Kibana 7.7.0edit

For information about the Kibana 7.7.0 release, review the following information.

Breaking changesedit

Breaking changes can prevent your application from optimal operation and performance. Before you upgrade to 7.7.0, review the breaking changes, then mitigate the impact to your application.

Breaking changes for usersedit

There are no user-facing breaking changes in 7.7.

Breaking changes for plugin developersedit

Add addInfo toast to core notifications serviceedit

This Info toast will be used for the async search notifications.

via #60574

Goodbye, legacy data pluginedit

The legacy data plugin located in src/legacy/core_plugins/data has been removed. This change only affects legacy platform plugins which are either: 1. Importing the public/setup or public/legacy "shim" files from the legacy data plugin to access runtime contracts; or 2. importing static code from inside src/legacy/core_plugins/data; or 3. explicitly using require: ['data'] in the plugin definition.

For scenario 1 above, you should migrate your plugin to access the services you need from the new platform data plugin. These are accessible in the legacy world by using ui/new_platform:

- import { start as dataStart } from 'src/legacy/core_plugins/data/public/legacy';
+ import { npStart } from 'ui/new_platform';
+ const dataStart =;

For scenario 2, the equivalent static code you’ve been importing should now be available from src/plugins/data, in the server or public directories:

- import { someStaticUtilOrType } from 'src/legacy/core_plugins/data/public';
+ import { someStaticUtilOrType } from 'src/plugins/data/public';

For scenario 3, you should be able to safely drop the reference to the plugin, and add data to your list of dependencies in kibana.json whenever your plugin migrates to the new Kibana platform:

// index.ts
const myPluginInitializer: LegacyPluginInitializer = ({ Plugin }: LegacyPluginApi) =>
  new Plugin({
    id: 'my_plugin',
-    require: ['kibana', 'elasticsearch', 'visualizations', 'data'],
+    require: ['kibana', 'elasticsearch', 'visualizations'],

For more information on where to locate new platform data services, please refer to the table of plugins for shared application services in src/core/

via #60449

Delete FilterStateManager and QueryFilteredit

Delete unused legacy exports FilterStateManager, QueryFilter, and SavedQuery.

via #59872

Add UiSettings validation & Kibana default route redirectionedit

UiSettings definition allows to specify validation functions:

import { schema } from '@kbn/config-schema';

   myUiSetting: {
      name: ...
      value: 'value',
      schema: schema.string()

via #59694

Allow disabling xsrf protection per an endpointedit

Route configuration allows to disable xsrf protection for destructive HTTP methods:

routet.get({ path: ..., validate: ..., options: { xsrfRequired: false } })

via #58717

Add core metrics serviceedit

A new metrics API is available from core, which allows retrieving various metrics regarding the HTTP server, process, and OS load/usages.

core.metrics.getOpsMetrics$().subscribe(metrics => {
  // do something with the metrics

via #58623

Add an optional authentication mode for HTTP resourcesedit

A route config accepts authRequired: 'optional'. A user can access a resource if has valid credentials or no credentials at all. Can be useful when we grant access to a resource but want to identify a user if possible.

router.get( { path: '/',  options: { authRequired: 'optional' } }, handler);

via #58589

Migrate doc view part of discoveredit

The extension point for registering custom doc views was migrateed and can be used directly within the new platform.

A working example of the new integration can be seen in test/plugin_functional/plugins/doc_views_plugin/public/plugin.tsx.

To register doc views, list discover as a required dependency of your plugin and use the docViews.addDocView method exposed in the setup contract:

export class MyPlugin implements Plugin<void, void> {
  public setup(core: CoreSetup, { discover }: { discover: DiscoverSetup }) {
      component: props => {
        return /* ... */;
      order: 2,
      title: 'My custom doc view',

  /* ... */

via #58094

[Telemetry] Server backpressure mechanismedit

Add a backpressure mechanism for sending telemetry on the server. Usage data will always be sent from the browser even if we are also sending it from the server. Server side Telemetry usage data sender will send an OPTIONS request before `POST`ing the data to our cluster to ensure the endpoint is reachable.

Fallback mechanism

  1. Always send usage from browser regardless of the telemetry.sendUsageFrom kibana config.

Server usage backpressure

  1. Send usage from server in addition to browser if telemetry.sendUsageFrom is set to server.
  2. Initial server usage attempt is after 5 minutes from starting kibana. Attempt to send every 12 hours afterwards.
  3. Stop attempting to send usage from the server if the attempts fail three times (initial attempt 5 minutes from server start, and two consecutive 12 hours attempts).
  4. Restart attempt count after each kibana version upgrade (patch/minor/major).
  5. Restart attempt count if it succeeds in any of the 3 tries.

Sending usage mechanism from server:

Send OPTIONS request before attempting to send telemetry from server. OPTIONS is less intrusive as it does not contain any payload and is used to check if the endpoint is reachable. We can also use it in the future to check for allowed headers to use etc.

  • If OPTIONS request succeed; send usage via POST.
  • If OPTIONS request fails; dont send usage and follow the retry logic above.

via #57556

Expressions server-sideedit

It is now possible to register expression functions and types on the Kibana server and execute expressions on the server. The API is the same as in the browser-side plugin, e.g:

plugins.expressions.registerFunction(/* ... */);
const result = await'var_set name="foo" value="bar" | var name="foo"', null);

via #57537

Local actionsedit

actionIds property has been removed from`Trigger` interface in ui_actions plugin. Use attachAction() method instead, for example:

plugins.uiActions.attachAction(triggerId, actionId);

Instead of previously:

const trigger = {
  id: triggerId,
  actionIds: [actionId],

via #57451

Use log4j pattern syntaxedit

Logging output of the New platform plugins can use adjusted via new config.

via #57433

Allow savedObjects types registration from NPedit

A new registerType API has been added to the core savedObjects setup API, allowing to register savedObject types from new platform plugins

// src/plugins/my_plugin/server/saved_objects/types.ts
import { SavedObjectsType } from 'src/core/server';
import * as migrations from './migrations';

export const myType: SavedObjectsType = {
  name: 'MyType',
  hidden: false,
  namespaceAgnostic: true,
  mappings: {
    properties: {
      textField: {
        type: 'text',
      boolField: {
        type: 'boolean',
  migrations: {
    '2.0.0': migrations.migrateToV2,
    '2.1.0': migrations.migrateToV2_1

// src/plugins/my_plugin/server/plugin.ts
import { SavedObjectsClient, CoreSetup } from 'src/core/server';
import { myType } from './saved_objects';

export class Plugin() {
  setup: (core: CoreSetup) => {

Please check the migration guide for more complete examples and migration procedure.

via #57430

Expose Vis on the contract as it requires visTypesedit

In most of the places Vis used as a type, but in couple places it is used as a class. At the moment Vis as a class is not stateless, as it depends on visTypes. As it is not stateless, Vis class was removed from public exports and exposed on visualisations contract instead:

new visualizationsStart.Vis(....);

Vis as interface still can be imported as:

import { Vis } from '../../../../../core_plugins/visualizations/public';

via #56968

Add ScopedHistory to AppMountParamsedit

Kibana Platform applications should use the provided history instance to integrate routing rather than setting up their own using appBasePath (which is now deprecated).


  id: 'myApp',
  mount({ appBasePath, element }) {
      <BrowserRouter basename={appBasePath}>
        <App />
    return () => ReactDOM.unmountComponentAtNode(element);


  id: 'myApp',
  mount({ element, history }) {
      <BrowserRouter history={history}>
        <App />
    return () => ReactDOM.unmountComponentAtNode(element);

via #56705

Move new_vis_modal to visualizations pluginedit


NewVisModal component and showNewVisModal function were statically exported and received all the dependencies as props/parameters.


showNewVisModal() is part of the plugin contract and plugin dependencies are provided implicitly.


via #56654


UiComponent interface was added to kibana_utils plugin. UiComponent represents a user interface building block, like a React component, but UiComponent does not have to be implemented in React—it can be implemented in plain JS or React, or Angular, etc.

In many places in Kibana we want to be agnostic to frontend view library, i.e. instead of exposing React-specific APIs we want to expose APIs that are orthogonal to any rendering library. UiComponent interface represents such UI components. UI component receives a DOM element and props through render() method, the render() method can be called many times.

export type UiComponent<Props extends object = object> = () => {
  render(el: HTMLElement, props: Props): void;
  unmount?(): void;

Although Kibana aims to be library agnostic, Kibana itself is written in React, therefore UiComponent is designed such that it maps directly to a functional React component: UiCompnent interface corresponds to React.ComponentType type and UiCompnent props map to React component props.

To help use UiComponent interface in the codebase uiToReactComponent and reactToUiComponent helper functions were added to kibana_react plugin, they transform a UiComponent into a React component and vice versa, respectively.

const uiToReactComponent: (comp: UiComponent) => React.ComponentType;
const reactToUiComponent: (comp: React.ComponentType) => UiComponent;

via #56555

Start consuming np logging configedit

Provides experimental support of new logging format for new platform plugins. More about the logging format.

via #56480

[State Management] State syncing utils docsedit

Refer to these docs on state syncing utils.

via #56479

[NP] Move saved object modal into new platformedit

SavedObjectSaveModal, showSaveModal and SaveResult from `ui/saved_objects`, and SavedObjectFinderUi, SavedObjectMetaData and OnSaveProps from `src/plugins/kibana_react/public` were moved to a new plugin src/plugins/saved_objects.

Also now showSaveModal requires the second argument - I18nContext:

import { showSaveModal } from 'src/plugins/saved_objects/public';

showSaveModal(saveModal, npStart.core.i18n.Context);

via #56383

[State Management] State syncing helpers for query serviceedit

Query service of data plugin now has state$ observable which allows to watch for query service data changes:

interface QueryState {
  time?: TimeRange;
  refreshInterval?: RefreshInterval;
  filters?: Filter[];

interface QueryStateChange {
  time?: boolean; // time range has changed
  refreshInterval?: boolean; // refresh interval has changed
  filters?: boolean; // any filter has changed
  appFilters?: boolean; // specifies if app filters change
  globalFilters?: boolean; // specifies if global filters change

state$: Observable<{ changes: QueryStateChange; state: QueryState }>;

via #56128

Migrate saved_object_save_as_checkbox directive to Timelionedit

Use our React component SavedObjectSaveModal with showCopyOnSave={true} instead of the react directive. Note that SavedObjectSaveModal soon will be part of a new plugin, so the path will change.

import { SavedObjectSaveModal } from 'ui/saved_objects/components/saved_object_save_modal';
  onClose={() => {}}
  title={'A title'}
  objectType={'The type of you saved object'}

via #56114

ui/public cleanupedit

Removed / moved modules

In preparation for Kibana’s upcoming new platform, we are in the process of migrating away from the ui/public directory. Over time, the contents of this directory will be either deprecated or housed inside a parent plugin. If your plugin imports the listed items from the following ui/public modules, you will need to either update your import statements as indicated below, so that you are pulling these modules from their new locations, or copy the relevant code directly into your plugin.

ui/agg_types #59605

The ui/agg_types module has been removed in favor of the service provided by the data plugin in the new Kibana platform.

Additionally, aggTypes and AggConfigs have been removed in favor of a types registry and a createAggConfigs function:

// old
import { AggConfigs, aggTypes } from 'ui/agg_types';
const aggs = new AggConfigs(indexPattern, configStates, schemas);
aggTypes.metrics[0]; // countMetricAgg

// new
class MyPlugin {
  start(core, { data }) {, configStates, schemas);'count'); // countMetricAgg

// new - static code
import { search } from 'src/plugins/data/public';
const { isValidInterval } = search.aggs;

// new - types
import { BUCKET_TYPES, METRIC_TYPES } from 'src/plugins/data/public';

The above examples are not comprehensive, but represent some of the more common uses of agg_types. For more details, please refer to the interfaces in the source code, as well as the data plugin’s public/index file.

ui/time_buckets #58805

The ui/time_buckets module has been removed and is now internal to the data plugin’s search & aggregations infrastructure. We are working on an improved set of helper utilities to eventually replace the need for the TimeBuckets class.

In the meantime, if you currently rely on TimeBuckets, please copy the relevant pieces into your plugin code.

ui/filter_manager #59872

The ui/filter_manager module has been removed and now services and UI components are available on the data plugin’s query infrastructure.

via #55926

Add savedObjects mappings API to coreedit

Added API to register savedObjects mapping from the new platform.

 // my-plugin/server/mappings.ts
import { SavedObjectsTypeMappingDefinitions } from 'src/core/server';

export const mappings: SavedObjectsTypeMappingDefinitions = {
   'my-type': {
     properties: {
       afield: {
         type: "text"
 // my-plugin/server/plugin.ts
 import { mappings } from './mappings';

 export class MyPlugin implements Plugin {
   setup({ savedObjects }) {

via #55825

Remove the VisEditorTypesRegistryProvideredit

The VisEditorTypesRegistryProvider is removed. By default, visualizations will use the default editor.

To specify a custom editor use editor parameter as a key and a class with your own controller as a value in a vis type definition:

    name: 'my_new_vis',
    title: 'My New Vis',
    icon: 'my_icon',
    description: 'Cool new chart',
    editor: MyEditorController

via #55370

Explicitly test custom appRoutesedit

Tests for custom `appRoute`s are now more clear and explicitly separate from those that test other rendering service interactions.

via #55405

[NP] Platform exposes API to get authenticated user dataedit

HttpService exposes:

  • auth.get() — returns auth status and associated user data. User data are opaque to the http service. Possible auth status values:

    • authenticatedauth interceptor successfully authenticated a user.
    • unauthenticatedauth interceptor failed user authentication.
    • unknownauth interceptor has not been registered.
  • auth.isAuthenticated() - returns true, if auth interceptor successfully authenticated a user.

via #55327

Implements getStartServices on server-sideedit

Adds a new API to be able to access start dependencies when registering handlers in setup phase.

class MyPlugin implements Plugin {
  setup(core: CoreSetup, plugins: PluginDeps) {
      type: 'MY_TYPE',
      fetch: async () => {
        const [coreStart] = await core.getStartServices();
        const internalRepo = coreStart.savedObjects.createInternalRepository();
        // ...
  start() {}

via #55156

Expressions refactoredit
  • context.types > inputTypes
  • Objects should be registered instead of function wrappers around those objects.

via #54342

Refactor saved object management registry usageedit

Registration of the following SavedObjectLoader in Angular was removed:

  • savedSearches
  • savedVisualizations
  • savedDashboard

The plugins now provide the functions to create a SavedObjectLoader service, here’s an example how the services are created now:

import { createSavedSearchesService } from '../discover';
import { TypesService, createSavedVisLoader } from '../../../visualizations/public';
import { createSavedDashboardLoader } from '../dashboard';

const services = {
   savedObjectsClient: npStart.core.savedObjects.client,
   overlays: npStart.core.overlays,

const servicesForVisualizations = {,
    ...{ visualizationTypes: new TypesService().start() },

const savedSearches = createSavedSearchesService(services);
const savedVisualizations = createSavedVisLoader(servicesForVisualizations);
const savedDashboards = createSavedDashboardLoader(services);

via #54155

Enforce camelCase format for a plugin idedit

When creating a new platform plugin, you need to make sure that pluginId declared in camelCase within kibana.json manifest file. It might not match pluginPath, which is recommended to be in snake_case format.

// ok
"pluginPath": ["foo"],
"id": "foo"
// ok
"pluginPath": "foo_bar",
"id": "fooBar"

via #53759

bfetch (2)edit

Request batching and response streaming functionality of legacy Interpreter plugin has been moved out into a separate bfetch Kibana platform plugin. Now every plugin can create server endpoints and browser wrappers that can batch HTTP requests and stream responses back.

As an example, we will create a batch processing endpoint that receives a number then doubles it and streams it back. We will also consider the number to be time in milliseconds and before streaming the number back the server will wait for the specified number of milliseconds.

To do that, first create server-side batch processing route using addBatchProcessingRoute.

plugins.bfetch.addBatchProcessingRoute<{ num: number }, { num: number }>(
  () => ({
    onBatchItem: async ({ num }) => {
      // Validate inputs.
      if (num < 0) throw new Error('Invalid number');
      // Wait number of specified milliseconds.
      await new Promise(r => setTimeout(r, num));
      // Double the number and send it back.
      return { num: 2 * num };

Now on client-side create double function using batchedFunction. The newly created double function can be called many times and it will package individual calls into batches and send them to the server.

const double = plugins.bfetch.batchedFunction<{ num: number }, { num: number }>({
  url: '/my-plugin/double',

Note: the created double must accept a single object argument ({ num: number } in this case) and it will return a promise that resolves into an object, too (also { num: number } in this case).

Use the double function.

double({ num: 1 }).then(console.log, console.error); // { num: 2 }
double({ num: 2 }).then(console.log, console.error); // { num: 4 }
double({ num: 3 }).then(console.log, console.error); // { num: 6 }

via #53711

Grouped Kibana navedit

Plugins should now define a category if they have a navigation item:

  • If you want to fit into our default categories, you can use our DEFAULT_APP_CATEGORIES defined in src/core/utils/default_app_categories.ts.
  • If you want to create their own category, you can also provide any object matching the AppCategory interface defined in src/core/types/app_category.ts.

via #53545

Expose Elasticsearch from start and deprecate from setupedit

Remove any API that could allow access/query to savedObjects from core setup contract, and move them to the start contract instead. Deprecate the CoreSetup.elasticsearch API and expose CoreStart.elasticsearch instead.

via #59886

Embeddable triggersedit

Embeddables can now report ui_actions triggers that they execute through the .supportedTriggers() method. For example:

class MyEmbeddable extends Embeddable {
  supportedTriggers() {
    return ['VALUE_CLICK_TRIGGER'];

The returned list of triggers will be used in the drilldowns feature on Dashboard, where users will be able to add drilldowns to embeddable triggers.

via #58440

Force savedObject API consumers to define SO type explicitlyedit

The new interface enforces API consumers to specify SO type explicitly. Plugins can use SavedObjectAttributes to ensure their type are serializable, but it shouldn’t be used as their domain-specific type.

via #58022

Trigger contextedit

Improved types for trigger contexts, which are consumed by actions.

via #57870

Expressions debug modeedit

Add ability to execute expression in "debug" mode, which would collect execution information about each function. This is used in the Expression Explorer (developed by Canvas) and in Canvas when the expression editor is open.

via #57841

Move ui/agg_types in to shim data pluginedit
  • Moves the contents of ui/agg_types into the legacy shim data plugin
  • Re-exports contracts ui/agg_types for BWC
  • Creates dedicated interfaces for classes commonly being used as types: IAggConfig, IAggConfigs, IAggType, IFieldParamType, IMetricAggType

    • Right now these are just re-exporting the class as a type; eventually we should put more detailed typings in place.

via #56353

Stateful search bar default behaviorsedit

The goal of the stateful version of SearchBar / TopNavMenu is to be an easy way to consume the services offered by where developers should be able to provide minimal configuration and get a fully working SearchBar.

via #56160

Guide for creating alert / action types in the UIedit

Documentation to help developers integrate their alert / action type within our Management UIs

via #55963

Move search service code to NPedit

Move all of the search service code to Kibana new platform. Also deletes courier folder and moves getFlattenedObject to src/core/utils.

via #55430

Expose NP FieldFormats service to server sideedit

The fieldFormats service is used on the server side as well. At the moment, it resides in src/legacy/ui/field_formats/mixin/field_formats_service.ts and only the FE plugin exposes it.

via #55419

Update plugin generator to generate NP pluginsedit

Add more options for Kibana new platform plugin generator.

  • Generate FE components
  • Generate server side endpoint
  • Generate SCSS
  • Generate an optional .eslintrc.js file (for 3rd party plugins mostly)
  • Init git repo (for 3rd party plugins)

via #55281

Run SO migration after plugins setup phaseedit
  • Moves createScopedRepository and createInternalRepository from setup contract to start contract, and removes getScopedClient from the setup contract. There is no longer a possibility to be performing any call to SO before core’s start is done.
  • Creates the migrator, the repository accessors and runs the SO migration at the start of SavedObjectsService.start(), meaning that any SO call performed is assured to be done after the migration.
  • Changes the setClientFactory API to setClientFactoryProvider to provide a SO repository provider when registering the client factory.
  • Adapts the existing plugin calls to the removed APIs from setup to be now using getStartServices to access them on the core start contract.

via #55012

Build immutable bundles for new platform pluginsedit

Plugins that have been migrated to the "new platform" are built with a new system into their own target/public directory. To build third-party plugin’s with this new system either pass --plugin-path to node scripts/build_new_platform_plugins or use the @kbn/optimizer package in the Kibana repo to build your plugin as described in the readme for that package.

via #53976

[Search service] Asynchronous ES search strategyedit

Adds an async Elasticsearch search strategy, which utilizes the async search strategy to call the _async_search APIs in Elasticsearch, returning an observable over the responses.

via #53538

[Vis: Default editor] EUIficate and Reactify the sidebaredit

If you are using the default editor in your VisType visualization definition, remove the editor: 'default' param from it. The default editor controller will be used by default.

The default editor controller receives an optionsTemplate or optionTabs parameter. These tabs should be React components:

    name: 'my_new_vis',
    title: 'My New Vis',
    icon: 'my_icon',
    description: 'Cool new chart',
    editorConfig: {
       optionsTemplate: MyReactComponent // or if multiple tabs are required:
       optionTabs: [
           { title: 'tab 3', editor: MyReactComponent }

via #49864

[test] Consolidate top-level yarn scriptsedit

Over time Kibana has added a number of testing frameworks, but our top-level scripts have remained the same to avoid workflow changes. The current naming convention with the number of test options can leave room for ambiguity.

You’ll see two general changes: * docs will refer to the yarn script, giving us an abstraction to migrate frameworks out and avoid workflow interruptions (grunt/gulp -> node scripts/*) * test scripts now refer to the test runner, as opposed to the test type (yarn test:server -> yarn test:mocha)

via #44679

Security updatesedit

  • In 7.7.0 to 7.6.2, the Upgrade Assistant contains a prototype pollution flaw. An authenticated attacker with privileges to write to the Kibana index can insert data that could cause Kibana to execute arbitrary code. This could lead to an attacker executing code with the permissions of the Kibana process on the host system, CVE-2020-7012.

    By default, the Upgrade Assistant flaw is mitigated in all Kibana instances accessed through Elasticsearch Service.

    For all other installations, you must upgrade to 7.7.0. If you are unable to upgrade, set xpack.upgrade_assistant_enabled:false in your kibana.yml file to disable the Upgrade Assistant.

  • In 7.7.0 and earlier, TSVB contains a prototype pollution flaw. Authenticated attackers with privileges to create TSVB visualizations can insert data that could cause Kibana to execute arbitrary code. This could lead to an attacker executing code with the permissions of the Kibana process on the host system, CVE-2020-7013.

    By default, the Upgrade Assistant flaw is mitigated in all Kibana instances accessed through Elasticsearch Service.

    For all other installations, you must upgrade to 7.7.0. If you are unable to upgrade, set metrics.enabled:false in your kibana.yml file to disable TSVB.


The following functionality is deprecated in 7.7.0, and will be removed in 8.0.0. Deprecated functionality does not have an immediate impact on your application, but we strongly recommend you make the necessary updates after you upgrade to 7.7.0.

Deprecates authentication settingsedit


Deprecates the and settings used for Kibana SAML authentication.

Deprecates the settings used for Kibana OpenID Connect authentication.

For more information, refer to #53010.


  • Instead of, use<provider-name>.realm.
  • Instead of, use<provider-name>.maxRedirectURLSize.
  • Instead of, use<provider-name>.realm.

Known issuesedit

  • When you deactivate an action within a rule, the rule fails #64870
  • When you add a timestamp to the PagerDuty action, the rule fails #64871
  • Editing Saved Objects (eg. Dashboards) via the "Inspect" JSON editor in Management corrupts objects #66542
  • The server.customResponseHeaders option prevents Kibana from starting if headers are set using a type other than string. To fix this, convert your boolean and number headers to strings. For example, use my-header: "true" instead of my-header: true. #66146


  • Notifies user when security is enabled but TLS is not #60270
  • Displays warning when a permanent encryption key is missing and hides alerting UI appropriately #62772
  • Edits alert flyout #58964
  • Moves index params fields to connector config #60349
  • Adds the AlertDetails page #55671
  • License checks for actions plugin #59070
  • Updates monospace font family variable #57555
  • Shows missing permissions message to the user on the Services overview #56374
  • Settings list page for managing custom actions #56853
  • Divides "Actions menu" into sections to improve readability #56623
  • Creates settings page to manage Custom Links #57788
  • Creates custom link from Trace summary #59648
  • Writes tests for the Custom Link API #60899
  • Threshold alerts #59566
  • Adds additional (java) options #59860
  • Sync badge #55113
  • Client.ip to metadata for RUM transactions #56546
  • Adds Lens embeddables #57499
  • Switches to using EUI SuperDatePicker in time filter element #59249
  • Adds Visualize embeddable #60859
  • Adds argument to open all links in new tab within markdown element #57017
  • Updates esdocs datasource #59512
  • Improves expression autocomplete #52035
  • Use Elasticsearch _async_search instead of _search when it is available (excluding TSVB, Timelion, and Vega)[#59224}
  • When queries run more than 10 seconds, show a pop-up to allow users to run the queries beyond the configured Elasticsearch query timeout or cancel the queries #60706
  • Dashboard/add panel flow #59918
  • Moves the "Create New" button in add panel flyout to the top to make it more visible to the user #56428
Lens and visualizations
  • Creates Lens filters on click with bar, line, area charts #57261
  • Allows number formatting within Lens #56253
  • Shows a warning when you have partially configured a visualization, such as a bar chart with only an X axis #58279
  • Improves suggestion logic when dragging fields into the chart #60687
  • Disallows duplicate percentiles #58299
  • EUICodeEditor for Visualize JSON #58679
  • Supports Histogram Data Type #59387
  • Median aggregation labels now show "Median" instead of "50th percentile of" in Visualize. Custom labels are also used #58521
  • Adds positive_rate as a new aggregation to TSVB #59843
  • Makes linked saved search work when user navigates back using browser back button #59690
  • Visualization editor UI has been updated to the new styles, consistent with the rest of the platform and a more logical left-to-right flow of creating content #49864
  • Uses the Super date picker in the log stream #54280
  • Adds expandable rows with category examples #54586
  • Shows navigation bar while loading source configuration #59997
Machine Learning
  • Processes delimited files like semi-structured text #56038
  • Supports multi-line JSON notation #58870
  • Validates manual model memory input #59056
  • Clones analytics job #59791
  • Uses a new ML endpoint to estimate a model memory #60376
  • Module setup with dynamic model memory estimation #60656
  • Adds text fields to datafeed start modal #55560
  • Categorization examples privilege check #57375
  • Adds filebeat config to file dataviz #58152
  • Global calendars #57890
  • Adds indices_options to datafeed #59119
  • Displays multi-class results in evaluate panel #60760
  • Adds support for date_nanos time field in anomaly job wizard #59017
  • Uses EuiDataGrid for outlier result page #58235
  • Supports multi-line JSON notation in advanced editor #58015
  • Adds support for percentiles aggregation to Transform wizard #60763
  • Adds clone feature to transforms list #57837
  • Uses EuiDataGrid for transform wizard #52510
  • Replaces KqlFilterBar with QueryStringInput #59723
  • The Remote Clusters UI added support for enabling "proxy" mode when creating or editing a remote cluster #59221
  • Adds filter for ILM phase to Index Management #57402
  • Creates Painless Lab app #57538
  • Moves out of legacy #55331
  • Moves out of legacy and migrates server side to New Platform #55690
  • Updates Console progress bar #56628
  • Auto follow pause & resume #56615
  • Supports triple quoted JSON strings and Painless highlighting to Watcher and SearchProfiler #57563
  • Server-side batch reindexing #58598
  • Better handling of closed indices #58890
  • Advanced settings UI change to centralize save state #53693
  • The autocomplete in the dev console now supports many different types of Elasticsearch pipeline processors #60553
  • Improves Layer Style UI #58406
  • Shows field type icons in data driven styling field select #55166
  • Style icons by category #55747
  • Adds type icons to SingleFieldSelect component #56313
  • Disables style forms when they are not applied due to other style settings #55858
  • Autocompletes for custom color palettes and custom icon palettes #56446
  • Allows simultaneous opening of multiple tooltips #57226
  • Adds Top term aggregation #57875
  • Direct Discover "visualize" to open Maps application #58549
  • Top term percentage field property #59386
  • Adds UI to disable style meta and get top categories from current features #59707
  • Adds draw control to create distance filter #58163
  • Blended layer that switches between documents and clusters #57879
  • Default ES document layer scaling type to clusters and show scaling UI in the create wizard #60668
  • Disables add layer button when flyout is open #54932
  • Supports categorical styling for numbers and dates #57908
  • Setup commonly used time ranges in timepicker #56701
  • Custom Metrics for Inventory View #58072
  • Alerting for metrics explorer and inventory #58779
  • Creates a new menu for observability links #54847
  • Creates Metric Threshold Alert Type and Executor #57606
  • Supports shipping directly to the monitoring cluster #57022
  • Improves validation in truncate field formatter editor #56521
  • Variable support for interpreter #54788
  • Handles page setup errors and capture the page, don’t fail the job #58683
  • Adds the ability to search and delete historical reports in Management > Kibana > Reporting #60077
  • Recent cases widget #60993
  • Adds custom reputation link #57814
  • Exports timeline #58368
  • Rule activity monitoring #60816
  • Removes has manage api keys requirement #62446
  • Adds release notes link and updates one UI section #60825
  • Adds rule notifications #59004
  • Version 7.7 rule import #61903
  • Creates ML Rules #58053
  • Case workflow api schema #51535
  • Service Now Kibana Action #53890
  • API with io-ts validation #59265
  • Status / Batch update #59856
  • Imports timeline #60880
  • Bug/clean up phase I #61354
  • Cases clean up Phase II #61750
  • Modifies gap detection util to accept all dateMath formats #56055
  • Adds note markdown field to backend #59796
  • Adds rule markdown field to rule create, detail, and edit flows #60108
  • Adds rule markdown to timeline global notes #61026
  • ServiceNow executor #58894
  • ServiceNow action improvements #60052
  • Uses links instead of click handlers when switching spaces #57730
  • Introduce a login selector screen when multiple auth providers are enabled #53010
  • Warn when using deprecated roles #57209
  • Support for subfeature privileges #60563
  • Application Usage implemented in @kbn/analytics #58401
  • Server-side Migration to NP #60485
  • Use EuiTokens for ES field types #57911
  • Adds 7 day metrics to Application Usage telemetry #59846
  • Adds Settings Page #53550
  • Adds Alerting UI #57919
  • Adds configurable page size to monitor list #60573
  • Adds Green Icon for all up Monitors #56770
  • Implements drag and select on charts #57089
  • Fix/filter group autocomplete #57686
  • Ml detection of duration anomalies #59785

Bug fixesedit

  • Retains empty AlertsList when filter has removed all items #60501
  • Fixes alert threshold line disappears #61499
  • Cleanup action task params objects after successful execution #55227
  • Disables action plugin functionality when ESO plugin is using an ephemeral encryption key #56906
  • Makes slack param validation handle empty messages #60468
  • Makes user and password secrets optional #56823
  • Changes "url" to "urls" in APM agent instructions #60790
  • Uses ES Permission API to check if a user has permissions to read from APM indices #57311
  • Filters are not prefilled when the custom link flyout is opened from a transaction page #61650
  • .apm-agent-configuration is not created if Kibana is started while ES is not ready #61610
  • Don’t include UI filters when fetching a specific transaction #57934
  • Uses docLinks API for APM doc links #61880
  • Updates APM index pattern #61265
  • Toggles footer editable controls when you turn off edit mode #52786 #58044
  • Fixes map embeddables not showing up on PDF reports #61149
  • Limits rows in debug element #60804
  • Puts embed param into short url instead of behind it #58846
  • Allows markdown in error embeddable #62427
  • Removes flickering when opening filter bar popover #56222
  • Retains pinned filters when loading and clearing saved queries #54307
  • Specifies valid licenses for the Graph feature #55911
  • Improves graph missing workspace error message #58876
Lens and visualizations
  • Filters out pinned filters from saved object of Lens #57197
  • Adds using queries/filters for field existence endpoint #59033
  • Fixes display single bar in XYChart Bar Vis #61452
  • Resetting a layer generates new suggestions #60674
  • Fixes disabled switches in the editor #62911
  • Fixes broken Handlebar documentation links #55866
  • Shows timepicker in Timelion and TSVB #58857
  • Makes Vega remove filter work #58871
  • Makes d3 place nicely with object values #62004
  • Fixes position calculation of ticks in non-horizontal axes #62309
  • Correctly update the expanded log rate table rows #60306
Machine Learning
  • Handles Empty Partition Field Values in Single Metric Viewer #61649
  • Fixes job wizard model memory limit warnings #62331
  • Files data viz fix index pattern warning after index change #57807
  • Uses real datafeed ID for datafeed preview #60275
  • Disables start trial option when license management ui is disabled #60987
  • Fixes jobs list filter in url #61822
  • Fixes job ID in edit job flyout #61840
  • Fixes reporting of http request errors #61811
  • Ensures confusion matrix label column is correct #60308
  • Ensures column in correct position after reselect #61342
  • Ensures query bar syntax errors are shown #61333
  • Ensures job state is up to date #61678
  • Increases number of items that can be paged in calendars and filters lists #61842
  • Uses index pattern field format if one exists #61709
  • Ensures filter works as expected #62041
  • Ensures destination index pattern created #62450
  • Fixes page heading structure #56741
  • Fixes handling of index pattern with special characters #59884
  • Fixes to error handling for analytics jobs and file data viz #60249
  • Fixes Anomaly Explorer swimlane label and chart tooltips #61327
  • Prevents training_percent of 0 for analytics job #61789
  • Removes duplicate page main landmarks #56883
  • Fixes license check #58343
  • Clears Kibana index pattern cache on creation or form reset #62184
  • Adds support for additional watch action statuses #55092
  • Fixes the Upgrade Assistant where the reindexing of an index was incorrectly marked as "Done", when it still required to be reindexed. This scenario could occur if a user reindexed an index, deleted it, then restored a snapshot of the index of an older version #60789
  • Fixes several invalid documentation links in the Snapshot and Restore UI #61331
  • Fixes for console error handling and loading of autocomplete #58587
  • Fixes a bug that caused Grokdebugger simulation to break in non-Default Kibana spaces #61423
  • Fixes an issue where Console would not render the request output if localStorage quota was reached #62424
  • Fixes a bug with Console’s Copy As cURL functionality that would not properly escape single quotes in JSON string values which created issues with copying SQL queries from Console to cURL #63229
  • System index templates can’t be edited #55229
  • Not possible to edit a watch that was created with the API if the ID contains a dot #59383
  • Fixes console a11y failures #57520
  • Do not show border color for icon in legend when border width is zero #57501
  • Uses blended layer when linking discover to maps #61467
  • Fixes tooltip overflow #61564
  • Cleans up unsaved state check #61705
  • Fixes regression in loading left join fields #63325
  • Fixes cross origin error for icon spritesheets when Kibana secured via OAuth proxy #53896
  • Correctly open layer settings from add layer wizard #48971
  • Limits group by selector to only 2 fields #56800
  • Uses CPU Usage limits for Kubernetes pods when available #58424
  • Fixes toolbar popover for metrics table row #56796
  • Handles setup mode if security is disabled #53306
  • Protects against no monitoring data near end of time series #61273
  • Adds new config for logging index name #56920
  • Rollup index pattern error: must match one rollup index #56732
  • In scripted fields, unable to switch the Type #59285
  • Duplicates query filters in es request #60106
  • Bugfix dashboard unpins filters #62301
  • Fixes plugin enabled config options #60998
  • Fixes tabifyAggResponse #61214
  • Fixes parse interval #62267
  • Avoid app not found flickering while awaiting for mount #56483
  • Creates empty string filters when value not specified #57442
  • Range aggregations now use the field formatter from the index pattern, instead of no formatter #58651
  • Fixes error handling for job handler in route #60161
  • Handling a 404 when the space’s telemetry collector runs #55921
  • Allows Import timeline for authorised users #61438
  • Imports timeline schema update #61622
  • Fixes bug with timeline templates not working #60476
  • Fixes export of single rule and the icons #62394
  • Updates process and TLS tables to use ECS 1.5 fields #60854
  • Fixes bug introduced in #55859 #57441
  • UI Metrics use findAll to retrieve all Saved Objects #59891
  • Updates heartbeat index name for 7.7 #62172
  • Shows only total in snapshot heading #58376
  • Fixes PingList pagination #61481
  • Fixes es query function null reference errors #61465
  • Fixes issue with Kibana Icon in Uptime App #56837
  • Adds tests for pages #56736


  • Migrates Vega and Graph configs to new platform #57011