[Security Solution][Alert Flyout] Convert rule name to rule flyout and enable rule previews #191764
+1,054
−707
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
christineweng
added
release_note:enhancement
backport:skip
christineweng
force-pushed
the
rule-flyout
branch
2 times, most recently
from
74084c7 to
12b7c6c
Compare
|
Pinging @elastic/security-threat-hunting (Team:Threat Hunting) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
Pinging @elastic/security-threat-hunting-investigations (Team:Threat Hunting:Investigations) |
christineweng
force-pushed
the
rule-flyout
branch
from
12b7c6c to
40cb279
Compare
PhilippeOberti
requested changes
Sep 9, 2024
There was a problem hiding this comment.
The code looks great! At first I did not find any issues during desk testing, but pushing a little bit more in depth, I found that we have some inconsistencies between the alerts table on the Alerts page and the one on the Cases page.
We should show the rule flyout instead of navigating to the rule details page on the Activity tab of the Cases detail page
Screen.Recording.2024-09-09.at.9.06.15.AM.mov
We should show the rule flyout instead of navigating to the rule details page on the Alerts tab of the Cases detail page
Screen.Recording.2024-09-09.at.9.06.56.AM.mov
Also, unrelated but I found a but/inconsistent behavior when creating a new rule. We can still click on the link in the Alerts details flyout Table tab Preview rule link. Sometimes it just loads indefinitely, sometimes it errors out
Screen.Recording.2024-09-09.at.9.10.36.AM.mov
...gins/security_solution/public/flyout/document_details/left/components/prevalence_details.tsx
Outdated
Show resolved
Hide resolved
...ecurity_solution/public/flyout/document_details/right/components/highlighted_fields_cell.tsx
Outdated
Show resolved
Hide resolved
x-pack/plugins/security_solution/public/flyout/rule_details/hooks/use_rule_details.tsx
Show resolved
Hide resolved
x-pack/plugins/security_solution/public/flyout/rule_details/preview/footer.test.tsx
Outdated
Show resolved
Hide resolved
x-pack/plugins/security_solution/public/flyout/shared/components/preview_link.tsx
Show resolved
Hide resolved
christineweng
force-pushed
the
rule-flyout
branch
from
25b942a to
22869e9
Compare
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]Module Count
Async chunks
History
To update your PR or re-run it, just comment with: |
This was referenced Sep 11, 2024
PhilippeOberti
approved these changes
Sep 11, 2024
1 task
1 task
christineweng
added a commit
that referenced
this pull request
Nov 6, 2024
## Summary As a follow up to #191764, this PR updates rule names in `Activity` tab in cases to open a rule flyout instead of going to rule details page. **Security solution changes**: replace rule page navigation with a `openFlyout` call **Cases plugin changes**: update the rules link component to accept either `href` or `onClick`.  ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Nov 6, 2024
) ## Summary As a follow up to elastic#191764, this PR updates rule names in `Activity` tab in cases to open a rule flyout instead of going to rule details page. **Security solution changes**: replace rule page navigation with a `openFlyout` call **Cases plugin changes**: update the rules link component to accept either `href` or `onClick`.  ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit 09dd66d)
kibanamachine
added a commit
that referenced
this pull request
Nov 7, 2024
…) (#199242) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Update rule link in cases activities (#198836)](#198836) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"christineweng","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-06T22:57:55Z","message":"[Security Solution] Update rule link in cases activities (#198836)\n\n## Summary\r\n\r\nAs a follow up to #191764, this PR\r\nupdates rule names in `Activity` tab in cases to open a rule flyout\r\ninstead of going to rule details page.\r\n\r\n**Security solution changes**: replace rule page navigation with a\r\n`openFlyout` call\r\n**Cases plugin changes**: update the rules link component to accept\r\neither `href` or `onClick`.\r\n\r\n\r\n\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"09dd66d355fbb32fa0090e36945819a9509138c6","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","backport","v9.0.0","Team:Threat Hunting","v8.17.0"],"title":"[Security Solution] Update rule link in cases activities","number":198836,"url":"https://github.com/elastic/kibana/pull/198836","mergeCommit":{"message":"[Security Solution] Update rule link in cases activities (#198836)\n\n## Summary\r\n\r\nAs a follow up to #191764, this PR\r\nupdates rule names in `Activity` tab in cases to open a rule flyout\r\ninstead of going to rule details page.\r\n\r\n**Security solution changes**: replace rule page navigation with a\r\n`openFlyout` call\r\n**Cases plugin changes**: update the rules link component to accept\r\neither `href` or `onClick`.\r\n\r\n\r\n\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"09dd66d355fbb32fa0090e36945819a9509138c6"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/198836","number":198836,"mergeCommit":{"message":"[Security Solution] Update rule link in cases activities (#198836)\n\n## Summary\r\n\r\nAs a follow up to #191764, this PR\r\nupdates rule names in `Activity` tab in cases to open a rule flyout\r\ninstead of going to rule details page.\r\n\r\n**Security solution changes**: replace rule page navigation with a\r\n`openFlyout` call\r\n**Cases plugin changes**: update the rules link component to accept\r\neither `href` or `onClick`.\r\n\r\n\r\n\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"09dd66d355fbb32fa0090e36945819a9509138c6"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: christineweng <[email protected]>
mgadewoll
pushed a commit
to mgadewoll/kibana
that referenced
this pull request
Nov 7, 2024
) ## Summary As a follow up to elastic#191764, this PR updates rule names in `Activity` tab in cases to open a rule flyout instead of going to rule details page. **Security solution changes**: replace rule page navigation with a `openFlyout` call **Cases plugin changes**: update the rules link component to accept either `href` or `onClick`.  ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR converts rule name in alert table to be a flyout (consistent with host name and user name) and enables rule preview whenever rule name is present.
This PR also moved the rule details component into its own
rule_detailsfolder to be independent of thedocument_detailsflyout.Dependency: #190560 to be merged first
New behavior:
Screen.Recording.2024-09-05.at.4.19.08.PM.mov
Checklist