Update anomalies tab to display the same quantity of anomalies when navigating from entity analytics page

[machadoum]

Summary

Anomalies tab shows the most critical anomalies for a User/Host/Network per hour or day.

When users navigate from the Entity analytics page to the Anomalies tab, we have to ensure they will see the same number of anomalies displayed on the Entity Analytics page. For that, I had to add two fields to the tab.

1. Job id filter
2. Interval (copied from anomaly explorer)
   When the user clicks on the number of anomalies for a job id, I preselect the job id and preselect interval as 'show all'.

Checklist

Delete any items that are not applicable to this PR.

• Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
• Unit or functional tests were updated or added to match the most common scenarios
• Any UI touched in this PR is usable by keyboard only (learn more about keyboard accessibility)
• Any UI touched in this PR does not create any new axe failures (run axe in browser: FF, Chrome)

[elasticmachine]

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[semd]

I don't quite understand the auto option in the interval 😅 maybe we could explain it here. Has this text been agreed with @paulewing?

[machadoum]

I copied this feature from the ML module.

[semd]

Okay, it is good to have consistency. It's just that what the auto option does is not explained, maybe in the ML context is more intuitive. I don't know, just curious.

[semd]

When I checked the code I was confused about the use of redux state for the anomalies table filters, later I realized it is needed to set the filters from the entities page, before navigating to the specific anomalies pages. It would be nice to mention that in the description.

I left some NITs and I think we should also wait for Paul's approval (or some designer).
But the code overall LGTM! Tested locally as well.
Great jobId! 🎉

[machadoum]

I was confused about the use of redux state for the anomalies table filters, later I realized it is needed to set the filters from the entities page, before navigating to the specific anomalies pages. It would be nice to mention that in the description.

@semd That is not the only reason why I saved the user selection in the redux store. Most tables on User/Host/Network pages also save the user selection inside the redux store. I guess the reason for that is to preserve the selection while navigating between tabs. But there are many inconsistencies.

For example, here is the initial data stored inside host tabs.

kibana/x-pack/plugins/security_solution/public/hosts/store/reducer.ts

Line 36 in cd2a6a5

[HostsTableType.authentications]: {

[machadoum]

@elasticmachine merge upstream

[kibana-ci]

💚 Build Succeeded

• Buildkite Build
• Commit: b61c124
• Storybooks Preview

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
securitySolution	6.4MB	6.4MB	+15.6KB

History

• 💛 Build #69589 was flaky 240fe73
• 💚 Build #69384 succeeded 7c9c0d3
• 💔 Build #69342 failed 528f727c1d8ea52bf003fded3ea3fc3a29d3627d
• 💔 Build #69076 failed 99982de3efc5378a45ea5a32a335597287f9e827
• 💔 Build #69035 failed a7b5d48c6c0a218e4b7cc621d96be2742b751d70
• 💔 Build #69021 failed d5864f89c58f4d5930b14f4f72dde1ee2022cb3c

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @machadoum

[michaelolo24]

Thanks for doing this! I also need to check the codeowners because I don't think we should have been pinged on most of these