[Security Solution] Discover Security Profile Changes + Event timeline redirection#204756
Merged
logeekal merged 55 commits intoelastic:mainfrom Jun 24, 2025
Merged
[Security Solution] Discover Security Profile Changes + Event timeline redirection#204756logeekal merged 55 commits intoelastic:mainfrom
logeekal merged 55 commits intoelastic:mainfrom
Conversation
logeekal
added
Team:Threat Hunting:Investigations
Contributor
|
PR Project deployment started at: https://buildkite.com/elastic/kibana-deploy-project-from-pr/builds/214 |
Contributor
|
Project deployed, see credentials at: https://buildkite.com/elastic/kibana-deploy-project-from-pr/builds/214 |
Contributor
|
PR Project deployment started at: https://buildkite.com/elastic/kibana-deploy-project-from-pr/builds/217 |
Contributor
|
Project deployed, see credentials at: https://buildkite.com/elastic/kibana-deploy-project-from-pr/builds/217 |
logeekal
changed the title
logeekal
force-pushed
the
feat/timeline_redirect
branch
from
9f69bdd to
214bb37
Compare
logeekal
commented
Feb 18, 2025
x-pack/solutions/security/plugins/security_solution/public/common/hooks/use_url_state.ts
Show resolved
Hide resolved
Contributor
|
Just noting that I contacted @logeekal via Slack about the project created from this PR which is currently having some difficulties, in case anyone else lands here since the project name has the PR number in it :-) |
logeekal
removed
ci:project-deploy-security
Fix failing tests after enabling security root profile
Contributor
💚 Build Succeeded
Metrics [docs]Module Count
Public APIs missing comments
Async chunks
Page load bundle
Unknown metric groupsAPI count
async chunk count
History
|
logeekal
added
backport:version
Contributor
|
Starting backport for target branches: 8.19 https://github.com/elastic/kibana/actions/runs/15838553798 |
Contributor
|
Starting backport for target branches: 8.19 https://github.com/elastic/kibana/actions/runs/15838553739 |
Contributor
💔 All backports failed
Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
1 similar comment
Contributor
💔 All backports failed
Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
Contributor
Author
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
logeekal
added a commit
to logeekal/kibana
that referenced
this pull request
Jun 24, 2025
…e redirection (elastic#204756) ## Summary This PR customized Discover's Security Root Profile with 3 new changes. \ With this change Discover's Security profile ceases to be `experimental`. Below are the changes listed one in this profile. >[!Note] > This change also removes the Flyout changes that were added for security solution to the Discover's security profile. ### Row Indicators. Adds row indicators based on Alert or an event as shown in the screenshot below. Note the highlights on the left of the row. `Yellow` for Alerts. `Gray` for Events.  ### Default list of Columns. Adds the list of default columns that should appear when security profile is activated.  ### Explore in Security Flyout. As shown the demo below, this action explores and event or an alert in security solution as shown in the screenshot below. https://github.com/user-attachments/assets/4c228bb1-60af-433b-8e8f-1a5d4d049985 ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios ### Identify risks Does this PR introduce any risks? For example, consider risks like hard to test bugs, performance regression, potential of data loss. Describe the risk, its severity, and mitigation for each identified risk. Invite stakeholders and evaluate how to proceed before merging. - [ ] [See some risk examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) - [ ] ... --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Davis McPhee <davis.mcphee@elastic.co> (cherry picked from commit fbec7db) # Conflicts: # src/platform/plugins/shared/discover/public/context_awareness/profile_providers/security/accessors/create_app_wrapper_accessor.ts # src/platform/plugins/shared/discover/public/context_awareness/profile_providers/security/constants.ts # src/platform/plugins/shared/discover/public/context_awareness/profile_providers/security/security_root_profile/profile.tsx # src/platform/plugins/shared/discover/tsconfig.json # src/plugins/discover/public/context_awareness/profile_providers/security/accessors/create_app_wrapper_accessor.ts # src/plugins/discover/public/context_awareness/profile_providers/security/accessors/get_default_app_state.test.ts # src/plugins/discover/public/context_awareness/profile_providers/security/accessors/get_default_app_state.ts # src/plugins/discover/public/context_awareness/profile_providers/security/accessors/get_row_indicator.test.ts # src/plugins/discover/public/context_awareness/profile_providers/security/accessors/get_row_indicator.ts # x-pack/plugins/security_solution/public/one_discover/app_wrapper/index.tsx # x-pack/solutions/security/plugins/security_solution/public/common/hooks/timeline/use_sync_timeline_url_param.ts # x-pack/solutions/security/plugins/security_solution/public/plugin.tsx # x-pack/solutions/security/plugins/security_solution/public/timelines/components/open_timeline/helpers.ts # x-pack/solutions/security/plugins/security_solution/public/timelines/store/model.ts # x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts # x-pack/test_serverless/functional/test_suites/security/constants.ts # x-pack/test_serverless/functional/test_suites/security/ftr/discover/context_awareness/cell_renderer.ts # x-pack/test_serverless/functional/test_suites/security/ftr/discover/context_awareness/index.ts
logeekal
added a commit
that referenced
this pull request
Jun 24, 2025
…nt timeline redirection (#204756) (#224984) # Backport This will backport the following commits from `main` to `8.19`: - [[Security Solution] Add Host/User flyout in One Discover. (#199279)](#199279) - [[ Security Solution ] One discover security context functional tests (#199818)](#199818) - [[Security Solution] Discover Security Profile Changes + Event timeline redirection (#204756)](#204756) <!--- Backport version: 10.0.1 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Jatin Kathuria","email":"jatin.kathuria@elastic.co"},"sourceCommit":{"committedDate":"2024-11-29T13:04:58Z","message":"[Security Solution] Add Host/User flyout in One Discover. (#199279)\n\n## Summary\n\nHandles https://github.com/elastic/kibana/issues/191998\n\nFollow up work:\n - https://github.com/elastic/security-team/issues/11112\n - https://github.com/elastic/kibana/issues/196667\n\n\nThis PR add below entity flyouts for below entities in One Discover:\n- host.name\n- user.name\n- source.ip\n- destination.ip\n\n\nIn this PR we re-use the security solution code by making use of below\nmodel based on `discover-shared` plugin.\n\n```mermaid\nflowchart TD\n discoverShared[\"Discover Shared\"]\n securitySolution[\"Security Solution\"]\n discover[\"Discover\"]\n\n\n securitySolution -- \"registers Features\" --> discoverShared\n discover -- \"consume Features\" --> discoverShared\n\n```\n\n## How to Test\n\n>[!Note]\n>This PR adds `security-root-profile` in One discover which is currently\nin `experimental mode`. All changes below can only be tested when\nprofile is activated. Profile can activated by adding below lines in\n`config/kibana.dev.yml`\n> ```yaml\n> discover.experimental.enabledProfiles:\n> - security-root-profile\n> ```\n>\n\n1. As mentioned above, adding above experimental flag in\n`kibana.dev.yml`.\n2. Spin up Security Serverless project and add some alert Data.\n3. Navigate to Discover and add columns `host.name` and `user.name` in\ntable. Now `host` and `user` flyouts should be available on clicking\n`host.name`, `user.name`, `source.ip` & `destination.ip`.\n4. Flyout should work without any error.\n5. Below things are not working and will be tackled in followup PR :\n - Security Hover actions\n - Actions such as `Add to Timeline` or `Add to Case` \n\n\n\n### Checklist\n\nDelete any items that are not applicable to this PR.\n\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"c80f91efebfc783c1b8f64dbad479deeb6586d1c","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","Team:Threat Hunting:Investigations","Project:OneDiscover","backport:version","v9.1.0","v8.19.0"],"title":"[Security Solution] Add Host/User flyout in One Discover.","number":199279,"url":"https://github.com/elastic/kibana/pull/199279","mergeCommit":{"message":"[Security Solution] Add Host/User flyout in One Discover. (#199279)\n\n## Summary\n\nHandles https://github.com/elastic/kibana/issues/191998\n\nFollow up work:\n - https://github.com/elastic/security-team/issues/11112\n - https://github.com/elastic/kibana/issues/196667\n\n\nThis PR add below entity flyouts for below entities in One Discover:\n- host.name\n- user.name\n- source.ip\n- destination.ip\n\n\nIn this PR we re-use the security solution code by making use of below\nmodel based on `discover-shared` plugin.\n\n```mermaid\nflowchart TD\n discoverShared[\"Discover Shared\"]\n securitySolution[\"Security Solution\"]\n discover[\"Discover\"]\n\n\n securitySolution -- \"registers Features\" --> discoverShared\n discover -- \"consume Features\" --> discoverShared\n\n```\n\n## How to Test\n\n>[!Note]\n>This PR adds `security-root-profile` in One discover which is currently\nin `experimental mode`. All changes below can only be tested when\nprofile is activated. Profile can activated by adding below lines in\n`config/kibana.dev.yml`\n> ```yaml\n> discover.experimental.enabledProfiles:\n> - security-root-profile\n> ```\n>\n\n1. As mentioned above, adding above experimental flag in\n`kibana.dev.yml`.\n2. Spin up Security Serverless project and add some alert Data.\n3. Navigate to Discover and add columns `host.name` and `user.name` in\ntable. Now `host` and `user` flyouts should be available on clicking\n`host.name`, `user.name`, `source.ip` & `destination.ip`.\n4. Flyout should work without any error.\n5. Below things are not working and will be tackled in followup PR :\n - Security Hover actions\n - Actions such as `Add to Timeline` or `Add to Case` \n\n\n\n### Checklist\n\nDelete any items that are not applicable to this PR.\n\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"c80f91efebfc783c1b8f64dbad479deeb6586d1c"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199279","number":199279,"mergeCommit":{"message":"[Security Solution] Add Host/User flyout in One Discover. (#199279)\n\n## Summary\n\nHandles https://github.com/elastic/kibana/issues/191998\n\nFollow up work:\n - https://github.com/elastic/security-team/issues/11112\n - https://github.com/elastic/kibana/issues/196667\n\n\nThis PR add below entity flyouts for below entities in One Discover:\n- host.name\n- user.name\n- source.ip\n- destination.ip\n\n\nIn this PR we re-use the security solution code by making use of below\nmodel based on `discover-shared` plugin.\n\n```mermaid\nflowchart TD\n discoverShared[\"Discover Shared\"]\n securitySolution[\"Security Solution\"]\n discover[\"Discover\"]\n\n\n securitySolution -- \"registers Features\" --> discoverShared\n discover -- \"consume Features\" --> discoverShared\n\n```\n\n## How to Test\n\n>[!Note]\n>This PR adds `security-root-profile` in One discover which is currently\nin `experimental mode`. All changes below can only be tested when\nprofile is activated. Profile can activated by adding below lines in\n`config/kibana.dev.yml`\n> ```yaml\n> discover.experimental.enabledProfiles:\n> - security-root-profile\n> ```\n>\n\n1. As mentioned above, adding above experimental flag in\n`kibana.dev.yml`.\n2. Spin up Security Serverless project and add some alert Data.\n3. Navigate to Discover and add columns `host.name` and `user.name` in\ntable. Now `host` and `user` flyouts should be available on clicking\n`host.name`, `user.name`, `source.ip` & `destination.ip`.\n4. Flyout should work without any error.\n5. Below things are not working and will be tackled in followup PR :\n - Security Hover actions\n - Actions such as `Add to Timeline` or `Add to Case` \n\n\n\n### Checklist\n\nDelete any items that are not applicable to this PR.\n\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"c80f91efebfc783c1b8f64dbad479deeb6586d1c"}},{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]},{"author":{"name":"Jatin Kathuria","email":"jtn.kathuria@gmail.com"},"sourceCommit":{"committedDate":"2024-12-10T09:38:43Z","message":"[ Security Solution ] One discover security context functional tests (#199818)\n\n## Summary\n\nFixes https://github.com/elastic/security-team/issues/11112\n\nFollow up to \n- https://github.com/elastic/kibana/pull/199279\n\nAdds functional test for Security Profiles in One Discover.\n\n\n### Checklist\n\nDelete any items that are not applicable to this PR.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"9619d610d17e056564365015858011e5e41b2209","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport:skip","v9.0.0","Team:Threat Hunting:Investigations","Project:OneDiscover"],"title":"[ Security Solution ] One discover security context functional tests","number":199818,"url":"https://github.com/elastic/kibana/pull/199818","mergeCommit":{"message":"[ Security Solution ] One discover security context functional tests (#199818)\n\n## Summary\n\nFixes https://github.com/elastic/security-team/issues/11112\n\nFollow up to \n- https://github.com/elastic/kibana/pull/199279\n\nAdds functional test for Security Profiles in One Discover.\n\n\n### Checklist\n\nDelete any items that are not applicable to this PR.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"9619d610d17e056564365015858011e5e41b2209"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199818","number":199818,"mergeCommit":{"message":"[ Security Solution ] One discover security context functional tests (#199818)\n\n## Summary\n\nFixes https://github.com/elastic/security-team/issues/11112\n\nFollow up to \n- https://github.com/elastic/kibana/pull/199279\n\nAdds functional test for Security Profiles in One Discover.\n\n\n### Checklist\n\nDelete any items that are not applicable to this PR.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"9619d610d17e056564365015858011e5e41b2209"}}]},{"author":{"name":"Jatin Kathuria","email":"jatin.kathuria@elastic.co"},"sourceCommit":{"committedDate":"2025-06-24T00:39:29Z","message":"[Security Solution] Discover Security Profile Changes + Event timeline redirection (#204756)\n\n## Summary\n\nThis PR customized Discover's Security Root Profile with 3 new changes.\n\\\n\nWith this change Discover's Security profile ceases to be\n`experimental`. Below are the changes listed one in this profile.\n\n>[!Note]\n> This change also removes the Flyout changes that were added for\nsecurity solution to the Discover's security profile.\n\n\n### Row Indicators.\n\nAdds row indicators based on Alert or an event as shown in the\nscreenshot below. Note the highlights on the left of the row.\n\n`Yellow` for Alerts.\n`Gray` for Events.\n\n\n\n\n### Default list of Columns.\n\nAdds the list of default columns that should appear when security\nprofile is activated.\n\n\n\n\n### Explore in Security Flyout.\n\nAs shown the demo below, this action explores and event or an alert in\nsecurity solution as shown in the screenshot below.\n\n\n\n\nhttps://github.com/user-attachments/assets/4c228bb1-60af-433b-8e8f-1a5d4d049985\n\n\n\n\n\n\n\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Davis McPhee <davis.mcphee@elastic.co>","sha":"fbec7db5b09133d0e2a83bc841bf7192f9b648e7","branchLabelMapping":{"^v9.1.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Threat Hunting:Investigations","backport:version","v9.1.0","v8.19.0"],"title":"[Security Solution] Discover Security Profile Changes + Event timeline redirection","number":204756,"url":"https://github.com/elastic/kibana/pull/204756","mergeCommit":{"message":"[Security Solution] Discover Security Profile Changes + Event timeline redirection (#204756)\n\n## Summary\n\nThis PR customized Discover's Security Root Profile with 3 new changes.\n\\\n\nWith this change Discover's Security profile ceases to be\n`experimental`. Below are the changes listed one in this profile.\n\n>[!Note]\n> This change also removes the Flyout changes that were added for\nsecurity solution to the Discover's security profile.\n\n\n### Row Indicators.\n\nAdds row indicators based on Alert or an event as shown in the\nscreenshot below. Note the highlights on the left of the row.\n\n`Yellow` for Alerts.\n`Gray` for Events.\n\n\n\n\n### Default list of Columns.\n\nAdds the list of default columns that should appear when security\nprofile is activated.\n\n\n\n\n### Explore in Security Flyout.\n\nAs shown the demo below, this action explores and event or an alert in\nsecurity solution as shown in the screenshot below.\n\n\n\n\nhttps://github.com/user-attachments/assets/4c228bb1-60af-433b-8e8f-1a5d4d049985\n\n\n\n\n\n\n\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Davis McPhee <davis.mcphee@elastic.co>","sha":"fbec7db5b09133d0e2a83bc841bf7192f9b648e7"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/204756","number":204756,"mergeCommit":{"message":"[Security Solution] Discover Security Profile Changes + Event timeline redirection (#204756)\n\n## Summary\n\nThis PR customized Discover's Security Root Profile with 3 new changes.\n\\\n\nWith this change Discover's Security profile ceases to be\n`experimental`. Below are the changes listed one in this profile.\n\n>[!Note]\n> This change also removes the Flyout changes that were added for\nsecurity solution to the Discover's security profile.\n\n\n### Row Indicators.\n\nAdds row indicators based on Alert or an event as shown in the\nscreenshot below. Note the highlights on the left of the row.\n\n`Yellow` for Alerts.\n`Gray` for Events.\n\n\n\n\n### Default list of Columns.\n\nAdds the list of default columns that should appear when security\nprofile is activated.\n\n\n\n\n### Explore in Security Flyout.\n\nAs shown the demo below, this action explores and event or an alert in\nsecurity solution as shown in the screenshot below.\n\n\n\n\nhttps://github.com/user-attachments/assets/4c228bb1-60af-433b-8e8f-1a5d4d049985\n\n\n\n\n\n\n\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Davis McPhee <davis.mcphee@elastic.co>","sha":"fbec7db5b09133d0e2a83bc841bf7192f9b648e7"}},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
logeekal
added a commit
that referenced
this pull request
Jun 25, 2025
…ldsMetadata (#225105) ## Summary As per [comments](#204756 (comment)) by @davismcphee , this PR removes the usage of `EcsFlat` and replaces it with `fieldsMetadata`.
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jun 25, 2025
…ldsMetadata (elastic#225105) ## Summary As per [comments](elastic#204756 (comment)) by @davismcphee , this PR removes the usage of `EcsFlat` and replaces it with `fieldsMetadata`. (cherry picked from commit 2ed4e8a)
akowalska622
pushed a commit
to akowalska622/kibana
that referenced
this pull request
Jun 25, 2025
…e redirection (elastic#204756) ## Summary This PR customized Discover's Security Root Profile with 3 new changes. \ With this change Discover's Security profile ceases to be `experimental`. Below are the changes listed one in this profile. >[!Note] > This change also removes the Flyout changes that were added for security solution to the Discover's security profile. ### Row Indicators. Adds row indicators based on Alert or an event as shown in the screenshot below. Note the highlights on the left of the row. `Yellow` for Alerts. `Gray` for Events.  ### Default list of Columns. Adds the list of default columns that should appear when security profile is activated.  ### Explore in Security Flyout. As shown the demo below, this action explores and event or an alert in security solution as shown in the screenshot below. https://github.com/user-attachments/assets/4c228bb1-60af-433b-8e8f-1a5d4d049985 ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios ### Identify risks Does this PR introduce any risks? For example, consider risks like hard to test bugs, performance regression, potential of data loss. Describe the risk, its severity, and mitigation for each identified risk. Invite stakeholders and evaluate how to proceed before merging. - [ ] [See some risk examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) - [ ] ... --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Davis McPhee <davis.mcphee@elastic.co>
akowalska622
pushed a commit
to akowalska622/kibana
that referenced
this pull request
Jun 25, 2025
…ldsMetadata (elastic#225105) ## Summary As per [comments](elastic#204756 (comment)) by @davismcphee , this PR removes the usage of `EcsFlat` and replaces it with `fieldsMetadata`.
2 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR customized Discover's Security Root Profile with 3 new changes. \
With this change Discover's Security profile ceases to be
experimental. Below are the changes listed one in this profile.Note
This change also removes the Flyout changes that were added for security solution to the Discover's security profile.
Row Indicators.
Adds row indicators based on Alert or an event as shown in the screenshot below. Note the highlights on the left of the row.
Yellowfor Alerts.Grayfor Events.Default list of Columns.
Adds the list of default columns that should appear when security profile is activated.
Explore in Security Flyout.
As shown the demo below, this action explores and event or an alert in security solution as shown in the screenshot below.
Screen.Recording.2025-06-20.at.19.00.27.mov
Checklist
Check the PR satisfies following conditions.
Reviewers should verify this PR satisfies this list as well.
Identify risks
Does this PR introduce any risks? For example, consider risks like hard to test bugs, performance regression, potential of data loss.
Describe the risk, its severity, and mitigation for each identified risk. Invite stakeholders and evaluate how to proceed before merging.