Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution]show analyzer not getting redirect to analyzer tab in timeline from fly out #181232

Open
karanbirsingh-qasource opened this issue Apr 19, 2024 · 2 comments
Open

[Security Solution]show analyzer not getting redirect to analyzer tab in timeline from fly out #181232

karanbirsingh-qasource opened this issue Apr 19, 2024 · 2 comments
Assignees
@christineweng
Labels
bug Fixes for quality problems that affect the customer experience impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting:Investigations Security Solution Investigations Team Team:Threat Hunting Security Solution Threat Hunting Team

Comments

@karanbirsingh-qasource
Copy link

Describe the bug:
show analyzer not getting redirect to analyzer tab in timeline from fly out

Kibana/Elasticsearch Stack version

Version: 8.14 BC1
Build: 73520
Commit: c1513cd7e5a00eab209ba02d30cafd6945d75470

precondition

  • FF need to enabled in kibana instance

Steps to reproduce

  • Create or open a timeline
  • click view details to open alert fly out inside timeline
  • scroll down and find analyzer preview and click on it
  • Observed that analyzer tab of timeline is not opening

Current Result

  • show analyzer not getting redirect to analyzer tab in timeline from fly-out

Expected Result

  • show analyzer should getting redirect to analyzer tab in timeline from fly out

Screen-Shot:

Alerts.-.Kibana.Mozilla.Firefox.2024-04-05.13-35-36.mp4
@karanbirsingh-qasource karanbirsingh-qasource added bug Fixes for quality problems that affect the customer experience triage_needed Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Apr 19, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@karanbirsingh-qasource karanbirsingh-qasource added impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. Team:Threat Hunting:Investigations Security Solution Investigations Team labels Apr 19, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-threat-hunting-investigations (Team:Threat Hunting:Investigations)

@MadameSheema MadameSheema removed their assignment Apr 22, 2024
@MadameSheema MadameSheema added the Team:Threat Hunting Security Solution Threat Hunting Team label Apr 22, 2024
@christineweng christineweng self-assigned this Apr 22, 2024
@PhilippeOberti PhilippeOberti modified the milestone: 8.15 May 2, 2024
@christineweng christineweng mentioned this issue May 6, 2024
Merged
christineweng added a commit that referenced this issue May 14, 2024
@christineweng
[Security Solution][Alert details] Fix analyzer preview navigation to…
e10ae00 
… timeline (#182749)

## Summary

This PR fixed the analyzer preview (in alerts flyout) to timeline
navigation. The user is now directed to the `analyzer` tab not `query`
tab. Same to session view, if session view is available, clicking the
session preview title should open timeline and go to `Session view` tab.

Related
- #180667
- #181232
- #169623 related to rule with
suppression
- #166052 related to rule with
timeline template

How to test
- Generate some alerts with analyzer and session view data
- Expand a row in alerts table
- Scroll down alerts detail flyout and go to `Visualization` section
- Click `Analyzer preview` should open timeline and go to `Analyzer` tab
- Click `Session viewer preview` should open timeline and go to `Session
view` tab (enterprise license)

Basic scenario (Alert details -> Click Analyzer preview -> Timeline)


https://github.com/elastic/kibana/assets/18648970/ff617c07-d269-4108-8a3d-3744872ee66d

Rule with suppression & timeline template



https://github.com/elastic/kibana/assets/18648970/242d545c-d871-4c42-9ec8-5aa2fcd783ba
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@christineweng christineweng

Labels
bug Fixes for quality problems that affect the customer experience impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting:Investigations Security Solution Investigations Team Team:Threat Hunting Security Solution Threat Hunting Team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@elasticmachine @PhilippeOberti @MadameSheema @christineweng @karanbirsingh-qasource