Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[OSquery] [Enhancement] Users should not be able to submit another query until they gets the result of the previously submitted Live query. #173977

Open
sukhwindersingh-qasource opened this issue Dec 27, 2023 · 8 comments
Open

[OSquery] [Enhancement] Users should not be able to submit another query until they gets the result of the previously submitted Live query. #173977

sukhwindersingh-qasource opened this issue Dec 27, 2023 · 8 comments
Assignees
@dasansol92
Labels
enhancement New value added to drive a business result grooming Team:Defend Workflows “EDR Workflows” sub-team of Security Solution Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. triage_needed v8.12.0

Comments

@sukhwindersingh-qasource
Copy link

Describe the bug:
[Enhancement] Users should not be able to submit another query until they gets the result of the previously submitted Live query.

Build Details:

VERSION: 8.12.0
BUILD: 69985
COMMIT: 2a8afed8572a4c709aa1c64216748197eeb9b18f

Preconditions

  • Kibana should be running.
  • Agent with Osquery manager integration should be installed.

Steps to Reproduce

  • Navigate to Osquery > Live queries
  • Create a live query and click on submit.
  • Now make changes to the Live query and Submit it again.

Actual result

  • User is be able to submit another query before getting the result of previous query.

Expected Result

  • User should not be able to submit another query before getting the result of previous query.
  • As the result of the query is gone from that page , User have to navigate to the live query history to see the results.
  • Or we can showcase multiple results of the submitted queries on the same submission page for the query results.

Screen-Cast

New.-.Live.queries.-.Osquery.-.Elastic.Mozilla.Firefox.2023-12-27.13-46-31.mp4
@sukhwindersingh-qasource sukhwindersingh-qasource added triage_needed enhancement New value added to drive a business result Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Defend Workflows “EDR Workflows” sub-team of Security Solution v8.12.0 labels Dec 27, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-defend-workflows (Team:Defend Workflows)

@sukhwindersingh-qasource
Copy link
Author

@manishgupta-qasource Please review this.
Thanks!

@manishgupta-qasource
Copy link

Reviewed & assigned to @dasansol92

@dasansol92
Copy link
Contributor

@tomsonpl @caitlinbetz should we prevent user to run another query when there is already one running or just inform user that other query is already running on the background?

@tomsonpl
Copy link
Contributor

tomsonpl commented Jan 8, 2024

Hey, I don't think this is something that bothers us too much. I believe we can think of it as a feature ;p

My concern is that if we decide to disable submitting new query before the previous finishes, we would have to enable user to cancel the query in case he needs a new one - otherwise he would be blocked or even worse - would have to reload the page to run another query. That might be much more hustle.

However, would be great to hear more thoughts on this :)

@patrykkopycinski
Copy link
Contributor

I don't think we should disallow the user to run another query while the current one is still running. We persist the queries, so they always can go to the live queries history and check the previous query results

@caitlinbetz
Copy link

Agreed with @tomsonpl and @patrykkopycinski

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dasansol92 dasansol92

Labels
enhancement New value added to drive a business result grooming Team:Defend Workflows “EDR Workflows” sub-team of Security Solution Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. triage_needed v8.12.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@patrykkopycinski @dasansol92 @elasticmachine @tomsonpl @caitlinbetz @manishgupta-qasource @sukhwindersingh-qasource