New

The executive guide to generative AI

Read more
About usPartnersSupport|Login
Loading

Elastic Cloud Serverless changelog

Review the changes, fixes, and more to Elastic Cloud Serverless.

For Elastic Cloud Serverless API changes, refer to APIs Changelog.

  • Adds public Maintenance Window APIs for Alerting #216756
  • Enables KQL filter for Elastic Observability Serverless TLS rules #216973
  • Adds drilldown to synthetics stats overview embeddable for Elastic Observability Serverless #217688
  • Updates the Elastic Observability Serverless embeddable view when only one monitor in one location is selected #218402
  • Improves accessibility in the Elastic Observability Serverless create connector flyout #218426
  • Removes double confirmation when deleting conversations in Elastic Observability Serverless #217991
  • APM URLs now encode the service name in Elastic Observability Serverless #217092
  • Adds improvements to the Embeddable Trace Waterfall in Elastic Observability Serverless #217679
  • Updates the highlighted fields in the Elastic Security Serverless overview tab #216740
  • Adds the ability to handle ELASTIC_PROFILER_STACK_TRACE_IDS for apm-profiler integration in Elastic Obserbability Serverless #217020
  • Adds the ability to open links in a new window for Vega visualizations #216200
  • Adds the ability to opt out of event-driven Memory Protection scanning in Elastic Security Serverless advanced policies #218354
  • Replaces the Elastic Security Serverless analyzer sourcerer #218183
  • Enables suggestions for CHANGE_POINT command in ES|QL #218100
  • Adds callouts for Fleet breaking changes for integration upgrades #217257
  • Adds support for local xpack.productDocBase.artifactRepositoryUrl file path in Machine Learning #217046
  • Adds defaultSolution to spaces configuration #218360
  • Fixes allow_hidden usage in the request for fields in Discover #217628
  • Fixes an issue in Discover where keydown event propagation now stops when unified doc tabs are focused #218300
  • Fixes an issue where sync global parameters are now called in the endpoints to add, edit, or delete global params in Elastic Observability Serverless #216197
  • Adds the ability to allow group for ip type fields in Elastic Observability Serverless #216062
  • Fixes the EDOT error summary in Elastic Observability Serverless #217885
  • Fixes test run logs per page in Elastic Observability Serverless #218458
  • Fixes the display results and Visualize query Bedrock error in Elastic Observability Serverless #218213
  • Fixes prebuilt rules force upgrade on Endpoint policy creation in Elastic Security Serverless #217959
  • Fixes related integrations render performance on rule editing pages in Elastic Security Serverless #217254
  • Fixes the broken tooltip suggestions descriptions in ES|QL #218067
  • Adds the ability to retrieve empty columns in ES|QL #218085
  • Fixes an issue in ES|QL where tables with no data would break #217937
  • Fixes the ES|QL editor menus when using Safari #218167
  • Fixes the wrong source validation in case of unknown patterns in ES|QL #218352
  • Fixes vCPU usage message in the Machine Learning start deployment dialog #218557
  • Removes the listing limit warning #217945
  • Fixes an issue where the placeholder in the monaco editor would disappear when a value is set #217828
  • Fixes an issue where the Saved Objects Rotate Encryption Key API would not affect sharable encrypted object types that exist in all spaces #217625
  • Fixes an issue where refreshing multiple tabs when you log out will simultaneously log in successfully #212148
  • Enables archiving of conversations in the Elastic Observability Serverless AI Assistant #216012
  • Moves job and trained model management features into Stack Management #204290
  • Adds Engine initialization API to Elastic Security Serverless #215663
  • Allows creating an ES|QL control by entering a question mark (?) in the query #216839
  • Improves UI handling of multiple CVEs and package fields #216411
  • Adds support for Windows MSI commands for Fleet and Elastic Agent installations #217217
  • Reuses shared integration policies when duplicating agent policies in Fleet #217872
  • Enables adding badges to all list items in the side navigation except the section header #217301
  • Fixes error message when previewing index templates used by data streams #217604
  • Wraps text in search bars #217556
  • Adds support for textBased layers in ES|QL visualizations #216358
  • Corrects the alert count displayed in Monitor details #216761
  • Fixes the Save visualization action on the Monitors Overview tab #216695
  • Removes direct function calling from the chat input Elastic Observability Serverless AI Assistant #217359
  • Adds missing aria-label attributes to some buttons under the Services and Services Groups pages #217325
  • Improves knowledge base installation flow and inference endpoint management #214133
  • Improves aria-label for EuiCodeBlock on the APM onboarding page #217292
  • Adds source and target fields to the Dataset Quality Navigated event #217575
  • Improves aria-label attributes for latency correlations #217512
  • Fixes navigation to the Search Connectors page #217749
  • Sorts the Environment dropdown alphabetically in the APM UI #217710
  • Ensures the Request Inspector shows accurate request and response data for successful scenarios #216519
  • Fixes the Change Point Detection embeddable in dashboards #217178
  • Fixes page crashes caused by the Use full data button #217291
  • Filters inference connectors that lack existing endpoints in Connectors #217641
  • Fixes focusability and keyboard access issues with the Export tab in the Share this dashboard modal #217313
  • Adds keyboard navigation for drag-and-drop interactions in Dashboards #208286
  • Adds 'Read More' and 'Read Less' functionality to fields in Document view in Discover #215326
  • Injects and extracts tag references in Dashboards #214788
  • Adds an option to User Settings that allows the Kibana interface to display in a high contrast mode #216242
  • Adds a back external link indicator to the side navigation #215946
  • Adds a default metrics dashboard for Node.js open telemetry in Elastic Observability Serverless #215735
  • Replaces Sourcerer with the the Discover Data View picker in Elastic Security Serverless #210585
  • Replaces Sourcerer in the global header in Elastic Security Serverless #216685
  • Handles grouping in multivalue fields in Elastic Security Serverless #215913
  • Adds validation and autocomplete support for the CHANGE_POINT command in ES|QL #216043
  • Adds support for aggregrate filtering in the ES|QL editor #216379
  • Changes the agent details last activity value to show the formatted datetime in Fleet #215531
  • Allows SSL configuration to be disabled for the Fleet agent Logstash output #216216
  • Enhances the display for anomaly time function values for Machine Learning #216142
  • Adds Voyage AI and DeepSeek icons for Machine Learning #216651
  • Moves rule settings to a flyout instead of a modal #216162
  • Fixes a race condition in useBatchedPublishingSubjects in Dashboards and visualizations #216399
  • Fixes State being dropped when editing visualize embeddables in Dashboards and visualizations #216901
  • Updates the HTTP API response from 201 to 200 in Dashboards and visualizations #217054
  • Fixes an issue where scaling edits weren't saved in Dashboards and visualizations #217235
  • Fixes an issue where the Discover flyout closed when the focus was on filter #216630
  • Fixes the CSV export for ES|QL embeddable in Discover #216325
  • Fixes the JSON view for ES|QL record in DocViewer #216642
  • Adds items count to fields accordion titled aria-label in Discover #216993
  • Makes service inventory icons visible if the agentName is returned in Elastic Observability Serverless #216220
  • Changes the TPM abbreviation to trace per minute for screen readers in Elastic Observability Serverless #216282
  • Adds the aria-label to the fold traces button in Elastic Observability Serverless #216485
  • Adds the aria-label to the technical preview badge in Elastic Observability Serverless #216483
  • Allows only .ndjson files when bulk importing to the knowledge base in Elastic Observability Serverless #215433
  • Fixes the span link invalid filter in Elastic Observability Serverless #215322
  • Fixes the missing URL in the transaction summary in Elastic Observability Serverless #215397
  • Fixes the query for transaction marks in Elastic Observability Serverless #215819
  • Updates the retrieve_elastic_doc API test in Elastic Observability Serverless #215237
  • Adds error text in the environment filter when the input is invalid in Elastic Observability Serverless #216782
  • Fixes the Fold/unfold button in traces waterfall explorer in Elastic Observability Serverless #216972
  • Fixes the alert severity order in Elastic Security Serverless #215813
  • Fixes the error callout placement on the Entity Store page's Engine Status tab in Elastic Security Serverless #216228
  • Reads config from preconfigured connectors in AI Assistant and Attack Discovery in Elastic Security Serverless #216700
  • Fixes bedrock modelId encoding in Elastic Security Serverless #216915
  • Fixes the AI Assistant prompt in Elastic Security Serverless #217058
  • Hides "not" operators from the suggestions menu in ES|QL #216355
  • Fixes the CSV report time range when exporting from Discover in ES|QL #216792
  • Fixes unenroll inactive agent tasks if the first set of agents returned is equal to UNENROLLMENT_BATCH_SIZE in Fleet #216283
  • Supports integrations having secrets with multiple values in Fleet #216918
  • Adds overlay to the add/edit integration page in Fleet #217151
  • Introduced an embeddable trace waterfall visualization in Elastic Observability Serverless #216098
  • Adds support for span links in Elastic Observability Serverless service maps #215645
  • Enables KQL filting for TLS alerting rules in Elastic Observability Serverless #215110
  • Ensures a 404 response is returned only when screenshot_ref is truly missing in Elastic Observability Serverless #215241
  • Adds a rule gaps histogram to the Elastic Security Serverless rules dashboard #214694
  • Adds support for multiple CVEs and improves the vulnerability data grid, flyout, and contextual flyout UI in Elastic Security Serverless #213039
  • Updates API key permissions for refreshing data view API for Elastic Security Serverless #215738
  • Adds the ability to limit notes per document instead of globally in Elastic Security Serverless #214922
  • Adds the ability to add badges to subitems in the side navigation #214854
  • Fixes color palette assignment issues in partition charts #215426
  • Adjusts page height for the AI Assistant app in solution views #215646
  • Adds the aria-label to latency selector in Elastic Observabiity Serverless service overview #215644
  • Adds the aria-label to popover service in Elastic Observabiity Serverless service overview #215640
  • Adds the aria-label to "Try our new inventory" button in Elastic Observabiity Serverless #215633
  • Adds the aria-label to Transaction type select in Elastic Observabiity Serverless service overview #216014
  • Fixes an issue when selecting monitor frequency #215823
  • Implements the nameTooltip API for Elastic Observabiity Serverless dependency tables #215940
  • Fixes a location filter issue in the Elastic Observabiity Serverless status rule executor #215514
  • Consolidates custom Fleet onboarding logic in Elastic Observabiity Serverless #215561
  • Fixes left margin positioning in Elastic Observabiity Serverless waterfall visualizations #216229
  • Corrects risk score table refresh issues in the Elastic Security Serverless Entity Analytics Dashboard #215472
  • Fixes the Elastic Security Serverless host details flyout left panel tabs #215672
  • Fixes an issue where the Entity Store init API did not check for index privileges in Elastic Security Serverless #215329
  • Adds a manage_ingest_pipeline privilege check for Risk Engine enablement in Elastic Security Serverless #215544
  • Updates API to dynamically retrieve spaceID for Elastic Security Serverless #216063
  • Fixes the visibility of the ES|QL date picker #214728
  • Enables the ES|QL time picker when time parameters are used with cast #215820
  • Updates the Fleet minimum package spec version to 2.3 #214600
  • Fixes text overflow and alignment in agent details integration input status in Fleet #215807
  • Fixes pagination in the Anomaly Explorer Anomalies Table for Machine Learning #214714
  • Ensures proper permissions for viewing Machine Learning nodes #215503
  • Adds a custom link color option for the top banner #214241
  • Updates the task state version after execution #215559
  • Enables smoother scrolling in Kibana #214512
  • Adds context.grouping action variable in Custom threshold and APM rules #212895
  • Adds the ability to create an APM availability or latency SLO for all services #214653
  • Enables editing central config for EDOT Agents / SDKs #211468
  • Uses Data View name for Rule Data View display #214495
  • Highlights the code examples in our inline docs #214915
  • Updates data feeds for anomaly detection jobs to exclude Elastic Agent and Beats processes #213927
  • Adds Mustache lambdas for alerting action #213859
  • Adds 'page reload' screen reader warning #214822
  • Fixes color by value for Last value array mode #213917
  • Fixes can edit check #213887
  • Fixes opening a rollup data view in Discover #214656
  • Fixes entry item in waterfall shouldn't be orphan #214700
  • Filters out upstream orphans in waterfall #214704
  • Fixes KB bulk import UI example #214970
  • Ensures that when an SLO is created, its ID is verified across all spaces #214496
  • Fixes contextual insights scoring #214259
  • Prevents getChildrenGroupedByParentId from including the parent in the children list #214957
  • Fixes ID overflow bug #215199
  • Removes unnecessary field service.environment from top dependency spans endpoint #215321
  • Fixes missing user_agent version field and shows it on the trace summary #215403
  • Fixes rule preview works for form's invalid state #213801
  • Fixes session view error on the alerts tab #214887
  • Adds index privileges check to applyDataViewIndices #214803
  • Changes the default Risk score lookback period from 30m to 30d #215093
  • Fixes issue with alert grouping re-render #215086
  • Limits the transformID length to 36 characters #213405
  • Fixes Data view refresh not supporting the indexPattern parameter #215151
  • Uses Risk Engine SavedObject intead of localStorage on the Risk Score web page #215304
  • Fixes autocomplete for comments when there is a space #214696
  • Makes sure that the variables in the editor are always up to date #214833
  • Calculates the query for retrieving the values correctly #214905
  • Fixes overlay in integrations on mobile #215312
  • Fixes chart in single metric anomaly detection wizard #214837
  • Fixes regression that caused the cases actions to disappear from the detections engine alerts table bulk actions menu #215111
  • Changes "Close project" to "Log out" in nav menu in serverless mode #211463
  • Fixes search profiler index reset field when query is changed #215420
  • Enables read-only editor mode in Lens to explore panel configuration #208554
  • Allows you to share Observability AI Assistant conversations #211854
  • Adds context-aware logic to Logs view in Discover #211176
  • Replaces the Alerts status filter with filter controls #198495
  • Adds SSL fields to agent binary source settings #213211
  • Allows users to create a snooze schedule for rules via API #210584
  • Splits up the top dependencies API for improved speed and response size #211441
  • Adds working default metrics dashboard for Python OTel #213599
  • Includes spaceID in SLI documents #214278
  • Adds support for the MV_EXPAND command with the ES|QL rule type #212675
  • Enables endpoint actions for events #206857
  • Introduces GA support for the semantic_text field type on Elastic Cloud Serverless
  • Adds the ability for users to customize prebuilt rules. Users can modify most rule parameters, export and import prebuilt rules — including customized ones — and upgrade prebuilt rules while retaining customization settings #212761
  • Fixes a bug with ServiceNow where users could not create the connector from the UI form using OAuth #213658
  • Prevents unnecessary re-render when switching between View and Edit modes #213902
  • Adds event-annotation-group to saved object privileges for dashboards #212926
  • Makes the Inspect configuration button permanently visible #213619
  • Fixes service maps not building paths when the trace's root transaction has a parent.id #212998
  • Fixes span links with OTel data #212806
  • Makes Kibana retrieval namespace-specific #213505
  • Ensures semantic queries contribute to scoring when retrieving knowledge from search connectors #213870
  • Passes telemetry.sdk data when loading a dashboard #214356
  • Fixes checkPrivilege to query with indices #214002
  • Adds support for rollup data views that reference aliases #212592
  • Fixes an issue with the Save button not working when editing event filters #213805
  • Fixes dragged elements becoming invisible when dragging-and-dropping in Lens #213928
  • Fixes alignment of the Alerts table in the Rule Preview panel #214028
  • Fixes Bedrock defaulting region to us-east-1 #214251
  • Fixes an issue with the Agent binary download field being blank when a policy uses the default download source #214360
  • Fixes navigation issues with alert previews #213455
  • Fixes an issue with changing the width of a Timeline column width bug #214178
  • Reworks the enforce_registry_filters advanced option in Elastic Defend to align with Endpoint #214106
  • Ensures cell actions are initialized in Event Rendered view and fixes cell action handling for nested event renderers #212721
  • Supports date_nanos in BUCKET in the ES|QL editor #213319
  • Fixes appearance of warnings in the ES|QL editor #213685
  • Makes the Apply time range switch visible in the Job selection flyout when opened from the Anomaly Explorer #213382
  • Adds an improved rule form for the Create Rule flyout in Elastic Observability Serverless #206685
  • Resolves duplicate conversations in Elastic Observability Serverless #208044
  • Splits the SLO Details view from the Overview page in Elastic Observability Serverless #212826
  • Adds the reason message to the rules recovery context in Elastic Observability Serverless #211411
  • Runtime metrics dashboards now support different ingest paths in Elastic Observability Serverless #211822
  • Adds SSL options for Fleet Server hosts settings in Fleet #208091
  • Introduces globe projection for Dashboards and visualizations #212437
  • Registers a custom integrations search provider in Fleet #213013
  • Adds support for searchAfter and PIT (point-in-time) parameters in the Get Agents List API in Fleet #213486
  • Fixes an issue where Korean characters were split into two characters with a space in between when typing in the options list search input in Dashboards and visualizations #213164
  • Prevents crashes when editing a Lens chart with a by-reference annotation layer in Dashboards and visualizations #213090
  • Improves instructions for the summarize function in Elastic Observability Serverless #212936
  • Fixes a "Product Documentation function not available" error in Elastic Observability Serverless #212676
  • Fixes conversation tests in Elastic Observability Serverless #213338
  • Allows wildcard filters in SLO queries in Elastic Observability Serverless #213119
  • Fixes missing summary data in error samples in Elastic Observability Serverless #213430
  • Fixes a failing test: Stateful Observability - Deployment-agnostic A… in Elastic Observability Serverless #213530
  • Reduces the review rule upgrade endpoint response size in Elastic Security Serverless #211045
  • Refactors conversation pagination in Elastic Security Serverless #211831
  • Fixes alert insights color order in Elastic Security Serverless #212980
  • Prevents empty conversation IDs in the chat/complete route in Elastic Security Serverless #213049
  • Fixes issues with unstructured syslog flow in Elastic Security Serverless #213042
  • Adds bulkGetUserProfiles privilege to Security Feature in Elastic Security Serverless #211824
  • Fixes a Risk Score Insufficient Privileges warning due to missing cluster privileges in Elastic Security Serverless #212405
  • Updates Bedrock prompts in Elastic Security Serverless #213160
  • Adds organizationId and projectId OpenAI headers, along with support for arbitrary headers in Elastic Security Serverless #213117
  • Ensures dataview selections persist reliably in timeline for Elastic Security Serverless #211343
  • Fixes incorrect validation when a named parameter was used as a function in ES|QL #213355
  • Fixes incorrect overall swim lane height in Machine Learning #213245
  • Prevented a crash when applying a filter in the Machine Learning anomaly table #213075
  • Fixes suppressed alerts alignment in the alert flyout in Elastic Security Serverless #213029
  • Fixes an issue in solution project navigation where panels sometimes failed to toggle closed #211852
  • Updates wording for options in the sortBy dropdown component #206464
  • Allows EU hooks hostname in the Torq connector for Elastic Security Serverless #212563
  • Introduces a background task that streamlines the upgrade process for agentless deployments in Elastic Security Serverless #207143
  • Improves asset inventory onboarding with better context integration in Elastic Security Serverless #212315
  • Adds syntax highlighting for working with ES|QL queries in Elastic Observability Serverless #212669
  • Updates the delete confirmation modal in Elastic Observability Serverless #212695
  • Removes the enablement check in PUT /api/streams/{id} for classic streams #212289
  • Fixes issues affecting popularity scores in Discover #211201
  • Corrects sorting behavior in the profiler storage explorer for Elastic Observability Serverless #212583
  • Adds a loader to prevent flickering in the KB settings tab in Elastic Observability Serverless #212678
  • Resolves incorrect enable button behavior in the Entity Store modal in Elastic Security Serverless #212078
  • Converts the isolate host action into a standalone flyout in Elastic Security Serverless #211853
  • Ensures model responses are correctly persisted to the chosen conversation ID in Elastic Security Serverless #212122
  • Corrects image resizing issues for xpack.security.loginAssistanceMessage in Elastic Security Serverless #212035
  • Fixes automatic import to correctly generate pipelines for parsing CSV files with special characters in Elastic Security Serverless column names #212513
  • Fixes validation issues for empty EQL queries in Elastic Security Serverless #212117
  • Resolves dual hover actions in the table tab in Elastic Security Serverless #212316
  • Updates structured log processing to support multiple log types in Elastic Security Serverless #212611
  • Ensures the delete model dialog prevents accidental multiple clicks in Machine Learning #211580
  • Exposes SSL options for Elasticsearch and remote Elasticsearch outputs in the UI #208745
  • Displays a warning and a tooltip for the _score column in the Discover grid #211013
  • Allows Command/Ctrl click for the "New" action in the top navigation #210982
  • Adds the ability for a user to create an API Key in synthetics settings that applies only to specified space(s) #211816
  • Adds "unassigned" as an asset criticality level for bulk_upload #208884
  • Sets the Enable visualizations in flyout advanced setting to "On" by default #211319
  • Preserves user-made chart configurations when changing the query if the actions are compatible with the current chart, such as adding a "where" filter or switching compatible chart types #210780
  • Adds effects when clicking the Favorite button in the list of dashboards and ES|QL queries, and adds the button to breadcrumb trails #201596
  • Enables /api/streams/{id}/_group endpoints for GroupStreams #210114
  • Fixes Discover session embeddable drilldown #211678
  • Passes system message to inferenceCliente.chatComplete #211263
  • Ensures system message is passed to the inference plugin #209773
  • Adds automatic re-indexing when encountering a semantic_text bug #210386
  • Removes unnecessary breadcrumbs in profiling #211081
  • Adds minHeight to profiler flamegraphs #210443
  • Adds system message in copy conversation JSON payload #212009
  • Changes the confirmation message after RiskScore Saved Object configuration is updated #211372
  • Adds a no data message in the flyout when an analyzer is not enabled #211981
  • Fixes the Fleet Save and continue button #211563
  • Suggests triple quotes when the user selects the KQL / QSTR #211457
  • Adds remote cluster instructions for syncing integrations #211997
  • Allows deploying a model after a failed deployment in Machine Learning #211459
  • Ensures the members array is unique for GroupStreamDefinitions #210089
  • Improves function search for easier navigation and discovery #210437
  • Adds alert status management to the AI Assistant connector #203729
  • Enables the new Borealis theme #210468
  • Applies compact Display options Popover layout #210180
  • Increases search timeout toast lifetime to 1 week #210576
  • Improves performance in dependencies endpoints to prevent high CPU usage #209999
  • Adds "Logs" tab to mobile services #209944
  • Adds "All logs" data view to the Classic navigation #209042
  • Changes default to "native" function calling if the connector configuration is not exposed #210455
  • Updates entity insight badge to open entity flyouts #208287
  • Standardizes actions in Alerts KPI visualizations #206340
  • Allows the creation of dynamic aggregations controls for ES|QL charts #210170
  • Fixes the values control FT #211159
  • Trained models: Replaces the Download button by extending the deploy action #205699
  • Adds the useCustomDragHandle property #210463
  • Fixes an issue where clicking on the name badge for a synthetics monitor on an SLO details page would lead to a page that failed to load monitor details #210695
  • Fixes an issue where the popover in the rules page may get stuck when being clicked more than once #208996
  • Fixes an error in the cases list when the case assignee is an empty string #209973
  • Fixes an issue with assigning color mappings when multiple layers are defined #208571
  • Fixes an issue where behind text colors were not correctly assigned, such as in Pie, Treemap, and Mosaic charts #209632
  • Fixes an issue where dynamic coloring has been disabled from Last value aggregation types #209110
  • Fixes panel styles #210113
  • Fixes incorrectly serialized searchSessionId attribute #210765
  • Fixes the "Save to library" action that could break the chart panel #210125
  • Fixes link settings not persisting #211041
  • Fixes "Untitled" export title when exporting CSV from a dashboard #210143
  • Missing items in the trace waterfall shouldn't break it entirely #210210
  • Removes unused error.id in getErrorGroupMainStatistics queries #210613
  • Fixes connector test in MKI #211235
  • Fixes an issue where clicking a link in the host/user flyout did not refresh the details panel #209863
  • Makes 7.x signals/alerts compatible with 8.18 alerts UI #209936
  • Handles empty categorization results from LLM #210420
  • Remembers page index in Rule Updates table #209537
  • Adds concurrency limits and request throttling to prebuilt rule routes #209551
  • Fixes package name validation on the Datastream page #210770
  • Makes entity store description more generic #209130
  • Deletes 'critical services' count from the Entity Analytics Dashboard header #210827
  • Disables sorting IP ranges in value list modal #210922
  • Updates entity store copies #210991
  • Fixes generated name for integration title #210916
  • Fixes formatting and sorting for custom ES|QL vars #209360
  • Fixes WHERE autocomplete with MATCH before LIMIT #210607
  • Updates install snippets to include all platforms #210249
  • Updates component templates with deprecated setting #210200
  • Hides saved query controls in AIOps #210556
  • Fixes unattended Transforms in integration packages not automatically restarting after reauthorizing #210217
  • Reinstates switch to support generating public URLs for embed when supported #207383
  • Provides a fallback view to recover from Stack Alerts page filters bar errors #209559
  • Handles multiple prompt for the Rule connector #209221
  • Adds max_file_size_bytes advanced option to malware for all operating systems #209541
  • Introducs GroupStreams #208126
  • Service example added to entity store upload #209023
  • Updates the bucket_span for ML jobs in the security_host module #209663
  • Improves handling for operator-defined role mappings #208710
  • Adds object_src directive to Content-Security-Policy-Report-Only header #209306
  • Fixes highlight for HJSON #208858
  • Disables pointer events on drag + resize #208647
  • Restores show missing dataView error message in case of missing datasource #208363
  • Fixes issue with Amsterdam theme where charts render with the incorrect background color #209595
  • Fixes an issue in Lens Table where a split-by metric on a terms rendered incorrect colors in table cells #208623
  • Forces return 0 on empty buckets on count if null flag is disabled #207308
  • Fixes all embeddables rebuilt on refresh #209677
  • Fixes using data view runtime fields during rule execution for the custom threshold rule #209133
  • Fixes running processes that were missing from the processes table #209076
  • Fixes missing exception stack trace #208577
  • Fixes the preview chart in the Custom Threshold rule creation form when the field name has slashes #209263
  • Display No Data in Threshold breached component #209561
  • Fixes an issue where APM charts were rendered without required transaction type or service name, causing excessive alerts to appear #209552
  • Fixes bug that caused issues with loading SLOs by status, SLI type, or instance id #209910
  • Updates colors in the AI Assistant icon #210233
  • Updates the simulate function calling setting to support "auto" #209628
  • Fixes structured log template to use single quotes #209736
  • Fixes ES|QL alert on alert #208894
  • Fixes issue with multiple IP addresses in strings #209475
  • Keeps the histogram config on time change #208053
  • WHERE replacement ranges correctly generated for every case #209684
  • Updates removed parameters of the Fleet -> Logstash output configurations #210115
  • Fixes log rate analysis, change point detection, and pattern analysis embeddables not respecting filters from Dashboard's controls #210039
  • Rework saved query privileges #202863
  • In-table search #206454
  • Refactor RowHeightSettings component to EUI layout #203606
  • Chat history details in conversation list #207426
  • Cases assignees sub feature #201654
  • Adds preview logged requests for new terms, threshold, query, ML rule types #203320
  • Adds in-text citations to security solution AI assistant responses #206683
  • Remove Tech preview badge for GA #208523
  • Adds new View job detail flyouts for Anomaly detection and Data Frame Analytics #207141
  • Adds a default "All logs" temporary data view in the Observability Solution view #205991
  • Adds Knowledge Base entries API #206407
  • Adds Kibana Support for Security AI Prompts Integration #207138
  • Changes to support event.ingested as a configurable timestamp field for init and enable endpoints #208201
  • Adds Spaces column to Anomaly Detection, Data Frame Analytics and Trained Models management pages #206696
  • Adds simple flyout based file upload to Search #206864
  • Bump kube-stack Helm chart onboarding version #208217
  • Log deprecated api usages #207904
  • Added support for human readable name attribute for saved objects audit events #206644
  • Enhanced Role management to manage larger number of roles by adding server side filtering, pagination and querying #194630
  • Added Entity Store data view refresh task #208543
  • Increase maximum Osquery timeout to 24 hours #207276
  • Remove use of fr unit #208437
  • Fixes load more request size #207901
  • Persist runPastTimeout setting #208611
  • Allow panel to extend past viewport on resize #208828
  • Knowledge base install updates #208250
  • Fixes conversations test in MKI #208649
  • Fixes ping heatmap regression when Inspect flag is turned off #208726
  • Fixes monitor status rule for empty kql query results #208922
  • Fixes multiple flyouts #209158
  • Adds missing fields to input manifest templates #208768
  • "Select a Connector" popup does not show up after the user selects any connector and then cancels it from Endpoint Insights #208969
  • Logs shard failures for eql event queries on rule details page and in event log #207396
  • Adds filter to entity definitions schema #208588
  • Fixes missing ecs mappings #209057
  • Apply the timerange to the fields fetch in the editor #208490
  • Update java.ts - removing serverless link #204571
  • Breaks out timeline and note privileges in Elastic Security Serverless #201780
  • Adds service enrichment to the detection engine in Elastic Security Serverless #206582
  • Updates the Entity Store Dashboard to prompt for the Service Entity Type in Elastic Security Serverless #207336
  • Adds enrichPolicyExecutionInterval to entity enablement and initialization APIs in Elastic Security Serverless #207374
  • Introduces a lookback period configuration for the Entity Store in Elastic Security Serverless #206421
  • Allows pre-configured connectors to opt into exposing their configurations by setting exposeConfig in Alerting #207654
  • Adds selector syntax support to log source profiles in Elastic Observability Serverless #206937
  • Displays stack traces in the logs overview tab in Elastic Observability Serverless #204521
  • Enables the use of the rule form to create rules in Elastic Observability Serverless #206774
  • Checks only read privileges of existing indices during rule execution in Elastic Security Serverless #177658
  • Updates KNN search and query template autocompletion in Elasticsearch Serverless #207187
  • Updates JSON schemas for code editors in Machine Learning #207706
  • Reindexes the .kibana_security_session_1 index to the 8.x format in Security #204097
  • Fixes editing alerts filters for multi-consumer rule types in Alerting #206848
  • Resolves an issue where Chrome was no longer hidden for reports in Dashboards and Visualizations #206988
  • Updates library transforms and duplicate functionality in Dashboards and Visualizations #206140
  • Fixes an issue where drag previews are now absolutely positioned in Dashboards and Visualizations #208247
  • Fixes an issue where an accessible label now appears on the range slider in Dashboards and Visualizations #205308
  • Fixes a dropdown label sync issue when sorting by "Type" #206424
  • Fixes an access bug related to user instructions in Elastic Observability Serverless #207069
  • Fixes the Open Explore in Discover link to open in a new tab in Elastic Observability Serverless #207346
  • Returns an empty object for tool arguments when none are provided in Elastic Observability Serverless #207943
  • Ensures similar cases count is not fetched without the proper license in Elastic Security Serverless #207220
  • Fixes table leading actions to use standardized colors in Elastic Security Serverless #207743
  • Adds missing fields to the AWS S3 manifest in Elastic Security Serverless #208080
  • Prevents redundant requests when loading Discover sessions and toggling chart visibility in ES|QL #206699
  • Fixes a UI error when agents move to an orphaned state in Fleet #207746
  • Restricts non-local Elasticsearch output types for agentless integrations and policies in Fleet #207296
  • Fixes table responsiveness in the Notifications feature of Machine Learning #206956
  • Adds last alert status change to Elastic Security Serverless flyout #205224
  • Case templates are now GA #205940
  • Adds format to JSON messages in Elastic Observability Serverless Logs profile #205666
  • Adds inference connector in Elastic Security Serverless AI features #204505
  • Adds inference connector for Auto Import in Elastic Security Serverless #206111
  • Adds Feature Flag Support for Cloud Security Posture Plugin in Elastic Security Serverless #205438
  • Adds the ability to sync Machine Learning saved objects to all spaces #202175
  • Improves messages for recovered alerts in Machine Learning Transforms #205721
  • Fixes an issue where "KEEP" columns are not applied after an Elasticsearch error in Discover #205833
  • Resolves padding issues in the document comparison table in Discover #205984
  • Fixes a bug affecting bulk imports for the knowledge base in Elastic Observability Serverless #205075
  • Enhances the Find API by adding cursor-based pagination (search_after) as an alternative to offset-based pagination #203712
  • Updates Elastic Observability Serverless to use architecture-specific Elser models #205851
  • Fixes dynamic batching in the timeline for Elastic Security Serverless #204034
  • Resolves a race condition bug in Elastic Security Serverless related to OpenAI errors #205665
  • Improves the integration display by ensuring all policies are listed in Elastic Security Serverless #205103
  • Renames color variables in the user interface for better clarity and consistency #204908
  • Allows editor suggestions to remain visible when the inline documentation flyout is open in ES|QL #206064
  • Ensures the same time range is applied to documents and the histogram in ES|QL #204694
  • Fixes validation for the "required" field in multi-text input fields in Fleet #205768
  • Fixes timeout issues for bulk actions in Fleet #205735
  • Handles invalid RRule parameters to prevent infinite loops in alerts #205650
  • Fixes privileges display for features and sub-features requiring "All Spaces" permissions in Fleet #204402
  • Prevents password managers from modifying disabled input fields #204269
  • Updates the listing control in the user interface #205914
  • Improves consistency in the help dropdown design #206280
  • Introduces case observables in Elastic Security Serverless #190237
  • Adds a JSON field called "additional fields" to ServiceNow cases when sent using connector, containing the internal names of the ServiceNow table columns #201948
  • Adds the ability to configure the appearance color mode to sync dark mode with the system value #203406
  • Makes the "Copy" action visible on cell hover in Discover #204744
  • Updates the EnablementModalCallout name to AdditionalChargesMessage in Elastic Security Serverless #203061
  • Adds more control over which Elastic Security Serverless alerts in Attack Discovery are included as context to the large language model #205070
  • Adds a consistent layout and other UI enhancements for machine learning pages #203813
  • Fixes an issue that caused dashboards to lag when dragging the time slider #201885
  • Updates the CloudFormation template to the latest version and adjusts the documentation to reflect the use of a single Firehose stream created by the new template #204185
  • Fixes Integration and Datastream name validation in Elastic Security Serverless #204943
  • Fixes an issue in the Automatic Import process where there is now inclusion of the @timestamp field in ECS field mappings whenever possible #204931
  • Allows Automatic Import to safely parse Painless field names that are not valid Painless identifiers in if contexts #205220
  • Aligns the Box Native Connector configuration fields with the source of truth in the connectors codebase, correcting mismatches and removing unused configurations #203241
  • Fixes the "Show all agent tags" option in Fleet when the agent list is filtered #205163
  • Updates the Results Explorer flyout footer buttons alignment in Data Frame Analytics #204735
  • Adds a missing space between lines in the Data Frame Analytics delete job modal #204732
  • Fixes an issue where the Refresh button in the Anomaly Detection Datafeed counts table was unresponsive #204625
  • Fixes the inference timeout check in File Upload #204722
  • Fixes the side bar navigation for the Data Visualizer #205170
  • Optimizes the Kibana Trained Models API #200977
  • Adds a Create Case action to the Log rate analysis page #201549
  • Improves AI Assistant’s response quality by giving it access to Elastic’s product documentation #199694
  • Adds support for suppressing EQL sequence alerts #189725
  • Adds an Advanced settings section to the SLO form #200822
  • Adds a new sub-feature privilege under Synthetics and Uptime Can manage private locations #201100
  • Fixes point visibility regression #202358
  • Improves help text of creator and view count features on dashboard listing page #202488
  • Highlights matching field values when performing a KQL search on a keyword field #201952
  • Supports "Inspect" in saved search embeddables #202947
  • Fixes your ability to clear the user-specific system prompt #202279
  • Fixes error when opening rule flyout #202386
  • Fixes to Ops Genie as a default connector #201923
  • Fixes actions on charts #202443
  • Adds flyout to table view in Infrastructure Inventory #202646
  • Fixes service names with spaces not being URL encoded properly for context.viewInAppUrl #202890
  • Allows access query logic to handle user ID and name conditions #202833
  • Fixes APM rule error message for invalid KQL filter #203096
  • Rejects CEF logs from Automatic Import and redirects you to the CEF integration instead #201792
  • Updates the install rules title and message #202226
  • Fixes error on second entity engine init API call #202903
  • *estricts unsupported log formats #202994
  • Removes errors related to Enterprise Search nodes #202437
  • Improves web crawler name consistency #202738
  • Fixes editor cursor jumpiness #202389
  • Fixes rollover datastreams on subobjects mapper exception #202689
  • Fixes spaces sync to retrieve 10,000 trained models #202712
  • Fixes log rate analysis embeddable error on the Alerts page #203093
  • Fixes Slack API connectors not displayed under Slack connector type when adding new connector to rule #202315
  • Elastic Observability Serverless adds a new sub-feature for managing private locations #201100
  • Elastic Observability Serverless adds the ability to configure SLO advanced settings from the UI #200822
  • Elastic Security Serverless adds support for suppressing EQL sequence alerts #189725
  • Elastic Security Serverless adds a /trained_models_list endpoint to retrieve complete data for the Trained Model UI #200977
  • Machine Learning adds an action to include log rate analysis in a case #199694
  • Machine Learning enhances the Kibana API to optimize trained models #201549
  • Fixes Slack API connectors not being displayed under the Slack connector type when adding a new connector to a rule in Alerting #202315
  • Fixes point visibility regression in dashboard visualizations #202358
  • Improves help text for creator and view count features on the Dashboard listing page #202488
  • Highlights matching field values when performing a KQL search on a keyword field in Discover #201952
  • Adds support for the Inspect option in saved search embeddables in Discover #202947
  • Enables the ability to clear user-specific system prompts in Elastic Observability Serverless #202279
  • Fixes an error when opening the rule flyout in Elastic Observability Serverless #202386
  • Improves handling of Opsgenie as the default connector in Elastic Observability Serverless #201923
  • Fixes issues with actions on charts in Elastic Observability Serverless #202443
  • Adds a flyout to the table view in Infrastructure Inventory in Elastic Observability Serverless #202646
  • Fixes service names with spaces not being URL-encoded properly for {{context.viewInAppUrl}} in Elastic Observability Serverless #202890
  • Enhances access query logic to handle user ID and name conditions in Elastic Observability Serverless #202833
  • Fixes an APM rule error message when a KQL filter is invalid in Elastic Observability Serverless #203096
  • Restricts and rejects CEF logs in automatic import and redirects them to the CEF integration in Elastic Security Serverless #201792
  • Updates the copy of the install rules title and message in Elastic Security Serverless #202226
  • Clears errors on the second entity engine initialization API call in Elastic Security Serverless #202903
  • Restricts unsupported log formats in Elastic Security Serverless #202994
  • Removes errors related to Enterprise Search nodes in Elasticsearch Serverless #202437
  • Ensures consistency in web crawler naming in Elasticsearch Serverless #202738
  • Fixes editor cursor jumpiness in ES|QL #202389
  • Implements rollover of data streams on subobject mapper exceptions in Fleet #202689
  • Fixes trained models to retrieve up to 10,000 models when spaces are synced in Machine Learning #202712
  • Fixes a Log Rate Analysis embeddable error on the Alerts page in AiOps #203093
  • Adds tabs for Import Entities and Engine Status to the Entity Store #201235
  • Adds status tracking for agentless integrations to Fleet #199567
  • Adds a new machine learning module that can detect anomalous activity in host-based logs #195582
  • Allows custom Mapbox Vector Tile sources to style map layers and provide custom legends #200656
  • Excludes stale SLOs from counts of healthy and violated SLOs #201027
  • Adds a "Continue without adding integrations" message to the Elastic Security Dashboards page that takes you to the Entity Analytics dashboard #201363
  • Displays visualization descriptions under their titles #198816
  • Hides the Clear button when no filters are selected #200177
  • Fixes a mismatch between how wildcards were handled in previews versus actual rule executions #201553
  • Fixes incorrect Y-axis and hover values in the Service Inventory’s Log rate chart #201361
  • Disables the Add note button in the alert details flyout for users who lack privileges #201707
  • Fixes the descriptions of threshold rules that use cardinality #201162
  • Disables the Install All button on the Add Elastic Rules page when rules are installing #201731
  • Reintroduces a data usage warning on the Entity Analytics Enablement modal #201920
  • Improves accessibility for the Create a connector page #201590
  • Fixes a bug that could cause Elastic Agents to get stuck updating during scheduled upgrades #202126
  • Fixes a bug related to starting machine learning deployments with autoscaling and no active nodes #201256
  • Initializes saved objects when the Trained Model page loads #201426
  • Fixes the display of deployment stats for unallocated deployments of machine learning models #202005
  • Enables the solution type search for instant deployments #201688
  • Improves the consistency of alert counts across different views #202188