[SIEM] Formats the bytes columns in timeline #43147
Conversation
stephmilovic
added
Team:SIEM
release_note:skip
|
Pinging @elastic/siem |
|
So far this PR only formats timeline columns with fields that end in |
💚 Build Succeeded |
|
We ship with a hardcoded ECS schema in the SIEM app, can we use that? It contains formatting information, e.g. for kibana/x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/packetbeat.ts Lines 1720 to 1727 in 2d81859 That way, we could keep the number of places where we hardcode things to a minimum. The rest of Kibana uses index patterns for formatting information, and I wish we could do the same, but we don't rely on index patterns in the SIEM app (maybe we should, but that would be a bigger change). |
|
I think that with the fields browser, we should be able to do exactly what @cwurm is talking about since it is a mix of the ECS schema and index pattern. |
💔 Build Failed |
x-pack/legacy/plugins/siem/public/components/source_destination/country_flag.tsx
Show resolved
Hide resolved
💔 Build Failed |
|
Thanks for adding this feature @stephmilovic , and for fixing the flag issue! For consistency with the special formatting applied to dates and IP addresses, would you be willing to also apply the new
|
💚 Build Succeeded |
💚 Build Succeeded |
There was a problem hiding this comment.
🙏 @stephmilovic for the additional formatting in the expanded events
ran it locally and it works great 💥
LGTM
…_update_json_spec * 'master' of github.com:elastic/kibana: (35 commits) fix: 🐛 pass whole action context to isCompatible() method (elastic#43457) Deleted old kbn-top-nav directive (elastic#43168) [ML] Fixing cloning of single metric distinct count job (elastic#43435) Update @elastic/charts version 8.1.6 > 9.1.1 (elastic#43516) [Inspector Views] [Request View] - Migrate inspector_views to new platform (elastic#43191) [ML] Adding loading indicators to all wizard charts (elastic#43382) disable flaky test (elastic#43492) feature(code/frontend): cancel file blob and directory commits request if outdated (elastic#43348) fix(code/frontend): button group url should have previous query string (elastic#43428) [SIEM] Fixes index substring incorrectly matching configured indices and failing to install ML job (elastic#43409) [SIEM] Adds performance enhancements such by removing wasted renderers and adding incremental DOM rendering (elastic#43157) disable flaky test (elastic#37859) Added sass lint to Canvas (elastic#43410) [Maps] add indicator when layer is filtered by search bar (elastic#43283) Properly validate current user password during password change. (elastic#43447) Spaces - allow for hex color codes that include uppercase characters (elastic#43470) [Reporting] Add a bit more logging and a few more logging level promotions (elastic#43415) Partially convert index pattern server to typescript (elastic#43291) [Infra UI] Use sum for aggregating AWS metrics. (elastic#43293) [SIEM] Format bytes columns in timeline (elastic#43147) ...
FrankHassanabad
added
release_note:fix
and removed
release_note:skip
FrankHassanabad
changed the title
💔 Build Failed |
Summary
Formats bytes in Timeline and TimelineDetails using the
formatvalue fromgetAllFieldsByNamewith the newPreferenceFormattedBytescomponent. https://github.com/elastic/siem-team/issues/341Before:
After:
Checklist
Use
strikethroughsto remove checklist items you don't feel are applicable to this PR.This was checked for cross-browser compatibility, including a check against IE11Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n supportDocumentation was added for features that require explanation or tutorialsThis was checked for keyboard-only and screenreader accessibilityFor maintainers
This was checked for breaking API changes and was labeled appropriatelyThis includes a feature addition or change that requires a release note and was labeled appropriately