Integrity monitoring files detail view

[juankaromo]

Hi team,

We are going to implement a new view, using a Flyout component, to see the detail of a monitored FIM file.

In it, we are going to show the details of the file, besides a history of alerts that happened in that file.

To make this history, a component that can be reused by other modules in the future will be made.

The result has to be this:

Regards,

[Joanes04]

Update

We have added, in the detail view, some fields that can be clicked to add a filter to the FIM file table. The operation is as seen in the GIF:

[pablotr9]

Update

FIM table, we can now click in a file to get extra detail, these extra details can be divided in 2 different sections:

1. File details:
   All details from the API requests 'GET /syscheck/<AGENT_ID>' are shown
   

2. Related alerts:
   It lists the related alerts of that file, we can add new filters or change the date range to filter these alerts:
   
   We can also expand these new alerts to check its information: Table (syscheck alerts), JSON (it shows the full alert JSON) and Rule (It shows rule data like location, level, compliance)
   

To do that we have adapted our backend method to make requests to Elasticsearch ( POST /elastic/alerts ).
The method now accepts both Elasticsearch bool query and a list of key:values filters, this is how the new method looks like:

  POST /elastic/alerts
   {
     elasticQuery: {bool: {must: [], filter: [{match_all: {}}], should: [], must_not: []}}
     filters: [{rule.groups: "syscheck"}, {agent.id: "001"} ]
     from: "now-1y"
     to: "now"
     offset: 0
     pattern: "wazuh-alerts-3.x-*"
     sort: {timestamp: {order: "asc"}}
   }