[Security Solution] Coverage overview dashboard filter and search bar by dplumlee · Pull Request #163498 · elastic/kibana

dplumlee · 2023-08-09T15:08:03Z

Summary

Addresses: #158246 and #158245

Adds the MVP filters and search bar to the coverage overview dashboard page

Screenshots

Checklist

Delete any items that are not applicable to this PR.

Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
Unit or functional tests were updated or added to match the most common scenarios
This renders correctly on smaller devices using a responsive layout. (You can test this in your browser)

For maintainers

This was checked for breaking API changes and was labeled appropriately

…ilters

elasticmachine · 2023-08-11T03:41:38Z

Pinging @elastic/security-detections-response (Team:Detections and Resp)

dplumlee · 2023-08-11T03:50:11Z

      }
+      case 'setRuleStatusFilter': {
+        const { value } = action;
+        if (value.length === 0 || value.length === 2) {


@maximpn This weird hardcoded edge case with the length === 2 is caused by the api not taking both Enabled and Disabled as filters (because of the way the ternary written is structured here), even though we seem to have the other rule filter be an OR query join instead of an AND. Is this the expected action?

As empty activity filter produces the same result as as all selected activity values it makes sense to omit the filter param in the request when all values are selected. I don't think there should be an ability to do the same thing in two ways. But you are right the API endpoint doesn't handle right requests when activity is set to ['enabled', 'disabled']. I thought to change it during milestone 2 but it makes sense to do it earlier.

This PR fixes the problem.

maximpn

@dplumlee thank you for nice coverage overview dashboard filters implementation 👍 I played with the dashboard having 3K+ rules and it works as charm 🙌

Though I have concerns about code organization. It should conform with the other code in particular CoverageOverviewDashaboardContext should be similar to contexts added as a part of Rule Immutability/Customization epic.

elasticmachine · 2023-08-11T12:21:22Z

Pinging @elastic/security-solution (Team: SecuritySolution)

…ilters

maximpn

@dplumlee thank you for addressing my comments 🙏 I've done the second review and left some comments. Mostly my concern is about passing filter to RuleActivityFilterComponent and `RuleSourceFilterComponent.

maximpn · 2023-08-14T10:53:44Z

      }
+      case 'setRuleStatusFilter': {
+        const { value } = action;
+        if (value.length === 0 || value.length === 2) {


This PR fixes the problem.

maximpn

@dplumlee the recent version LGTM 👍

There some little things left but it doesn't look critical. Approving in advance to unlock merging back the PR before FF.

kibana-ci · 2023-08-14T17:29:03Z

💛 Build succeeded, but was flaky

Buildkite Build
Commit: 20c061a

Failed CI Steps

Defend Workflows Cypress Tests #1

Test Failures

[job] [logs] Defend Workflows Cypress Tests #1 / Endpoint Policy Response from Fleet Agent Details page should display policy response with errors should display policy response with errors

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id	before	after	diff
`securitySolution`	4401	4404	+3

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
`securitySolution`	15.6MB	15.6MB	+6.7KB

History

💚 Build #149887 succeeded dcdf17a
💛 Build #149457 was flaky 3dec737
💛 Build #149441 was flaky a1e064c
💚 Build #149397 succeeded fc5c88d
💛 Build #148897 was flaky f8f182e
💔 Build #148806 failed daa6bb7

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @dplumlee

vitaliidm

Detection engine area LGTM

…#163498)

adds filters and search bar

daa6bb7

dplumlee self-assigned this Aug 9, 2023

dplumlee added 5 commits August 9, 2023 13:46

updates some tests

e803e0a

Merge remote-tracking branch 'upstream/main' into coverage-overview-f…

f8f182e

…ilters

adds filter unit tests:

fc5c88d

adds button features

a1e064c

adds and consolidates tests

3dec737

dplumlee marked this pull request as ready for review August 11, 2023 03:41

dplumlee requested review from a team as code owners August 11, 2023 03:41

dplumlee requested a review from maximpn August 11, 2023 03:41

dplumlee commented Aug 11, 2023

View reviewed changes

maximpn reviewed Aug 11, 2023

View reviewed changes

banderror added Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. and removed backport:skip This PR does not require backporting labels Aug 11, 2023

dplumlee added 2 commits August 12, 2023 23:06

addresses comments

c71910e

Merge remote-tracking branch 'upstream/main' into coverage-overview-f…

dcdf17a

…ilters

dplumlee requested a review from maximpn August 14, 2023 01:38

maximpn reviewed Aug 14, 2023

View reviewed changes

addresses comments

973f894

maximpn approved these changes Aug 14, 2023

View reviewed changes

addresses last comments

20c061a

vitaliidm approved these changes Aug 14, 2023

View reviewed changes

dplumlee merged commit ab133a7 into elastic:main Aug 14, 2023

kibanamachine added the backport:skip This PR does not require backporting label Aug 14, 2023

dplumlee deleted the coverage-overview-filters branch August 14, 2023 17:43

This was referenced Aug 15, 2023

[Security Solution] Implement rule filters for the Protections/Detections Coverage Overview dashboard #158246

Closed

[Security Solution] Implement a search bar for Protections/Detections Coverage Overview dashboard #158245

Closed

bryce-b pushed a commit that referenced this pull request Aug 22, 2023

[Security Solution] Coverage overview dashboard filter and search bar (…

3822a93

…#163498)

banderror mentioned this pull request Aug 23, 2023

[DOCS] Document the new MITRE ATT&CK Coverage page elastic/security-docs#3797

Closed

banderror added release_note:feature Makes this part of the condensed release notes and removed release_note:skip Skip the PR/issue when compiling release notes labels Sep 6, 2023

banderror mentioned this pull request Sep 6, 2023

8.10.0 Release notes elastic/security-docs#3781

Merged

Conversation

dplumlee commented Aug 9, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary

Screenshots

Checklist

For maintainers

Uh oh!

elasticmachine commented Aug 11, 2023

Uh oh!

dplumlee Aug 11, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

maximpn Aug 11, 2023

Choose a reason for hiding this comment

Uh oh!

maximpn Aug 14, 2023

Choose a reason for hiding this comment

Uh oh!

maximpn left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

elasticmachine commented Aug 11, 2023

Uh oh!

maximpn left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

maximpn Aug 14, 2023

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

maximpn left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

kibana-ci commented Aug 14, 2023

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

Metrics [docs]

Module Count

Async chunks

History

Uh oh!

vitaliidm left a comment

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants

dplumlee commented Aug 9, 2023 •

edited

Loading

dplumlee Aug 11, 2023 •

edited

Loading