-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[SIEM] Detections create prepackage rules (#55403)
* update extra action on rule detail to match design * remove experimental label * allow pre-package to be deleted + do not allow wrong user to create pre-packages rules * Additional look back minimum value to 1 * fix flow with edit rule * add success toaster when rule is created or updated * Fix Timeline selector loading * review ben doc + change detectin engine to detection even in url * Succeeded text size consistency in rule details page * fix description of threats * fix test * fix type * fix internatinalization * adding pre-packaged rules * fix bug + enhance ux * unified icon * fix i18n * fix bugs * review I * review II * add border back
- Loading branch information
Showing
22 changed files
with
870 additions
and
364 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
81 changes: 0 additions & 81 deletions
81
...egacy/plugins/siem/public/containers/detection_engine/rules/use_create_packaged_rules.tsx
This file was deleted.
Oops, something went wrong.
166 changes: 166 additions & 0 deletions
166
...k/legacy/plugins/siem/public/containers/detection_engine/rules/use_pre_packaged_rules.tsx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,166 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License; | ||
* you may not use this file except in compliance with the Elastic License. | ||
*/ | ||
|
||
import { useEffect, useState, useRef } from 'react'; | ||
|
||
import { useStateToaster, displaySuccessToast } from '../../../components/toasters'; | ||
import { errorToToaster } from '../../../components/ml/api/error_to_toaster'; | ||
import { getPrePackagedRulesStatus, createPrepackagedRules } from './api'; | ||
import * as i18n from './translations'; | ||
|
||
type Func = () => void; | ||
export type CreatePreBuiltRules = () => Promise<boolean>; | ||
interface Return { | ||
createPrePackagedRules: null | CreatePreBuiltRules; | ||
loading: boolean; | ||
loadingCreatePrePackagedRules: boolean; | ||
refetchPrePackagedRulesStatus: Func | null; | ||
rulesInstalled: number | null; | ||
rulesNotInstalled: number | null; | ||
rulesNotUpdated: number | null; | ||
} | ||
|
||
interface UsePrePackagedRuleProps { | ||
canUserCRUD: boolean | null; | ||
hasIndexManage: boolean | null; | ||
hasManageApiKey: boolean | null; | ||
isAuthenticated: boolean | null; | ||
isSignalIndexExists: boolean | null; | ||
} | ||
|
||
/** | ||
* Hook for using to get status about pre-packaged Rules from the Detection Engine API | ||
* | ||
* @param hasIndexManage boolean | ||
* @param hasManageApiKey boolean | ||
* @param isAuthenticated boolean | ||
* @param isSignalIndexExists boolean | ||
* | ||
*/ | ||
export const usePrePackagedRules = ({ | ||
canUserCRUD, | ||
hasIndexManage, | ||
hasManageApiKey, | ||
isAuthenticated, | ||
isSignalIndexExists, | ||
}: UsePrePackagedRuleProps): Return => { | ||
const [rulesInstalled, setRulesInstalled] = useState<number | null>(null); | ||
const [rulesNotInstalled, setRulesNotInstalled] = useState<number | null>(null); | ||
const [rulesNotUpdated, setRulesNotUpdated] = useState<number | null>(null); | ||
const [loadingCreatePrePackagedRules, setLoadingCreatePrePackagedRules] = useState(false); | ||
const [loading, setLoading] = useState(true); | ||
const createPrePackagedRules = useRef<null | CreatePreBuiltRules>(null); | ||
const refetchPrePackagedRules = useRef<Func | null>(null); | ||
const [, dispatchToaster] = useStateToaster(); | ||
|
||
useEffect(() => { | ||
let isSubscribed = true; | ||
const abortCtrl = new AbortController(); | ||
|
||
const fetchPrePackagedRules = async () => { | ||
try { | ||
setLoading(true); | ||
const prePackagedRuleStatusResponse = await getPrePackagedRulesStatus({ | ||
signal: abortCtrl.signal, | ||
}); | ||
|
||
if (isSubscribed) { | ||
setRulesInstalled(prePackagedRuleStatusResponse.rules_installed); | ||
setRulesNotInstalled(prePackagedRuleStatusResponse.rules_not_installed); | ||
setRulesNotUpdated(prePackagedRuleStatusResponse.rules_not_updated); | ||
} | ||
} catch (error) { | ||
if (isSubscribed) { | ||
setRulesInstalled(null); | ||
setRulesNotInstalled(null); | ||
setRulesNotUpdated(null); | ||
errorToToaster({ title: i18n.RULE_FETCH_FAILURE, error, dispatchToaster }); | ||
} | ||
} | ||
if (isSubscribed) { | ||
setLoading(false); | ||
} | ||
}; | ||
|
||
const createElasticRules = async (): Promise<boolean> => { | ||
return new Promise(async resolve => { | ||
try { | ||
if ( | ||
canUserCRUD && | ||
hasIndexManage && | ||
hasManageApiKey && | ||
isAuthenticated && | ||
isSignalIndexExists | ||
) { | ||
setLoadingCreatePrePackagedRules(true); | ||
await createPrepackagedRules({ | ||
signal: abortCtrl.signal, | ||
}); | ||
|
||
if (isSubscribed) { | ||
let iterationTryOfFetchingPrePackagedCount = 0; | ||
let timeoutId = -1; | ||
const stopTimeOut = () => { | ||
if (timeoutId !== -1) { | ||
window.clearTimeout(timeoutId); | ||
} | ||
}; | ||
const reFetch = () => | ||
window.setTimeout(async () => { | ||
iterationTryOfFetchingPrePackagedCount = | ||
iterationTryOfFetchingPrePackagedCount + 1; | ||
const prePackagedRuleStatusResponse = await getPrePackagedRulesStatus({ | ||
signal: abortCtrl.signal, | ||
}); | ||
if ( | ||
isSubscribed && | ||
((prePackagedRuleStatusResponse.rules_not_installed === 0 && | ||
prePackagedRuleStatusResponse.rules_not_updated === 0) || | ||
iterationTryOfFetchingPrePackagedCount > 100) | ||
) { | ||
setLoadingCreatePrePackagedRules(false); | ||
setRulesInstalled(prePackagedRuleStatusResponse.rules_installed); | ||
setRulesNotInstalled(prePackagedRuleStatusResponse.rules_not_installed); | ||
setRulesNotUpdated(prePackagedRuleStatusResponse.rules_not_updated); | ||
displaySuccessToast(i18n.RULE_PREPACKAGED_SUCCESS, dispatchToaster); | ||
stopTimeOut(); | ||
resolve(true); | ||
} else { | ||
timeoutId = reFetch(); | ||
} | ||
}, 300); | ||
timeoutId = reFetch(); | ||
} | ||
} | ||
} catch (error) { | ||
if (isSubscribed) { | ||
setLoadingCreatePrePackagedRules(false); | ||
errorToToaster({ title: i18n.RULE_PREPACKAGED_FAILURE, error, dispatchToaster }); | ||
resolve(false); | ||
} | ||
} | ||
}); | ||
}; | ||
|
||
fetchPrePackagedRules(); | ||
createPrePackagedRules.current = createElasticRules; | ||
refetchPrePackagedRules.current = fetchPrePackagedRules; | ||
return () => { | ||
isSubscribed = false; | ||
abortCtrl.abort(); | ||
}; | ||
}, [canUserCRUD, hasIndexManage, hasManageApiKey, isAuthenticated, isSignalIndexExists]); | ||
|
||
return { | ||
loading, | ||
loadingCreatePrePackagedRules, | ||
refetchPrePackagedRulesStatus: refetchPrePackagedRules.current, | ||
rulesInstalled, | ||
rulesNotInstalled, | ||
rulesNotUpdated, | ||
createPrePackagedRules: createPrePackagedRules.current, | ||
}; | ||
}; |
Oops, something went wrong.