[Security Solutions] (Phase 1) Adds an application cache called metrics entities and integrates it within Security Solutions behind a feature flag #96446
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… the network screen
FrankHassanabad
changed the title
…ng it by default for now
… experimental feature of metricsEntity
FrankHassanabad
changed the title
FrankHassanabad
changed the title
FrankHassanabad
added
the
Team:Detections and Resp
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
FrankHassanabad
added
release_note:feature
FrankHassanabad
changed the title
FrankHassanabad
changed the title
spong
reviewed
Apr 30, 2021
Comment on lines
+46
to
+47
| Restart Kibana and ensure that you are using `--no-base-path` as changing the base path is a feature but will | ||
| get in the way of the CURL scripts written as is. |
There was a problem hiding this comment.
Platform discourages --no-base-path. We should adapt our scripts to play nice when without this flag. We've discussed this previously with some options being leveraging a static server.basePath: '/kbn', or wrapping our scripts in a helper that calls curl -L http://localhost:5601/ and looks at the redirect and then uses that.
There was a problem hiding this comment.
Thanks for the tip
💚 Build Succeeded
Metrics [docs]Module Count
Public APIs missing comments
Async chunks
Public APIs missing exports
Page load bundle
History
To update your PR or re-run it, just comment with: |
spong
approved these changes
Apr 30, 2021
There was a problem hiding this comment.
Checked out, tested locally, and pair code-reviewed with @FrankHassanabad. Thank you for all your efforts here, and for taking the time to go over all these changes with me -- this is giant leap in providing fast and snappy UI's via metrics and entities! LGTM! 👍 🙂 🚀
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Apr 30, 2021
…cs entities and integrates it within Security Solutions behind a feature flag (elastic#96446) ## Summary Phase 1 of a multi-phase cautious approach for adding an experimental application cache for Kibana solutions called `metric_entities` and integrates it within Security Solutions. Phase 1 is putting experimental support into the application without breaking existing features. Lots of TODO's, conversations and a possible RFC from phase 1 to phase 2 approach. Some features are missing, but for phase 1 the general idea and code is all there. To enable this first phase after checking out the branch add this to your `kibana.dev.yml` ```yml xpack.metricsEntities.enabled: true xpack.securitySolution.enableExperimental: ['metricsEntitiesEnabled'] ``` Then go into Stack Management -> Advanced Settings (Under Security Solutions) and set the enabled to true like so: <img width="1229" alt="Screen Shot 2021-04-08 at 2 21 02 PM" src="https://user-images.githubusercontent.com/1151048/114091276-b3cbb700-9875-11eb-9083-5c1d91dd20ed.png"> Next go to the security_solutions page and you will see it being activated and you will have these transforms running if you look under stack management: <img width="1710" alt="Screen Shot 2021-04-29 at 2 00 27 PM" src="https://user-images.githubusercontent.com/1151048/116611174-4a2e4e00-a8f3-11eb-9e15-55cb504dfb2a.png"> On the hosts page, network, page, etc... You can see them being activated when you have no query/filter and you click on request: <img width="1405" alt="Screen Shot 2021-04-29 at 2 01 28 PM" src="https://user-images.githubusercontent.com/1151048/116611274-6a5e0d00-a8f3-11eb-9998-9f5b3d1c5c63.png"> You will see in the request the index patterns all starting with `estc_xyz*` ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md) We have lots of TODO's but no concrete docs with this just yet. - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials Behind a feature flag and this isn't there yet. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
💚 Backport successful
This backport PR will be merged automatically after passing CI. |
kibanamachine
added a commit
that referenced
this pull request
Apr 30, 2021
…cs entities and integrates it within Security Solutions behind a feature flag (#96446) (#98967) ## Summary Phase 1 of a multi-phase cautious approach for adding an experimental application cache for Kibana solutions called `metric_entities` and integrates it within Security Solutions. Phase 1 is putting experimental support into the application without breaking existing features. Lots of TODO's, conversations and a possible RFC from phase 1 to phase 2 approach. Some features are missing, but for phase 1 the general idea and code is all there. To enable this first phase after checking out the branch add this to your `kibana.dev.yml` ```yml xpack.metricsEntities.enabled: true xpack.securitySolution.enableExperimental: ['metricsEntitiesEnabled'] ``` Then go into Stack Management -> Advanced Settings (Under Security Solutions) and set the enabled to true like so: <img width="1229" alt="Screen Shot 2021-04-08 at 2 21 02 PM" src="https://user-images.githubusercontent.com/1151048/114091276-b3cbb700-9875-11eb-9083-5c1d91dd20ed.png"> Next go to the security_solutions page and you will see it being activated and you will have these transforms running if you look under stack management: <img width="1710" alt="Screen Shot 2021-04-29 at 2 00 27 PM" src="https://user-images.githubusercontent.com/1151048/116611174-4a2e4e00-a8f3-11eb-9e15-55cb504dfb2a.png"> On the hosts page, network, page, etc... You can see them being activated when you have no query/filter and you click on request: <img width="1405" alt="Screen Shot 2021-04-29 at 2 01 28 PM" src="https://user-images.githubusercontent.com/1151048/116611274-6a5e0d00-a8f3-11eb-9998-9f5b3d1c5c63.png"> You will see in the request the index patterns all starting with `estc_xyz*` ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md) We have lots of TODO's but no concrete docs with this just yet. - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials Behind a feature flag and this isn't there yet. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios Co-authored-by: Frank Hassanabad <frank.hassanabad@elastic.co>
FrankHassanabad
added
release_note:skip
1 task
FrankHassanabad
added a commit
that referenced
this pull request
Apr 11, 2022
## Summary Removes the `metrics_entities` plugin and POC. As a different direction will be taken and people can look back at the git history for it as they see fit if they need to refer to it. Once it's re-added it it will be through an RFC process and re-discussed. Earlier PR's which added the POC: #96446 #104559 ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Phase 1 of a multi-phase cautious approach for adding an experimental application cache for Kibana solutions called
metric_entitiesand integrates it within Security Solutions.Phase 1 is putting experimental support into the application without breaking existing features. Lots of TODO's, conversations and a possible RFC from phase 1 to phase 2 approach. Some features are missing, but for phase 1 the general idea and code is all there.
To enable this first phase after checking out the branch add this to your
kibana.dev.ymlThen go into Stack Management -> Advanced Settings (Under Security Solutions) and set the enabled to true like so:
Next go to the security_solutions page and you will see it being activated and you will have these transforms running if you look under stack management:
On the hosts page, network, page, etc... You can see them being activated when you have no query/filter and you click on request:
You will see in the request the index patterns all starting with
estc_xyz*Checklist
Delete any items that are not applicable to this PR.
We have lots of TODO's but no concrete docs with this just yet.
Behind a feature flag and this isn't there yet.