Enhancements and bug fixes


Enhancements and bug fixesedit

For detailed information about the 8.13.0 release, review the enhancements and bug fixes.


  • Improve default AlertsTable columns configuration (#176137).
  • Evenly distribute bulk-enabled alerting rules (#172742).
  • Implement a mechanism to copy source data into the alerts-as-data documents for ES Query rules (#171129).
  • Adds detectors for anomaly rules creation (#171901).
  • Allows Universal Profiling agent to send error frames (#176537).
  • Adds Azure settings (#176386).
  • Adds table search to services, transactions and errors (#174490).
  • Adds memoization to hooks consumed on service inventory page (#173973).
  • Adds stack traces Threads embeddable (#173905).
  • Enhances the diff topN functions (#173397).
  • Updates Indices API to support sourcemap parameters (#177847).
  • Fixes sorting instances table results on server-side (#174164).
  • Required custom fields now support default values, which will be used to automatically populate the custom fields if they are not defined when creating and updating cases (#175961).
  • Persists all filter options of the cases table, including custom fields, in the URL. The filtering is also persisted when navigating back and forth between pages (#175237).
  • Enables the alerts table for cases in the Stack Management (#172217).
  • Adds step setting for range slider control (#174717).
  • Adds a deprecation badge in Dashboard on legacy control panels (#174302).
  • Adds external link icon to external URL links in the Links panel (#174407).
  • Re-adds filtering settings in the Control settings UI (#172857).
  • Adds number field support the the Options List control(#172106).
  • Hides the Empty fields section if there are no fields in it (#172956).
  • Adds data table header row height configuration (#175501).
  • Adds new fields ingested in the background to the field list with valid mappings (#172329).
  • Adds caching to data view field list request with a stale-while-revalidate strategy (#168910).
  • Distinguish among empty and available fields in Discover ES|QL mode (#174585).
Elastic Security
For the Elastic Security 8.13.0 release information, refer to Elastic Security Solution Release Notes.
Elastic Search
  • Adds ignore_empty_value to generated set processor (#175172).
  • Adds clickable badges on compact view for ES|QL queries (#176568).
  • Adds link on the documentation popover to navigate to our external docs (#176377).
  • Adds support for canceling ES|QL queries in Lens (#176277).
  • Adds quick fixes feature to ES|QL query validation errors (#175553).
  • Adds support for command settings (#175114).
  • Allows line breaks on the ES|QL editor (#173596).
  • Adds skipRateLimitCheck flag to the Upgrade API and Bulk_upgrade API (#176923).
  • Adds making datastream rollover lazy (#176565).
  • Stops creating the {type}-{datastet}@custom component template during package installation (#175469).
  • Adds the xpack.fleet.isAirGapped flag (#174214).
  • Adds a warning when download upgrade is failing (#173844).
  • Adds a message explaining why an agent is not upgradeable (#173253).
  • Makes logs-* and metrics-* data views available across all spaces (#172991).
  • Adds flag for pre-release to templates/inputs endpoint (#174471).
  • Adds concurrency control to Fleet data stream API handler (#174087).
  • Adds a handlebar helper to percent encode a given string (#173119).
  • Enables minute frequency for incremental syncs (#176603).
Lens & Visualizations
  • Datatable improvements in Lens (#174994).
  • Adds IP Prefix Aggregation-based Visualization (#173474).
  • Displays the suggestions on the dataview mode charts in Lens (#172924).
  • Enables treemap in suggestions in Lens (#169095).
Machine Learning
  • AIOps: Adds UI action for Change Point Detection embeddable to open in the ML app (#176694).
  • AIOps: Enhances display of results for alias field types in pattern analysis (#176586).
  • Enhances support for ES|QL Data visualizer (#176515).
  • Adds a prompt to delete alerting rules upon the anomaly detection job deletion (#176049).
  • Adds grok highlighting to the file data visualizer (#175913).
  • Adds a warning if trained model is referenced by the _inference API (#175880).
  • Adds a feedback button to anomaly explorer and single metric viewer for metrics hosts anomaly detection jobs (#175613).
  • Adds actions menu to anomaly markers in Single Metric Viewer chart (#175556).
  • AIOps: Adds expanded rows to pattern analysis table (#175320).
  • AIOps: Adds link to log rate analysis from anomaly table (#175289).
  • AIOps: Improves pattern analysis refresh behavior (#174516).
  • Adds option for using table layout in the Change Point Detection embeddable (#174348).
  • Adds high count option to the anomaly detection categorization wizard (#174252).
  • Improves Data drift time range selection & shows hints for analysis process (#174049).
  • Adds link to anomaly detection job creation from the alerting rule form (#174016).
  • Adds warning for legacy method for installing pre-configured APM transaction job (#173375).
  • Enhances toast notifications to improve error reporting (#173362).
  • Adds document count chart for file upload (#173210).
  • Trained models: Adds workflow for creating an ingest pipeline for a trained model (#170902).
  • Updates alerts-as-data payload for Anomaly detection health and Transform health rules (#176307).
  • Changes the column "Components" in the index templates table to display number of component templates (#175823).
  • Adds support in maps for the ES|QL geo_shape column type (#175156).
  • Adds a ES|QL card to the add layer UI in maps (#173481).
  • Displays vector tile results in vector tile inspector (#172627).
  • Enable burn rate alert by default during creation via UI (#176317).
  • Implements Bedrock support for the Claude models (#176191).
  • Adds link for AI Assistant in Observability left hand navigation (#176144).
  • Handle token limit error message improvement (#175871).
  • Corrects common ES|QL mistakes (#175520).
  • Adds resource column with tooltip (#175287).
  • Adds alert fields table to Observability flyout (#174685).
  • Adds an option to disable APM user redaction (#176566).
  • Updated CSV export to insert error messages into the contents if the export results in an empty file due to an error (#175852).
  • Adds setting to use PIT or Scroll API (#174980).
  • Default value of server.securityResponseHeaders.referrerPolicy changed to strict-origin-when-cross-origin (#177559).
  • Adds server side validation for uploaded file types (#173960).
  • Show View details UI action to open clusters inspector tab when request fails (#172971).
Unified Search
  • Adds greater than or equals to and less than options to filter options for date ranges and numbers (#174283).
  • Adds a one minute option to the date picker (#172944).
  • Adds multiple improvements to saved query management (#170599).

Bug Fixesedit

  • Fixes Elasticsearch query rule with KQL evaluation matched document count (#176620).
  • Fixes alerts not being visible when number of alerts are more than max alert limit (#178019).
  • Fixes ruleClient.getAlertState error when a task is no longer available (#177077).
  • Fixes AlertsTable sorting with inactive columns and default sort direction (#176172).
  • Fixes an infinite loop caused by matching child and parent IDs (#177914).
  • Fixes inconsistencies on Service Overview page (#176293).
  • Fixes occurrences cut off value to be fully visible (#175307).
  • Fixes a bug where if there are required custom fields on a case whose values are empty, it is not possible to update any of those fields (#176574).
  • Fixes hidden add panel popover on smaller viewports (#178593).
  • Fixes form validation when saving Links to library (#176021).
  • Update full screen handling to fix z-index issues in Kibana (#178788).
  • Fixes "New" link in ES|QL mode (#177038).
  • Fixes grid column settings on Surrounding Documents page (#177003).
  • Fixes time zone for field popover histogram and removes getTimeZone duplicates (#172705).
  • Fixes including global filters when opening a saved search (#175814).
  • Fixes loading a missing data view in the case where it’s not provided by the consuming plugin (#173017).
Elastic Security
For the Elastic Security 8.13.0 release information, refer to Elastic Security Solution Release Notes.
Elastic Search
  • Fixes minor problems with integrations for Enterprise Search (#177570).
  • Fixes a bug where secret values were not deleted on output type change (#178964).
  • Fixes formatting for some integrations on the overview page (#178937).
  • Fixes the name of Elasticsearch output workers configuration key (#178329).
  • Fixes clean up of the .fleet-policies entries when deleting an agent policy. (#178276).
  • Fixes only showing remote Elasticsearch output health status if later than last updated time (#177685).
  • Fixes status summary when showUpgradeable is selected (#177618).
  • Fixes issue of agent sometimes not getting inputs using a new agent policy with system integration (#177594).
  • Fixes the activity flyout keeping the scroll state on rerender (#177029).
  • Fixes inactive popover tour not resetting (#176929).
  • Fixes isPackageVersionOrLaterInstalled to check for installed package (#176532).
  • Removes pre-release exception for Synthetics package (#176249).
  • Fixes output validation when creating package policy (#175985).
  • Fixes allowing an agent to upgrade to a newer patch version than fleet-server (#175775).
  • Fixes asset creation during custom integration installation (#174869).
  • Fixes cascading agent policy’s namespace to package policies (#174776).
  • Fixing derivative aggregation on kubernetes pods (#177295).
Lens & Visualizations
  • Fixes handling of doc_count on time shift scenarios (#178394).
  • Fixes the title of a formula based metric visualization defaulting to Formula in Lens (#177299).
  • Fixes sorting on table when using Last value on date field in Lens (#177288).
  • Align formatters for point and range annotations in Lens (#177199).
  • Fixes the mapping of Elasticsearch fields (#176665).
  • Fixes the display of warnings with additional information (#176660).
  • Fixes clicking the editor closing the ES|QL documentation popover (#176394).
  • Fixes creating or removing layers in Lens loosing focus (#175893).
  • Fixes using the same adhoc data views for queries with the same index pattern (#174736).
  • Fixes the markdown editor not expanding to fill vertical space (#174276).
Machine Learning
  • Preserves field formatters between rule executions (#178621).
  • Fixes quick create geo job created by ID (#177691).
  • AIOps: Fixes incomplete edge buckets for change point detection (#177579).
  • AIOps: Fixes grouping for fields with large arrays (#177438).
  • Fixes Single Metric Viewer’s zoom settings in URL are not restored if URL specifies a forecast ID (#176969).
  • Adds delay to deletion modal to avoid flickering (#176424).
  • Fixes Single Metric Viewer not showing chart for metric functions and mismatch function in tooltip (#176354).
  • Fixes multi-match query overriding filters in Data Visualizer and Data Drift (#176347).
  • Fixes only enabling apply button in anomaly detection datafeed chart if changes have been made (#174425).
  • Fixes editing a rollup data view (#177446).
  • Fixes showing previously selected no time field setting (#177221).
  • Fixes package showing Needs authorization warning even after transform assets were authorized successfully (#176647).
  • Removes the polling interval to reload indices in the background (#174681).
  • Fixes keeping the filters value in the URL for the indices list (#174515).
  • Fixes categorizing fields as empty that never had a value in matching indices (#174063).
  • Fixes the badge for managed data streams in Index Management (#173408).
  • Some input fields are now disabled when editing managed repositories in Snapshot & Restore (#173137).
  • Input fields to change snapshot name and repository are now disabled when editing managed SLM policies in Snapshot & Restore (#172291).
  • Fixes Request URL Too Long (414) with heatmap layer when data view has larger number of date fields (#177900).
  • Fixes the maps application breaking if you open a map with layers or sources that do not exist (#176419).
  • SLOs: Does not display group by cardinality when group by is not selected (#178133).
  • Fixes bug in inventory rule for Inbound and Outbound traffic threshold (both preview and executor) (#177997).
  • Fixes more lenient parsing of suggestion scores (#177898).
  • Fixes refreshing the conversations list on conversation update (#177897).
  • Fixes SLO details path is broken when instanceId contains a forward slash (#177843).
  • Prevents users from picking date fields for the group-by selector (#177830).
  • Fixes undefined issue cased due row check missing (#177293).
  • Fixes making IDs unique to capture multiple invocations of the same query (#173433).
Querying & Filtering
  • Fixes autocomplete value suggestions for KQL when the corresponding index has no tier preference set (#176355).
  • Fixes how sample data test install state is determined in test (#178529).
  • Fixed a bug in Stack Management Reporting where the Delete button was not disabled after click (#173707).
  • Require unifiedSearch plugin and include in top-level Kibana Context Provider (#178421).
  • Omit the request Content-Type header if body check is empty (#178399).
  • Fixes Certificates page for monitors that have status alert disabled (#178336).
  • Fixes allowing Synthetics global parameters to include dashes (#178054).
  • Change test now trigger route from GET to POST (#177093).
  • Fixes and simplifies write access default behavior (#177088).