Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SIEM] [Cases] External service selection per case #64775

Merged
merged 47 commits into from
May 5, 2020
Merged

[SIEM] [Cases] External service selection per case #64775

merged 47 commits into from
May 5, 2020

Conversation

stephmilovic
Copy link
Contributor

@stephmilovic stephmilovic commented Apr 29, 2020
edited
Loading

Summary

External service selection in the case view (multiple connector support)

The case begins with the default external service connected. The user can now change the service from the case page on a per case basis:
c1

The can also remove the option for the case to have a connector entirely:
c2

Here is 40 seconds of Case interaction, changing external services and pushing to each. Notice the "requires updates" are accurate with push data:
bbbbb

Also adjusted/added columns in the all_cases table
Screen Shot 2020-04-30 at 3 21 21 PM

Checklist

Delete any items that are not applicable to this PR.

@stephmilovic
wip
74534fa
@stephmilovic
logs
ab037ff
@stephmilovic
Merge branch 'master' into connector-selection-case
f803e30
@stephmilovic
Merge branch 'master' into connector-selection-case
6cc292c
@stephmilovic
add connector selector to case view
f34c722
@stephmilovic
connected to current selector
7fd93b2
@stephmilovic
refactor configure cases
ba3976c
@stephmilovic
?
8823b2d
@stephmilovic
fixingish
7352699
@stephmilovic
fixed
85414df
@stephmilovic
more cleanup
9fcdc45
@stephmilovic
more cleanup
ea7390f
@stephmilovic
more cleanup
1ff3926
@stephmilovic
merged in configure refactor
c6355d3
@stephmilovic
reset configure_cases/index to match with PR
c8b6ff8
@stephmilovic
add connector id to case data
7747c54
@stephmilovic
more work for connectorId
8e092ec
@stephmilovic
fixed connectorId
f6ba967
@stephmilovic
fix unsaved changes bug
b523948
@stephmilovic
Merge branch 'use-configure-refactor' into connector-selection-case
03aca05
@stephmilovic
button and dropdown now connected to case.connectorId
7f4fe94
@stephmilovic
button/dropdown conenected
b0ed184
@stephmilovic
merge master
0870ec4
@stephmilovic
cleanup
18e1503
@stephmilovic
user action enabled for connector_id
09c7cbf
@stephmilovic
this commit is late
6099f46
@stephmilovic
by golly it works
366b3ad
@stephmilovic
tf no ver
9c30d90
@stephmilovic
big master merge
7607a8e
@stephmilovic
decision time
fc0183e
@stephmilovic stephmilovic changed the title [SIEM] [Cases] [skip-ci] External service selection per case [SIEM] [Cases] External service selection per case Apr 30, 2020
@stephmilovic stephmilovic marked this pull request as ready for review April 30, 2020 21:39
@stephmilovic stephmilovic requested review from a team as code owners April 30, 2020 21:39
XavierM
XavierM reviewed May 4, 2020
View reviewed changes
x-pack/plugins/case/server/routes/api/cases/find_cases.test.ts
expect(response.status).toEqual(200);
expect(response.payload.cases[0].connector_id).toEqual('none');
});
it(`adds default connector id to cases without when 3rd party configured`, async () => {
Copy link
Contributor

@XavierM XavierM May 4, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit -> we can get one more test to male make sure we get the connector_id if there is one.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I will apply to all the tests that applied if you agree

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the test should female sure we get the connector_id because the future is female

cnasikas
cnasikas reviewed May 4, 2020
View reviewed changes
x-pack/plugins/case/common/api/cases/user_actions.ts
@@ -14,6 +14,7 @@ import { UserRT } from '../user';
const UserActionFieldRt = rt.array(
rt.union([
rt.literal('comment'),
rt.literal('connector_id'),
Copy link
Member

@cnasikas cnasikas May 4, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit -> I think is better to describe the action as connector.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

but we are really updating the connector_id field

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i'd like to leave it. its updating the field connector_id, there is no field connector

Copy link
Member

@cnasikas cnasikas May 4, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok! I am not against it. For the sake of argument this is a verb that describes an action, not a field. So the user creates a comment, updates the description, updates the connector etc.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lol, maybe I did not do that correctly but the goal here was to be a field ;)

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cnasikas
cnasikas approved these changes May 5, 2020
View reviewed changes
Copy link
Member

@cnasikas cnasikas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!! Excellent work. Can't wait to see how our PRs will work together :)

@stephmilovic stephmilovic merged commit ed641ed into elastic:master May 5, 2020
@stephmilovic stephmilovic mentioned this pull request May 5, 2020
Merged
stephmilovic added a commit to stephmilovic/kibana that referenced this pull request May 5, 2020
@stephmilovic
[SIEM] [Cases] External service selection per case (elastic#64775)
19d30bc
stephmilovic added a commit that referenced this pull request May 5, 2020
@stephmilovic
[SIEM] [Cases] External service selection per case (#64775) (#65258)
4b4bab7
gmmorris added a commit to gmmorris/kibana that referenced this pull request May 5, 2020
@gmmorris
Merge branch 'master' into alerting/lazy-load-actions
93eaa01 
* master: (133 commits)
  Cleanup Typescript index pattern field editor / Expression functions for bucket agg (elastic#65254)
  Removes legacy infra plugin and moves saved objects registration to NP (elastic#64848)
  Added support for docLinks plugin in Connectors forms and missing save capabilities for modal dialog (elastic#64986)
  [SIEM] Removes prebuilt rules number dependency (elastic#65128)
  [Maps] add categorical palettes with 20 and 30 categories (elastic#64701)
  [CI] Slack alerts - Elasticsearch snapshot failures (elastic#64724)
  [Uptime] Console errors in case index missing (elastic#65115)
  [SIEM][CASE] Dynamic fields mapping based on connector (elastic#64412)
  [test/functional] Tsfy page objects (elastic#64887)
  [Maps] [Telemetry] Track geo_point and geo_shape index patterns separately (elastic#65195)
  [Maps] Add global fit to data (elastic#64702)
  Visualize: Reload on ui state change and fix ui state for tsvb (elastic#63699)
  [SIEM] [Cases] External service selection per case (elastic#64775)
  [Uptime] Set ML anomaly look-back to 2w (from 24h) / Add spinner (elastic#65055)
  [Metrics UI] Remove APM Hard Dependency (elastic#64952)
  [Ingest] Datastream list: add icons and dashboard links (elastic#65048)
  disable plugins. they could access ES via SO repository (elastic#65242)
  Feature fleet enrollment instructions (elastic#65176)
  [SIEM] Adds 'Configure connector' Cypress test (elastic#64807)
  [TSVB] Fix std deviation band mode (elastic#64413)
  ...
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@XavierM XavierM XavierM left review comments

@cnasikas cnasikas cnasikas approved these changes

Assignees
No one assigned
Labels
release_note:skip Skip the PR/issue when compiling release notes Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.8.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@stephmilovic @elasticmachine @kibanamachine @XavierM @cnasikas @MindyRS