-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Endpoint] ERT-82 ERT-83 ERT-84: Alert list API with pagination #56538
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
madirey
added
Team:Endpoint Response
Endpoint Response Team
review
Feature:Endpoint
Elastic Endpoint feature
release_note:skip
Skip the PR/issue when compiling release notes
v7.7.0
v8.0.0
labels
Jan 31, 2020
madirey
requested review from
dplumlee,
nnamdifrankie,
peluja1012,
EricDavisX,
scunningham,
paul-tavares,
marshallmain,
jonathan-buttner,
alexk307,
andrewstucki,
kevinlog,
kqualters-elastic,
bkimmel,
crowens,
james-elastic,
pzl and
oatkiller
and removed request for
paul-tavares and
pzl
January 31, 2020 19:15
madirey
changed the title
Alert list API with pagination
[Endpoint] Alert list API with pagination
Jan 31, 2020
madirey
changed the title
[Endpoint] Alert list API with pagination
[Endpoint] ERT-82 ERT-83 ERT-84: Alert list API with pagination
Jan 31, 2020
@oatkiller Reduced sample data size by more than half... |
alexk307
reviewed
Feb 5, 2020
alexk307
approved these changes
Feb 5, 2020
Functional tests added. |
peluja1012
reviewed
Feb 5, 2020
x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/types.ts
Outdated
Show resolved
Hide resolved
peluja1012
reviewed
Feb 5, 2020
x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/reducer.ts
Outdated
Show resolved
Hide resolved
peluja1012
reviewed
Feb 6, 2020
x-pack/plugins/endpoint/server/services/endpoint/alert_query_builders.ts
Outdated
Show resolved
Hide resolved
peluja1012
reviewed
Feb 6, 2020
peluja1012
reviewed
Feb 6, 2020
x-pack/plugins/endpoint/server/services/endpoint/alert_query_builders.ts
Outdated
Show resolved
Hide resolved
peluja1012
reviewed
Feb 6, 2020
x-pack/plugins/endpoint/server/services/endpoint/alert_query_builders.ts
Show resolved
Hide resolved
peluja1012
reviewed
Feb 6, 2020
x-pack/plugins/endpoint/server/services/endpoint/alert_query_builders.ts
Outdated
Show resolved
Hide resolved
peluja1012
reviewed
Feb 6, 2020
x-pack/plugins/endpoint/server/services/endpoint/alert_query_builders.ts
Outdated
Show resolved
Hide resolved
peluja1012
reviewed
Feb 6, 2020
x-pack/plugins/endpoint/server/services/endpoint/alert_query_builders.ts
Outdated
Show resolved
Hide resolved
peluja1012
reviewed
Feb 6, 2020
peluja1012
reviewed
Feb 6, 2020
peluja1012
approved these changes
Feb 6, 2020
💚 Build Succeeded
History
To update your PR or re-run it, just comment with: |
💚 Build SucceededHistory
To update your PR or re-run it, just comment with: |
jloleysens
added a commit
to jloleysens/kibana
that referenced
this pull request
Feb 7, 2020
…b.com:jloleysens/kibana into console/feature/text-objects-in-saved-objects * 'console/feature/text-objects-in-saved-objects' of github.com:jloleysens/kibana: (103 commits) fix auto closing new vis modal when navigating to lens or when navigating away with browser history (elastic#56998) TS of esKuery\node_types (elastic#56857) Kibana app migration: Move static code dependencies into kibana_legacy plugin, part 1 (elastic#56408) Retry ES API calls that fail with 410/Gone (elastic#56950) [APM] Show missing permissions message to the user on the Services overview (elastic#56374) Fixing flaky CI tests for custom appRoutes (elastic#55763) [State Management][Docs] State syncing utils docs (elastic#56479) [Index management] Remove index mapper setting in tests (elastic#57066) Exposed common EuiExpressions to separate components be able to reuse for building new for Alert Types (elastic#56466) [SIEM] update url state between page if date is relative (elastic#56813) fix for chart_types test (elastic#57056) chore(NA): remove compress from dll minimizer (elastic#57023) [File upload] Migrate routing to NP & add route validation (elastic#52313) Adding docs for grouped nav advanced setting (elastic#57013) Use i18n titles for field formatters, human names for numeral locales (elastic#56348) [Maps] Remove EMS catalogue url from docs (elastic#57020) [Endpoint] ERT-82 ERT-83 ERT-84: Alert list API with pagination (elastic#56538) [DOCS] Adds Apple notarization info to install doc (elastic#57042) [ML] New Platform server shim: update results service routes to use new platform router (elastic#56886) Fix typo on detection engine rule (elastic#56993) ...
oatkiller
pushed a commit
that referenced
this pull request
Feb 18, 2020
* Add Endpoint plugin and Resolver embeddable (#51994) * Add functional tests for plugins to x-pack (so we can do a functional test of the Resolver embeddable) * Add Endpoint plugin * Add Resolver embeddable * Test that Resolver embeddable can be rendered Conflicts: x-pack/.i18nrc.json x-pack/test/api_integration/apis/index.js * [Endpoint] Register endpoint app (#53527) * register app, create functional test * formatting * update tests * adjust test data for endpoint * add endpoint tests for testing spaces, app enabled, disabled, etc * linting * add read privileges to endpoint * rename variable since its used now * remove deprecated context * remove unused variable * fix type check * correct test suite message Co-Authored-By: Larry Gregory <[email protected]> Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Larry Gregory <[email protected]> * [Endpoint] add react router to endpoint app (#53808) * add react router to endpoint app * linting * linting * linting * correct tests * change history from hash to browser, add new test util * remove default values in helper functions * fix type check, use FunctionComponent as oppsed to FC * use BrowserRouter component * use BrowserRouter component lin * add comments to test framework, change function name to include browserHistory Co-authored-by: Elastic Machine <[email protected]> * EMT-issue-65: add endpoint list api (#53861) add endpoint list api * EMT-65:always return accurate endpoint count (#54423) EMT-65:always return accurate endpoint count, independent of paging properties * Resolver component w/ sample data (#53619) Resolver is a map. It shows processes that ran on a computer. The processes are drawn as nodes and lines connect processes with their parents. Resolver is not yet implemented in Kibana. This PR adds a 'map' type UX. The user can click and drag to pan the map and zoom using trackpad pinching (or ctrl and mousewheel.) There is no code providing actual data. Sample data is included. The sample data is used to draw a map. The fundamental info needed is: process names the parent of a process With this info we can topologically lay out the processes. The sample data isn't yet in a realistic format. We'll be fixing that soon. Related issue: elastic/endpoint-app-team#30 * Resolver test plugin not using mount context. (#54933) Mount context was deprecated. Use core.getStartServices() instead. * Resolver nonlinear zoom (#54936) * [Endpoint] add Redux saga Middleware and app Store (#53906) * Added saga library * Initialize endpoint app redux store * Resolver is overflow: hidden to prevent obscured elements from showing up (#55076) * [Endpoint] Fix saga to start only after store is created and stopped on app unmount (#55245) - added `stop()`/`start()` methods to the Saga Middleware creator factory - adjust tests based on changes - changed application `renderApp` to stop sagas when react app is unmounted * Resolver zoom, pan, and center controls (#55221) * Resolver zoom, pan, and center controls * add tests, fix north panning * fix type issue * update west and east panning to behave like google maps * [Endpoint] FIX: Increase tests `sleep` default duration back to 100ms (#55492) Revert `sleep()` default duration, in the saga tests, back to 100ms in order to prevent intermittent failures during CI runs. Fixes #55464 Fixes #55465 * [Endpoint] EMT-65: make endpoint data types common, restructure (#54772) [Endpoint] EMT-65: make endpoint data types common, use schema changes * Basic Functionality Alert List (#55800) * sets up initial grid and data type * data feeds in from backend but doesnt update * sample data feeding in correctly * Fix combineReducers issue by importing Redux type from 'redux' package * Add usePageId hook that fires action when user navigates to page * Strict typing for middleware * addresses comments and uses better types * move types to common/types.ts * Move types to endpoint/types.ts, address PR comments blah 2 Co-authored-by: Pedro Jaramillo <[email protected]> * [Endpoint] Add Endpoint Details route (#55746) * Add Endpoint Details route * add Endpoint Details tests * sacrifices to the Type gods * update to latest endpoint schema Co-authored-by: Elastic Machine <[email protected]> * [Endpoint] EMT-67: add kql support for endpoint list (#56328) [Endpoint] EMT-67: add kql support for endpoint list * [Endpoint] ERT-82 ERT-83 ERT-84: Alert list API with pagination (#56538) * ERT-82 ERT-83 ERT-84 (partial): Add Alert List API with pagination * Better type safety for alert list API * Add Test to Verify Endpoint App Landing Page (#57129) Conflicts: x-pack/test/functional/page_objects/index.ts * fixes render bug in alert list (#57152) Co-authored-by: Elastic Machine <[email protected]> * Resolver: Animate camera, add sidebar (#55590) This PR adds a sidebar navigation. clicking the icons in the nav will focus the camera on the different nodes. There is an animation effect when the camera moves. Conflicts: yarn.lock * [Endpoint] Task/basic endpoint list (#55623) * Adds host management list to endpoint security plugin Co-authored-by: Elastic Machine <[email protected]> * [Endpoint] Policy List UI route and initial view (#56918) * Initial Policy List view * Add `endpoint/policy` route and displays Policy List * test cases (both unit and functional) Does not yet interact with API (Ingest). * Add ApplicationService app status management (#50223) This was already backported, but changes to endpoint app could not be backported, since endpoint app itself hadn't been backported. Now that the endpoint app is backported, reapply the endpoint specific changes from the original commit. * Implements `getStartServices` on server-side (#55156) This was already backported, but changes to endpoint app could not be backported, since endpoint app itself hadn't been backported. Now that the endpoint app is backported, reapply the endpoint specific changes from the original commit. * [ui/utils/query_string]: Remove unused methods & migrate apps to querystring lib (#56957) This was already backported, but changes to endpoint app could not be backported, since endpoint app itself hadn't been backported. Now that the endpoint app is backported, reapply the endpoint specific changes from the original commit. Co-authored-by: Kevin Logan <[email protected]> Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Larry Gregory <[email protected]> Co-authored-by: nnamdifrankie <[email protected]> Co-authored-by: Davis Plumlee <[email protected]> Co-authored-by: Paul Tavares <[email protected]> Co-authored-by: Pedro Jaramillo <[email protected]> Co-authored-by: Dan Panzarella <[email protected]> Co-authored-by: Madison Caldwell <[email protected]> Co-authored-by: Charlie Pichette <[email protected]> Co-authored-by: Candace Park <[email protected]> Co-authored-by: Pierre Gayvallet <[email protected]> Co-authored-by: Alexey Antonov <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
Feature:Endpoint
Elastic Endpoint feature
release_note:skip
Skip the PR/issue when compiling release notes
review
Team:Endpoint Response
Endpoint Response Team
v7.7.0
v8.0.0
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This is the initial checkin of the Alert List API, which proxies a Kibana request through to Elasticsearch, returning a paginated set of alerts.
Technique used is simple pagination requiring a page index and page size. This will not scale with deep pagination through large result sets. A follow-up issue to implement cursor-based pagination can be found here: https://github.com/elastic/endpoint-app-team/issues/145 ...
Screenshot
Issues Addressed
https://github.com/elastic/endpoint-app-team/issues/82
https://github.com/elastic/endpoint-app-team/issues/83
https://github.com/elastic/endpoint-app-team/issues/84
Checklist
This PR supports the following:
Example Response:
Use
strikethroughsto remove checklist items you don't feel are applicable to this PR.This was checked for cross-browser compatibility, including a check against IE11Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n supportDocumentation was added for features that require explanation or tutorialsThis was checked for keyboard-only and screenreader accessibilityFor maintainers
- [ ] This was checked for breaking API changes and was labeled appropriately- [ ] This includes a feature addition or change that requires a release note and was labeled appropriatelyFollow-Up Issues