-
Notifications
You must be signed in to change notification settings - Fork 8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution] Create rule from timeline #143020
Merged
stephmilovic
merged 58 commits into
elastic:main
from
stephmilovic:on_week_timeline_rules
Dec 8, 2022
Merged
Changes from 56 commits
Commits
Show all changes
58 commits
Select commit
Hold shift + click to select a range
5e2926e
start
stephmilovic 9e27d07
fixings
stephmilovic 22667b2
fixings
stephmilovic 79c58c4
fix tests
stephmilovic 8cfede7
more wip
stephmilovic 0a73748
fix url rison
stephmilovic db55207
fix fields
stephmilovic 626cb40
ok
stephmilovic cc3f91b
fixed
stephmilovic 9bb7fd7
fix line
stephmilovic 2c539df
Merge branch 'main' into on_week_timeline_rules
stephmilovic e16d6b2
sourcerer based approach
stephmilovic ffa8fa3
Merge branch 'main' into on_week_timeline_rules
stephmilovic cc82005
fixes
stephmilovic 54e3414
more fixing
stephmilovic f805875
Merge branch 'main' into on_week_timeline_rules
stephmilovic d75150d
fixies
stephmilovic 35fd82a
test fixes
stephmilovic 32f67ec
Merge branch 'main' into on_week_timeline_rules
kibanamachine acdfb0d
Merge branch 'main' into on_week_timeline_rules
stephmilovic d302c47
move files
stephmilovic 5d989e7
naming and fix import
stephmilovic 3a270a5
fixie
stephmilovic 4a86f3a
Merge branch 'main' into on_week_timeline_rules
stephmilovic 4faa184
better naming and organization
stephmilovic 83d606a
better
stephmilovic 2adc118
more tests
stephmilovic 324fe75
fix
stephmilovic d48119f
fixd
stephmilovic 0f3f329
Merge branch 'main' into on_week_timeline_rules
stephmilovic 2694a5a
Merge branch 'main' into on_week_timeline_rules
stephmilovic 7eec14e
Merge branch 'main' into on_week_timeline_rules
stephmilovic 16cc5ae
Merge branch 'main' into on_week_timeline_rules
stephmilovic aa31d4e
wtf
stephmilovic e933eb4
Merge branch 'main' into on_week_timeline_rules
stephmilovic 2ea52de
better?
stephmilovic 52d47a6
fix
stephmilovic ef6cbd5
Merge branch 'main' into on_week_timeline_rules
stephmilovic b270044
Merge branch 'main' into on_week_timeline_rules
stephmilovic b54c15a
Merge branch 'main' into on_week_timeline_rules
stephmilovic 30202ce
fix
stephmilovic e4fda72
fix tests
stephmilovic 11e8541
fix tests
stephmilovic 00fb55c
Merge branch 'main' into on_week_timeline_rules
stephmilovic e1af016
add more tests
stephmilovic 9ede9a4
Merge branch 'main' into on_week_timeline_rules
stephmilovic 9bd8801
Merge branch 'main' into on_week_timeline_rules
stephmilovic 0298d2d
fix cypress
stephmilovic 2ff4713
fix cypress actually
stephmilovic bd8db38
Merge branch 'main' into on_week_timeline_rules
stephmilovic b6764ff
last fixes
stephmilovic e0aafad
fixes
stephmilovic 0187e4b
fix tests
stephmilovic 7503b74
Merge branch 'main' into on_week_timeline_rules
stephmilovic 77e76d0
fix type
stephmilovic e67a962
pr fixes
stephmilovic a02eba6
fixed
stephmilovic 2e476b1
rm commented code
stephmilovic File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -28,14 +28,6 @@ export const RULE_PREVIEW_TITLE = i18n.translate( | |
} | ||
); | ||
|
||
export const RULE_PREVIEW_DESCRIPTION = i18n.translate( | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. unused |
||
'xpack.securitySolution.detectionEngine.createRule.rulePreviewDescription', | ||
{ | ||
defaultMessage: | ||
'Rule preview reflects the current configuration of your rule settings and exceptions, click refresh icon to see the updated preview.', | ||
} | ||
); | ||
|
||
export const CANCEL_BUTTON_LABEL = i18n.translate( | ||
'xpack.securitySolution.detectionEngine.createRule.cancelButtonLabel', | ||
{ | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -17,9 +17,6 @@ import type { BrowserFields } from '../../../../common/containers/source'; | |
import { OpenTimelineModal } from '../../../../timelines/components/open_timeline/open_timeline_modal'; | ||
import type { ActionTimelineToShow } from '../../../../timelines/components/open_timeline/types'; | ||
import { QueryBar } from '../../../../common/components/query_bar'; | ||
import { buildGlobalQuery } from '../../../../timelines/components/timeline/helpers'; | ||
import { getDataProviderFilter } from '../../../../timelines/components/timeline/query_bar'; | ||
import { convertKueryToElasticSearchQuery } from '../../../../common/lib/kuery'; | ||
import { useKibana } from '../../../../common/lib/kibana'; | ||
import type { TimelineModel } from '../../../../timelines/store/timeline/model'; | ||
import { useSavedQueryServices } from '../../../../common/utils/saved_query_services'; | ||
|
@@ -54,6 +51,7 @@ export interface QueryBarDefineRuleProps { | |
*/ | ||
onSavedQueryError?: () => void; | ||
defaultSavedQuery?: SavedQuery | undefined; | ||
onOpenTimeline?: (timeline: TimelineModel) => void; | ||
} | ||
|
||
const actionTimelineToHide: ActionTimelineToShow[] = ['duplicate', 'createFrom']; | ||
|
@@ -88,6 +86,7 @@ export const QueryBarDefineRule = ({ | |
onValidityChange, | ||
isDisabled, | ||
resetToSavedQuery, | ||
onOpenTimeline, | ||
onSavedQueryError, | ||
}: QueryBarDefineRuleProps) => { | ||
const { value: fieldValue, setValue: setFieldValue } = field as FieldHook<FieldValueQueryBar>; | ||
|
@@ -234,31 +233,12 @@ export const QueryBarDefineRule = ({ | |
onCloseTimelineSearch(); | ||
}, [onCloseTimelineSearch]); | ||
|
||
const onOpenTimeline = useCallback( | ||
const onOpenTimelineCb = useCallback( | ||
(timeline: TimelineModel) => { | ||
setLoadingTimeline(false); | ||
const newQuery = { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. this logic gets moved to new hook, |
||
query: timeline.kqlQuery.filterQuery?.kuery?.expression ?? '', | ||
language: timeline.kqlQuery.filterQuery?.kuery?.kind ?? 'kuery', | ||
}; | ||
const dataProvidersDsl = | ||
timeline.dataProviders != null && timeline.dataProviders.length > 0 | ||
? convertKueryToElasticSearchQuery( | ||
buildGlobalQuery(timeline.dataProviders, browserFields), | ||
indexPattern | ||
) | ||
: ''; | ||
const newFilters = timeline.filters ?? []; | ||
setFieldValue({ | ||
filters: | ||
dataProvidersDsl !== '' | ||
? [...newFilters, getDataProviderFilter(dataProvidersDsl)] | ||
: newFilters, | ||
query: newQuery, | ||
saved_id: null, | ||
}); | ||
onOpenTimeline?.(timeline); | ||
}, | ||
[browserFields, indexPattern, setFieldValue] | ||
[onOpenTimeline] | ||
); | ||
|
||
const onMutation = () => { | ||
|
@@ -324,7 +304,7 @@ export const QueryBarDefineRule = ({ | |
hideActions={actionTimelineToHide} | ||
modalTitle={i18n.IMPORT_TIMELINE_MODAL} | ||
onClose={onCloseTimelineModal} | ||
onOpen={onOpenTimeline} | ||
onOpen={onOpenTimelineCb} | ||
/> | ||
) : null} | ||
</> | ||
|
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
unused