Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Ingest Manager] Improve Endpoint data source creation and edit mode #67692

Closed
6 tasks
hbharding opened this issue May 28, 2020 · 12 comments
Closed
6 tasks

[Ingest Manager] Improve Endpoint data source creation and edit mode #67692

hbharding opened this issue May 28, 2020 · 12 comments
Assignees
Labels
design loe:medium Medium Level of Effort Team:Defend Workflows “EDR Workflows” sub-team of Security Solution Team:Fleet Team label for Observability Data Collection Fleet team Test Cases Test Cases Documented in TestRail

Comments

@hbharding
Copy link
Contributor

hbharding commented May 28, 2020

Duplicate Issue: #70029 Implement improved Endpoint data source creation and edit mode

image

The endpoint integration is different than most integrations as it doesn't use inputs and streams. In Step 3 where we ask "what data do you want to collect?", we simply say "there is nothing to configure". Instead, we want to explain to the user that a default/recommended Policy will be used, and that this policy can be configured afterwards in the Endpoint App. Any changes to the policy will cause the agent configuration to update and Fleet will deploy those changes to agents. We'll want to do something similar for the edit experience.

Test Cases:

  • Validate adding integration for Elastic Endpoint Security informs user of ability to configure policy in the Security App (C15767 - manual)
  • Validate in Add Integration flow that updating policy in the Security App will apply changes to the Agent Configuration and deploy those changes to agents in Fleet (C15768 - manual)
  • Validate in Add Integration flow that updating policy in the Security App will return user to Ingest (C15769 - manual)
  • Validate editing integration for Elastic Endpoint Security informs user of ability to configure policy in the Security App (C15770 - manual)
  • Validate in Edit Integration flow that updating policy in the Security App will apply changes to the Agent Configuration and deploy those changes to agents in Fleet (C15771 - manual)
  • Validate in Edit Integration flow that updating policy in the Security App will return user to Ingest (C15772 - manual)
@hbharding hbharding added design loe:medium Medium Level of Effort Team:Fleet Team label for Observability Data Collection Fleet team labels May 28, 2020
@hbharding hbharding self-assigned this May 28, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/ingest-management (Team:Ingest Management)

@hbharding hbharding changed the title Improve Endpoint data source creation and edit mode [Ingest Manager] Improve Endpoint data source creation and edit mode May 28, 2020
@hbharding
Copy link
Contributor Author

image
image

@jen-huang
Copy link
Contributor

@parkiino @paul-tavares Could Endpoint team take on the work to match the existing custom data source component with the above designs? (@hbharding I'm assuming the designs are final :D)

@paul-tavares
Copy link
Contributor

yes, this should go on to our backlog. Adding it now
@kevinlog , @bfishel FYI 😬

@elasticmachine
Copy link
Contributor

Pinging @elastic/endpoint-management (Team:Endpoint Management)

@kevinlog
Copy link
Contributor

Thanks @paul-tavares @hbharding @jen-huang - we'll get this in our priority list.

@hbharding
Copy link
Contributor Author

hbharding commented Jun 25, 2020

Small update

We removed the paneling in step 2, so posting new screenshots.

@kevinlog @caitlinbetz can you confirm this copy is good to go? Not sure if "Endpoint App" should be something else like Elastic Security Solution.

I confirmed with @caitlinbetz that this copy is good to go.
image
image

@hbharding
Copy link
Contributor Author

Accidentally closed this issue

@hbharding hbharding reopened this Jun 25, 2020
@zube zube bot added [zube]: Inbox and removed [zube]: Done labels Jun 25, 2020
@zube zube bot closed this as completed Jun 25, 2020
@zube zube bot added [zube]: Done and removed [zube]: Inbox labels Jun 25, 2020
@zube zube bot reopened this Jun 25, 2020
@zube zube bot reopened this Jun 25, 2020
@zube zube bot added [zube]: Inbox and removed [zube]: Done labels Jun 25, 2020
@zube zube bot closed this as completed Jun 25, 2020
@zube zube bot added [zube]: Done and removed [zube]: Inbox labels Jun 25, 2020
@zube zube bot reopened this Jun 25, 2020
@zube zube bot added [zube]: Inbox and removed [zube]: Done labels Jun 25, 2020
@hbharding
Copy link
Contributor Author

Ahhh apologies for that. @parkiino I just realized this is the design issue. Our fault for not having the implementation issue ready for you. You can close out this issue with your PR and i'll update our spreadsheet.

@kevinlog
Copy link
Contributor

@hbharding apologies, I was under the impression that we wanted to go ahead and implement this. We can conform to this design and work with @caitlinbetz and @bfishel to finalize the text.

@hbharding
Copy link
Contributor Author

We do want you to implement this! To keep things clean, I went ahead and created an implementation issue. I wanted to mark this as "done" on my end in Zube, but looks like it got caught in a weird loop.

I assigned @parkiino and used the same labels, so hopefully it appears on your end.

@hbharding
Copy link
Contributor Author

Closed by #70030. A subsequent PR for this issue #70033 will combine steps 2 and 3 to match the design.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
design loe:medium Medium Level of Effort Team:Defend Workflows “EDR Workflows” sub-team of Security Solution Team:Fleet Team label for Observability Data Collection Fleet team Test Cases Test Cases Documented in TestRail
Projects
None yet
Development

No branches or pull requests

9 participants