[Security Solution][Sourcerer] Default data view init flow for the DV manager#221338
Merged
lgestc merged 36 commits intoelastic:mainfrom Jun 19, 2025
Merged
[Security Solution][Sourcerer] Default data view init flow for the DV manager#221338lgestc merged 36 commits intoelastic:mainfrom
lgestc merged 36 commits intoelastic:mainfrom
Conversation
lgestc
added
9.1 candidate
Feature:Sourcerer
backport:skip
Contributor
|
Pinging @elastic/security-threat-hunting-investigations (Team:Threat Hunting:Investigations) |
...urity/plugins/security_solution/public/data_view_manager/hooks/use_init_data_view_manager.ts
Outdated
Show resolved
Hide resolved
| } | ||
|
|
||
| // check for/generate default Security Solution Kibana data view | ||
| const sourcererDataViews = await createSourcererDataView({ |
Contributor
There was a problem hiding this comment.
Is my understanding correct?
- we want to retain the
createSourererDataViewmethod to get the default data views (plus renaming sourcerer reference in clean up) - we don't need the kibana data views since they are replaced in the shared redux slice
- don't need signal either
Contributor
Author
There was a problem hiding this comment.
not sure about signal
Contributor
There was a problem hiding this comment.
We do need signal for now, but won't ideally once the actual Security Solution Alerts dataView is created that only looks at that, then we shouldn't have to append it here and the detections scope can just be set to that one. But the same space specific logic will need to be applied to that one
Contributor
There was a problem hiding this comment.
Also, while not super impactful from a performance perspective, createSourcererDataView has a number of unnecessary loops over a pattern list and seemingly duplicated behavior around setting the dataview title property. Doesn't need to be part of this PR, but we can include cleaning that up as part of the cleanup for this work
...ty/plugins/security_solution/public/data_view_manager/utils/create_default_data_view.test.ts
Show resolved
Hide resolved
...utions/security/plugins/security_solution/public/sourcerer/containers/use_signal_helpers.tsx
Show resolved
Hide resolved
x-pack/solutions/security/plugins/security_solution/public/common/store/store.ts
Show resolved
Hide resolved
Contributor
|
Ignore this, my UI was just in a weird state. One thing, can you update the references to this hardcoded pattern here for the default space useSpaceId
|
michaelolo24
reviewed
Jun 3, 2025
...ecurity/plugins/security_solution/public/data_view_manager/utils/create_default_data_view.ts
Show resolved
Hide resolved
lgestc
added
backport:prev-major
and removed
backport:skip
lgestc
commented
Jun 18, 2025
| /* eslint-disable react-hooks/rules-of-hooks */ | ||
| // NOTE: skipping the entire hook on purpose when the new picker is enabled | ||
| // will be removed as part of the cleanup in https://github.com/elastic/security-team/issues/11959 | ||
| if (newDataViewPickerEnabled) { |
Contributor
Author
There was a problem hiding this comment.
this will prevent the sourcerer init actions entirely if the new picker is enabled
lgestc
commented
Jun 18, 2025
Contributor
Author
lgestc
left a comment
lgestc
left a comment
There was a problem hiding this comment.
added a few comments for the reviewers
lgestc
added
backport:version
Contributor
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]Module Count
Async chunks
Page load bundle
Unknown metric groupsESLint disabled in files
ESLint disabled line counts
Total ESLint disabled count
History
|
christineweng
approved these changes
Jun 18, 2025
Contributor
christineweng
left a comment
christineweng
left a comment
There was a problem hiding this comment.
LGTM, great work @lgestc 👏
| import type { DataViewManagerScopeName } from '../../constants'; | ||
|
|
||
| /** | ||
| * Creates a Redux listener for handling data view selection logic in the data view manager. |
...security/plugins/security_solution/public/data_view_manager/redux/listeners/init_listener.ts
Outdated
Show resolved
Hide resolved
| // NOTE: save default data id for the given space in the store. | ||
| // this is used to identify the default selection in pickers across Kibana Space | ||
| listenerApi.dispatch( | ||
| sharedDataViewManagerSlice.actions.setDefaultDataViewId(defaultDataView.id) |
|
|
||
| export interface SignalIndexMetadata { | ||
| name: string; | ||
| isOutdated: boolean; |
Contributor
There was a problem hiding this comment.
Can you add a comment for this?
| }); | ||
| const experimentalSignalIndexMappingOutdated = useSelector(signalIndexOutdatedSelector); | ||
|
|
||
| const signalIndexMappingOutdated = newDataViewPickerEnabled |
Contributor
There was a problem hiding this comment.
👍🏾 , I would just point to this for the isOutdated line in the store
michaelolo24
approved these changes
Jun 19, 2025
Contributor
michaelolo24
left a comment
michaelolo24
left a comment
There was a problem hiding this comment.
Nice work! Thanks for fixing the spaces dataView creation. Works well now 👍🏾
…a_view_manager/redux/listeners/init_listener.ts Co-authored-by: Michael Olorunnisola <michael.olorunnisola@elastic.co>
Contributor
|
Starting backport for target branches: 8.19 https://github.com/elastic/kibana/actions/runs/15754430337 |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jun 19, 2025
… manager (elastic#221338) ## Summary This PR reuses sourcerer data view creation logic for security solution and applies it to the new flow with data view manager (discover data view picker). Closes elastic/security-team#12570 Closes elastic#220589 ## Testing Starting kibana from scratch with the feature flag enabled should create default security solution view, **in either default or custom Kibana Space**. The FF: ``` xpack.securitySolution.enableExperimental: ['newDataViewPickerEnabled'] ``` ### Checklist Check the PR satisfies following conditions. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated / added --------- Co-authored-by: Michael Olorunnisola <michael.olorunnisola@elastic.co> (cherry picked from commit e6ed157)
Contributor
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Jun 19, 2025
… the DV manager (#221338) (#224534) # Backport This will backport the following commits from `main` to `8.19`: - [[Security Solution][Sourcerer] Default data view init flow for the DV manager (#221338)](#221338) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Luke Gmys","email":"11671118+lgestc@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-06-19T09:25:24Z","message":"[Security Solution][Sourcerer] Default data view init flow for the DV manager (#221338)\n\n## Summary\n\nThis PR reuses sourcerer data view creation logic for security solution\nand applies it to the new flow with data view manager (discover data\nview picker).\n\nCloses https://github.com/elastic/security-team/issues/12570\nCloses https://github.com/elastic/kibana/issues/220589\n\n## Testing\n\nStarting kibana from scratch with the feature flag enabled should create\ndefault security solution view, **in either default or custom Kibana\nSpace**.\n\nThe FF:\n\n```\nxpack.securitySolution.enableExperimental: ['newDataViewPickerEnabled']\n```\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated / added\n\n---------\n\nCo-authored-by: Michael Olorunnisola <michael.olorunnisola@elastic.co>","sha":"e6ed157f2019d2298b80f70404a87ac29f418ae2","branchLabelMapping":{"^v9.1.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Threat Hunting:Investigations","Feature:Sourcerer","backport:version","9.1 candidate","v9.1.0","v8.19.0"],"title":"[Security Solution][Sourcerer] Default data view init flow for the DV manager","number":221338,"url":"https://github.com/elastic/kibana/pull/221338","mergeCommit":{"message":"[Security Solution][Sourcerer] Default data view init flow for the DV manager (#221338)\n\n## Summary\n\nThis PR reuses sourcerer data view creation logic for security solution\nand applies it to the new flow with data view manager (discover data\nview picker).\n\nCloses https://github.com/elastic/security-team/issues/12570\nCloses https://github.com/elastic/kibana/issues/220589\n\n## Testing\n\nStarting kibana from scratch with the feature flag enabled should create\ndefault security solution view, **in either default or custom Kibana\nSpace**.\n\nThe FF:\n\n```\nxpack.securitySolution.enableExperimental: ['newDataViewPickerEnabled']\n```\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated / added\n\n---------\n\nCo-authored-by: Michael Olorunnisola <michael.olorunnisola@elastic.co>","sha":"e6ed157f2019d2298b80f70404a87ac29f418ae2"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/221338","number":221338,"mergeCommit":{"message":"[Security Solution][Sourcerer] Default data view init flow for the DV manager (#221338)\n\n## Summary\n\nThis PR reuses sourcerer data view creation logic for security solution\nand applies it to the new flow with data view manager (discover data\nview picker).\n\nCloses https://github.com/elastic/security-team/issues/12570\nCloses https://github.com/elastic/kibana/issues/220589\n\n## Testing\n\nStarting kibana from scratch with the feature flag enabled should create\ndefault security solution view, **in either default or custom Kibana\nSpace**.\n\nThe FF:\n\n```\nxpack.securitySolution.enableExperimental: ['newDataViewPickerEnabled']\n```\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated / added\n\n---------\n\nCo-authored-by: Michael Olorunnisola <michael.olorunnisola@elastic.co>","sha":"e6ed157f2019d2298b80f70404a87ac29f418ae2"}},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Luke Gmys <11671118+lgestc@users.noreply.github.com> Co-authored-by: Michael Olorunnisola <michael.olorunnisola@elastic.co>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR reuses sourcerer data view creation logic for security solution and applies it to the new flow with data view manager (discover data view picker).
Closes https://github.com/elastic/security-team/issues/12570
Closes #220589
Testing
Starting kibana from scratch with the feature flag enabled should create default security solution view, in either default or custom Kibana Space.
The FF:
Checklist
Check the PR satisfies following conditions.