[Security Solution] Hide KQL bar (all pages) and alerts filters (Detections) when Resolver is full screen #72788
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fixes an issue where the KQL bar (on all pages) and alerts filters (on the `Detections` page) should be hidden when Resolver is in full screen mode. **To reproduce:** 1) Navigate to the `Detections` page 2) Enter `agent.type : endpoint` in the KQL bar to only show endpoint alerts 3) Click the `Full screen` button in the detections table **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), and `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are visible in full screen mode 4) Click the `Analyze event` button to show Resolver **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are **NOT** visible in full screen mode **when Resolver is open** **Actual result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are (incorrectly) visible in full screen mode, per the screenshot below:  5) Click the `< Back to events` button **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions become visible again 6) Press the `Esc` (Escape) key to exit Full screen mode **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are (still) visible ## Screenshot (fixed) The following screenshot of the fix was taken from the `Detections` page after following the reproduction steps above: 
andrew-goldstein
added
Team:SIEM
v8.0.0
release_note:skip
|
Pinging @elastic/siem (Team:SIEM) |
| /> | ||
|
|
||
| <EuiSpacer /> | ||
| <WrapperPage noPadding={globalFullScreen}> |
There was a problem hiding this comment.
Reviewer, consider applying Github's Hide whitespace changes PR review filter (in the ⚙️) before reviewing the change here (the diff will appear much smaller)
|
@elasticmachine merge upstream |
andrew-goldstein
force-pushed
the
hide-filters-when-resolver-is-full-screen
branch
from
3910493
to
39c6f35
Compare
| @@ -153,7 +153,7 @@ describe('Events Viewer', () => { | |||
| }); | |||
| }); | |||
|
|
|||
| context('Events columns', () => { | |||
| context.skip('Events columns', () => { | |||
There was a problem hiding this comment.
@MadameSheema I skipped this D&D test because it failed on CI, and once locally. Would you be willing to debug it with me?
spong
approved these changes
Jul 22, 2020
There was a problem hiding this comment.
LGTM! Thanks for taking the time to pair and go over these changes with me @andrew-goldstein. Appreciate all the tests to accompany as well! 🙂
💚 Build SucceededBuild metricsasync chunks size
History
To update your PR or re-run it, just comment with: |
andrew-goldstein
added a commit
to andrew-goldstein/kibana
that referenced
this pull request
Jul 22, 2020
…ctions) when Resolver is full screen (elastic#72788) ## Summary Fixes an issue where the KQL bar (on all pages) and alerts filters (on the `Detections` page) should be hidden when Resolver is in full screen mode. **To reproduce:** 1) Navigate to the `Detections` page 2) Enter `agent.type : endpoint` in the KQL bar to only show endpoint alerts 3) Click the `Full screen` button in the detections table **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), and `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are visible in full screen mode 4) Click the `Analyze event` button to show Resolver **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are **NOT** visible in full screen mode **when Resolver is open** **Actual result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are (incorrectly) visible in full screen mode, per the screenshot below:  5) Click the `< Back to events` button **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions become visible again 6) Press the `Esc` (Escape) key to exit Full screen mode **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are (still) visible ## Screenshot (fixed) The following screenshot of the fix was taken from the `Detections` page after following the reproduction steps above: 
andrew-goldstein
added a commit
to andrew-goldstein/kibana
that referenced
this pull request
Jul 22, 2020
…ctions) when Resolver is full screen (elastic#72788) ## Summary Fixes an issue where the KQL bar (on all pages) and alerts filters (on the `Detections` page) should be hidden when Resolver is in full screen mode. **To reproduce:** 1) Navigate to the `Detections` page 2) Enter `agent.type : endpoint` in the KQL bar to only show endpoint alerts 3) Click the `Full screen` button in the detections table **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), and `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are visible in full screen mode 4) Click the `Analyze event` button to show Resolver **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are **NOT** visible in full screen mode **when Resolver is open** **Actual result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are (incorrectly) visible in full screen mode, per the screenshot below:  5) Click the `< Back to events` button **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions become visible again 6) Press the `Esc` (Escape) key to exit Full screen mode **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are (still) visible ## Screenshot (fixed) The following screenshot of the fix was taken from the `Detections` page after following the reproduction steps above: 
andrew-goldstein
added a commit
that referenced
this pull request
Jul 22, 2020
…ctions) when Resolver is full screen (#72788) (#72795) ## Summary Fixes an issue where the KQL bar (on all pages) and alerts filters (on the `Detections` page) should be hidden when Resolver is in full screen mode. **To reproduce:** 1) Navigate to the `Detections` page 2) Enter `agent.type : endpoint` in the KQL bar to only show endpoint alerts 3) Click the `Full screen` button in the detections table **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), and `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are visible in full screen mode 4) Click the `Analyze event` button to show Resolver **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are **NOT** visible in full screen mode **when Resolver is open** **Actual result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are (incorrectly) visible in full screen mode, per the screenshot below:  5) Click the `< Back to events` button **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions become visible again 6) Press the `Esc` (Escape) key to exit Full screen mode **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are (still) visible ## Screenshot (fixed) The following screenshot of the fix was taken from the `Detections` page after following the reproduction steps above: 
MadameSheema
pushed a commit
that referenced
this pull request
Jul 22, 2020
… (Detections) when Resolver is full screen (#72788) (#72796) * [Security Solution] Hide KQL bar (all pages) and alerts filters (Detections) when Resolver is full screen (#72788) ## Summary Fixes an issue where the KQL bar (on all pages) and alerts filters (on the `Detections` page) should be hidden when Resolver is in full screen mode. **To reproduce:** 1) Navigate to the `Detections` page 2) Enter `agent.type : endpoint` in the KQL bar to only show endpoint alerts 3) Click the `Full screen` button in the detections table **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), and `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are visible in full screen mode 4) Click the `Analyze event` button to show Resolver **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are **NOT** visible in full screen mode **when Resolver is open** **Actual result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are (incorrectly) visible in full screen mode, per the screenshot below:  5) Click the `< Back to events` button **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions become visible again 6) Press the `Esc` (Escape) key to exit Full screen mode **Expected result** * The KQL bar, inspect button, alerts filters (`Open | In progress | Closed`), `Showing n alerts`, `Select all n alerts`, and `Additional filters` actions are (still) visible ## Screenshot (fixed) The following screenshot of the fix was taken from the `Detections` page after following the reproduction steps above:  * - skipping cypress tests in `x-pack/plugins/security_solution/cypress/integration/timeline_data_providers.spec.ts`
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Jul 22, 2020
* master: (23 commits) Stabilize closing toast (elastic#72097) stabilize failing test (elastic#72086) Stabilize filter bar test (elastic#72032) Unskip vislib tests (elastic#71452) [ML] Fix layout of anomaly chart tooltip for long field values (elastic#72689) fix preAuth/preRouting mocks (elastic#72663) [Security Solution] Hide KQL bar (all pages) and alerts filters (Detections) when Resolver is full screen (elastic#72788) [Uptime] Rename Whitelist to Allowlist in parse_filter_map (elastic#71584) [Security Solution] Fixes exception modal not loading content (elastic#72770) [Security Solution][Exceptions] - Require non empty entries and non empty string values in exception list items (elastic#72748) [Detections] Add validation for Threshold value field (elastic#72611) [SIEM][Detection Engine][Lists] Adds version and immutability data structures (elastic#72730) [Security Solution][Detections] Validate file type of value lists (elastic#72746) [pre-req] New Component Layout proposal (elastic#72385) [ML] do not throw an error when agg is not supported by UI (elastic#72685) [Resolver] Origin process (elastic#72382) [Ingest Manager] Allow to force unenroll from the UI (elastic#72386) skip 6.8 branch when triggering baseline-capture builds (elastic#72706) [CI] In-progress PR comments (elastic#72211) Fix sorting of scripted string fields (elastic#72681) ...
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Jul 22, 2020
* master: (34 commits) Adds Role Based Access-Control to the Alerting & Action plugins based on Kibana Feature Controls (elastic#67157) [Monitoring] Revert direct shipping code (elastic#72505) Use server basepath when creating reporting jobs (elastic#72722) Adding api test for transaction_groups /breakdown and /avg_duration_by_browser (elastic#72623) [Task Manager] Addresses flaky test introduced by buffered store (elastic#72815) [Observability] filter "hasData" api by processor event (elastic#72810) do not pass title as part of tsvb request (elastic#72619) [Lens] Legend config (elastic#70619) Stabilize closing toast (elastic#72097) stabilize failing test (elastic#72086) Stabilize filter bar test (elastic#72032) Unskip vislib tests (elastic#71452) [ML] Fix layout of anomaly chart tooltip for long field values (elastic#72689) fix preAuth/preRouting mocks (elastic#72663) [Security Solution] Hide KQL bar (all pages) and alerts filters (Detections) when Resolver is full screen (elastic#72788) [Uptime] Rename Whitelist to Allowlist in parse_filter_map (elastic#71584) [Security Solution] Fixes exception modal not loading content (elastic#72770) [Security Solution][Exceptions] - Require non empty entries and non empty string values in exception list items (elastic#72748) [Detections] Add validation for Threshold value field (elastic#72611) [SIEM][Detection Engine][Lists] Adds version and immutability data structures (elastic#72730) ...
MindyRS
added
the
Team: SecuritySolution
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Fixes an issue where the KQL bar (on all pages) and alerts filters (on the
Detectionspage) should be hidden when Resolver is in full screen mode.To reproduce:
Detectionspageagent.type : endpointin the KQL bar to only show endpoint alertsFull screenbutton in the detections tableExpected result
Open | In progress | Closed), andShowing n alerts,Select all n alerts, andAdditional filtersactions are visible in full screen modeAnalyze eventbutton to show ResolverExpected result
Open | In progress | Closed),Showing n alerts,Select all n alerts, andAdditional filtersactions are NOT visible in full screen mode when Resolver is openActual result
Open | In progress | Closed),Showing n alerts,Select all n alerts, andAdditional filtersactions are (incorrectly) visible in full screen mode, per the screenshot below:< Back to eventsbuttonExpected result
Open | In progress | Closed),Showing n alerts,Select all n alerts, andAdditional filtersactions become visible againEsc(Escape) key to exit Full screen modeExpected result
Open | In progress | Closed),Showing n alerts,Select all n alerts, andAdditional filtersactions are (still) visibleScreenshot (fixed)
The following screenshot of the fix was taken from the
Detectionspage after following the reproduction steps above: