Kibana 7.7.1edit

See breaking changes in 7.7.

Security updateedit

In Kibana 5.4.0 and later, TSVB visualizations contain a stored XSS flaw. Attackers that can edit and create TSVB visualizations can obtain sensitive information, or perform destructive actions, on behalf of the Kibana users who edit the TSVB visualization, CVE-2020-7015.

You must upgrade to 7.7.1. If you are unable to upgrade, set metrics.enabled:false in your kibana.yml file to disable TSVB.

Bug fixesedit

  • Fixes bug with no possibility to edit the index name after adding #64033
  • Corrects validation and errors handling in PagerDuty action #63954
  • Fixes saving doc count alerts #63750
  • Fixes issue when connectors dropdown not showing all avaliable connectors #63636
  • Fixes inability to clear numeric field in a "Group over top docs" condition #63543
  • Handles when an Alerting Task fails due to its Alert object being deleted mid flight #63093 APM:
  • Encodes spaces when creating ML job #63683
  • Fixes bring to front shortcut label #67374
  • Fixes add page CSS animation bug #66496
  • Shows visualization in Safari in dashboard fullscreen #66894
  • Fixes saved object share link #66771
  • Don’t lose dashboard/visualize/discover state when navigating to other applications #66766
  • Don’t lose dashboard/visualize/discover state when navigating to other applications #66766
Lens and visualizations
  • Fixes redirect on reload #66491
  • Timelion graph is not refreshing content after searching or filtering #67023
  • Don’t lose dashboard/visualize/discover state when navigating to other applications #66766
  • Fixes redirect on reload #66491
  • Shows missing values on chart setting #66375
  • Usage of custom plugins using the @plugin statement and inline JavaScript in less code used in the TSVB Markdown visualization is not allowed anymore. Using it will simply not apply the styles #65467
  • Fixes std deviation band mode #64413
  • Reloads on ui state change and fix ui state for tsvb #63699 Machine Learning:
  • Fixes watch creation #65956
  • Fixes new job wizard with multiple indices #64567
  • Fixes optional plugin dependency types #64450
  • Ensures both keyword/text types are excluded for selected excluded field #62712
  • Fixes an integration issue with the security plugin in Ingest Pipelines and Snapshot and Restore that would incorrectly report requiring security to be enabled when the plugins should work normally without security. This affects the default docker distribution #67308
  • Preserves saved object references when saving the object #66584
  • Fixes detail panel for indices with % in the name #66435
  • Setting dev_tools.enabled: false in kibana.yml will no longer crash Kibana #66276
  • Fixes mappings keyword in Index Management plugin (Index detail pane, Mapping tab)]
  • Handle cross cluster index _settings resp #66797
  • Fixes edit filter #64586
  • Migrating Docker network fields #65133
  • Removes APM Hard Dependency #64952
  • Fixes for editing alerts in alert management #64597
  • Fixes alerting when a filter query is present #64575
  • Allows users to create alerts from the central Alerts UI #63803
  • Remove remaining field filtering #63398
  • Uses custom route to ensure global state is preserved #63891
  • Ensures time picker is actually disabled #63709
  • Fixes server response errors #63181
  • Allows any type for customResponseHeaders config #66689
  • Allows IdP initiated SAML login with session containing expired token #59686
  • Updates alert apiKey when the rule is updated #67364
  • Fixes Network Map empty tooltip #66828
  • Changes find_statuses route HTTP method from GET to POST #63508
  • Updates duration chart query filters #63620