Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[8.6] [Security Solution][Investigations][Timeline] - Update getExceptions to use parameters (#145889) #146415

Merged
merged 1 commit into from
Nov 28, 2022
Merged

[8.6] [Security Solution][Investigations][Timeline] - Update getExceptions to use parameters (#145889) #146415

merged 1 commit into from
Nov 28, 2022

Conversation

kibanamachine
Copy link
Contributor

Backport

This will backport the following commits from main to 8.6:

Questions ?

Please refer to the Backport tool documentation

@michaelolo24
[Security Solution][Investigations][Timeline] - Update getExceptions …
0b04fd9 
…to use parameters (elastic#145889)

## Summary

Fixes: elastic#136772

The issue was introduced by a couple of changes:

First:
https://github.com/elastic/kibana/pull/136163/files#diff-02d33a1ed6679f7775dc01941ca21b085d7c008ecffe5e029f5967407a5e5b13L23
in 8.4.

The bug: A filter on the timeline UI relied on the `exceptions_list`
field provided on `_source` to auto-generate a filter when investigating
in timeline labelled `Not Exceptions` which would filter out the
exceptions from the timeline. This PR resolves that issue by pulling the
`exceptions_list` field from `kibana.alert.rule.parameters`.

Second:
https://github.com/elastic/kibana/pull/133254/files#diff-0f69b69fd9cefef6ed04a048d7df86b7e385e816bdf17309212437dc3f69726cL74

The filter actually stopped being passed to timeline entirely because of
the above change.

With the fixes in place:

https://user-images.githubusercontent.com/17211684/203111748-7a0c2eb5-a46f-4f88-9d77-3628204625ac.mov
(cherry picked from commit b32c8b9)
@kibanamachine kibanamachine enabled auto-merge (squash) November 28, 2022 15:18
@kibanamachine kibanamachine mentioned this pull request Nov 28, 2022
Merged
@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #25 / dashboard elements dashboard elements Controls Dashboard options list integration Interactions between options list and dashboard test data view runtime field making selection has expected results

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 9.7MB 9.7MB +762.0B
Unknown metric groups

ESLint disabled in files

id before after diff
osquery 1 2 +1

ESLint disabled line counts

id before after diff
enterpriseSearch 19 21 +2
fleet 59 65 +6
osquery 108 113 +5
securitySolution 442 448 +6
total +19

Total ESLint disabled count

id before after diff
enterpriseSearch 20 22 +2
fleet 68 74 +6
osquery 109 115 +6
securitySolution 519 525 +6
total +20

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @michaelolo24

@kibanamachine kibanamachine merged commit 0560c95 into elastic:8.6 Nov 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@michaelolo24 michaelolo24

Labels
backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kibanamachine @kibana-ci @michaelolo24