used to sign in to Tines. - -Data type: `string`
+: An email address that varies by connector: -:::: + * For a [Jira connector](/reference/connectors-kibana/jira-action-type.md), specifies the account email for HTTP basic authentication. + * For a [Tines connector](/reference/connectors-kibana/tines-action-type.md), specifies the email used to sign in to Tines. + Data type: `string` `xpack.actions.preconfigured..secrets.password` -: ::::{admonition} -A password secret that varies by connector: - -* For an [email](/reference/connectors-kibana/email-action-type.md), [webhook](/reference/connectors-kibana/webhook-action-type.md), or [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a password that is required when `xpack.actions.preconfigured..config.hasAuth` is `true`. -* For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies a password that is required when `xpack.actions.preconfigured..config.isOAuth` is `false`. -* For an [xMatters connector](/reference/connectors-kibana/xmatters-action-type.md), specifies a password that is required when `xpack.actions.preconfigured..config.usesBasic` is `true`. - -Data type: `string`
- -:::: +: A password secret that varies by connector: + * For an [email](/reference/connectors-kibana/email-action-type.md), [webhook](/reference/connectors-kibana/webhook-action-type.md), or [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a password that is required when `xpack.actions.preconfigured..config.hasAuth` is `true`. + * For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies a password that is required when `xpack.actions.preconfigured..config.isOAuth` is `false`. + * For an [xMatters connector](/reference/connectors-kibana/xmatters-action-type.md), specifies a password that is required when `xpack.actions.preconfigured..config.usesBasic` is `true`. + Data type: `string` `xpack.actions.preconfigured..secrets.privateKey` -: ::::{admonition} -For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies the RSA private key. It is required when `xpack.actions.preconfigured..config.isOAuth` is `true`. - -Data type: `string`
- -:::: - +: For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies the RSA private key. It is required when `xpack.actions.preconfigured..config.isOAuth` is `true`. + Data type: `string` `xpack.actions.preconfigured..secrets.privateKeyPassword` -: ::::{admonition} -For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies the password for the RSA private key. - -Data type: `string`
- -:::: - +: For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies the password for the RSA private key. + Data type: `string` `xpack.actions.preconfigured..secrets.routingKey` -: ::::{admonition} -For a [PagerDuty connector](/reference/connectors-kibana/pagerduty-action-type.md), specifies the 32 character PagerDuty Integration Key for an integration on a service, also referred to as the routing key. - -Data type: `string`
- -:::: - +: For a [PagerDuty connector](/reference/connectors-kibana/pagerduty-action-type.md), specifies the 32 character PagerDuty Integration Key for an integration on a service, also referred to as the routing key. + Data type: `string` `xpack.actions.preconfigured..secrets.secret` -: ::::{admonition} -For an [{{bedrock}} connector](/reference/connectors-kibana/bedrock-action-type.md), specifies the AWS secret for authentication. - -Data type: `string`
- -:::: - +: For an [{{bedrock}} connector](/reference/connectors-kibana/bedrock-action-type.md), specifies the AWS secret for authentication. + Data type: `string` `xpack.actions.preconfigured..secrets.secretsUrl` -: :::::{admonition} -For an [xMatters connector](/reference/connectors-kibana/xmatters-action-type.md) with URL authentication, specifies the request URL for the Elastic Alerts trigger in xMatters with the API key included in the URL. It is used only when `xpack.actions.preconfigured..config.usesBasic` is `false`. - -::::{note} -If you are using the `xpack.actions.allowedHosts` setting, make sure this hostname is added to the allowed hosts. Data type: `string`
-:::: - - -::::: +: For an [xMatters connector](/reference/connectors-kibana/xmatters-action-type.md) with URL authentication, specifies the request URL for the Elastic Alerts trigger in xMatters with the API key included in the URL. It is used only when `xpack.actions.preconfigured..config.usesBasic` is `false`. + ::::{note} + If you are using the `xpack.actions.allowedHosts` setting, make sure this hostname is added to the allowed hosts. + :::: + Data type: `string` `xpack.actions.preconfigured..secrets.token` -: ::::{admonition} -A token secret that varies by connector: - -* For a [D3 Security conector](/reference/connectors-kibana/d3security-action-type.md), specifies the D3 Security token. -* For a [Slack connector](/reference/connectors-kibana/slack-action-type.md), specifies the Slack bot user OAuth token. -* For a [Tines connector](/reference/connectors-kibana/tines-action-type.md), specifies the Tines API token. -* For a [Torq connector](/reference/connectors-kibana/torq-action-type.md), specifies the secret of the webhook authentication header. - -Data type: `string`
- -:::: +: A token secret that varies by connector: + * For a [D3 Security conector](/reference/connectors-kibana/d3security-action-type.md), specifies the D3 Security token. + * For a [Slack connector](/reference/connectors-kibana/slack-action-type.md), specifies the Slack bot user OAuth token. + * For a [Tines connector](/reference/connectors-kibana/tines-action-type.md), specifies the Tines API token. + * For a [Torq connector](/reference/connectors-kibana/torq-action-type.md), specifies the secret of the webhook authentication header. + Data type: `string` `xpack.actions.preconfigured..secrets.user` -: ::::{admonition} -A user name secret that varies by connector: - -* For an [email](/reference/connectors-kibana/email-action-type.md), [webhook](/reference/connectors-kibana/webhook-action-type.md), or [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a user name that is required when `xpack.actions.preconfigured..config.hasAuth` is `true`. -* For an [xMatters connector](/reference/connectors-kibana/xmatters-action-type.md), specifies a user name that is required when `xpack.actions.preconfigured..config.usesBasic` is `true`. - -Data type: `string`
+: A user name secret that varies by connector: -:::: + * For an [email](/reference/connectors-kibana/email-action-type.md), [webhook](/reference/connectors-kibana/webhook-action-type.md), or [{{webhook-cm}} connector](/reference/connectors-kibana/cases-webhook-action-type.md), specifies a user name that is required when `xpack.actions.preconfigured..config.hasAuth` is `true`. + * For an [xMatters connector](/reference/connectors-kibana/xmatters-action-type.md), specifies a user name that is required when `xpack.actions.preconfigured..config.usesBasic` is `true`. + Data type: `string` `xpack.actions.preconfigured..secrets.webhookUrl` -: :::::{admonition} -A URL that varies by connector: +: A URL that varies by connector: -* For a [Microsoft Teams](/reference/connectors-kibana/teams-action-type.md), specifies the URL of the incoming webhook. -* For a [Slack connector](/reference/connectors-kibana/slack-action-type.md), specifies the Slack webhook URL. - -::::{note} -If you are using the `xpack.actions.allowedHosts` setting, make sure the hostname is added to the allowed hosts. Data type: `string`
-:::: - - -::::: + * For a [Microsoft Teams](/reference/connectors-kibana/teams-action-type.md), specifies the URL of the incoming webhook. + * For a [Slack connector](/reference/connectors-kibana/slack-action-type.md), specifies the Slack webhook URL. + ::::{note} + If you are using the `xpack.actions.allowedHosts` setting, make sure the hostname is added to the allowed hosts. + :::: + Data type: `string` `xpack.actions.preconfigured..secrets.username` -: ::::{admonition} -For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies a user name that is required when `xpack.actions.preconfigured..config.isOAuth` is `false`. - -Data type: `string`
- -:::: - - +: For a [{{sn-itsm}}](/reference/connectors-kibana/servicenow-action-type.md), [{{sn-sir}}](/reference/connectors-kibana/servicenow-sir-action-type.md), or [{{sn-itom}} connector](/reference/connectors-kibana/servicenow-itom-action-type.md), specifies a user name that is required when `xpack.actions.preconfigured..config.isOAuth` is `false`. + Data type: `string` ## Alerting settings [alert-settings] `xpack.alerting.cancelAlertsOnRuleTimeout` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies whether to skip writing alerts and scheduling actions if rule processing was cancelled due to a timeout. This setting can be overridden by individual rule types. - -Data type: `bool`
Default: `true`
- -:::: - +: Specifies whether to skip writing alerts and scheduling actions if rule processing was cancelled due to a timeout. This setting can be overridden by individual rule types. + Data type: `bool` + Default: `true` `xpack.alerting.rules.maxScheduledPerMinute` -: ::::{admonition} -Specifies the maximum number of rules to run per minute. - -Data type: `int`
Default: `10000`
- -:::: - +: Specifies the maximum number of rules to run per minute. + Data type: `int` + Default: `10000` `xpack.alerting.rules.minimumScheduleInterval.value` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies the minimum schedule interval for rules. This minimum is applied to all rules created or updated after you set this value. The time is formatted as a number and a time unit (`s`, `m`, `h`, or `d`). For example, `20m`, `24h`, `7d`. This duration cannot exceed `1d`. - -Data type: `string`
Default: `1m`
- -:::: - +: Specifies the minimum schedule interval for rules. This minimum is applied to all rules created or updated after you set this value. The time is formatted as a number and a time unit (`s`, `m`, `h`, or `d`). For example, `20m`, `24h`, `7d`. This duration cannot exceed `1d`. + Data type: `string` + Default: `1m` `xpack.alerting.rules.minimumScheduleInterval.enforce` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies the behavior when a new or changed rule has a schedule interval less than the value defined in `xpack.alerting.rules.minimumScheduleInterval.value`. If `false`, rules with schedules less than the interval will be created but warnings will be logged. If `true`, rules with schedules less than the interval cannot be created. - -Data type: `bool`
Default: `false`
- -:::: - +: Specifies the behavior when a new or changed rule has a schedule interval less than the value defined in `xpack.alerting.rules.minimumScheduleInterval.value`. If `false`, rules with schedules less than the interval will be created but warnings will be logged. If `true`, rules with schedules less than the interval cannot be created. + Data type: `bool` + Default: `false` `xpack.alerting.rules.run.actions.max` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies the maximum number of actions that a rule can generate each time detection checks run. - -Data type: `int`
- -:::: - +: Specifies the maximum number of actions that a rule can generate each time detection checks run. + Data type: `int` `xpack.alerting.rules.run.alerts.max` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: :::::{admonition} -Specifies the maximum number of alerts that a rule can generate each time detection checks run. - -::::{warning} -The exact number of alerts your cluster can safely handle depends on your cluster configuration and workload, however setting a value higher than the default (`1000`) is not recommended or supported. Doing so could strain system resources and lead to performance issues, delays in alert processing, and potential disruptions during high alert activity periods. Data type: `int`
Default: `1000`
-:::: - - -::::: +: Specifies the maximum number of alerts that a rule can generate each time detection checks run. + ::::{warning} + The exact number of alerts your cluster can safely handle depends on your cluster configuration and workload, however setting a value higher than the default (`1000`) is not recommended or supported. Doing so could strain system resources and lead to performance issues, delays in alert processing, and potential disruptions during high alert activity periods. + :::: + Data type: `int` + Default: `1000` `xpack.alerting.rules.run.timeout` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Specifies the default timeout for tasks associated with all types of rules. The time is formatted as a number and a time unit (`ms`, `s`, `m`, `h`, `d`, `w`, `M`, or `Y`). For example, `20m`, `24h`, `7d`, `1w`. Default: `5m`. - -Data type: `string`
- -:::: - +: Specifies the default timeout for tasks associated with all types of rules. The time is formatted as a number and a time unit (`ms`, `s`, `m`, `h`, `d`, `w`, `M`, or `Y`). For example, `20m`, `24h`, `7d`, `1w`. Default: `5m`. + Data type: `string` `xpack.alerting.rules.run.ruleTypeOverrides` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Overrides the configs under `xpack.alerting.rules.run` for the rule type with the given ID. List the rule identifier and its settings in an array of objects. +: Overrides the configs under `xpack.alerting.rules.run` for the rule type with the given ID. List the rule identifier and its settings in an array of objects. -Data type: `string`
- -For example: - -```yaml -xpack.alerting.rules.run: - timeout: '5m' - ruleTypeOverrides: - - id: '.index-threshold' - timeout: '15m' -``` - -:::: + Data type: `string` + For example: + ```yaml + xpack.alerting.rules.run: + timeout: '5m' + ruleTypeOverrides: + - id: '.index-threshold' + timeout: '15m' + ``` `xpack.alerting.rules.run.actions.connectorTypeOverrides` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: ::::{admonition} -Overrides the configs under `xpack.alerting.rules.run.actions` for the connector type with the given ID. List the connector type identifier and its settings in an array of objects. - -Data type: `string`
- -For example: - -```yaml -xpack.alerting.rules.run: - actions: - max: 10 - connectorTypeOverrides: - - id: '.server-log' - max: 5 -``` - -:::: +: Overrides the configs under `xpack.alerting.rules.run.actions` for the connector type with the given ID. List the connector type identifier and its settings in an array of objects. + Data type: `string` + For example: + ```yaml + xpack.alerting.rules.run: + actions: + max: 10 + connectorTypeOverrides: + - id: '.server-log' + max: 5 + ``` diff --git a/docs/reference/configuration-reference/apm-settings.md b/docs/reference/configuration-reference/apm-settings.md index 9fe683675dc9c..230f61fd35a40 100644 --- a/docs/reference/configuration-reference/apm-settings.md +++ b/docs/reference/configuration-reference/apm-settings.md @@ -2,22 +2,25 @@ mapped_pages: - https://www.elastic.co/guide/en/kibana/current/apm-settings-kb.html - https://github.com/elastic/cloud/blob/master/docs/cloud-enterprise/ce-apm-settings.asciidoc +applies_to: + deployment: + ess: all + self: all --- # APM settings in Kibana [apm-settings-kb] These settings allow the APM app to function, and specify the data that it surfaces. Unless you’ve customized your setup, you do not need to configure any settings to use the APM app. It is enabled by default. +:::{note} +If a setting is applicable to {{ecloud}} Hosted environments, its name is followed by this icon: ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on Elastic Cloud Hosted") +::: + ## APM indices [apm-indices-settings-kb] The APM app uses data views to query APM indices. To change the default APM indices that the APM app queries, open the APM app and select **Settings** > **Indices**. Index settings in the APM app take precedence over those set in `kibana.yml`. -Starting in version 8.2.0, APM indices are {{kib}} Spaces-aware; Changes to APM index settings will only apply to the currently enabled space. - -:::{image} ../../images/apm-settings.png -:alt: APM app settings in Kibana -:class: screenshot -::: +APM indices are {{kib}} space-aware; changes to APM index settings will only apply to the currently enabled space. ## General APM settings [general-apm-settings-kb] diff --git a/docs/reference/configuration-reference/banner-settings.md b/docs/reference/configuration-reference/banner-settings.md index 445fb9bfa2782..1b3c976e3812e 100644 --- a/docs/reference/configuration-reference/banner-settings.md +++ b/docs/reference/configuration-reference/banner-settings.md @@ -2,6 +2,9 @@ navigation_title: "Banners settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/banners-settings-kb.html +applies_to: + deployment: + self: all --- # Banner settings in {{kib}} [banners-settings-kb] diff --git a/docs/reference/configuration-reference/cases-settings.md b/docs/reference/configuration-reference/cases-settings.md index 4f5a27a140445..c9e91620815f7 100644 --- a/docs/reference/configuration-reference/cases-settings.md +++ b/docs/reference/configuration-reference/cases-settings.md @@ -2,6 +2,9 @@ navigation_title: "Cases settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/cases-settings.html +applies_to: + deployment: + self: all --- # Cases settings in {{kib}} [cases-settings] diff --git a/docs/reference/configuration-reference/fleet-settings.md b/docs/reference/configuration-reference/fleet-settings.md index 17c260cee7d0f..4cce204613bfa 100644 --- a/docs/reference/configuration-reference/fleet-settings.md +++ b/docs/reference/configuration-reference/fleet-settings.md @@ -2,6 +2,10 @@ navigation_title: "{{fleet}} settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/fleet-settings-kb.html +applies_to: + deployment: + ess: all + self: all --- # {{fleet}} settings in {{kib}} [fleet-settings-kb] @@ -9,15 +13,14 @@ mapped_pages: ::::{note} In {{ecloud}}, {{fleet}} flags are already configured. - +If a setting is applicable to {{ecloud}} Hosted environments, its name is followed by this icon: ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on Elastic Cloud Hosted") :::: - -You can configure `xpack.fleet` settings in your `kibana.yml`. By default, {{fleet}} is enabled. To use {{fleet}}, you also need to configure {{kib}} and {{es}} hosts. +By default, {{fleet}} is enabled. To use {{fleet}}, you also need to configure {{kib}} and {{es}} hosts. Many {{fleet}} settings can also be configured directly through the {{fleet}} UI. See [Fleet UI settings](docs-content://reference/ingestion-tools/fleet/fleet-settings.md) for details. -See the [{{fleet}}](docs-content://reference/ingestion-tools/fleet/index.md) docs for more information about {{fleet}}. +Go to the [{{fleet}}](docs-content://reference/ingestion-tools/fleet/index.md) docs for more information about {{fleet}}. ## General {{fleet}} settings [general-fleet-settings-kb] @@ -27,6 +30,9 @@ See the [{{fleet}}](docs-content://reference/ingestion-tools/fleet/index.md) doc `xpack.fleet.isAirGapped` : Set to `true` to indicate {{fleet}} is running in an air-gapped environment. Refer to [Air-gapped environments](docs-content://reference/ingestion-tools/fleet/air-gapped.md) for details. Enabling this flag helps Fleet skip needless requests and improve the user experience for air-gapped environments. +`xpack.fleet.createArtifactsBulkBatchSize` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Allow to configure batch size for creating and updating Fleet user artifacts. Examples include creation of Trusted Applications and Endpoint Exceptions in Security. It is available in {{ecloud}} 8.9.0 and later versions. +% TBD: Supported only in Elastic Cloud? ## {{package-manager}} settings [fleet-data-visualizer-settings] @@ -342,13 +348,13 @@ These settings are not supported to pre-configure the Endpoint and Cloud Securit ::::: -`xpack.fleet.enableExperimental` +`xpack.fleet.enableExperimental` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : List of experimental feature flag to enable in Fleet. + It is available in {{ecloud}} 8.6.0 and later versions. -::::{note} -Experimental features should not be enabled in production environments. The features in this section are experimental and may be changed or removed completely in future releases. Elastic will make a best effort to fix any issues, but experimental features are not supported to the same level as generally available (GA) features. - -:::: + ::::{note} + Experimental features should not be enabled in production environments. The features in this section are experimental and may be changed or removed completely in future releases. Elastic will make a best effort to fix any issues, but experimental features are not supported to the same level as generally available (GA) features. + :::: `xpack.fleet.enableManagedLogsAndMetricsDataviews` diff --git a/docs/reference/configuration-reference/general-settings.md b/docs/reference/configuration-reference/general-settings.md index 0c21715e9fdaf..76c69f4c4a92b 100644 --- a/docs/reference/configuration-reference/general-settings.md +++ b/docs/reference/configuration-reference/general-settings.md @@ -1,19 +1,16 @@ --- -mapped_pages: - - https://www.elastic.co/guide/en/kibana/current/settings.html +navigation_title: General settings +applies_to: + deployment: + ess: all + self: all --- -# Configure {{kib}} [settings] +# General settings in {{kib}} -The {{kib}} server reads properties from the `kibana.yml` file on startup. The location of this file differs depending on how you installed {{kib}}. For example, if you installed {{kib}} from an archive distribution (`.tar.gz` or `.zip`), by default it is in `$KIBANA_HOME/config`. By default, with package distributions (Debian or RPM), it is in `/etc/kibana`. The config directory can be changed via the `KBN_PATH_CONF` environment variable: - -```text -KBN_PATH_CONF=/home/kibana/config ./bin/kibana -``` - -The default host and port settings configure {{kib}} to run on `localhost:5601`. To change this behavior and allow remote users to connect, you’ll need to update your `kibana.yml` file. You can also enable SSL and set a variety of other options. - -Environment variables can be injected into configuration using `${MY_ENV_VAR}` syntax. By default, configuration validation will fail if an environment variable used in the config file is not present when Kibana starts. This behavior can be changed by using a default value for the environment variable, using the `${MY_ENV_VAR:defaultValue}` syntax. +:::{note} +If a setting is applicable to {{ecloud}} Hosted environments, its name is followed by this icon: ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on Elastic Cloud Hosted") +::: `console.ui.enabled` : Toggling this causes the server to regenerate assets on the next startup, which may cause a delay before pages start being served. Set to `false` to disable Console. **Default: `true`** @@ -22,11 +19,11 @@ Environment variables can be injected into configuration using `${MY_ENV_VAR}` s : Add sources for the [Content Security Policy `script-src` directive](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src). `csp.disableUnsafeEval` -: [8.7.0] Set this to `false` to add the [`unsafe-eval`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src#unsafe_eval_expressions) source expression to the `script-src` directive. **Default: `true`** +: Deprecated in 8.7.0. Use `csp.script_src: ['unsafe-eval']` instead if you wish to enable `unsafe-eval`. This config option will have no effect in a future version. + Set this to `false` to add the [`unsafe-eval`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src#unsafe_eval_expressions) source expression to the `script-src` directive. **Default: `true`** When `csp.disableUnsafeEval` is set to `true`, Kibana will use a custom version of the Handlebars template library. Handlebars is used in various locations in the Kibana frontend where custom templates can be supplied by the user when for instance setting up a visualisation. If you experience any issues rendering Handlebars templates, please set this setting to `false` and [open an issue](https://github.com/elastic/kibana/issues/new/choose) in the Kibana GitHub repository. - `csp.worker_src` : Add sources for the [Content Security Policy `worker-src` directive](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/worker-src). @@ -73,11 +70,17 @@ $$$csp-strict$$$ `csp.strict` `csp.warnLegacyBrowsers` : Shows a warning message after loading {{kib}} to any browser that does not enforce even rudimentary CSP rules, though {{kib}} is still accessible. This configuration is effectively ignored when [`csp.strict`](#csp-strict) is enabled. **Default: `true`** -`permissionsPolicy.report_to:` -: Add sources for the [Permissions Policy `report-to` directive](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy). +`data.autocomplete.valueSuggestions.terminateAfter` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Specifies the max number of documents loaded by each shard to generate autocomplete suggestions. The default is 100000. Allowed values are between 1 and 10000000. +% TBD: Applicable only to Elastic Cloud? + +`data.autocomplete.valueSuggestions.timeout` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Specifies the time in milliseconds to wait for autocomplete suggestions from Elasticsearch. The default is 1000. Allowed values are between 1 and 1200000. +% TBD: Applicable only to Elastic Cloud? -$$$elasticsearch-maxSockets$$$ `elasticsearch.maxSockets` +$$$elasticsearch-maxSockets$$$ `elasticsearch.maxSockets` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : The maximum number of sockets that can be used for communications with {{es}}. **Default: `Infinity`** + It is available in {{ecloud}} 8.2.0 and later versions. $$$elasticsearch-maxResponseSize$$$ `elasticsearch.maxResponseSize` : Either `false` or a `byteSize` value. When set, responses from {{es}} with a size higher than the defined limit will be rejected. This is intended to be used as a circuit-breaker mechanism to avoid memory errors in case of unexpectedly high responses coming from {{es}}. **Default: `false`** @@ -89,7 +92,7 @@ $$$elasticsearch-idleSocketTimeout$$$ `elasticsearch.idleSocketTimeout` : The timeout for idle sockets kept open between {{kib}} and {{es}}. If the socket is idle for longer than this timeout, it will be closed. If you have a transparent proxy between {{kib}} and {{es}} be sure to set this value lower than or equal to the proxy’s timeout. **Default: `60s`** `elasticsearch.customHeaders` -: | Header names and values to send to {{es}}. Any custom headers cannot be overwritten by client-side headers, regardless of the [`elasticsearch.requestHeadersWhitelist`](#elasticsearch-requestHeadersWhitelist) configuration. **Default: `{}`** +: Header names and values to send to {{es}}. Any custom headers cannot be overwritten by client-side headers, regardless of the [`elasticsearch.requestHeadersWhitelist`](#elasticsearch-requestHeadersWhitelist) configuration. **Default: `{}`** $$$elasticsearch-hosts$$$ `elasticsearch.hosts:` : The URLs of the {{es}} instances to use for all your queries. All nodes listed here must be on the same cluster. **Default: `[ "http://localhost:9200" ]`** @@ -112,8 +115,10 @@ $$$elasticsearch-requestTimeout$$$ `elasticsearch.requestTimeout` `elasticsearch.shardTimeout` : Time in milliseconds for {{es}} to wait for responses from shards. Set to 0 to disable. **Default: `30000`** -`elasticsearch.compression` -: Specifies whether {{kib}} should use compression for communications with {{es}}. **Default: `false`** +`elasticsearch.compression` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Specifies whether {{kib}} should use compression for communications with {{es}}. + **Default: `false`** + It is available in {{ecloud}} 8.3.0 and later versions. `elasticsearch.sniffInterval` : Time in milliseconds between requests to check {{es}} for an updated list of nodes. **Default: `false`** @@ -158,7 +163,6 @@ $$$elasticsearch-ssl-keystore-path$$$ `elasticsearch.ssl.keystore.path` This setting cannot be used in conjunction with [`elasticsearch.ssl.certificate`](#elasticsearch-ssl-cert-key) or [`elasticsearch.ssl.key`](#elasticsearch-ssl-cert-key). :::: - `elasticsearch.ssl.keystore.password` : The password that decrypts the keystore specified via [`elasticsearch.ssl.keystore.path`](#elasticsearch-ssl-keystore-path). If the keystore has no password, leave this as blank. If the keystore has an empty password, set this to `""`. @@ -180,16 +184,10 @@ $$$elasticsearch-user-passwd$$$ `elasticsearch.username` and `elasticsearch.pass $$$elasticsearch-service-account-token$$$ `elasticsearch.serviceAccountToken` : If your {{es}} is protected with basic authentication, this token provides the credentials that the {{kib}} server uses to perform maintenance on the {{kib}} index at startup. This setting is an alternative to `elasticsearch.username` and `elasticsearch.password`. -`unifiedSearch.autocomplete.valueSuggestions.timeout` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: Time in milliseconds to wait for autocomplete suggestions from {{es}}. This value must be a whole number greater than zero. **Default: `"1000"`** - -`unifiedSearch.autocomplete.valueSuggestions.terminateAfter` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: Maximum number of documents loaded by each shard to generate autocomplete suggestions. This value must be a whole number greater than zero. **Default: `"100000"`** - - ::::{note} - To reload the logging settings, send a SIGHUP signal to {{kib}}. For more logging configuration options, see the [Configure Logging in {{kib}}](docs-content://deploy-manage/monitor/logging-configuration/kibana-logging.md) guide. - :::: - +`execution_context.enabled` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Propagate request-specific metadata to Elasticsearch server by way of the `x-opaque-id` header. + It is available in {{ecloud}} 8.1.0 and later versions. +% TBD: Available only in Elastic Cloud? $$$logging-root$$$ `logging.root` : The `root` logger has is a [dedicated logger](docs-content://deploy-manage/monitor/logging-configuration/kibana-logging.md#dedicated-loggers) and is pre-configured. The `root` logger logs at `info` level by default. If any other logging configuration is specified, `root` *must* also be explicitly configured. @@ -248,9 +246,19 @@ $$$tilemap-subdomains$$$ `map.tilemap.options.subdomains` ![logo cloud](https:// $$$tilemap-url$$$ `map.tilemap.url` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : The URL to the service that {{kib}} uses as the default basemap in [maps](docs-content://explore-analyze/visualize/maps.md) and [vega maps](docs-content://explore-analyze/visualize/custom-visualizations-with-vega.md#vega-with-a-map). By default, {{kib}} sets a basemap from the [Elastic Maps Service](docs-content://explore-analyze/visualize/maps/maps-connect-to-ems.md), but users can point to their own Tile Map Service. For example: `"https://tiles.elastic.co/v2/default/{{z}}/{x}/{{y}}.png?elastic_tile_service_tos=agree&my_app_name=kibana"` -`migrations.batchSize` +`migrations.batchSize` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Defines the number of documents migrated at a time. The higher the value, the faster the Saved Objects migration process performs at the cost of higher memory consumption. If upgrade migrations results in {{kib}} crashing with an out of memory exception or fails due to an Elasticsearch `circuit_breaking_exception`, use a smaller `batchSize` value to reduce the memory pressure. **Default: `1000`** +`migrations.discardUnknownObjects` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Discard saved objects with unknown types during a migration. Must be set to the target version, for example: `8.4.0`. Default: undefined. + It is available in {{ecloud}} 8.4.0 and later versions. +% TBD: Supported only in Elastic Cloud? + +`migrations.discardCorruptObjects` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Discard corrupt saved objects, as well as those that cause transform errors during a migration. Must be set to the target version, for example: `8.4.0`. Default: undefined. + It is available in {{ecloud}} 8.4.0 and later versions. +% TBD: Supported only in Elastic Cloud? + `migrations.maxBatchSizeBytes` : Defines the maximum payload size for indexing batches of upgraded saved objects to avoid migrations failing due to a 413 Request Entity Too Large response from Elasticsearch. This value should be lower than or equal to your Elasticsearch cluster’s `http.max_content_length` configuration option. **Default: `100mb`** @@ -261,17 +269,11 @@ $$$tilemap-url$$$ `map.tilemap.url` ![logo cloud](https://doc-icons.s3.us-east-2 : Controls whether to enable the newsfeed system for the {{kib}} UI notification center. Set to `false` to disable the newsfeed system. **Default: `true`** `node.roles` -: [preview] Indicates which roles to configure the {{kib}} process with, which will effectively run {{kib}} in different modes. Valid options are `background_tasks` and `ui`, or `*` to select all roles. **Default: `*`** +: Indicates which roles to configure the {{kib}} process with, which will effectively run {{kib}} in different modes. Valid options are `background_tasks` and `ui`, or `*` to select all roles. **Default: `*`**. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features. `notifications.connectors.default.email` : Choose the default email connector for user notifications. As of `8.6.0`, {{kib}} is shipping with a new notification mechanism that will send email notifications for various user actions, e.g. assigning a *Case* to a user. To enable notifications, an email connector must be [preconfigured](/reference/connectors-kibana/pre-configured-connectors.md) in the system via `kibana.yml`, and the notifications plugin must be configured to point to the ID of that connector. -$$$path-data$$$ `path.data` -: The path where {{kib}} stores persistent data not saved in {{es}}. **Default: `data`** - -`pid.file` -: Specifies the path where {{kib}} creates the process ID file. - `ops.interval` : Set the interval in milliseconds to sample system and process performance metrics. The minimum value is 100. **Default: `5000`** @@ -281,6 +283,16 @@ $$$ops-cGroupOverrides-cpuPath$$$ `ops.cGroupOverrides.cpuPath` $$$ops-cGroupOverrides-cpuAcctPath$$$ `ops.cGroupOverrides.cpuAcctPath` : Override for cgroup cpuacct path when mounted in a manner that is inconsistent with `/proc/self/cgroup`. +$$$path-data$$$ `path.data` +: The path where {{kib}} stores persistent data not saved in {{es}}. **Default: `data`** + +`permissionsPolicy.report_to:` +: Add sources for the [Permissions Policy `report-to` directive](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy). + + +`pid.file` +: Specifies the path where {{kib}} creates the process ID file. + $$$savedObjects-maxImportExportSize$$$ `savedObjects.maxImportExportSize` : The maximum count of saved objects that can be imported or exported. This setting exists to prevent the {{kib}} server from running out of memory when handling large numbers of saved objects. It is recommended to only raise this setting if you are confident your server can hold this many objects in memory. **Default: `10000`** @@ -290,6 +302,10 @@ $$$savedObjects-maxImportPayloadBytes$$$ `savedObjects.maxImportPayloadBytes` $$$server-basePath$$$ `server.basePath` : Enables you to specify a path to mount {{kib}} at if you are running behind a proxy. Use the [`server.rewriteBasePath`](#server-rewriteBasePath) setting to tell {{kib}} if it should remove the basePath from requests it receives, and to prevent a deprecation warning at startup. This setting cannot end in a slash (`/`). +`server.defaultRoute` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Specifies the default route when opening Kibana. You can use this setting to modify the landing page when opening Kibana. +% TBD: Applicable only to Elastic Cloud? + $$$server-publicBaseUrl$$$ `server.publicBaseUrl` : The publicly available URL that end-users access Kibana at. Must include the protocol, hostname, port (if different than the defaults for `http` and `https`, 80 and 443 respectively), and the [`server.basePath`](#server-basePath) (when that setting is configured explicitly). This setting cannot end in a slash (`/`). @@ -297,10 +313,10 @@ $$$server-compression$$$ `server.compression.enabled` : Set to `false` to disable HTTP compression for all responses. **Default: `true`** `server.cors.enabled` -: [preview] Set to `true` to allow cross-origin API calls. **Default:** `false` +: Set to `true` to allow cross-origin API calls. **Default:** `false`. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features. `server.cors.allowCredentials` -: [preview] Set to `true` to allow browser code to access response body whenever request performed with user credentials. **Default:** `false` +: Set to `true` to allow browser code to access response body whenever request performed with user credentials. **Default:** `false`. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features. `server.cors.allowOrigin` : experimental::[] List of origins permitted to access resources. You must specify explicit hostnames and not use `server.cors.allowOrigin: ["*"]` when `server.cors.allowCredentials: true`. **Default:** ["*"] @@ -308,29 +324,31 @@ $$$server-compression$$$ `server.compression.enabled` `server.compression.referrerWhitelist` : Specifies an array of trusted hostnames, such as the {{kib}} host, or a reverse proxy sitting in front of it. This determines whether HTTP compression may be used for responses, based on the request `Referer` header. This setting may not be used when [`server.compression.enabled`](#server-compression) is set to `false`. **Default: `none`** -`server.compression.brotli.enabled` -: Set to `true` to enable brotli (br) compression format. Note: browsers not supporting brotli compression will fallback to using gzip instead. This setting may not be used when [`server.compression.enabled`](#server-compression) is set to `false`. **Default: `false`** +`server.compression.brotli.enabled` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Set to `true` to enable brotli (br) compression format. NOTE: Browsers not supporting brotli compression will fallback to using gzip instead. This setting may not be used when [`server.compression.enabled`](#server-compression) is set to `false`. **Default: `false`** + It is available in {{ecloud}} 8.6.0 and later versions. -$$$server-securityResponseHeaders-strictTransportSecurity$$$ `server.securityResponseHeaders.strictTransportSecurity` +$$$server-securityResponseHeaders-strictTransportSecurity$$$ `server.securityResponseHeaders.strictTransportSecurity` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Controls whether the [`Strict-Transport-Security`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) header is used in all responses to the client from the {{kib}} server, and specifies what value is used. Allowed values are any text value or `null`. To disable, set to `null`. **Default:** `null` -$$$server-securityResponseHeaders-xContentTypeOptions$$$ `server.securityResponseHeaders.xContentTypeOptions` +$$$server-securityResponseHeaders-xContentTypeOptions$$$ `server.securityResponseHeaders.xContentTypeOptions` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Controls whether the [`X-Content-Type-Options`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) header is used in all responses to the client from the {{kib}} server, and specifies what value is used. Allowed values are `nosniff` or `null`. To disable, set to `null`. **Default:** `"nosniff"` -$$$server-securityResponseHeaders-referrerPolicy$$$ `server.securityResponseHeaders.referrerPolicy` +$$$server-securityResponseHeaders-referrerPolicy$$$ `server.securityResponseHeaders.referrerPolicy` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Controls whether the [`Referrer-Policy`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) header is used in all responses to the client from the {{kib}} server, and specifies what value is used. Allowed values are `no-referrer`, `no-referrer-when-downgrade`, `origin`, `origin-when-cross-origin`, `same-origin`, `strict-origin`, `strict-origin-when-cross-origin`, `unsafe-url`, or `null`. To disable, set to `null`. **Default:** `"strict-origin-when-cross-origin"` -$$$server-securityResponseHeaders-permissionsPolicy$$$ `server.securityResponseHeaders.permissionsPolicy` -: [preview] Controls whether the [`Permissions-Policy`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy) header is used in all responses to the client from the {{kib}} server, and specifies what value is used. Allowed values are any text value or `null`. Refer to the [`Permissions-Policy` documentation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy) for defined directives, values, and text format. To disable, set to `null`. **Default:** `camera=(), display-capture=(), fullscreen=(self), geolocation=(), microphone=(), web-share=()` +$$$server-securityResponseHeaders-permissionsPolicy$$$ `server.securityResponseHeaders.permissionsPolicy` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Controls whether the [`Permissions-Policy`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy) header is used in all responses to the client from the {{kib}} server, and specifies what value is used. Allowed values are any text value or `null`. Refer to the [`Permissions-Policy` documentation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy) for defined directives, values, and text format. To disable, set to `null`. **Default:** `camera=(), display-capture=(), fullscreen=(self), geolocation=(), microphone=(), web-share=()`. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features. -$$$server-securityResponseHeaders-permissionsPolicyReportOnly$$$ `server.securityResponseHeaders.permissionsPolicyReportOnly` -: [preview] Controls whether the [`Permissions-Policy-Report-Only`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy) header is used in all responses to the client from the {{kib}} server, and specifies what value is used. Allowed values are any text value or `null`. Refer to the [`Permissions-Policy` documentation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy) for defined directives, values, and text format. +$$$server-securityResponseHeaders-permissionsPolicyReportOnly$$$ `server.securityResponseHeaders.permissionsPolicyReportOnly` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Controls whether the [`Permissions-Policy-Report-Only`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy) header is used in all responses to the client from the {{kib}} server, and specifies what value is used. Allowed values are any text value or `null`. Refer to the [`Permissions-Policy` documentation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy) for defined directives, values, and text format. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features. -$$$server-securityResponseHeaders-disableEmbedding$$$`server.securityResponseHeaders.disableEmbedding` +$$$server-securityResponseHeaders-disableEmbedding$$$`server.securityResponseHeaders.disableEmbedding` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Controls whether the [`Content-Security-Policy`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) and [`X-Frame-Options`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) headers are configured to disable embedding {{kib}} in other webpages using iframes. When set to `true`, secure headers are used to disable embedding, which adds the `frame-ancestors: 'self'` directive to the `Content-Security-Policy` response header and adds the `X-Frame-Options: SAMEORIGIN` response header. **Default:** `false` -$$$server-securityResponseHeaders-crossOriginOpenerPolicy$$$ `server.securityResponseHeaders.crossOriginOpenerPolicy` +$$$server-securityResponseHeaders-crossOriginOpenerPolicy$$$ `server.securityResponseHeaders.crossOriginOpenerPolicy` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Controls whether the [`Cross-Origin-Opener-Policy`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy) header is used in all responses to the client from the {{kib}} server, and specifies what value is used. Allowed values are `unsafe-none`, `same-origin-allow-popups`, `same-origin`, or `null`. To disable, set to `null`. **Default:** `"same-origin"` + It is available in {{ecloud}} 8.7.0 and later versions. `server.customResponseHeaders` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Header names and values to send on all responses to the client from the {{kib}} server. **Default: `{}`** @@ -344,7 +362,7 @@ $$$server-host$$$ `server.host` `server.keepaliveTimeout` : The number of milliseconds to wait for additional data before restarting the [`server.socketTimeout`](#server-socketTimeout) counter. **Default: `"120000"`** -$$$server-maxPayload$$$ `server.maxPayload` +$$$server-maxPayload$$$ `server.maxPayload` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : The maximum payload size in bytes for incoming server requests. **Default: `1048576`** `server.name` @@ -354,7 +372,7 @@ $$$server-port$$$ `server.port` : {{kib}} is served by a back end server. This setting specifies the port to use. **Default: `5601`** $$$server-protocol$$$ `server.protocol` -: [preview] The http protocol to use, either `http1` or `http2`. Set to `http1` to opt out of `HTTP/2` support when TLS is enabled. Use of `http1` may impact browser loading performance especially for dashboards with many panels. **Default**: `http2` if TLS is enabled, otherwise `http1`. +: The HTTP protocol to use, either `http1` or `http2`. Set to `http1` to opt out of `HTTP/2` support when TLS is enabled. Use of `http1` may impact browser loading performance especially for dashboards with many panels. **Default**: `http2` if TLS is enabled, otherwise `http1`. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features. ::::{note} By default, enabling `http2` requires a valid `h2c` configuration, meaning that TLS must be enabled via [`server.ssl.enabled`](#server-ssl-enabled) and [`server.ssl.supportedProtocols`](#server-ssl-supportedProtocols), if specified, must contain at least `TLSv1.2` or `TLSv1.3`. Strict validation of the `h2c` setup can be disabled by adding `server.http2.allowUnsecure: true` to the configuration. @@ -459,12 +477,13 @@ $$$server-ssl-supportedProtocols$$$ `server.ssl.supportedProtocols` $$$server-uuid$$$ `server.uuid` : The unique identifier for this {{kib}} instance. It must be a valid UUIDv4. It gets automatically generated on the first startup if not specified and persisted in the `data` path. -$$$settings-xsrf-allowlist$$$ `server.xsrf.allowlist` +$$$settings-xsrf-allowlist$$$ `server.xsrf.allowlist` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : It is not recommended to disable protections for arbitrary API endpoints. Instead, supply the `kbn-xsrf` header. The [`server.xsrf.allowlist`](#settings-xsrf-allowlist) setting requires the following format: ```text *Default: [ ]* An array of API endpoints which should be exempt from Cross-Site Request Forgery ("XSRF") protections. ``` + It is available in {{ecloud}} 8.0.0 and later versions. $$$settings-xsrf-disableProtection$$$ `server.xsrf.disableProtection` @@ -481,6 +500,21 @@ $$$settings-telemetry-optIn$$$ `telemetry.optIn` This setting can be changed at any time in [Advanced Settings](/reference/advanced-settings.md). To prevent users from changing it, set [`telemetry.allowChangingOptInStatus`](#telemetry-allowChangingOptInStatus) to `false`. **Default: `true`** +`unifiedSearch.autocomplete.valueSuggestions.timeout` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Time in milliseconds to wait for autocomplete suggestions from {{es}}. This value must be a whole number greater than zero. **Default: `"1000"`** + +`unifiedSearch.autocomplete.valueSuggestions.terminateAfter` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Maximum number of documents loaded by each shard to generate autocomplete suggestions. This value must be a whole number greater than zero. **Default: `"100000"`** + + ::::{note} + To reload the logging settings, send a SIGHUP signal to {{kib}}. For more logging configuration options, see the [Configure Logging in {{kib}}](docs-content://deploy-manage/monitor/logging-configuration/kibana-logging.md) guide. + :::: + +`vega.enableExternalUrls` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Set to `true` to allow Vega vizualizations to use data from sources other than the linked Elasticsearch cluster. In version 8.0 and later, the `vega.enableExternalUrls` is not supported. Use `vis_type_vega.enableExternalUrls` instead. + +`vis_type_table.legacyVisEnabled` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: For 7.x versions version 7.11 and later, a new version of the datatable visualization is used. Set to `true` to enable the legacy version. In version 8.0 and later, the old implementation is removed and this setting is no longer supported. `vis_type_vega.enableExternalUrls` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Set this value to true to allow Vega to use any URL to access external data sources and images. When false, Vega can only get data from {{es}}. **Default: `false`** @@ -493,7 +527,6 @@ $$$settings-explore-data-in-context$$$ `xpack.discoverEnhanced.actions.exploreDa When you create visualizations using the **Lens** drag-and-drop editor, you can use the toolbar to open and explore your data in **Discover**. For more information, check out [Explore the data in Discover](docs-content://explore-analyze/visualize/lens.md#explore-lens-data-in-discover). - $$$settings-explore-data-in-chart$$$ `xpack.discoverEnhanced.actions.exploreDataInChart.enabled` : Enables you to view the underlying documents in a data series from a dashboard panel. **Default: `false`** @@ -518,33 +551,13 @@ $$$settings-explore-data-in-chart$$$ `xpack.discoverEnhanced.actions.exploreData Rollups are deprecated and will be removed in a future version. Use [downsampling](docs-content://manage-data/data-store/data-streams/downsampling-time-series-data-stream.md) instead. :::: +`xpack.securitySolution.maxUploadResponseActionFileBytes` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Allow to configure the max file upload size for use with the Upload File Repsonse action available with the Defend Integration. To learn more, check [Endpoint Response actions](docs-content://solutions/security/endpoint-response-actions.md). + It is available in {{ecloud}} 8.9.0 and later versions. +% TBD: Available only in Elastic Cloud? `xpack.snapshot_restore.ui.enabled` : Set this value to false to disable the Snapshot and Restore UI. **Default: true** `xpack.upgrade_assistant.ui.enabled` : Set this value to false to disable the Upgrade Assistant UI. **Default: true** - -`i18n.locale` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: Set this value to change the {{kib}} interface language. Valid locales are: `en`, `zh-CN`, `ja-JP`, `fr-FR`. **Default: `en`** - - - - - - - - - - - - - - - - - - - - - diff --git a/docs/reference/configuration-reference/internationalization-settings.md b/docs/reference/configuration-reference/internationalization-settings.md index 430d6d1e69628..2473155ffcd4e 100644 --- a/docs/reference/configuration-reference/internationalization-settings.md +++ b/docs/reference/configuration-reference/internationalization-settings.md @@ -2,22 +2,24 @@ navigation_title: "i18n settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/i18n-settings-kb.html +applies_to: + deployment: + ess: all + self: all --- # i18n settings in {{kib}} [i18n-settings-kb] - You do not need to configure any settings to run Kibana in English. +`i18n.locale` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Set the {{kib}} interface language: -## General i18n settings [general-i18n-settings-kb] - -`i18n.locale` -: {{kib}} supports the following locales: - - * English - `en` (default) + * English - `en` * Chinese - `zh-CN` * Japanese - `ja-JP` * French - `fr-FR` + + **Default: `en`** diff --git a/docs/reference/configuration-reference/logging-settings.md b/docs/reference/configuration-reference/logging-settings.md index 710a0145a7802..1638906901d53 100644 --- a/docs/reference/configuration-reference/logging-settings.md +++ b/docs/reference/configuration-reference/logging-settings.md @@ -2,6 +2,9 @@ mapped_pages: - https://www.elastic.co/guide/en/kibana/current/logging-settings.html - https://github.com/elastic/cloud/blob/master/docs/cloud-enterprise/ce-kibana-logging-settings.asciidoc +applies_to: + deployment: + self: all --- # Logging settings [logging-settings] diff --git a/docs/reference/configuration-reference/logs-settings.md b/docs/reference/configuration-reference/logs-settings.md index fb36aec4bc4b6..9b7b7e0dbc49d 100644 --- a/docs/reference/configuration-reference/logs-settings.md +++ b/docs/reference/configuration-reference/logs-settings.md @@ -2,6 +2,9 @@ navigation_title: "Logs settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/logs-ui-settings-kb.html +applies_to: + deployment: + self: all --- # Logs settings in {{kib}} [logs-ui-settings-kb] @@ -18,7 +21,7 @@ The {{kib}} logs can be found per operating system under: ## General Logs settings [general-logs-ui-settings-kb] -[8.18.0] `xpack.infra.sources.default.fields.message` +`xpack.infra.sources.default.fields.message` : Fields used to display messages in the Logs app. Defaults to `['message', '@message']`. `xpack.infra.alerting.inventory_threshold.group_by_page_size` diff --git a/docs/reference/configuration-reference/map-settings.md b/docs/reference/configuration-reference/map-settings.md new file mode 100644 index 0000000000000..596f718247e72 --- /dev/null +++ b/docs/reference/configuration-reference/map-settings.md @@ -0,0 +1,64 @@ +--- +navigation_title: "Map settings" +mapped_pages: + - https://www.elastic.co/guide/en/cloud/current/ec-manage-kibana-settings.html#ec_map_settings +applies_to: + deployment: + ess: all +--- + +# Map settings in {{kib}} + +`map.regionmap` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Specifies additional vector layers for use in [Region Map](docs-content://explore-analyze/visualize/maps/maps-getting-started.md) visualizations. Each layer object points to an external vector file that contains a geojson FeatureCollection. The file must use the [WGS84 coordinate reference system](https://en.wikipedia.org/wiki/World_Geodetic_System) and only include polygons. If the file is hosted on a separate domain from Kibana, the server needs to be CORS-enabled so Kibana can download the file. The following example shows a valid regionmap configuration. + + ```yaml + map.regionmap: + includeElasticMapsService: false + layers: + - name: "Departments of France" + url: "http://my.cors.enabled.server.org/france_departements.geojson" + attribution: "INRAP" + fields: + - name: "department" + description: "Full department name" + - name: "INSEE" + description: "INSEE numeric identifier" + ``` + + +`map.regionmap.includeElasticMapsService` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Turns on or off whether layers from the Elastic Maps Service should be included in the vector layer option list. Supported on Elastic Cloud Enterprise. By turning this off, only the layers that are configured here will be included. The default is `true`. + +`map.regionmap.layers[].attribution` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Optional. References the originating source of the geojson file. + +`map.regionmap.layers[].fields[]` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Mandatory. Each layer can contain multiple fields to indicate what properties from the geojson features you wish to expose. The previous example shows how to define multiple properties. + +`map.regionmap.layers[].fields[].description` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Mandatory. The human readable text that is shown under the Options tab when building the Region Map visualization. + +`map.regionmap.layers[].fields[].name` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Mandatory. This value is used to do an inner-join between the document stored in Elasticsearch and the geojson file. For example, if the field in the geojson is called `Location` and has city names, there must be a field in Elasticsearch that holds the same values that Kibana can then use to lookup for the geoshape data. + +`map.regionmap.layers[].name` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Mandatory. A description of the map being provided. + +`map.regionmap.layers[].url` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Mandatory. The location of the geojson file as provided by a webserver. + +`tilemap.options.attribution` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Adds the map attribution string. + +`tilemap.options.maxZoom` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Sets the maximum zoom level. + +`tilemap.options.minZoom` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Sets the minimum zoom level. + +`tilemap.options.subdomains` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Provides an array of subdomains used by the tile service. Specify the position of the subdomain the URL with the token `{{s}}`. + +`tilemap.url` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Lists the URL to the tileservice that Kibana uses to display map tiles in tilemap visualizations. diff --git a/docs/reference/configuration-reference/metrics-settings.md b/docs/reference/configuration-reference/metrics-settings.md index 84079a2aa293f..a700b0313043b 100644 --- a/docs/reference/configuration-reference/metrics-settings.md +++ b/docs/reference/configuration-reference/metrics-settings.md @@ -2,6 +2,9 @@ navigation_title: "Metrics settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/infrastructure-ui-settings-kb.html +applies_to: + deployment: + self: all --- # Metrics settings in {{kib}} [infrastructure-ui-settings-kb] @@ -12,8 +15,8 @@ You do not need to configure any settings to use the Metrics app in {{kib}}. It ## General Metrics settings [general-infra-ui-settings-kb] -[8.18.0] `xpack.infra.sources.default.fields.message` -: Fields used to display messages in the Logs app. Defaults to `['message', '@message']`. +`xpack.infra.sources.default.fields.message` +: Deprecated in 8.18. Fields used to display messages in the Logs app. Defaults to `['message', '@message']`. `xpack.infra.alerting.inventory_threshold.group_by_page_size` : Controls the size of the composite aggregations used by the Inventory Threshold to retrieve all the hosts. Defaults to `10_000`. diff --git a/docs/reference/configuration-reference/monitoring-settings.md b/docs/reference/configuration-reference/monitoring-settings.md index 7bbe7685d65ef..d37a7081a0158 100644 --- a/docs/reference/configuration-reference/monitoring-settings.md +++ b/docs/reference/configuration-reference/monitoring-settings.md @@ -2,27 +2,33 @@ navigation_title: "Monitoring settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/monitoring-settings-kb.html +applies_to: + deployment: + ess: all + self: all --- # Monitoring settings in {{kib}} [monitoring-settings-kb] - By default, **{{stack-monitor-app}}** is enabled, but data collection is disabled. When you first start {{kib}} monitoring, you are prompted to enable data collection. If you are using {{stack-security-features}}, you must be signed in as a user with the `cluster:manage` privilege to enable data collection. The built-in `superuser` role has this privilege and the built-in `elastic` user has this role. You can adjust how monitoring data is collected from {{kib}} and displayed in {{kib}} by configuring settings in the `kibana.yml` file. There are also `monitoring.ui.elasticsearch.*` settings, which support the same values as [{{kib}} configuration settings](/reference/configuration-reference/general-settings.md). To control how data is collected from your {{es}} nodes, you configure [`xpack.monitoring.collection` settings](elasticsearch://reference/elasticsearch/configuration-reference/monitoring-settings.md) in `elasticsearch.yml`. To control how monitoring data is collected from Logstash, configure monitoring settings in `logstash.yml`. -For more information, see [Monitor a cluster](docs-content://deploy-manage/monitor.md). +For more information, check out [Monitor a cluster](docs-content://deploy-manage/monitor.md). +:::{note} +If a setting is applicable to {{ecloud}} Hosted environments, its name is followed by this icon: ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on Elastic Cloud Hosted") +::: ## General monitoring settings [monitoring-general-settings] `monitoring.cluster_alerts.email_notifications.enabled` -: [7.11.0] When enabled, sends email notifications for Watcher alerts to the specified email address. The default is `true`. +: Deprecated in 7.11. When enabled, sends email notifications for Watcher alerts to the specified email address. The default is `true`. `monitoring.cluster_alerts.email_notifications.email_address` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: [7.11.0] When enabled, specifies the email address where you want to receive cluster alert notifications. +: Deprecated in 7.11. When enabled, specifies the email address where you want to receive cluster alert notifications. `monitoring.ui.ccs.enabled` : Set to `true` (default) to enable [cross-cluster search](docs-content://solutions/search/cross-cluster-search.md) of your monitoring data. The [`remote_cluster_client`](docs-content://deploy-manage/remote-clusters/remote-clusters-settings.md) role must exist on each node. diff --git a/docs/reference/configuration-reference/reporting-settings.md b/docs/reference/configuration-reference/reporting-settings.md index a9f1bce6f4463..bae7810205284 100644 --- a/docs/reference/configuration-reference/reporting-settings.md +++ b/docs/reference/configuration-reference/reporting-settings.md @@ -2,12 +2,16 @@ navigation_title: "Reporting settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/reporting-settings-kb.html +applies_to: + deployment: + ess: all + self: all --- # Reporting settings in {{kib}} [reporting-settings-kb] -You can configure `xpack.reporting` settings in your `kibana.yml` to: +You can configure `xpack.reporting` settings to: * [Enable or disable the {{report-features}}](#general-reporting-settings) * [Configure an encryption key to protect sensitive authentication data](#encryption-keys) @@ -16,6 +20,9 @@ You can configure `xpack.reporting` settings in your `kibana.yml` to: * [Control how screenshots are captured for PNG/PDF reports](#reporting-capture-settings) * [Control the limits and capabilities of CSV reports](#reporting-csv-settings) +:::{note} +If a setting is applicable to {{ecloud}} Hosted environments, its name is followed by this icon: ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on Elastic Cloud Hosted") +::: ## Enable reporting [general-reporting-settings] @@ -224,6 +231,9 @@ Reporting parameters can be adjusted to overcome some of these limiting scenario :::: +`xpack.reporting.csv.maxConcurrentShardRequests` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Sets the maximum number of concurrent shard requests that each sub-search request executes per node during Kibana CSV export. Defaults to `5`. This setting is available in 8.12.0 and later versions in {{ecloud}}. +% TBD: Is this setting applicable only to Elastic Cloud? $$$xpack-reporting-csv$$$ `xpack.reporting.csv.maxSizeBytes` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : The maximum [byte size](elasticsearch://reference/elasticsearch/rest-apis/api-conventions.md#byte-units) of a CSV file before being truncated. This setting exists to prevent large exports from causing performance and storage issues. Can be specified as a number of bytes. Defaults to `250mb`. diff --git a/docs/reference/configuration-reference/search-sessions-settings.md b/docs/reference/configuration-reference/search-sessions-settings.md index 6c896e76e0496..6b97de20dbdd6 100644 --- a/docs/reference/configuration-reference/search-sessions-settings.md +++ b/docs/reference/configuration-reference/search-sessions-settings.md @@ -2,29 +2,28 @@ navigation_title: "Search sessions settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/search-session-settings-kb.html +applies_to: + stack: deprecated 8.15.0 + deployment: + ess: all + self: all --- # Search sessions settings in {{kib}} [search-session-settings-kb] +:::{note} +If a setting is applicable to {{ecloud}} Hosted environments, its name is followed by this icon: ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on Elastic Cloud Hosted") +::: -::::{admonition} Deprecated in 8.15.0. -:class: warning +`data.search.sessions.enabled` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Deprecated in 8.15.0. Set to `true` (default) to enable search sessions. -Search Sessions are deprecated and will be removed in a future version. -:::: +`data.search.sessions.notTouchedTimeout` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Deprecated in 8.15.0. How long {{kib}} stores search results from unsaved sessions, after the last search in the session completes. The default is `5m`. +`data.search.sessions.maxUpdateRetries` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Deprecated in 8.15.0. How many retries {{kib}} can perform while attempting to save a search session. The default is `10`. -Configure the search session settings in your `kibana.yml` configuration file. - -[8.15.0] `data.search.sessions.enabled` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: Set to `true` (default) to enable search sessions. - -[8.15.0] `data.search.sessions.notTouchedTimeout` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: How long {{kib}} stores search results from unsaved sessions, after the last search in the session completes. The default is `5m`. - -[8.15.0] `data.search.sessions.maxUpdateRetries` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: How many retries {{kib}} can perform while attempting to save a search session. The default is `10`. - -[8.15.0] `data.search.sessions.defaultExpiration` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") -: How long search session results are stored before they are deleted. Extending a search session resets the expiration by the same value. The default is `7d`. +`data.search.sessions.defaultExpiration` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Deprecated in 8.15.0. How long search session results are stored before they are deleted. Extending a search session resets the expiration by the same value. The default is `7d`. diff --git a/docs/reference/configuration-reference/security-settings.md b/docs/reference/configuration-reference/security-settings.md index a6a1658bcafca..7338c58d24f11 100644 --- a/docs/reference/configuration-reference/security-settings.md +++ b/docs/reference/configuration-reference/security-settings.md @@ -2,6 +2,10 @@ navigation_title: "Security settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/security-settings-kb.html +applies_to: + deployment: + ess: all + self: all --- # Security settings in {{kib}} [security-settings-kb] @@ -10,14 +14,16 @@ mapped_pages: You do not need to configure any additional settings to use the {{security-features}} in {{kib}}. They are enabled by default. ::::{important} -In high-availability deployments, make sure you use the same security settings for all instances of {{kib}}. Also consider storing sensitive security settings, such as encryption and decryption keys, securely in the Kibana Keystore, instead of keeping them in clear text in the kibana.yml file. +In high-availability deployments, make sure you use the same security settings for all instances of {{kib}}. Also consider storing sensitive security settings, such as encryption and decryption keys, securely in the Kibana keystore, instead of keeping them in clear text in the `kibana.yml` file. :::: - +:::{note} +If a setting is applicable to {{ecloud}} Hosted environments, its name is followed by this icon: ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on Elastic Cloud Hosted") +::: ### Authentication security settings [authentication-security-settings] -You configure authentication settings in the `xpack.security.authc` namespace in `kibana.yml`. +You configure authentication settings in the `xpack.security.authc` namespace. For example: @@ -75,7 +81,6 @@ xpack.security.authc.providers...showInSelector ![ You are unable to set this setting to `false` for `basic` and `token` authentication providers. :::: - xpack.security.authc.providers...accessAgreement.message ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Access agreement text in Markdown format. For more information, refer to [Access agreement](docs-content://deploy-manage/users-roles/cluster-or-deployment-auth/access-agreement.md). @@ -87,7 +92,7 @@ $$$xpack-security-provider-session-idleTimeout$$$ xpack.security.authc.providers :::: -$$$xpack-security-provider-session-lifespan$$$ xpack.security.authc.providers...session.lifespan ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +$$$xpack-security-provider-session-lifespan$$$ `xpack.security.authc.providers...session.lifespan` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Ensures that user sessions will expire after the defined time period. This behavior is also known as an "absolute timeout". If this is set to `0`, user sessions could stay active indefinitely. By default, this setting is equal to [`xpack.security.session.lifespan`](#xpack-session-lifespan). ::::{note} @@ -100,12 +105,49 @@ $$$xpack-security-provider-session-lifespan$$$ xpack.security.authc.providers.

.realm ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +`xpack.security.authc.providers.saml..realm` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : SAML realm in {{es}} that provider should use. +`xpack.security.authc.providers.saml..maxRedirectURLSize` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Specifies the maximum size of the URL that Kibana is allowed to store during the SAML handshake. +% TBD: Available only on Elastic Cloud? + xpack.security.authc.providers.saml..useRelayStateDeepLink ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Determines if the provider should treat the `RelayState` parameter as a deep link in {{kib}} during Identity Provider initiated log in. By default, this setting is set to `false`. The link specified in `RelayState` should be a relative, URL-encoded {{kib}} URL. For example, the `/app/dashboards#/list` link in `RelayState` parameter would look like this: `RelayState=%2Fapp%2Fdashboards%23%2Flist`. +`xpack.security.authc.saml.maxRedirectURLSize` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Specifies the maximum size of the URL that Kibana is allowed to store during the SAML handshake. +% TBD: Available only on Elastic Cloud? + +#### Discontinued SAML settings +```{applies_to} +ess: discontinued 8.0 +``` +The following settings are available in {{ecloud}} for all supported versions before 8.0: + +`xpack.security.authProviders` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Set to `saml` to instruct Kibana to use SAML SSO as the authentication method. +% TBD: Available only on Elastic Cloud? + +`xpack.security.public.protocol` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Set to HTTP or HTTPS. To access Kibana, HTTPS protocol is recommended. +% TBD: Available only on Elastic Cloud? + +`xpack.security.public.hostname` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Set to a fully qualified hostname to connect your users to the proxy server. +% TBD: Available only on Elastic Cloud? + +`xpack.security.public.port` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: The port number that connects your users to the proxy server (for example, 80 for HTTP or 443 for HTTPS). +% TBD: Available only on Elastic Cloud? + +`xpack.security.authc.saml.useRelayStateDeepLink` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Specifies if Kibana should treat the `RelayState` parameter as a deep link when Identity Provider Initiated login flow is used. +% TBD: Available only on Elastic Cloud? + +`server.xsrf.whitelist` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") +: Explicitly allows the SAML authentication URL within Kibana, so that the Kibana server doesn't reject external authentication messages that originate from your Identity Provider. This setting is renamed to `server.xsrf.allowlist` in version 8.0.0. +% TBD: Available only on Elastic Cloud? ### OpenID Connect authentication provider settings [oidc-authentication-provider-settings] @@ -156,8 +198,6 @@ xpack.security.authc.http.schemes[] ### Login user interface settings [login-ui-settings] -You can configure the following settings in the `kibana.yml` file. - xpack.security.loginAssistanceMessage ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Adds a message to the login UI. Useful for displaying information about maintenance windows, links to corporate sign up pages, and so on. @@ -170,16 +210,12 @@ xpack.security.authc.selector.enabled ![logo cloud](https://doc-icons.s3.us-east ### Configure a default access agreement [authentication-access-agreement-settings] -You can configure the following settings in the `kibana.yml` file. - xpack.security.accessAgreement.message ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : This setting specifies the access agreement text in Markdown format that will be used as the default access agreement for all providers that do not specify a value for `xpack.security.authc.providers...accessAgreement.message`. For more information, refer to [Access agreement](docs-content://deploy-manage/users-roles/cluster-or-deployment-auth/access-agreement.md). ### Session and cookie security settings [security-session-and-cookie-settings] -You can configure the following settings in the `kibana.yml` file. - xpack.security.cookieName : Sets the name of the cookie used for the session. The default value is `"sid"`. @@ -218,6 +254,7 @@ xpack.security.session.cleanupInterval ![logo cloud](https://doc-icons.s3.us-eas xpack.security.session.concurrentSessions.maxSessions ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ess}}") : Set the maximum number of sessions each user is allowed to have active at any given time. By default, no limit is applied. If set, the value of this option should be an integer between `1` and `1000`. When the limit is exceeded, the oldest session is automatically invalidated. + It is available in {{ecloud}} 8.7.0 and later versions. ## Encrypted saved objects settings [security-encrypted-saved-objects-settings] diff --git a/docs/reference/configuration-reference/spaces-settings.md b/docs/reference/configuration-reference/spaces-settings.md index 70c711859d660..ccda5931139f9 100644 --- a/docs/reference/configuration-reference/spaces-settings.md +++ b/docs/reference/configuration-reference/spaces-settings.md @@ -2,6 +2,9 @@ navigation_title: "Spaces settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/spaces-settings-kb.html +applies_to: + deployment: + self: all --- # Spaces settings in {{kib}} [spaces-settings-kb] diff --git a/docs/reference/configuration-reference/task-manager-settings.md b/docs/reference/configuration-reference/task-manager-settings.md index b5d4b7b1981f0..73a6e46735419 100644 --- a/docs/reference/configuration-reference/task-manager-settings.md +++ b/docs/reference/configuration-reference/task-manager-settings.md @@ -2,6 +2,9 @@ navigation_title: "Task Manager settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/task-manager-settings-kb.html +applies_to: + deployment: + self: all --- # Task Manager settings in {{kib}} [task-manager-settings-kb] diff --git a/docs/reference/configuration-reference/telemetry-settings.md b/docs/reference/configuration-reference/telemetry-settings.md index 5080c26452f82..9a890d46b13e4 100644 --- a/docs/reference/configuration-reference/telemetry-settings.md +++ b/docs/reference/configuration-reference/telemetry-settings.md @@ -2,6 +2,9 @@ navigation_title: "Telemetry settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/telemetry-settings-kbn.html +applies_to: + deployment: + self: all --- # Telemetry settings in {{kib}} [telemetry-settings-kbn] diff --git a/docs/reference/configuration-reference/url-drilldown-settings.md b/docs/reference/configuration-reference/url-drilldown-settings.md index 984b4bd593e0a..343a6d975160d 100644 --- a/docs/reference/configuration-reference/url-drilldown-settings.md +++ b/docs/reference/configuration-reference/url-drilldown-settings.md @@ -2,6 +2,9 @@ navigation_title: "URL drilldown settings" mapped_pages: - https://www.elastic.co/guide/en/kibana/current/url-drilldown-settings-kb.html +applies_to: + deployment: + self: all --- # URL drilldown settings in {{kib}} [url-drilldown-settings-kb] diff --git a/docs/reference/toc.yml b/docs/reference/toc.yml index 3cb976d1891ca..6baffa2a51243 100644 --- a/docs/reference/toc.yml +++ b/docs/reference/toc.yml @@ -14,6 +14,7 @@ toc: - file: configuration-reference/internationalization-settings.md - file: configuration-reference/logging-settings.md - file: configuration-reference/logs-settings.md + - file: configuration-reference/map-settings.md - file: configuration-reference/metrics-settings.md - file: configuration-reference/monitoring-settings.md - file: configuration-reference/reporting-settings.md