Siem Readiness initial plugin and navigation, package, server api

.github/CODEOWNERS

@@ -1143,6 +1143,7 @@ x-pack/solutions/security/packages/index-adapter @elastic/security-threat-huntin
 x-pack/solutions/security/packages/kbn-cloud-security-posture/common @elastic/kibana-cloud-security-posture
 x-pack/solutions/security/packages/kbn-cloud-security-posture/graph @elastic/kibana-cloud-security-posture
 x-pack/solutions/security/packages/kbn-cloud-security-posture/public @elastic/kibana-cloud-security-posture
+x-pack/solutions/security/packages/siem_readiness @elastic/kibana-cloud-security-posture
 x-pack/solutions/security/packages/kbn-scout-security @elastic/appex-qa
 x-pack/solutions/security/packages/kbn-securitysolution-autocomplete @elastic/security-detection-engine
 x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common @elastic/security-detection-engine
@@ -2469,6 +2470,7 @@ x-pack/solutions/security/test/security_solution_api_integration/test_suites/sou
 ## Security Solution sub teams - Cloud Security Posture
 
 x-pack/solutions/security/plugins/security_solution/public/asset_inventory @elastic/kibana-cloud-security-posture
+x-pack/solutions/security/plugins/security_solution/public/siem_readiness @elastic/kibana-cloud-security-posture
 
 ## Security Solution sub teams - Security Entity Store
 x-pack/platform/packages/shared/kbn-entities-schema/src/schema/v1 @elastic/entity-store
@@ -2823,6 +2825,7 @@ x-pack/solutions/security/plugins/security_solution/public/common/components/ses
 x-pack/solutions/security/plugins/security_solution/public/cloud_security_posture @elastic/kibana-cloud-security-posture
 x-pack/solutions/security/plugins/security_solution/public/kubernetes @elastic/kibana-cloud-security-posture
 x-pack/solutions/security/plugins/security_solution/server/lib/asset_inventory @elastic/kibana-cloud-security-posture
+x-pack/solutions/security/plugins/security_solution/server/lib/siem_readiness @elastic/kibana-cloud-security-posture
 x-pack/solutions/security/plugins/security_solution/public/flyout/entity_details/generic_right @elastic/kibana-cloud-security-posture
 /x-pack/solutions/security/plugins/security_solution/public/flyout/csp_details @elastic/kibana-cloud-security-posture
 

package.json

@@ -1000,6 +1000,7 @@
     "@kbn/shared-ux-table-persist": "link:src/platform/packages/shared/shared-ux/table_persist",
     "@kbn/shared-ux-toolbar-selector": "link:src/platform/packages/shared/shared-ux/toolbar_selector",
     "@kbn/shared-ux-utility": "link:src/platform/packages/shared/kbn-shared-ux-utility",
+    "@kbn/siem-readiness": "link:x-pack/solutions/security/packages/siem-readiness",
     "@kbn/slo-plugin": "link:x-pack/solutions/observability/plugins/slo",
     "@kbn/slo-schema": "link:x-pack/platform/packages/shared/kbn-slo-schema",
     "@kbn/snapshot-restore-plugin": "link:x-pack/platform/plugins/private/snapshot_restore",

src/platform/packages/shared/deeplinks/security/deep_links.ts

@@ -65,6 +65,7 @@ export enum SecurityPageName {
   rulesCreate = 'rules-create',
   rulesLanding = 'rules-landing',
   rulesManagement = 'rules-management',
+  siemReadiness = 'siem_readiness',
   siemMigrationsRules = 'siem_migrations-rules',
   /*
    * Warning: Computed values are not permitted in an enum with string valued members

tsconfig.base.json

@@ -2038,6 +2038,8 @@
       "@kbn/shared-ux-toolbar-selector/*": ["src/platform/packages/shared/shared-ux/toolbar_selector/*"],
       "@kbn/shared-ux-utility": ["src/platform/packages/shared/kbn-shared-ux-utility"],
       "@kbn/shared-ux-utility/*": ["src/platform/packages/shared/kbn-shared-ux-utility/*"],
+      "@kbn/siem-readiness": ["x-pack/solutions/security/packages/siem-readiness"],
+      "@kbn/siem-readiness/*": ["x-pack/solutions/security/packages/siem-readiness/*"],
       "@kbn/slo-plugin": ["x-pack/solutions/observability/plugins/slo"],
       "@kbn/slo-plugin/*": ["x-pack/solutions/observability/plugins/slo/*"],
       "@kbn/slo-schema": ["x-pack/platform/packages/shared/kbn-slo-schema"],

x-pack/solutions/security/packages/siem-readiness/README.md

@@ -0,0 +1,24 @@
+# @kbn/siem-readiness
+
+## Overview
+
+The SIEM readiness package helps log readiness events within Kibana.
+
+## Usage
+
+```typescript
+import { useLogReadinessTask } from '@kbn/siem-readiness';
+
+// Example usage
+  const { logReadinessTask } = useLogReadinessTask();
+
+  const handleLogTask = useCallback(async () => {
+    logReadinessTask({ task_id: '1', status: 'complete', meta: { demo: 'demo_data' } });
+  }, [logReadinessTask]);
+```
+
+## API
+
+The package is using the post_readiness_task API which can be found at: 
+
+`kibana/x-pack/solutions/security/plugins/security_solution/server/lib/siem_readiness/routes/post_readiness_task.ts`

x-pack/solutions/security/packages/siem-readiness/index.ts

@@ -0,0 +1,10 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export type * from './src/types';
+export * from './src/constants';
+export * from './src/use_log_readiness_task';

x-pack/solutions/security/packages/siem-readiness/jest.config.js

@@ -0,0 +1,12 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+module.exports = {
+  preset: '@kbn/test',
+  rootDir: '../../../../..',
+  roots: ['<rootDir>/x-pack/solutions/security/packages/siem-readiness'],
+};

x-pack/solutions/security/packages/siem-readiness/kibana.jsonc

@@ -0,0 +1,9 @@
+{
+  "type": "shared-browser",
+  "id": "@kbn/siem-readiness",
+  "owner": [
+    "@elastic/kibana-cloud-security-posture"
+  ],
+  "group": "security",
+  "visibility": "private"
+}

x-pack/solutions/security/packages/siem-readiness/package.json

@@ -0,0 +1,8 @@
+{
+  "name": "@kbn/siem-readiness",
+  "private": true,
+  "version": "1.0.0",
+  "license": "Elastic License 2.0",
+  "description": "handles SIEM Readiness tasks management for Kibana Security Solution",
+  "sideEffects": false
+}

x-pack/solutions/security/packages/siem-readiness/src/constants.ts

@@ -0,0 +1,9 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export const SIEM_READINESS_PACKAGE_NAME = '@kbn/siem-readiness';
+export const POST_SIEM_READINESS_TASK_API_PATH = '/api/siem_readiness/post_task';

x-pack/solutions/security/packages/siem-readiness/src/types.ts

@@ -0,0 +1,12 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export interface SiemReadinessTask {
+  task_id: string;
+  status: 'complete' | 'incomplete';
+  meta: Record<string, unknown>;
+}

x-pack/solutions/security/packages/siem-readiness/src/use_log_readiness_task.test.tsx

@@ -0,0 +1,97 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import React from 'react';
+import { renderHook, act } from '@testing-library/react';
+import { QueryClient, QueryClientProvider } from '@tanstack/react-query';
+import { useLogReadinessTask } from './use_log_readiness_task';
+import { useKibana } from '@kbn/kibana-react-plugin/public';
+import { POST_SIEM_READINESS_TASK_API_PATH } from './constants';
+import type { SiemReadinessTask } from './types';
+
+jest.mock('@kbn/kibana-react-plugin/public', () => ({
+  useKibana: jest.fn(),
+}));
+
+describe('useLogReadinessTask', () => {
+  const mockPost = jest.fn();
+  const queryClient = new QueryClient();
+
+  const wrapper = ({ children }: { children: React.ReactNode }) => (
+    <QueryClientProvider client={queryClient}>{children}</QueryClientProvider>
+  );
+
+  beforeEach(() => {
+    jest.clearAllMocks();
+    (useKibana as jest.Mock).mockReturnValue({
+      services: {
+        http: {
+          post: mockPost,
+        },
+      },
+    });
+  });
+
+  it('should call http.post with the correct arguments when logging a task', async () => {
+    const { result } = renderHook(() => useLogReadinessTask(), { wrapper });
+
+    const task: SiemReadinessTask = {
+      task_id: 'test-task-1',
+      status: 'complete',
+      meta: { description: 'Test task', duration: 1000 },
+    };
+
+    await act(async () => {
+      result.current.logReadinessTask(task);
+    });
+
+    expect(mockPost).toHaveBeenCalledWith(POST_SIEM_READINESS_TASK_API_PATH, {
+      body: JSON.stringify(task),
+    });
+  });
+
+  it('should handle an error response from http.post', async () => {
+    mockPost.mockRejectedValue(new Error('HTTP error'));
+    const { result } = renderHook(() => useLogReadinessTask({ onError: jest.fn() }), { wrapper });
+
+    const task: SiemReadinessTask = {
+      task_id: 'test-task-2',
+      status: 'incomplete',
+      meta: { error: 'Something went wrong' },
+    };
+
+    await act(async () => {
+      try {
+        result.current.logReadinessTask(task);
+      } catch {
+        // expected to throw
+      }
+    });
+
+    expect(mockPost).toHaveBeenCalledWith(POST_SIEM_READINESS_TASK_API_PATH, {
+      body: JSON.stringify(task),
+    });
+  });
+
+  it('should call onSuccess callback when mutation succeeds', async () => {
+    const onSuccess = jest.fn();
+    mockPost.mockResolvedValue({});
+    const { result } = renderHook(() => useLogReadinessTask({ onSuccess }), { wrapper });
+
+    const task: SiemReadinessTask = {
+      task_id: 'test-task-3',
+      status: 'complete',
+      meta: {},
+    };
+
+    await act(async () => {
+      result.current.logReadinessTask(task);
+    });
+
+    expect(onSuccess).toHaveBeenCalled();
+  });
+});

x-pack/solutions/security/packages/siem-readiness/src/use_log_readiness_task.ts

@@ -0,0 +1,35 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { useMutation, type UseMutationOptions } from '@tanstack/react-query';
+import { useKibana } from '@kbn/kibana-react-plugin/public';
+import type { CoreStart } from '@kbn/core/public';
+import { POST_SIEM_READINESS_TASK_API_PATH } from './constants';
+import type { SiemReadinessTask } from './types';
+
+/**
+ * Hook for logging SIEM readiness tasks via API endpoint
+ * @param options - TanStack mutation options
+ * @returns Mutation hook for logging readiness tasks
+ */
+export const useLogReadinessTask = (
+  options?: UseMutationOptions<void, unknown, SiemReadinessTask>
+) => {
+  const { http } = useKibana<CoreStart>().services;
+
+  const { mutate: logReadinessTask } = useMutation<void, unknown, SiemReadinessTask>(
+    (task: SiemReadinessTask) =>
+      http.post<void>(POST_SIEM_READINESS_TASK_API_PATH, {
+        body: JSON.stringify(task),
+      }),
+    options
+  );
+
+  return {
+    logReadinessTask,
+  };
+};

x-pack/solutions/security/packages/siem-readiness/tsconfig.json

@@ -0,0 +1,21 @@
+{
+  "extends": "../../../../../tsconfig.base.json",
+  "compilerOptions": {
+    "outDir": "target/types",
+    "types": [
+      "jest",
+      "node",
+    ]
+  },
+  "include": [
+    "**/*.ts",
+    "**/*.tsx",
+  ],
+  "exclude": [
+    "target/**/*"
+  ],
+  "kbn_references": [
+    "@kbn/kibana-react-plugin",
+    "@kbn/core",
+  ]
+}

x-pack/solutions/security/plugins/security_solution/common/api/siem_readiness/constants.ts

@@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export const POST_SIEM_READINESS_TASK_API_PATH = '/api/siem_readiness/post_task';

x-pack/solutions/security/plugins/security_solution/common/constants.ts

@@ -109,6 +109,7 @@ export const EXCEPTION_LIST_DETAIL_PATH = `${EXCEPTIONS_PATH}/details/:detailNam
 export const HOSTS_PATH = '/hosts' as const;
 export const ATTACK_DISCOVERY_PATH = '/attack_discovery' as const;
 export const ASSET_INVENTORY_PATH = '/asset_inventory' as const;
+export const SIEM_READINESS_PATH = '/siem_readiness' as const;
 export const USERS_PATH = '/users' as const;
 export const KUBERNETES_PATH = '/kubernetes' as const;
 export const NETWORK_PATH = '/network' as const;
@@ -247,6 +248,9 @@ export const ENABLE_ASSET_INVENTORY_SETTING = 'securitySolution:enableAssetInven
 /** This Kibana Advanced Setting allows users to enable/disable the Cloud Connector Feature */
 export const ENABLE_CLOUD_CONNECTOR_SETTING = 'securitySolution:enableCloudConnector' as const;
 
+/** This Kibana Advanced Setting allows users to enable/disable the SIEM Readiness Feature */
+export const ENABLE_SIEM_READINESS_SETTING = 'securitySolution:enableSiemReadiness' as const;
+
 /** This Kibana Advanced Setting allows users to enable/disable the privilged user monitoring feature */
 export const ENABLE_PRIVILEGED_USER_MONITORING_SETTING =
   'securitySolution:enablePrivilegedUserMonitoring' as const;

x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts

@@ -318,6 +318,11 @@ export const allowedExperimentalValues = Object.freeze({
    * Enables the ability to import and migration dashboards through automatic migration service
    */
   automaticDashboardsMigration: false,
+
+  /**
+   * Enables the SIEM Readiness Dashboard feature
+   */
+  siemReadinessDashboard: false,
 });
 
 type ExperimentalConfigKeys = Array<keyof ExperimentalFeatures>;

x-pack/solutions/security/plugins/security_solution/public/app/links/app_links.ts

@@ -10,6 +10,7 @@ import { aiValueLinks } from '../../reports/links';
 import { configurationsLinks } from '../../configurations/links';
 import { links as attackDiscoveryLinks } from '../../attack_discovery/links';
 import { links as assetInventoryLinks } from '../../asset_inventory/links';
+import { siemReadinessLinks } from '../../siem_readiness/links';
 import type { AppLinkItems } from '../../common/links/types';
 import { indicatorsLinks } from '../../threat_intelligence/links';
 import { alertsLink, alertSummaryLink } from '../../detections/links';
@@ -41,6 +42,7 @@ export const appLinks: AppLinkItems = Object.freeze([
   rulesLinks,
   onboardingLinks,
   managementLinks,
+  siemReadinessLinks,
 ]);
 
 export const getFilteredLinks = async (
@@ -66,5 +68,6 @@ export const getFilteredLinks = async (
     rulesLinks,
     onboardingLinks,
     managementFilteredLinks,
+    siemReadinessLinks,
   ]);
 };

x-pack/solutions/security/plugins/security_solution/public/app/translations.ts

@@ -138,6 +138,10 @@ export const INVENTORY = i18n.translate('xpack.securitySolution.navigation.inven
   defaultMessage: 'Inventory',
 });
 
+export const SIEM_READINESS = i18n.translate('xpack.securitySolution.navigation.siemReadiness', {
+  defaultMessage: 'SIEM Readiness',
+});
+
 export const TIMELINES = i18n.translate('xpack.securitySolution.navigation.timelines', {
   defaultMessage: 'Timelines',
 });

x-pack/solutions/security/plugins/security_solution/public/common/components/navigation/security_side_nav/categories.ts

@@ -36,4 +36,8 @@ export const CATEGORIES: SeparatorLinkCategory[] = [
     type: LinkCategoryType.separator,
     linkIds: [SecurityPageName.assetInventory],
   },
+  {
+    type: LinkCategoryType.separator,
+    linkIds: [SecurityPageName.siemReadiness],
+  },
 ];

x-pack/solutions/security/plugins/security_solution/public/lazy_sub_plugins.tsx

@@ -27,6 +27,7 @@ import { ThreatIntelligence } from './threat_intelligence';
 import { Dashboards } from './dashboards';
 import { EntityAnalytics } from './entity_analytics';
 import { SiemMigrations } from './siem_migrations';
+import { SiemReadiness } from './siem_readiness';
 import { Configurations } from './configurations';
 
 /**
@@ -50,6 +51,7 @@ const subPluginClasses = {
   EntityAnalytics,
   Configurations,
   SiemMigrations,
+  SiemReadiness,
   Reports,
 };
 export { subPluginClasses };