[Security Solution]Incorrect detection alert list apear on searching event in search bar under individual Rule page #98283
Assignees
Labels
bug
Fixes for quality problems that affect the customer experience
fixed
impact:critical
This issue should be addressed immediately due to a critical level of impact on the product.
QA:Validated
Issue has been validated by QA
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
v7.14.0
Comments
ghost
added
bug
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
MadameSheema
added
triage_needed
v7.13.0
impact:high
3 tasks
|
Updating this along with the recent PR fix we put up (#99442), this is a bug happening throughout the Security app, not just the detections page, and occurs when invalid KQL is submitted through the search bar. Just in case other errors come through due to the same issue on other pages (Hosts, Host details, etc.) |
andrew-goldstein
pushed a commit
that referenced
this issue
Jun 30, 2021
## Summary Addresses #98283 Currently, our method of converting KQL to Elasticsearch queries silently suppresses errors bubbled up by ES and returns an empty query string. This makes it so the entire query, including filters, etc. gets wiped out and potentially incorrect data is displayed. This PR addresses that by bubbling up the errors and putting them in a toast component as well as cancelling any request that was made with the invalid query so that incorrect data is never fetched.  ### Checklist Delete any items that are not applicable to this PR. - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
andrew-goldstein
pushed a commit
to andrew-goldstein/kibana
that referenced
this issue
Jun 30, 2021
## Summary Addresses elastic#98283 Currently, our method of converting KQL to Elasticsearch queries silently suppresses errors bubbled up by ES and returns an empty query string. This makes it so the entire query, including filters, etc. gets wiped out and potentially incorrect data is displayed. This PR addresses that by bubbling up the errors and putting them in a toast component as well as cancelling any request that was made with the invalid query so that incorrect data is never fetched.  ### Checklist Delete any items that are not applicable to this PR. - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
andrew-goldstein
pushed a commit
to andrew-goldstein/kibana
that referenced
this issue
Jun 30, 2021
## Summary Addresses elastic#98283 Currently, our method of converting KQL to Elasticsearch queries silently suppresses errors bubbled up by ES and returns an empty query string. This makes it so the entire query, including filters, etc. gets wiped out and potentially incorrect data is displayed. This PR addresses that by bubbling up the errors and putting them in a toast component as well as cancelling any request that was made with the invalid query so that incorrect data is never fetched.  ### Checklist Delete any items that are not applicable to this PR. - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
andrew-goldstein
added a commit
that referenced
this issue
Jun 30, 2021
## Summary Addresses #98283 Currently, our method of converting KQL to Elasticsearch queries silently suppresses errors bubbled up by ES and returns an empty query string. This makes it so the entire query, including filters, etc. gets wiped out and potentially incorrect data is displayed. This PR addresses that by bubbling up the errors and putting them in a toast component as well as cancelling any request that was made with the invalid query so that incorrect data is never fetched.  ### Checklist Delete any items that are not applicable to this PR. - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) Co-authored-by: Davis Plumlee <[email protected]>
andrew-goldstein
added a commit
that referenced
this issue
Jun 30, 2021
## Summary Addresses #98283 Currently, our method of converting KQL to Elasticsearch queries silently suppresses errors bubbled up by ES and returns an empty query string. This makes it so the entire query, including filters, etc. gets wiped out and potentially incorrect data is displayed. This PR addresses that by bubbling up the errors and putting them in a toast component as well as cancelling any request that was made with the invalid query so that incorrect data is never fetched.  ### Checklist Delete any items that are not applicable to this PR. - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) Co-authored-by: Davis Plumlee <[email protected]>
|
@karanbirsingh-qasource please retest. Fix was merged #99442. |
|
@karanbirsingh-qasource please check the fix of the issue on BC3. Thanks |
|
we have validated this issue on 7.14.0 BC3 and found it fixed . The correct only individual alert result is returned on searching data on the individual alert page. Build Details: Snap-Shoot: Hence we are closing this issue and adding "QA: Vaidatd" to it. thanks !! |
|
Bug Conversion:
|
This issue was closed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Incorrect detection alert list appear on searching event in search bar under individual Rule page
Build Details:
Browser Details
All
Preconditions
Steps to Reproduce
Actual Result
Incorrect detection alert list appear on searching event in search bar under individual Rule page
Expected Result
Only opened individual detection alert signal should appear even if user search for some event in search bar
Whats Working
Whats Working
Screenshots
The text was updated successfully, but these errors were encountered: