Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add new search bar with WQL #5363

Conversation

Desvelao
Copy link
Member

@Desvelao Desvelao commented Apr 10, 2023

Description

This pull request adds a new search bar that supports multiple language implementations.

The new component provides an interface to allow the language implementation can interact with it and extend or overwrite some functionalities.

The purpose of the new search bar component and its language implementations is to replace the current WzSearchBar.

There are 2 language implementations:

  • WQL: human based on Wazuh API query language
  • AQL: disabled and not updated based on Wazuh API query language

In a previous meeting it was decided to use only the WQL.

In other pull requests, we have to replace the WzSearchBar component with this new one. These can be blocked by some requirements that should be implemented in the Wazuh manager API wazuh/wazuh#16552.

Search bar

The new search bar base component is based on a custom EuiSuggest component (the current WzSearchBar wraps it) and lets decouple the business logic of each query language. For example, adding suggestions according to the input query or defining the action when a suggestion item is clicked.

Each language implementation has to be registered previously and expose a concrete interface to interact with the search bar.

Documentation: https://github.com/wazuh/wazuh-kibana-app/blob/feat/4312-poc-search-bar-component-multiple-query-language-api-query-language-implementation/public/components/search-bar/README.md

Features:

  • Supports multiple query languages.
  • Switch the selected query language.
  • Self-contained query language implementation and ability to interact with the search bar component.
  • React to external changes to set the new input. This enables to change of the input from external components.
  • Execute a handler when the user press Enter key while the input is focused.

WQL

The implementation of WQL follows some references of the current language used in WzSearchBar and adds some features as supporting values with spaces. It is a human based on the Wazuh API query language.

Documentation: https://github.com/wazuh/wazuh-kibana-app/blob/feat/4312-poc-search-bar-component-multiple-query-language-api-query-language-implementation/public/components/search-bar/query-language/wql.md

Features:

  • Suggestions for the tokens

  • Suggest all the available operators: compare and grouping

  • Display implicit query (query added to the user input)

  • Input validation (partial and "extended")

    • Check if the fields, values are valid and some syntax errors
    • Display the input as invalid
    • Avoid the search handler is triggered if the input is considered invalid
  • 2 search modes:

    • field: let defining the field where the compare operation should take effect. It follows a schema as: <field><operator_compare><value> <conjunction?>
    • search term: let searching a term in a list of fields. This uses a complex query of each field with the like as operator (~) under the hood. This mode is ignored if there is a field and operator comparison, so it will use the explicit mode. This is case-sensitive.

      Both modes can not be combined

Issues Resolved

Part of #4312

Evidence

image
image
image
image
image
image
image
image
image
image
image
image

Test

[Provide instructions to test this PR]

Automatic tests

  • public/components/search-bar/index.test.tsx
  • public/components/search-bar/query-language/wql.test.tsx
  • public/components/search-bar/query-language/aql.test.tsx
  • public/components/common/tables/table-with-search-bar.test.tsx (updated)

Check List

  • All tests pass
    • yarn test:jest
  • New functionality includes testing.
  • New functionality has been documented.
  • Update CHANGELOG.md
  • Commits are signed per the DCO using --signoff

Features:
- Supports multiple query languages
- Decouple the business logic of query languages of the search bar
  component
- Ability of query language to interact with the search bar

Query language implementations
- AQL: custom implementation of the Wazuh Query Language. Include
  suggestions.
- UIQL: simple implementation (as another example)
…ression used in the Wazuh manager API

- Change the implementation of AQL query language to use the regular
  expression decomposition defined in the Wazuh manager API
- Adapt the tests for the tokenizer and getting the suggestions
- Enchance documentation of search bar
- Add documentation of AQL query language
- Add more fields and values for the use example in Agents section
- Add description to the query language select input
…using the Search suggestion in AQL

- Fixes a problem hidding the suggestion popover when using the Search
  suggestion in AQL
- Fixes a problem of input text with undefined value
- Minor fixes
  - Remove `syntax` property of SearchBar component
  - Add disableFocusTrap property to the custom EuiSuggestInput component to be
    forwarded to the EuiInputPopover
  - Replace the inputRef by a reference instead of a state and pass as
    a parameter in the query language run function
  - Move the rebuiding of input text when using some suggestion that changes
    the input to be done when a related suggestion was clicked instead
    of any suggestion (exclude Search).
implemenation

- Add the ability to update the input of the search bar in the example
  implementation
- Enhance the component documentation
- (AQL) Add the fields and an open operator group when there is no input text
link of query language displayed in the popover
- AQL enhancements:
  - documentation:
    - Enhance some descriptions
    - Enhance input processing
    - Remove intermetiate interface of EuiSuggestItem
  - Remove the intermediate interface of EuiSuggestItem. Now it is
    managed in the internal of query language instead of be built by the
    suggestion handler
  - Display suggestions when the input text is empty
  - Add the unifiedQuery field to the query language output
  - Adapt tests

- Search Bar component:
  - Enhance documentation
- Remove UIQL
- Add HAQL query language that is a high-level implementation of AQL
  - Add the query language interface
  - Add tests for tokenizer, get suggestions and
    transformSpecificQLToUnifiedQL method
  - Add documentation about the language
    - Syntax
    - Options
    - Workflow
- Add tests to HAQL and AQL query languages
- Fix suggestions for HAQL when typing as first element a value entity.
  Now there are no suggestions because the field and operator_compare
  are missing.
- Enhance documentation of HAQL and AQL
- Removed unnecesary returns of suggestion handler in the example
  implementation of search bar on Agents section
- Rename query language HAQL to WQL
- Update tests
- Remove AQL usage from the implementation in the agents section
- Add more use cases to the test of WQL query language
- Replace some literals by constants in the WQL query language
  implementation
- WQL
  - add implicit query mode to WQL
  - enhance query language documentation
  - renamed transformUnifiedQuery to transformUQLToQL
  - now wraps the user input if this is defined and there a implicit
    query string
  - fix a problem with the value suggestions if there is a previous
    conjunction
    - add tests cases
  - update tests
- AQL
  - enhance query language documentation
  - renamed transformUnifiedQuery to transformUQLToQL
  - add warning about the query language implementation is not updated
    to the last changes in the search bar component
  - update tests

- Search Bar
  - renamed transformUnifiedQuery to transformUQLToQL
- Set a width for the syntax options popover
- Unify the description in the suggestions of WQL example implementation
- Update tests
- Fix minor bugs in the WQL example implementation in Agents
- WQL
  - Enhance documentation
  - Add partial and "expanded" input validation
  - Add tests
…feat/4312-poc-search-bar-component-multiple-query-language-api-query-language-implementation
@Desvelao Desvelao self-assigned this Apr 10, 2023
@Desvelao Desvelao linked an issue Apr 11, 2023 that may be closed by this pull request
6 tasks
Fix an error when the last token in the input was a value and used
a value suggestion whose label contains whitespaces, the value was
not wrapped with quotes.
@Desvelao Desvelao mentioned this pull request Apr 12, 2023
6 tasks
@Desvelao Desvelao marked this pull request as ready for review April 20, 2023 08:34
@Desvelao Desvelao requested a review from a team as a code owner April 20, 2023 08:34
…uery-language-api-query-language-implementation
Search bar:
  - Add the possibility to render buttons to the right of the input
  - Minor changes
WQL:
  - Add options.filterButtons to render filter buttons and component
    rendering
  - Extract the quoted value for the quoted token values
  - Add the `validate` parameter to validate the tokens (only available for
    `value` token)
  - Enhance language description
  - Add test related to value token validation
  - Update language documentation with this changes
@Desvelao
Copy link
Member Author

Desvelao commented May 12, 2023

Changes

Search bar:

  • Add the possibility to render buttons to the right of the input
  • Minor changes

WQL:

  • Add options.filterButtons to render filter buttons and component rendering
  • Extract the quoted value for the quoted token values
  • Add the validate parameter to validate the tokens (only available for value token)
  • Enhance language description
  • Add test related to value token validation
  • Update language documentation with these changes

Desvelao added 4 commits May 17, 2023 11:55
Search bar:
- rename method from `transformUQLtoQL` to `transformInput`
- add a options paramenter to `transformInput` to manage when there is
  an implicit filter, that this methods can remove the filter from the
  query
- update documentation
WQL:
- rename method from `transformUQLtoQL` to `transformInput`
- add a options paramenter to `transformInput` to manage when there is
  an implicit filter, that this methods can remove the filter from the
  query
- add tests
…feat/4312-poc-search-bar-component-multiple-query-language-api-query-language-implementation
…o feat/4312-poc-search-bar-component-multiple-query-language-api-query-language-implementation
@Desvelao Desvelao force-pushed the feat/4312-poc-search-bar-component-multiple-query-language-api-query-language-implementation branch from 144f9a6 to ae5bade Compare June 26, 2023 10:28
@Desvelao
Copy link
Member Author

Desvelao commented Aug 2, 2023

Changes

  • Fixed link to the documentation of WQL
  • Use as current value (token.formattedValue in source code ) when typing the query instead of the raw token value. This is related to the way how the current tokenizer is working.
input token.value token.formattedValue
field=value value value
field="value" "value" value

…ped by double quotation marks that contains the new line character and remove separation of invalid characters in the value token

- Fix tests
@Desvelao
Copy link
Member Author

Desvelao commented Aug 3, 2023

Changes

  • Fix a problem translating a input to API query the value that was wrapped by " and contains a new line character
  • Removed the separation of , to display the invalid characters done in the value token validation.

@asteriscos asteriscos marked this pull request as ready for review August 8, 2023 11:01
@github-actions
Copy link
Contributor

github-actions bot commented Aug 8, 2023

Code coverage (Jest) % values
Statements 11.26% ( 3929 / 34867 )
Branches 7.4% ( 1756 / 23713 )
Functions 10.54% ( 881 / 8353 )
Lines 11.42% ( 3811 / 33368 )

Copy link
Member

@asteriscos asteriscos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM ✔️

Copy link
Member

@yenienserrano yenienserrano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@asteriscos asteriscos merged commit cbf6a03 into 4.6.0 Aug 9, 2023
@asteriscos asteriscos deleted the feat/4312-poc-search-bar-component-multiple-query-language-api-query-language-implementation branch August 9, 2023 06:24
Desvelao added a commit that referenced this pull request Aug 11, 2023
* Merge 4.5.1 into 4.6.0 (#5671)

* Change windows agent service name (#5538)

* Change windows agent service name to Wazuh

Change windows agent service name to Wazuh

* Add CHANGELOG

* Remove agent name in agent info ribbon (#5497)

* remove: agent name in agent info ribbon

* changelog: add pull request entry

---------

Co-authored-by: Álex Ruiz <[email protected]>

* Fix IPV6 visualizations (#5471)

* add ipv6 service

* add test for service

* Fix issue in agents-table

* fix issue in agents-info

* fix groups agents issue

* Fix width in groups agents

* use mapResponseItem

* Add copy button to groups

* Add copy button to info

* fix for node list

* Optimize code

* Fix styles

* Edit changelog

* Edit changelog

* Add imposter changes to test ipv6

* Replace onMouseDown with onClick

* Move copy buttons to the left

* fix: removed compressipv6 property of TableWzAPI

* feat: add tableLayout property to some tables and remove IPv6 address compression

add tableLayout=auto property to some tables:
- Agents/{agent_id}/Inventory data
- Management/Cluster/Nodes
- Agents
- Management/Configuration/Client
- Management/Global configuration/Remote
remove IPv6 address compression

* remove: remove unused service to IPv6 compression

* revert: revert changes in TableWzAPI component

* add: add mocked responses to some syscollector endpoints

* remove: unwanted table columns properties

* changelog: add pull request entry

* Fix imposter

---------

Co-authored-by: Antonio David Gutiérrez <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: yenienserrano <[email protected]>
Co-authored-by: Antonio <[email protected]>

* Bump v4.4.4-2.6.0-rc2

* Add Apple Silicon architecture to the register Agent wizard (#5478)

* Add Apple Silicon architecture

* Add changelog

* Change macOS environment variables

* Revert "Change macOS environment variables"

This reverts commit 108e866.

* Change macOS architecture ids

* Add missing supported versions to the Docker environments (#5584)

feat(environments): add latest versions to Docker environments

- Add Kibana versions: 7.17.7, 7.17.8, 7.17.9 and 7.17.10
- Add OpenSearch: 2.6.0
- Add OpenSearch Dashboards: 2.6.0
- Add Wazuh 4.4.1, 4.4.2, 4.4.3 and 4.4.4

* Bump 4.5.1

* Change the method to make the redirect (#5539)

* Change the metod to make the redirect

* Remove unused code

* Add changelog

---------

Co-authored-by: Álex Ruiz <[email protected]>

* Fix agents active coverage stat as NaN (#5490)

* fix: agents active coverate stat as NaN

Ensure the values used to calculate have the expected types and
the total count is greater than 0.

* remove: unused openRegistrationDocs method

* changelog: add entry

* fix: check if agents active coverage is a NaN

* changelog: fix entry

---------

Co-authored-by: Álex Ruiz <[email protected]>

* [Backport 4.5.1] Update test snapshots for 4.5 (#5607)

* Update test snapshots for 4.5 (#5601)

* Add missing supported versions to the Docker environments (#5584)

feat(environments): add latest versions to Docker environments

- Add Kibana versions: 7.17.7, 7.17.8, 7.17.9 and 7.17.10
- Add OpenSearch: 2.6.0
- Add OpenSearch Dashboards: 2.6.0
- Add Wazuh 4.4.1, 4.4.2, 4.4.3 and 4.4.4

* Update test snapshost

* Update API data to 4.5

* Update branch patterns for GH Actions

---------

Co-authored-by: Antonio <[email protected]>
(cherry picked from commit 1ae5f19)

* Fix API reference links in endpoints.json

* Add kbn-dev 7.17.11 (#5628)

* Merge 4.5.0 into 4.5.1 (#5670)

* Update test snapshots for 4.5 (#5601)

* Add missing supported versions to the Docker environments (#5584)

feat(environments): add latest versions to Docker environments

- Add Kibana versions: 7.17.7, 7.17.8, 7.17.9 and 7.17.10
- Add OpenSearch: 2.6.0
- Add OpenSearch Dashboards: 2.6.0
- Add Wazuh 4.4.1, 4.4.2, 4.4.3 and 4.4.4

* Update test snapshost

* Update API data to 4.5

* Update branch patterns for GH Actions

---------

Co-authored-by: Antonio <[email protected]>

* Fix API reference links in endpoints.json

* Merge 4.4 into 4.5.0 (#5669)

Merge v4.4.5-2.6.0 into 4.4 (#5665)

* Bump Wazuh and platform versions for v4.4.5 (#5639)

* Update changelog

* Update opensearch_dashboards.json

* Update package.json

* Update readme

* Update tag script

* Change tag.py version value

* Empty tag suffix

* Prepare tag.py for v4.4.5-rc1 (#5645)

Add -rc1 tag suffix

* Fix incompatible version of triple-beam subdependency (#5652)

fix: add yarn.lock file and set version of triple-beam in yarn.lock

* Update unit-test.yml (#5655)

* Add support for Wazuh 4.4.5-rc2 (#5659)

* Update revision of v4.4.5 in the Changelog

* Bump v4.4.5-2.6.0-rc2

---------

Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Antonio <[email protected]>

---------

Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Antonio <[email protected]>
Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>

---------

Co-authored-by: Julio César Biset <[email protected]>
Co-authored-by: Antonio <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Antonio David Gutiérrez <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>

* Remove unused embedded jquery-ui (#5592)

* fix: remove unused embedded jquery-ui dependency

* changelog: add pull request entry

---------

Co-authored-by: Federico Rodriguez <[email protected]>

* Fixes redirection problem to inventory data, stats and configuration in an agent (#5685)

Fix redirect to inventory data, stats and configuration

* Fix conflicts in branch synchronization (#5708)

* fix: fix conflicts

* changelog: remove entry

* Fix 4.6.0 changelog merge errors (#5692)

* Update changelog

* Update CHANGELOG.md

* Merge 4.5.2 into 4.6.0 (#5721)

* Upgrade environments to 4.6 and 4.7 (#5741)

* Add wzd-dev.dockerfile

* Update osd dev.sh

* Redesign deploy new agent page (#5457)

* parent component

* Added a title to the container and updated filenames

* Update register-agent.scss

* [Redesign add agent] Register agent reuse common/form component (Settings > Configuration) (#5446)

* Add useForm hook types

* Add custom field use in useForm hook

* Add some code redeability fixes

* Refactored useForm types and unit tests

* Move types to types file

* Remove react use inside hook test file

* Fix review requested changes

* [Redesign add agent] Add register agent command generator (#5469)

* Create reusable card for operating systems (#5462)

* Add useForm hook types

* Add custom field use in useForm hook

* Add some code redeability fixes

* Refactored useForm types and unit tests

* Move types to types file

* reuse of common form on the card

* Card with logic

* CheckboxGroup component logic update

* CheckboxGroup component logic update

* Adding card icons

* update checkbox logic, styles, and card styles

* clean code

* clean code

* gitignore Mac files

* updating checkbox logic, styles, and card styles

* Update os-card.scss

* macos card update

* undoing merging as it was causing checkboxes not to work

* test

* file ds_store

* file ds_store

* file ds_store

* remove files DS_store

* remove files DS_store

---------

Co-authored-by: Maximiliano Ibarra <[email protected]>
Co-authored-by: Maximiliano Ibarra <[email protected]>

* 5518 inputs logic server address name password and group (#5554)

* Add useForm hook types

* Add custom field use in useForm hook

* Add some code redeability fixes

* Refactored useForm types and unit tests

* Move types to types file

* reuse of common form on the card

* Card with logic

* CheckboxGroup component logic update

* CheckboxGroup component logic update

* Adding card icons

* update checkbox logic, styles, and card styles

* clean code

* clean code

* gitignore Mac files

* updating checkbox logic, styles, and card styles

* step component

* Passing interfaces to a separate file, updating styles, and component logic

* Update interfaces and clean up code

* update of folder structure and step logic

* tcp, udp, protocols, password, groups, logics

* input logic server address name password groups and styles

* group input logic

* oscards input logic

* oscards input logic

* styles

* regex

* styles and settings

* styles

* various adjustments

* cleaning up code and changing some styles

* cleaning up code

* cleaning code

* update password

* gitignore

* gitignore

* correcting validation text in input agent name

* correcting validation text in input agent name

* corrección de validación de input de nombre del agente

* cleaning code

* cleaning code

* regex that differentiates between FQDN and IP

* Use of PLUGIN_VERSION_SHORT

* Use of PLUGIN_VERSION_SHORT

* link

* Revert "Merge branch '4205-redesign-add-agent-page' into 5518-inputs-logic-server-address-name-password-and-group"

This reverts commit a4c6fb5, reversing
changes made to 5a0d2cb.

* link and revert

* characteres valid

* correction of styles when bringing changes from parent branch

* change tooltip to popover

* moving validations to a separate file with their tests

* corrections and cleaning of comments

* camel case

* change in function

* type

* remove type

* fullWidth

* type

* change

* conditional

* change label a to Euilink

* change label a to Euilink

* conditional

* delete usePrevious

* delete usePrevious

* deleted files ds store

* test correction and placeholder

* show architecture instead of id

* removing console css warnings

* fixed regex fqdn

* fixed regex fqdn

* data

* changelog

* changelog

---------

Co-authored-by: Maximiliano Ibarra <[email protected]>
Co-authored-by: Maximiliano Ibarra <[email protected]>

* [Redesign add agent] Integration commands generator with UI (#5593)

* Add useForm hook types

* Add custom field use in useForm hook

* Add some code redeability fixes

* Refactored useForm types and unit tests

* Move types to types file

* reuse of common form on the card

* Card with logic

* CheckboxGroup component logic update

* CheckboxGroup component logic update

* Adding card icons

* update checkbox logic, styles, and card styles

* clean code

* clean code

* gitignore Mac files

* updating checkbox logic, styles, and card styles

* step component

* Passing interfaces to a separate file, updating styles, and component logic

* Update interfaces and clean up code

* update of folder structure and step logic

* tcp, udp, protocols, password, groups, logics

* input logic server address name password groups and styles

* group input logic

* oscards input logic

* oscards input logic

* styles

* regex

* styles and settings

* styles

* various adjustments

* cleaning up code and changing some styles

* cleaning up code

* cleaning code

* update password

* gitignore

* gitignore

* correcting validation text in input agent name

* correcting validation text in input agent name

* corrección de validación de input de nombre del agente

* cleaning code

* cleaning code

* regex that differentiates between FQDN and IP

* Use of PLUGIN_VERSION_SHORT

* Use of PLUGIN_VERSION_SHORT

* link

* Revert "Merge branch '4205-redesign-add-agent-page' into 5518-inputs-logic-server-address-name-password-and-group"

This reverts commit a4c6fb5, reversing
changes made to 5a0d2cb.

* link and revert

* characteres valid

* correction of styles when bringing changes from parent branch

* change tooltip to popover

* moving validations to a separate file with their tests

* corrections and cleaning of comments

* camel case

* change in function

* type

* remove type

* fullWidth

* type

* change

* conditional

* change label a to Euilink

* change label a to Euilink

* conditional

* delete usePrevious

* delete usePrevious

* deleted files ds store

* test correction and placeholder

* show architecture instead of id

* Add register agent form values parser

* Remove extension on operating system type

* Add command sections with form values

* Create new components for steps inputs

* Fix some types

* Renamed some options

* Move commands config inside core folder

* Fix server address error message display

* Create methods to get form steps status

* Allow select more than group

* Hide agent group param when is empty

* Fix steps form statuses

* Remove break lines in commands

* Add white space in error messages

* Fix steps form status

* Added new command component white custom copy and language

* Fixed step form status

---------

Co-authored-by: chantal.kelm <[email protected]>
Co-authored-by: Chantal Belén kelm <[email protected]>

* [Redesign add agent] Dark mode (#5620)

* remove custom color styles to make the elastic dark mode work by default on the agent registration page

* add development for images to have dark mode in the section deploy a new agent

* changelog about dark mode

* Cleaning console.log from assets file

* Adding suggested style modifications in the agent registration section

* add a style hint so that text cannot be selected on cards

* add suggested changes to the styles in the register an agent section

* correction added to the word wizard

* added coding enhancements in the agent registration section

* adding an enhancement to eliminate the console error

* adding an enhancement to eliminate the console error

* [Redesign add agent] Add and validate register agent commands (#5622)

* Add show/hide password in command component

* Add protocol and password types

* Add more step status methods

* Add os commands service

* Resolve strings replacements in command component

* Change macos packages name by arch

* Add \n to the macos params

* Fixed parsed macos params inside echo

* Add -e in mac os install command

* Remove sudo from macos install command with echo

* Add sudo to linux before optional params

* Fix PR review comments

* Fixed imports in tests

* Fix components unit tests

* Fix unit test checkbox group component

* Fix os card unit test with mock uiSettings

* modify the fqdn regex because it interferes with an ipv4 instance

* [Redesign add page] Add form status callout message (#5634)

* Add form status manager and unit tests

* Add empty and invalid fields messages

* Hide commands code block when exists warning messages

* Fix fields names in warning messages

* Updated CHANGELOG

* Step 2: the design triggers warnings (#5649)

* changing design to remove console warnings

* update changelog

* Changes in the display of pop-up windows in the agents log section

* semicolon is added

* update changelog

* update changelog

* Add requested fixs on texts

* Add new rpm and deb install commands

* modify fqdn regex

* Fix server address validation unit test

* Add type in command output types

---------

Co-authored-by: Maximiliano Ibarra <[email protected]>
Co-authored-by: Maximiliano Ibarra <[email protected]>

* Add new search bar with WQL (#5363)

* feat: add a search bar component

Features:
- Supports multiple query languages
- Decouple the business logic of query languages of the search bar
  component
- Ability of query language to interact with the search bar

Query language implementations
- AQL: custom implementation of the Wazuh Query Language. Include
  suggestions.
- UIQL: simple implementation (as another example)

* feat(search-bar): change the AQL implemenation to use the regular expression used in the Wazuh manager API

- Change the implementation of AQL query language to use the regular
  expression decomposition defined in the Wazuh manager API
- Adapt the tests for the tokenizer and getting the suggestions
- Enchance documentation of search bar
- Add documentation of AQL query language
- Add more fields and values for the use example in Agents section
- Add description to the query language select input

* fix(search-bar): fixes a problem hidding the suggestion popover when using the Search suggestion in AQL

- Fixes a problem hidding the suggestion popover when using the Search
  suggestion in AQL
- Fixes a problem of input text with undefined value
- Minor fixes
  - Remove `syntax` property of SearchBar component
  - Add disableFocusTrap property to the custom EuiSuggestInput component to be
    forwarded to the EuiInputPopover
  - Replace the inputRef by a reference instead of a state and pass as
    a parameter in the query language run function
  - Move the rebuiding of input text when using some suggestion that changes
    the input to be done when a related suggestion was clicked instead
    of any suggestion (exclude Search).

* feat(search-bar): add the ability to update the input of example
implemenation

- Add the ability to update the input of the search bar in the example
  implementation
- Enhance the component documentation

* feat(search-bar): add initial suggestions to AQL

- (AQL) Add the fields and an open operator group when there is no input text

* feat(search-bar): add target and rel attributes to the documentation
link of query language displayed in the popover

* feat(search-bar): enhancements in AQL and search bar documentation

- AQL enhancements:
  - documentation:
    - Enhance some descriptions
    - Enhance input processing
    - Remove intermetiate interface of EuiSuggestItem
  - Remove the intermediate interface of EuiSuggestItem. Now it is
    managed in the internal of query language instead of be built by the
    suggestion handler
  - Display suggestions when the input text is empty
  - Add the unifiedQuery field to the query language output
  - Adapt tests

- Search Bar component:
  - Enhance documentation

* feat(search-bar): Add HAQL

- Remove UIQL
- Add HAQL query language that is a high-level implementation of AQL
  - Add the query language interface
  - Add tests for tokenizer, get suggestions and
    transformSpecificQLToUnifiedQL method
  - Add documentation about the language
    - Syntax
    - Options
    - Workflow

* feat(search-bar): add test to HAQL and AQL query languages

- Add tests to HAQL and AQL query languages
- Fix suggestions for HAQL when typing as first element a value entity.
  Now there are no suggestions because the field and operator_compare
  are missing.
- Enhance documentation of HAQL and AQL
- Removed unnecesary returns of suggestion handler in the example
  implementation of search bar on Agents section

* feat(search-bar): Rename HAQL query language to WQL

- Rename query language HAQL to WQL
- Update tests
- Remove AQL usage from the implementation in the agents section

* feat(search-bar): Add more use cases to the tests of WQL query language

- Add more use cases to the test of WQL query language
- Replace some literals by constants in the WQL query language
  implementation

* feat(search-bar): enhance the documenation of query languages

* feat(search-bar): Add a popover title to replicate similar UI to the platform search bar

* feat(search-bar): wrap the user input with group operators when there is an implicit query

* feat(search-bar): add implicit query mode to WQL

- WQL
  - add implicit query mode to WQL
  - enhance query language documentation
  - renamed transformUnifiedQuery to transformUQLToQL
  - now wraps the user input if this is defined and there a implicit
    query string
  - fix a problem with the value suggestions if there is a previous
    conjunction
    - add tests cases
  - update tests
- AQL
  - enhance query language documentation
  - renamed transformUnifiedQuery to transformUQLToQL
  - add warning about the query language implementation is not updated
    to the last changes in the search bar component
  - update tests

- Search Bar
  - renamed transformUnifiedQuery to transformUQLToQL

* feat(search-bar): set the width of the syntax options popover

* feat(search-bar): unify suggestion descriptions in WQL

- Set a width for the syntax options popover
- Unify the description in the suggestions of WQL example implementation
- Update tests
- Fix minor bugs in the WQL example implementation in Agents

* feat(search-bar): add enhancements to WQL

- WQL
  - Enhance documentation
  - Add partial and "expanded" input validation
  - Add tests

* feat(search-bar): rename previousField and previousOperatorCompare in WQL

* fix(tests): update snapshot

* fix(search-bar): fix documentation link for WQL

* fix(search-bar): remove example usage of SearchBar component in Agents

* fix(search-bar): fix an error using the value suggestions in WQL

Fix an error when the last token in the input was a value and used
a value suggestion whose label contains whitespaces, the value was
not wrapped with quotes.

* feat(search-bar): add search function suggestion when the input is empty

* fix(search-bar): ensure the query language output changed to trigger the onChange handler

* feat(search-bar): allow the API query output can be redone when the search term fields changed

- Search bar:
  - Add a dependency to run the query language output
  - Adapt search bar documentation to the changes
- WQL
  - Create a new parameter called `options`
  - Moved the `implicitFilter` and `searchTerm` settings to `options`
  - Update tests
  - Update documentation

* feat(search-bar): enhance the validation of value token in WQL

* feat(search-bar): enhance search bar and WQL

Search bar:
  - Add the possibility to render buttons to the right of the input
  - Minor changes
WQL:
  - Add options.filterButtons to render filter buttons and component
    rendering
  - Extract the quoted value for the quoted token values
  - Add the `validate` parameter to validate the tokens (only available for
    `value` token)
  - Enhance language description
  - Add test related to value token validation
  - Update language documentation with this changes

* feat(search-bar): enhace search bar and WQL

Search bar:
- rename method from `transformUQLtoQL` to `transformInput`
- add a options paramenter to `transformInput` to manage when there is
  an implicit filter, that this methods can remove the filter from the
  query
- update documentation
WQL:
- rename method from `transformUQLtoQL` to `transformInput`
- add a options paramenter to `transformInput` to manage when there is
  an implicit filter, that this methods can remove the filter from the
  query
- add tests

* fix: enhance search bar and WQL types

* fix: remove exact validation for the token value due to performance problems

* fix: fix token value validation

* fix: update the link to the documentation of WQL

* fix(search-bar): use value of value token as the value used to get the value suggestions in the search bar instead of raw token that could include " character

* fix(search-bar): fix a problem extracting value for value tokens wrapped by double quotation marks that contains the new line character and remove separation of invalid characters in the value token

- Fix tests

* fix(search-bar): add validation for value token in WQL

* fix(search-bar): value token in message related to this is invalid

---------

Co-authored-by: Federico Rodriguez <[email protected]>

* [Redesign add agent]  Fix custom Eui styles in register agent wizard (#5769)

Add wrapper to custom eui styles

* Merge 4.5.2 into 4.6.0 (#5775)

* Change windows agent service name (#5538)

* Change windows agent service name to Wazuh

Change windows agent service name to Wazuh

* Add CHANGELOG

* Remove agent name in agent info ribbon (#5497)

* remove: agent name in agent info ribbon

* changelog: add pull request entry

---------

Co-authored-by: Álex Ruiz <[email protected]>

* Fix IPV6 visualizations (#5471)

* add ipv6 service

* add test for service

* Fix issue in agents-table

* fix issue in agents-info

* fix groups agents issue

* Fix width in groups agents

* use mapResponseItem

* Add copy button to groups

* Add copy button to info

* fix for node list

* Optimize code

* Fix styles

* Edit changelog

* Edit changelog

* Add imposter changes to test ipv6

* Replace onMouseDown with onClick

* Move copy buttons to the left

* fix: removed compressipv6 property of TableWzAPI

* feat: add tableLayout property to some tables and remove IPv6 address compression

add tableLayout=auto property to some tables:
- Agents/{agent_id}/Inventory data
- Management/Cluster/Nodes
- Agents
- Management/Configuration/Client
- Management/Global configuration/Remote
remove IPv6 address compression

* remove: remove unused service to IPv6 compression

* revert: revert changes in TableWzAPI component

* add: add mocked responses to some syscollector endpoints

* remove: unwanted table columns properties

* changelog: add pull request entry

* Fix imposter

---------

Co-authored-by: Antonio David Gutiérrez <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: yenienserrano <[email protected]>
Co-authored-by: Antonio <[email protected]>

* Bump v4.4.4-2.6.0-rc2

* Add Apple Silicon architecture to the register Agent wizard (#5478)

* Add Apple Silicon architecture

* Add changelog

* Change macOS environment variables

* Revert "Change macOS environment variables"

This reverts commit 108e866.

* Change macOS architecture ids

* Add missing supported versions to the Docker environments (#5584)

feat(environments): add latest versions to Docker environments

- Add Kibana versions: 7.17.7, 7.17.8, 7.17.9 and 7.17.10
- Add OpenSearch: 2.6.0
- Add OpenSearch Dashboards: 2.6.0
- Add Wazuh 4.4.1, 4.4.2, 4.4.3 and 4.4.4

* Bump 4.5.1

* Change the method to make the redirect (#5539)

* Change the metod to make the redirect

* Remove unused code

* Add changelog

---------

Co-authored-by: Álex Ruiz <[email protected]>

* Fix agents active coverage stat as NaN (#5490)

* fix: agents active coverate stat as NaN

Ensure the values used to calculate have the expected types and
the total count is greater than 0.

* remove: unused openRegistrationDocs method

* changelog: add entry

* fix: check if agents active coverage is a NaN

* changelog: fix entry

---------

Co-authored-by: Álex Ruiz <[email protected]>

* [Backport 4.5.1] Update test snapshots for 4.5 (#5607)

* Update test snapshots for 4.5 (#5601)

* Add missing supported versions to the Docker environments (#5584)

feat(environments): add latest versions to Docker environments

- Add Kibana versions: 7.17.7, 7.17.8, 7.17.9 and 7.17.10
- Add OpenSearch: 2.6.0
- Add OpenSearch Dashboards: 2.6.0
- Add Wazuh 4.4.1, 4.4.2, 4.4.3 and 4.4.4

* Update test snapshost

* Update API data to 4.5

* Update branch patterns for GH Actions

---------

Co-authored-by: Antonio <[email protected]>
(cherry picked from commit 1ae5f19)

* Fix API reference links in endpoints.json

* Add kbn-dev 7.17.11 (#5628)

* Merge 4.5.0 into 4.5.1 (#5670)

* Update test snapshots for 4.5 (#5601)

* Add missing supported versions to the Docker environments (#5584)

feat(environments): add latest versions to Docker environments

- Add Kibana versions: 7.17.7, 7.17.8, 7.17.9 and 7.17.10
- Add OpenSearch: 2.6.0
- Add OpenSearch Dashboards: 2.6.0
- Add Wazuh 4.4.1, 4.4.2, 4.4.3 and 4.4.4

* Update test snapshost

* Update API data to 4.5

* Update branch patterns for GH Actions

---------

Co-authored-by: Antonio <[email protected]>

* Fix API reference links in endpoints.json

* Merge 4.4 into 4.5.0 (#5669)

Merge v4.4.5-2.6.0 into 4.4 (#5665)

* Bump Wazuh and platform versions for v4.4.5 (#5639)

* Update changelog

* Update opensearch_dashboards.json

* Update package.json

* Update readme

* Update tag script

* Change tag.py version value

* Empty tag suffix

* Prepare tag.py for v4.4.5-rc1 (#5645)

Add -rc1 tag suffix

* Fix incompatible version of triple-beam subdependency (#5652)

fix: add yarn.lock file and set version of triple-beam in yarn.lock

* Update unit-test.yml (#5655)

* Add support for Wazuh 4.4.5-rc2 (#5659)

* Update revision of v4.4.5 in the Changelog

* Bump v4.4.5-2.6.0-rc2

---------

Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Antonio <[email protected]>

---------

Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Antonio <[email protected]>
Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>

* Bump Wazuh version 4.5.2 (#5702)

Bump 4.5.2

* Merge 4.5.1 into 4.5.2 (#5720)

Merge 4.5.0 into 4.5.1 (#5719)

* Update test snapshots for 4.5 (#5601)

* Add missing supported versions to the Docker environments (#5584)

feat(environments): add latest versions to Docker environments

- Add Kibana versions: 7.17.7, 7.17.8, 7.17.9 and 7.17.10
- Add OpenSearch: 2.6.0
- Add OpenSearch Dashboards: 2.6.0
- Add Wazuh 4.4.1, 4.4.2, 4.4.3 and 4.4.4

* Update test snapshost

* Update API data to 4.5

* Update branch patterns for GH Actions

---------



* Fix API reference links in endpoints.json

* Merge 4.4 into 4.5.0 (#5669)

Merge v4.4.5-2.6.0 into 4.4 (#5665)

* Bump Wazuh and platform versions for v4.4.5 (#5639)

* Update changelog

* Update opensearch_dashboards.json

* Update package.json

* Update readme

* Update tag script

* Change tag.py version value

* Empty tag suffix

* Prepare tag.py for v4.4.5-rc1 (#5645)

Add -rc1 tag suffix

* Fix incompatible version of triple-beam subdependency (#5652)

fix: add yarn.lock file and set version of triple-beam in yarn.lock

* Update unit-test.yml (#5655)

* Add support for Wazuh 4.4.5-rc2 (#5659)

* Update revision of v4.4.5 in the Changelog

* Bump v4.4.5-2.6.0-rc2

---------






* Update release utilities (#5677)

* feat: update release utilities to current process

- Add new bump script
- Port tag.py to NodeJS and allow receive parameters from stdin
- Add RELEASING.md file with information about the release process
  related to the usage of the included scripts
- Add release:bump and release:tag package scripts to run these process

* remove: remove scripts/tag.py and reference in the Makefile

* fix: fix help text in bump and tag scripts

* remove: remove stage and commit properties from the package.json

* remove: test related to stage property in the package.json

* fix: check if there are changes to commit in the tag script

- Code formatting
- Fix variable name

---------

Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Ian Yenien Serrano <[email protected]>
Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>

* Merge 4.5.1 into 4.5.2 (#5774)

* Merge 4.5.0 into 4.5.1 (#5719)

* Update test snapshots for 4.5 (#5601)

* Add missing supported versions to the Docker environments (#5584)

feat(environments): add latest versions to Docker environments

- Add Kibana versions: 7.17.7, 7.17.8, 7.17.9 and 7.17.10
- Add OpenSearch: 2.6.0
- Add OpenSearch Dashboards: 2.6.0
- Add Wazuh 4.4.1, 4.4.2, 4.4.3 and 4.4.4

* Update test snapshost

* Update API data to 4.5

* Update branch patterns for GH Actions

---------

Co-authored-by: Antonio <[email protected]>

* Fix API reference links in endpoints.json

* Merge 4.4 into 4.5.0 (#5669)

Merge v4.4.5-2.6.0 into 4.4 (#5665)

* Bump Wazuh and platform versions for v4.4.5 (#5639)

* Update changelog

* Update opensearch_dashboards.json

* Update package.json

* Update readme

* Update tag script

* Change tag.py version value

* Empty tag suffix

* Prepare tag.py for v4.4.5-rc1 (#5645)

Add -rc1 tag suffix

* Fix incompatible version of triple-beam subdependency (#5652)

fix: add yarn.lock file and set version of triple-beam in yarn.lock

* Update unit-test.yml (#5655)

* Add support for Wazuh 4.4.5-rc2 (#5659)

* Update revision of v4.4.5 in the Changelog

* Bump v4.4.5-2.6.0-rc2

---------

Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Antonio <[email protected]>

* Update release utilities (#5677)

* feat: update release utilities to current process

- Add new bump script
- Port tag.py to NodeJS and allow receive parameters from stdin
- Add RELEASING.md file with information about the release process
  related to the usage of the included scripts
- Add release:bump and release:tag package scripts to run these process

* remove: remove scripts/tag.py and reference in the Makefile

* fix: fix help text in bump and tag scripts

* remove: remove stage and commit properties from the package.json

* remove: test related to stage property in the package.json

* fix: check if there are changes to commit in the tag script

- Code formatting
- Fix variable name

---------

Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Ian Yenien Serrano <[email protected]>
Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>

* Fix API request to get the manager labels and broken documentation link (#5687)

* fix: broken documentation link

* changelog: add pull request entry

* fix: changed API endpoint to get the manager labels and managing the data to render

* changelog: add pull request entry

* changelog: fix entry

* changelog: fix entry

* Add response to imposter

---------

Co-authored-by: yenienserrano <[email protected]>

* Fix server side query in pdf report filter (#5714)

* Add server side query

* Fix reporting unit test

* Remove duplicated allowed agents filter and gdpr-pci-tsc filters

* Code cleaning

* Added Changelog

* Fix deep clone filters

* Fix server side requirement query

* Fix rootkit filter

* Update API data for 4.5.1 (#5758)

update: API data

* Fix outdated year in PDF report footer (#5766)

* Fix year in PDF footer

* Modify changelog

* Change tests to match the new value

* Change md5 in reporting test

* Change md5 in reporting test

* Revert accidental change

* Revert accidental change

* Fix md5 in test

* Change md5 in test

* Change md5 in test

* Merge 4.5 into 4.5.1 (#5773)

* Update test snapshots for 4.5 (#5601)

* Add missing supported versions to the Docker environments (#5584)

feat(environments): add latest versions to Docker environments

- Add Kibana versions: 7.17.7, 7.17.8, 7.17.9 and 7.17.10
- Add OpenSearch: 2.6.0
- Add OpenSearch Dashboards: 2.6.0
- Add Wazuh 4.4.1, 4.4.2, 4.4.3 and 4.4.4

* Update test snapshost

* Update API data to 4.5

* Update branch patterns for GH Actions

---------

Co-authored-by: Antonio <[email protected]>

* Fix API reference links in endpoints.json

* Merge 4.4 into 4.5.0 (#5669)

Merge v4.4.5-2.6.0 into 4.4 (#5665)

* Bump Wazuh and platform versions for v4.4.5 (#5639)

* Update changelog

* Update opensearch_dashboards.json

* Update package.json

* Update readme

* Update tag script

* Change tag.py version value

* Empty tag suffix

* Prepare tag.py for v4.4.5-rc1 (#5645)

Add -rc1 tag suffix

* Fix incompatible version of triple-beam subdependency (#5652)

fix: add yarn.lock file and set version of triple-beam in yarn.lock

* Update unit-test.yml (#5655)

* Add support for Wazuh 4.4.5-rc2 (#5659)

* Update revision of v4.4.5 in the Changelog

* Bump v4.4.5-2.6.0-rc2

---------

Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Antonio <[email protected]>

* Update release utilities (#5677)

* feat: update release utilities to current process

- Add new bump script
- Port tag.py to NodeJS and allow receive parameters from stdin
- Add RELEASING.md file with information about the release process
  related to the usage of the included scripts
- Add release:bump and release:tag package scripts to run these process

* remove: remove scripts/tag.py and reference in the Makefile

* fix: fix help text in bump and tag scripts

* remove: remove stage and commit properties from the package.json

* remove: test related to stage property in the package.json

* fix: check if there are changes to commit in the tag script

- Code formatting
- Fix variable name

* Bump v4.5.0-2.6.0-alpha1

* Update README.md

---------

Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Antonio <[email protected]>
Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>

---------

Co-authored-by: Antonio <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>

* Remove files

* Remove console.log

---------

Co-authored-by: Julio César Biset <[email protected]>
Co-authored-by: Antonio <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Antonio David Gutiérrez <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>

* Update api_info imposter

---------

Co-authored-by: Julio César Biset <[email protected]>
Co-authored-by: Antonio <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Antonio David Gutiérrez <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: Chantal Belén kelm <[email protected]>
Co-authored-by: Maximiliano Ibarra <[email protected]>
Co-authored-by: Maximiliano Ibarra <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

New search bar component
3 participants