Show top n for authentications and threat indicator match rules

elastic · May 6, 2022 · 125d9d0 · 125d9d0
1 parent d2df97d
commit 125d9d0
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 0 deletions.
diff --git a/x-pack/plugins/security_solution/public/common/components/authentication/helpers.tsx b/x-pack/plugins/security_solution/public/common/components/authentication/helpers.tsx
@@ -97,6 +97,8 @@ const FAILURES_COLUMN: Columns<AuthenticationsEdges, AuthenticationsEdges> = {
             operator: IS_OPERATOR,
           },
         }}
+        isAggregatable={true}
+        fieldType={'keyword'}
         render={(dataProvider, _, snapshot) =>
           snapshot.isDragging ? (
             <DragEffects>
@@ -185,6 +187,8 @@ const LAST_FAILED_DESTINATION_COLUMN: Columns<AuthenticationsEdges, Authenticati
       attrName: 'host.name',
       idPrefix: `authentications-table-${node._id}-lastFailureDestination`,
       render: (item) => <HostDetailsLink hostName={item} />,
+      isAggregatable: true,
+      fieldType: 'ip',
     }),
 };
 
@@ -244,6 +248,8 @@ const SUCCESS_COLUMN: Columns<AuthenticationsEdges, AuthenticationsEdges> = {
             operator: IS_OPERATOR,
           },
         }}
+        isAggregatable={true}
+        fieldType={'keyword'}
         render={(dataProvider, _, snapshot) =>
           snapshot.isDragging ? (
             <DragEffects>

diff --git a/...ty_solution/public/timelines/components/timeline/body/renderers/cti/indicator_details.tsx b/...ty_solution/public/timelines/components/timeline/body/renderers/cti/indicator_details.tsx
@@ -52,6 +52,8 @@ export const IndicatorDetails: React.FC<IndicatorDetailsProps> = ({
           field={INDICATOR_MATCHED_TYPE}
           isDraggable={isDraggable}
           value={indicatorType}
+          isAggregatable={true}
+          fieldType={'keyword'}
         />
       </EuiFlexItem>
     )}
@@ -73,6 +75,8 @@ export const IndicatorDetails: React.FC<IndicatorDetailsProps> = ({
             field={FEED_NAME}
             isDraggable={isDraggable}
             value={feedName}
+            isAggregatable={true}
+            fieldType={'keyword'}
           />
         </EuiFlexItem>
       </>
@@ -90,6 +94,8 @@ export const IndicatorDetails: React.FC<IndicatorDetailsProps> = ({
             fieldName={INDICATOR_REFERENCE}
             isDraggable={isDraggable}
             value={indicatorReference}
+            isAggregatable={true}
+            fieldType={'keyword'}
           />
         </EuiFlexItem>
       </>

diff --git a/...curity_solution/public/timelines/components/timeline/body/renderers/cti/match_details.tsx b/...curity_solution/public/timelines/components/timeline/body/renderers/cti/match_details.tsx
@@ -44,6 +44,8 @@ export const MatchDetails: React.FC<MatchDetailsProps> = ({
         field={INDICATOR_MATCHED_FIELD}
         isDraggable={isDraggable}
         value={sourceField}
+        isAggregatable={true}
+        fieldType={'keyword'}
       />
     </EuiFlexItem>
     <EuiFlexItem grow={false}>
@@ -62,6 +64,8 @@ export const MatchDetails: React.FC<MatchDetailsProps> = ({
         field={sourceField}
         isDraggable={isDraggable}
         value={sourceValue}
+        isAggregatable={true}
+        fieldType={'keyword'}
       />
     </EuiFlexItem>
   </EuiFlexGroup>