Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution]Analyzer in flyout Part 2 - update analyzer event node schema and enable event preview #192643

Merged
merged 2 commits into from
Sep 26, 2024
Merged

[Security Solution]Analyzer in flyout Part 2 - update analyzer event node schema and enable event preview #192643

merged 2 commits into from
Sep 26, 2024

Conversation

christineweng
Copy link
Contributor

@christineweng christineweng commented Sep 11, 2024
edited by kibanamachine
Loading

Summary

This PR added _id and _index to the resolver event query so that it could support calling an event preview when showing analyzer in flyout.

Feature flag: visualizationInFlyoutEnabled

image

Checklist

@christineweng christineweng changed the title Analyzer in flyout phase 2 Analyzer in flyout part 2 adding event preview Sep 11, 2024
@christineweng christineweng changed the title Analyzer in flyout part 2 adding event preview [Security Solution]Analyzer in flyout Part 2 - update event node schema and enable event preview Sep 16, 2024
@christineweng christineweng force-pushed the analyzer-in-flyout-phase-2 branch 2 times, most recently from d1ae0a0 to 11badbd Compare September 17, 2024 16:53
@christineweng christineweng self-assigned this Sep 17, 2024
@christineweng christineweng added backport:skip This commit does not require backporting Team:Threat Hunting Security Solution Threat Hunting Team release_note:feature Makes this part of the condensed release notes Team:Threat Hunting:Investigations Security Solution Investigations Team 8.16 candidate v8.16.0 release_note:skip Skip the PR/issue when compiling release notes v9.0.0 and removed release_note:feature Makes this part of the condensed release notes backport:skip This commit does not require backporting labels Sep 17, 2024
@christineweng christineweng changed the title [Security Solution]Analyzer in flyout Part 2 - update event node schema and enable event preview [Security Solution]Analyzer in flyout Part 2 - enable event preview and add visualization to advanced setting Sep 18, 2024
@christineweng christineweng added release_note:feature Makes this part of the condensed release notes and removed release_note:skip Skip the PR/issue when compiling release notes labels Sep 18, 2024
@christineweng christineweng changed the title [Security Solution]Analyzer in flyout Part 2 - enable event preview and add visualization to advanced setting [Security Solution]Analyzer in flyout Part 2 - update analyzer event node schema and enable event preview Sep 19, 2024
@christineweng christineweng added release_note:skip Skip the PR/issue when compiling release notes backport:version Backport to applied version labels and removed release_note:feature Makes this part of the condensed release notes labels Sep 19, 2024
@christineweng christineweng marked this pull request as ready for review September 19, 2024 19:18
@christineweng christineweng requested review from a team as code owners September 19, 2024 19:18
@christineweng christineweng marked this pull request as ready for review September 20, 2024 19:44
szwarckonrad
szwarckonrad approved these changes Sep 24, 2024
View reviewed changes
Copy link
Contributor

@szwarckonrad szwarckonrad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DW changes LGTM!

@christineweng christineweng added ci:cloud-deploy Create or update a Cloud deployment ci:cloud-persist-deployment Persist cloud deployment indefinitely labels Sep 24, 2024
@christineweng christineweng requested a review from a team as a code owner September 24, 2024 20:08
@christineweng
Copy link
Contributor Author

@elasticmachine merge upstream

@christineweng christineweng removed ci:cloud-persist-deployment Persist cloud deployment indefinitely v9.0.0 labels Sep 24, 2024
@christineweng christineweng added v9.0.0 ci:project-deploy-security Create a Security Serverless Project and removed ci:cloud-deploy Create or update a Cloud deployment labels Sep 24, 2024
PhilippeOberti
PhilippeOberti approved these changes Sep 25, 2024
View reviewed changes
Copy link
Contributor

@PhilippeOberti PhilippeOberti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is a great addition, I love seeing the proper event details preview flyout!!

@christineweng christineweng removed the ci:project-deploy-security Create a Security Serverless Project label Sep 26, 2024
@kibana-ci
Copy link
Collaborator

kibana-ci commented Sep 26, 2024
edited
Loading

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #12 / Discover alerting Search source Alert should display prev data view state after update on clicking prev generated link
  • [job] [logs] Jest Tests #11 / installWithTimeout should short-circuit installFn if it exceeds configured timeout

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 20.5MB 20.5MB +1.1KB

History

  • 💔 Build #236830 failed 041b94362837166df9f1e39ccd2a592e6c6c091c
  • 💚 Build #236809 succeeded 831ed079f99e8c8251aa58e304a158d4e4a7abfb
  • 💔 Build #236803 failed dbd75e9a2a172e431b03408035bcd9776d4c5427
  • 💔 Build #236796 failed 8cc861599b41ea318144a79ec45cfdf2f38269ba

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @christineweng

@christineweng christineweng merged commit 7b54d6f into elastic:main Sep 26, 2024
45 checks passed
@kibanamachine
Copy link
Contributor

Starting backport for target branches: 8.x

https://github.com/elastic/kibana/actions/runs/11058650055

kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Sep 26, 2024
@christineweng
[Security Solution]Analyzer in flyout Part 2 - update analyzer event …
2741be2 
…node schema and enable event preview (elastic#192643)

## Summary

This PR added `_id` and `_index` to the resolver event query so that it
could support calling an event preview when showing analyzer in flyout.

Feature flag: `visualizationInFlyoutEnabled`

![image](https://github.com/user-attachments/assets/7dc27389-0bd5-491f-a1e1-6639c3dae2ed)

### Checklist

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

(cherry picked from commit 7b54d6f)
@kibanamachine kibanamachine mentioned this pull request Sep 26, 2024
Merged
@kibanamachine
Copy link
Contributor

💚 All backports created successfully

Status Branch Result
8.x

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

kibanamachine added a commit that referenced this pull request Sep 26, 2024
@kibanamachine @christineweng
[8.x] [Security Solution]Analyzer in flyout Part 2 - update analyzer …
81664a0 
…event node schema and enable event preview (#192643) (#194214)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Solution]Analyzer in flyout Part 2 - update analyzer event
node schema and enable event preview
(#192643)](#192643)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT
[{"author":{"name":"christineweng","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-09-26T19:06:43Z","message":"[Security
Solution]Analyzer in flyout Part 2 - update analyzer event node schema
and enable event preview (#192643)\n\n## Summary\r\n\r\nThis PR added
`_id` and `_index` to the resolver event query so that it\r\ncould
support calling an event preview when showing analyzer in
flyout.\r\n\r\nFeature flag:
`visualizationInFlyoutEnabled`\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/7dc27389-0bd5-491f-a1e1-6639c3dae2ed)\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"7b54d6f8010bd3693d42ed62efd7a89637c2b4a4","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Threat
Hunting","Team:Threat Hunting:Investigations","8.16
candidate","v8.16.0","backport:version"],"title":"[Security
Solution]Analyzer in flyout Part 2 - update analyzer event node schema
and enable event
preview","number":192643,"url":"https://github.com/elastic/kibana/pull/192643","mergeCommit":{"message":"[Security
Solution]Analyzer in flyout Part 2 - update analyzer event node schema
and enable event preview (#192643)\n\n## Summary\r\n\r\nThis PR added
`_id` and `_index` to the resolver event query so that it\r\ncould
support calling an event preview when showing analyzer in
flyout.\r\n\r\nFeature flag:
`visualizationInFlyoutEnabled`\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/7dc27389-0bd5-491f-a1e1-6639c3dae2ed)\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"7b54d6f8010bd3693d42ed62efd7a89637c2b4a4"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/192643","number":192643,"mergeCommit":{"message":"[Security
Solution]Analyzer in flyout Part 2 - update analyzer event node schema
and enable event preview (#192643)\n\n## Summary\r\n\r\nThis PR added
`_id` and `_index` to the resolver event query so that it\r\ncould
support calling an event preview when showing analyzer in
flyout.\r\n\r\nFeature flag:
`visualizationInFlyoutEnabled`\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/7dc27389-0bd5-491f-a1e1-6639c3dae2ed)\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"7b54d6f8010bd3693d42ed62efd7a89637c2b4a4"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: christineweng <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@PhilippeOberti PhilippeOberti PhilippeOberti approved these changes

@szwarckonrad szwarckonrad szwarckonrad approved these changes

@kqualters-elastic kqualters-elastic kqualters-elastic approved these changes

@ashokaditya ashokaditya Awaiting requested review from ashokaditya ashokaditya is a code owner automatically assigned from elastic/security-defend-workflows

Assignees

@christineweng christineweng

Labels
8.16 candidate backport:version Backport to applied version labels release_note:skip Skip the PR/issue when compiling release notes Team:Threat Hunting:Investigations Security Solution Investigations Team Team:Threat Hunting Security Solution Threat Hunting Team v8.16.0 v9.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@christineweng @elasticmachine @PhilippeOberti @kibana-ci @kibanamachine @szwarckonrad @kqualters-elastic