Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution][Endpoint][Response Actions] Show shell info above execute action output #154318

Merged
merged 7 commits into from
Apr 10, 2023
Merged

[Security Solution][Endpoint][Response Actions] Show shell info above execute action output #154318

merged 7 commits into from
Apr 10, 2023

Conversation

ashokaditya
Copy link
Member

@ashokaditya ashokaditya commented Apr 4, 2023
edited
Loading

Summary

Shows shell name, shell execution return code, and current working directory info along with the command execution output for execute action response.

console
Screenshot 2023-04-05 at 17 15 31

actions history
Screenshot 2023-04-05 at 17 17 16

Checklist

Delete any items that are not applicable to this PR.

@ashokaditya ashokaditya self-assigned this Apr 4, 2023
@ashokaditya ashokaditya added release_note:skip Skip the PR/issue when compiling release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution OLM Sprint v8.8.0 labels Apr 4, 2023
@ashokaditya ashokaditya marked this pull request as ready for review April 4, 2023 09:32
@ashokaditya ashokaditya requested a review from a team as a code owner April 4, 2023 09:32
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-defend-workflows (Team:Defend Workflows)

@ashokaditya
Copy link
Member Author

So I first went with a version where the labels were not bold similar to other action outputs, but then I switched to the version where the output sections are a bit more legible in terms of contrast with bold. What do you all think?

Here are screenshots without the strong labels.

alternative
Screenshot 2023-04-04 at 11 38 12
Screenshot 2023-04-04 at 11 38 45

cc @caitlinbetz @kevinlog @paul-tavares

@paul-tavares
Copy link
Contributor

@ashokaditya - yeah, I'm not loving the display of it. It just looks like its part of download link information. It just all blends in. Its also pushing the output further down, which might not be a real concern in the console, but in the history log, the user does have limited view windows (expandable row) to see the content, so we're just forcing them to scroll

can you try a few other options and post screen captures?

some Ideas:

  • Put it in a accordion above the STDOUT and expanded by default
  • lets see what the bold labels view looks like. I think its going to grab too much of the user's eye in this case for something that is not the primary information they are looking to consume, but show it anyway for comparison
  • create a "section" labeled "Execution context" and place the content in there. This will at least break up the flow of text and group that information by the label

@ashokaditya
Copy link
Member Author

@ashokaditya - yeah, I'm not loving the display of it. It just looks like its part of download link information. It just all blends in. Its also pushing the output further down, which might not be a real concern in the console, but in the history log, the user does have limited view windows (expandable row) to see the content, so we're just forcing them to scroll

can you try a few other options and post screen captures?

some Ideas:

  • Put it in a accordion above the STDOUT and expanded by default
  • lets see what the bold labels view looks like. I think its going to grab too much of the user's eye in this case for something that is not the primary information they are looking to consume, but show it anyway for comparison
  • create a "section" labeled "Execution context" and place the content in there. This will at least break up the flow of text and group that information by the label

So we agreed in the grooming meeting to move the shell info into an accordion at the top and show it collapsed. Changes added in 9814303

gergoabraham
gergoabraham approved these changes Apr 5, 2023
View reviewed changes
Copy link
Contributor

@gergoabraham gergoabraham left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks and works great! 🚀

...n/public/management/components/endpoint_execute_action/execute_action_host_response.test.tsx Outdated
Comment on lines 50 to 52
expect(renderResult.getByTestId(`test-executeResponseOutput-context`)).toBeTruthy();
expect(renderResult.getByTestId(`test-executeResponseOutput-shell`)).toBeTruthy();
expect(renderResult.getByTestId(`test-executeResponseOutput-cwd`)).toBeTruthy();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: instead of toBeTruthy(), it may be semantically better to use toBeInTheDocument(). In this case, you can also use queryByX instead of getByX, so if the queried element is not present, the query function won't fail, but the toBeInTheDocument() will.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh I like that better. Will update it

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done 177a31b

@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 15.8MB 15.8MB +1.7KB
Unknown metric groups

ESLint disabled line counts

id before after diff
securitySolution 432 435 +3

Total ESLint disabled count

id before after diff
securitySolution 512 515 +3

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @ashokaditya

@paul-tavares paul-tavares merged commit f63fffc into elastic:main Apr 10, 2023
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Apr 10, 2023
@ashokaditya ashokaditya deleted the task/dw-execute-output-shell-info-6220 branch April 20, 2023 12:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gergoabraham gergoabraham gergoabraham approved these changes

@paul-tavares paul-tavares paul-tavares approved these changes

@joeypoon joeypoon Awaiting requested review from joeypoon joeypoon is a code owner automatically assigned from elastic/security-defend-workflows

Assignees

@ashokaditya ashokaditya

Labels
backport:skip This commit does not require backporting OLM Sprint release_note:skip Skip the PR/issue when compiling release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution v8.8.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@ashokaditya @elasticmachine @paul-tavares @kibana-ci @gergoabraham @kibanamachine