Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RAC][Observability] Add status update actions in row menu #108698

Merged
merged 33 commits into from
Aug 17, 2021
Merged

[RAC][Observability] Add status update actions in row menu #108698

merged 33 commits into from
Aug 17, 2021

Conversation

semd
Copy link
Contributor

@semd semd commented Aug 16, 2021
edited
Loading

Summary

  • Toast management encapsulated inside the useStatusBulkActionItems public hook.
  • IndexName to update alert statuses taken from ecs data prop.
  • Pass new <Action> component props in order to show the loader.
  • Menu item sized unified.
  • Alert status update items added to the o11y row actions popover menu:

alertstatusupdate

Checklist

Delete any items that are not applicable to this PR.

semd and others added 26 commits August 10, 2021 21:06
@semd
use rac alerts bulk_update
49ebd28
@semd
cleanup
74e64b1
@dhurley14
adds replace ALERT_STATUS with ALERT_WORKFLOW_STATUS and updates test…
73b97e3 
…s and adds logic for switching between signal.status and workflow status when updating alerts in .siem-signals
@dhurley14
allow object and string types in query param, fixed single update api…
d6094df 
… to use WORKFLOW_STATUS instead of ALERT_STATUS
@dhurley14
adds additional integration test for when query is a DSL object in ad…
1a7cfd4 
…dtion to KQL string
@semd
merge master
ec8ada3
@semd
Merge branch 'tgrid-bulk-actions-rbac-update' into fix-bulk-update-api
f82720b
@semd
Merge pull request #1 from dhurley14/fix-bulk-update-api
18e1f8b 
adds replace ALERT_STATUS with ALERT_WORKFLOW_STATUS and updates tests and adds logic for switching between signal.status and workflow status when updating alerts in .siem-signals
@semd
Merge remote-tracking branch 'upstream/master' into tgrid-bulk-action…
f91de3f 
…s-rbac-update
@dhurley14
optionally use fields api in requests if _source does not contain aut…
cae0960 
…hz properties
@semd
integrate bulk update to all hook calls
918c4bd
@dhurley14
adds fields support, fixes bug where we were writing to 'signals.stat…
7cbec10 
…us' and not { signals: {status }} in alerts client
@semd
Merge pull request #2 from dhurley14/sergi_hotfix_bulk_update
dab6006 
optionally use fields api in requests if _source does not contain authz properties
@semd
Merge branch 'tgrid-bulk-actions-rbac-update' of https://github.com/s…
120029e 
…emd/kibana into tgrid-bulk-actions-rbac-update
@semd
clean up and fixes
7ef80cf
@dhurley14
fix a bug where we were not waiting for updates to complete when usin…
df080e2 
…g ids param in alerts bulk update. Adds integration tests for detection engine testing update alerts with new alerts as data client routes
@semd
take index name from ecsData props
1710bf3
@semd
Merge remote-tracking branch 'upstream/master' into tgrid-bulk-action…
22a85ea 
…s-rbac-update
@semd
pr suggestions
8138fb6
@semd
some more type fixes
23e77f3
@semd
Merge pull request #3 from dhurley14/bulk_update_sec_sol_integration_…
ca20b19 
…test

fix a bug where we were not waiting for updates to complete when usin…
@semd
Merge remote-tracking branch 'upstream/master' into tgrid-bulk-action…
63e033c 
…s-rbac-update
@semd
refactor and type fixes
d5c29fa
@semd
snapshot updated
5a09258
@semd
Merge remote-tracking branch 'upstream/master' into tgrid-bulk-action…
f4e6e52 
…s-rbac-update
@semd
add status update actions to row context menu
b238fcc
@semd semd added release_note:skip Skip the PR/issue when compiling release notes Team:Observability Team label for Observability Team (for things that are handled across all of observability) Team:Threat Hunting Security Solution Threat Hunting Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Aug 16, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

semd
semd commented Aug 16, 2021
View reviewed changes
x-pack/plugins/timelines/public/hooks/use_status_bulk_action_items.tsx
@@ -48,6 +28,57 @@ export const useStatusBulkActionItems = ({
onUpdateFailure,
}: StatusBulkActionsProps) => {
const { updateAlertStatus } = useUpdateAlertsStatus();
const { addSuccess, addError, addWarning } = useAppToasts();
Copy link
Contributor Author

@semd semd Aug 16, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Toast management encapsulated in the public component to prevent duplication. Still calls optional onUpdateSuccess and onUpdateFailure when needed

semd
semd commented Aug 16, 2021
View reviewed changes
x-pack/plugins/timelines/public/hooks/use_status_bulk_action_items.tsx
@@ -94,6 +125,7 @@ export const useStatusBulkActionItems = ({
key="open"
data-test-subj="open-alert-status"
onClick={() => onClickUpdate(FILTER_OPEN)}
size="s"
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unification of item sizes

dplumlee
dplumlee approved these changes Aug 16, 2021
View reviewed changes
Copy link
Contributor

@dplumlee dplumlee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this all looks good from the security solution side of things and works for me, i should be able to build off this with the acknowledged migrations pretty easily 🚀

@lukasolson lukasolson added v8.0.0 and removed 8.0.0 labels Aug 17, 2021
@mgiota mgiota mentioned this pull request Aug 17, 2021
Closed
52 tasks
@asnehalb asnehalb mentioned this pull request Aug 17, 2021
Closed
48 tasks
@semd semd enabled auto-merge (squash) August 17, 2021 17:50
michaelolo24
michaelolo24 reviewed Aug 17, 2021
View reviewed changes
Copy link
Contributor

@michaelolo24 michaelolo24 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
observability 244 245 +1

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
observability 483.6KB 485.3KB +1.7KB
securitySolution 6.5MB 6.5MB -448.0B
timelines 421.2KB 409.2KB -12.0KB
total -10.8KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
observability 57.9KB 58.2KB +236.0B
timelines 313.0KB 318.2KB +5.2KB
total +5.4KB
Unknown metric groups

API count

id before after diff
securitySolution 1329 1333 +4
timelines 938 959 +21
total +25

API count missing comments

id before after diff
securitySolution 1278 1282 +4
timelines 818 839 +21
total +25

Non-exported public API item count

id before after diff
timelines 25 24 -1

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @semd

@semd semd merged commit b607f42 into elastic:master Aug 17, 2021
@kibanamachine kibanamachine mentioned this pull request Aug 17, 2021
Merged
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Aug 17, 2021
@semd @dhurley14 @kibanamachine
[RAC][Observability] Add status update actions in row menu (elastic#1…
93d55dc 
…08698)

* use rac alerts bulk_update

* cleanup

* adds replace ALERT_STATUS with ALERT_WORKFLOW_STATUS and updates tests and adds logic for switching between signal.status and workflow status when updating alerts in .siem-signals

* allow object and string types in query param, fixed single update api to use WORKFLOW_STATUS instead of ALERT_STATUS

* adds additional integration test for when query is a DSL object in addtion to KQL string

* optionally use fields api in requests if _source does not contain authz properties

* integrate bulk update to all hook calls

* adds fields support, fixes bug where we were writing to 'signals.status' and not { signals: {status }} in alerts client

* clean up and fixes

* fix a bug where we were not waiting for updates to complete when using ids param in alerts bulk update. Adds integration tests for detection engine testing update alerts with new alerts as data client routes

* take index name from ecsData props

* pr suggestions

* some more type fixes

* refactor and type fixes

* snapshot updated

* add status update actions to row context menu

* refactor to use dispatch function in o11y actions

* comment removed

* bring alertConsumer back

* bring indexNames back

* check capabilities to show status update items

Co-authored-by: Devin Hurley <devin.hurley@elastic.co>
@kibanamachine
Copy link
Contributor

💚 Backport successful

Status Branch Result
7.x

This backport PR will be merged automatically after passing CI.

This was referenced Aug 17, 2021
Closed
Merged
kibanamachine added a commit that referenced this pull request Aug 17, 2021
@kibanamachine @semd @dhurley14
[RAC][Observability] Add status update actions in row menu (#108698) (#…
c798795 
…108992)

* use rac alerts bulk_update

* cleanup

* adds replace ALERT_STATUS with ALERT_WORKFLOW_STATUS and updates tests and adds logic for switching between signal.status and workflow status when updating alerts in .siem-signals

* allow object and string types in query param, fixed single update api to use WORKFLOW_STATUS instead of ALERT_STATUS

* adds additional integration test for when query is a DSL object in addtion to KQL string

* optionally use fields api in requests if _source does not contain authz properties

* integrate bulk update to all hook calls

* adds fields support, fixes bug where we were writing to 'signals.status' and not { signals: {status }} in alerts client

* clean up and fixes

* fix a bug where we were not waiting for updates to complete when using ids param in alerts bulk update. Adds integration tests for detection engine testing update alerts with new alerts as data client routes

* take index name from ecsData props

* pr suggestions

* some more type fixes

* refactor and type fixes

* snapshot updated

* add status update actions to row context menu

* refactor to use dispatch function in o11y actions

* comment removed

* bring alertConsumer back

* bring indexNames back

* check capabilities to show status update items

Co-authored-by: Devin Hurley <devin.hurley@elastic.co>

Co-authored-by: Sergi Massaneda <sergi.massaneda@elastic.co>
Co-authored-by: Devin Hurley <devin.hurley@elastic.co>
@dplumlee dplumlee mentioned this pull request Aug 18, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@XavierM XavierM XavierM approved these changes

@michaelolo24 michaelolo24 michaelolo24 approved these changes

@dplumlee dplumlee dplumlee approved these changes

@kqualters-elastic kqualters-elastic kqualters-elastic approved these changes

Assignees

@semd semd

Labels
auto-backport Deprecated - use backport:version if exact versions are needed release_note:skip Skip the PR/issue when compiling release notes Team:Observability Team label for Observability Team (for things that are handled across all of observability) Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.15.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@semd @elasticmachine @kibanamachine @XavierM @michaelolo24 @dplumlee @kqualters-elastic @lukasolson @dhurley14