From 494aa9cc8e02e2d9c039fc95b09b78cb7674e2f4 Mon Sep 17 00:00:00 2001 From: christineweng <18648970+christineweng@users.noreply.github.com> Date: Mon, 7 Nov 2022 14:57:00 -0600 Subject: [PATCH] [Security Solution][Analyzer] Fix graph overlay persist despite filter group changes (#144291) * [Security Solution][Resolver] bug fix - added filter status check to disable graph overlay * update reference to existing status type --- .../timeline/events/all/index.ts | 3 +- .../components/t_grid/integrated/index.tsx | 1 + .../timelines/public/container/index.tsx | 35 ++++++++++++++++--- 3 files changed, 33 insertions(+), 6 deletions(-) diff --git a/x-pack/plugins/timelines/common/search_strategy/timeline/events/all/index.ts b/x-pack/plugins/timelines/common/search_strategy/timeline/events/all/index.ts index 8e50d6db48f2..9f1dec9a2737 100644 --- a/x-pack/plugins/timelines/common/search_strategy/timeline/events/all/index.ts +++ b/x-pack/plugins/timelines/common/search_strategy/timeline/events/all/index.ts @@ -12,7 +12,7 @@ import type { IEsSearchResponse } from '@kbn/data-plugin/common'; import type { Ecs } from '../../../../ecs'; import type { CursorType, Inspect, Maybe, PaginationInputPaginated } from '../../../common'; import type { TimelineRequestOptionsPaginated } from '../..'; - +import type { AlertStatus } from '../../../../types/timeline'; export interface TimelineEdges { node: TimelineItem; cursor: CursorType; @@ -45,4 +45,5 @@ export interface TimelineEventsAllRequestOptions extends TimelineRequestOptionsP fields: string[] | Array<{ field: string; include_unmapped: boolean }>; language: 'eql' | 'kuery' | 'lucene'; runtimeMappings: MappingRuntimeFields; + filterStatus?: AlertStatus; } diff --git a/x-pack/plugins/timelines/public/components/t_grid/integrated/index.tsx b/x-pack/plugins/timelines/public/components/t_grid/integrated/index.tsx index f27a76fb4e55..c6b2c4e9c1a1 100644 --- a/x-pack/plugins/timelines/public/components/t_grid/integrated/index.tsx +++ b/x-pack/plugins/timelines/public/components/t_grid/integrated/index.tsx @@ -263,6 +263,7 @@ const TGridIntegratedComponent: React.FC = ({ skip: !canQueryTimeline, sort: sortField, startDate: start, + filterStatus, }); useEffect(() => { diff --git a/x-pack/plugins/timelines/public/container/index.tsx b/x-pack/plugins/timelines/public/container/index.tsx index bae9f5729bc1..3445f961e0b2 100644 --- a/x-pack/plugins/timelines/public/container/index.tsx +++ b/x-pack/plugins/timelines/public/container/index.tsx @@ -4,7 +4,6 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ - import type { AlertConsumers } from '@kbn/rule-data-utils'; import deepEqual from 'fast-deep-equal'; import { isEmpty, isString, noop } from 'lodash/fp'; @@ -13,10 +12,15 @@ import { useDispatch } from 'react-redux'; import { Subscription } from 'rxjs'; import { MappingRuntimeFields } from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; import type { DataView } from '@kbn/data-views-plugin/public'; - import type { DataPublicPluginStart } from '@kbn/data-plugin/public'; import { isCompleteResponse, isErrorResponse } from '@kbn/data-plugin/common'; -import { clearEventsLoading, clearEventsDeleted, setTableUpdatedAt } from '../store/t_grid/actions'; + +import { + clearEventsLoading, + clearEventsDeleted, + setTableUpdatedAt, + updateGraphEventId, +} from '../store/t_grid/actions'; import { Direction, TimelineFactoryQueryTypes, @@ -34,7 +38,7 @@ import type { TimelineRequestSortField, } from '../../common/search_strategy'; import type { ESQuery } from '../../common/typed_json'; -import type { KueryFilterQueryKind } from '../../common/types/timeline'; +import type { KueryFilterQueryKind, AlertStatus } from '../../common/types/timeline'; import { useAppToasts } from '../hooks/use_app_toasts'; import { TableId } from '../store/t_grid/types'; import * as i18n from './translations'; @@ -82,6 +86,7 @@ export interface UseTimelineEventsProps { sort?: TimelineRequestSortField[]; startDate: string; timerangeKind?: 'absolute' | 'relative'; + filterStatus?: AlertStatus; } const createFilter = (filterQuery: ESQuery | string | undefined) => @@ -154,6 +159,7 @@ export const useTimelineEvents = ({ skip = false, timerangeKind, data, + filterStatus, }: UseTimelineEventsProps): [boolean, TimelineArgs] => { const dispatch = useDispatch(); const { startTracking } = useApmTracking(id); @@ -165,6 +171,7 @@ export const useTimelineEvents = ({ const [timelineRequest, setTimelineRequest] = useState | null>( null ); + const [prevFilterStatus, setFilterStatus] = useState(filterStatus); const prevTimelineRequest = useRef | null>(null); const clearSignalsState = useCallback(() => { @@ -259,6 +266,10 @@ export const useTimelineEvents = ({ setUpdated(newTimelineResponse.updatedAt); return newTimelineResponse; }); + if (prevFilterStatus !== request.filterStatus) { + dispatch(updateGraphEventId({ id, graphEventId: '' })); + } + setFilterStatus(request.filterStatus); setLoading(false); searchSubscription$.current.unsubscribe(); @@ -284,7 +295,18 @@ export const useTimelineEvents = ({ asyncSearch(); refetch.current = asyncSearch; }, - [skip, data, entityType, dataViewId, setUpdated, addWarning, startTracking] + [ + skip, + data, + entityType, + dataViewId, + setUpdated, + addWarning, + startTracking, + dispatch, + id, + prevFilterStatus, + ] ); useEffect(() => { @@ -300,6 +322,7 @@ export const useTimelineEvents = ({ sort: prevRequest?.sort ?? initSortDefault, timerange: prevRequest?.timerange ?? {}, runtimeMappings: prevRequest?.runtimeMappings ?? {}, + filterStatus: prevRequest?.filterStatus, }; const currentSearchParameters = { @@ -339,6 +362,7 @@ export const useTimelineEvents = ({ from: startDate, to: endDate, }, + filterStatus, }; if (activePage !== newActivePage) { @@ -364,6 +388,7 @@ export const useTimelineEvents = ({ sort, fields, runtimeMappings, + filterStatus, ]); useEffect(() => {