Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] expandable flyout - same source alert chage #168395

Merged
merged 1 commit into from
Oct 10, 2023
Merged

[Security Solution] expandable flyout - same source alert chage #168395

merged 1 commit into from
Oct 10, 2023

Conversation

PhilippeOberti
Copy link
Contributor

@PhilippeOberti PhilippeOberti commented Oct 9, 2023
edited by kibanamachine
Loading

Summary

This PR makes a small change to the way we retrieve the same source related alerts in the Security Solution expandable flyout alert details. Instead of using the value from the kibana.alert.ancestors.id field, we're now using the value from kibana.alert.original_event.id field.
No UI has been changed.

Screenshot 2023-10-09 at 1 14 35 PM

https://github.com/elastic/security-team/issues/7778

@PhilippeOberti PhilippeOberti added Team:Threat Hunting:Investigations Security Solution Investigations Team v8.12.0 labels Oct 9, 2023
@PhilippeOberti PhilippeOberti force-pushed the expandable-flyout-same-source-event branch 3 times, most recently from 5c65291 to 2a0ffe7 Compare October 10, 2023 13:13
@PhilippeOberti
[Security Solution] use kibana.alert.ancestors.id instead of kibana.a…
887f9d1 
…lert.original_event.id for same source even related alerts
@PhilippeOberti PhilippeOberti force-pushed the expandable-flyout-same-source-event branch from 2a0ffe7 to 887f9d1 Compare October 10, 2023 17:01
@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 13.0MB 13.0MB -87.0B

History

  • 💔 Build #166622 failed 2a0ffe79c154de12596ada67b9fe3a2fce33e771
  • 💔 Build #166493 failed 5c65291379eaaca8f9f33db94d232b1c85f87fb0
  • 💔 Build #166476 failed f107bf1e20e97f822fe9e61970a6d736c169a793
  • 💔 Build #166421 failed 0d7393ea3cb90ff17aa961301d599b8a2e2d734a

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@PhilippeOberti PhilippeOberti marked this pull request as ready for review October 10, 2023 18:29
@PhilippeOberti PhilippeOberti requested a review from a team as a code owner October 10, 2023 18:29
@PhilippeOberti PhilippeOberti added the release_note:skip Skip the PR/issue when compiling release notes label Oct 10, 2023
christineweng
christineweng approved these changes Oct 10, 2023
View reviewed changes
.../plugins/security_solution/public/flyout/shared/hooks/use_show_related_alerts_by_ancestry.ts
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for this clean up!

@PhilippeOberti PhilippeOberti merged commit deabe63 into elastic:main Oct 10, 2023
2 checks passed
@PhilippeOberti PhilippeOberti deleted the expandable-flyout-same-source-event branch October 10, 2023 20:53
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Oct 10, 2023
dej611 pushed a commit to dej611/kibana that referenced this pull request Oct 17, 2023
@PhilippeOberti @dej611
[Security Solution] expandable flyout - same source alert chage (elas…
657a91f 
…tic#168395)
@PhilippeOberti PhilippeOberti added v8.11.1 backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) and removed backport:skip This commit does not require backporting backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) labels Oct 18, 2023
@kibanamachine kibanamachine mentioned this pull request Oct 18, 2023
Merged
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Oct 18, 2023
@PhilippeOberti
[Security Solution] expandable flyout - same source alert chage (elas…
ab7f5e6 
…tic#168395)

(cherry picked from commit deabe63)
@kibanamachine
Copy link
Contributor

💚 All backports created successfully

Status Branch Result
8.11

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

kibanamachine added a commit that referenced this pull request Oct 18, 2023
@kibanamachine @PhilippeOberti
[8.11] [Security Solution] expandable flyout - same source alert chage (
401fa39 
#168395) (#169267)

# Backport

This will backport the following commits from `main` to `8.11`:
- [[Security Solution] expandable flyout - same source alert chage
(#168395)](#168395)

<!--- Backport version: 8.9.7 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Philippe
Oberti","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-10-10T20:53:16Z","message":"[Security
Solution] expandable flyout - same source alert chage
(#168395)","sha":"deabe637ef3e3634b2ea5cac3f4da81da42a65e1","branchLabelMapping":{"^v8.12.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Threat
Hunting:Investigations","backport:prev-minor","v8.12.0","v8.11.1"],"number":168395,"url":"https://github.com/elastic/kibana/pull/168395","mergeCommit":{"message":"[Security
Solution] expandable flyout - same source alert chage
(#168395)","sha":"deabe637ef3e3634b2ea5cac3f4da81da42a65e1"}},"sourceBranch":"main","suggestedTargetBranches":["8.11"],"targetPullRequestStates":[{"branch":"main","label":"v8.12.0","labelRegex":"^v8.12.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/168395","number":168395,"mergeCommit":{"message":"[Security
Solution] expandable flyout - same source alert chage
(#168395)","sha":"deabe637ef3e3634b2ea5cac3f4da81da42a65e1"}},{"branch":"8.11","label":"v8.11.1","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Philippe Oberti <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@christineweng christineweng christineweng approved these changes

Assignees
No one assigned
Labels
release_note:skip Skip the PR/issue when compiling release notes Team:Threat Hunting:Investigations Security Solution Investigations Team v8.11.0 v8.11.1 v8.12.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@PhilippeOberti @kibana-ci @kibanamachine @christineweng