[Security Solution] Data Quality dashboard storage metrics#155581
[Security Solution] Data Quality dashboard storage metrics#155581andrew-goldstein merged 4 commits intoelastic:mainfrom
Conversation
andrew-goldstein
added
release_note:enhancement
backport:skip
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
Files by Code Ownerelastic/security-threat-hunting-explore
|
andrew-goldstein
force-pushed
the
data-quality-storage-metrics
branch
from
ba5f1d2 to
64b3bb6
Compare
andrew-goldstein
force-pushed
the
data-quality-storage-metrics
branch
from
2413edd to
01b06fc
Compare
There was a problem hiding this comment.
these inline comments for what's changed are helpful 👌🏾
There was a problem hiding this comment.
it's the same thing, but you could do patterns[i + 1] ? (<Spacer>) : null or maybe just patterns[i + 1] && <Spacer>
There was a problem hiding this comment.
Nit and def not necessary, but with discussions around alerts index name changes, may be better to use the ${DEFAULT_ALERTS_INDEX}-default here.
There was a problem hiding this comment.
i'm reluctant to use ${DEFAULT_ALERTS_INDEX}-default in the context of these tests (and others) because artifacts of the current value, .alerts-security.alerts-default, are ubiquitous in the mock (stats and ILM) data, and in most of the tests.
In most contexts, there's nothing magic about .alerts-security.alerts-default other than it's currently a "foreign key" in the mock data. If the value behind the ${DEFAULT_ALERTS_INDEX}-default changes, tests may start failing (with false positives) unless the mock data is manually updated via search & replace.
There was a problem hiding this comment.
Yea, took me a sec to realize all of these are just in test files, so doesn't really matter what it is as long as it aligns with the mocks. Ignore me...I've been seeing the index pattern everywhere so I'm very sensitive to it 😂
There was a problem hiding this comment.
You can use orderBy to sort in descending order without the additional reverse. Not sure which is more performant though
There was a problem hiding this comment.
you can use orderBy in this function as well
There was a problem hiding this comment.
SUPER random thought, but you can have a space-builder so it's easier to get an idea of the numerical spacing.
Something like ${addSpace(8)} and const addSpace = (spaces: number) => Array(spaces).fill('-').join('');. DEFINITELY over-engineered, but couldn't help myself
There was a problem hiding this comment.
I'll stop commenting on these after this.. re the orderBy vs sort().reverse(). And once again, not sure which would be more performant
There was a problem hiding this comment.
Do you need to pass the reason=""? or keep it the same as line 143?
There was a problem hiding this comment.
nit: you should be able to just pass grow
There was a problem hiding this comment.
nit: missed the 'n' in unallowed for the name of this file :) and file path :)
There was a problem hiding this comment.
Is there ever a scenario where we would want to show partial results if one of the indices didn't return a value? Not necessary now, but just a thought. We'll see how often users run into this scenario...
michaelolo24
left a comment
michaelolo24
left a comment
There was a problem hiding this comment.
The test coverage here is excellent. Thank you for adding them. Desk tested locally across multiple spaces with all ilm phases selected and de-selected and it works great! The tooltips all have the text as expected and there are no signs of the beta tag as far as I can tell. Nice work! 🚀 Just added some minor nits and questions.
 _Above: The new storage metrics treemap updates as indices are checked_  _Above: Storage metrics in the Data Quality dashboard_ ## Summary This PR introduces [storage metrics](elastic/security-team#6047) to the _Data Quality_ dashboard - Multiple views are enhanced to display the size of indices - A new interactive treemap visualizes the relative sizes of indices - Markdown reports include the size of indices - The Data Quality dashboard `Beta` tag is removed - Inline action buttons replace the `Take action` popover - The Global stats panel remains visible when the `Select one or more ILM phases` help is displayed - Code coverage is improved throughout the dashboard ## Details ### Multiple views enhanced to display the size of indices The following views have been enhanced to display the `Size` of indices, per the screenshots below: - The pattern table's `Size` column displays the size of a single index  - The pattern table's `Size` tooltip  - The pattern rollup's `Size` stat displays the total size of indices in a pattern  - The pattern rollup's `Size` stat tooltip  - The global stats rollup `Size` stat displays the total size of all the patterns  - The global stats rollup `Size` stat tooltip  ### New interactive treemap A new interactive treemap visualizes the relative sizes of indices: - The color of indices in the treemap and its legend update as the data is checked  - Clicking on an index in the treemap or the legend expands (and scrolls to) the index ### Markdown reports include the `Size` of indices Markdown reports are enhanced to include the new `Size` statistic in: - Pattern markdown tables | Result | Index | Docs | Incompatible fields | ILM Phase | Size | |--------|-------|------|---------------------|-----------|------| | ❌ | auditbeat-7.14.2-2023.04.09-000001 | 48,077 (4.3%) | 12 | `hot` | 41.3MB | | ❌ | auditbeat-7.3.2-2023.04.09-000001 | 48,068 (4.3%) | 8 | `hot` | 31MB | | ❌ | auditbeat-7.11.2-2023.04.09-000001 | 48,064 (4.3%) | 12 | `hot` | 40.8MB | - Pattern rollup markdown tables | Incompatible fields | Indices checked | Indices | Size | Docs | |---------------------|-----------------|---------|------|------| | 164 | 26 | 26 | 899.3MB | 1,118,155 | - The global stats markdown table | Incompatible fields | Indices checked | Indices | Size | Docs | |---------------------|-----------------|---------|------|------| | 166 | 32 | 32 | 9.2GB | 20,779,245 | ### Data Quality dashboard `Beta` tag removed The Data Quality dashboard `Beta` tag is removed from the following views: - The `Dashboards` page **Before:**  **After:**  - Security Solution side navigation **Before:**  **After:**  - The Data Quality dashboard page header **Before:**  **After:**  ### Inline action buttons replace the `Take action` popover Inline `Add to new case` and `Copy to clipboard` action buttons replace the `Take action` popover, the previous home of these actions: **Before:**  **After:**  ### Global stats panel remains visible when the `Select one or more ILM phases` help is displayed The Global stats panel now remains visible when the `Select one or more ILM phases` help is displayed: **Before:**  **After:**  ### Code coverage improvements Code coverage is improved throughout the dashboard, as measured by running the following command: ```sh node scripts/jest --watch x-pack/packages/kbn-ecs-data-quality-dashboard --coverage ```
…on/public/overview/links.ts`
andrew-goldstein
force-pushed
the
data-quality-storage-metrics
branch
from
01b06fc to
177eed0
Compare
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]Module Count
Async chunks
Unknown metric groupsESLint disabled line counts
Total ESLint disabled count
History
To update your PR or re-run it, just comment with: |
|
@andrew-goldstein could we use the following screenshot in the 8.8 release blog? |
yes @dhru42, thanks! |
6 participants
[Security Solution] Data Quality dashboard storage metrics
Above: The new storage metrics treemap updates as indices are checked
Above: Storage metrics in the Data Quality dashboard
Summary
This PR introduces storage metrics to the Data Quality dashboard
Multiple views are enhanced to display the size of indices
A new interactive treemap visualizes the relative sizes of indices
Markdown reports include the size of indices
The Data Quality dashboard
Betatag is removedInline action buttons replace the
Take actionpopoverThe Global stats panel remains visible when the
Select one or more ILM phaseshelp is displayedCode coverage is improved throughout the dashboard
Details
Multiple views enhanced to display the size of indices
The following views have been enhanced to display the
Sizeof indices, per the screenshots below:Sizecolumn displays the size of a single indexSizetooltipSizestat displays the total size of indices in a patternSizestat tooltipSizestat displays the total size of all the patternsSizestat tooltipNew interactive treemap
A new interactive treemap visualizes the relative sizes of indices:
Markdown reports include the
Sizeof indicesMarkdown reports are enhanced to include the new
Sizestatistic in:hothothotData Quality dashboard
Betatag removedThe Data Quality dashboard
Betatag is removed from the following views:DashboardspageBefore:
After:
Before:
After:
Before:
After:
Inline action buttons replace the
Take actionpopoverInline
Add to new caseandCopy to clipboardaction buttons replace theTake actionpopover, the previous home of these actions:Before:
After:
Global stats panel remains visible when the
Select one or more ILM phaseshelp is displayedThe Global stats panel now remains visible when the
Select one or more ILM phaseshelp is displayed:Before:
After:
Code coverage improvements
Code coverage is improved throughout the dashboard, as measured by running the following command: