This documentation contains work-in-progress information for future Elastic Stack and Cloud releases. Use the version selector to view supported release docs. It also contains some Elastic Cloud serverless information. Check out our serverless docs for more details.
« Release notes Kibana 9.0.0 »
Elastic Docs Kibana Guide [master] Release notes

Upgrade notes

edit

Upgrade notes

edit

Before you upgrade, review the breaking changes and deprecations introduced since the version you are migrating from, then mitigate the impact.

If you are migrating from a version prior to version 9.0, you must first upgrade to the last 8.x version available.

For Elastic Security solution release information, refer to Elastic Security Solution Release Notes.

Breaking changes

edit
Removed legacy alerting endpoints (9.0.0)

Details

  • POST /api/alerts/alert/{id?} has been replaced by POST /api/alerting/rule/{id?}
  • GET /api/alerts/alert/{id} has been replaced by GET /api/alerting/rule/{id}
  • PUT /api/alerts/alert/{id} has been replaced by PUT /api/alerting/rule/rule/{id}
  • DELETE: /api/alerts/alert/{id} has been replaced by DELETE /api/alerting/rule/{id}
  • POST /api/alerts/alert/{id}/_disable has been replaced by POST /api/alerting/rule/{id}/_disable
  • POST /api/alerts/alert/{id}/_enable has been replaced by POST /api/alerting/rule/{id}/_enable
  • GET /api/alerts/_find has been replaced by GET /api/alerting/rules/_find
  • GET /api/alerts/_health has been replaced by GET /api/alerting/rule/_health
  • GET /api/alerts/list_alert_types has been replaced by GET /api/alerting/rule_types
  • POST /api/alerts/alert/{alert_id}/alert_instance/{alert_instance_id}/_mute has been replaced by POST /api/alerting/rule/{rule_id}/alert/{alert_id}/_mute
  • POST /api/alerts/alert/{alert_id}/alert_instance/{alert_instance_id}/_unmute has been replaced by POST /api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute
  • POST /api/alerts/alert/{id}/_mute_all has been replaced by POST /api/alerting/rule/{id}/_mute_all
  • POST /api/alerts/alert/{id}/_unmute_all has been replaced by POST /api/alerting/rule/{id}/_unmute_all
  • POST /api/alerts/alert/{id}/_update_api_key has been replaced by POST /api/alerting/rule/{id}/_update_api_key
  • GET /api/alerts/{id}/_instance_summary has been deprecated without replacement. Will be removed in v9.0.0
  • GET /api/alerts/{id}/state has been deprecated without replacement. Will be removed in v9.0.0

Impact
Deprecated endpoints will fail with a 404 status code starting from version 9.0.0

Action
Remove references to GET /api/alerts/{id}/_instance_summary endpoint. Remove references to GET /api/alerts/{id}/state endpoint. Replace references to endpoints listed as deprecated by it’s replacement. See Details section. The updated APIs can be found here https://www.elastic.co/docs/api/doc/kibana/v8/group/endpoint-alerting

Removed legacy cases endpoints (9.0.0)

Details

  • GET /api/cases/status has been deprecated with no replacement. Deleted in v9.0.0
  • GET /api/cases/{case_id}/comments has been replaced by GET /api/cases/{case_id}/comments/_find released in v7.13
  • GET /api/cases/<case_id>/user_actions has been replaced by GET /api/cases/<case_id>/user_actions/_find released in v8.7
  • includeComments parameter in GET /api/cases/{case_id} has been deprecated. Use GET /api/cases/{case_id}/comments/_find instead, released in v7.13

Impact
Deprecated endpoints will fail with a 404 status code starting from version 9.0.0

Action
Remove references to GET /api/cases/status endpoint. Replace references to deprecated endpoints with the replacements listed in the breaking change details.

Removed all security v1 endpoints (9.0.0)

Details
All v1 Kibana security HTTP endpoints have been removed.

GET /api/security/v1/logout has been replaced by GET /api/security/logout GET /api/security/v1/oidc/implicit has been replaced by GET /api/security/oidc/implicit GET /api/security/v1/oidc has been replaced by GET /api/security/oidc/callback POST /api/security/v1/oidc has been replaced by POST /api/security/oidc/initiate_login POST /api/security/v1/saml has been replaced by POST /api/security/saml/callback GET /api/security/v1/me has been removed with no replacement.

For more information, refer to #199656.

Impact
Any HTTP API calls to the v1 Kibana security endpoints will fail with a 404 status code starting from version 9.0.0. Third party OIDC and SAML identity providers configured with v1 endpoints will no longer work.

Action
Update any OIDC and SAML identity providers to reference the corresponding replacement endpoint listed above. Remove references to the /api/security/v1/me endpoint from any automations, applications, tooling, and scripts.

Access to all internal APIs is blocked (9.0.0)

Details
Access to internal Kibana HTTP APIs is restricted from version 9.0.0. This is to ensure that HTTP API integrations with Kibana avoid unexpected breaking changes. Refer to #193792.

Impact
Any HTTP API calls to internal Kibana endpoints will fail with a 400 status code starting from version 9.0.0.

Action
Do not integrate with internal HTTP APIs. They may change or be removed without notice, and lead to unexpected behaviors. If you would like some capability to be exposed over an HTTP API, create an issue. We would love to discuss your use case.

Deprecation notices

edit

The following functionality is deprecated and will be removed at a future date. Deprecated functionality does not have an immediate impact on your application, but we strongly recommend you make the necessary updates to avoid use of deprecated features.

Use the Kibana Upgrade Assistant to prepare for your upgrade to the next version of the Elastic Stack. The assistant identifies deprecated settings in your configuration and guides you through the process of resolving issues if any deprecated features are enabled. To access the assistant, go to Stack Management > Upgrade Assistant.

Scripted field creation has been disabled in the Data Views management page (9.0.0)

Details
The ability to create new scripted fields has been removed from the Data Views management page in 9.0. Existing scripted fields can still be edited or deleted, and the creation UI can be accessed by navigating directly to /app/management/kibana/dataViews/dataView/{dataViewId}/create-field, but we recommend migrating to runtime fields or ES|QL queries instead to prepare for removal.

For more information, refer to #202250.

Impact
It will no longer be possible to create new scripted fields directly from the Data Views management page.

Action
Migrate to runtime fields or ES|QL instead of creating new scripted fields. Existing scripted fields can still be edited or deleted.

« Release notes Kibana 9.0.0 »