[Security Solution] Fix empty fields and tab titles on Alerts page charts #152402
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
christineweng
added
release_note:skip
|
Pinging @elastic/security-threat-hunting (Team:Threat Hunting) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
michaelolo24
added
release_note:feature
💚 Build Succeeded
Metrics [docs]Async chunks
Unknown metric groupsESLint disabled line counts
Total ESLint disabled count
History
To update your PR or re-run it, just comment with: |
PhilippeOberti
approved these changes
Mar 6, 2023
..._solution/public/detections/pages/detection_engine/chart_panels/chart_select/translations.ts
Show resolved
Hide resolved
💔 All backports failed
Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
christineweng
added a commit
to christineweng/kibana
that referenced
this pull request
Mar 6, 2023
…arts (elastic#152402) This PR contains fixes/enhancements on charts section on Alerts Page: 1. Updated tab names  2. Updated inspect modal titles to match actual tab name (from elastic#151842) - `Counts` (used to be `Aggregations` on alerts page and `Table` in inspect modal, they are both `Counts` now)  3. Updated `querySkip` in `Trend`, `Counts`, and `Summary` as mentioned on elastic#150382 - `querySkip` followed the same pattern of `toggleStatus` that each chart keeps track of its own `querySkip` based on toggle status (skip query if charts is collapsed). This is no longer necessary because toggle is now managed at a higher level. 4. Fixed a bug that the top alerts chart was calculating percentages based on available fields - For instance, there are 100 alerts, 20 has `host.name="host-1"`, 30 has `host.name="host-2"`, the bars will show 40% and 60% for each, and it adds up to 100%. This does not factor in the 50 alerts with empty/null fields. - This PR added an info button that shows the percentage of available fields, as well as on-click action to add a filter to show alerts with empty fields  https://user-images.githubusercontent.com/18648970/222000307-764b1e90-ac88-40c7-9f26-a9372e8592a8.mov Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit 012ec79)
christineweng
added a commit
to christineweng/kibana
that referenced
this pull request
Mar 6, 2023
…arts (elastic#152402) ## Summary This PR contains fixes/enhancements on charts section on Alerts Page: 1. Updated tab names  2. Updated inspect modal titles to match actual tab name (from elastic#151842) - `Counts` (used to be `Aggregations` on alerts page and `Table` in inspect modal, they are both `Counts` now)  3. Updated `querySkip` in `Trend`, `Counts`, and `Summary` as mentioned on elastic#150382 - `querySkip` followed the same pattern of `toggleStatus` that each chart keeps track of its own `querySkip` based on toggle status (skip query if charts is collapsed). This is no longer necessary because toggle is now managed at a higher level. 4. Fixed a bug that the top alerts chart was calculating percentages based on available fields - For instance, there are 100 alerts, 20 has `host.name="host-1"`, 30 has `host.name="host-2"`, the bars will show 40% and 60% for each, and it adds up to 100%. This does not factor in the 50 alerts with empty/null fields. - This PR added an info button that shows the percentage of available fields, as well as on-click action to add a filter to show alerts with empty fields  https://user-images.githubusercontent.com/18648970/222000307-764b1e90-ac88-40c7-9f26-a9372e8592a8.mov ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit 012ec79) # Conflicts: # x-pack/plugins/security_solution/public/detections/pages/detection_engine/detection_engine.tsx
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
christineweng
added a commit
that referenced
this pull request
Mar 7, 2023
…age charts (#152402) (#152769) # Backport This will backport the following commits from `main` to `8.7`: - [[Security Solution] Fix empty fields and tab titles on Alerts page charts (#152402)](#152402) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"christineweng","email":"18648970+christineweng@users.noreply.github.com"},"sourceCommit":{"committedDate":"2023-03-06T22:44:57Z","message":"[Security Solution] Fix empty fields and tab titles on Alerts page charts (#152402)\n\n## Summary\r\n\r\nThis PR contains fixes/enhancements on charts section on Alerts Page:\r\n\r\n1. Updated tab names\r\n\r\n\r\n\r\n\r\n \r\n\r\n2. Updated inspect modal titles to match actual tab name (from\r\nhttps://github.com//issues/151842)\r\n\r\n- `Counts` (used to be `Aggregations` on alerts page and `Table` in\r\ninspect modal, they are both `Counts` now)\r\n\r\n\r\n\r\n3. Updated `querySkip` in `Trend`, `Counts`, and `Summary` as mentioned\r\non #150382 `querySkip` followed the same pattern of `toggleStatus` that each\r\nchart keeps track of its own `querySkip` based on toggle status (skip\r\nquery if charts is collapsed). This is no longer necessary because\r\ntoggle is now managed at a higher level.\r\n \r\n4. Fixed a bug that the top alerts chart was calculating percentages\r\nbased on available fields\r\n- For instance, there are 100 alerts, 20 has `host.name=\"host-1\"`, 30\r\nhas `host.name=\"host-2\"`, the bars will show 40% and 60% for each, and\r\nit adds up to 100%. This does not factor in the 50 alerts with\r\nempty/null fields.\r\n- This PR added an info button that shows the percentage of available\r\nfields, as well as on-click action to add a filter to show alerts with\r\nempty fields\r\n \r\n\r\n\r\n\r\n\r\nhttps://user-images.githubusercontent.com/18648970/222000307-764b1e90-ac88-40c7-9f26-a9372e8592a8.mov\r\n\r\n\r\n \r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"012ec798f7c9b512478b55aec2dc686a37c8347c","branchLabelMapping":{"^v8.8.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Threat Hunting","Team: SecuritySolution","release_note:feature","Team:Threat Hunting:Investigations","v8.7.0","v8.8.0"],"number":152402,"url":"#152402 Solution] Fix empty fields and tab titles on Alerts page charts (#152402)\n\n## Summary\r\n\r\nThis PR contains fixes/enhancements on charts section on Alerts Page:\r\n\r\n1. Updated tab names\r\n\r\n\r\n\r\n\r\n \r\n\r\n2. Updated inspect modal titles to match actual tab name (from\r\nhttps://github.com//issues/151842)\r\n\r\n- `Counts` (used to be `Aggregations` on alerts page and `Table` in\r\ninspect modal, they are both `Counts` now)\r\n\r\n\r\n\r\n3. Updated `querySkip` in `Trend`, `Counts`, and `Summary` as mentioned\r\non #150382 `querySkip` followed the same pattern of `toggleStatus` that each\r\nchart keeps track of its own `querySkip` based on toggle status (skip\r\nquery if charts is collapsed). This is no longer necessary because\r\ntoggle is now managed at a higher level.\r\n \r\n4. Fixed a bug that the top alerts chart was calculating percentages\r\nbased on available fields\r\n- For instance, there are 100 alerts, 20 has `host.name=\"host-1\"`, 30\r\nhas `host.name=\"host-2\"`, the bars will show 40% and 60% for each, and\r\nit adds up to 100%. This does not factor in the 50 alerts with\r\nempty/null fields.\r\n- This PR added an info button that shows the percentage of available\r\nfields, as well as on-click action to add a filter to show alerts with\r\nempty fields\r\n \r\n\r\n\r\n\r\n\r\nhttps://user-images.githubusercontent.com/18648970/222000307-764b1e90-ac88-40c7-9f26-a9372e8592a8.mov\r\n\r\n\r\n \r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"012ec798f7c9b512478b55aec2dc686a37c8347c"}},"sourceBranch":"main","suggestedTargetBranches":["8.7"],"targetPullRequestStates":[{"branch":"8.7","label":"v8.7.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.8.0","labelRegex":"^v8.8.0$","isSourceBranch":true,"state":"MERGED","url":"#152402 Solution] Fix empty fields and tab titles on Alerts page charts (#152402)\n\n## Summary\r\n\r\nThis PR contains fixes/enhancements on charts section on Alerts Page:\r\n\r\n1. Updated tab names\r\n\r\n\r\n\r\n\r\n \r\n\r\n2. Updated inspect modal titles to match actual tab name (from\r\nhttps://github.com//issues/151842)\r\n\r\n- `Counts` (used to be `Aggregations` on alerts page and `Table` in\r\ninspect modal, they are both `Counts` now)\r\n\r\n\r\n\r\n3. Updated `querySkip` in `Trend`, `Counts`, and `Summary` as mentioned\r\non #150382 `querySkip` followed the same pattern of `toggleStatus` that each\r\nchart keeps track of its own `querySkip` based on toggle status (skip\r\nquery if charts is collapsed). This is no longer necessary because\r\ntoggle is now managed at a higher level.\r\n \r\n4. Fixed a bug that the top alerts chart was calculating percentages\r\nbased on available fields\r\n- For instance, there are 100 alerts, 20 has `host.name=\"host-1\"`, 30\r\nhas `host.name=\"host-2\"`, the bars will show 40% and 60% for each, and\r\nit adds up to 100%. This does not factor in the 50 alerts with\r\nempty/null fields.\r\n- This PR added an info button that shows the percentage of available\r\nfields, as well as on-click action to add a filter to show alerts with\r\nempty fields\r\n \r\n\r\n\r\n\r\n\r\nhttps://user-images.githubusercontent.com/18648970/222000307-764b1e90-ac88-40c7-9f26-a9372e8592a8.mov\r\n\r\n\r\n \r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"012ec798f7c9b512478b55aec2dc686a37c8347c"}}]}] BACKPORT-->
sloanelybutsurely
pushed a commit
to sloanelybutsurely/kibana
that referenced
this pull request
Mar 8, 2023
…arts (elastic#152402) ## Summary This PR contains fixes/enhancements on charts section on Alerts Page: 1. Updated tab names  2. Updated inspect modal titles to match actual tab name (from elastic#151842) - `Counts` (used to be `Aggregations` on alerts page and `Table` in inspect modal, they are both `Counts` now)  3. Updated `querySkip` in `Trend`, `Counts`, and `Summary` as mentioned on elastic#150382 - `querySkip` followed the same pattern of `toggleStatus` that each chart keeps track of its own `querySkip` based on toggle status (skip query if charts is collapsed). This is no longer necessary because toggle is now managed at a higher level. 4. Fixed a bug that the top alerts chart was calculating percentages based on available fields - For instance, there are 100 alerts, 20 has `host.name="host-1"`, 30 has `host.name="host-2"`, the bars will show 40% and 60% for each, and it adds up to 100%. This does not factor in the 50 alerts with empty/null fields. - This PR added an info button that shows the percentage of available fields, as well as on-click action to add a filter to show alerts with empty fields  https://user-images.githubusercontent.com/18648970/222000307-764b1e90-ac88-40c7-9f26-a9372e8592a8.mov ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
bmorelli25
pushed a commit
to bmorelli25/kibana
that referenced
this pull request
Mar 10, 2023
…arts (elastic#152402) ## Summary This PR contains fixes/enhancements on charts section on Alerts Page: 1. Updated tab names  2. Updated inspect modal titles to match actual tab name (from elastic#151842) - `Counts` (used to be `Aggregations` on alerts page and `Table` in inspect modal, they are both `Counts` now)  3. Updated `querySkip` in `Trend`, `Counts`, and `Summary` as mentioned on elastic#150382 - `querySkip` followed the same pattern of `toggleStatus` that each chart keeps track of its own `querySkip` based on toggle status (skip query if charts is collapsed). This is no longer necessary because toggle is now managed at a higher level. 4. Fixed a bug that the top alerts chart was calculating percentages based on available fields - For instance, there are 100 alerts, 20 has `host.name="host-1"`, 30 has `host.name="host-2"`, the bars will show 40% and 60% for each, and it adds up to 100%. This does not factor in the 50 alerts with empty/null fields. - This PR added an info button that shows the percentage of available fields, as well as on-click action to add a filter to show alerts with empty fields  https://user-images.githubusercontent.com/18648970/222000307-764b1e90-ac88-40c7-9f26-a9372e8592a8.mov ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
nkhristinin
pushed a commit
that referenced
this pull request
Mar 22, 2023
\r\n){kind=link}
\r\n\r\n3){kind=link}
\r\n\r\n\r\nhttps://user-images.githubusercontent.com/18648970/222000307-764b1e90-ac88-40c7-9f26-a9372e8592a8.mov\r\n\r\n\r\n){kind=link}
…arts (#152402) ## Summary This PR contains fixes/enhancements on charts section on Alerts Page: 1. Updated tab names  2. Updated inspect modal titles to match actual tab name (from #151842) - `Counts` (used to be `Aggregations` on alerts page and `Table` in inspect modal, they are both `Counts` now)  3. Updated `querySkip` in `Trend`, `Counts`, and `Summary` as mentioned on #150382 - `querySkip` followed the same pattern of `toggleStatus` that each chart keeps track of its own `querySkip` based on toggle status (skip query if charts is collapsed). This is no longer necessary because toggle is now managed at a higher level. 4. Fixed a bug that the top alerts chart was calculating percentages based on available fields - For instance, there are 100 alerts, 20 has `host.name="host-1"`, 30 has `host.name="host-2"`, the bars will show 40% and 60% for each, and it adds up to 100%. This does not factor in the 50 alerts with empty/null fields. - This PR added an info button that shows the percentage of available fields, as well as on-click action to add a filter to show alerts with empty fields  https://user-images.githubusercontent.com/18648970/222000307-764b1e90-ac88-40c7-9f26-a9372e8592a8.mov ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR contains fixes/enhancements on charts section on Alerts Page:
Updated inspect modal titles to match actual tab name (from [Security Solution]Alerts Charts name not matching in inspect modal Title #151842)
Counts(used to beAggregationson alerts page andTablein inspect modal, they are bothCountsnow)Updated
querySkipinTrend,Counts, andSummaryas mentioned on [Security Solution] Alerts page KPI visualizations handle querySkip and toggleStatus at panel level #150382querySkipfollowed the same pattern oftoggleStatusthat each chart keeps track of its ownquerySkipbased on toggle status (skip query if charts is collapsed). This is no longer necessary because toggle is now managed at a higher level.Fixed a bug that the top alerts chart was calculating percentages based on available fields
host.name="host-1", 30 hashost.name="host-2", the bars will show 40% and 60% for each, and it adds up to 100%. This does not factor in the 50 alerts with empty/null fields.Screen.Recording.2023-02-28.at.12.29.25.PM.mov
Checklist
Delete any items that are not applicable to this PR.