[Security Solution] Alerts Grouping MVP #149145
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…rouping-mvp # Conflicts: # x-pack/plugins/security_solution/public/common/components/event_rendered_view/helpers.ts
YulNaumenko
added
v8.7.0
release_note:skip
…ko/kibana into security-solution-grouping-mvp
spong
reviewed
Feb 2, 2023
Comment on lines
+85
to
+88
| { | ||
| title: i18n.STATS_GROUP_USERS, | ||
| value: bucket.usersCountAggregation?.value ?? 0, | ||
| }, |
There was a problem hiding this comment.
Super nit: looks like the badge value isn't centered when defaulting to 0.
Looks like there's an extra span in there keeping things centered when a value is present
spong
reviewed
Feb 2, 2023
...gins/security_solution/public/common/components/alerts_treemap/lib/flatten/flatten_bucket.ts
Outdated
Show resolved
Hide resolved
spong
reviewed
Feb 2, 2023
...s/security_solution/public/common/components/grouping/groups_selector/custom_field_panel.tsx
Outdated
Show resolved
Hide resolved
spong
reviewed
Feb 2, 2023
x-pack/plugins/security_solution/public/common/components/grouping/groups_selector/index.tsx
Outdated
Show resolved
Hide resolved
spong
reviewed
Feb 2, 2023
| @@ -94,7 +94,6 @@ export const LandingCards = memo(() => { | |||
| <EuiFlexItem> | |||
| <iframe | |||
| allowFullScreen | |||
| allowTransparency | |||
There was a problem hiding this comment.
This is for the video component on the getting started page right? Is this a fix? I'm not seeing a difference with/without this attribute on chrome. 🤷♂️
There was a problem hiding this comment.
Hrmmm, was thinking it was theme related, but seeing the white bg with or without this attribute, so not sure, haha 😅
There was a problem hiding this comment.
@stephmilovic, you should know. I'm not sure about this change.
spong
approved these changes
Feb 2, 2023
There was a problem hiding this comment.
Checked out, tested locally, and performed code review -- LGTM! Great work here @YulNaumenko! 🙂 🙌 🚀
I tested thoroughly and came across no major issues at all! Left some nits and questions, but nothing that can't be addressed in a follow-up if need be, so going ahead and approving now. Really nice implementation btw, and users are gonna be so stoked to finally have grouping! 🎉
…ping/groups_selector/custom_field_panel.tsx Co-authored-by: Garrett Spong <spong@users.noreply.github.com>
…ping/groups_selector/index.tsx Co-authored-by: Garrett Spong <spong@users.noreply.github.com>
stephmilovic
approved these changes
Feb 6, 2023
|
@elasticmachine merge upstream |
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
Unknown metric groupsESLint disabled line counts
References to deprecated APIs
Total ESLint disabled count
History
To update your PR or re-run it, just comment with: cc @YulNaumenko |
darnautov
pushed a commit
to darnautov/kibana
that referenced
this pull request
Feb 7, 2023
Current PR introducing the new grouping functionality to the alerts tables: on Alerts and Rule Details pages. The existing grouping design is a technical preview functionality and is a subject of the change. MVP description: 1. Grouping is available only for alerts tables on the Alerts and Rules Details page as selectable dropdown options list in the right top level menu of the alerts table: <img width="1565" alt="Screenshot 2023-01-28 at 2 00 33 PM" src="https://user-images.githubusercontent.com/55110838/215293513-a46e5989-0e49-4b4c-b191-e00d6ef14eff.png"> 2. Default selected option "None" means that the group alerts by is turned off and none of the field is selected. In 8.7 feature has a **technical preview** badge on the right of the select option. <img width="373" alt="Screenshot 2023-01-28 at 2 21 24 PM" src="https://user-images.githubusercontent.com/55110838/215293745-ae232e12-eb92-4429-a667-7b76a2be8c61.png"> 3. The default fields options list is different for Alerts and Rule Details pages and relevant to the page context: <img width="1555" alt="Screenshot 2023-01-28 at 2 30 02 PM" src="https://user-images.githubusercontent.com/55110838/215294128-a0e2a875-088b-446e-ba96-28bcb1d114d0.png"> <img width="1498" alt="Screenshot 2023-01-28 at 2 31 22 PM" src="https://user-images.githubusercontent.com/55110838/215294132-0ca11882-73e9-446c-9e75-112569b9bdc7.png"> 4. Group by custom field is a separate option which allows to group the alerts data by any other index field. <img width="980" alt="Screenshot 2023-01-28 at 2 34 28 PM" src="https://user-images.githubusercontent.com/55110838/215294168-f787093c-72e9-483d-8881-70320b1f4343.png"> 5. Custom field provides a limited to the field value only default rendering for the panel and default set of stats metrics: Rules count and Alerts count. <img width="1209" alt="Screenshot 2023-01-28 at 2 35 47 PM" src="https://user-images.githubusercontent.com/55110838/215294237-17c6105c-d9a3-4ced-be2b-c17ffd181e14.png"> For rule name for example the is also additionally rendered metrics, rule name, rule description and rule tags: <img width="1899" alt="Screenshot 2023-01-28 at 2 40 02 PM" src="https://user-images.githubusercontent.com/55110838/215294351-8935ee93-c416-4357-80cd-ce28c0127993.png"> 6. Each group panel provides the list of bulk actions options which could be applied to the whole group by clicking on the **Take actions** button. For now the list is limited to the three available actions: <img width="1557" alt="Screenshot 2023-01-28 at 2 32 24 PM" src="https://user-images.githubusercontent.com/55110838/215294393-513dc001-be83-4f76-ac09-3a36b2b89e00.png"> 7. Existing technical preview functionality is limited to display only one expanded group at a time. 8. For a big number of groups there is a paging functionality with the ability to define the items per page: <img width="735" alt="Screenshot 2023-01-28 at 2 32 40 PM" src="https://user-images.githubusercontent.com/55110838/215294444-98dfef11-b6b5-413b-b82f-0dcea90f0e65.png"> 9. Grouping setting is stored in the local storage for each page separately and after the hard refresh should be picked up and rendered on the page. --------- Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co> Co-authored-by: Garrett Spong <spong@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
benakansara
pushed a commit
to benakansara/kibana
that referenced
this pull request
Feb 7, 2023
Current PR introducing the new grouping functionality to the alerts tables: on Alerts and Rule Details pages. The existing grouping design is a technical preview functionality and is a subject of the change. MVP description: 1. Grouping is available only for alerts tables on the Alerts and Rules Details page as selectable dropdown options list in the right top level menu of the alerts table: <img width="1565" alt="Screenshot 2023-01-28 at 2 00 33 PM" src="https://user-images.githubusercontent.com/55110838/215293513-a46e5989-0e49-4b4c-b191-e00d6ef14eff.png"> 2. Default selected option "None" means that the group alerts by is turned off and none of the field is selected. In 8.7 feature has a **technical preview** badge on the right of the select option. <img width="373" alt="Screenshot 2023-01-28 at 2 21 24 PM" src="https://user-images.githubusercontent.com/55110838/215293745-ae232e12-eb92-4429-a667-7b76a2be8c61.png"> 3. The default fields options list is different for Alerts and Rule Details pages and relevant to the page context: <img width="1555" alt="Screenshot 2023-01-28 at 2 30 02 PM" src="https://user-images.githubusercontent.com/55110838/215294128-a0e2a875-088b-446e-ba96-28bcb1d114d0.png"> <img width="1498" alt="Screenshot 2023-01-28 at 2 31 22 PM" src="https://user-images.githubusercontent.com/55110838/215294132-0ca11882-73e9-446c-9e75-112569b9bdc7.png"> 4. Group by custom field is a separate option which allows to group the alerts data by any other index field. <img width="980" alt="Screenshot 2023-01-28 at 2 34 28 PM" src="https://user-images.githubusercontent.com/55110838/215294168-f787093c-72e9-483d-8881-70320b1f4343.png"> 5. Custom field provides a limited to the field value only default rendering for the panel and default set of stats metrics: Rules count and Alerts count. <img width="1209" alt="Screenshot 2023-01-28 at 2 35 47 PM" src="https://user-images.githubusercontent.com/55110838/215294237-17c6105c-d9a3-4ced-be2b-c17ffd181e14.png"> For rule name for example the is also additionally rendered metrics, rule name, rule description and rule tags: <img width="1899" alt="Screenshot 2023-01-28 at 2 40 02 PM" src="https://user-images.githubusercontent.com/55110838/215294351-8935ee93-c416-4357-80cd-ce28c0127993.png"> 6. Each group panel provides the list of bulk actions options which could be applied to the whole group by clicking on the **Take actions** button. For now the list is limited to the three available actions: <img width="1557" alt="Screenshot 2023-01-28 at 2 32 24 PM" src="https://user-images.githubusercontent.com/55110838/215294393-513dc001-be83-4f76-ac09-3a36b2b89e00.png"> 7. Existing technical preview functionality is limited to display only one expanded group at a time. 8. For a big number of groups there is a paging functionality with the ability to define the items per page: <img width="735" alt="Screenshot 2023-01-28 at 2 32 40 PM" src="https://user-images.githubusercontent.com/55110838/215294444-98dfef11-b6b5-413b-b82f-0dcea90f0e65.png"> 9. Grouping setting is stored in the local storage for each page separately and after the hard refresh should be picked up and rendered on the page. --------- Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co> Co-authored-by: Garrett Spong <spong@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
michaelolo24
added
release_note:feature
14 tasks
11 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Current PR introducing the new grouping functionality to the alerts tables: on Alerts and Rule Details pages.
The existing grouping design is a technical preview functionality and is a subject of the change.
MVP description:
2. Default selected option "None" means that the group alerts by is turned off and none of the field is selected. In 8.7 feature has a **technical preview** badge on the right of the select option.
3. The default fields options list is different for Alerts and Rule Details pages and relevant to the page context:
For rule name for example the is also additionally rendered metrics, rule name, rule description and rule tags:
9. Grouping setting is stored in the local storage for each page separately and after the hard refresh should be picked up and rendered on the page.