Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution][Endpoint][Response Actions] Add users filter to actions log #140975

Merged

Conversation

ashokaditya
Copy link
Member

@ashokaditya ashokaditya commented Sep 19, 2022

Summary

Adds a users filter search input for actions log page and flyout.

Screenshot 2022-09-19 at 17 39 46

Checklist

Delete any items that are not applicable to this PR.

@ashokaditya ashokaditya added release_note:skip Skip the PR/issue when compiling release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution OLM Sprint v8.5.0 labels Sep 19, 2022
@ashokaditya ashokaditya self-assigned this Sep 19, 2022
@ashokaditya ashokaditya marked this pull request as ready for review September 19, 2022 15:47
@ashokaditya ashokaditya requested a review from a team as a code owner September 19, 2022 15:47
@ashokaditya ashokaditya requested review from pzl and parkiino September 19, 2022 15:47
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-onboarding-and-lifecycle-mgt (Team:Onboarding and Lifecycle Mgt)

@ashokaditya ashokaditya changed the title [Security Solution][Endpoint][Response Actions]Add users filter to actions log [Security Solution][Endpoint][Response Actions] Add users filter to actions log Sep 19, 2022
@ashokaditya ashokaditya force-pushed the task/olm-4724-action-log-users-filter branch from af3d29c to 50ff7fd Compare September 19, 2022 16:48
@ashokaditya ashokaditya marked this pull request as draft September 19, 2022 18:18
@ashokaditya ashokaditya force-pushed the task/olm-4724-action-log-users-filter branch from 50ff7fd to e56f797 Compare September 19, 2022 18:19
@ashokaditya ashokaditya marked this pull request as ready for review September 19, 2022 18:20
@ashokaditya ashokaditya force-pushed the task/olm-4724-action-log-users-filter branch from e56f797 to 91fc83c Compare September 19, 2022 18:29
@kevinlog
Copy link
Contributor

Checked it out and tried it - works great!

I can add a user name:
image

I can add multiple comma separated:
image

The clear button that appears works.

The URL params updated accordingly.

@ashokaditya - one last thought, is it easy to use partial matches or fuzzy search? Could we easily get something like the below to work?

image

No need to hold up this PR, we can add an enhancement for next release, if needed.

@ashokaditya
Copy link
Member Author

@ashokaditya - one last thought, is it easy to use partial matches or fuzzy search? Could we easily get something like the below to work?
It's easy enough to change the search query to fuzzy search userIds. Do we do this only when a single userid is given in the input like xyz* or *xyz* or *xyz, or do we want to fuzzy search also comma-separated userIds. abc*, *pqr*, **.

image

No need to hold up this PR, we can add an enhancement for next release, if needed.

Yeah, I would want to thoroughly test these cases before implementing the change. Let's do this for the next release.

Copy link
Contributor

@dasansol92 dasansol92 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@ashokaditya ashokaditya enabled auto-merge (squash) September 20, 2022 15:13
@kevinlog
Copy link
Contributor

@elasticmachine merge upstream

@kevinlog
Copy link
Contributor

@elasticmachine merge upstream

@kevinlog
Copy link
Contributor

@elasticmachine merge upstream

@nkhristinin
Copy link
Contributor

Hey, I open PR, which should skip the failing test to unblock this PR

@kevinlog
Copy link
Contributor

@elasticmachine merge upstream

@ashokaditya ashokaditya merged commit cffa4de into elastic:main Sep 20, 2022
@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
securitySolution 3142 3143 +1

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 6.5MB 6.5MB +1.2KB
Unknown metric groups

ESLint disabled line counts

id before after diff
securitySolution 408 409 +1

Total ESLint disabled count

id before after diff
securitySolution 480 481 +1

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @ashokaditya

@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Sep 20, 2022
@ashokaditya ashokaditya deleted the task/olm-4724-action-log-users-filter branch September 21, 2022 06:46
ashokaditya added a commit to ashokaditya/kibana that referenced this pull request Sep 21, 2022
ashokaditya added a commit that referenced this pull request Sep 22, 2022
…ven usernames for Actions Log (#141239)

* Do fuzzy search on given usernames

fixes elastic/security-team/issues/4724
refs /pull/140975

* Allow `match` searches on the API

Do fuzzy search via the request

review suggestions
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Sep 22, 2022
…ven usernames for Actions Log (elastic#141239)

* Do fuzzy search on given usernames

fixes elastic/security-team/issues/4724
refs elastic/pull/140975

* Allow `match` searches on the API

Do fuzzy search via the request

review suggestions

(cherry picked from commit 15fc5b7)
@ashokaditya ashokaditya added release_note:feature Makes this part of the condensed release notes and removed release_note:skip Skip the PR/issue when compiling release notes labels Oct 31, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport:skip This commit does not require backporting OLM Sprint release_note:feature Makes this part of the condensed release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution v8.5.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants