Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Remove discover] Implement embeddable dashboard on Threat Hunting module #6486

Conversation

jbiset
Copy link
Member

@jbiset jbiset commented Mar 6, 2024

Description

Implement the embeddable dashboard on Threat hunting -> dashboard tab and deprecate any use of kibana-integrations components.

Issues Resolved

Evidence

  • Each visualization, if applicable, must have interaction so that it adds the corresponding filter(s) upon clicking.
Evidence_1.webm
  • The visualizations have to be updated according to the filters applied in the searchbar.
Evidence_2.webm
  • The visualizations have to be updated when a search is performed in the searchbar.
Evidence_3.webm
  • If there are no results, the corresponding message must appear that there are no results and the visualizations should not be rendered.

image

  • If there is SampleData, the corresponding SampleData message must appear.

image

  • If an agent is pinned, the views must be updated and changed to the agent view, if applicable.
Evidence_6.webm
  • Check filter behavior with respect to hide alerts, allow agents and filter order.

image

image

Test

Go to Threats Hunting and check the following:

  • Each visualization, if applicable, must have interaction so that it adds the corresponding filter(s) upon clicking.
  • The visualizations have to be updated according to the filters applied in the searchbar.
  • The visualizations have to be updated when a search is performed in the searchbar.
  • If there are no results, the corresponding message must appear that there are no results and the visualizations should not be rendered.
  • If there is SampleData, the corresponding SampleData message must appear.
  • If an agent is pinned, the views must be updated and changed to the agent view, if applicable.
  • Check filter behavior with respect to hide alerts, allow agents and filter order.

Check List

  • All tests pass
    • yarn test:jest
  • New functionality includes testing.
  • New functionality has been documented.
  • Update CHANGELOG.md
  • Commits are signed per the DCO using --signoff

@jbiset jbiset self-assigned this Mar 6, 2024
@jbiset jbiset changed the base branch from master to 4.9.0 March 6, 2024 22:14
@jbiset jbiset linked an issue Mar 6, 2024 that may be closed by this pull request
19 tasks
jbiset and others added 3 commits March 13, 2024 17:20
Copy link
Contributor

Wazuh Core plugin code coverage (Jest) test % values
Statements 28.94% ( 286 / 988 )
Branches 26.22% ( 107 / 408 )
Functions 26.87% ( 86 / 320 )
Lines 28.68% ( 278 / 969 )

Copy link
Contributor

Wazuh Check Updates plugin code coverage (Jest) test % values
Statements 76.44% ( 172 / 225 )
Branches 58.65% ( 61 / 104 )
Functions 61.7% ( 29 / 47 )
Lines 76.44% ( 172 / 225 )

Copy link
Contributor

Main plugin code coverage (Jest) test % values
Statements 11.79% ( 4093 / 34697 )
Branches 7.47% ( 1697 / 22699 )
Functions 10.45% ( 862 / 8244 )
Lines 11.98% ( 3986 / 33258 )

@jbiset jbiset marked this pull request as ready for review April 22, 2024 22:11
@JuanGarriuz JuanGarriuz self-requested a review April 23, 2024 09:52
@yenienserrano
Copy link
Member

yenienserrano commented Apr 24, 2024

Test

Go to Threats Hunting and check the following:

  • Each visualization, if applicable, must have interaction so that it adds the corresponding filter(s) upon clicking.
Details

image

  • The visualizations have to be updated according to the filters applied in the searchbar.
Details

image

  • The visualizations have to be updated when a search is performed in the searchbar.
Details

image

  • If there are no results, the corresponding message must appear that there are no results and the visualizations should not be rendered.
Details

image

  • If there is SampleData, the corresponding SampleData message must appear.
Details

image

  • If an agent is pinned, the views must be updated and changed to the agent view, if applicable.
Details

image

  • Check filter behavior with respect to hide alerts, allow agents and filter order.
Details

image

@JuanGarriuz
Copy link
Member

JuanGarriuz commented Apr 25, 2024

Test

Go to Threats Hunting and check the following:

  • Each visualization, if applicable, must have interaction so that it adds the corresponding filter(s) upon clicking.
Grabacion.2024-04-25.130938.mp4
  • The visualizations have to be updated according to the filters applied in the searchbar.

image

  • The visualizations have to be updated when a search is performed in the searchbar.

image

  • If there are no results, the corresponding message must appear that there are no results and the visualizations should not be rendered.

image

  • If there is SampleData, the corresponding SampleData message must appear.

image

  • If an agent is pinned, the views must be updated and changed to the agent view, if applicable.

image

  • Check filter behavior with respect to hide alerts, allow agents and filter order.

image
image

yenienserrano
yenienserrano previously approved these changes Apr 25, 2024
Copy link
Member

@yenienserrano yenienserrano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

JuanGarriuz
JuanGarriuz previously approved these changes Apr 25, 2024
@asteriscos asteriscos dismissed stale reviews from JuanGarriuz and yenienserrano via 19f48ef April 25, 2024 12:16
@asteriscos asteriscos merged commit e6fccad into 4.9.0 Apr 25, 2024
1 check passed
@asteriscos asteriscos deleted the 6478-remove-discover-implement-embeddable-dashboard-on-threat-hunting-module branch April 25, 2024 12:16
Machi3mfl pushed a commit that referenced this pull request Apr 25, 2024
…dule (#6486)

* Migrated visualizations to embeddables

* Added withPinnedAgent HOC

* Added dashboard update mechanism depending on whether or not an agent has been pinned

* Pinned agent visualization definitions are migrated and aesthetic adjustments are made

* The interaction was added to the KPIs, the links to the lower table were added, as well as the change of columns when an agent is set

* Integrated new data source on Threat Hunting module

* DiscoverNoResults and LoadingSpinner components are replaced with common components

* Clean code and fixed dashboards conditions

* Improved condition for rendering the dashboard and SampleData message

* Removed unnecessary general/threat hunting in tabFilters in common data to remove duplicate filters

* Removed unused getImplicitPinnedAgent in modules-helper

* Added dateRange param to fetchData in dashboard useEffect, added wz-discover hide-filter-control classes to hide the button that allows you to affect all the filters in the search bar and use searchbarProps deconstruction

* Deleted unnecessary wz-discover class on SearchBar wrapper

* Changed Threat Hunting columns file name

* Deleted unused imports in modules-helper

---------

Co-authored-by: Ian Yenien Serrano <63758389+yenienserrano@users.noreply.github.com>
Co-authored-by: Federico Rodriguez <federico.rodriguez@wazuh.com>
Tostti pushed a commit that referenced this pull request Apr 25, 2024
* Moved mitre intelligence to a subfolder

* fix imports

* moved mitre framework

* fix framework imports

* Changed dashboard

* updated snapshots

* Fixed typo

* Added pinned agent mode

* Changed mitre dashboard

* Fix framework tab

* Add mitre data source

* Change framework tab class components to functional components

* Added date picker in search bar

* Add aggregattions to search

* Add columns definition in data grid

* Fix cluster disabled error on filter

* Add receive filter manager like prop

* Create generic components to reuse in discover

* Add mitre attack data source

* Create flyout discover

* Refactor mitre with data source

* Add default fetch filters

* Linter in wz-discover

* Create component to reuse in discover

* Add expanded techniques row inner component

* Apply initial fetch filters on flyout

* Linter on mitre module

* Fix cluster filter

* Fix UI styles

* Add redirect links and apply filters links

* Update CHANGELOG

* Remove unused code and imports

* Fix table headers and cell links

* Move mitre lib to react-services

* Fix files with prettier

* Signed commit

* [Remove discover] Implement embeddable dashboard on server management cluster module (#6561)

* Migrated Server Management Cluster to embeddables without cluster controller

* Fixed width of Cluster Configuration section

* Rendering conditions are adjusted and clean code

* Deleted controller and visualization monitoring files

* Integrated data-source implementation

* Fixed configuration_cards itemsList, the code is improved and unnecessary code is removed

* Added HOC withGuardAsync

* Changed the source of clusterEnabled information to that provided by the API

* Changed ClusterOverview component class to functional and fixed error on checkClusterIsEnabledAndRunning

* Added more dependencies in useEffect on Cluster Dashboard

* Added error handling to cluster-disabled component

* Fixed alert.timestamp field on SampleData

* Remove discover - Implement embeddable dashboard on statistics module (#6542)

* Migrated visualizations to embeddables

* Changed searchbar and node selector

* Cleaned dashboard obsolete code

* Added selectedNodeFilter

* Integrated new data source on statistics

* Fixed statistics index without data.

* Added apiName filter

* Fixed nodeName filter when a node is selected in cluster mode

* Added No results message, fixed allow agents filters on request and cleaned obsolete code

* Changed condition of apiName filter, validation of statistics-data-source-repository and abstracted behavior between DashboardListenerEngineStatistics and DashboardAnalysisEngineStatistics

* Deleted unused  use-build-statistics-visualizations hook

* Fixed information message depending on active tab

* Added withUserAuthorizationPrompt to add protection with the user permissions check

* remove(statistics): unused message definitions

* Deleted unused index.ts file on cluster integration-files visualizations

---------

Co-authored-by: Antonio David Gutiérrez <antonio.gutierrez@wazuh.com>

* Fix changelog entries (#6612)

* changelog: fix entries

* Change enrollment.dns changelog entry

---------

Co-authored-by: Federico Rodriguez <federico.rodriguez@wazuh.com>

* Remove AngularJS component click-action.js (#6613)

* remove click-action.js

* update changelog

* Update changelog

---------

Co-authored-by: Federico Rodriguez <federico.rodriguez@wazuh.com>

* Refactor settings angularJS controller (#6580)

* Create settings component

* Parcial refactor into react component

* Remove angularJS controller

* Remove unnecessary properties

* Add changelog

* fix: category parameter to preselect the app category settings on App Settings from Statistics

* Remove optional chaining operator

---------

Co-authored-by: Antonio David Gutiérrez <antonio.gutierrez@wazuh.com>

* Fix mitre columns error in techniques on hover

* Hide remove filters on search bar

* Use not global time filter and query in search bar

* Fix filters in visualizations

* Implement journald log collection feature (#6572)

* Added tab

* Add journald tab

* Added changes to imposter

* journald values filters table

* Update changelog and redesign filters table

* Fixed styles

* Fixed hardcode bug

* Added filters groups

* Change to an accordion render

* Added helps-link

* Added changelog

* Fix changelog and message popover improve

* Update configuration-setting imports

* Fix macOS log title

* resolve comments

* Fixed info euitext render and header no render in journald tab

* Add verification to mac and journald agents and add condition to journald

---------

Co-authored-by: Federico Rodriguez <federico.rodriguez@wazuh.com>

* Remove global filter manager from common-data

* Fix date range parser on requests

* Fix error when remove query saved

* Add timestamp formatted in events data grid

* [Remove discover] Implement embeddable dashboard on Virustotal module (#6525)

* Migrated visualizations, added loadings and messages

* Fixed warning for expected a single ReactElement

* Added new virustotal data source. Changed NoResults and LoadingSpinner to commons components

* Fixed Events tab

* Integrated pinned agent functionality based on data source

* Added timeRange to dashboard useEffect dependencies and changed the way to get pinned agent

* Deleted unused component

* Changed AlertsVirustotalDataSource import in modules-defaults

* Fixed error message

* DashboardByRenderer timeRange params replaced by searchBarProps deconstruction

* Added wz-discover hide-filter-control classes to hide the button that allows you to affect all the filters in the search bar

* Removed unnecessary virus total in Filters tab in common data to remove duplicate filters

* Removed unused getImplicitPinnedAgent in modules-helper

* Added dateRange param to fetchData in dashboard useEffect

* Improved AlertsVirustotalDataSource import in modules-defaults and deleted wz-discover on SearchBar wrapper

* [Remove discover] Implement embeddable dashboard on Threat Hunting module (#6486)

* Migrated visualizations to embeddables

* Added withPinnedAgent HOC

* Added dashboard update mechanism depending on whether or not an agent has been pinned

* Pinned agent visualization definitions are migrated and aesthetic adjustments are made

* The interaction was added to the KPIs, the links to the lower table were added, as well as the change of columns when an agent is set

* Integrated new data source on Threat Hunting module

* DiscoverNoResults and LoadingSpinner components are replaced with common components

* Clean code and fixed dashboards conditions

* Improved condition for rendering the dashboard and SampleData message

* Removed unnecessary general/threat hunting in tabFilters in common data to remove duplicate filters

* Removed unused getImplicitPinnedAgent in modules-helper

* Added dateRange param to fetchData in dashboard useEffect, added wz-discover hide-filter-control classes to hide the button that allows you to affect all the filters in the search bar and use searchbarProps deconstruction

* Deleted unnecessary wz-discover class on SearchBar wrapper

* Changed Threat Hunting columns file name

* Deleted unused imports in modules-helper

---------

Co-authored-by: Ian Yenien Serrano <63758389+yenienserrano@users.noreply.github.com>
Co-authored-by: Federico Rodriguez <federico.rodriguez@wazuh.com>

* Renamed virus total data source

* Change order fixed filters virus total

* Clean dashboard code

---------

Co-authored-by: Maximiliano <maximiliano.ibarra@wazuh.com>
Co-authored-by: Maximiliano Ibarra <6089438+Machi3mfl@users.noreply.github.com>
Co-authored-by: Julio César Biset <43619595+jbiset@users.noreply.github.com>
Co-authored-by: Antonio David Gutiérrez <antonio.gutierrez@wazuh.com>
Co-authored-by: Antonio <34042064+Desvelao@users.noreply.github.com>
Co-authored-by: Federico Rodriguez <federico.rodriguez@wazuh.com>
Co-authored-by: Ian Yenien Serrano <63758389+yenienserrano@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Remove discover] Implement embeddable dashboard on Threat hunting module
5 participants