Merge branch 'master' into cancel-browser-request

Author: kibanamachine

.github/CODEOWNERS

@@ -66,6 +66,7 @@
 # APM
 /x-pack/plugins/apm/  @elastic/apm-ui
 /x-pack/test/functional/apps/apm/  @elastic/apm-ui
+/x-pack/test/apm_api_integration/ @elastic/apm-ui
 /src/plugins/apm_oss/  @elastic/apm-ui
 /src/apm.js @elastic/kibana-core @vigneshshanmugam
 /packages/kbn-apm-config-loader/ @elastic/kibana-core @vigneshshanmugam
@@ -80,6 +81,7 @@
 /x-pack/plugins/apm/server/lib/rum_client @elastic/uptime
 /x-pack/plugins/apm/server/routes/rum_client.ts @elastic/uptime
 /x-pack/plugins/apm/server/projections/rum_page_load_transactions.ts @elastic/uptime
+/x-pack/test/apm_api_integration/tests/csm/ @elastic/uptime
 
 # Beats
 /x-pack/plugins/beats_management/  @elastic/beats
@@ -99,7 +101,7 @@
 
 # Observability UIs
 /x-pack/plugins/infra/ @elastic/logs-metrics-ui
-/x-pack/plugins/fleet/ @elastic/ingest-management
+/x-pack/plugins/fleet/ @elastic/fleet
 /x-pack/plugins/observability/ @elastic/observability-ui
 /x-pack/plugins/monitoring/ @elastic/stack-monitoring-ui
 /x-pack/plugins/uptime @elastic/uptime

.github/paths-labeller.yml

@@ -10,7 +10,7 @@
     - "src/plugins/bfetch/**/*.*"
   - "Team:apm":
     - "x-pack/plugins/apm/**/*.*"
-  - "Team:Ingest Management":
+  - "Team:Fleet":
     - "x-pack/plugins/fleet/**/*.*"
     - "x-pack/test/fleet_api_integration/**/*.*"
   - "Team:uptime":

docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchinterceptor.handlesearcherror.md

@@ -7,14 +7,14 @@
 <b>Signature:</b>
 
 ```typescript
-protected handleSearchError(e: any, timeoutSignal: AbortSignal, options?: ISearchOptions): Error;
+protected handleSearchError(e: KibanaServerError | AbortError, timeoutSignal: AbortSignal, options?: ISearchOptions): Error;
 ```
 
 ## Parameters
 
 |  Parameter | Type | Description |
 |  --- | --- | --- |
-|  e | <code>any</code> |  |
+|  e | <code>KibanaServerError &#124; AbortError</code> |  |
 |  timeoutSignal | <code>AbortSignal</code> |  |
 |  options | <code>ISearchOptions</code> |  |
 

docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.fetch.md

@@ -4,8 +4,12 @@
 
 ## SearchSource.fetch() method
 
-Fetch this source and reject the returned Promise on error
+> Warning: This API is now obsolete.
+> 
+> Use fetch$ instead
+> 
 
+Fetch this source and reject the returned Promise on error
 
 <b>Signature:</b>
 

docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.fetch_.md

@@ -0,0 +1,24 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [kibana-plugin-plugins-data-public](./kibana-plugin-plugins-data-public.md) &gt; [SearchSource](./kibana-plugin-plugins-data-public.searchsource.md) &gt; [fetch$](./kibana-plugin-plugins-data-public.searchsource.fetch_.md)
+
+## SearchSource.fetch$() method
+
+Fetch this source from Elasticsearch, returning an observable over the response(s)
+
+<b>Signature:</b>
+
+```typescript
+fetch$(options?: ISearchOptions): import("rxjs").Observable<import("elasticsearch").SearchResponse<any>>;
+```
+
+## Parameters
+
+|  Parameter | Type | Description |
+|  --- | --- | --- |
+|  options | <code>ISearchOptions</code> |  |
+
+<b>Returns:</b>
+
+`import("rxjs").Observable<import("elasticsearch").SearchResponse<any>>`
+

docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchsource.md

@@ -33,6 +33,7 @@ export declare class SearchSource
 |  [createCopy()](./kibana-plugin-plugins-data-public.searchsource.createcopy.md) |  | creates a copy of this search source (without its children) |
 |  [destroy()](./kibana-plugin-plugins-data-public.searchsource.destroy.md) |  | Completely destroy the SearchSource.  {<!-- -->undefined<!-- -->} |
 |  [fetch(options)](./kibana-plugin-plugins-data-public.searchsource.fetch.md) |  | Fetch this source and reject the returned Promise on error |
+|  [fetch$(options)](./kibana-plugin-plugins-data-public.searchsource.fetch_.md) |  | Fetch this source from Elasticsearch, returning an observable over the response(s) |
 |  [getField(field, recurse)](./kibana-plugin-plugins-data-public.searchsource.getfield.md) |  | Gets a single field from the fields |
 |  [getFields()](./kibana-plugin-plugins-data-public.searchsource.getfields.md) |  | returns all search source fields |
 |  [getId()](./kibana-plugin-plugins-data-public.searchsource.getid.md) |  | returns search source id |

docs/development/plugins/data/public/kibana-plugin-plugins-data-public.searchtimeouterror._constructor_.md

@@ -9,13 +9,13 @@ Constructs a new instance of the `SearchTimeoutError` class
 <b>Signature:</b>
 
 ```typescript
-constructor(err: Error, mode: TimeoutErrorMode);
+constructor(err: Record<string, any>, mode: TimeoutErrorMode);
 ```
 
 ## Parameters
 
 |  Parameter | Type | Description |
 |  --- | --- | --- |
-|  err | <code>Error</code> |  |
+|  err | <code>Record&lt;string, any&gt;</code> |  |
 |  mode | <code>TimeoutErrorMode</code> |  |
 

docs/setup/upgrade/upgrade-migrations.asciidoc

@@ -19,17 +19,16 @@ Saved objects are stored in two indices:
 * `.kibana_{kibana_version}_001`, or if the `kibana.index` configuration setting is set `.{kibana.index}_{kibana_version}_001`. E.g. for Kibana v7.12.0 `.kibana_7.12.0_001`.
 * `.kibana_task_manager_{kibana_version}_001`, or if the `xpack.tasks.index` configuration setting is set `.{xpack.tasks.index}_{kibana_version}_001` E.g. for Kibana v7.12.0 `.kibana_task_manager_7.12.0_001`.
 
-The index aliases `.kibana` and `.kibana_task_manager` will always point to the most up-to-date version indices.
+The index aliases `.kibana` and `.kibana_task_manager` will always point to
+the most up-to-date saved object indices.
 
 The first time a newer {kib} starts, it will first perform an upgrade migration before starting plugins or serving HTTP traffic. To prevent losing acknowledged writes old nodes should be shutdown before starting the upgrade. To reduce the likelihood of old nodes losing acknowledged writes, {kib} 7.12.0 and later will add a write block to the outdated index. Table 1 lists the saved objects indices used by previous versions of {kib}.
 
 .Saved object indices and aliases per {kib} version
 [options="header"]
-[cols="a,a,a"]
 |=======================
-|Upgrading from version | Outdated index (alias) | Upgraded index (alias)
-| 6.0.0 through 6.4.x    | `.kibana`     1.3+^.^| `.kibana_7.12.0_001`
-(`.kibana` alias)
+|Upgrading from version | Outdated index (alias)
+| 6.0.0 through 6.4.x    | `.kibana`     
 
 `.kibana_task_manager_7.12.0_001` (`.kibana_task_manager` alias)
 | 6.5.0 through 7.3.x    | `.kibana_N` (`.kibana` alias)

docs/user/alerting/alert-types.asciidoc

@@ -8,7 +8,7 @@ This section covers stack alerts. For domain-specific alert types, refer to the
 Users will need `all` access to the *Stack Alerts* feature to be able to create and edit any of the alerts listed below.
 See <<kibana-feature-privileges, feature privileges>> for more information on configuring roles that provide access to this feature. 
 
-Currently {kib} provides one stack alert: the <<alert-type-index-threshold>> type.
+Currently {kib} provides two stack alerts: <<alert-type-index-threshold>> and <<alert-type-es-query>>.
 
 [float]
 [[alert-type-index-threshold]]
@@ -112,6 +112,47 @@ You can interactively change the time window and observe the effect it has on th
 [role="screenshot"]
 image::images/alert-types-index-threshold-example-comparison.png[Comparing two time windows]
 
+[float]
+[[alert-type-es-query]]
+=== ES query
+
+The ES query alert type is designed to run a user-configured {es} query over indices, compare the number of matches to a configured threshold, and schedule
+actions to run when the threshold condition is met.
+
+[float]
+==== Creating the alert
+
+An ES query alert can be created from the *Create* button in the <<alert-management, alert management UI>>. Fill in the <<defining-alerts-general-details, general alert details>>, then select *ES query*.
+
+[role="screenshot"]
+image::images/alert-types-es-query-select.png[Choosing an ES query alert type]
+
+[float]
+==== Defining the conditions
 
+The ES query alert has 4 clauses that define the condition to detect.
 
+[role="screenshot"]
+image::images/alert-types-es-query-conditions.png[Four clauses define the condition to detect]
+
+Index:: This clause requires an *index or index pattern* and a *time field* that will be used for the *time window*.
+ES query:: This clause specifies the ES DSL query to execute. The number of documents that match this query will be evaulated against the threshold
+condition. Aggregations are not supported at this time. 
+Threshold:: This clause defines a threshold value and a comparison operator  (`is above`, `is above or equals`, `is below`, `is below or equals`, or `is between`). The number of documents that match the specified query is compared to this threshold.
+Time window:: This clause determines how far back to search for documents, using the *time field* set in the *index* clause. Generally this value should be set to a value higher than the *check every* value in the <<defining-alerts-general-details, general alert details>>, to avoid gaps in detection. 
+
+[float]
+==== Testing your query
+
+Use the *Test query* feature to verify that your query DSL is valid.
 
+When your query is valid:: Valid queries will be executed against the configured *index* using the configured *time window*. The number of documents that
+match the query will be displayed.
+
+[role="screenshot"]
+image::images/alert-types-es-query-valid.png[Test ES query returns number of matches when valid]
+
+When your query is invalid:: An error message is shown if the query is invalid.
+
+[role="screenshot"]
+image::images/alert-types-es-query-invalid.png[Test ES query shows error when invalid]