Skip to content

[9.0][Security Assistant] EIS usage callout (#221566) #224127

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Jun 17, 2025
Merged

[9.0][Security Assistant] EIS usage callout (#221566) #224127

merged 9 commits into from
Jun 17, 2025

Conversation

@angorayc
Copy link
Contributor

@angorayc angorayc commented Jun 16, 2025

Backport

This will backport the following commits from main to 8.18:

@angorayc @kibanamachine
@florent-leborgne @viduni94
[Security Assistant] EIS usage callout (elastic#221566)
9ab628f 
elastic/security-team#12656
https://github.com/elastic/kibana/pull/220782/files#

To test:
1.
https://p.elstc.co/paste/w06HF7Yw#2tr6JjZXmUbjQ6TQdpgdenH4YOjiWdAoHCZ3OpRi5JG
2. locally:

```
export VAULT_ADDR=https://secrets.elastic.co:8200/
vault login --method=oidc
node scripts/eis.js
```

Callouts will not appear again once dismissed. Please clear the local
storage if you want them to show up again.

<img width="2557" alt="Screenshot 2025-05-29 at 15 53 21"
src="https://github.com/user-attachments/assets/506925cb-5bce-4a66-918e-cd9e000c7088"
/>

onboarding hub:
<img width="2559" alt="Screenshot 2025-05-29 at 09 32 14"
src="https://github.com/user-attachments/assets/4c8b99e5-156e-4062-95a9-fa45c101b858"
/>

Assistant:
<img width="1282" alt="Screenshot 2025-06-11 at 15 16 09"
src="https://github.com/user-attachments/assets/30d47a05-ded1-4c3e-9540-6ad97fda0a8b"
/>

Conversation:
<img width="674" alt="452997822-5c0b3933-b253-474e-92a5-d8793ebff819"
src="https://github.com/user-attachments/assets/97506996-9a85-45bb-a728-79df37bd592e"
/>

Integration:
<img width="2559" alt="Screenshot 2025-05-28 at 21 28 11"
src="https://github.com/user-attachments/assets/ec564dac-2aed-4ac5-ad2c-67728d6f3eda"
/>

Attack Discovery:
<img width="2560" alt="Screenshot 2025-06-11 at 15 35 08"
src="https://github.com/user-attachments/assets/9816fc43-0e6e-40b2-862b-82673330c4da"
/>

```
feature_flags.overrides:
  securitySolution.attackDiscoveryAlertsEnabled: true
  securitySolution.assistantAttackDiscoverySchedulingEnabled: true
```
<img width="2560" alt="Screenshot 2025-06-11 at 15 30 53"
src="https://github.com/user-attachments/assets/7089626f-a416-4260-92f0-1be3f06cf5d3"
/>

Connectors:
<img width="2559" alt="Screenshot 2025-06-10 at 11 15 41"
src="https://github.com/user-attachments/assets/74773473-ff1c-41c1-bdd5-fe6e64b9a497"
/>

Check the PR satisfies following conditions.

Reviewers should verify this PR satisfies this list as well.

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: kibanamachine <[email protected]>
Co-authored-by: florent-leborgne <[email protected]>
Co-authored-by: Viduni Wickramarachchi <[email protected]>
(cherry picked from commit ed9f4e9)
@angorayc angorayc added the backport This PR is a backport of another PR label Jun 16, 2025
@angorayc angorayc marked this pull request as ready for review June 16, 2025 19:37
@angorayc angorayc requested a review from kibanamachine as a code owner June 16, 2025 19:37
@elastic elastic deleted a comment from elasticmachine Jun 17, 2025
@elasticmachine
Copy link
Contributor

elasticmachine commented Jun 17, 2025

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #40 / discover/group8 discover as defaultRoute can use a saved search as defaultRoute

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
automaticImport 730 700 -30
securitySolution 6980 6988 +8
stackConnectors 341 342 +1
total -21

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
aiAssistantManagementSelection 122.4KB 122.6KB +145.0B
automaticImport 1.1MB 1.1MB -1.9KB
lists 190.9KB 191.1KB +145.0B
securitySolution 8.9MB 8.9MB +10.7KB
stackConnectors 630.2KB 631.5KB +1.3KB
total +10.4KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
automaticImport 11.6KB 11.2KB -469.0B
core 449.6KB 449.8KB +145.0B
stackConnectors 60.2KB 60.4KB +231.0B
total -93.0B
Unknown metric groups

async chunk count

id before after diff
stackConnectors 101 102 +1

ESLint disabled line counts

id before after diff
stackConnectors 134 135 +1

miscellaneous assets size

id before after diff
automaticImport 285.6KB 250.8KB -34.8KB

Total ESLint disabled count

id before after diff
stackConnectors 138 139 +1

History

@angorayc angorayc merged commit 0a64122 into elastic:9.0 Jun 17, 2025
9 checks passed
@angorayc angorayc mentioned this pull request Jun 24, 2025
Merged
1 task
angorayc added a commit that referenced this pull request Jun 25, 2025
@angorayc @kibanamachine
[9.0][Security Assistant] Add space id provider (#225033)
18d8355 
## Summary
#224127
Steps to reproduce:
([env](https://p.elstc.co/paste/dCC00dnn#LuamGjJXtPsgm8c0vixEsUsEifVy6RT21CsTv17YpNh))
1. Visit
app/management/kibana/securityAiAssistantManagement?tab=knowledge_base
2. Observe that the knowledge base is not showed due to a client side
error:

<img width="2557" alt="Screenshot 2025-06-24 at 09 56 13"
src="https://github.com/user-attachments/assets/e69673cb-5f5b-4a8a-a729-05c82d48f9e1"
/>

Expected:
https://www.elastic.co/docs/solutions/security/ai/ai-assistant-knowledge-base#_option_2_enable_knowledge_base_from_the_security_ai_settings

<img width="2558" alt="Screenshot 2025-06-24 at 11 15 23"
src="https://github.com/user-attachments/assets/2b6e2614-038d-43b3-b18a-4554cba4ccce"
/>

### Checklist

Check the PR satisfies following conditions. 

Reviewers should verify this PR satisfies this list as well.


- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: kibanamachine <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@szwarckonrad szwarckonrad szwarckonrad approved these changes

@kibanamachine kibanamachine Awaiting requested review from kibanamachine kibanamachine is a code owner

Assignees

No one assigned

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@angorayc @elasticmachine @szwarckonrad @kibanamachine