Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[SIEM] Add SavedQuery in Timeline #49813

Merged
merged 15 commits into from
Nov 15, 2019

Conversation

XavierM
Copy link
Contributor

@XavierM XavierM commented Oct 31, 2019

Summary

Add SearchBar with SavedQuery in timeline.

image

Checklist

Use strikethroughs to remove checklist items you don't feel are applicable to this PR.

For maintainers

Sorry, something went wrong.

@elasticmachine
Copy link
Contributor

Pinging @elastic/siem (Team:SIEM)

@XavierM XavierM force-pushed the siem-timeline-search-bar branch from 550b080 to 45f37b7 Compare October 31, 2019 21:22
@elastic elastic deleted a comment from elasticmachine Nov 1, 2019
@elastic elastic deleted a comment from elasticmachine Nov 1, 2019
@elastic elastic deleted a comment from elasticmachine Nov 1, 2019
@XavierM XavierM force-pushed the siem-timeline-search-bar branch from 45f37b7 to c234228 Compare November 1, 2019 02:25
@elastic elastic deleted a comment from elasticmachine Nov 1, 2019
@spong
Copy link
Member

spong commented Nov 1, 2019

Cousin of ole #48124 in action:

timeline_saved_search_overlay

@spong

This comment has been minimized.

@spong

This comment has been minimized.

@spong
Copy link
Member

spong commented Nov 1, 2019

In testing, opened these three KibanaApp issues related to Add Filter functionality:

@spong

This comment has been minimized.

@spong spong self-requested a review November 11, 2019 18:19
@XavierM XavierM force-pushed the siem-timeline-search-bar branch from 6393cc2 to 77b85f5 Compare November 11, 2019 18:52
@XavierM XavierM requested a review from a team as a code owner November 11, 2019 18:52
@XavierM XavierM requested a review from Bargs November 11, 2019 20:00
@elastic elastic deleted a comment from elasticmachine Nov 11, 2019
Copy link
Member

@spong spong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checked out, thoroughly tested locally and performed a code review. LGTM 👍 Thanks for wrapping up the implementation of the new filter bar @XavierM! 🎉🚀🙂

Note: Came across a few usability bugs in testing, but all appear to be Kibana core issues -- created the following to track:

@XavierM XavierM requested a review from lizozom November 11, 2019 22:25
@XavierM XavierM force-pushed the siem-timeline-search-bar branch from e8da132 to 08c4c84 Compare November 12, 2019 00:51
@elastic elastic deleted a comment from elasticmachine Nov 12, 2019
@elastic elastic deleted a comment from elasticmachine Nov 12, 2019
@XavierM XavierM force-pushed the siem-timeline-search-bar branch from 8c7fd02 to 0ccf610 Compare November 14, 2019 20:54
@XavierM
Copy link
Contributor Author

XavierM commented Nov 14, 2019

@elasticmachine merge upstream

@elastic elastic deleted a comment from elasticmachine Nov 14, 2019
@elastic elastic deleted a comment from elasticmachine Nov 14, 2019
@elastic elastic deleted a comment from elasticmachine Nov 14, 2019
@elasticmachine
Copy link
Contributor

💚 Build Succeeded

@elastic elastic deleted a comment from elasticmachine Nov 15, 2019
@XavierM XavierM merged commit 3131dd4 into elastic:master Nov 15, 2019
? { value: parseString(filter.meta.value) }
: {}),
},
...(filter.exists != null ? { exists: parseString(filter.exists) } : {}),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would suggest using the type guard function here as well

Copy link
Contributor Author

@XavierM XavierM Nov 15, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that here we do not need it here because it is coming back from our timeline saved object and if it is different to null we need to parse the string as simple as that.

jloleysens added a commit to jloleysens/kibana that referenced this pull request Nov 15, 2019
…ger-ace-theme

* 'master' of github.com:elastic/kibana: (54 commits)
  [ML] Fixes word wrap in Overview page sidebar on IE (elastic#50668)
  Upgrade to TypeScript 3.7.2 (elastic#47188)
  fix: hide 'edit' button for mobile for dashboards (elastic#50639)
  fixes conditional links tests (elastic#50642)
  [SIEM] Fix IE11 timeline drag and drop issue (elastic#50528)
  [SIEM] Add SavedQuery in Timeline (elastic#49813)
  chore(NA): remove code plugin from codeowners (elastic#50451)
  [DOCS] Adds documentation on telemetry settings (elastic#50739)
  [Logs UI] Add IE11-specific CSS fixes for anomalies table (elastic#49980)
  [DOCS][SIEM]: Change Kibana advanced settings to match UI (elastic#50679)
  Change URLs for support menu (elastic#50700)
  [Reporting] Remove any types and references to Hapi (elastic#49250)
  [DOCS] Adds note about backups to Upgrade doc (elastic#50525)
  [Logs UI] Improve infra plugin compatibility with TS 3.7 (elastic#50491)
  [Task manager] Adds ensureScheduling api to allow safer rescheduling of existing tasks (elastic#50232)
  [DOCS] Adds link to content security policy doc (elastic#50698)
  Remove duplicate but in error message (elastic#50530)
  [ML] DF Analytics: Ensure creation flyout can be opened when no jobs exist (elastic#50417)
  Add filebeat notice (elastic#49065)
  [Monitoring] De-duplicate pipeline ids based on the ephemeral_id changing (elastic#49978)
  ...

# Conflicts:
#	x-pack/legacy/plugins/grokdebugger/public/components/grok_debugger/brace_imports.ts
@XavierM XavierM deleted the siem-timeline-search-bar branch November 15, 2019 14:48
@alexwizp
Copy link
Contributor

alexwizp commented Nov 18, 2019

@XavierM I see you added label 7.6 but this PR wasn't back ported into 7.x. Could you please check it or remove label?

XavierM added a commit to XavierM/kibana that referenced this pull request Nov 18, 2019
* Step-1: Add Search Bar in timeline instead of our own kql

* Step-2: Add the saved query with filter in timeline savedObject

* fix type

* Fix unit test

* fix bug when you use an exists filter

* Fix bug to do a search when add filter by itself

* Review I

* unit tests

* fix import for Filter

* add range as a filter

* remove comment

* forget to add range in ES mapping + allow query with only filters

* fix and/or with filter

* review with Liza
@XavierM
Copy link
Contributor Author

XavierM commented Nov 18, 2019

@alexwizp, sorry about that, I forget. Almost there!!!

XavierM added a commit that referenced this pull request Nov 18, 2019
* Step-1: Add Search Bar in timeline instead of our own kql

* Step-2: Add the saved query with filter in timeline savedObject

* fix type

* Fix unit test

* fix bug when you use an exists filter

* Fix bug to do a search when add filter by itself

* Review I

* unit tests

* fix import for Filter

* add range as a filter

* remove comment

* forget to add range in ES mapping + allow query with only filters

* fix and/or with filter

* review with Liza
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

6 participants