-
Notifications
You must be signed in to change notification settings - Fork 8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution][Timeline] - fix host and user details flyout not using the correct time for requests when open from Timeline #182968
Conversation
Pinging @elastic/security-threat-hunting-investigations (Team:Threat Hunting:Investigations) |
Pinging @elastic/security-entity-analytics (Team:Entity Analytics) |
const isActiveTimelines = isActiveTimeline(scopeId); | ||
const { to, from } = isActiveTimelines ? timelineTime : globalTime; | ||
const { isInitializing, setQuery, deleteQuery } = globalTime; | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is probably not taking the correct sourcerer patterns either. Should we do:
const { selectedPatterns } = useSourcererDataView(getSourcererScopeId(scopeId));
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I mean, line 34
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes of course, sorry! Added in this commit
…using the correct time for requests when open from Timeline
c7ff516
to
c55a87e
Compare
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]Async chunks
History
To update your PR or re-run it, just comment with: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM for Entity Analytics!
…using the correct time for requests when open from Timeline (elastic#182968) (cherry picked from commit 3230010)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
…ut not using the correct time for requests when open from Timeline (#182968) (#183081) # Backport This will backport the following commits from `main` to `8.14`: - [[Security Solution][Timeline] - fix host and user details flyout not using the correct time for requests when open from Timeline (#182968)](#182968) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Philippe Oberti","email":"philippe.oberti@elastic.co"},"sourceCommit":{"committedDate":"2024-05-09T17:12:55Z","message":"[Security Solution][Timeline] - fix host and user details flyout not using the correct time for requests when open from Timeline (#182968)","sha":"32300106c3f776107243ad32d0bc0b93d1a2ab09","branchLabelMapping":{"^v8.15.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Threat Hunting:Investigations","Team:Entity Analytics","v8.14.0","v8.15.0"],"title":"[Security Solution][Timeline] - fix host and user details flyout not using the correct time for requests when open from Timeline","number":182968,"url":"#182968 Solution][Timeline] - fix host and user details flyout not using the correct time for requests when open from Timeline (#182968)","sha":"32300106c3f776107243ad32d0bc0b93d1a2ab09"}},"sourceBranch":"main","suggestedTargetBranches":["8.14"],"targetPullRequestStates":[{"branch":"8.14","label":"v8.14.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.15.0","branchLabelMappingKey":"^v8.15.0$","isSourceBranch":true,"state":"MERGED","url":"#182968 Solution][Timeline] - fix host and user details flyout not using the correct time for requests when open from Timeline (#182968)","sha":"32300106c3f776107243ad32d0bc0b93d1a2ab09"}}]}] BACKPORT--> Co-authored-by: Philippe Oberti <philippe.oberti@elastic.co>
Summary
This PR fixes a bug in the user and host detail flyouts (the new ones using the expandable flyout framework). When those flyouts are open from Timeline, the request made to query their data is using the
from
andto
values from the global query, meaning the date interval selected in the alerts page.They should be instead using the date interval from Timeline.
Before fix
Screen.Recording.2024-05-08.at.10.03.01.AM.mov
After fix
Screen.Recording.2024-05-08.at.10.00.51.AM.mov
#182967
Notes
I did not add any unit tests for this, as the cutoff for the last BC is happening very soon, and also because no tests existed for these 2 hooks. Let me know if that is ok with you for now @machadoum