Skip to content

Commit

Permalink
[Security Solution] Options to select index patterns (#77192)
Browse files Browse the repository at this point in the history
* init commit

* lots of cleanup

* starting on tests... problems

* Ready for review

* remove sample data

* remove comment and fix type

* pr changes

* fix type

* scratchy

* sourcerer in timeline

* sourcerer in timeline

* wip

* moving to redux

* working on types

* fixed

* more adjustments, tests fixed

* FF off

* pr ready

* renaming

* url state working, hoc not working

* url state working for timeline and default scope

* script to build fields for beat doc

* refactor sourcerer

* refactor host to useSourcerer

* refactor network to useSourcerer

* refactor overview  to useSourcerer

* refactor detections to useSourcerer

* wip for timelines to remove all useSource

* wip indexes timeline

* do component tests

* start container tests

* start container tests

* update selection widget of index patterns + remove last useWithSource

* add indexeNames in network kpi

* fix type errors

* fix type

* missing merge master

* get existing index from config file

* fixing broken tests

* add saving button to avoid to many queries to be aborted

* reducer timeline tests broke

* need to rewind

* much better

* timeline saving index names + clean up url state to only manage default

* more test fixing

* more test changes

* remove all the useWithSource + deprecated the graphql until we delete it in a new PR + delete all the beat doc

* default timeline to all index when creation + filter index patterns to make sure you do not add one who we do not know

* fix types

* test for stateful timeline render

* we should not have change that

* no chnages + snapshot

* fix test + bugs from review

* fix uncommon processes indexNames

* review III

* change design for main page of the sourcerer from design

* bug fixes when opening old timeline + implementation of new design

* fix circular deps

* remove unused attributes for event details

* design cleanup

* fix api integration test with the new search strategy

* add reset + manage accordion state

* fix bugs + types issues

* cleanup

* update docs

* review -> remove tooltip when popover is open

* cypress fixing

* fix for ml_condition_links and url_state cypress tests

* add cy wait for race condition in pagination tests

* missing plumbing kpi host

Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
Co-authored-by: Patryk Kopycinski <contact@patrykkopycinski.com>
  • Loading branch information
3 people authored Sep 23, 2020
1 parent a54cc17 commit 94a4e38
Show file tree
Hide file tree
Showing 272 changed files with 41,559 additions and 52,569 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-plugins-data-public](./kibana-plugin-plugins-data-public.md) &gt; [IndexPatternsService](./kibana-plugin-plugins-data-public.indexpatternsservice.md) &gt; [getIdsWithTitle](./kibana-plugin-plugins-data-public.indexpatternsservice.getidswithtitle.md)

## IndexPatternsService.getIdsWithTitle property

Get list of index pattern ids with titles

<b>Signature:</b>

```typescript
getIdsWithTitle: (refresh?: boolean) => Promise<Array<{
id: string;
title: string;
}>>;
```
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ export declare class IndexPatternsService
| [getFieldsForIndexPattern](./kibana-plugin-plugins-data-public.indexpatternsservice.getfieldsforindexpattern.md) | | <code>(indexPattern: IndexPattern &#124; IndexPatternSpec, options?: GetFieldsOptions) =&gt; Promise&lt;any&gt;</code> | Get field list by providing an index patttern (or spec) |
| [getFieldsForWildcard](./kibana-plugin-plugins-data-public.indexpatternsservice.getfieldsforwildcard.md) | | <code>(options?: GetFieldsOptions) =&gt; Promise&lt;any&gt;</code> | Get field list by providing { pattern } |
| [getIds](./kibana-plugin-plugins-data-public.indexpatternsservice.getids.md) | | <code>(refresh?: boolean) =&gt; Promise&lt;string[]&gt;</code> | Get list of index pattern ids |
| [getIdsWithTitle](./kibana-plugin-plugins-data-public.indexpatternsservice.getidswithtitle.md) | | <code>(refresh?: boolean) =&gt; Promise&lt;Array&lt;{</code><br/><code> id: string;</code><br/><code> title: string;</code><br/><code> }&gt;&gt;</code> | Get list of index pattern ids with titles |
| [getTitles](./kibana-plugin-plugins-data-public.indexpatternsservice.gettitles.md) | | <code>(refresh?: boolean) =&gt; Promise&lt;string[]&gt;</code> | Get list of index pattern titles |
| [refreshFields](./kibana-plugin-plugins-data-public.indexpatternsservice.refreshfields.md) | | <code>(indexPattern: IndexPattern) =&gt; Promise&lt;void&gt;</code> | Refresh field list for a given index pattern |
| [savedObjectToSpec](./kibana-plugin-plugins-data-public.indexpatternsservice.savedobjecttospec.md) | | <code>(savedObject: SavedObject&lt;IndexPatternAttributes&gt;) =&gt; IndexPatternSpec</code> | Converts index pattern saved object to index pattern spec |
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,25 @@ export class IndexPatternsService {
return this.savedObjectsCache.map((obj) => obj?.attributes?.title);
};

/**
* Get list of index pattern ids with titles
* @param refresh Force refresh of index pattern list
*/
getIdsWithTitle = async (
refresh: boolean = false
): Promise<Array<{ id: string; title: string }>> => {
if (!this.savedObjectsCache || refresh) {
await this.refreshSavedObjectsCache();
}
if (!this.savedObjectsCache) {
return [];
}
return this.savedObjectsCache.map((obj) => ({
id: obj?.id,
title: obj?.attributes?.title,
}));
};

/**
* Clear index pattern list cache
* @param id optionally clear a single id
Expand Down
4 changes: 4 additions & 0 deletions src/plugins/data/public/public.api.md
Original file line number Diff line number Diff line change
Expand Up @@ -1381,6 +1381,10 @@ export class IndexPatternsService {
// Warning: (ae-forgotten-export) The symbol "GetFieldsOptions" needs to be exported by the entry point index.d.ts
getFieldsForWildcard: (options?: GetFieldsOptions) => Promise<any>;
getIds: (refresh?: boolean) => Promise<string[]>;
getIdsWithTitle: (refresh?: boolean) => Promise<Array<{
id: string;
title: string;
}>>;
getTitles: (refresh?: boolean) => Promise<string[]>;
refreshFields: (indexPattern: IndexPattern) => Promise<void>;
savedObjectToSpec: (savedObject: SavedObject<IndexPatternAttributes>) => IndexPatternSpec;
Expand Down
3 changes: 2 additions & 1 deletion x-pack/plugins/security_solution/common/constants.ts
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ export const APP_ICON = 'securityAnalyticsApp';
export const APP_ICON_SOLUTION = 'logoSecurity';
export const APP_PATH = `/app/security`;
export const ADD_DATA_PATH = `/app/home#/tutorial_directory/security`;
export const ADD_INDEX_PATH = `/app/management/kibana/indexPatterns/create`;
export const DEFAULT_BYTES_FORMAT = 'format:bytes:defaultPattern';
export const DEFAULT_DATE_FORMAT = 'dateFormat';
export const DEFAULT_DATE_FORMAT_TZ = 'dateFormat:tz';
Expand Down Expand Up @@ -58,6 +57,8 @@ export const APP_TIMELINES_PATH = `${APP_PATH}/timelines`;
export const APP_CASES_PATH = `${APP_PATH}/cases`;
export const APP_MANAGEMENT_PATH = `${APP_PATH}/administration`;

export const DETECTIONS_SUB_PLUGIN_ID = `${APP_ID}:${SecurityPageName.detections}`;

/** The comma-delimited list of Elasticsearch indices from which the SIEM app collects events */
export const DEFAULT_INDEX_PATTERN = [
'apm-*-transaction*',
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ export interface PaginationInputPaginated {

export interface DocValueFields {
field: string;
format: string;
format?: string | null;
}

export interface Explanation {
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/
import { IIndexPattern } from 'src/plugins/data/public';
import {
IEsSearchRequest,
IEsSearchResponse,
IFieldSubType,
} from '../../../../../../src/plugins/data/common';
import { DocValueFields, Maybe } from '../common';

export type BeatFieldsFactoryQueryType = 'beatFields';

interface FieldInfo {
category: string;
description?: string;
example?: string | number;
format?: string;
name: string;
type?: string;
}

export interface IndexField {
/** Where the field belong */
category: string;
/** Example of field's value */
example?: Maybe<string | number>;
/** whether the field's belong to an alias index */
indexes: Array<Maybe<string>>;
/** The name of the field */
name: string;
/** The type of the field's values as recognized by Kibana */
type: string;
/** Whether the field's values can be efficiently searched for */
searchable: boolean;
/** Whether the field's values can be aggregated */
aggregatable: boolean;
/** Description of the field */
description?: Maybe<string>;
format?: Maybe<string>;
/** the elastic type as mapped in the index */
esTypes?: string[];
subType?: IFieldSubType;
readFromDocValues: boolean;
}

export type BeatFields = Record<string, FieldInfo>;

export interface IndexFieldsStrategyRequest extends IEsSearchRequest {
indices: string[];
onlyCheckIfIndicesExist: boolean;
}

export interface IndexFieldsStrategyResponse extends IEsSearchResponse {
indexFields: IndexField[];
indicesExist: string[];
}

export interface BrowserField {
aggregatable: boolean;
category: string;
description: string | null;
example: string | number | null;
fields: Readonly<Record<string, Partial<BrowserField>>>;
format: string;
indexes: string[];
name: string;
searchable: boolean;
type: string;
}

export type BrowserFields = Readonly<Record<string, Partial<BrowserField>>>;

export const EMPTY_BROWSER_FIELDS = {};
export const EMPTY_DOCVALUE_FIELD: DocValueFields[] = [];
export const EMPTY_INDEX_PATTERN: IIndexPattern = {
fields: [],
title: '',
};
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@ export interface TimelineEventsDetailsStrategyResponse extends IEsSearchResponse

export interface TimelineEventsDetailsRequestOptions
extends Partial<TimelineRequestOptionsPaginated> {
defaultIndex: string[];
indexName: string;
eventId: string;
}
Original file line number Diff line number Diff line change
Expand Up @@ -239,6 +239,7 @@ export const SavedTimelineRuntimeType = runtimeTypes.partial({
excludedRowRendererIds: unionWithNullType(runtimeTypes.array(RowRendererIdRuntimeType)),
favorite: unionWithNullType(runtimeTypes.array(SavedFavoriteRuntimeType)),
filters: unionWithNullType(runtimeTypes.array(SavedFilterRuntimeType)),
indexNames: unionWithNullType(runtimeTypes.array(runtimeTypes.string)),
kqlMode: unionWithNullType(runtimeTypes.string),
kqlQuery: unionWithNullType(SavedFilterQueryQueryRuntimeType),
title: unionWithNullType(runtimeTypes.string),
Expand Down Expand Up @@ -398,3 +399,5 @@ export const importTimelineResultSchema = runtimeTypes.exact(
);

export type ImportTimelineResultSchema = runtimeTypes.TypeOf<typeof importTimelineResultSchema>;

export type TimelineEventsType = 'all' | 'raw' | 'alert' | 'signal' | 'custom';
Loading

0 comments on commit 94a4e38

Please sign in to comment.