-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SIEM] Add SavedQuery in Timeline #49813
Conversation
Pinging @elastic/siem (Team:SIEM) |
550b080
to
45f37b7
Compare
45f37b7
to
c234228
Compare
Cousin of ole #48124 in action: |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
In testing, opened these three KibanaApp issues related to
|
This comment has been minimized.
This comment has been minimized.
6393cc2
to
77b85f5
Compare
x-pack/legacy/plugins/siem/public/components/timeline/query_bar/index.tsx
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Checked out, thoroughly tested locally and performed a code review. LGTM 👍 Thanks for wrapping up the implementation of the new filter bar @XavierM! 🎉🚀🙂
Note: Came across a few usability bugs in testing, but all appear to be Kibana core issues -- created the following to track:
- Looks like the z-index is off In the
Saved Queries
#48124 Looks like the z-index is off In theSaved Queries
- [Filters] 'Edit as Query DSL' action throws console error "couldn't load module ace/theme/" #49964 [Filters] 'Edit as Query DSL' action throws console error "couldn't load module ace/theme/"
- [Filters] Field selection list flashes in page corner (0, 0) when opening Add Filter popover #49962 [Filters] Field selection list flashes in page corner (0, 0) when opening Add Filter popover
- [Filters] Edit Filter Field input overflows out of popover making Operator values unreadable #49961 [Filters] Edit Filter Field input overflows out of popover making Operator values unreadable
e8da132
to
08c4c84
Compare
8c7fd02
to
0ccf610
Compare
@elasticmachine merge upstream |
💚 Build Succeeded |
? { value: parseString(filter.meta.value) } | ||
: {}), | ||
}, | ||
...(filter.exists != null ? { exists: parseString(filter.exists) } : {}), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would suggest using the type guard function here as well
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that here we do not need it here because it is coming back from our timeline saved object and if it is different to null we need to parse the string as simple as that.
…ger-ace-theme * 'master' of github.com:elastic/kibana: (54 commits) [ML] Fixes word wrap in Overview page sidebar on IE (elastic#50668) Upgrade to TypeScript 3.7.2 (elastic#47188) fix: hide 'edit' button for mobile for dashboards (elastic#50639) fixes conditional links tests (elastic#50642) [SIEM] Fix IE11 timeline drag and drop issue (elastic#50528) [SIEM] Add SavedQuery in Timeline (elastic#49813) chore(NA): remove code plugin from codeowners (elastic#50451) [DOCS] Adds documentation on telemetry settings (elastic#50739) [Logs UI] Add IE11-specific CSS fixes for anomalies table (elastic#49980) [DOCS][SIEM]: Change Kibana advanced settings to match UI (elastic#50679) Change URLs for support menu (elastic#50700) [Reporting] Remove any types and references to Hapi (elastic#49250) [DOCS] Adds note about backups to Upgrade doc (elastic#50525) [Logs UI] Improve infra plugin compatibility with TS 3.7 (elastic#50491) [Task manager] Adds ensureScheduling api to allow safer rescheduling of existing tasks (elastic#50232) [DOCS] Adds link to content security policy doc (elastic#50698) Remove duplicate but in error message (elastic#50530) [ML] DF Analytics: Ensure creation flyout can be opened when no jobs exist (elastic#50417) Add filebeat notice (elastic#49065) [Monitoring] De-duplicate pipeline ids based on the ephemeral_id changing (elastic#49978) ... # Conflicts: # x-pack/legacy/plugins/grokdebugger/public/components/grok_debugger/brace_imports.ts
@XavierM I see you added label 7.6 but this PR wasn't back ported into 7.x. Could you please check it or remove label? |
* Step-1: Add Search Bar in timeline instead of our own kql * Step-2: Add the saved query with filter in timeline savedObject * fix type * Fix unit test * fix bug when you use an exists filter * Fix bug to do a search when add filter by itself * Review I * unit tests * fix import for Filter * add range as a filter * remove comment * forget to add range in ES mapping + allow query with only filters * fix and/or with filter * review with Liza
@alexwizp, sorry about that, I forget. Almost there!!! |
* Step-1: Add Search Bar in timeline instead of our own kql * Step-2: Add the saved query with filter in timeline savedObject * fix type * Fix unit test * fix bug when you use an exists filter * Fix bug to do a search when add filter by itself * Review I * unit tests * fix import for Filter * add range as a filter * remove comment * forget to add range in ES mapping + allow query with only filters * fix and/or with filter * review with Liza
Summary
Add SearchBar with SavedQuery in timeline.
Checklist
Use
strikethroughsto remove checklist items you don't feel are applicable to this PR.[ ] Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support[ ] Documentation was added for features that require explanation or tutorials[ ] This was checked for keyboard-only and screenreader accessibilityFor maintainers
[ ] This was checked for breaking API changes and was labeled appropriately[ ] This includes a feature addition or change that requires a release note and was labeled appropriately