elastic · patrykkopycinski · Sep 7, 2020 · Aug 29, 2020 · Aug 29, 2020 · Aug 29, 2020
diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts
@@ -21,6 +21,8 @@ import {
 } from './hosts';
 import {
   NetworkQueries,
+  NetworkDnsStrategyResponse,
+  NetworkDnsRequestOptions,
   NetworkTlsStrategyResponse,
   NetworkTlsRequestOptions,
   NetworkHttpStrategyResponse,
@@ -79,10 +81,12 @@ export type StrategyResponseType<T extends FactoryQueryTypes> = T extends HostsQ
   ? HostFirstLastSeenStrategyResponse
   : T extends HostsQueries.uncommonProcesses
   ? HostUncommonProcessesStrategyResponse
-  : T extends NetworkQueries.tls
-  ? NetworkTlsStrategyResponse
+  : T extends NetworkQueries.dns
+  ? NetworkDnsStrategyResponse
   : T extends NetworkQueries.http
   ? NetworkHttpStrategyResponse
+  : T extends NetworkQueries.tls
+  ? NetworkTlsStrategyResponse
   : T extends NetworkQueries.topCountries
   ? NetworkTopCountriesStrategyResponse
   : T extends NetworkQueries.topNFlow
@@ -101,10 +105,12 @@ export type StrategyRequestType<T extends FactoryQueryTypes> = T extends HostsQu
   ? HostFirstLastSeenRequestOptions
   : T extends HostsQueries.uncommonProcesses
   ? HostUncommonProcessesRequestOptions
-  : T extends NetworkQueries.tls
-  ? NetworkTlsRequestOptions
+  : T extends NetworkQueries.dns
+  ? NetworkDnsRequestOptions
   : T extends NetworkQueries.http
   ? NetworkHttpRequestOptions
+  : T extends NetworkQueries.tls
+  ? NetworkTlsRequestOptions
   : T extends NetworkQueries.topCountries
   ? NetworkTopCountriesRequestOptions
   : T extends NetworkQueries.topNFlow

diff --git a/...k/plugins/security_solution/common/search_strategy/security_solution/network/dns/index.ts b/...k/plugins/security_solution/common/search_strategy/security_solution/network/dns/index.ts
@@ -0,0 +1,65 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common';
+import { CursorType, Inspect, Maybe, PageInfoPaginated, SortField } from '../../../common';
+import { RequestOptionsPaginated } from '../..';
+
+export enum NetworkDnsFields {
+  dnsName = 'dnsName',
+  queryCount = 'queryCount',
+  uniqueDomains = 'uniqueDomains',
+  dnsBytesIn = 'dnsBytesIn',
+  dnsBytesOut = 'dnsBytesOut',
+}
+
+export interface NetworkDnsRequestOptions extends RequestOptionsPaginated {
+  isPtrIncluded: boolean;
+  sort: SortField<NetworkDnsFields>;
+  stackByField?: Maybe<string>;
+}
+
+export interface NetworkDnsStrategyResponse extends IEsSearchResponse {
+  edges: NetworkDnsEdges[];
+  totalCount: number;
+  pageInfo: PageInfoPaginated;
+  inspect?: Maybe<Inspect>;
+  histogram?: Maybe<MatrixOverOrdinalHistogramData[]>;
+}
+
+export interface NetworkDnsEdges {
+  node: NetworkDnsItem;
+  cursor: CursorType;
+}
+
+export interface NetworkDnsItem {
+  _id?: Maybe<string>;
+  dnsBytesIn?: Maybe<number>;
+  dnsBytesOut?: Maybe<number>;
+  dnsName?: Maybe<string>;
+  queryCount?: Maybe<number>;
+  uniqueDomains?: Maybe<number>;
+}
+
+export interface MatrixOverOrdinalHistogramData {
+  x: string;
+  y: number;
+  g: string;
+}
+
+export interface NetworkDnsBuckets {
+  key: string;
+  doc_count: number;
+  unique_domains: {
+    value: number;
+  };
+  dns_bytes_in: {
+    value: number;
+  };
+  dns_bytes_out: {
+    value: number;
+  };
+}
diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/index.ts
@@ -5,12 +5,14 @@
  */
 
 export * from './common';
+export * from './dns';
 export * from './http';
 export * from './tls';
 export * from './top_countries';
 export * from './top_n_flow';
 
 export enum NetworkQueries {
+  dns = 'dns',
   http = 'http',
   tls = 'tls',
   topCountries = 'topCountries',

diff --git a/...security_solution/common/search_strategy/security_solution/network/top_countries/index.ts b/...security_solution/common/search_strategy/security_solution/network/top_countries/index.ts
@@ -14,14 +14,6 @@ import {
   TopNetworkTablesEcsField,
 } from '../common';
 
-export enum NetworkDnsFields {
-  dnsName = 'dnsName',
-  queryCount = 'queryCount',
-  uniqueDomains = 'uniqueDomains',
-  dnsBytesIn = 'dnsBytesIn',
-  dnsBytesOut = 'dnsBytesOut',
-}
-
 export enum FlowTarget {
   client = 'client',
   destination = 'destination',

diff --git a/x-pack/plugins/security_solution/public/network/containers/network_dns/histogram.ts b/x-pack/plugins/security_solution/public/network/containers/network_dns/histogram.ts
@@ -0,0 +1,65 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import React from 'react';
+import { connect } from 'react-redux';
+import { compose } from 'redux';
+import { DocumentNode } from 'graphql';
+import { ScaleType } from '@elastic/charts';
+
+import { MatrixHistogram } from '../../../common/components/matrix_histogram';
+import {
+  MatrixHistogramOption,
+  GetSubTitle,
+} from '../../../common/components/matrix_histogram/types';
+import { UpdateDateRange } from '../../../common/components/charts/common';
+import { GlobalTimeArgs } from '../../../common/containers/use_global_time';
+import { withKibana } from '../../../common/lib/kibana';
+import { QueryTemplatePaginatedProps } from '../../../common/containers/query_template_paginated';
+import { DEFAULT_TABLE_ACTIVE_PAGE, DEFAULT_TABLE_LIMIT } from '../../../common/store/constants';
+import { networkModel, networkSelectors } from '../../store';
+import { State, inputsSelectors } from '../../../common/store';
+
+export const HISTOGRAM_ID = 'networkDnsHistogramQuery';
+
+interface DnsHistogramOwnProps extends QueryTemplatePaginatedProps {
+  dataKey: string | string[];
+  defaultStackByOption: MatrixHistogramOption;
+  errorMessage: string;
+  isDnsHistogram?: boolean;
+  query: DocumentNode;
+  scaleType: ScaleType;
+  setQuery: GlobalTimeArgs['setQuery'];
+  showLegend?: boolean;
+  stackByOptions: MatrixHistogramOption[];
+  subtitle?: string | GetSubTitle;
+  title: string;
+  type: networkModel.NetworkType;
+  updateDateRange: UpdateDateRange;
+  yTickFormatter?: (value: number) => string;
+}
+
+const makeMapHistogramStateToProps = () => {
+  const getNetworkDnsSelector = networkSelectors.dnsSelector();
+  const getQuery = inputsSelectors.globalQueryByIdSelector();
+  const mapStateToProps = (state: State, { id = HISTOGRAM_ID }: DnsHistogramOwnProps) => {
+    const { isInspected } = getQuery(state, id);
+    return {
+      ...getNetworkDnsSelector(state),
+      activePage: DEFAULT_TABLE_ACTIVE_PAGE,
+      limit: DEFAULT_TABLE_LIMIT,
+      isInspected,
+      id,
+    };
+  };
+
+  return mapStateToProps;
+};
+
+export const NetworkDnsHistogramQuery = compose<React.ComponentClass<DnsHistogramOwnProps>>(
+  connect(makeMapHistogramStateToProps),
+  withKibana
+)(MatrixHistogram);