Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution]Toggle Column not working on Alert Table #155243

Open
karanbirsingh-qasource opened this issue Apr 19, 2023 · 11 comments
Open

[Security Solution]Toggle Column not working on Alert Table #155243

karanbirsingh-qasource opened this issue Apr 19, 2023 · 11 comments
Assignees
@XavierM @logeekal @umbopepato
Labels
bug Fixes for quality problems that affect the customer experience impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting:Investigations Security Solution Investigations Team Team:Threat Hunting Security Solution Threat Hunting Team v8.8.1

Comments

@karanbirsingh-qasource
Copy link

Describe the bug
Toggle Column not working on Alert Table

Build Details:

Version: Mains

Pre-conditions

  • Alert data should be present on the kibana instance

Steps

  • Navigate to Alert Page
  • Click on View Details
  • Go to Table Tab
  • Choose any field e.g. _id
  • Click on three dots
  • Observe the action Toggle column in table
Actual Expected
Toggle Column to table "Field" name not showing image Toggle index Column to Table image
Column is not added to Alert Table Column should get added to Alert Table

Screen-Cast

  • Group view
127.0.0.1_25901.karansingh.s.X.desktop.karanbir-singh-karanbir-singh-newgui_1.-.VNC.Viewer.2023-04-19.15-58-15.mp4
  • Alert Table
127.0.0.1_25901.karansingh.s.X.desktop.karanbir-singh-karanbir-singh-newgui_1.-.VNC.Viewer.2023-04-19.16-40-34.mp4
@karanbirsingh-qasource karanbirsingh-qasource added bug Fixes for quality problems that affect the customer experience triage_needed Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Apr 19, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@karanbirsingh-qasource karanbirsingh-qasource added the impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. label Apr 19, 2023
@karanbirsingh-qasource
Copy link
Author

@sukhwindersingh-qasource please review

@MadameSheema MadameSheema added Team:Threat Hunting Security Solution Threat Hunting Team Team:Threat Hunting:Investigations Security Solution Investigations Team labels Apr 19, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

@logeekal logeekal self-assigned this Apr 21, 2023
@michaelolo24 michaelolo24 mentioned this issue Apr 21, 2023
Merged
@michaelolo24
Copy link
Contributor

@logeekal I would sync with @YulNaumenko or @stephmilovic about what the ideal behavior is here

@michaelolo24 michaelolo24 removed their assignment Apr 21, 2023
@logeekal
Copy link
Contributor

logeekal commented May 2, 2023
edited

The issue is that new alert table does not understand the toggle functionality of the security solution flyout.

We need help here from @elastic/response-ops team to expose the toggle functionality which we can use to add/remove columns to the alert table from anywhere in security solution.

@logeekal logeekal added the Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) label May 2, 2023
@michaelolo24
Copy link
Contributor

The issue is that new alert table does not understand the toggle functionality of the security solution flyout.

We need help here from @elastic/response-ops team to expose the toggle functionality which we can use to add/remove columns to the alert table from anywhere in security solution.

@XavierM can you help out here?

@XavierM XavierM removed their assignment May 5, 2023
@michaelolo24 michaelolo24 assigned XavierM and unassigned XavierM May 30, 2023
@michaelolo24 michaelolo24 mentioned this issue May 31, 2023
Closed
9 tasks
@logeekal logeekal mentioned this issue Aug 22, 2023
Closed
@christineweng christineweng mentioned this issue Aug 26, 2023
Merged
1 task
@damianpfister
Copy link

@XavierM - any idea whether this is something that might be considered low-hanging-fruit or will it require a bit more time, on the roadmap, to work through?

@XavierM XavierM assigned umbopepato and unassigned jcger Oct 5, 2023
@XavierM XavierM mentioned this issue Oct 5, 2023
Merged
1 task
XavierM added a commit that referenced this issue Oct 7, 2023
@XavierM @PhilippeOberti
[RAM] Bring back toggle column on alert table (#168158)
44a9d28 
## Summary
 
FIX -> #155243


### Checklist

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: PhilippeOberti <philippe.oberti@elastic.co>
XavierM added a commit to XavierM/kibana that referenced this issue Oct 9, 2023
@XavierM
[RAM] Bring back toggle column on alert table (elastic#168158)
83c31d5 
FIX -> elastic#155243

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: PhilippeOberti <philippe.oberti@elastic.co>
(cherry picked from commit 44a9d28)
@XavierM XavierM added the fixed label Oct 10, 2023
dej611 pushed a commit to dej611/kibana that referenced this issue Oct 17, 2023
@XavierM @PhilippeOberti @dej611
[RAM] Bring back toggle column on alert table (elastic#168158)
d380208 
## Summary
 
FIX -> elastic#155243


### Checklist

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: PhilippeOberti <philippe.oberti@elastic.co>
@spong
Copy link
Member

spong commented Dec 14, 2023

This was fixed in #168158 @XavierM, no? Can we close this?

@shayfeld
Copy link

shayfeld commented Jan 3, 2024

Hi @spong ,

Previously, in version 8.6, I had the option of toggling unknown fields, but not in version 8.11.
Toggle column

@spong
Copy link
Member

spong commented Jan 3, 2024

Interesting, thanks for sharing @shayfeld! Sounds like we should keep this open then @XavierM

@umbopepato
Copy link
Member

It looks like now the actions are only accessible from a tooltip while hovering over the value cells, but the unknown fields don't show such tooltip. In particular, fieldData is empty for those fields and thus the value is not wrapped in <CellActions>:

kibana/x-pack/plugins/security_solution/public/common/components/cell_actions/index.tsx

Lines 62 to 88 in 884b94e

const getFieldSpec = useGetFieldSpec(sourcererScopeId);
const dataViewId = useDataViewId(sourcererScopeId);
// Make a dependency key to prevent unnecessary re-renders when data object is defined inline
// It is necessary because the data object is an array or an object and useMemo would always re-render
const dependencyKey = JSON.stringify(data);
const fieldData: CellActionsData[] = useMemo(
() =>
(Array.isArray(data) ? data : [data])
.map(({ field, value }) => ({
field: getFieldSpec(field),
value,
}))
.filter((item): item is CellActionsData => !!item.field),
// eslint-disable-next-line react-hooks/exhaustive-deps -- Use the dependencyKey to prevent unnecessary re-renders
[dependencyKey, getFieldSpec]
);
const metadataWithDataView = useMemo(() => ({ ...metadata, dataViewId }), [dataViewId, metadata]);
return fieldData.length > 0 ? (
<CellActions data={fieldData} metadata={metadataWithDataView} {...props}>
{children}
</CellActions>
) : (
<>{children}</>
);

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@XavierM XavierM

@logeekal logeekal

@umbopepato umbopepato

Labels
bug Fixes for quality problems that affect the customer experience impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting:Investigations Security Solution Investigations Team Team:Threat Hunting Security Solution Threat Hunting Team v8.8.1
Projects
No open projects
AppEx: ResponseOps - Rules & Alerts Management
Status: In Review
Milestone
No milestone
Development

No branches or pull requests