[EDR Workflows] Add About tab UI for osquery query details by szwarckonrad · Pull Request #264867 · elastic/kibana

szwarckonrad · 2026-04-21T23:32:44Z

Adds the About tab to live query and scheduled execution detail views. Includes About, Query, Schedule, and Tags cards with queryInterval support (behind resultCountsEnabled flag), OpenAPI schema updates, and lightweight FTR + Jest test coverage.

Builds on top of #264050.

…coverage

… format

infra-vault-gh-plugin-prod · 2026-04-21T23:33:03Z

🤖 Jobs for this PR can be triggered through checkboxes. 🚧

ℹ️ To trigger the CI, please tick the checkbox below 👇

Click to trigger kibana-pull-request for this PR!
Click to trigger kibana-deploy-project-from-pr for this PR!
Click to trigger kibana-deploy-cloud-from-pr for this PR!
Click to trigger kibana-entity-store-performance-from-pr for this PR!
Click to trigger kibana-storybooks-from-pr for this PR!

macroscopeapp · 2026-04-21T23:33:39Z

Catch flakiness early (recommended)

Recommended before merge: run the flaky test runner against this PR to catch flakiness early.

New FTR test file scheduled_action_results.ts with async API calls added to the osquery integration suite.

Trigger a run with the Flaky Test Runner UI or post this comment on the PR:

/flaky ftrConfig:x-pack/platform/test/api_integration/apis/osquery/config.ts:30

^{Share feedback in the #appex-qa channel.}

^{Posted via Macroscope — Flaky Test Runner nudge}

szwarckonrad · 2026-04-21T23:33:49Z

/flaky ftrConfig:x-pack/platform/test/api_integration/apis/osquery/config.ts:30

kibanamachine · 2026-04-21T23:34:06Z

Flaky Test Runner

✅ Build triggered - kibana-flaky-test-suite-runner#11795

x-pack/platform/test/api_integration/apis/osquery/config.ts x30

szwarckonrad · 2026-04-21T23:47:50Z

/ci

szwarckonrad · 2026-04-22T00:02:51Z

/ci

kibanamachine · 2026-04-22T00:15:10Z

Flaky Test Runner Stats

🎉 All tests passed! - kibana-flaky-test-suite-runner#11795

[✅] x-pack/platform/test/api_integration/apis/osquery/config.ts: 30/30 tests passed.

see run history

szwarckonrad · 2026-04-22T00:28:58Z

/ci

szwarckonrad · 2026-04-22T01:14:11Z

/ci

szwarckonrad · 2026-04-22T02:13:07Z

/ci

szwarckonrad · 2026-04-22T14:05:13Z

/ci

szwarckonrad · 2026-04-22T18:12:04Z

/ci

…d/kibana into osquery-about-tab-ui

szwarckonrad · 2026-04-22T18:33:53Z

/ci

elasticmachine · 2026-04-22T19:51:12Z

💚 Build Succeeded

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id	before	after	diff
`osquery`	757	760	+3

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
`osquery`	1.3MB	1.3MB	+8.2KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id	before	after	diff
`osquery`	45.7KB	45.7KB	+23.0B

History

cc @szwarckonrad

szwarckonrad and others added 15 commits April 20, 2026 14:25

Add result_counts to live query details API behind feature flag

8449b80

Merge branch 'main' into osquery-about-tab-api

4edf4ce

Address code review feedback: logging, OpenAPI pack fields, and test …

e798e71

…coverage

Remove vacuous result_counts FTR test

10e6b33

Changes from yarn openapi:generate

dea275d

Changes from yarn openapi:bundle

fa7dcee

Changes from node scripts/eslint_all_files --no-cache --fix

4525e5e

Merge branch 'main' into osquery-about-tab-api

4fead25

Changes from make api-docs

4f5c676

Merge branch 'main' into osquery-about-tab-api

4140bc3

Fix eslint naming-convention error and revert OpenAPI examples to 3.0…

b1d2e93

… format

Changes from yarn openapi:bundle

aed7c2b

Merge branch 'main' into osquery-about-tab-api

3a3ba64

Remove internal feature flag reference from OpenAPI schema description

5e8fd5b

Merge branch 'main' into osquery-about-tab-ui

6eb3a08

szwarckonrad added release_note:skip Skip the PR/issue when compiling release notes backport:skip This PR does not require backporting Team:Defend Workflows “EDR Workflows” sub-team of Security Solution labels Apr 21, 2026

szwarckonrad self-assigned this Apr 21, 2026

szwarckonrad force-pushed the osquery-about-tab-ui branch from a7edd0c to 18033f0 Compare April 22, 2026 00:28

Add About tab UI for live query and scheduled execution details

c7c63d3

szwarckonrad force-pushed the osquery-about-tab-ui branch from 1399f3f to c7c63d3 Compare April 22, 2026 02:12

kibanamachine added 2 commits April 22, 2026 02:42

Changes from make api-docs

6c249df

Changes from yarn openapi:generate

4820982

Merge branch 'main' into osquery-about-tab-ui

7fdceff

szwarckonrad added 2 commits April 22, 2026 12:32

Merge branch 'osquery-about-tab-ui' of https://github.com/szwarckonra…

1e9ceed

…d/kibana into osquery-about-tab-ui

Merge branch 'main' into osquery-about-tab-ui

a876f84

Conversation

szwarckonrad commented Apr 21, 2026

Uh oh!

infra-vault-gh-plugin-prod Bot commented Apr 21, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

macroscopeapp Bot commented Apr 21, 2026

Catch flakiness early (recommended)

Uh oh!

szwarckonrad commented Apr 21, 2026

Uh oh!

kibanamachine commented Apr 21, 2026

Flaky Test Runner

✅ Build triggered - kibana-flaky-test-suite-runner#11795

Uh oh!

szwarckonrad commented Apr 21, 2026

Uh oh!

szwarckonrad commented Apr 22, 2026

Uh oh!

kibanamachine commented Apr 22, 2026

Flaky Test Runner Stats

🎉 All tests passed! - kibana-flaky-test-suite-runner#11795

Uh oh!

szwarckonrad commented Apr 22, 2026

Uh oh!

szwarckonrad commented Apr 22, 2026

Uh oh!

szwarckonrad commented Apr 22, 2026

Uh oh!

szwarckonrad commented Apr 22, 2026

Uh oh!

szwarckonrad commented Apr 22, 2026

Uh oh!

szwarckonrad commented Apr 22, 2026

Uh oh!

elasticmachine commented Apr 22, 2026

💚 Build Succeeded

Metrics [docs]

Module Count

Async chunks

Page load bundle

History

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

infra-vault-gh-plugin-prod Bot commented Apr 21, 2026 •

edited

Loading