-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution] [Timeline] Timeline manager tweaks #69988
[Security Solution] [Timeline] Timeline manager tweaks #69988
Conversation
Pinging @elastic/siem (Team:SIEM) |
Hi @stephmilovic, I noticed that in this commit 63e15d3, you stopped passing in |
Hey, just echoing @peluja1012 's comment, was wondering if there was a reason to remove those 2 fields other than not being utilized yet? The exceptions pr relies on access to both and seems fitting to include in this pr. Thanks |
@peluja1012 @dplumlee an unnamed engineer told me to remove it as it was not necessary, but i |
I am the unnamed engineer, why it is not useful to pass you the NonEcsData. It is because this attribute |
@stephmilovic @XavierM For the “Add Exception” action, we need to fetch more fields that the ones displayed in the Timeline columns. @spong recommended that we add the fields we need here https://github.com/elastic/kibana/blob/master/x-pack/plugins/security_solution/public/alerts/components/alerts_table/default_config.tsx#L165. Those fields only seem to be present in |
There are already in the ECS data, because of that https://github.com/elastic/kibana/blob/master/x-pack/plugins/security_solution/public/timelines/containers/index.gql_query.ts#L198 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for these tweaks @stephmilovic
Desk tested the integration with the Investigate in Resolver
functionality, + some ad hoc testing, and it's (still) looking good
LGTM 🚀
💛 Build succeeded, but was flaky
Test FailuresFirefox UI Functional Tests.test/functional/apps/visualize/_tsvb_chart·ts.visualize app visual builder "before each" hook for "should verify topN label and count display"Standard Out
Stack Trace
Build metrics
History
To update your PR or re-run it, just comment with: |
* master: (36 commits) fixed api url in example plugin (elastic#70934) [data.search.aggs]: Remove remaining client dependencies (elastic#70251) [Security Solution][Endpoint] Fix base64 download bug and adopt new user artifact/manifest format (elastic#70998) [Security Solution][Exceptions] - Exception Modal Part I (elastic#70639) [SIEM][Detection Engine][Lists] Adds additional data types to value based lists [SIEM][Detection Engine][Lists] Removes feature flag for lists [APM] Show license callout in ML settings (elastic#70959) Migrate service settings test to jest (elastic#70992) [APM] Add cloud attributes to data telemetry (elastic#71008) Fix breadcrumb on panels for visibility / round corners (elastic#71010) Improve search typescript (elastic#69333) [savedObjects field count] run in baseline job (elastic#70999) [Security Solution] [Timeline] Timeline manager tweaks (elastic#69988) [Endpoint] Support redirect from Policy Details to Ingest when user initiates Edit Policy from Datasource Edit page (elastic#70874) [APM] Add API tests (elastic#70740) [Security Solution][Exceptions] - Tie server and client code together (elastic#70918) [Audit Logging] Add AuditTrail service (elastic#69278) [Usage Collection] Ensure no type duplicates (elastic#70946) [Security Solution] [Timeline] Bugfix for timeline row actions disappear sometimes (elastic#70958) [CI] Add pipeline task queue framework and merge workers into one (elastic#64011) ...
Pinging @elastic/security-solution (Team: SecuritySolution) |
Summary
A couple of small refactors to manage_timeline:
PrinceKing @XavierM )