Kibana Release Notes

Fixes

Alerting

• Fixes Webhook Connector accessTokenUrl validation #258290.

Dashboards and Visualizations

• Adjusts scrolling when you drag and drop a dashboard panel to avoid jumping #258445.
• Fixes Canvas library embeddables failing to load when savedObjectId is present without saved object references #257779.
• Fixes a race condition in the dashboard backup service and removes unnecessary error toasts #257762.
• Fixes Add from library in Canvas creating incorrect embeddable state #257261.
• Fixes Lens panels appearing to revert after inline edits until you refresh the page, even though changes are saved #256984.

Data ingestion and Fleet

• Improves screen reader announcements and focus when moving processors in the ingest pipeline editor #259096.
• Fixes Fleet bulk agent actions (unenroll, upgrade, reassign to policy) not respecting the current space when selection uses a kuery filter #258582.
• Fixes automatic agent upgrades stopping early with “target percentage already reached” because agents upgrading in other policies are also counted #258387.

Data management

• Restores keyboard focus to the Create a transform button on the Transforms page #258095.
• Enhances screen reader notifications for bulk actions in Index Management tables, providing live announcements when the bulk actions menu becomes visible or hidden #257089.

Elastic Observability solution

For the Elastic Observability 9.3.3 release information, refer to Elastic Observability Solution Release Notes.

Elastic Security solution

For the Elastic Security 9.3.3 release information, refer to Elastic Security Solution Release Notes.

Elasticsearch solution

• Fixes the query rules UI rejecting case variants as duplicate values #259506.
• Fixes only passing filtered rules to the API and deleting rules not matching the filter in the Query Rule Set editor #259503.
• Prevents creating incompatible inference endpoints when adding a semantic_text field in the Index Management mappings editor #256586.

Machine Learning

• Fixes the anomaly swim lane dashboard panel not refreshing #259962.
• Fixes a console error when opening the data frame analytics jobs list #258591.
• Adds aria labels to job wizard combo boxes #258509.

Original source Report a problem

The 9.3.2 release contains fixes for potential security vulnerabilities. Check our security advisory for more details.

Features and enhancements

Elastic Security solution:
For the Elastic Security 9.3.2 release information, refer to Elastic Security Solution Release Notes.

Connectivity:

• Adds Gemini 2.5 Flash Lite, Claude 4.5 Haiku, and Claude 4.6 Sonnet models to preconfigured connectors #253109.

Fixes

Elastic Agent Builder:

• Fixes a bug in the platform.core.search tool and index_search tool type where nested fields were ignored when searching for matching documents #255914.
• Fixes MCP connectors ignoring the proxy and SSL configuration from the actions plugin (xpack.actions configuration property) #255813.

Alerting:

• Fixes a problem generating a report with multi-page Canvas workpads #255022.
• Fixes a blank page appearing at the end of PDF exports when using the Print format option with an even number of dashboard visualizations #254957.
• Improves handling of 204 responses #251090.

Dashboards and Visualizations:

• Fixes an issue where embedded panels in Canvas workpads could lose their saved object references, causing panels to fail to load #252191.
• Fixes the Add from library action adding incorrect embeddable state #257261.
• Fixes Lens transforms #257224.
• Fixes an issue where dashboard panels could get stuck in an infinite loading state after an error instead of showing error messages #257188.
• Fixes Maps failing to load when the stored time filter contained a quick mode value #255178.

Data ingestion and Fleet:

• Fixes the unenroll task and adds an FTR test #255726.
• Fixes incorrect installation of assets #254923.

Discover:

• Fixes glitchy rendering in the Attributes tab #255173.

Elastic Observability solution:
For the Elastic Observability 9.3.2 release information, refer to Elastic Observability Solution Release Notes.

Elastic Security solution:
For the Elastic Security 9.3.2 release information, refer to Elastic Security Solution Release Notes.

Kibana platform:

• Fixes the spaces list displaying No spaces match text on load #255654.
• Fixes the embeddable console auto-closing on chrome or overlay clicks #253382.
• Fixes an issue where the Kibana JSON logger could produce JSON objects with a large number of numbered keys #256233.

Kibana security:

• Adds waitFor for the privilege button #255094.
• Fixes an issue where saving a dashboard included access control features when a user profile was not available #255065.

Machine Learning:

• Fixes screen reader announcements for flyouts #256409.

Management:

• Improves name announcement in the index mode modal #256392.
• Fixes an issue in Dev Tools Console where syntax highlighting broke when queries contained accented or non-ASCII characters #255649.
• Fixes an issue in Dev Tools Console where closing nested braces broke syntax highlighting for subsequent elements #255426.

Search:

• Changes the Run in Console button type #256455.
• Fixes Search Playground routes to limit the maximum size of arrays #255881.
• Fixes focus behavior when there are errors in the connector flyout form #255770.
• Adds server-side API key generation #256083.

Original source Report a problem

The 9.3.1 release contains fixes for potential security vulnerabilities. Check our security advisory for more details.

Features and enhancements

Data ingestion and Fleet

• Allows integration rollback even if all package policies are not on an upgraded version #253646.

Elastic Security solution

For the Elastic Security 9.3.1 release information, refer to Elastic Security Solution Release Notes.

Machine Learning

• Adds a dynamic default connector to GenAI settings #252861.
• Adds missing ES|QL commands and functions documentation for inference tasks #249089.

Fixes

Alerting and cases

• Fixes a bug with PagerDuty where setting the Custom details field causes rules to fail #253683.
• Adds external reference IDs to the attached documents check when a case is selected #253107.
• Fixes rule execution failing due to null execution UUIDs #252618.
• Improves handling of 204 responses #251090.

Connectivity

• Fixes AI Connector form fields incorrectly resetting to default values when cleared with backspace #251095.
• Updates connector description terminology to reference "pre-configured AI connectors" #250649.

Dashboards and Visualizations

• Fixes layer editor scrolling in the full Lens editor #253247.
• Fixes runtime_mappings being ignored or overridden in Vega specs when defined in data[].url.body #253560.

Data ingestion and Fleet

• Fixes an issue where an agent rolled back after an upgrade could not be upgraded again in Fleet UI #253850.

Discover

• Fixes handling of missing values #251892.

Elastic Observability solution

For the Elastic Observability 9.3.1 release information, refer to Elastic Observability Solution Release Notes.

Elastic Security solution

For the Elastic Security 9.3.1 release information, refer to Elastic Security Solution Release Notes.

Kibana platform

• Strips system-managed date fields from ingest pipelines before PUT requests #252579.
• Fixes Stack Monitoring breadcrumb when in solution view #249751.

Machine Learning

• Fixes "today" and "this week" filters for Log Rate and Pattern Analysis embeddables #252925.
• Fixes word break in Anomaly Detection page titles #250058.

Management

• Fixes autocomplete not working in embedded console #253306.
• Fixes an issue loading the doc count in index management when viewing larger page sizes with long index names #252422.
• Fixes a validation error for AI pipeline suggestions with empty grok patterns #251113.

Search

• Fixes homepage throwing errors when license level is below Enterprise #251484.
• Reduces background polling on the Index Details page to avoid unnecessary API requests #251446.
• Fixes links being visible on Search homepage when the user doesn't have access #251437.

Workflows

• Adds datemath support to the KQL evaluator #252840.

Original source Report a problem

Features and enhancements

Elastic Agent Builder

• Elastic Agent Builder is now generally available. It is enabled by default in Elasticsearch solution environments, and you can opt in to Agent Builder and its AI Agent chat experience in Observability and Security solution environments. Learn how to get started.

Alerting

• Supports searching for report schedules by title and creator #243841.
• Provides fields for specifying cc and bcc recipients, the subject line, and the message for scheduled report email notifications #242922.
• Enables incremental human-readable case IDs #238555.
• Adds option to delete report schedules #238197.
• Alert cleanup is now generally available #247465.
• Adds search to the new Attachments tab in cases #246265.
• Adds support for searching rules by their actions' params using the API #246123.
• Scheduled reports are now generally available #245882.
• The Slack connector can now be configured to send messages to any channel using channel names #245423.
• Improves search on the case management page #245321.
• Adds option to enable disabled report schedules #244202.
• Disable flapping per rule - schema only changes #243855.
• Centralizes tabs for different attachement types under the new Attachments tab in cases #243708.
• Adds a date time picker to the cases management page to help you find cases that were created during a specific time range #243409.
• Adds option to edit report schedules #241928.
• Improves UI for specifying additional fields for IBM Resilient action #238869.
• Makes Agent ID the default observables type #238533.
• Adds kibana.alert.index_pattern to all Stack alerts. This change doesn't affect detection alerts #239450.

Connectivity

• Elastic will regularly be adding new AI models from 9.3 onwards which will appear as pre-configured AI connectors in Kibana. Refer to the Elastic Inference Service page for more details.
• Adds Groq to the list of available providers for the Inference/AI Connector and for Inference endpoint creation #244962.
• Introduces a Brave Search connector #245329.
• The webhook connector now supports the following HTTP request methods: POST(default), PUT, PATCH, GET, and DELETE #238072.
• Adds new preconfigured connectors and updates existing ones #242791.
• Adds a new temperature parameter to AI Connector and to OpenAI, Bedrock, and Gemini connectors #239806.
• Adds support for headers in the OpenAI integration #238710.

Dashboards and Visualizations

• Dashboards now support ownership and "write_restricted" mode. You can now keep dashboards publicly editable or in a write-restricted state until they are ready to be published, giving you more control over who can edit your dashboards, regardless of broader space permissions #224552.
• Adds support for chaining variable controls. You can now set up variable controls to depend on the values selected for another variable control #242909.
• Adds basic filtering support for interactions with ES|QL charts #243439.
• Removes the Supporting visualization section heading from the Primary Metric editor. All configuration options remain fully accessible in the same location under Appearance #245979.
• Reorganizes and renames color settings in the Primary Metric dimension editor. For numeric metrics, the "Color by value" and "Color mapping"/"Color" settings are now located under the "Background chart" field. The settings have been renamed as follows: "Color by value" is now "Color mode", and "Color mapping" is now "Dynamic color mapping" #243608.
• In dashboard visualization in-line editing and Lens workspace, the 'Appearance', 'Titles and text', 'Axis', and 'Legend' settings have been moved from a popover into a dedicated flyout panel #240804.
• Moves the Lens visualization toolbar from the workspace section to the configuration panel #239879
• Moves the Save as and Reset options under the top nav Save button when the dashboard is in edit mode #237211.
• The Lens configuration panel has been redesigned to display layers as tabs instead of vertically stacked panels. Layer actions (clone, remove, save) are now accessible through a menu in each tab, improving the editing experience when working with multiple data layers, annotations, and reference lines #235372.

Data ingestion and Fleet

• Enables integration knowledge generation by default and adds a UI setting that allows you to opt out of the integration knowledge indexing #245080.
• Enables rolling back integrations to the previously installed version #240761.
• Adds capability for rolling back a recent upgrade of a Fleet-managed Elastic Agent using Fleet UI or API #247398, #249416.
• Adds functionality for removing root privilege from Fleet-managed agents if applicable #237790.
• Adds Advanced Internal YAML Settings field to the agent policy settings UI #245819.
• Redesigns the Actions menu in Fleet, placing commonly used actions at the top level and organizing other actions into nested menus by use case #245174.
• Auto-migrates component templates to use type@lifecycle ILM policies during Fleet setup #243333.
• Adds a cleanup task that removes excess policy revisions from the .fleet-policies index #242612.
• Uses type@lifecycle ILM policies for new package installations #241992.
• Adds the xpack.fleet.experimentalFeatures config setting #238840.
• Adds a Show agentless resources toggle on the Fleet > Settings page for debugging and diagnostics #237528.
• Adds Fleet Server host authentication settings for Elastic Agent > Fleet Server SSL support #236959.
• Persists the state of filters in the agent list table while navigating within a session #228875.

Discover

• Discover now shows partial results after a search gets canceled #242346.
• Background search is now enabled by default in all environments #242105.
• Adds a “Copy as Markdown” option for selected results #245545.
• Optimizes performance by avoiding redundant requests when breakdown or chart interval changes #245523.
• Shows multi-fields in the document viewer by default in ES|QL mode #245890.
• Adds support for filtering multivalue fields by interacting with the results table in ES|QL mode #245554.
• Improves the lookup index editor interface available in ES|QL mode #244480.
• Improves the file upload section of the lookup index editor interface #244550.
• Saving an ES|QL query's visualization to a dashboard now brings any related controls along with it #237070.
• Updates the icon in the document viewer to add or remove a field in the main documents table #246024.

ES|QL editor

• Adds a Quick search functionality that helps you turn free-text inputs into ES|QL WHERE clauses #242123.
• Adds support for multi-value variables using MV_CONTAINS functions #239266.
• Adds inline suggestions to ES|QL queries #235162.
• Allows selecting field data type in the lookup index editor interface of the ES|QL editor #241637.
• Adds support for expressions in functions #236343.
• Improves computed suggestions for expressions #246421.
• Renders string-only suggestions for Like and RLike operators #244903.
• Improves validation and autocomplete suggestions for the CASE function #244280.
• Adds context-aware suggestion ordering with categorization #243312.
• Suggests adding curly braces after the WITH keyword for RERANK and COMPLETION commands #243047.
• Adds support for new exponential_histogram Elasticsearch field type #242748.
• Wraps the fork subcommands inside aparens node #242369.
• Improves the quality of context-based suggestions #241081.
• Adds autocomplete suggestions for expressions in LOOKUP JOIN commands #240735.
• Applies the breakdown field before applying time bucketing in STATS BY commands to preserve consistent sorting across buckets in ES|QL queries #239685.

Elastic Observability solution

For the Elastic Observability 9.3.0 release information, refer to Elastic Observability Solution Release Notes.

Elastic Security solution

For the Elastic Security 9.3.0 release information, refer to Elastic Security Solution Release Notes.

Kibana platform

• Adds buttons to the time picker component to quickly shift the selected time range backward and forward, and adds timezone information to the time picker popover #243020.
• Adds cross-tab syncing for recently used time ranges #242467.
• The defaultRoute advanced setting now controls the target of the Elastic logo link for spaces using a solution view #241571.
• The name of the deployment now appears in the navigation breadcrumb on Elastic Cloud Hosted #238078.
• Enforces the object_src 'none' directive in Kibana's Content Security Policy and introduces a new csp.object_src configuration option to control its behavior
• Containers now set the default Node.js heap to 75% of available memory up to a maximum of 4096 Mb. Previously, this was set to 50% #246073.
• Linux now supports the populate_file_data advanced option which enables entropy and header_bytes fields in file events #246197.
• Adds the ability to cancel file uploads #241297.

Kibana security

• The API keys management page now defaults to showing personal API keys only #245261.
• Adds a warning when deleting API keys currently used by alerting rules #243353.
• Adds the ability to specify the origin(s) of authentication providers that appear to users logging in to Kibana #239993.
• Enhances the error message to include detailed information about why a role is considered as malformed #239098.
• Removes the AI Assistants Settings privilege #239144.

Machine Learning

• Adds an optional timeout parameter to the Inference chat model #248326.
• Adds Security machine learning modules for GCP Audit and Azure Activity Logs #236849.
• Removes median line length anomaly detection categorization check #243827.
• Adds custom header support to inference endpoints creation UI #242187.
• Improves the layout for custom inference endpoint UI #241779.
• Adds an action to create an anomaly detection alerting rule #241274.
• Makes the machine learning update space APIs public #241109.
• Improves display of long fields values in top values list #241006.
• Adds the ability to narrow down the list of anomalies that the Anomaly detection rule looks for #240100.
• Adds feedback button to the Anomaly Explorer and Single Metric Viewer #239883.

Search

• When creating a new Elasticsearch solution project, you will now land on the Elasticsearch home page by default instead of the Create index page to get immediate access to relevant tutorials and educational content #237612.
• Adds a new getting started page within the Elasticsearch solution which offers hands-on feature tutorials. This page defaults as the initial destination for users creating a new Elasticsearch solution project #245311.
• Adds a clear confirmation when an element has been successfully copied using one of the available Copy buttons on the Elasticsearch solution home page #246090.
• Adds callouts and guided tours to Kibana's Elasticsearch solution UI on Elastic Cloud Hosted and Serverless to provide better introductions to Elastic Inference Service endpoints. You can dismiss callouts and tours, which will not reappear after dismissal #244626.
• Improves the Console UI to make key actions more intuitive. The Play button is now more prominent, a new Copy to language button provides quick access to export the selected command in your preferred coding language, and the context menu has been updated to allow you to set a default language preference #242487.

Workflows

• Elastic Workflows is now available in technical preview. Build YAML-based workflows to automate actions across Elasticsearch,Kibana, external systems, and AI. Workflows support manual, scheduled, and alert-based triggers, conditional logic, and integrations with existing connectors and Agent Builder. You must turn on the feature to get started. Refer to Set up workflows for more details.

Fixes

Alerting

• Fixes cases.total_event not showing the number of events attached to a case #247996.
• Encodes terms searched on cases management page #247992.
• Adds max character validation to the email connector params and config #246453.
• Fixes an issue that caused the Security alerts table to not update columns correctly when switching view mode #245253.
• Adds alert.consecutiveMatches to action context #244997.
• Fixes case submissions becoming stale #244543.
• Allows spaces in file paths for case observables #244350.
• Catches connector errors without interrupting the case creation flow #244188.
• Improves error messages for IBM connector #244012.
• Verifies the alert exists before muting #242847.
• Fixes auto-extraction in event bulk actions #242325.
• Fixes Alerts table pagination being stuck on rule details page #242275.
• Use real dimensions when taking a screenshot of {kib} layout #242127.
• Only takes tag changes into account when connector supports them #241944.
• Improves cases management table loading to prevent flashing #240155.
• Fixes missing announcements in case forms to improve accessiblity #240132.
• Adds manual focus to buttons for case actions to improve accessiblity #239504.
• Removes autoFocus to preserve proper focus when modal closed #239366.
• Fixes observables not being added to cases when auto-extract is turned on #239000.
• Updates nodemailer to to 7.0.9 #238816.
• Adds Jira's otherFields JSON editor to case creation flow #238435.
• Isolates the configuration parameters for the Tines connector to the server side #236863.
• Enables auto-extraction by default and adds user actions for case observable actions #236524.
• Separates sync alert and auto-extract updates in case activity #236519.
• Fixes the alert history chart background color in dark mode #246017.
• Fixes infinite loop issue in investigation guide editor #240472.
• Fixes missing fields when using combined filters with the ignoreFilterIfFieldNotInIndex advanced setting enabled #238945.

Connectivity

• Ensures that the "maximum tokens" parameter is passed as expected by the service for the Anthropic connector #241188.
• Removes the default fallback region for the Bedrock connector #241157.
• Ensures all authentication fields show up correctly for the AI Connector #240913.

Dashboards and Visualizations

• Cleans filters as they’re updated from Unified Search, adds extra cleanup for compound filters by removing undefined properties, and fixes unsaved badges appearing when dashboards with compound filters are loaded #247309.
• Uses Number.MAX_VALUE instead of Infinity for the default maximum height of a panel #243572.
• Fixes an issue where saving a dashboard after switching a Dashboard Link to an External Link caused the save function to throw an error #243134.
• Fixes the silence warnings by silencing error notifications in Discover and Dashboards and changing the built-in URL restore error to a console.warn #242788.
• Fixes a regression with print mode in Dashboard #242780.
• Fixes an issue with sync colors and sync tooltips being turned on by default for new dashboards. Now, those options are turned off by default for new dashboards #242442.
• Fixes an error with deselecting a "(blank)" option from an options list #242036.
• Fixes layout issues for Markdown embeddables in small dashboard panels using CSS container queries. When a markdown panel is shorter than 120px, the UI now adapts to a compact layout that maximizes usable space #240806.
• Labels in the Create index flow now render with the default Use vector tiles scaling as soon as label styling is applied (or after save), without requiring a scaling toggle #240728.
• Fixes an issue where users could not reset unsaved changes after enabling time restore and changing dashboard time range #239992.
• Fixes search session restoration issue #239822.
• Fixes an error in the Options list control when selecting a "(blank)" value #239791.
• Fixes an issue in the LensConfigBuilder that treated all dataview references the same, causing the UI to throw an error attempting to find an ad-hoc dataview that does not exist as a SavedObject #239431.
• Fixes an issue in the Lens Table that broke click to filter on table rows when any column is used as a formula #239222.
• Fixes metric color assignment when the breakdown and maximum options are defined in Lens #238901.
• Fixes an issue where ad-hoc data views were not providing suggestions in the global search bar #238731.
• Fixes an error in the Visualize Listing page in which an error in the visualization could cause the entire page to error. This improves the error handling to make it easier to identify which visualization is causing the problem in order to address it #238355.
• Fixes an issue where dashboards cannot be saved when a filter pill has a combined filter using OR or AND operations #237477.
• Fixes an issue where panels in sections are not displayed when opening the dashboard from a shared link #237382.
• Prevents a double fetch when panels would fetch data while controls were building filters and then fetch data again once controls filters are available #237169.
• Fixes color contrast for links in Lens #247721.

Data ingestion and Fleet

• Uses long expiration for agent auto-upgrade actions and scheduled upgrades #243443.
• Fixes auto-upgrade logic to retry upgrade action if agents are stuck in Updating state #243326.
• Adds retry behavior for /api/fleet/agents when transient issues with Elasticsearch are encountered #243105.
• Fixes Docker image in the Kubernetes manifest in the Add agent instructions #242691.
• Fixes an issue where some package icons were not loaded correctly #242406.
• Shows warnings on sync integrations UI when referencing other entities #241623.
• Adds the proxy SSL options to download sources if a proxy is selected #241115.
• Omits system properties when synchronizing ingest pipelines #241096.
• Fixes template_path asset selection for some integration packages #240750.
• Allows Fleet setup retries on start in all environments #240342.
• Fixes an issue where the uniqueness of agent policy names was not consistently enforced across spaces when name or space changes occurred #239631.
• Fixes ignore_above mapping for flattened fields #238890.
• Fixes a "package not found" error when skipping cloud onboarding for a prerelease package #238629.
• Fixes an issue where new package global variables were not included and stale variable references were not removed on integration policy upgrade #238542.
• Fixes an error that occurred when deleting orphaned integration policies #237875.
• Enables storing secrets in Fleet Server host config if Fleet Server is running at a minimum supported version #237464.
• Fixes MSI commands for installing Elastic Agent and Fleet Server #236994.

Discover

• Fixes an issue with the "Search entire time range" option that could exclude some results if the time field was set to date nanos #248495.
• Fixes an issue where document viewer tabs were unnecessarily re-mounting on every refresh, leading to degraded performance #248203.
• Fixes an issue causing query drafts to be lost when switching between tabs without running the query first in ES|QL mode #247968.
• Fixes an issue with ES|QL tabs not loading properly #246941.
• Fixes an issue in Discover where default app state could trigger unsaved changes in saved Discover sessions, such as default columns applied through the defaultColumns advanced setting #246664.
• Fixes an issue with Discover tabs that occurs when navigating to a different tab while the previous tab is still initializing #245752.
• Fixes truncation for longer text in the Discover table #241440.

ES|QL editor

• Displays the available options when editing an existing variable control #239315.
• Fixes unrecognized GROK patterns #246871.
• Fixes KEEP behavior in ES|QL when a query initially returns no results #239063.
• Adds FORK with KEEP/STATS in the transformational commands #240011.
• Fixes the autocomplete of timeseries sources after a comma #241402.

Elastic Observability solution

For the Elastic Observability 9.3.0 release information, refer to Elastic Observability Solution Release Notes.

Elastic Security solution

For the Elastic Security 9.3.0 release information, refer to Elastic Security Solution Release Notes.

Kibana platform

• Fixes the serialization of meta.error in JSON layouts. If it is an Error instance, only message, name, and stack are included. Other fields are no longer returned in the logs #244364.
• Fixes an issue in the component template creation flow where a new component template with @custom suffix in its name would lead to updating mappings of all unrelated data streams and cause a popup to appear asking to roll over conflicting ones #237952.
• Fixes privilege requirements when reindexing indices through the upgrade assistant. Previously, the "superuser" role was required. Now, "cluster: manage" and "all" privileges for the relevant indices are sufficient #237055.
• Fixes a case where the upgrade assistant would incorrectly warn about a node breaching the low watermark despite the max headroom setting #243906.
• Fixes createAuditEvents always returning failure as outcome #247152.
• Fixes "now" and mixed format date handling in the Share menu #245539.
• Fixes favicon CSS specifity #243351.
• Reduces re-renders on resize and items changes #239888.
• Fixes an issue with the files management flyout crashing #237588.
• Fixes infinite loading of roles on the Edit space page #242954.
• Reflects the value selected for the AI Assistants Visibility GenAI setting when opening AI Assistant from the header #239555.
• Fixes ECS-incompatible logs values #245706.
• Fixes an issue where clients authorized to a partial list of saved object types would circumvent the Saved Objects Repository's allowed types and could list hidden saved object types #244967.

Kibana security

• Fixes an issue where fields were not case-sensitive in Kibana's user interface for creating and updating roles, though fields are case-sensitive in Elasticsearch #246069.
• Fixes an issue preventing IDP-initiated login with multiple OIDC providers #243869.
• Introduces a separate error for empty login attempts with SAML and OIDC providers #237611.

Machine Learning

• Disables field statistics when using the ES|QL TS command in Data Visualizer #247641.
• Fixes display of Data Visualizer's map view for small screen sizes #247615.
• Fixes anomaly chart empty query issue #246841.
• Fixes creating new anomaly detection jobs from Discover sessions with no data view #246410.
• Ensures Anomaly detection result chart tooltips are always shown correctly #246077.
• Prevents clearing cell selections after hiding the alert's table popover in Anomaly explorer #244183.
• Optimizes and enables text field analysis in contextual insights for log rate analysis #244109.
• Ensures deleted text in the inference connector, AI connector, and inference endpoint creation forms is not sent as an empty string #244059.
• Fixes wizard for data view with runtime fields for data frame analytics #242557.
• Fixes import and improves validation for Anomaly detection and Data frame analytics jobs #242263.
• Ensures max tokens parameter is passed as expected during Anthropic endpoint creation #241212.
• Fixes index names causing incompatible cluster errors when product docs are installed for multiple inference IDs #240506.
• Ensures inference endpoints UI list loads when provider is custom #240189.
• Fixes layout of fields in machine learning overview and notifications pages #239113.
• Adds unique accessible labels for Show top field values buttons #237972.
• Fixes tool calling unavailable tools #237174.
• Improves trained models list performance #237072.
• Fixes partition field settings errors in the single metric viewer dashboard panel #237046.
• Prevents URL-like strings from being displayed as links in alerts #226849.
• Improves anonymization error messages when NER model is unavailable #247696.
• Adds table caption for empty top categories in logs category table #246041.
• Fixes broken Data Visualizer and AI Operations navigation breadcrumbs and sidebar in solutions #248167.
• Fixes counter metric fields missing in anomaly detection dropdown #153021.

Search

• Fixes an issue when running Elasticsearch with a Basic license, where you could encounter errors when updating index mappings, even when adding non-ML field types. Mapping updates now work as expected, while advanced semantic text features continue to require the appropriate license #248462.
• Disables 'API keys' button on the Elasticsearch home page when logged in with insufficient permissions #248072.
• Fixes the token count display showing "NaN" in Search Playground by preserving message annotations across the AI SDK v5 stream #246589.
• Fixes an issue with the API creation flyout size #244072.
• Fixes a case of keyboard focus getting trapped in pages using document preview #243791.
• Makes elser-2-elastic (ELSER in EIS) the default inference endpoint for adding semantic text fields. Refactors the SelectInferenceId component for clarity and stability, resolving a console warning and improving popover and flyout state handling #242436.
• Fixes Agents & Playground icons in the solution side navigation to render correctly when using dark mode #240475.
• Fixes visual issues in the data preview metadata popup when ID is too long. Adds a tooltip and copy button to improve user experience #239768.
• Fixes an issue in RAG Playground where invalid fields displayed red styling but no error messages. Error text now appears to help you identify and correct form issues #238284.
• Fixes an accessibility issue where resetting changes or removing all terms in the Synonyms panel was not announced by screen readers. VoiceOver users on Safari will now hear updates when terms are reset #237877.
• The Index management mappings editor now syncs model deployment status correctly. This fixes a case where users couldn't save semantic_text fields during deployment without forcing #237812.
• Fixes an issue where the retriever query copied from the "Search your data" JavaScript tutorial fails with a parsing_exception when passed through the query parameter in the Node.js Elasticsearch client. Retriever queries must be passed through the body parameter to ensure they are serialized correctly #237654.
• Adds refusal field to AI Assistant conversations #243423.
• Turns off custom suggestions on the embedded console #241516.
• Fixes an issue where form fields were resetting automatically when editing ingest pipeline settings #237509.

Original source Report a problem