elastic · ecezalp · Sep 27, 2021 · Aug 20, 2021 · Aug 23, 2021 · Aug 23, 2021
diff --git a/packages/kbn-optimizer/limits.yml b/packages/kbn-optimizer/limits.yml
@@ -66,7 +66,7 @@ pageLoadAssetSize:
   searchprofiler: 67080
   security: 95864
   securityOss: 30806
-  securitySolution: 217673
+  securitySolution: 224673
   share: 99061
   snapshotRestore: 79032
   spaces: 57868

diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts
@@ -11,6 +11,7 @@ export * from './common';
 export * from './details';
 export * from './first_last_seen';
 export * from './kpi';
+export * from './risky_hosts';
 export * from './overview';
 export * from './uncommon_processes';
 
@@ -22,5 +23,6 @@ export enum HostsQueries {
   hosts = 'hosts',
   hostsEntities = 'hostsEntities',
   overview = 'overviewHost',
+  riskyHosts = 'riskyHosts',
   uncommonProcesses = 'uncommonProcesses',
 }
diff --git a/...ins/security_solution/common/search_strategy/security_solution/hosts/risky_hosts/index.ts b/...ins/security_solution/common/search_strategy/security_solution/hosts/risky_hosts/index.ts
@@ -0,0 +1,15 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { Inspect, Maybe, RequestBasicOptions } from '../../..';
+import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common';
+
+export type HostsRiskyHostsRequestOptions = RequestBasicOptions;
+
+export interface HostsRiskyHostsStrategyResponse extends IEsSearchResponse {
+  inspect?: Maybe<Inspect>;
+}
diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts
@@ -28,6 +28,8 @@ import {
   HostsKpiUniqueIpsStrategyResponse,
   HostsKpiUniqueIpsRequestOptions,
   HostFirstLastSeenRequestOptions,
+  HostsRiskyHostsStrategyResponse,
+  HostsRiskyHostsRequestOptions,
 } from './hosts';
 import {
   NetworkQueries,
@@ -123,6 +125,8 @@ export type StrategyResponseType<T extends FactoryQueryTypes> = T extends HostsQ
   : T extends HostsQueries.details
   ? HostDetailsStrategyResponse
   : T extends UebaQueries.riskScore
+  ? HostsRiskyHostsStrategyResponse
+  : T extends HostsQueries.riskyHosts
   ? RiskScoreStrategyResponse
   : T extends UebaQueries.hostRules
   ? HostRulesStrategyResponse
@@ -180,6 +184,8 @@ export type StrategyRequestType<T extends FactoryQueryTypes> = T extends HostsQu
   ? HostsRequestOptions
   : T extends HostsQueries.details
   ? HostDetailsRequestOptions
+  : T extends HostsQueries.riskyHosts
+  ? HostsRiskyHostsRequestOptions
   : T extends HostsQueries.overview
   ? HostOverviewRequestOptions
   : T extends HostsQueries.authentications

diff --git a/x-pack/plugins/security_solution/cypress/integration/overview/risky_hosts_panel.spec.ts b/x-pack/plugins/security_solution/cypress/integration/overview/risky_hosts_panel.spec.ts
@@ -0,0 +1,69 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import {
+  OVERVIEW_RISKY_HOSTS_ENABLE_MODULE_BUTTON,
+  OVERVIEW_RISKY_HOSTS_LINKS,
+  OVERVIEW_RISKY_HOSTS_LINKS_ERROR_INNER_PANEL,
+  OVERVIEW_RISKY_HOSTS_LINKS_WARNING_INNER_PANEL,
+  OVERVIEW_RISKY_HOSTS_TOTAL_EVENT_COUNT,
+  OVERVIEW_RISKY_HOSTS_VIEW_DASHBOARD_BUTTON,
+} from '../../screens/overview';
+
+import { loginAndWaitForPage } from '../../tasks/login';
+import { OVERVIEW_URL } from '../../urls/navigation';
+import { cleanKibana } from '../../tasks/common';
+import { esArchiverLoad, esArchiverUnload } from '../../tasks/es_archiver';
+
+describe('Risky Hosts Link Panel', () => {
+  before(() => {
+    cleanKibana();
+  });
+
+  it('renders disabled panel view as expected', () => {
+    loginAndWaitForPage(OVERVIEW_URL);
+    cy.get(`${OVERVIEW_RISKY_HOSTS_LINKS} ${OVERVIEW_RISKY_HOSTS_LINKS_ERROR_INNER_PANEL}`).should(
+      'exist'
+    );
+    cy.get(`${OVERVIEW_RISKY_HOSTS_VIEW_DASHBOARD_BUTTON}`).should('be.disabled');
+    cy.get(`${OVERVIEW_RISKY_HOSTS_TOTAL_EVENT_COUNT}`).should('have.text', 'Showing: 0 hosts');
+    cy.get(`${OVERVIEW_RISKY_HOSTS_ENABLE_MODULE_BUTTON}`).should('exist');
+    cy.get(`${OVERVIEW_RISKY_HOSTS_ENABLE_MODULE_BUTTON}`)
+      .should('have.attr', 'href')
+      .and('match', /host-risk-score.md/);
+  });
+
+  describe('enabled module', () => {
+    before(() => {
+      esArchiverLoad('risky_hosts');
+    });
+
+    after(() => {
+      esArchiverUnload('risky_hosts');
+    });
+
+    it('renders disabled dashboard module as expected when there are no hosts in the selected time period', () => {
+      loginAndWaitForPage(
+        `${OVERVIEW_URL}?sourcerer=(timerange:(from:%272021-07-08T04:00:00.000Z%27,kind:absolute,to:%272021-07-09T03:59:59.999Z%27))`
+      );
+      cy.get(
+        `${OVERVIEW_RISKY_HOSTS_LINKS} ${OVERVIEW_RISKY_HOSTS_LINKS_WARNING_INNER_PANEL}`
+      ).should('exist');
+      cy.get(`${OVERVIEW_RISKY_HOSTS_VIEW_DASHBOARD_BUTTON}`).should('be.disabled');
+      cy.get(`${OVERVIEW_RISKY_HOSTS_TOTAL_EVENT_COUNT}`).should('have.text', 'Showing: 0 hosts');
+    });
+
+    it('renders dashboard module as expected when there are hosts in the selected time period', () => {
+      loginAndWaitForPage(OVERVIEW_URL);
+      cy.get(
+        `${OVERVIEW_RISKY_HOSTS_LINKS} ${OVERVIEW_RISKY_HOSTS_LINKS_WARNING_INNER_PANEL}`
+      ).should('not.exist');
+      cy.get(`${OVERVIEW_RISKY_HOSTS_VIEW_DASHBOARD_BUTTON}`).should('be.disabled');
+      cy.get(`${OVERVIEW_RISKY_HOSTS_TOTAL_EVENT_COUNT}`).should('have.text', 'Showing: 1 host');
+    });
+  });
+});
diff --git a/x-pack/plugins/security_solution/cypress/screens/overview.ts b/x-pack/plugins/security_solution/cypress/screens/overview.ts
@@ -155,3 +155,14 @@ export const OVERVIEW_CTI_LINKS_INFO_INNER_PANEL = '[data-test-subj="cti-inner-p
 export const OVERVIEW_CTI_VIEW_DASHBOARD_BUTTON = '[data-test-subj="cti-view-dashboard-button"]';
 export const OVERVIEW_CTI_TOTAL_EVENT_COUNT = `${OVERVIEW_CTI_LINKS} [data-test-subj="header-panel-subtitle"]`;
 export const OVERVIEW_CTI_ENABLE_MODULE_BUTTON = '[data-test-subj="cti-enable-module-button"]';
+
+export const OVERVIEW_RISKY_HOSTS_LINKS = '[data-test-subj="risky-hosts-dashboard-links"]';
+export const OVERVIEW_RISKY_HOSTS_LINKS_ERROR_INNER_PANEL =
+  '[data-test-subj="risky-hosts-inner-panel-danger"]';
+export const OVERVIEW_RISKY_HOSTS_LINKS_WARNING_INNER_PANEL =
+  '[data-test-subj="risky-hosts-inner-panel-warning"]';
+export const OVERVIEW_RISKY_HOSTS_VIEW_DASHBOARD_BUTTON =
+  '[data-test-subj="risky-hosts-view-dashboard-button"]';
+export const OVERVIEW_RISKY_HOSTS_TOTAL_EVENT_COUNT = `${OVERVIEW_RISKY_HOSTS_LINKS} [data-test-subj="header-panel-subtitle"]`;
+export const OVERVIEW_RISKY_HOSTS_ENABLE_MODULE_BUTTON =
+  '[data-test-subj="risky-hosts-enable-module-button"]';
diff --git a/x-pack/plugins/security_solution/public/common/components/events_viewer/index.tsx b/x-pack/plugins/security_solution/public/common/components/events_viewer/index.tsx
@@ -32,6 +32,7 @@ import { defaultControlColumn } from '../../../timelines/components/timeline/bod
 import { EventsViewer } from './events_viewer';
 import * as i18n from './translations';
 import { GraphOverlay } from '../../../timelines/components/graph_overlay';
+
 const EMPTY_CONTROL_COLUMNS: ControlColumnProps[] = [];
 const leadingControlColumns: ControlColumnProps[] = [
   {

diff --git a/...gins/security_solution/public/overview/components/link_panel/disabled_link_panel.test.tsx b/...gins/security_solution/public/overview/components/link_panel/disabled_link_panel.test.tsx
@@ -0,0 +1,44 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import React from 'react';
+import { mount } from 'enzyme';
+import { TestProviders } from '../../../common/mock';
+import { DisabledLinkPanel } from './disabled_link_panel';
+import { ThreatIntelPanelView as TestView } from '../overview_cti_links/threat_intel_panel_view';
+
+jest.mock('../../../common/lib/kibana');
+
+describe('DisabledLinkPanel', () => {
+  const defaultProps = {
+    docLink: '/doclink',
+    listItems: [],
+    titleCopy: 'title',
+    bodyCopy: 'body',
+    buttonCopy: 'button',
+    dataTestSubjPrefix: 'test-prefix',
+    LinkPanelViewComponent: TestView,
+  };
+
+  it('renders expected children', () => {
+    const wrapper = mount(
+      <TestProviders>
+        <DisabledLinkPanel {...defaultProps} />
+      </TestProviders>
+    );
+
+    expect(
+      wrapper.exists(
+        '[data-test-subj="test-prefix-inner-panel-danger"] [data-test-subj="test-prefix-enable-module-button"]'
+      )
+    ).toEqual(true);
+    expect(
+      wrapper.find('[data-test-subj="test-prefix-enable-module-button"]').hostNodes().text()
+    ).toEqual(defaultProps.buttonCopy);
+    expect(wrapper.find('a').hostNodes().props().href).toEqual(defaultProps.docLink);
+  });
+});
diff --git a/...k/plugins/security_solution/public/overview/components/link_panel/disabled_link_panel.tsx b/...k/plugins/security_solution/public/overview/components/link_panel/disabled_link_panel.tsx
@@ -0,0 +1,58 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import React, { memo } from 'react';
+import { EuiButton } from '@elastic/eui';
+
+import { InnerLinkPanel } from './inner_link_panel';
+import { LinkPanelListItem, LinkPanelViewProps } from './types';
+
+interface DisabledLinkPanelProps {
+  docLink: string;
+  listItems: LinkPanelListItem[];
+  titleCopy: string;
+  bodyCopy: string;
+  buttonCopy: string;
+  dataTestSubjPrefix: string;
+  LinkPanelViewComponent: React.ComponentType<LinkPanelViewProps>;
+}
+
+const DisabledLinkPanelComponent: React.FC<DisabledLinkPanelProps> = ({
+  docLink,
+  listItems,
+  titleCopy,
+  bodyCopy,
+  buttonCopy,
+  dataTestSubjPrefix,
+  LinkPanelViewComponent,
+}) => {
+  return (
+    <LinkPanelViewComponent
+      splitPanel={
+        <InnerLinkPanel
+          color="warning"
+          title={titleCopy}
+          body={bodyCopy}
+          button={
+            <EuiButton
+              href={docLink}
+              color="warning"
+              target="_blank"
+              data-test-subj={`${dataTestSubjPrefix}-enable-module-button`}
+            >
+              {buttonCopy}
+            </EuiButton>
+          }
+          dataTestSubj={`${dataTestSubjPrefix}-inner-panel-danger`}
+        />
+      }
+      listItems={listItems}
+    />
+  );
+};
+
+export const DisabledLinkPanel = memo(DisabledLinkPanelComponent);
diff --git a/x-pack/plugins/security_solution/public/overview/components/link_panel/helpers.ts b/x-pack/plugins/security_solution/public/overview/components/link_panel/helpers.ts
@@ -0,0 +1,17 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { LinkPanelListItem } from '.';
+
+export const isLinkPanelListItem = (
+  item: LinkPanelListItem | Partial<LinkPanelListItem>
+): item is LinkPanelListItem =>
+  typeof item.title === 'string' && typeof item.path === 'string' && typeof item.count === 'number';
+
+export interface EventCounts {
+  [key: string]: number;
+}
diff --git a/x-pack/plugins/security_solution/public/overview/components/link_panel/index.ts b/x-pack/plugins/security_solution/public/overview/components/link_panel/index.ts
@@ -0,0 +1,11 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export { LinkPanel } from './link_panel';
+export { InnerLinkPanel } from './inner_link_panel';
+export { LinkPanelListItem } from './types';
+export { isLinkPanelListItem } from './helpers';
diff --git a/...plugins/security_solution/public/overview/components/link_panel/inner_link_panel.test.tsx b/...plugins/security_solution/public/overview/components/link_panel/inner_link_panel.test.tsx
@@ -0,0 +1,34 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import React from 'react';
+import { mount } from 'enzyme';
+import { TestProviders } from '../../../common/mock';
+import { InnerLinkPanel } from './inner_link_panel';
+
+describe('InnerLinkPanel', () => {
+  const defaultProps = {
+    title: 'test_title',
+    body: 'test_body',
+    button: <div className={'test-button'} />,
+    dataTestSubj: 'test-subj',
+  };
+
+  it('renders expected children', () => {
+    const wrapper = mount(
+      <TestProviders>
+        <InnerLinkPanel color="warning" {...defaultProps} />
+      </TestProviders>
+    );
+
+    expect(wrapper.exists('[data-test-subj="test-subj"]')).toEqual(true);
+    expect(wrapper.exists('.test-button')).toEqual(true);
+    expect(wrapper.find('[data-test-subj="inner-link-panel-title"]').hostNodes().text()).toEqual(
+      defaultProps.title
+    );
+  });
+});
diff --git a/...ts/overview_cti_links/cti_inner_panel.tsx → ...omponents/link_panel/inner_link_panel.tsx b/...ts/overview_cti_links/cti_inner_panel.tsx → ...omponents/link_panel/inner_link_panel.tsx
@@ -30,7 +30,7 @@ const Icon = styled(EuiIcon)`
   transform: scale(${({ color }) => (color === 'primary' ? 1.4 : 1)});
 `;
 
-export const CtiInnerPanel = ({
+export const InnerLinkPanel = ({
   color,
   title,
   body,
@@ -46,12 +46,14 @@ export const CtiInnerPanel = ({
   const iconType = color === 'primary' ? 'iInCircle' : 'help';
   return (
     <PanelContainer grow={false} color={color}>
-      <EuiFlexGroup direction={'column'} data-test-subj={dataTestSubj}>
+      <EuiFlexGroup direction="column" data-test-subj={dataTestSubj}>
         <EuiFlexItem>
-          <EuiFlexGroup direction={'row'}>
+          <EuiFlexGroup direction="row">
             <Icon type={iconType} size="m" color={color} />
             <EuiFlexItem>
-              <Title textcolor={color}>{title}</Title>
+              <Title data-test-subj="inner-link-panel-title" textcolor={color}>
+                {title}
+              </Title>
             </EuiFlexItem>
           </EuiFlexGroup>
           {body}

diff --git a/x-pack/plugins/security_solution/public/overview/components/link_panel/link.test.tsx b/x-pack/plugins/security_solution/public/overview/components/link_panel/link.test.tsx
@@ -0,0 +1,27 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import React from 'react';
+import { mount } from 'enzyme';
+import { Link } from './link';
+
+describe('Link', () => {
+  it('renders <a> tag when there is a path', () => {
+    const wrapper = mount(<Link copy={'test'} path={'/path'} />);
+
+    expect(wrapper.exists('a')).toEqual(true);
+    expect(wrapper.find('a').hostNodes().props().href).toEqual('/path');
+    expect(wrapper.find('a').hostNodes().text()).toEqual('test(opens in a new tab or window)');
+  });
+
+  it('does not render <a> tag when there is no path', () => {
+    const wrapper = mount(<Link copy={'test'} />);
+
+    expect(wrapper.exists('a')).toEqual(false);
+    expect(wrapper.find('div').hostNodes().at(0).text()).toEqual('test');
+  });
+});