[SecuritySolution] Designer's review and redesign on migration to Lens Embeddables #149123

angorayc · 2023-01-18T14:12:46Z

We have most of the visualisations migrated to Lens Embeddable, please have a review on

Preview
https://kibana-pr-150531.kb.us-west2.gcp.elastic-cloud.com:9243/
https://p.elstc.co/paste/Ym09x3Zo#KnGQbWMwyslEZJThW82sle7QgCLPH5DT3KbhIoiwLUn

Please take these known issues into consideration to decide if redesign is required:
#136409 <Feature request on Lens' side>

Visualisations to review:

Dashboards - overview: alert trend
Dashboards - overview: events
~~Dashboards - Detection & Response: Alerts~~ not supported, [SecuritySolution] Follow up unsupported charts #149592 item 5
~~Dashboards - Entity Analytics: Host Risk Scores~~ not supported, [SecuritySolution] Follow up unsupported charts #149592 item 6
~~Dashboards - Entity Analytics: User Risk Scores~~ not supported, [SecuritySolution] Follow up unsupported charts #149592 item 6
Alerts - Table
Alerts - Trend
~~Alerts - Treemap~~ not supported, [SecuritySolution] Follow up unsupported charts #149592 item 1
~~Alerts - Charts~~ not supported, [SecuritySolution] Follow up unsupported charts #149592 item 2
Rules - Alerts - Trend
~~Rules creation - rule preview~~ not supported, [SecuritySolution] Follow up unsupported charts #149592 item 4
Explore - Hosts: KPI Hosts
Explore - Hosts: Unique IPs
Explore - Hosts: Events
~~Explore - Host details: Alerts by Severity~~ not supported, [SecuritySolution] Follow up unsupported charts #149592 item 5
Explore - Host details: Authentications
Explore - Host details: Events
Explore - Host details: Host risk - Host risk score over time
Explore - Network: KPI Network events
Explore - Network: KPI DNS queries
Explore - Network: KPI Unique flow IDs
Explore - Network: KPI TLS handshakes
Explore - Network: KPI Unique private IPs
Explore - Network: DNS - Top domains by dns.question.registered_domain
Explore - Network: Events
~~Explore - Network details: Alerts by Severity~~ not supported, [SecuritySolution] Follow up unsupported charts #149592 item 5
Explore - Network details: Events
Explore - Users: KPI Users
Explore - Users: KPI user authentications
Explore - Users: Authentications
Explore - Users: Events
~~Explore - User details: Alerts by Severity~~ not supported, [SecuritySolution] Follow up unsupported charts #149592 item 5
Explore - User details: Authentications
Explore - User details: Events
Explore - User details: User risk - User risk score over time

elasticmachine · 2023-01-18T14:24:39Z

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

elasticmachine · 2023-01-18T14:24:40Z

Pinging @elastic/security-solution (Team: SecuritySolution)

…149035) ## Summary Implements: #149015 Please Enable feature flags. Please add this to kibana.dev.yml xpack.securitySolution.enableExperimental: ['chartEmbeddablesEnabled'] --- ### Replace risk score over time with Lens Embeddable Before: <img width="2543" alt="Screenshot 2023-01-17 at 10 28 23" src="https://user-images.githubusercontent.com/6295984/212875145-f39fef08-c152-4c7e-8d0f-cf8e259c0b05.png"> After: <img width="926" alt="Screenshot 2023-01-24 at 15 03 40" src="https://user-images.githubusercontent.com/6295984/214329885-71e8166b-07ec-4f09-bece-919189d655ea.png"> ### Alerts By severity on host / network / user details should apply global filters <img width="1673" alt="Screenshot 2023-01-19 at 11 06 21" src="https://user-images.githubusercontent.com/6295984/213426977-4b803513-69f4-4074-b45d-2002c3f8fecf.png"> ### Styling for donuts on Entity Analytics dashboard (Moving the legend to left side of the chart so its actions button wouldn't overlap with chart action) <img width="1654" alt="Screenshot 2023-01-19 at 11 08 47" src="https://user-images.githubusercontent.com/6295984/213427320-0fa3a9aa-f0d4-435a-87d3-5108b5c7f991.png"> Preview: [Host risk score over time](https://kibana-pr-148624.kb.us-west2.gcp.elastic-cloud.com:9243/s/data/app/security/hosts/name/Angelas-MacBook-Pro.local/hostRisk?sourcerer=(default:(id:security-solution-data,selectedPatterns:!(%27filebeat-*%27,%27logs-*%27,%27packetbeat-*%27,%27-*elastic-cloud-logs-*%27)))&timerange=(global:(linkTo:!(timeline),timerange:(from:%272023-01-18T00:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272023-01-18T23:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(global),timerange:(from:%272023-01-18T00:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272023-01-18T23:59:59.999Z%27,toStr:now%2Fd)))&timeline=(activeTab:query,graphEventId:%27%27,id:%2736333270-9731-11ed-a0f5-f16ed1963ee6%27,isOpen:!f)) [User risk score over time](https://kibana-pr-148624.kb.us-west2.gcp.elastic-cloud.com:9243/s/data/app/security/users/name/angelachuang/userRisk?sourcerer=(default:(id:security-solution-data,selectedPatterns:!(%27filebeat-*%27,%27logs-*%27,%27packetbeat-*%27,%27-*elastic-cloud-logs-*%27)))&timerange=(global:(linkTo:!(timeline),timerange:(from:%272023-01-18T00:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272023-01-18T23:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(global),timerange:(from:%272023-01-18T00:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272023-01-18T23:59:59.999Z%27,toStr:now%2Fd)))&timeline=(activeTab:query,graphEventId:%27%27,id:%2736333270-9731-11ed-a0f5-f16ed1963ee6%27,isOpen:!f)) https://p.elstc.co/paste/2MIN+pHd#TETZwPh15r64HQ2z0Cn26Z321XCxe+2DqliqF5-CHmr Designers' review: #149123 ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios

ferenrigue · 2023-03-02T09:47:31Z

Everything is really good. Approved by design.

## Summary **Original Issue** #136409 **Preview** https://kibana-pr-150531.kb.us-west2.gcp.elastic-cloud.com:9243/ https://p.elstc.co/paste/G+PhWdS0#WEyGBtMD9I4r74WPNIQFvgELZPOp-SZCG3yja1LOuwQ **Migrated charts** #149123 **Known issues of the Embeddables after enabling the feature flag:** #136409 (Feature request on Lens’ side & Bugs section) **Charts not supported by Lens Embeddable:** #149592 ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>

…ic#150531) ## Summary **Original Issue** elastic#136409 **Preview** https://kibana-pr-150531.kb.us-west2.gcp.elastic-cloud.com:9243/ https://p.elstc.co/paste/G+PhWdS0#WEyGBtMD9I4r74WPNIQFvgELZPOp-SZCG3yja1LOuwQ **Migrated charts** elastic#149123 **Known issues of the Embeddables after enabling the feature flag:** elastic#136409 (Feature request on Lens’ side & Bugs section) **Charts not supported by Lens Embeddable:** elastic#149592 ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>

## Summary **Original Issue** #136409 **Preview** https://kibana-pr-150531.kb.us-west2.gcp.elastic-cloud.com:9243/ https://p.elstc.co/paste/G+PhWdS0#WEyGBtMD9I4r74WPNIQFvgELZPOp-SZCG3yja1LOuwQ **Migrated charts** #149123 **Known issues of the Embeddables after enabling the feature flag:** #136409 (Feature request on Lens’ side & Bugs section) **Charts not supported by Lens Embeddable:** #149592 ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>

angorayc mentioned this issue Jan 18, 2023

[Security Solution] Custom dashboard UI prerequisite #136409

Closed

41 tasks

botelastic bot added the needs-team Issues missing a team label label Jan 18, 2023

angorayc added Team:Threat Hunting Security Solution Threat Hunting Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting:Explore v8.7.0 labels Jan 18, 2023

botelastic bot removed the needs-team Issues missing a team label label Jan 18, 2023

This was referenced Jan 18, 2023

[SecuritySolution] Replace risk score over time with Lens Embeddable #149035

Merged

Histogram with lens 2 #148624

Closed

angorayc assigned codearos Jan 25, 2023

angorayc mentioned this issue Jan 26, 2023

[SecuritySolution] Follow up unsupported charts #149592

Open

angorayc added v8.8.0 and removed v8.7.0 labels Feb 7, 2023

angorayc mentioned this issue Feb 27, 2023

[SecuritySolution] Enable chartEmbeddablesEnabled feature flag #150531

Merged

1 task

angorayc assigned ferenrigue Mar 2, 2023

angorayc closed this as completed Mar 2, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[SecuritySolution] Designer's review and redesign on migration to Lens Embeddables #149123

[SecuritySolution] Designer's review and redesign on migration to Lens Embeddables #149123

angorayc commented Jan 18, 2023 •

edited

elasticmachine commented Jan 18, 2023

elasticmachine commented Jan 18, 2023

ferenrigue commented Mar 2, 2023

[SecuritySolution] Designer's review and redesign on migration to Lens Embeddables #149123

[SecuritySolution] Designer's review and redesign on migration to Lens Embeddables #149123

Comments

angorayc commented Jan 18, 2023 • edited

elasticmachine commented Jan 18, 2023

elasticmachine commented Jan 18, 2023

ferenrigue commented Mar 2, 2023

angorayc commented Jan 18, 2023 •

edited