Add cluster filter by default in vulnerabilities dashboard and inventory tab

[jbiset]

Description

This pull request adds the functionality for the vulnerability detector module to use the implicit wazuh.cluster.name filter, both when it is a cluster and when it is a manager, because the vulnerability index pattern template does not have manager.name
The above should only apply to the dashboard and inventory tabs. The Events tab should work with manager.name and cluster.name normally and should have the implicit vulnerability detector rule.groups filter
Additionally, as a result of these changes, the following problems are solved:

• Fixed problem keeping an implicit agent pinned between tabs and when it comes from another pinned module
• Fixed problem so that it does not take the "one of..." type filter as implicit
• The data generation script for vulnerability and the template for testing are updated
• Fixed No Results functionality in Vulnerabilities Dashboard and Inventory
• Use_searchbar_configuration tests are updated accordingly

Issues Resolved

• Add cluster filter by default in vulnerabilities dashboard and inventory tab #6384

Evidence

Vulnerability Dashboard tab

Vulnerability Inventory tab

Vulnerability Events tab

Screen capture evidence

screen-capture-evidence.webm

Test

Note

This test needs to have the vulnerability module activated from appSettings and insert data into the vulnerabilities index using the script dataInjectScript.py which is in scripts/vulnerabilities-events-injector

Steps to test:

• Navigate to Threat intelligence -> Vulnerability Detection
• Check that the Dashboard, Inventory and Events tabs are rendered correctly
• Test the following use cases:
  • Implicit Pinned Agent
    • Pin an agent
    • Change tabs
    • Check that the pinned agent remains as an implicit filter
    • Unpin the agent
    • Check that the agent is not pinned in other tabs either
    • Repeat process but instead of tabs try between modules
      -Normal filters
    • From the Dashboards and Inventory tabs add filters from the searchbar
    • If you switch between the Dashboard and Inventory tabs, the normal filters are maintained
    • If you go to the Events tab, the Dashboard and Inventory filters are not applied since they belong to another index pattern
    • If you add filters in Dashboard or Inventory, then go to Events and return to Dashboard or Inventory, the filters applied first will be maintained
  • Implicit filters
    • When you are in Dashboard or Inventory, the implicit filter wazuh.cluster.name must appear, whether in a manager or a cluster
    • When you go to the Events tab, the implicit filter manager.name/cluster.name is respected and must be maintained as appropriate
    • The implicit filter rule.groups with the value vulnerability-detector should also appear in the Events tab
  • No results
    • When there are no results (you can enter a search that has no results) a sign "No results match your search criteria" should be displayed
    • Having results to show, switching between the Dashboard and Inventory tabs should show them instead of showing the No results banner.
  • Other modules
    • Check the operation in other modules, especially SCA and Office365

Legend:
⚫: none
🟢: pass
🟡: warning
🔴: fail
⚪: not applicable

UI

Test	Chrome	Firefox	Safari
Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is enabled in the server	⚫	⚫	⚫
Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is disabled (manager mode) in the server	⚫	⚫	⚫
With cluster is enabled in the server, navigate from Vaulnerabilities Detection > Dashboard to Events must display the implicits filter of cluster.name and rule.groups:vulnerability-detector	⚫	⚫	⚫
With cluster is disabled in the server, navigate from Vaulnerabilities Detection > Dashboard to Events must display the implicit filter of mananager.name and rule.groups:vulnerability-detector	⚫	⚫	⚫
In Vulnerabilities Detection > Dashboard pins an agent and must add the implicit filter	⚫	⚫	⚫
In Vulnerabilities Detection > Inventory pins an agent and must add the implicit filter	⚫	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Dashboard go to Vulnerabilities Detection > Inventory and keep the filter related to the pinned agent	⚫	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Inventory go to Vulnerabilities Detection > Dashboard and keep the filter related to the pinned agent	⚫	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Inventory and must not display the filter related to the pinned agent	⚫	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent	⚫	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Dashboard and must not display the filter related to the pinned agent	⚫	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent	⚫	⚫	⚫
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Inventory must keep the regular filter.	⚫	⚫	⚫
In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Dashboard must keep the regular filter.	⚫	⚫	⚫
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.	⚫	⚫	⚫
In Vulnerabilities Detection > inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.	⚫	⚫	⚫
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.	⚫	⚫	⚫
In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.	⚫	⚫	⚫
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.	⚫	⚫	⚫
In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.	⚫	⚫	⚫
In Vulnerabilities Detection > Dashboard defines a search that has no results, a sign "No results match your search criteria" should be displayed	⚫	⚫	⚫
In Vulnerabilities Detection > Inventory defines a search that has no results, a sign "No results match your search criteria" should be displayed	⚫	⚫	⚫
In Vulnerabilities Detection > Dashboard defines a search with results, go to Vulnerabilities Detection > Inventory and should not display a sign "No results match your search criteria"	⚫	⚫	⚫
In Vulnerabilities Detection > Invenoty defines a search with results, go to Vulnerabilities Detection > Dashboard and should not display a sign "No results match your search criteria"	⚫	⚫	⚫
Check the operation in other modules, especially SCA and Office365	⚫	⚫	⚫

Details

⚫ Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is enabled in the server

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is disabled (manager mode) in the server

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With cluster is enabled in the server, navigate from Vaulnerabilities Detection > Dashboard to Events must display the implicits filter of cluster.name and rule.groups:vulnerability-detector

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With cluster is disabled in the server, navigate from Vaulnerabilities Detection > Dashboard to Events must display the implicit filter of mananager.name and rule.groups:vulnerability-detector

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Dashboard pins an agent and must add the implicit filter

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Inventory pins an agent and must add the implicit filter

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With a pinned agent in Vulnerabilities Detection > Dashboard go to Vulnerabilities Detection > Inventory and keep the filter related to the pinned agent

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With a pinned agent in Vulnerabilities Detection > Inventory go to Vulnerabilities Detection > Dashboard and keep the filter related to the pinned agent

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Inventory and must not display the filter related to the pinned agent

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Dashboard and must not display the filter related to the pinned agent

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Inventory must keep the regular filter.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Dashboard must keep the regular filter.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Dashboard defines a search that has no results, a sign "No results match your search criteria" should be displayed

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Inventory defines a search that has no results, a sign "No results match your search criteria" should be displayed

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Dashboard defines a search with results, go to Vulnerabilities Detection > Inventory and should not display a sign "No results match your search criteria"

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ In Vulnerabilities Detection > Invenoty defines a search with results, go to Vulnerabilities Detection > Dashboard and should not display a sign "No results match your search criteria"

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ Check the operation in other modules, especially SCA and Office365

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

Check List

• All tests pass
  • yarn test:jest
• New functionality includes testing.
• New functionality has been documented.
• Update CHANGELOG.md
• Commits are signed per the DCO using --signoff

[JuanGarriuz]

Test

Test	Chrome	Firefox	Safari
Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is enabled in the server	🟢	⚫	⚫
Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is disabled (manager mode) in the server	🟢	⚫	⚫
With cluster is enabled in the server, navigate from Vulnerabilities Detection > Dashboard to Events must display the implicits filter of cluster.name and rule.groups:vulnerability-detector	🟢	⚫	⚫
With cluster is disabled in the server, navigate from Vulnerabilities Detection > Dashboard to Events must display the implicit filter of mananager.name and rule.groups:vulnerability-detector	🟢	⚫	⚫
In Vulnerabilities Detection > Dashboard pins an agent and must add the implicit filter	🟢	⚫	⚫
In Vulnerabilities Detection > Inventory pins an agent and must add the implicit filter	🟢	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Dashboard go to Vulnerabilities Detection > Inventory and keep the filter related to the pinned agent	🟢	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Inventory go to Vulnerabilities Detection > Dashboard and keep the filter related to the pinned agent	🟢	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Inventory and must not display the filter related to the pinned agent	🟢	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent	🟢	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Dashboard and must not display the filter related to the pinned agent	🟢	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent	🟢	⚫	⚫
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Inventory must keep the regular filter.	🟢	⚫	⚫
In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Dashboard must keep the regular filter.	🟢	⚫	⚫
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.	🟢	⚫	⚫
In Vulnerabilities Detection > inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.	🟢	⚫	⚫
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.	🟢	⚫	⚫
In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.	🟢	⚫	⚫
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.	🟢	⚫	⚫
In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.	🟢	⚫	⚫
In Vulnerabilities Detection > Dashboard defines a search that has no results, a sign "No results match your search criteria" should be displayed	🟢	⚫	⚫
In Vulnerabilities Detection > Inventory defines a search that has no results, a sign "No results match your search criteria" should be displayed	🟢	⚫	⚫
In Vulnerabilities Detection > Dashboard defines a search with results, go to Vulnerabilities Detection > Inventory and should not display a sign "No results match your search criteria"	🟢	⚫	⚫
In Vulnerabilities Detection > Invenoty defines a search with results, go to Vulnerabilities Detection > Dashboard and should not display a sign "No results match your search criteria"	🟢	⚫	⚫
Check the operation in other modules, especially SCA and Office365	🟢	⚫	⚫

Details

🟢 Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is enabled in the server

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is disabled (manager mode) in the server

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With cluster is enabled in the server, navigate from Vulnerabilities Detection > Dashboard to Events must display the implicit filter of cluster.name and rule.groups:vulnerability-detector

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With cluster is disabled in the server, navigate from Vulnerabilities Detection > Dashboard to Events must display the implicit filter of manager.name and rule.groups:vulnerability-detector

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Dashboard pins an agent and must add the implicit filter

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Inventory pins an agent and must add the implicit filter

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢With a pinned agent in Vulnerabilities Detection > Dashboard go to Vulnerabilities Detection > Inventory and keep the filter related to the pinned agent

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With a pinned agent in Vulnerabilities Detection > Inventory go to Vulnerabilities Detection > Dashboard and keep the filter related to the pinned agent

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Inventory and must not display the filter related to the pinned agent

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Dashboard and must not display the filter related to the pinned agent

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Inventory must keep the regular filter.

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Dashboard must keep the regular filter.

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Dashboard defines a search that has no results, a sign "No results match your search criteria" should be displayed

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Inventory defines a search that has no results, a sign "No results match your search criteria" should be displayed

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Dashboard defines a search with results, go to Vulnerabilities Detection > Inventory and should not display a sign "No results match your search criteria"

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Invenoty defines a search with results, go to Vulnerabilities Detection > Dashboard and should not display a sign "No results match your search criteria"

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 Check the operation in other modules, especially SCA and Office365

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

[Desvelao]

UI

Test	Chrome	Firefox	Safari
Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is enabled in the server	🟢	⚫	⚫
Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is disabled (manager mode) in the server	🟢	⚫	⚫
With cluster is enabled in the server, navigate from Vulnerabilities Detection > Dashboard to Events must display the implicits filter of cluster.name and rule.groups:vulnerability-detector	🟢	⚫	⚫
With cluster is disabled in the server, navigate from Vulnerabilities Detection > Dashboard to Events must display the implicit filter of manager.name and rule.groups:vulnerability-detector	🟡	⚫	⚫
In Vulnerabilities Detection > Dashboard pins an agent and must add the implicit filter	🟢	⚫	⚫
In Vulnerabilities Detection > Inventory pins an agent and must add the implicit filter	🟢	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Dashboard go to Vulnerabilities Detection > Inventory and keep the filter related to the pinned agent	🟢	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Inventory go to Vulnerabilities Detection > Dashboard and keep the filter related to the pinned agent	🟢	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Inventory and must not display the filter related to the pinned agent	🟢	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent	🟢	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Dashboard and must not display the filter related to the pinned agent	🟢	⚫	⚫
With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent	🟢	⚫	⚫
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Inventory must keep the regular filter.	🟡	⚫	⚫
In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Dashboard must keep the regular filter.	🟡	⚫	⚫
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.	🟢	⚫	⚫
In Vulnerabilities Detection > inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.	🟢	⚫	⚫
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.	🟢	⚫	⚫
In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.	🟡	⚫	⚫
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.	🟡	⚫	⚫
In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.	🟡	⚫	⚫
In Vulnerabilities Detection > Dashboard defines a search that has no results, a sign "No results match your search criteria" should be displayed	🟢	⚫	⚫
In Vulnerabilities Detection > Inventory defines a search that has no results, a sign "No results match your search criteria" should be displayed	🟢	⚫	⚫
In Vulnerabilities Detection > Dashboard defines a search with results, go to Vulnerabilities Detection > Inventory and should not display a sign "No results match your search criteria"	🟢	⚫	⚫
In Vulnerabilities Detection > Invenoty defines a search with results, go to Vulnerabilities Detection > Dashboard and should not display a sign "No results match your search criteria"	🟢	⚫	⚫
Check the operation in other modules, especially SCA and Office365	🟢	⚫	⚫

Details

🟢 Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is enabled in the server

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is disabled (manager mode) in the server

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟡 With cluster is enabled in the server, navigate from Vulnerabilities Detection > Dashboard to Events must display the implicits filter of cluster.name and rule.groups:vulnerability-detector

Chrome - 🟡

Firefox - ⚫

Safari - ⚫

🟢 With cluster is disabled in the server, navigate from Vulnerabilities Detection > Dashboard to Events must display the implicit filter of manager.name and rule.groups:vulnerability-detector

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Dashboard pins an agent and must add the implicit filter

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Inventory pins an agent and must add the implicit filter

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With a pinned agent in Vulnerabilities Detection > Dashboard go to Vulnerabilities Detection > Inventory and keep the filter related to the pinned agent

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With a pinned agent in Vulnerabilities Detection > Inventory go to Vulnerabilities Detection > Dashboard and keep the filter related to the pinned agent

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Inventory and must not display the filter related to the pinned agent

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Dashboard and must not display the filter related to the pinned agent

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟡 In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Inventory must keep the regular filter.

Chrome - 🟡

The regular filter is displayed in a different order.

Firefox - ⚫

Safari - ⚫

🟡 In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Dashboard must keep the regular filter.

Chrome - 🟡

The regular filter is displayed in a different order.

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟡 In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.

Chrome - 🟡

The regular filter is displayed in a different order.

Firefox - ⚫

Safari - ⚫

🟡 In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.

Chrome - 🟡

Firefox - ⚫

Safari - ⚫

🟡 In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.

Chrome - 🟡

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Dashboard defines a search that has no results, a sign "No results match your search criteria" should be displayed

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Inventory defines a search that has no results, a sign "No results match your search criteria" should be displayed

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Dashboard defines a search with results, go to Vulnerabilities Detection > Inventory and should not display a sign "No results match your search criteria"

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 In Vulnerabilities Detection > Invenoty defines a search with results, go to Vulnerabilities Detection > Dashboard and should not display a sign "No results match your search criteria"

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

🟢 Check the operation in other modules, especially SCA and Office365

Chrome - 🟢

Firefox - ⚫

Safari - ⚫

[Desvelao]

Rare findings

Value stored in the session storage with data related to the alerts and vulnerabilities index pattern, that seems to be a filter:

Request related to alerts index pattern (found by @JuanGarriuz):

[asteriscos]

Test

Test	Chrome
Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is enabled in the server	🟢
Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is disabled (manager mode) in the server	🟢
With cluster is enabled in the server, navigate from Vulnerabilities Detection > Dashboard to Events must display the implicit filter of cluster.name and rule.groups:vulnerability-detector	🟢
With cluster is disabled in the server, navigate from Vulnerabilities Detection > Dashboard to Events must display the implicit filter of mananager.name and rule.groups:vulnerability-detector	🟢
In Vulnerabilities Detection > Dashboard pins an agent and must add the implicit filter	🟢
In Vulnerabilities Detection > Inventory pins an agent and must add the implicit filter	🟢
With a pinned agent in Vulnerabilities Detection > Dashboard go to Vulnerabilities Detection > Inventory and keep the filter related to the pinned agent	🟢
With a pinned agent in Vulnerabilities Detection > Inventory go to Vulnerabilities Detection > Dashboard and keep the filter related to the pinned agent	🟢
With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Inventory and must not display the filter related to the pinned agent	🟢
With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent	🟢
With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Dashboard and must not display the filter related to the pinned agent	🟢
With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent	🟢
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Inventory must keep the regular filter.	🟢
In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Dashboard must keep the regular filter.	🟢
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.	🟢
In Vulnerabilities Detection > inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.	🟢
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.	🟢
In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.	🟢
In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.	🟢
In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.	🟢
In Vulnerabilities Detection > Dashboard defines a search that has no results, a sign "No results match your search criteria" should be displayed	🟢
In Vulnerabilities Detection > Inventory defines a search that has no results, a sign "No results match your search criteria" should be displayed	🟢
In Vulnerabilities Detection > Dashboard defines a search with results, go to Vulnerabilities Detection > Inventory and should not display a sign "No results match your search criteria"	🟢
In Vulnerabilities Detection > Inventory defines a search with results, go to Vulnerabilities Detection > Dashboard and should not display a sign "No results match your search criteria"	🟢
Check the operation in other modules, especially SCA and Office365	🟢

Details

🟢 Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is enabled in the server

Chrome - 🟢

🟢 Vulnerability Detection > Dashboard must define the cluster filter using wazuh.cluster.name when the cluster is disabled (manager mode) in the server

Chrome - 🟢

🟢 With cluster is enabled in the server, navigate from Vulnerabilities Detection > Dashboard to Events must display the implicit filter of cluster.name and rule.groups:vulnerability-detector

Chrome - 🟢

🟢 With cluster is disabled in the server, navigate from Vulnerabilities Detection > Dashboard to Events must display the implicit filter of manager.name and rule.groups:vulnerability-detector

Chrome - 🟢

🟢 In Vulnerabilities Detection > Dashboard pins an agent and must add the implicit filter

Chrome - 🟢

🟢 In Vulnerabilities Detection > Inventory pins an agent and must add the implicit filter

Chrome - 🟢

🟢 With a pinned agent in Vulnerabilities Detection > Dashboard go to Vulnerabilities Detection > Inventory and keep the filter related to the pinned agent

Chrome - 🟢

🟢 With a pinned agent in Vulnerabilities Detection > Inventory go to Vulnerabilities Detection > Dashboard and keep the filter related to the pinned agent

Chrome - 🟢

🟢 With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Inventory and must not display the filter related to the pinned agent

Chrome - 🟢

🟢 With a pinned agent in Vulnerabilities Detection > Dashboard, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent

Chrome - 🟢

🟢 With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Dashboard and must not display the filter related to the pinned agent

Chrome - 🟢

🟢 With a pinned agent in Vulnerabilities Detection > Inventory, unpin the agent, go to Vulnerabilities Detection > Events and must not display the filter related to the pinned agent

Chrome - 🟢

🟢 In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Inventory must keep the regular filter.

Chrome - 🟢

🟢 In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Dashboard must keep the regular filter.

Chrome - 🟢

🟢 In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.

Chrome - 🟢

🟢 In Vulnerabilities Detection > inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events must not keep the regular filter.

Chrome - 🟢

🟢 In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.

Chrome - 🟢

🟢 In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.

Chrome - 🟢

🟢 In Vulnerabilities Detection > Dashboard, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Inventory, and keep the filter you added previously in this view.

Chrome - 🟢

🟢 In Vulnerabilities Detection > Inventory, add a regular filter (query or filter) and go to Vulnerabilities Detection > Events, go back to Vulnerabilities Detection > Dashboard, and keep the filter you added previously in this view.

Chrome - 🟢

🟢 In Vulnerabilities Detection > Dashboard defines a search that has no results, a sign "No results match your search criteria" should be displayed

Chrome - 🟢

🟢 In Vulnerabilities Detection > Inventory defines a search that has no results, a sign "No results match your search criteria" should be displayed

Chrome - 🟢

🟢 In Vulnerabilities Detection > Dashboard defines a search with results, go to Vulnerabilities Detection > Inventory and should not display a sign "No results match your search criteria"

Chrome - 🟢

🟢 In Vulnerabilities Detection > Inventory defines a search with results, go to Vulnerabilities Detection > Dashboard and should not display a sign "No results match your search criteria"

Chrome - 🟢

🟢 Check the operation in other modules, especially SCA and Office365

Chrome - 🟢

[Desvelao]

LGTM!

[github-actions]

Wazuh Check Updates plugin code coverage (Jest) test	%	values
Statements	76.78%	( 172 / 224 )
Branches	58.65%	( 61 / 104 )
Functions	61.7%	( 29 / 47 )
Lines	76.78%	( 172 / 224 )

[github-actions]

Wazuh Core plugin code coverage (Jest) test	%	values
Statements	20.89%	( 186 / 890 )
Branches	17.91%	( 79 / 441 )
Functions	13.89%	( 36 / 259 )
Lines	21.1%	( 183 / 867 )

[github-actions]

Main plugin code coverage (Jest) test	%	values
Statements	12.15%	( 4207 / 34598 )
Branches	8.21%	( 1907 / 23222 )
Functions	11.6%	( 956 / 8235 )
Lines	12.33%	( 4093 / 33192 )